Stand: Dezember 2025
1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:
Medios AG
Heidestraße 9 | 10557 Berlin
T +49 30 232 566 800
info@medios.group
2. Contact for data protection
If you have any questions about data protection or wish to exercise your rights, you can contact our Data Protection Officer:
c/o ISiCO GmbH
Am Hamburger Bahnhof 4 | 10557 Berlin
T +49 30 213 002 850
medios@isico.de
3. General information on data processing
3.1 Scope of processing
As a rule, we process personal data only to the extent necessary to provide a functional website and our content and services, or if you have given your consent to the processing.
3.2 Legal bases of processing
Where we obtain the consent of the data subject for processing operations involving personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
If the processing of personal data is necessary for the performance of a contract with you or for the implementation of pre-contractual measures, the processing is based on Art. 6 para. 1 lit. b GDPR.
If processing is necessary for compliance with a legal obligation to which we are subject, we rely on Art. 6 para. 1 lit. c GDPR.
If processing is necessary for the purposes of our legitimate interests or those of a third party and your interests or fundamental rights and freedoms do not override those interests, the processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. Legitimate interests may in particular include:
3.3 Recipients of data / processing on behalf
Where we commission external service providers to process personal data (e.g. hosting, maintenance, newsletter dispatch, marketing tools), this is done only on the basis of a data processing agreement in accordance with Art. 28 GDPR. The service providers process the data exclusively in accordance with our instructions and not for their own purposes.
3.4 Transfers to third countries
Where data is transferred to recipients in countries outside the European Union (EU) or the European Economic Area (EEA), this is done only
Information on third-country transfers in connection with individual tools can be found in the respective sections of this Privacy Policy.
3.5 Storage period
We store personal data only for as long as is necessary for the purposes described or for as long as we are legally obliged to do so (e.g. statutory commercial and tax retention obligations). After this, the data is deleted or anonymised.
3.6 Use of cookies and similar technologies
Cookies and comparable technologies are used on our website. These may be technically necessary to provide the website or may – with your consent – be used for statistical and marketing purposes.
Detailed information about the cookies used (types, purposes, storage periods, services used, as well as settings and withdrawal options) can be found in our Cookie Notice at the following link: https://medios.group/cookies
In this Privacy Policy, cookie-related information is only presented to the extent necessary to understand the respective data processing operations. Please refer exclusively to the Cookie Notice for specific cookie details.
4. Visiting the website
4.1 Server log files
hen you access our website, the browser used on your device automatically sends information to our server, which is temporarily stored in so-called server log files. This information is in particular:
Processing is carried out for the following purposes:
Processing is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in ensuring the operation, security and optimisation of our website as described above.
Recipients of the data may, where applicable, be technical service providers (e.g. hosting providers) who act as processors on our behalf.
As a rule, the log files are deleted after no more than 14 days. Longer storage only takes place in justified individual cases (e.g. in the event of security incidents). In these cases, the IP address is anonymised as far as possible.
The provision of the aforementioned data is technically necessary for the operation of the website. Without processing the IP address and other technical information, it is not possible to access our website.
5. Hosting and other technical service providers
5.1 Website hosting
Our website is operated by an external service provider (hosting provider). The personal data collected on our website is processed on its servers. This may include in particular IP addresses, contact and communication data, contract data, meta and communication data, website access data and other data generated via the website.
Processing serves the secure and efficient operation of our online presence.
The legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the reliable provision and technical administration of our website.
We have concluded a data processing agreement with the hosting provider pursuant to Art. 28 GDPR.
5.2 Content management system (TYPO3)
We use the TYPO3 content management system for the creation and maintenance of our website. When you use our website, personal data (in particular IP address, usage data) is processed on the servers of the hosting provider on which TYPO3 is operated.
The purpose of processing is the user-friendly and efficient management of website content.
The legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in a professional presentation of our online offering and technically stable website.
The data is forwarded to our hosting provider as processor. There is no separate evaluation by the TYPO3 developers.
5.3 Security and performance service provider (Cloudflare)
We use the services of Cloudflare, provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare offers a globally distributed content delivery network in which copies of our website are created and stored on Cloudflare’s servers. This ensures that when you access our website, the content is delivered from the server that can display our website to you the fastest. Cloudflare also blocks threats and limits abusive bots and crawlers that would slow down website access or attack our systems.
