Our privacy policy

1. General information and principles of data processing

We are pleased that you are visiting our website. The protection of your privacy and the protection of your personal data, the so-called personal data, when using our website is an important concern for us.

According to Art. 4 (1) GDPR, personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your first and last name, your address, your telephone number, your e-mail address, but also your IP address.

Data for which no reference to your person can be established, such as through anonymization, is not personal data. Processing (e.g. collecting, storing, reading, querying, using, transmitting, deleting or destroying) according to Art. 4 (2) GDPR always requires a legal basis or your consent. Processed personal data must be deleted as soon as the purpose of the processing has been achieved and there are no longer any legally prescribed retention obligations to be observed.

Here you will find information about the handling of your personal data when visiting our website. To provide the functions and services of our website, it is necessary that we collect personal data about you.

We also explain to them the nature and scope of the respective data processing, the purpose and the corresponding legal basis and the respective storage period.

 

2. Data Controller

We, Serviceplan Group SE & Co KG, House of Communication, Friedenstr. 24, 81671 Munich, Germany, Phone: +49 89 2050 20, E-mail: info@house-of-communication.com (hereinafter: "Serviceplan Group" or "we"), would like to inform you in the following about the processing of your personal data within the framework of our website.

The following Serviceplan agencies are each responsible for the areas of our brands on the site (Plan.Net, Mediaplus) as far as your inquiries to these agencies are concerned, e.g. via a contact form or by e-mail:

-       Plan.Net Germany GmbH & Co. KG, House of Communication, Friedenstr. 24, 81671 Munich, E-mail: info@plan-net.com, Phone: +49 89 2050 30

-       Mediaplus Germany GmbH & Co.KG, House of Communication, Friedenstr. 24, 81671 Munich, E-mail: mediaplus@house-of-communication.com, Phone: +49 89 2050 50

Insofar as you access the areas of our agencies outside of Germany, the responsible body is the respective agency named here

If you contact us with regard to data protection, we will be happy to forward your request to the agencies concerned.

This data protection declaration applies only to the website of Serviceplan and its agencies. It does not apply to other websites to which we merely refer by means of a hyperlink. We cannot accept any responsibility for the confidential handling of your personal data on these third-party websites. Please inform yourself about the use of your personal data by these companies directly on their websites.

 

3. Data Protection Officer

You can also contact our data protection officer at any time with questions about data protection:

Dr. Georg Schröder, LL.M.
legal data Schröder Rechtsanwaltsgesellschaft mbH
Prannerstr. 1
80333 Munich
Germany

Phone: +49 (0)89 954 597 520
Fax: +49 (0)89 954 597 522
E-mail: datenschutz@legaldata.law

 

4. Provision and use of the website / server log files

a) Type and scope of data processing

If you use this website without otherwise (e.g. by registration or use of the contact form) transmitting data to us, we collect via server log files technically necessary data that are automatically transmitted to our server, including:

·      IP address

·      Date and time of the request

·      Name and URL of the retrieved file

·      Website from which the access is made (referrer URL)

·      Access status/HTTP status code

·      Browser type

·      Language and version of the browser software

·      Operating system
 

b) Purpose and legal basis

This processing is technically necessary in order to display our website to you. We also use the data to ensure the security and stability of our website.

The legal basis for this processing is Art. 6 (1) (f) GDPR. The processing of the aforementioned data is necessary for the provision of a website and thus serves to protect a legitimate interest of our company.
 

c) Storage period

As soon as the aforementioned personal data is no longer required to display the website, it will be deleted. The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user with regard to this aspect. Further storage may take place in individual cases if this is required by law.

 

5. Use of cookies

a) Nature, scope and purpose of data processing

We use cookies. Cookies are small files that are sent by us to the browser of your terminal device during your visit to our website and stored there.

Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies, on the other hand, enable us to perform various analyses. For example, some cookies can recognize the browser you are using when you visit our website again and transmit various information to us. We use cookies to facilitate and improve the use of our website. Among other things, cookies enable us to make our website more user-friendly and effective for you by, for example, tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies cannot cause any damage to your end device. They cannot execute programs or contain viruses. Various types of cookies are used on our website, the type and function of which are explained below.

Session cookies
So-called session cookies are used on our website, which are automatically deleted as soon as you close your browser. This type of cookie makes it possible to record your session ID. This allows various requests from your browser to be assigned to a common session and makes it possible to recognize your terminal device during subsequent website visits. These session cookies expire at the end of the session.

Persistent cookies
Persistent cookies are used on our website. Persistent cookies are cookies that are stored in your browser for a longer period of time and can transmit information. The respective storage period differs depending on the cookie. You can delete permanent cookies independently via your browser settings.

Third-party cookies
We use analytical cookies to monitor anonymized user behavior on our website.

In addition, we use marketing cookies. These cookies allow us to track user behavior for advertising and targeted marketing purposes.

Social media cookies allow you to connect to your social networks and share content from our website within your networks.

Browser settings configuration
You can accept or reject individual cookies or all cookies separately when you first visit our website and then at any time in our cookie banner by placing a green check mark next to the respective cookie or removing it and then clicking "OK".

Your settings made in the cookie banner are saved on your computer or mobile device. Therefore, you will have to make them again if you delete your browsing history or use another device or Internet browser.

Most web browsers are preset to accept cookies automatically. However, you can configure your respective browser so that it only accepts certain cookies or not at all. However, we would like to point out that you may then no longer be able to use all the functions of our website.

You can also delete cookies already stored in your browser via your browser settings. Furthermore, it is possible to set your browser to notify you before cookies are stored. Since the various browsers can differ in their respective modes of operation, we ask you to use the respective help menu of your browser for the corresponding configuration options.

Disabling the use of cookies may require the storage of a permanent cookie on your computer. If you subsequently delete this cookie, you will have to deactivate it again.
 

b) Legal basis

This processing is technically necessary to display our website to you. We also use the data to ensure the security and stability of our website, to comply with legal obligations. Furthermore, the collection of data is necessary for the provision of our website and thus serves to protect a legitimate interest of our company. The legal basis for the processing of the aforementioned data is Art. 6 (1) (c) and (f) GDPR.

If you have given us your consent to the use of cookies on the basis of a notice ("cookie banner") issued by us on the website, the legal basis for further data processing is Art. 6 (1) (a) GDPR.
 

c) Storage period

The storage period corresponds to the duration of the cookies. You can view this at any time in our cookie banner for each cookie. In addition, you can delete cookies manually in your browser at any time.
 

d) Cookie categories

We use the following categories of cookies:

aa) Necessary cookies

Necessary cookies ensure functions without which our website cannot be used as intended. The purpose of these cookies is, for example, to ensure that logged-in users always remain logged in when accessing various sub-pages. These are so-called first party cookies, i.e. the cookies are only used by us. These cookies do not require consent. You can deactivate cookies in your browser at any time.
 

bb) Statistics cookies

Statistics cookies collect information about how a website is used in order to improve its attractiveness, content and functionality. For example, the following data is collected:

The number of times a page or sub-pages are accessed, the time spent on the website, the order of the pages visited, which search terms led you to us, the country, region, city from which access is made, and the proportion of mobile devices accessing our websites. Furthermore, we analyze which areas of our website are of particular interest to you.

Statistics cookies help website owners overall understand how visitors interact with websites by collecting and reporting information anonymously.
 

cc) Cookies for personalization

Cookies for personalization enable our website to save the information you have already provided (e.g. registered name, language selection, location) and to offer you improved and more personalized functions based on this. Only anonymized information is processed via these.
 

dd) Marketing cookies

Marketing cookies are used to follow visitors on websites and serve them interest-based advertisements. They are also used to limit the frequency with which ads appear and to measure the effectiveness of advertising campaigns. In particular, these cookies register whether a website has been visited. The information thus obtained can be shared with third parties, such as advertisers. Cookies to improve targeting and advertising are often linked to third-party site functionalities.

