Privacy Notice

Thank you for your interest in our company and our services.

Below you will find an overview of how your personal data is processed when you use our online services. As a rule, our pages can be used without entering personal data. If we offer you the possibility to transmit personal data to us (e.g. in contact forms, when transmitting files, in chats, etc.), you are free to make use of this option. You are also welcome to contact us via alternative communication channels (e.g. by telephone, etc.).

Contents

1 Contact details

2 General information

3 Rights of data subjects

4 Hosting

5 Social media

6 Cookies

7 Third-party providers

8 Job offers and applicant selection process

9 Data processing in the context of electronic communication

10 Minors

11 Amendments to this Privacy Notice

 

1 Contact details

Controller

This Privacy Notice applies to the websites of the following companies of the iMi Group:

Data Protection Officer

You can contact our Data Protection Officer at: dsb@iMi.de

2 General information

2.1 Scope

This Privacy Notice applies to this website and to our social media offerings, insofar as you have been redirected from there to this site.

Data processing operations carried out by third-party providers or platform operators (hereinafter “providers”) in connection with their own offerings or with the provision of our online offerings are not covered by this Privacy Notice. For information on how a provider handles your data, please refer to that provider’s privacy notice and terms of use.

2.2 Automated data collection

Each time you visit a website, data is automatically transmitted from your browser (“browser data”, see section 2.5) and stored in log files. This data is required in order to make the respective page and the offers contained on it available to you. In addition, website hosting providers use this data to ensure the security and availability of their data processing systems. We have no influence over this data processing.

2.3 Security

Data that you provide when using our website (e.g. in contact forms, login processes, etc.) is transmitted in encrypted form and is protected against unauthorised access by third parties during transmission. Nevertheless, data transmission over the internet can never be guaranteed to be completely secure.

If you intend to transmit confidential information to us, please contact us in advance.

2.4 Purposes of processing

We process the personal data you provide for the following purposes:

  • Provision and optimisation of our online offerings
  • Ensuring the availability and security of our online offerings
  • Communication with you
    (e.g. provision of requested documents, sending newsletters, information about services offered, etc.)
  • Processing your enquiries, applications, etc.
  • Conducting applicant selection procedures
  • Defence and enforcement of legal claims.

In addition, we process personal data on the basis of consent you have given.

We store incoming and outgoing electronic documents and messages as well as business-relevant documents in an electronic archive.

2.5 Categories of data

When you use our online offerings, the following categories of data are collected by us and/or by the web host:

  •  Browser data (e.g. IP address, host name of the accessing computer, browser type, browser version, operating system, date and time of access, pages accessed, previously visited page, user’s internet service provider)
  •  Login and usage data (e.g. registration for restricted user areas, file access)
  •  Contact details, if you have provided them to us
  •  Content data provided by you (e.g. comments, chats, photographs, name, address, position, etc.)

2.6 Recipients (categories)

Your personal data is passed on to third parties who are involved in the provision of the online offerings, in the processing of your enquiries and applications and/or in the performance of contracts. In addition, data may be disclosed to supervisory and law enforcement authorities if we are legally obliged to do so.

Disclosure of your data is limited to the extent necessary for the respective processing purpose and takes place if

  • this is permitted by law or we are legally obliged to disclose the data
  • disclosure is necessary to process your enquiries or to perform a contract
  • you have given us your consent
  • disclosure is necessary for the establishment, exercise or defence of legal claims
  • we are obliged to disclose data to supervisory or law enforcement authorities.

The following may be recipients of personal data (third parties):

  • Service providers tasked with providing, maintaining and servicing hardware and/or software
  • Web hosts and platform operators on which we operate online offerings
  • Credit agencies, if we carry out credit checks in the context of contract processing
  • Payment service providers
  • Logistics companies
  • Our external Data Protection Officer (see section 1), insofar as this is necessary for dealing with data protection-related matters. The Data Protection Officer is bound by confidentiality.

 

 

2.7 Processing on behalf and joint controllership

Some service providers (e.g. web hosts) process personal data on our behalf. We have concluded corresponding data processing agreements with these service providers in accordance with Art. 28 (3) GDPR. These agreements are intended to ensure that service providers process personal data only in accordance with our instructions and in compliance with the GDPR.

In some cases, we are jointly responsible with other companies (e.g. social media platform providers) for the processing of your personal data. In such cases, corresponding arrangements pursuant to Art. 26 GDPR have been concluded between us and these companies.

 

We have no influence on, and are not responsible for, the processing carried out by intermediary platforms (e.g. job portals, purchasing platforms, etc.) whose services we use.