To use the content delivery network, data traffic between your browser and our website flows via Cloudflare’s infrastructure.
In particular, the following data may be processed:
The purpose of processing is to protect our website against attacks (e.g. DDoS attacks), improve performance and ensure stable delivery of content.
We base this data processing on Art. 6 para. 1 lit. f GDPR. Our legitimate interest consists in the secure and efficient operation of our website. Where required, a data processing agreement pursuant to Art. 28 GDPR has been concluded with Cloudflare.
Cloudflare may process data on servers outside the EU/EEA (in particular the USA). Where necessary, transfers are based on appropriate safeguards (e.g. EU standard contractual clauses and/or certification under the EU-U.S. Data Privacy Framework). Further information can be found in Cloudflare’s privacy notice at https://www.cloudflare.com/de-de/privacypolicy/.
6. Contact
You can contact us via the contact options provided (e.g. e-mail, telephone, contact form where applicable).
We process the data you transmit as part of the contact (e.g. name, contact details, content of the message, time and technical metadata) for the purpose of handling your request and in case of follow-up questions.
The legal basis is Art. 6 para. 1 lit. b GDPR if your request is connected with the initiation or performance of a contract or is necessary for the implementation of pre-contractual measures, and otherwise Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in processing enquiries and communicating with (potential) customers, business partners and other third parties.
Where we ask you for explicit consent (e.g. for disclosure to third parties), processing is based on Art. 6 para. 1 lit. a GDPR.
Within our organisation, your data is only passed on to those departments that need it to process your request. External recipients (e.g. IT service providers) only receive the data insofar as this is necessary to provide the communication channels or if you have given your consent.
As a rule, we store your enquiries for the duration of processing and subsequently in accordance with statutory retention periods, insofar as they are relevant for business (regularly up to 6 or 10 years). Pure information enquiries without business relevance are usually deleted after the communication has been completed.
7. Newsletter
The following applies to our newsletter or comparable electronic information services:
To register for our newsletter, we collect the data you provide (in particular e-mail address, name where applicable) via an appropriate registration form.
To verify your e-mail address, we use the double-opt-in procedure. After registration, you receive an e-mail in which you are asked to confirm your registration. The newsletter will only be activated after confirmation.
The newsletter is sent on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR. Logging of the registration process is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in having a verifiable, legally compliant consent process.
We may use external service providers (e.g. e-mail and marketing service providers) to send the newsletter, with whom data processing agreements have been concluded.
Your data is stored for as long as the newsletter subscription is active. After unsubscribing, your data is deleted from the mailing lists or restricted for a reasonable period for the purpose of proving your previous consent.
You may withdraw your consent to receive the newsletter at any time with effect for the future, e.g. via the unsubscribe link at the end of each newsletter or via the contact options given above.
8. Applications
If you apply to us, we process your personal data in connection with the application process.
We process your application data (e.g. master data, contact details, qualifications, CV, references, communication content) for the following purposes:
The legal basis for this data processing depends on the relevant purpose:
Within our company, only those departments involved in deciding on the filling of the position (e.g. HR department and relevant specialist department) have access to your data.
External service providers (e.g. providers of application or HR management software, IT service providers, file and data carrier destruction companies) only receive your data to the extent necessary to provide their services. They are contractually obliged to treat your data confidentially.
If you are not hired, we delete your application documents no later than six months after the end of the application process (i.e. receipt of rejection), unless other legitimate interests (e.g. preservation of evidence in proceedings under the German General Equal Treatment Act (AGG)) require longer storage.
If you have consented to longer storage of your application data (e.g. inclusion in an applicant pool), the data will be deleted at the latest after expiry of the period specified in the consent.
If you are hired, your application documents will be added to your personnel file and stored for the duration of the employment relationship.
9. Tools and services used
9.1 HubSpot
We use HubSpot, a service provided by HubSpot Ireland Limited, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, to support marketing, sales and communication processes (e.g. contact forms, e-mail campaigns, CRM functions).
Processing takes place for the following purposes:
In particular, the following data is processed:
For processing your enquiries and initiating/executing contracts, Art. 6 para. 1 lit. b GDPR applies. For sending newsletters and other electronic direct advertising Art. 6 para. 1 lit. a GDPR (consent) or Art. 6 para. 1 lit. f GDPR in conjunction with Section 7 para. 3 German Act against Unfair Competition (UWG), where legally permissible, and for internal analyses and optimisation of our marketing and sales processes Art. 6 para. 1 lit. f GDPR serves as the legal basis. Our legitimate interest lies in efficient and targeted customer communication.
