1. Personal data is any data related to or obtainable about you personally, e.g. name, address, email addresses, user behaviour.
2. The controller for data processing is BESTMINDS GmbH.
The controller can be contacted at
Address: Basler Straße 65, D 79100 Freiburg
Tel.: +49 761 888 51 23 0
3. The data protection officer for BESTMINDS GmbH is DataSEKure Rechtsanwaltsgesellschaft mbH
The data protection officer can be contacted at
Solicitor Marc E. Evers
DataSEKure Rechtsanwaltsgesellschaft mbH
Address: Weilerstraße 9, D 79252 Stegen
Tel.: +49 761 38 769 55
When merely using the website for information purposes, i.e. when you visit our website, we do not process personal data with the exception of data transmitted by your browser to allow you to visit the website. This means we only store access data in so-called server log files which are stored until they are automatically erased. These are:
We process this data for the following purposes:
The legal basis for data processing is Article 6(1)(f) GDPR. Our legitimate interest results from the above purposes for data collection. We never use the collected data to trace you personally.
In addition to using our website for purely informational purposes, we also offer the option to contact us directly and send us your enquiry. In this case you will typically need to provide additional personal data which we only use to provide the respective service. This data is:
Areas where additional voluntary information can be provided are marked accordingly.
Data processing for contact purposes is only undertaken based on your voluntary consent as per Article 6 (1) (a) GDPR.
Personal data collected to use the contact form is automatically erased after processing your enquiry.
When contacting us by email, phone or fax, we process your enquiry and your data resulting from the enquiry for the purpose of processing your enquiry.
The legal basis for this is Article 6(1)(b) GDPR if your enquiry is related to the fulfilment of a contract or is necessary for pre-contractual measures. Otherwise, processing is based on our legitimate interest in processing the enquiries submitted to us as per Article 6(1)(f) GDPR.
The personal data necessary for the submitted enquiry is erased after storage is no longer needed or processing will be restricted if statutory retention obligations apply.
1. Your data will not be disclosed to third parties without your express consent. In some cases we use external service providers to process your data. These have been carefully selected and assigned by us, are bound to our instructions and are regularly audited. Your personal data will not be transmitted to third parties for purposes other than those specified below.
We only transmit your personal data to third parties:
2. We may also disclose your personal data to third parties when we offer participation in campaigns, contests, conclusion of contracts or similar services together with partners. Additional information about this is available when providing your personal data or at the bottom of the description of the offer.
3. If our service provider or partner is located in a state outside the European Economic Area (EEA), we will notify you of the consequences of this circumstance in the description of the offer.
4. Notice on data transmitted to the USA
We have embedded tools from companies based in the USA on our website. Your personal data can be transmitted to the U.S. servers of the respective companies if these tools are enabled.
U.S. companies are obliged to disclose personal data to the National Security Agency. As the data subject you are unable to object to this and have no legal recourse.
We cannot rule out the possibility that U.S. authorities (e.g. Secret Service) may access your personal data on U.S. servers and analyse and store it permanently.
Therefore please note that the USA is not a secure third-party country as defined by EU data privacy laws.
1. When contacting us by email, we store the data provided by you (your email address and where applicable your name and telephone number) to respond to your enquiry. We delete the data obtained in this context after its storage is no longer necessary or restrict its processing if there are statutory retention obligations.
2. Your stored personal data is further stored for the duration of the business relationship with you or for the duration required by law.
Once the contractual relationship expires or you exercise your rights specified under §5, your data will be handled or where applicable erased based on your rights exercised as defined by §5, unless statutory provisions stipulate longer retention periods.
If statutory retention periods apply, the storage time for certain data may be up to 10 years irrespective of the purpose of processing.
You have the right at any time to request information about the personal data concerning you we have stored, as well as its origin, recipients or categories of recipients this data is disclosed to and the purpose of storage. You have the right to request to view the personal data you have provided in a structured, common and machine readable format or to request that the data is transmitted to another controller.