2.8 Processing in a third country

2.8.1 General information

When you use our online offering, personal data may also be transferred to third countries. The GDPR does not apply in third countries. Our online offering contains tools or uses services provided by companies in third countries, in particular in the USA. If these tools are active, your personal data may be transferred to and processed in these third countries. We would like to point out that in these countries a level of data protection comparable to that in the EU cannot be guaranteed.

The transfer of personal data to third countries may be based on:

  • an adequacy decision of the EU Commission
  • the existence of appropriate safeguards pursuant to Art. 46 GDPR or
  • the existence of derogations pursuant to Art. 49 GDPR
  • your consent

Platform operators based in a third country may also process personal data outside the scope of the GDPR and thus on the basis of a lower level of data protection (see section 5).

2.8.2 Note on data transfer to the USA and other third countries

2.8.2.1 Adequacy decision, appropriate safeguards

In the absence of other legal bases (consent, transfers required by contract/by law), we only allow data to be processed in third countries if an adequacy decision (Art. 45 GDPR) exists for these countries, if the service providers based there have committed themselves to complying with the standard contractual clauses of the EU Commission (Art. 46 GDPR) or binding internal data protection rules, or can demonstrate relevant certifications (Art. 46 GDPR).

Further information on international data transfers, safeguards and standard contractual clauses:

https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_de
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en

2.8.2.2 Data Privacy Framework (DPF)

On 10 July 2023, the EU Commission adopted the rules on the “Data Privacy Framework” (DPF). This confirms that companies which have certified themselves under the DPF ensure an adequate level of protection.

Data transfers to US companies that are certified under the EU-U.S. Data Privacy Framework (DPF) or provide additional safeguards are permitted. Certified companies are listed on the website of the US Department of Commerce at

https://www.dataprivacyframework.gov/.

Further information on the DPF

https://www.bfdi.bund.de/SharedDocs/Kurzmeldungen/DE/2023/17_Angemessenheitsbeschluss-EU-US-DPF.html
https://ec.europa.eu/commission/presscorner/api/files/attachment/875613/EU-US%20Data%20Privacy%20Framework.pdf
https://ec.europa.eu/commission/presscorner/detail/de/ip_22_2087

2.8.3 Legal obligation, performance of a contract

If the transfer to a third country is necessary for the implementation of pre-contractual measures or for the performance of a contract with you, Art. 49 (1)(b) GDPR forms the legal basis.

If the transfer of your data to a third country is necessary for the establishment, exercise or defence of legal claims, this transfer is based on Art. 49 (1)(e) GDPR.

In all other cases, the transfer of data to a third country is based on your explicit consent pursuant to Art. 49 (1)(a) GDPR. Any consent given can be withdrawn at any time.

2.9 Storage period

We store the personal data you provide only for as long as is necessary to achieve the purpose of processing. If you use contact channels of a social media platform to contact us, we reserve the right to store your data on our own servers – the storage periods also apply to this data.

Longer storage periods may arise from contractual or statutory requirements (e.g. 10, 8 or 6 years under commercial/tax law) or where there are indications of unlawful use.

Data stored by the web host is automatically deleted after a maximum of 180 days.

We have no influence on the data processing and storage by platform operators. Please refer to their privacy notices.

2.10 Legal bases

“Personal data” means any information relating to an identified or identifiable natural person. We process such data on the basis of the GDPR and the German Federal Data Protection Act (BDSG):

  • for the initiation or performance of a contract with you (Art. 6 (1)(b) GDPR)
  • to comply with a legal obligation (Art. 6 (1)(c) GDPR)
  • to safeguard our legitimate interests or the legitimate interests of a third party (Art. 6 (1)(f) GDPR)
  • for advertising purposes, taking into account the requirements of section 7 of the German Unfair Competition Act (UWG)
  • on the basis of your explicit consent to the transfer of personal data to third countries (Art. 49 (1)(a) GDPR). For information on transfers to third countries, see section 2.8 (“Processing in a third country”).
  • on the basis of your consent (Art. 6 (1)(a) GDPR).
  • specifically, where you have consented to the storage of cookies and/or to access to information already stored on your device (e.g. via device fingerprinting), the legal basis is section 25 (1) of the German Telecommunications-Digital Services Data Protection Act (TDDDG).