The purpose of marketing cookies is to serve ads that are relevant and engaging to users and therefore more valuable to publishers and third party advertisers.

6. Data collection for the execution of pre-contractual measures and for the fulfillment of the contract

a) Type and scope of data processing

In the pre-contractual area and upon conclusion of the contract, we collect personal data about you. This concerns, for example, first and last name, address, e-mail address, telephone number or bank details.

b) Purpose and legal basis of the data processing

We collect and process this data exclusively for the purpose of executing the contract or fulfilling pre-contractual obligations.

The legal basis for this is Art. 6 (1) (b) GDPR. If you have also given your consent, the additional legal basis is Art. 6 (1) (a) GDPR.

c) Storage period

The data will be deleted as soon as they are no longer required for the purpose of their processing, e.g. after termination of the contract.

In addition, there may be legal storage obligations, for example, storage obligations under commercial or tax law in accordance with the German Commercial Code (HGB) or the German Fiscal Code (AO). If such retention obligations exist, we will delete your data after these retention periods have expired.

 

7. Data transmission

We will only share your personal information with third parties if:

a) you have given your express consent to this in accordance with Art. 6 (1) (a) GDPR.

b) this is legally permissible and necessary according to Art. 6 (1) (b) GDPR for the fulfillment of a contractual relationship with you or for the implementation of pre-contractual measures.

c) there is a legal obligation for the disclosure pursuant to Art. 6 (1) (c) GDPR.

We may be legally obligated to transmit data to government authorities, e.g. tax authorities, social insurance carriers, health insurance companies, supervisory authorities and law enforcement agencies.

d) the disclosure is necessary in accordance with Art. 6 (1) (f) GDPR for the protection of legitimate business interests, as well as for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data.

e) we use external service providers (so-called processors) for the processing of your data in accordance with Art. 28 GDPR, who are obliged to handle your data with care.

We use such service providers in the areas of:

·      IT

·      Logistics

·      Telecommunications

·      Distribution

·      Marketing

When transferring data to external bodies in third countries, i.e. outside the European Union (EU) or the contracting states to the Agreement on the European Economic Area (EEA), we ensure that these bodies treat your personal data with the same care as within the EU or EEA. We only transfer personal data to third countries for which the EU Commission has confirmed an adequate level of protection or if we ensure the careful handling of personal data through contractual agreements or other suitable guarantees.

 

8. Application possibility

a) Type and scope of data processing

You can apply on our website or by e-mail. When you apply, we collect and store the data that you enter in the input mask or that you send us by e-mail.

If you use our application page on the "Softgarden" portal, the application documents you upload there will first be stored by our service provider softgarden e-recruiting GmbH, Tauentzienstraße 14, 10789 Berlin, which will forward them to us. This includes, in particular, contact data, cover letter, resume and references. Further information on data protection at softgarden can be found at: https://network.softgarden.io/#/privacy-policy/en

b) Purpose and legal basis

We process your data only for the purpose of processing your application. Your data will not be passed on to third parties. The legal basis for the processing is Art. 88 (1) GDPR in conjunction with. § 26 BDSG and additionally Art. 6 (1) (b) GDPR.

If you give us consent to include you in our applicant pool, the legal basis is Art. 6 (1) (a) GDPR.


c) Storage period

If we are unable to offer you a position, we will store your data for a maximum of six months after the end of the application process, taking into account § 61b (1) ArbGG in conjunction with § 15 AGG. The start of the period is the receipt of the rejection letter.

If you have given us consent to include you in our applicant pool, we will store your data for a maximum of two years.

d) Data transfer

Your data will only be disclosed to the departments involved in the decision (responsible personnel or specialist departments, management, works council).