HubSpot is used within the EU (HubSpot Ireland) as processor. However, data may be transferred to third countries (in particular the USA) to HubSpot Inc. HubSpot bases international data transfers on appropriate safeguards (e.g. EU standard contractual clauses and, where applicable, certification under the EU-U.S. Data Privacy Framework). Further information can be found in HubSpot’s privacy notice at https://legal.hubspot.com/de/privacy-policy.
A data processing agreement pursuant to Art. 28 GDPR has been concluded with HubSpot.
Data is deleted as soon as it is no longer required for achieving the purpose for which it was collected and statutory retention obligations do not prevent deletion. We regularly delete or anonymise contact data in our CRM when there is no longer any recognisable link to a business relationship.
9.2 Google reCAPTCHA
Our website uses the Google reCAPTCHA service, which is provided for persons from the European Economic Area and Switzerland by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and for all other persons by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (together “Google”).
reCAPTCHA prevents automated software (so-called bots) from carrying out abusive activities on the website, i.e. it checks whether the entries made actually come from a human. For this purpose, reCAPTCHA uses JavaScript and stores cookies and information in the local storage on your device. In particular, the following data is processed:
Use of reCAPTCHA is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in protecting our website against abusive automated access. Where reCAPTCHA is used in connection with forms whose use by you is based on consent to cookies/tools, Art. 6 para. 1 lit. a GDPR may additionally be the legal basis.
The recipient of the data is Google. Data may be transferred to the USA or other third countries. Google bases such transfers on appropriate safeguards (e.g. EU standard contractual clauses, EU-U.S. Data Privacy Framework).
Further information can be found in Google’s privacy notice at https://policies.google.com/privacy?hl=de.
9.3 Consent management with Cookiebot
To obtain and manage your consent to the use of cookies and similar technologies, we use the Cookiebot tool, a service provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (“Cookiebot”).
When you first visit our website (and again where necessary), Cookiebot displays a consent banner that informs you about the type and scope of the technologies used and allows you to consent to or reject optional categories (e.g. statistics, marketing). Cookiebot records and logs your selection so that we can prove your consent in a legally compliant manner and take your preferences into account on future visits.
For this purpose, Cookiebot processes in particular:
Cookiebot also sets a technically necessary cookie on your device to store your selection. This cookie is generally valid for up to 12 months; after this period or if you delete your cookies, consent will be requested again on your next visit.
Cookiebot is used to fulfil our legal obligations to obtain and document consents pursuant to Art. 6 para. 1 lit. c GDPR and on the basis of our legitimate interest in legally compliant and user-friendly consent management pursuant to Art. 6 para. 1 lit. f GDPR. Access to or storage of the information required for this purpose on your device is technically necessary to provide consent management and therefore takes place on the basis of Section 25 para. 2 German Telecommunications-Telemedia Data Protection Act (TDDDG).
The recipient of the data is Cybot A/S as part of processing pursuant to Art. 28 GDPR. At present, no data is transferred to third countries. Should this change in future (e.g. through the use of additional Cookiebot functions involving third countries), we will adapt this information accordingly.
You can change your selection (consent/withdrawal) at any time with effect for the future. To do so, use the “Cookie settings” / “Privacy settings” area linked in the banner or in the footer of our website. There you can withdraw or grant your consent for individual categories or services.
10. Social Media
We maintain online presences on social networks in order, among other things, to communicate with customers and interested parties and to provide information about our products and services.
10.1 Processing for advertising purposes by the social network providers
As a rule, user data is processed by the respective social networks for market research and advertising purposes. Usage profiles can be created based on the interests of the users. For this purpose, cookies and other identifiers are stored on the devices of the data subjects. These usage profiles are then used, for example, to display adverts within the social networks and also on third-party websites.
The legal basis for data processing carried out under the own responsibility of the social networks can be found in the privacy notices of the respective social network. In the links below, you will also find further information on the respective data processing and on options for objection.