3 Rights of data subjects

Data protection law grants data subjects various rights. These are:

  • Right of access (Art. 15 GDPR)
    Please specify your request as precisely as possible in order to enable us to compile the required data. In certain cases, your right of access may be restricted due to legal provisions.
  • Right to rectification (Art. 16 GDPR)
    You have the right to obtain the rectification of inaccurate personal data concerning you.
  • Right to erasure (Art. 17 GDPR)
    Your right to erasure may be restricted by statutory provisions to which we are subject.
  • Right to restriction of processing (Art. 18 GDPR)
    You have the right to obtain restriction of processing of your personal data.
  • (Art. 20 GDPR)
    For data you have provided to us, you have the right to receive these data in a structured, commonly used and machine-readable format.
  • Right to withdraw consent (Art. 7 (3) GDPR)
    If you have given us consent to process your data, you may withdraw this consent at any time, without giving reasons and with effect for the future.
  • Right to object (Art. 21 GDPR)
    You may object to processing that we base on our legitimate interests. Your right to object may be restricted in certain cases if our interest in the processing outweighs your interests or if we are legally obliged to carry out the processing.
  • Consequences of withdrawal/objection
    If you have effectively objected to processing or withdrawn your consent, we will cease this processing. This also means that we may no longer be able to continue handling your request.
    A withdrawal/objection does not affect the lawfulness of processing carried out up to the time we receive your withdrawal/objection and has no impact on the storage of information that we are required to retain under statutory provisions. You may address your withdrawal/objection to the controller named in section 1 in writing, by e-mail (to     widerspruch@iMi.de, preferably with the subject line: “Objection / Withdrawal”) and, where applicable, via the service offered (e.g. newsletter).
  • Right to lodge a complaint (Art. 77 GDPR)
    If you consider that the processing of personal data concerning you infringes the GDPR, you have the right to lodge a complaint with a supervisory authority. The following supervisory authorities are responsible for our companies:

- iMi verwaltungs GmbH

- iMi digital GmbH

- iMi salesmarketing Rhein-Main GmbH

 

 

 

 

The Hessian Commissioner for Data Protection

Gustav-Stresemann-Ring 1
65189 Wiesbaden

Phone: 06 11/140 80

E-mail:         poststelle@datenschutz.hessen.de
Website:       http://www.datenschutz.hessen.de

- iMi foodservice GmbH

Hamburg Commissioner for Data Protection and Freedom of Information

Ludwig-Erhard-Str 22
20459 Hamburg

Phone:   040 42854-4040

E-mail:           mailbox@datenschutz.hamburg.de
Website:        https://datenschutz-hamburg.de

- iMi foodservice personalberatung GmbH

State Commissioner for Data Protection and Freedom of Information of Mecklenburg-Western Pomerania

Schloss Schwerin
Lennéstraße 1
19053 Schwerin

Phone:           0385 59494-0

E-mail:           info@datenschutz-mv.de
Website:        https://www.datenschutz-mv.de

 

The current addresses of the supervisory authorities can be found at:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Please also note section 5.3 with regard to exercising your rights vis-à-vis a platform operator.

4 Hosting

Our online presences are provided by a specialised web hosting provider. When you visit our pages, this web host collects various information (e.g. IP address, etc.) and stores it in log files (see sections 2.2 and 2.5). We have concluded a data processing agreement with the web host.

Cooperation with the service provider is based on our legitimate interest (Art. 6 (1)(f) GDPR) in the most reliable presentation possible of our website. You have the right to object to this processing. Please refer to section 3 (“Rights of data subjects”) of this Privacy Notice.

Where corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and section 25 (1) TTDSG, insofar as the consent encompasses the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TTDSG.

Our website is hosted by the following service provider:

Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.

5 Social Media

Below you will find information on further online presences of our company. For the sake of clarity, the general information that applies to each of the online presences listed below has been summarised and placed at the beginning.

Personal data may be transferred to and processed in any country in which the platform operator conducts business, regardless of your place of residence. Data stored by platform operators based in the USA – irrespective of the actual place of processing – may also be subject to access by US authorities which are not bound by the requirements of the GDPR. The legal basis for such access is provided by US legislation, for example laws relating to counter-terrorism (FISA, Patriot Act, Cloud Act, etc.).

5.1 General information

Our social media accounts are linked to our website via hyperlinks. Use of these external links is optional and has no impact on your otherwise normal use of the website. We have not integrated any social media plug-ins (e.g. “Like” buttons, “Recommend” buttons, etc.) into our website.

In our capacity as page operator, we are jointly responsible with the respective platform operator for the processing of data. Joint controllership exists for data that arise from the use of tools and services and are used jointly by the platform operator and the page operator.