In addition, we may be obliged to disclose your data to public bodies and institutions (e.g. public prosecutor's office, police, supervisory authorities, tax office, social security institutions, etc.).

Other data recipients may be those entities for which you have given us your consent to transfer data.

 

9. Comment function

a) Type and scope of data processing

On our website you can comment on posts in our blog. When you comment on a post, we collect and store the data you enter in the input mask. In addition to the comments you leave, we also store and publish information about the time you entered your comments and possibly the user name you chose (pseudonym). Furthermore, the IP address assigned by the Internet service provider (ISP) is stored. A transfer to third parties does not take place.

b) Purpose and legal basis

The storage of the data transmitted by you (e.g. the IP address) is carried out for security reasons and in the event that the rights of third parties are violated by a submitted comment or illegal content is posted.

No disclosure of this collected personal data to third parties will take place, unless such disclosure is required by law or serves our legal defense.

The legal basis for the processing of personal data is, if and insofar as your consent is given, Art. 6 (1) (a) GDPR. You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

Another legal basis is Art. 6 (1) (f) GDPR, as we have a legitimate interest in clarifying the facts and the associated legal prosecution, if third party rights are violated or illegal content is posted.

c) Storage period

The comments and the associated data (e.g. IP address) are stored and remain on our website until the commented content is completely deleted or the comments have to be deleted for legal reasons.

 

10. Contact form

a) Type and scope of data processing

On our website, we offer you the opportunity to contact us via a form provided. During the process of sending your request via the contact form, reference is made to this data protection declaration in order to obtain your consent.

If you make use of the contact form, the following personal data will be processed:

·      Salutation

·      Name

·      E-mail address

·      Phone number

·      Subject

·      Message content

b) Purpose and legal basis

Your e-mail address is used for the purpose of sending you an e-mail reply to your inquiry. When using the contact form, your personal data will not be passed on to third parties.

The legal basis for the processing is your consent according to Art. 6 (1) (a) GDPR.

c) Storage period

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request).

Mandatory legal provisions - in particular retention periods according to the German Commercial Code (HGB) or the German Fiscal Code (AO) - remain unaffected.

 

11. Contact options by e-mail

On our website, they have a contact option via e-mail.

a) Type and scope of data processing

You can contact us by e-mail. Our data collection is limited to the e-mail address of the e-mail account you use to contact us as well as the personal data you provide as you wish when contacting us.

b) Purpose and legal basis

The purpose of the data processing is to answer your request appropriately. The legal basis for this is Art. 6 (1) (f) GDPR.

c) Storage period

The duration of the storage of the above data depends on the background of your contact. Your personal data will be deleted regularly if the purpose of the communication no longer applies and storage is no longer necessary. This may result, for example, from a processing of your request.

 

12. Registration with the Serviceplan Alumni Program

a) Type and scope of data processing

On our website, former employees have the opportunity to become members of the "Club of Communication" via a form provided and to stay in contact with us via the Serviceplan Alumni Program. As a member of the Club of Communication, you will be regularly invited to events, receive regular newsletters and can subscribe to the magazine TWELVE free of charge.

As part of the process of submitting your membership request via the contact form, reference is made to this Privacy Policy to obtain your consent.

If you send us a membership request via the online form, the following personal data of you will be processed via it:

·      Salutation

·      Title

·      First name

·      Last name

·      E-mail address

·      Company

·      Street

·      ZIP CODE

·      Location

b) Purpose and legal basis

The data we collect when you register for the Serviceplan Alumni Program will be used exclusively for the purpose of advertising events, newsletters and the mailing of our TWELVE magazine.

When using the contact form, your personal data will not be passed on to third parties.

The legal basis for the processing is your consent according to Art. 6 (1) (a) GDPR.

c) Storage period

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies.