You have the right to have the personal data concerning you that we have stored corrected, restricted or erased unless statutory retention periods require otherwise.
(1) If you have consented to your data being processed, you may withdraw your consent at any time. Withdrawing your consent will affect how reliable future processing of your personal data is.
(2) Where we base the processing of your personal data on a balance of interests, you can object to processing. This applies if processing is not specifically required to fulfil a contract with you as illustrated by us in the following description of functions. When objecting, please provide the reasons why we should not process your personal data as we have done. If your objection is justified, we will investigate the situation and will either stop or modify data processing or present you with our compelling legitimate reasons for our data processing.
(3) Naturally, you may object to the processing of your personal data for advertising and data analysis purposes at any time.
If you do not agree with how we handle the data concerning you that we have stored, you have the right to lodge a complaint with the competent data protection authority.
All requests for information or objections to data processing should be sent to our data protection officer by email
Solicitor Marc E. Evers
DataSEKure Rechtsanwaltsgesellschaft mbH
Address: Weilerstraße 9, D 79252 Stegen
Tel.: +49 761 38 769 55
2. Information related to the specific device used is stored in the cookie. This does not mean, however, that we receive any information directly related to your identity.
3. Session cookies are erased immediately after leaving our website. Temporary cookies remain stored on your device for a specific period. Permanent cookies remain stored on your device until erased by you or the web browser.
4. Cookies have various functions.
Many cookies are necessary for technical purposes to ensure the website is working properly. The data processed by cookies is required for the purposes specified and to protect our legitimate interests and those of others in accordance with Article 6 (1) (1f) of the GDPR.
5. If we request your consent to store cookies, your data will exclusively be processed based on this consent as per Article 6(1)(a). You may withdraw your consent at any time.
6. You can configure your browser to prevent cookies from being stored or to always be notified before a new cookie is added. You can also block cookies from being accepted in specific cases. You can also configure it to automatically erase cookies when closing your browser. However, blocking all cookies may prevent you from using all functions of our website.
We use the widely used SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser when you visit our website. This is typically 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can determine whether a specific page of our website is transmitted in encrypted form by means of the closed key or lock icon in the bottom status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, corruption or unauthorised access by third parties. Our security measures are continuously enhanced to correspond with technological developments.
Our website is hosted by an external service provider. The personal data collected on the website (see §2 no. 1) is stored on the host’s servers.
As per Article 6(1)(f) GDPR, data processing in connection with using a host is based on our legitimate interest in secure, fast and efficient access to our website through a professional provider. The host will only process your personal data in accordance with our instructions.
We have entered into an data processing contract with our service provider.
Our website includes links to the following third-party websites
1. With your consent, you can subscribe to our newsletter, with which we inform you about our current news. The content of the newsletter is named in the declaration of consent.
2. For the registration to our newsletter we use the so-called double-opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be blocked and automatically deleted after one month. In addition, we store your respective IP addresses used and times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
3. Mandatory data for sending the newsletter are mentioned in the registration form. After your confirmation, we store your data for the purpose of sending the newsletter. The legal basis is Art.6 para.1 p.1 lit.a DSGVO.
4. You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter email.
You can register on our website to access additional functions. We only process the required information requested during registration for the purpose of using the respective offer or services you have registered for.
Processing of your personal data is based on the implementation of the use relationship established by the registration as per Article 6(1)(b) GDPR.
We store your personal data collected for this purpose as long as you are registered on our website. Statutory retention periods remain unaffected.
You can apply with us using the online application form on our website. You may also send your application by email or post.
When submitting your application, we process the data provided by you for the purpose of determining whether to begin an employment relationship. The legal basis for this is Article 6(1)(b) GDPR. Your personal data is only disclosed to individuals within our company who are responsible for processing your application.
If we do not offer you a position at our company or you withdraw your application, reject our offer or request that we erase your data, your application documents will be stored for a maximum of 6 months after the application process has been completed.