Please note that our Privacy Notice does not apply to data processing by the respective platform operator. Despite joint controllership, we currently have no effective means of control vis-à-vis a platform operator. You should therefore, as a matter of principle, inform yourself in the privacy notices of the platform operator about how it handles your personal data before using social media offerings.

If you visit our online presence with the respective platform operator, that operator collects personal data (e.g. via the storage and evaluation of cookies, the use of tracking pixels or similar technologies), such as IP address, comments, information from the use of tracking tools, etc. Such data collection may also take place if you are not logged in to or registered with the platform operator.

If you are registered with the platform operator and logged into your account when visiting our online offerings, selected basic profile data may be included in the platform operator’s statistical evaluations.

The processing of your data by the platform operator is generally not limited to the EU and thus not to the territorial scope of the GDPR. Please also refer to section 2.8 “Processing in a third country”.

We expressly point out that you use our pages with the respective platform operators and the functionalities offered there on your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, recommending, rating, networking, etc.). The information you provide in the course of such interactions is also made available to other users of the platform by the platform operator and may be found by persons who are not registered as users of the platform (e.g. via search engines). Please carefully consider which information you wish to make available on each platform.

For information on how to restrict the processing of your data by the platform operator through settings in your account, please consult the platform operator’s support pages.

 

For our social media accounts, we reserve the right to

  • delete content if such content violates legal and/or ethical principles
  • share content if this is a function of the respective platform
  • use information you have provided for the purpose of communicating with you.

If you contact us via a social media platform (e.g. by private message, comment, etc.), we receive your username, your message text and any other personal data you provide. Your comments are generally public and visible to all users of the platform.

Our social media accounts constitute an additional offering – all relevant information and contact options are also available, in a more data protection-friendly manner, on our website.

5.2 Purpose and legal basis

We operate our social media accounts for the purpose of direct communication with potential customers, employees and interested parties, as well as to present our company and the solutions we offer to the broadest possible public. This legitimate interest (Art. 6 (1)(f) GDPR) in a positive external presentation also constitutes the legal basis for data processing in the context of the use of social media.

If we receive personal data from you or collect such data, this is likewise based on our legitimate interest in the most direct and timely communication possible with you as a user of the respective online offering.

You have the right to object to processing based on legitimate interests under certain conditions. Please refer to the relevant information in section 3 “Rights of data subjects”.

For the storage period of your data, please refer to section 2.9 of this Privacy Notice.

5.3 Exercising data subject rights

Please exercise your rights as a data subject directly vis-à-vis the respective platform operator. Since we depend on the cooperation and information of the platform operator when handling data subject requests that do not relate exclusively to our own processing activities, we will forward such requests to the platform operator without further enquiry/notification.

If we use intermediary platforms (e.g. job portals, “Wer liefert was”, etc.) to present our company and/or the services we offer, the processing of your data when using these platforms is carried out exclusively by the platform operator. In such cases, please address your data subject requests exclusively to the platform operator as well.

If you wish to exercise your rights as a data subject in connection with processing for which we are responsible, please refer to the information in section 3 “Rights of data subjects”.

In addition to the rights mentioned there, you may also have a right to data portability vis-à-vis the respective platform operator.

5.4 Our social media accounts in detail

5.4.1 Facebook

For the provision of our Facebook pages, we use services of the platform provider Facebook. The controller for this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter “Meta”).

Facebook describes how it handles your data in its data usage policies. There you will also find information on how to contact Facebook and on the settings options for your Facebook account.

Facebook’s server locations also include the USA, so that data transfers to the USA cannot be ruled out. Data transfers to the USA are based on the EU Standard Contractual Clauses. In addition, Meta is certified under the EU-U.S. Data Privacy Framework (DPF).

Exercising your data subject rights vis-à-vis Facebook

Information on how you can manage or delete information about you can be found on the Facebook support pages at:      https://de-de.facebook.com/about/privacy#
                                                         https://www.facebook.com/about/basics/manage-your-privacy

You can influence processing by Facebook by adjusting certain settings. Please also refer to the following information provided by the platform operator:

https://www.facebook.com/settings?tab=ads
http://www.youronlinechoices.com.

Please assert your rights as a user of the platform directly vis-à-vis the platform operator.

Information on data processing

Meta data transfer addendum for the transfer of European data:
https://www.facebook.com/legal/EU_data_transfer_addendum

Joint controller agreement:              https://www.facebook.com/legal/terms/page_controller_addendum
Information on insights and statistics:            http://de-de.facebook.com/help/pages/insights
Facebook data usage policy:           http://de-de.facebook.com/about/privacy
Full Facebook data policy:               https://de-de.facebook.com/full_data_use_policy

Further information on DPF certification:      
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

5.4.2 LinkedIn

We operate a LinkedIn account. The provider of the platform is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter “LinkedIn”). LinkedIn is a US company that is part of the Microsoft group. Its headquarters are located in Sunnyvale, California.