10.2 Processing for statistical purposes
In the context of operating our online presences, we may be able to access information such as usage statistics relating to our online presences, which are provided by the social networks. These statistics are aggregated and may contain, in particular, demographic information (e.g. age, gender, region, country) as well as data on interaction with our online presences (e.g. likes, subscriptions, shares, viewing of images and videos) and the posts and content shared via them. They may also provide information on users’ interests and which content and topics are particularly relevant to them. We can also use this information to adapt the design and our activities and content on the online presence and optimise them for our audience. For details and links to the data from the social networks to which we, as operators of the online presences, have access, please refer to the list below. The collection and use of these statistics is generally subject to joint controllership. Where this is the case, the corresponding agreement is listed below.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, based on our legitimate interest in effective information and communication with users, and Art. 6 para. 1 lit. b GDPR, in order to stay in contact with our customers and inform them as well as to carry out pre-contractual measures with interested parties.
10.3 Access to publicly available information
If you have an account with the social network, it is possible that we can see the information you have made publicly available (e.g. your username) and media (e.g. images and videos) when we access your profile. In addition, the social network may allow us to contact you. This can take place, for example, via direct messages or via posts. The content of communication via the social network and processing of the content data is the responsibility of the social network as a messenger and platform service. For this processing, we refer to the privacy notices of the respective social network.
10.4 Processing of publicly available information
As soon as we transfer or further process your personal data in our own systems, we are independently responsible for such processing. Processing then takes place for the implementation of pre-contractual measures and fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR or to safeguard our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR in order to contact customers.
10.5 Data protection rights
We would point out that data protection requests can most effectively be asserted with the respective provider of the social network, as only these providers have access to the data and can take direct measures. Of course, you can also contact us with your request. In this case, we will process your request and forward it to the social network provider.
10.6 Online presences used
Below is a list of the social networks on which we operate online presences, including further information:
11. Rights of data subjects
You have the rights set out in Art. 7 para. 3, Art. 15–22 GDPR at all times, subject to the respective legal requirements:
To exercise the rights described here, you can contact us at any time using the contact details given above.
11.1 Recht auf Widerruf und Widerspruch
Right of withdrawal (Art. 7 para. 3 GDPR)
You have the right to withdraw at any time any consent you have given pursuant to Art. 6 para. 1 lit. a GDPR. As a result, we will no longer continue the data processing that was based on this consent in the future. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Right to object (Art. 21 GDPR)
General objection: Where we process your data on the basis of Art. 6 para. 1 lit. f GDPR (legitimate interests) or Art. 6 para. 1 lit. e GDPR, you may object to the processing at any time on grounds relating to your particular situation.
Objection to direct marketing: Where we process your data for direct marketing purposes, you may object to the processing at any time without giving reasons.
Exercising your rights
If you wish to exercise your right of withdrawal or objection, it is sufficient to send an informal notification to the contact details given above.
11.2 Right to lodge a complaint
You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). You may exercise this right, for example, with a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.
In Berlin, where our main office is located, the competent supervisory authority is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit, Alt-Moabit 59–61, 10555 Berlin.
12. Automated decision-making
No automated decision-making, including profiling, within the meaning of Art. 22 GDPR that produces legal effects concerning you or similarly significantly affects you takes place. However, in the context of using technologies to personalise our services, automated decisions on personalised content and advertising displayed or sent may be made. These decisions are then based on usage data automatically collected beforehand or on information you have provided yourself, for example via form fields. On the basis of this data, we create a profile that helps select appropriate content and advertising. Personalised advertising is only displayed with your prior consent.
13. Up-to-dateness and amendment of this Privacy Policy
We adapt this Privacy Policy from time to time, e.g. in the event of changes in the legal situation, the services we use or our processing operations. The current version of the Privacy Policy published on this website always applies.
Please check this Privacy Policy regularly for updates.
Your Rights as a Data Subject
You can exercise the following rights at any time by contacting our data protection officer using the details below
If you consent to processing, you can withdraw this consent at any time with future effect.
You can submit a complaint to a supervisory authority at any time, for example to the authority with jurisdiction for the federal state where you live or the authority with jurisdiction for the area in which we are based.
For a list of supervisory authorities (for the non-public sector) and their addresses, see:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Collection of General Information about Visitors to Our Website
Nature and Purpose of Processing
Information of a general nature is automatically collected whenever you access our website, i.e. even if you do not register or otherwise transfer information to us. This information (server log files) includes the type of web browser, the operating system used, the domain name of your Internet service provider and your IP address, for example.
This data is processed for the following purposes in particular
We do not use your data as a means of identifying you. Under certain circumstances, we may anonymize the data and then use it to carry out statistical evaluations with a view to optimizing our website and the underlying technology.
