Privacy and Cookies

Your trust is important to us. The growney GmbH takes the protection of your personal data very seriously and adheres to the rules of data protection.

In this privacy policy, we inform you about the processing of personal data when using our website

Personal data is information that relates to an identified or identifiable person. This primarily includes information that allows conclusions to be drawn about your identity, for example your name, telephone number, address or e-mail address. Statistical data that we collect, for example, when you visit our website and that cannot be linked to your person do not fall under the concept of personal data.

1. Content of this privacy policy

1. Content of this privacy policy
2. Contact person
3. Data processing on our website
3.1 Calling up our website / access data
3.2. Applications
4. Passing on of data
5. Storage period
6. Your rights, in particular revocation and objection
7. Changes to the data protection declaration

2. Contact person
The contact person and so-called controller for the processing of your personal data when you visit this website within the meaning of the EU General Data Protection Regulation (DSGVO) is
growney GmbH
Chausseestr. 20
10115 Berlin
Phone: +49 (0) 30 2201 2467-0
Fax: +49 (0) 30 2201 2467-8

For all questions regarding data protection in connection with our products or the use of our website, you can also contact our data protection officer at any time. He or she can be reached at the above postal address and at the e-mail address given above (keyword: "attn. data protection officer"). We expressly point out that if you use this e-mail address, the contents will not be exclusively noted by our data protection officer. If you wish to exchange confidential information, please therefore first contact us directly via this e-mail address.

3. Data processing on our website
3.1 Calling up our website / access data
Each time you use our website, we collect the access data that your browser automatically transmits to enable you to visit the website. The access data includes in particular:
- IP address of the requesting device,
- Date and time of the request,
- Address of the website accessed and the requesting website,
- Information about the browser used and the operating system,
- Online identifiers (e.g. device identifiers, session IDs).

The data processing of this access data is necessary to enable the visit of the website and to ensure the permanent functionality and security of our systems. The access data is also temporarily stored in internal log files for the purposes described above, in order to compile statistical information about the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g., if the proportion of mobile devices used to access the pages increases) and to generally maintain our website administratively. The legal basis is Art. 6 para. 1 p. 1 lit. b DSGVO.
The information stored in the log files does not allow any direct inference to your person - in particular, we store the IP addresses only in shortened, anonymized form. The log files are stored for 30 days and archived after subsequent anonymization.
However, the automatic transmission of the connection data and the log files developed from it do not constitute access to the information in the end device within the meaning of the implementation laws of the ePrivacy Directive of the EU member states, in Germany § 25 TTDSG. In all other respects, however, it would be absolutely necessary anyway.

3.2 Applications
You can apply to us for open positions via our applicant management system. The purpose of the data collection is the selection of applicants for the possible establishment of an employment relationship. For the purpose of receiving and processing your application, we collect the following data in particular: First and last name, e-mail address, application documents (e.g. certificates, resume), date of earliest possible job start and salary requirement. The legal basis for processing your application documents is Art. 6 para. 1 p. 1 lit. b and Art. 88 para. 1 DSGVO in conjunction with Section 26 para. 1 p. 1 BDSG.

4. Passing on of data
Data collected by us will only be passed on if:
- you have given your express consent in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO,
- the disclosure is necessary for the assertion, exercise or defense of legal claims pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO and there is no reason to assume that you have an overriding interest worthy of protection in not having your data disclosed,
- we are legally obligated to disclose your data pursuant to Art. 6 (1) sentence 1 lit. c DSGVO, or
- this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you or for the implementation of pre-contractual measures that take place at your request.

Who receives access to your data? Within our company, those employees receive access to your data who need it to fulfill our contractual and/or legal obligations, i.e. who are entrusted with the contractual processing. In this context, this may also include service providers and vicarious agents employed by us. Insofar as we pass on your data to recipients outside our company
- this can also be a subsidiary of ours
- this is done to fulfill our contractual obligations within the scope of our business purpose, here in particular for the procurement of desired products as well as for billing purposes vis-à-vis our cooperation partners. Data may also be disclosed on the basis of statutory provisions or your express consent.In order to fulfill our contractual obligations, we cooperate with the following entities, among others:
- Product providers of financial services,
- cooperating intermediaries,
- technical and other service providers,
- lawyers, tax consultants, auditors,
- arbitration bodies

5. Storage period
In principle, we store personal data only as long as necessary to fulfill contractual or legal obligations for which we have collected the data. Thereafter, we delete the data immediately, unless we still need the data until the expiry of the statutory limitation period for evidence purposes for civil law claims or because of statutory retention obligations.

For evidentiary purposes, we must retain contractual data for three years from the end of the year in which the business relationship with you ends. Any claims become statute-barred at this point at the earliest in accordance with the standard statutory limitation period.

Even after this, we still have to store some of your data for accounting reasons. We are obliged to do so because of statutory documentation obligations that may arise from the German Commercial Code, the German Fiscal Code, the German Banking Act, the German Money Laundering Act and the German Securities Trading Act. The periods specified there for the retention of documents are two to ten years.

6. Your rights, in particular revocation and objection
You are entitled to the data subject rights formulated in Art. 15 - 21, Art. 77 DSGVO at any time:
- Right to withdraw your consent;
- Right to object to the processing of your personal data (Art. 21 DSGVO);
- Right to information about your personal data processed by us (Art. 15 DSGVO);
- Right to rectify your personal data stored by us that is incorrect (Art. 16 DSGVO);
- Right to erasure of your personal data (Art. 17 DSGVO);
- Right to restrict the processing of your personal data (Art. 18 DSGVO);
- Right to data portability of your personal data (Art. 20 GDPR);
- Right to lodge a complaint with a supervisory authority (Art. 77 DSGVO).
To exercise your rights described here, you can contact us at any time using the contact details above. This also applies insofar as you wish to receive copies of guarantees demonstrating an adequate level of data protection. Provided that the respective legal requirements are met, we will comply with your data protection request.

Your requests to assert data protection rights and our responses to them will be stored for documentation purposes for a period of up to three years and, in individual cases, even longer for the assertion, exercise or defense of legal claims. The legal basis is Art. 6 (1) p. 1 lit. f DSGVO, based on our interest in defending against any civil claims under Art. 82 DSGVO, avoiding fines under Art. 83 DSGVO and fulfilling our accountability obligations under Art. 5 (2) DSGVO.

You have the right to revoke your consent at any time. This has the consequence that we no longer continue the data processing based on this consent for the future. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Insofar as we process your data on the basis of legitimate interests, you have the right to object to the processing of your data at any time on grounds relating to your particular situation. If it is a matter of objecting to data processing for direct marketing purposes, you have a general right of objection, which will also be implemented by us without giving reasons.If you wish to exercise your right of revocation or objection, it is sufficient to send an informal message to the above contact details.

Finally, you have the right to complain to the data protection supervisory authority responsible for us. You can assert this right at a supervisory authority in the member state of your residence, your workplace or the location of the alleged violation. In Berlin, our headquarters, the competent supervisory authority is: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.

7. Changes to the data protection declaration
We occasionally update this privacy policy, for example when we adapt our website or when legal or regulatory requirements change.