When you visit our online presence on the platform, LinkedIn collects and processes personal data. The processing of your data is not limited to the territorial scope of the GDPR. The provider describes the collection and processing of data by LinkedIn in its Privacy Policy.

Data transfers to the USA are based on the EU Standard Contractual Clauses.

Information on data processing

Information on data transfers and the Standard Contractual Clauses:
https://www.linkedin.com/help/linkedin/answer/a1343190
https://www.linkedin.com/legal/l/eu-sccs

Privacy Policy:                https://www.linkedin.com/legal/privacy-policy

Cookie Policy:                 https://www.linkedin.com/legal/cookie-policy

Data Processing Agreement:
https://www.linkedin.com/legal/l/dpa

You can obtain information about your data at:
https://www.linkedin.com/help/linkedin/answer/a1339364/auf-ihre-kontodaten-zugreifen
www.linkedin.com/help/linkedin/ask/PPQ

Further information on opt-out options, advertising measures and data protection activities:
https://www.linkedin.com/help/linkedin/search?q=opt-out+retargeting

5.4.3 YouTube

To provide content on our YouTube channel, we use the technical services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

On our YouTube channel, we provide you with videos about our company and our products. Where we offer you the possibility to play these videos directly from our website, we have embedded them in “extended data protection mode”.

Google/YouTube is certified under the EU-U.S. Data Privacy Framework (DPF).

Information on data processing

Privacy Policy:     https://policies.google.com/privacy

Further information on data protection:
   https://policies.google.com/technologies/product-privacy?hl=de

Further information on DPF certification:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

 

 

5.4.4 New Work SE (Xing, kununu…)

The platform Xing and associated services and applications (Xing, kununu, onlyfy, etc.) are offered by New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. We use these services on the basis of our legitimate interest in making contact in the context of employee recruitment and in presenting ourselves as an attractive employer.

By adjusting the settings in your account, you can influence how your personal data is handled. Please refer to the provider’s instructions for information on which settings you can configure and how these affect the processing of your personal data.

Information on data processing

Information on the services provided by New Work SE:
https://www.new-work.se/de/unternehmen

Information on privacy settings:
https://www.xing.com/settings/privacy

Privacy Policy:                   https://privacy.xing.com/de/datenschutzerklaerung
https://privacy.xing.com/de/datenschutzerklaerung/druckversion

6 Cookies

If, within the scope of our online offering, we provide functionalities (e.g. videos, links to other online offerings, etc.) that are provided by third-party providers or that redirect you to the page of a third-party provider, such providers may set cookies (third-party cookies). You can prevent such cookies from being set by adjusting your browser settings accordingly. If the storage of cookies for certain providers is rejected or deactivated, the services offered by that provider may no longer be available or may no longer be fully usable.

If you delete cookies in which personal settings (e.g. your decision in the consent banner, language selection, etc.) are stored, you will have to make these decisions again afterwards.

Third-party functionalities are generally not required for the use of our offering, but they can increase user comfort. You are free to decide whether to use third-party functionalities and the associated use of cookies by the respective provider. We have no influence on the data processing carried out by the respective provider in connection with the use of third-party functionalities or when visiting third-party websites.

Other cookies requiring consent may be used to analyse user behaviour or for advertising purposes. Where consent to the storage of cookies and comparable recognition technologies is requested, processing is carried out exclusively on the basis of your consent (Art. 6 (1)(a) GDPR and section 25 (1) TTDSG). Any consent given may be withdrawn at any time. Please also refer to the information in section 3 (“Rights of data subjects”).

Further information on the cookies we use can be found in the consent banner. You can subsequently adjust the settings you have made in the consent banner via a corresponding button .

Technically required cookies

Certain cookies (first-party cookies) are technically required to provide functionalities of an online offering. They are used, for example, to maintain the session when navigating between pages, to prevent attacks or to execute forms.

These cookies are automatically deleted when the browser session is ended. Your selection in the cookie banner is stored in a cookie and deleted after 1 month.

The legal basis for the use of technically required cookies is our legitimate interest (Art. 6 (1)(f) GDPR) in a reliable, error-free and user-friendly presentation of our online presence. In addition, cookies may be used for the preparation or performance of a contractual relationship with you (e.g. storage of a shopping cart). Your consent is not required for this type of cookie.