Legal Basis and Legitimate Interest
Data is processed in accordance with Article 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.
Recipients
Technical service providers involved in the operation and maintenance of our website as processors may act as recipients of the data.
Duration of Storage
The data is erased as soon as it is no longer required for the purpose for which it was collected. Data used to provide the website is always erased as soon as the relevant session ends.
If the data is stored in log files, it is erased after 14 days at the latest. Under certain circumstances, the data may be stored for longer. Users' IP addresses are anonymized in such cases, making it impossible to assign an individual user to a calling client.
Requirement to Provide Data
Provision of the above-mentioned personal data is not required by law or by contract. The service and functionality of our website cannot be guaranteed if no IP address is provided, however. Individual services may also be unavailable or restricted. There is therefore no option to object.
Cookies
Like many other websites, we use "cookies". Cookies are small text files that are stored on your end device (laptop, tablet, smartphone) when you visit our website.
You can delete individual cookies or all of the cookies that have been stored. You can also access information and guidance on how to delete these cookies or how to stop them from being stored in the first place. The relevant information can be found by following the appropriate link below for your browser provider:
Duration of storage and cookies used:
Information on the cookies used and the storage period as well as setting options can be found here.
Technical Cookies
Nature and Purpose of Processing
We use cookies to make our website more user-friendly. Certain elements on our website require the calling browser to be identifiable even after the user has moved to another page.
The purpose of using technical cookies is to streamline the user experience for website visitors. Some of our website's functions can only be offered if cookies are used. They require the browser to be identifiable even after the user has moved to another page.
Legal Basis and Legitimate Interest
Data is processed in accordance with Article 6(1)(f) GDPR on the basis of our legitimate interest in achieving a user-friendly design for our website.
Recipients
Technical service providers involved in the operation and maintenance of our website as processors may act as recipients of the data.
Requirement to Provide Data
Provision of the above-mentioned personal data is not required by law or by contract. The service and functionality of our website cannot be guaranteed if this data is not provided, however. Individual services may also be unavailable or restricted.
Objection
Further information about your right to object pursuant to Article 21 GDPR is provided below.
Non-technical Cookies
We also use cookies to tailor our website more effectively to our visitors' interests or to make general improvements on the basis of statistical analysis.
Please refer to the information below about the display, tracking, remarketing and web analytics technologies we use in order to find out which providers store cookies.
Legal Basis
The legal basis for processing of this kind is your consent pursuant to Article 6(1)(a) GDPR.
Recipients
Technical service providers involved in the operation and maintenance of our website as processors may act as recipients of the data.
Please refer to the information below about the display, tracking, remarketing and web analytics technologies we use in order to find out about other recipients.
Transfers to Third Countries
Further information on this topic can be found in the information on the individual display, tracking, remarketing and web analytics providers.
Requirement to Provide Data
As a general rule, our website will remain accessible even if you choose not to accept cookies. Web browsers are normally configured to accept cookies, but this can usually be disabled at any time in the browser settings (see "Withdrawal of Consent").
Some of our website's features might not work if you have disabled cookies, however.
Withdrawal of Consent
You can withdraw your consent at any time using our cookie consent tool.
Profiling
Please refer to the information below about the display, tracking, remarketing and web analytics technologies we use in order to find out more about how we analyze the behavior of visitors to our website using pseudonymized user profiles.
Newsletter
Nature and Purpose of Processing
We collect personal data provided to us via an entry form for the purpose of sending out our newsletter.
We require a working email address for a valid subscription. We use a double opt-in procedure to verify that the subscription has been requested by the owner of the email address. We log the newsletter subscription, the dispatch of the confirmation email and the receipt of the requested response. No further data is collected.
Legal Basis
We email newsletters or similar information on a regular basis to the email address you have provided, based on your explicit consent (Article 6(1)(a) GDPR).
You can withdraw your consent to the storage of your personal data and the use of this data for the purpose of sending out newsletters at any time with future effect. Each newsletter contains a link that you can click on for this purpose. You can also unsubscribe from the newsletter at any time directly on this website, or notify us of the withdrawal of your consent using the contact details provided at the end of this Privacy Policy.
Recipients
Processors may act as recipients of the data.
Duration of Storage
Data is only processed in this context if the relevant consent is still valid. It is then erased.