Mandatory legal provisions - in particular retention periods according to the German Commercial Code (HGB) or the German Fiscal Code (AO) - remain unaffected by this.

 

13. Newsletter

a) Type and scope of data processing

On our website there is the possibility to subscribe to a free regular e-mail newsletter. In order to send you the newsletter regularly, we need your e-mail address.

In connection with the newsletter dispatch, your data will be passed on to our newsletter service provider. Any further disclosure to third parties does not take place.

For the newsletter dispatch we use the so-called double opt-in procedure. This means that we will only send you an e-mail newsletter if you have expressly confirmed that you consent to the sending of the newsletter. For this purpose, we will send you a confirmation e-mail asking you to confirm that you wish to receive future newsletters from us by clicking on an appropriate link.

This is to ensure that only you, as the owner of the specified e-mail address, can subscribe to the newsletter. Your confirmation must take place promptly after receipt of the confirmation e-mail, otherwise your newsletter registration will be automatically deleted from our database.

When you subscribe to the newsletter, we collect and store the data you enter in the input mask (e.g. first name, last name, e-mail address).

When you register for the newsletter, we also store your IP address assigned by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. In the case of the confirmation email sent out for control purposes (double opt-in of the email), we also store the date and time of the click on the confirmation link as well as the IP address assigned by the Internet Service Provider (ISP).

b) Purpose and legal basis

The data collected by us when you register for the newsletter will be used exclusively for the purpose of addressing you in an advertising manner by way of the newsletter.

The processing of your e-mail address for the newsletter dispatch is based on your voluntarily given and at any time for the future revocable declaration of consent according to Art. 6 (1) (a) GDPR and § 7 (2) no. 3 UWG.

In addition, the processing is based on Art. 6 (1) (f) GDPR, insofar as we document the proof of the required consent.

c) Storage period

Your e-mail address will be stored as long as you have subscribed to the newsletter. After unsubscribing from the newsletter, your e-mail address will be deleted unless you have expressly consented to further use of your data.

 

14. Data protection notice for video conferences

The following data protection information relates to the use of the following video conferencing systems:

·      GoToWebinar

(hereinafter: video conferencing systems)

We would like to inform you below about the processing of personal data in connection with the use of the video conferencing systems.

Purpose of processing

We use video conferencing systems to conduct seminars and training sessions (hereinafter: "Online Meeting"). The video conferencing systems are technically provided by the respective provider. The regulations of the respective provider regarding use remain unaffected.

Responsible

The person responsible for data processing directly related to the implementation of online meetings is the respective organizer of the online meeting.

What data is processed?

Various types of data are processed when using the video conferencing systems. The scope of the processed data also depends on the data you provide before or during participation in an online meeting.

The following personal data are subject to processing:

User details: first name, last name, phone (optional), e-mail address, password (if "single sign-on" is not used), profile picture (optional), department (optional).

Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.

For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.

When dialing in with the telephone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.

Text, audio and video data: You may have the option of using the chat, question or survey functions in an "online meeting". To this extent, the text entries you make are processed in order to display them in the online meeting and, if necessary, to log them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed accordingly for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time.

To join an online meeting or enter the "meeting room", you must at least provide information about your name.

Scope of processing

If we want to record an online meeting, we will communicate this to you transparently and - where necessary - ask for consent. As a rule, online meetings are not recorded. This also applies to the chat function.

Automated decision-making within the meaning of Art. 22 GDPR is not used.

Legal bases of data processing

Insofar as you have concluded a contract with us as an event participant, the legal basis is Art. 6 (1) (b) GDPR (contract or preliminary contract).

If you have given your consent to the processing of your personal data, the legal basis is Art. 6 (1) (a) GDPR.

Insofar as personal data of Serviceplan employees is processed, § 26 (1) BDSG is the legal basis for data processing.

We only use audio or video recordings as well as functions that are not necessary for a session on the legal basis of the consent of the data subjects pursuant to Art. 6 (1) (a) GDPR. The declaration of consent is obtained in advance.