These cookies do not require consent pursuant to section 25 (2) TTDSG.

Preference cookies

You may wish to use certain settings/functionalities again on your next visit to our online offering without having to make the same settings again (e.g. language selection, number of search results per page). In this case, cookies containing the relevant stored information must continue to be stored on your device even after the browser session has ended.

These cookies are not deleted automatically.

The legal basis for the use of preference cookies is our legitimate interest (Art. 6 (1)(f) GDPR) in providing our online presence in a user-friendly manner.

Cookies for statistical evaluations

We use cookies for statistical purposes on the basis of our legitimate interest (Art. 6 (1)(f) GDPR) in optimising our website. The resulting evaluations are aggregated and not attributable to any individual user. These cookies are not required for the use of our offering, but they support us in further developing our online offerings.

We use this information to understand how our website is used and, on this basis, to optimise our web pages for visitors.

These cookies are not deleted automatically.

Marketing / third-party cookies

These cookies enable us and/or third-party providers to track your activities across websites and to present you with offers tailored specifically to you.

If, within the scope of our online offering, we provide functionalities that are offered by third-party providers or that redirect you to the page of a third-party provider, then, when you use these functionalities, cookies (third-party cookies) may be stored on your device by the third-party provider.

7 Third-party providers

In our online offerings, we use content and functionalities (e.g. route planning, reach measurement, newsletter distribution, etc.) that are provided by third-party providers. These providers may also be based in a third country.

When using third-party offerings – regardless of whether you are redirected to a new page or use the offering within our website – personal data (e.g. IP address, page accessed, date, time, etc.) may be transmitted to the third-party provider and/or cookies may be stored on your device by this provider and processed in accordance with the third party’s applicable privacy notice. The IP address you use is required by the third-party provider, for example, in order to transmit the offered/requested content to your browser. We cannot rule out that the respective provider processes data in a third country (e.g. the USA).

 

Third-party offerings are provided in addition to our main offering and are not strictly necessary for the use of our services. You use these offerings voluntarily and on your own responsibility. We have no influence over the processing of your data by the third-party provider. Please refer to the third-party provider’s privacy notice.

If we use functionalities for statistical and analysis purposes, we will ask for your consent in advance – this is also voluntary for you. You may withdraw any consent given at any time without stating reasons.

Where we provide links to websites of other organisations, the privacy notices and policies published there apply. Links to third-party providers are identified by the third party’s logo, by the symbol or by an appropriate notice (e.g. pop-up window). Accessing these links is optional and has no impact on your otherwise normal use of our website offerings.

7.1 Google

7.1.1 Google (Universal) Analytics

If you have given your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The service provider responsible within the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses so-called “cookies”, text files which are stored on your computer and which enable an analysis of your use of the website. It cannot be ruled out that the data collected in this way will be transmitted to and stored on Google servers in the USA.

On behalf of the website operator, Google will evaluate your use of the website in order to compile reports on website activities. The reports provided by Google Analytics are used to analyse the performance of our website and the success of our marketing campaigns. According to Google, the IP address transmitted by your browser in the context of Google Analytics will not be merged with other data held by Google.

We use the “anonymizeIP” function. This means that your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before transmission. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

You can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of these data by Google by

a. not granting your consent to the setting of the cookie, or

b. downloading and installing the browser add-on to deactivate Google Analytics, available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can also prevent the storage of cookies by selecting the appropriate settings in your browser software. However, if you configure your browser to reject all cookies, this may result in restricted functionality on this and other websites.

 

Information on the terms of use of Google Analytics and on data protection at Google can be found at

-    https://marketingplatform.google.com/about/analytics/terms/de/ and

-    https://policies.google.com/?hl=de.

7.1.2 Google AdWords and Google Conversion-Tracking

We use the Google advertising tool “Google AdWords”. In this context we use on our website the analysis service “Conversion Tracking” of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

If you reach our website via an ad placed by Google, a cookie is set on your computer by Google AdWords. The cookie for conversion tracking is set when a user clicks on an ad placed by Google. These cookies expire after 90 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognise that the user clicked on the ad and was redirected to that page.

Each Google Ads customer receives a different cookie. The cookies cannot be tracked across the websites of Ads customers. The information obtained using the conversion cookie is used to compile conversion statistics for AdWords customers who have opted in to conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in tracking, you can refuse the setting of the cookie required for this purpose – either in the consent banner or by using a browser setting that generally blocks the automatic setting of cookies or only cookies from the domain “googleleadservices.com”.

Please note that you must not delete opt-out cookies as long as you do not wish recording of measurement data to take place. If you delete all cookies in your browser, you must set the respective opt-out cookie again.