Requirement to Provide Data
You provide your personal data in accordance with a voluntary and solely consent-based approach. We regret to inform you that we cannot send you our newsletter if you have not granted prior consent.
Withdrawal of Consent
You can withdraw your consent to the storage of your personal data and the use of this data for the purpose of sending out newsletters at any time with future effect. You can unsubscribe using the link provided in every email or by contacting the data protection officer named below or the individual responsible for data protection.
Job Applications
Your personal data will be processed centrally by Medios AG, regardless of the individual Medios Group company to which you have submitted your application.
Nature, Purpose and Legal Basis
We process personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
Decision on the Establishment of an Employment Relationship (Article 6(2) GDPR in Conjunction with Article 88 GDPR and Section 26(1) BDSG)
We will use the data you provide exclusively for the purpose of evaluating and selecting suitable candidates and for making contact with you.
For the Purpose of Weighing up Interests (Article 6(1)(f) GDPR)
Where necessary, we will process your data beyond the actual performance of the contract with a view to protecting either our legitimate interests or the legitimate interests of third parties. Examples of such instances include the following:
On the Basis of Your Consent (Article 6(1)(a), Article 9(2)(a) GDPR in Conjunction with Article 88 GDPR and Section 26(2) BDSG)
If you have granted consent to the processing of your personal data, this data will only be processed for the purposes specified in the declaration of consent and within the agreed scope. Consent that has been granted can be withdrawn at any time with future effect. A withdrawal of consent only applies to future processing, and does not affect the lawfulness of the data processed up until the date of the withdrawal. You will not suffer any disadvantages if you withdraw your consent. This applies in the case of consent to the long-term storage of your application documents for consideration in connection with further job openings if your application is initially refused.
On the Basis of Legal Obligations (Article 6(1)(c) GDPR in Conjunction with Article 88 GDPR and Section 26 BDSG)
We are subject to various legal obligations that make it necessary for us to process data. Examples include statutory accounting obligations and compliance with control and reporting obligations under tax law. In addition, it may be necessary for us to disclose personal data in connection with official/judicial measures relating to the collection of evidence or the enforcement of claims under civil law.
Who Will Have Access to My Data
Within the Company?
The departments of the company that will have access to your data are those that require such access for the purpose of complying with contractual, legal or supervisory obligations or protecting legitimate interests (e.g. the HR department or the representative body for severely disabled employees).
Processors
Service providers and vicarious agents employed by us as processors may also receive data for these purposes if they require the data for the purpose of performing their respective services. They may include other Group companies and/or external service providers in the following areas:
All service providers are contractually bound and obliged to treat your data confidentially.
How Long Will You Store My Data?
If we reject your application, it will be erased six months after you have been notified of our decision. If you consent to the long-term storage of your application documents for consideration in connection with further job openings, your application will be erased after one year at the latest. If we enter into an employment relationship with you, the application documents will be stored for at least the duration of your employment by the Medios Group.
Am I Obliged to Provide My Personal Data?
The provision of personal data is not required by law or by contract. It will not be possible to process your application if you do not provide this data, however.
To What Extent Do You Use Automated Decision-making Procedures?
We do not use any fully automated decision-making procedures within the meaning of Article 22 GDPR to establish, execute or terminate employment relationships. If we do use any such procedures in individual cases, we will notify you accordingly and provide you with separate information about your rights in this connection if we are required to do so by law.
Do You Use Profiling Procedures?
We do not process your data with the aim of automatically evaluating certain aspects of your person.
Use of Google Analytics
Provided that you have granted consent, this website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: "Google"). Google Analytics uses "cookies," i.e. text files that are stored on your computer and that allow your use of the website to be analyzed. The information generated about your use of this website by the cookie is usually transferred to a US-based Google server and stored there. Since IP anonymization has been enabled on this website, however, Google will truncate your IP address in advance if you are in an EU Member State or another of the Contracting Parties to the Agreement on the European Economic Area. The full IP address will only be transferred to a US-based Google server and truncated there in exceptional cases. The IP address provided by your browser in connection with Google Analytics will not be merged with other Google data.
Further information on the conditions of use and data protection can be found at the following links: https://marketingplatform.google.com/about/analytics/terms/us/ and https://policies.google.com/?hl=en-us
Google uses this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities and to provide further services to the website operator relating to website use and Internet use.
The data we send relating to cookies, user IDs or advertising IDs is automatically erased after 14 months. Data that is older than 14 months is erased automatically once per month.