Recipient / passing on of data

Personal data processed in connection with participation in online meetings will generally not be disclosed to third parties unless it is intended for disclosure.

Data processing outside the European Union

Some of the providers of the video conferencing systems are based in the USA. Processing of personal data thus also takes place in a third country. We have concluded an order processing agreement with each of the providers that complies with the requirements of Art. 28 GDPR.

By concluding so-called EU standard contractual clauses, the providers have undertaken to comply with a level of data protection that essentially corresponds to the European level.

Please note, however, that the existence of an appropriate data protection standard for providers outside the EU / EEA - even in the event that EU standard contractual clauses are concluded - cannot be guaranteed in every case.

Data deletion

As a matter of principle, we delete personal data when there is no longer a need for further storage. Such a requirement may exist in particular if the data is still needed to fulfill contractual services. In the case of statutory retention obligations, deletion only comes into consideration after the expiry of the respective retention obligation.


Right of complaint to a supervisory authority

You have the right to complain about the processing of personal data by us to a data protection supervisory authority.

Amendment of this privacy notice

We revise this data protection notice in the event of changes to data processing or other occasions that make this necessary. You will always find the current version on this website.

 

15. Data security and backup measures

We are committed to protecting your privacy and treating your personal data confidentially. To this end, we take extensive technical and organizational security precautions, which are regularly reviewed and adapted to technological progress.

This includes, among other things, the use of recognized encryption methods (TLS). However, data disclosed in unencrypted form, for example by e-mail, can be read by third parties. We have no influence on this. It is the user's responsibility to protect the data he or she provides against misuse by encrypting it or in any other way.

 

16. Changes to the privacy policy

We reserve the right at any time to update this statement as necessary.

 

17. Your rights

Here you will find your rights in relation to your personal data. Details can be found in Articles 7, 15-22 and 77 GDPR. In this regard, you can contact us as the controller (section 2) or our data protection officer (section 3).

a) Right to revoke your data protection consent pursuant to Art. 7 (3) GDPR

You can revoke your consent to the processing of your personal data at any time with effect for the future. However, the lawfulness of the processing carried out until the revocation is not affected by this.

b) Right of access according to Art. 15 GDPR

You have the right to request confirmation as to whether we are processing personal data relating to you. If this is the case, you have the right to obtain information about this personal data as well as further information, e.g. the purposes of processing, the categories of personal data processed, the recipients and the planned duration of storage or the criteria for determining this duration.

c) Right to rectification and completion according to Art. 16 GDPR

You have the right to request the correction of inaccurate data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.*

d) Right to erasure ("right to be forgotten") according to Art. 17 GDPR

You have a right to erasure insofar as the processing is no longer necessary. This is the case, for example, if your data is no longer necessary for the original purposes, you have revoked your declaration of consent under data protection law or the data was processed unlawfully.

e) Right to restriction of processing according to Art. 18 GDPR

You have a right to restrict processing, e.g. if you believe that the personal data is incorrect.

f) Right to data portability according to Art. 20 GDPR

You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format.

g) Right of objection according to Art. 21 GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you.

In the case of direct marketing, you as the data subject have the right to object at any time to processing of personal data concerning you for the purposes of such marketing; this also applies to any profiling, insofar as it is related to such direct marketing.


h) Automated decision in individual cases including profiling according to Art. 22 GDPR

You have the right not to be subject to a decision based solely on automated processing - including profiling - except in the exceptional cases referred to in Article 22 of the GDPR.

We do not carry out decision-making based exclusively on automated processing.


i) Complaint to a data protection supervisory authority pursuant to Art. 77 GDPR

In addition, you can lodge a complaint with a data protection supervisory authority at any time if you believe that the data processing does not comply with data protection requirements.

Online tools

An overview of the online tools used on our website and information on social media can be found here

 

Status: March 2023