Privacy statement

We place great importance on the trustworthy and secure handling of personal data. We comply with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the Telecommunications-Telemedia Data Protection Act (TTDSG), as well as other European regulations, and aim to provide you with detailed and transparent information about the processing of your personal data in this privacy policy.

Personal data includes all data that relates to you personally, such as your name, address, email addresses, or user behavior. Regarding the further terms used below, such as "controller" or "processor," we refer to the definitions in Article 4 of the GDPR.

We have structured our information about the processing of personal data as follows:

Privacy Policy for the Website

Controller

The processing of personal data in connection with the website https://www.modell-aachen.de is carried out by:

Modell Aachen GmbH
Interactive Management Systems
Am Kraftversorgungsturm 5
52070 Aachen, Germany
Email: qwiki@modell-aachen.de
(“Modell Aachen,” “we”)

Modell Aachen has appointed a Data Protection Officer (DPO), who can be contacted at:
Modell Aachen GmbH
Attn: Data Protection Officer
Am Kraftversorgungsturm 5
52070 Aachen, Germany
Email: datenschutz@modell-aachen.de

Types of Data and Purpose of Personal Data Processing

For purely informational use of the website, we process only the personal data that your browser transmits to our servers.
When you access the website, we process the following data based on our legitimate interests in accordance with Article 6(1)(f) GDPR, which is technically necessary for us to display our website to you and to ensure the stability and security of our IT systems:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

The processing of the IP address serves to protect against and trace hacking and cyberattacks. The processing of the remaining data ensures the delivery of our website content, the functionality of our IT systems, optimization of our website, and assurance of the website’s functionality. The log file data is always stored separately from other personal data of the users.
This processing of the aforementioned data is necessary to safeguard our legitimate interests and is justified by a balancing of interests in our favor.

We have a legitimate interest in ensuring that the website and the services offered on it function correctly from a technical perspective and are protected against attacks. Your legitimate interest in not having the aforementioned data processed does not override our legitimate interest, as we use this data appropriately for the specified purposes, which also benefit you by enabling the website to function properly.

Contact via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including all personal data arising from it (e.g., name, inquiry details, time of contact), will be stored and processed for the purpose of handling your request.
The processing of this data is based on Article 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or required for pre-contractual measures. In all other cases, the processing is based on our legitimate interest (Article 6(1)(f) GDPR), as we have a legitimate interest in effectively processing inquiries addressed to us.
The data you provide to us in connection with contact inquiries will remain with us until you request deletion or the purpose for storing the data no longer applies (e.g., after your inquiry has been fully processed). Mandatory legal provisions, especially statutory retention periods under §§ 147 AO and 257 HGB, remain unaffected.

Use of Cookies

Our website places cookies on your device. These are small text files that are used for different purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are needed to perform certain actions or use certain functions on the website (functional cookies). If we use third-party services on our website, e.g. to process payment transactions, these companies may also store cookies on your device when you access the website (so-called third-party cookies). 
If we use third-party cookies from other companies or for analysis purposes, we will inform you about this in general in the context of this data protection declaration and specifically in the further information on the individual cookies in the context of our cookie banner (purpose, duration, technical information on the type of cookie, etc.). We also request your prior consent in this regard via our cookie banner when you access our website. 
We have a legitimate interest in ensuring that our online services can be used by visitors without technical problems and that all the desired functions are available to them. The storage of necessary and functional cookies on your device is therefore carried out on the basis of Section 25 (2) no. 2 of the German Telecommunications Data Protection and Privacy Act (TDDDG) and Art. 6 (1) sentence 1 point f GDPR.  
We use all other cookies on the basis of Section 25 (1) TDDDG and Art. 6 (1) (a) GDPR, provided that you give us the appropriate consent. 
With regard to consent given, you have the option at any time to change your decision and to give your consent retrospectively or to revoke it with effect for the future. The cookie and consent banner can be accessed at any time via the symbol (paperclip), which is permanently embedded at the bottom right of our website.  
The use of the cookie banner is justified by our legitimate interests in the use of an optimized consent management system in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO. With the help of the tool, we, as the responsible party, comply with our legal obligations under the TDDDG and the DSGVO as well as the ECJ case law on cookies. There are no apparent overriding legitimate interests of the user that outweigh our interests.  

Use of Third-Party Providers (Advertising, Analytics, etc.)

We use the following tools from third-party providers to analyze the behavior of our website visitors, display advertisements to them, or provide other website functionalities.


The use of these tools requires your prior consent pursuant to Article 6(1)(a) GDPR or § 25(1) TTDSG. We obtain this consent through the cookie banner (Cookie Bot by Usercentrics) on the respective website. If you have given your consent to the use of one or more of the following services, various cookies from the third-party providers will be used, and data will be transmitted to these services. Consent may also include the transfer of certain personal data to third countries, including the United States, pursuant to Article 49(1)(a) GDPR.
You can withdraw your consent at any time with effect for the future. To do so, please use our consent and cookie banner, accessible via the icon (paperclip) permanently displayed in the lower right-hand corner of our website.