Further information on advertising and data protection at Google can be found at:

https://policies.google.com/privacy

https://safety.google/intl/de/privacy/ads-and-data/

7.1.3 Google reCaptcha

We use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

 

This function primarily serves to distinguish whether an entry is made by a natural person or is misused by automated, machine-based processing. The service involves the transmission of the IP address and, where applicable, other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 (1)(f) GDPR on the basis of our legitimate interest in determining individual responsibility on the internet and in preventing misuse and spam. In the course of using Google reCAPTCHA, personal data may also be transmitted to the servers of Google LLC in the USA.

Further information on Google reCAPTCHA and Google’s Privacy Policy can be found at:

https://www.google.com/intl/de/policies/privacy/

7.1.4 Exercising your data subject rights vis-à-vis Google

If you do not agree to your data being transmitted to Google in the context of the use of Google Maps, there is the option to completely deactivate the Google Maps web service by disabling the JavaScript application in your browser. Google Maps can then no longer be used.

For exact instructions, please refer to your browser’s help texts.

If you are logged in to Google, the data collected will be directly associated with your account. If you do not want this association to take place, you must log out before using the service. As a registered user of the network, you can configure additional settings to protect your privacy. Please consult the platform provider for information on these options.

Please assert your rights as a user of the platform directly vis-à-vis the platform operator.

Information on data processing

Privacy Policy:                https://policies.google.com/privacy

Terms of Service:            https://policies.google.com/terms?hl=de&gl=de

Additional Terms of Service for Google Maps:
https://www.google.com/intl/de_US/help/terms_maps/

Further information on DPF certification:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

 

7.1.5 Google Tag Manager

Google Tag Manager is a tool that allows us to integrate tracking or analytics tools and other technologies into our website. Google Tag Manager itself does not create user profiles and does not carry out its own analyses. It is used solely for the administration and deployment of the tools integrated via it. However, Google Tag Manager does collect your IP address, which may also be transmitted to Google’s parent company in the United States.

According to a ruling by the Administrative Court (VG) of Hanover of 19 March 2025 – 10 A 5385/22, Google Tag Manager is therefore subject to consent. You give this consent in the cookie banner.

Where corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and section 25 (1) TTDSG, insofar as the consent encompasses the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TTDSG. Any consent given may be withdrawn at any time. Please also refer to the information in section 3 (“Rights of data subjects”).

Information on Google Tag Manager can be found at: https://www.google.com/intl/de/tagmanager/faq.html

8 Job vacancies and applicant selection process

8.1 Application at iMi

We are pleased that you are interested in working for our company.

We use our online services to publish job vacancies. You can apply to us both online and by post. If you decide to apply online, please use the communication channels specified in each case. Online we offer you the following options:

  • Application via our applicant portal (your data is encrypted during transmission)
  • Application by email (you can find the email address on our careers pages or in the job advertisement)

If you would like to transmit your documents in encrypted form (content encryption), please contact our HR department or the contact person named in the job advertisement in advance.

We process the application documents you voluntarily submit on the basis of Art. 6 (1)(b) GDPR (initiation of an employment relationship) for the purpose of carrying out an applicant selection procedure. If an employment relationship is established, the data provided will be transferred to our electronic personnel administration system.

Within our sphere of responsibility, only persons involved in the application process have access to your application documents. These are employees of the HR department as well as management and line managers.

If we are unable to offer you a position, we will delete your data no later than 6 months after the end of the applicant selection procedure, with the following exception:

  • Last name, first name
  • Date of birth
  • Address
  • Date of application
  • Position applied for

The storage of this “basic data record” for a period of 2 years in an applicant history is based on our legitimate interest (Art. 6 (1)(f) GDPR) in the efficient handling of further applicant selection procedures and does not require your consent. Further information on your rights can be found in Section 3 (“Rights of data subjects”).

Further information on how we process your application documents, the storage period and your rights towards us can be found at https://imi-personalberatung.de/datenschutzhinweise-fuer-bewerber-und-kunden.

8.2 Applications in the context of our personnel placement services

Our range of services also includes personnel placement. For this purpose, we place job advertisements on behalf of our clients and coordinate application processes. If you provide us with information in connection with this service, we will, in the event of suitability, pass this on to the client for whose job offer you have applied. Your data will only be passed on to other clients with your prior consent.

If no employment relationship is established, we will store your application documents for a maximum of 6 months. If we wish to offer you alternative positions or include you in our applicant pools, we will first ask for your consent.