Withdrawal of Consent
You can prevent Google Analytics from tracking you on our website by clicking on this link. An opt-out cookie will be installed on your device for this purpose. This will prevent Google Analytics from collecting this information for this website and this browser in the future, provided that the cookie remains installed in your browser.
You can also prevent cookies from being stored by changing your browser software settings accordingly; if you do so, however, you may not be able to use all of our website's functions in their entirety.
You can also prevent Google from collecting the data that is generated by the cookie in relation to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plugin available at the following link: Browser add-on to disable Google Analytics.
Use of Google Maps
We use Google Maps on our website. Google Maps is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google"). This allows us to display interactive maps directly on the website, and provides you with convenient access to a map function.
Further information about the processing of data by Google can be found in the Google Privacy Policy: https://policies.google.com/privacy. You can also change your personal data protection settings in the data protection center by following the same link.
Detailed guidance on managing your data when using Google products can be found at: https://www.dataliberation.org.
When you visit our website, Google is notified that you have accessed the relevant subpage of our website. This notification takes place regardless of whether you have a user account with Google and whether you are logged in to your account. If you are logged in to your Google account, your data will be linked directly to your account.
If you do not wish your data to be linked to your Google profile, you must log out of Google before activating the button. Google stores data in the form of user profiles and uses this data for advertising, market research and/or needs-based website design purposes. In particular, analyses of this kind are carried out (even for users who are not logged in) for the purpose of providing tailored advertising and for the purpose of informing other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles, but you must contact Google in order to exercise this right.
Withdrawal of Consent
The provider does not currently provide any straightforward option for opting out or blocking data transfers. If you wish to prevent the tracking of your activities on our website, please use the cookie consent tool to withdraw your consent for the corresponding cookie category or all non-technical cookies and data transfers. If you do so, however, you may not be able to use our website, or your use of the website may be restricted.
Google AdWords
Our website uses Google conversion tracking. The company operating the Google AdWords services is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you access the website via a Google advertisement, Google Ads stores a cookie on your computer. The conversion tracking cookie is stored when a user clicks on an advertisement placed by Google.
If the user visits certain pages of our website and the cookie has not yet expired, we and Google can see that the user has clicked on the ad and been redirected to this page. Google uses a different cookie for each Google AdWords customer. This means that cookies cannot be tracked via AdWords customers' websites. The information collected by means of the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are informed of the total number of users who have clicked on their ad and were redirected to a page tagged with a conversion tracking tag. They are not given any information that allows them to identify individual users, however.
Further information about the processing of data by Google can be found in the Google Privacy Policy: https://policies.google.com/privacy. You can also change your personal data protection settings in the data protection center by following the same link.
Withdrawal of Consent
The provider does not currently provide any straightforward option for opting out or blocking data transfers. If you wish to prevent the tracking of your activities on our website, please use the cookie consent tool to withdraw your consent for the corresponding cookie category or all non-technical cookies and data transfers. If you do so, however, you may not be able to use our website, or your use of the website may be restricted.
SSL Encryption
We use state-of-the-art encryption methods (e.g. SSL) via HTTPS to protect the security of your data during transfers.
Information About Your Right to Object Pursuant to Article 21 GDPR
Right to Object in Individual Cases
You have the right to object at any time, for reasons relating to your specific situation, to the processing of personal data concerning you that is processed on the basis of Article 6(1)(f) GDPR (processing of data on the basis of a weighing up of interests); this also applies to profiling based on this provision within the meaning of Article 4(4) GDPR.
If you object, we will no longer process your personal data unless we can supply compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing is necessary to enforce, exercise or defend legal claims.
Recipient of Objections
Medios AG
Heidestraße 9, 10557 Berlin
datenschutz@medios.group
Amendments to the Privacy Policy
We reserve the right to amend this Privacy Policy to ensure that it always complies with current legal requirements and that it reflects changes to our services, e.g. if new services are introduced. The new Privacy Policy will apply from your next visit.
Questions for the Data Protection Officer
If you have any questions relating to data protection, please email us or directly contact the individual within our organization responsible for data protection:
c/o ISiCO GmbH
Am Hamburger Bahnhof 4 | 10557 Berlin
T +49 30 213 002 850
E-Mail: medios@isico-datenschutz.de
This Privacy Policy was created with the help of activeMind AG, the expert for external data protection officers (version #2020-09-30).