Loom Inc. (Integration of Video Content)

We use the service provider Loom Inc., headquartered at 140 2nd Street, 3rd Floor, San Francisco, United States, to embed videos on our website.
Various personal data are processed and transmitted to Loom, including your IP address and technical usage data (e.g., videos viewed, page visits, interest in content, timestamps).

LinkedIn

We use the service provider LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, to embed LinkedIn community posts on our website.

Various personal data are processed and transmitted to LinkedIn, including your IP address, usage data (e.g., visited pages, interest in content, timestamps), and potentially meta and communication data such as name, email, address, or LinkedIn login information.

Xing

We use the service provider Xing.de, operated by New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. Xing is used in connection with the “Kununu” evaluation feature, which allows users to rate Modell Aachen GmbH as an employer. For this purpose, IP addresses are also processed.

Meta Platforms (Facebook)

We use the service provider Meta Platforms Ireland Limited (“Meta”), Merrion Road, Dublin 4, D04 X2K5, Ireland, and operate a “Facebook Page” for Modell Aachen GmbH. 
Together with Meta, Modell Aachen GmbH is responsible for the collection or receipt in the context of a transmission of data that Facebook collects by means of the Facebook social plugins or in the context of the Facebook page or receives in the context of a transmission for the following purposes, in accordance with Art. 26 DSGVO: 

  1. Display of content and advertising information that matches the presumed interests of users; 
  2. delivering commercial and transactional messages (e.g. addressing users via Facebook Messenger); 
  3. improving ad delivery and personalizing features and content (e.g. improving recognition of which content or advertising information is likely to match users' interests). 

We have concluded an agreement with Facebook in accordance with Art. 26 GDPR (see https://www.facebook.com/legal/controller_addendum), which specifically regulates which security measures Facebook must take. In addition, Facebook has agreed to fulfill the data subject rights under the GDPR in connection with joint processing, i.e. requests for information and deletion. 
Insofar as Meta provides us with aggregated anonymous metrics, analyses and reports, this processing is not carried out within the framework of a joint responsibility according to Art. 26 GDPR, but on the basis of a data processing agreement according to Art. 28 GDPR. 

Microsoft Bookings (Appointment Booking Form)

To organize, plan, and conduct consultation appointments with customers (particularly product updates), we use the service Microsoft Bookings, operated by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521, Ireland.

Personal data processed includes your IP address and the information you provide in the booking form, such as name, phone number, email address, preferred communication method or tool, date and time of appointment request and scheduled meeting, reason for inquiry, and any free-text fields.

Google Analytics

We use the services of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 
We use Google Analytics to measure and analyze the use of our website. In doing so, we use a pseudonymous user identification number that does not contain any personal data such as names or email addresses. This identification number makes it possible to assign analysis information to a specific end device. We use Google Analytics to recognize what content users have accessed within various usage processes, what search terms they have used and how they have interacted with our website. 
In addition, the time of use and other technical information about the user's device and browser are stored. Pseudonymous profiles are created that can combine information from the use of different devices. For EU users, Google does not log or store individual IP addresses. However, rough geographical location data is derived by analyzing metadata from IP addresses. This includes city (and derived latitude and longitude), continent, country, region and subcontinent. For EU data traffic, IP address data is used exclusively for deriving geolocation data and is then immediately deleted. It is not accessible and is not used for other purposes. All IP queries take place on EU-based servers before the data is forwarded to Analytics servers for processing. 
Browser Plugin 
You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link  https://tools.google.com/dlpage/gaoptout?hl=de

Google AdWords and Google Conversion Tracking

We use the Google AdWords service. AdWords is an online advertising program from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 
As part of Google AdWords, we use a tool called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the internet browser stores on the user's computer. These cookies expire after 30 days and are not used for personal identification of the user. If the user visits certain pages of this website and the cookie has not yet expired, we and Google can see that the user has clicked on the ad and has been redirected to this page. 
Every Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can opt out of this use by simply disabling the Google Conversion Tracking cookie on your web browser under User Settings. You will then not be included in the conversion tracking statistics. 

For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy: https://www.google.de/policies/privacy/
You can adjust the settings on your browser so that you are informed when cookies are set and only allow cookies in individual cases, accept cookies in certain cases or generally exclude them and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. 

Google Tag Manager

We use the Google Tag Manger service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 


Google Tag Manager is a tool for managing cookies, conversion pixels and tracking codes on our website and enables us to manage and control various codes on our website. These codes are stored in a special container and are not integrated directly into the source code of the page. 


The Google Tag Manager forwards the information collected on our website via cookies to the corresponding tools for further processing. The following types of data can be processed: IP address, browser information, operating system information, page views and interactions such as page views or clicks. 