At the end of the retention period, the data will be erased unless statutory retention periods or other legal reasons for further storage apply. Statutory retention periods remain unaffected. If you have consented to further storage of your application data as per Article 6(1)(a) GDPR to enable you to be notified of suitable future vacancies, your data will be stored until your consent is withdrawn.
You may withdraw your consent at any time.
With your consent, we use the web analysis service "Google Analytics" from Google LLC on our website.
Google Analytics uses so-called "Cookies", text files stored on your computer, which enable an analysis of your use of the website.
The information generated by the cookie regarding your use of this website will generally be transferred to a Google server in the USA and saved there. This is beyond our control.
We only use Google Analytics with IP anonymisation enabled. Google will therefore truncate your IP address within member states of the European Union or in other states party to the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and truncated there in exceptional cases.
Google will use this information on our behalf to analyse your use of the website, generate reports on website activity and provide the advertiser with additional services related to website and internet use. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
During your visit to the website, the following data in particular is collected:
The data and related cookies are erased after 14 months.
Data is automatically erased once a month at the end of their retention period.
You can configure your browser software to prevent cookies from being stored; however, in this case you may not be able to make full use of all functions of this website.
You can prevent data about your use of the website generated by the cookie (including your IP address) being collected by Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de
Data processing in connection with Google Analytics is based on your consent as per Article 6(1)(a) GDPR, which has been prompted for example when consenting to cookies being stored.
You may withdraw your consent at any time.
Google Analytics is used in compliance with the rules established between German data protection authorities and Google. We have concluded a data processing contract with Google.
Third party information: Google Dublin, Google Ireland Ldt., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Privacy information: https://policies.google.com/privacy?hl=en,
The host of our website uses "Google Conversion Tracking" by Google LLC.
This allows us and Google to recognize if a user has executed an action and, if so, which action and which buttons they have clicked. This data is used to generate conversion statistics.
You data may be transmitted to servers in the USA and stored there. This is beyond our control. Google Conversion Tracking is used in compliance with the rules between German data protection authorities and Google. We have concluded a data processing contract with Google.
Data processing in connection with Google Conversion Tracking is based on your consent as per Article 6(1)(a) GDPR, which was prompted, for example, when consenting to cookies being stored. You may withdraw your consent at any time.
Our website uses Social Media plugins ("plugins") from social media networks. To better protect your data when visiting our website, plugins are not unrestricted but merely embedded in the page using an HTML link (so-called "Sharrif solution" from c´t). This embedding ensures that when you open a page on our website containing these plugins, it does not immediately connect to the servers of the social network provider.
When clicking one of the buttons, a new window opens in your browser and opens the page of the respective service provider where you (where applicable after entering your login information) can confirm the Like or Share button, for example.
Your data may be transmitted to the respective servers in the USA and stored there. This is beyond our control.
The legal basis for using the respective social media plugin is our legitimate interest as defined by Article 6(1)(f) GDPR in an attractive website design and embedding our social media content on it.
This website uses the "Google Maps" service of Google LLC. This allows us to provide you with interactive maps directly on the website and allows you to use the map function with ease.
When visiting the website, Google receives a notification that you have accessed the respective subpage of our website. In addition, the data specified under §2 of this policy is transmitted. This data is transmitted regardless of whether you are logged into or have a Google account. If you are logged into Google, you data will be linked directly to your account. If you do not wish to be linked to your Google account, you will need to log out before activating the button. Google stores your data as a usage profile and uses it for the purposes of advertising, market research and/or customizing its website. This analysis is particularly used (even for users who are not logged in) to provide custom advertising and notify other users on the social network about your activity on our website. You have the right to object to these user profiles being created, which must be exercised with Google.
This information may be transmitted to Google servers in the USA and stored there. This is beyond our control. Google Maps is used in compliance with the rules between German data protection authorities and Google. We have concluded a data processing contract with Google.
Data processing in connection with Google Maps is based on your consent as per Article 6(1)(a) GDPR, which was prompted, for example, when consenting to cookies being stored. You may withdraw your consent at any time.