8.3 Coveto

For contacting us and transmitting documents in the context of an application via our applicant portal, we use the applicant management system of the service provider coveto ATS GmbH, Gutleutstraße 12, 63667 Nidda.

The processing of your application documents using Coveto is based on our legitimate interest (Art. 6 (1)(f) GDPR) in the efficient handling of applicant selection procedures. For some processing activities (e.g. storage of your application in an applicant pool) we require your consent (Art. 6 (1)(a) GDPR), which you may withdraw at any time with effect for the future.

The service provider stores your application documents and makes them available to us for further processing. Processing is carried out exclusively in accordance with our instructions and not for the provider’s own purposes. According to the service provider, only data centres within Germany are used for the operation of the management tool and the storage of your personal data. Your documents are transmitted in encrypted form (transport encryption).

In order to ensure the functionality of the tool, cookies are stored on your computer by Coveto for the duration of your session. These cookies are required for functionality and do not require consent.

When you visit our careers pages, various information that your browser automatically transmits to the service provider’s web server is also processed by the service provider.

Information on data protection at Coveto can be found at https://www.coveto.de/datenschutz.

9 Data processing in the context of electronic communication

We offer you various ways to get in touch with us:

  • Contact form
  • Email address
  • Phone
  • Postal mail
  • Comment functions on social media platforms

If you provide us with personal data via one of these contact options or via any other communication channel, this provision is voluntary. The processing of the data you transmit is based on Art. 6 (1)(b) GDPR if your request is related to the performance of a contract or if the data is required for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6 (1)(f) GDPR) or – where requested – on your consent (Art. 6 (1)(a) GDPR).

You may withdraw any consent you have given at any time. Please refer to the information in Section 3 (“Rights of data subjects”).

We store the data you transmit to us until you request its deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been fully processed). Information that is required to comply with warranty and retention periods and/or for the defence/enforcement of legal claims is stored by us until the respective period has expired (e.g. 10 years for tax-relevant data…).

9.1 Contact form

If you provide us with personal data (contact details, attachments, etc.) via one of our contact forms, this is done on a voluntary basis and we will use this data to process your inquiry and/or to contact you. The legal basis for this is Art. 6 (1)(b) GDPR (initiation/performance of a contractual relationship) or Art. 6 (1)(f) GDPR (legitimate interest).

 

Where applicable, we will store the data you have transmitted for this purpose in an electronic archive.

Depending on the context, different information is mandatory (e.g. name, email address, message text, etc.). If you do not wish to provide information marked as mandatory fields, you are free to refrain from using the service or information offered.

The information you provide is transmitted in encrypted form (transport encryption). If you also wish to send us documents in encrypted form (content encryption), please contact us in advance.

If you do not wish to be contacted via a particular communication channel, please do not provide the relevant information. You also have the option to object to the processing of the personal data you have transmitted to us for the future.

If you grant us consent in the course of the communication process, we will also use this, upon request, as proof vis-à-vis supervisory authorities.

We will delete the personal data you have transmitted if

(1)    it is no longer required to achieve the purpose and there are no longer any retention obligations;

(2)    you object to the processing. In this case, communication with you cannot be continued and a requested service cannot be provided or cannot be provided in full;

(3)    communication with you has been concluded. This is the case when a matter has been finally clarified and further communication is clearly not desired.

By way of deviation from this, we store information that is required to comply with warranty and retention periods and/or for the defence/enforcement of legal claims until the respective period has expired (e.g. 10 years for tax-relevant data, 3 years for warranty issues…).

9.2 Email, Telephone

If you contact us by email or telephone, your inquiry, including all personal data resulting from it (name, subject of the inquiry, etc.), will be stored and processed by us for the purpose of handling your request. If the inquiry is made by telephone, we will, where necessary for processing your request, prepare and store call notes.

10 Minors

Our services are expressly aimed only at persons who have already reached the age of 16. You may be required to confirm this to us by ticking an appropriate checkbox.

Persons under the age of 16 should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request personal data from minors and do not knowingly process such data. Data that can be clearly attributed to minors and for which no verifiable consent of the legal guardians is available will be deleted by us.

11 Amendments to this privacy notice

We reserve the right to adapt this privacy notice to current technical and legal developments without additional notices or explanations. Please therefore inform yourself about the current content of the privacy notice when you visit our websites again.


The last update was on 17 November 2025.

 

Copyright 2025. All Rights Reserved.
ImprintPrivacy policyFAQ
Settings saved

Privacy settings

Privacy policy Legal notice
You are using an outdated browser. The website may not be displayed correctly. Close