Google Maps

We use the map service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, via an API. 
Your IP address must be stored in order to use the Google Maps functions. This information is usually transferred to a Google server in the United States and stored there. We have no influence over this data transfer. 
We use Google Maps to present our online content in an appealing manner and to make it easier to find the locations we specify on the website. 

  • Legal basis: consent, Art. 6 (1) 1 lit. a GDPR 
  • Google's privacy policy: https://policies.google.com/privacy?hl=de. 
  • Basis for third-country transfer: EU-US Privacy Shield 

Google Web Fonts

We use so-called web fonts provided by Google to ensure fonts are displayed consistently. When you access a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. 

If your browser does not support web fonts, a default font will be used by your computer. 

  • Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR 
  • Google's privacy policy: https://policies.google.com/privacy?hl=de. 
  • Basis for third-country transfer: EU-US Privacy Shield 

Kickscale

Modell Aachen GmbH uses Kickscale, a service provided by Kickscale GmbH, Stella-Klein-Löw-Weg 8, A-1020 Vienna, Austria, for analysis purposes in presentations. 
Kickscale is a software solution that we use to analyze various aspects of our presentations before they are sold. These include, among other things: 

  • Conversation analysis of the sales representative and 
  • Summary of relevant information. 

Each recording requires the consent of the interested party and is requested at the beginning of each presentation. The tool is indicated by the participant “Notes” in the meeting.  
The data processing is carried out on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from our subscriptions. The legality of the data processing operations already carried out remains unaffected by the revocation. 


If you do not want Kickscale to collect data, you can prevent it from being stored at any time by following the relevant instructions. Further information about how Kickscale works can be found in the Kickscale GmbH privacy policy. 

Hotjar

Our website uses the web analysis service Hotjar. The provider of this service is Hotjar Ltd, a European company based in Malta (Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe). 


We use Hotjar to better understand our users' needs and to optimize the services and experience on this website. Hotjar's technology is used to track movements on the website. This gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, how far users scroll, etc.). This helps us to align our services with our users' feedback. 


Hotjar uses cookies and other technologies to collect data on our users' behavior and their devices. We take special care to protect your personal data when using this tool. We can only see which buttons are clicked, the mouse movements, the amount scrolled, the screen size, device type, browser information, location (country only), preferred language for displaying our website and the IP address of the device (only collected and stored in anonymized form). Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually prohibited from selling the data collected on our behalf. 


You can prevent Hotjar from collecting your data by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Exclude from tracking

Hubspot

Modell Aachen GmbH uses Hubspot, a service provided by Hubspot Inc., for analysis purposes on its websites. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. 
Hubspot is an integrated software solution that we use to cover various aspects of our online marketing. These include, among other things: email marketing, reporting, contact management (e.g. user segmentation & CRM) and contact forms. 
In doing so, so-called “web beacons” are used and “cookies” are set, which are stored on your computer and enable us to analyze your use of the website. The information collected (e.g. IP address, geographical location, type of browser, duration of visit and pages viewed) is evaluated by Hubspot on behalf of Modell Aachen to generate reports about the visit and the pages visited by Modell Aachen. 
When our newsletter is subscribed to or forms are filled out, we can use Hubspot to link a user's visits to Modell Aachen websites with the personal information (especially name/email address) on the basis of a given consent, thus recording personal data and informing users individually and purposefully about preferred topics. 
The data processing is carried out on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from our communication subscriptions. We provide a link for this purpose in every email message. The legality of the data processing operations already carried out remains unaffected by the revocation. 


If you do not want Hubspot to collect data, you can prevent cookies from being stored at any time by adjusting your browser settings accordingly. For more information about how Hubspot works, please refer to the Hubspot Inc. privacy policy. 

YouTube

We use the service provider YouTube, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, on our website to embed videos. In this context, your IP address and various usage data (depending on the type of use) are processed. This may include the following types of data: Video views and length of stay, click paths, intensity and frequency of use, information on the devices used (MAC) and software used (e.g. operating system) or interactions with content and functions. In addition, the processing of inventory data (such as name or contact data) as well as content data (content such as texts, images or videos) is possible if the user shares corresponding data. 

Retention Period of Personal Data or Criteria for Storage Duration

Unless stated otherwise, we delete personal data after it is no longer required for the provision of our services, provided there are no legitimate interests on our part or legal retention obligations (e.g., §§ 147 AO, 257 HGB) that prevent deletion.

Data Recipients; No Unauthorized Disclosure to Third Parties

We handle personal data with the utmost care. Data is disclosed to third parties only when necessary for the execution and processing of contractual relationships, you have given your consent, or when disclosure is otherwise permitted under applicable legal provisions.

We use various service providers as processors under Article 28 GDPR who, like us, are subject to European data protection laws and whom we have appropriately obligated to comply with these laws.

Security of Personal Data

We protect both our website and the data stored within our responsibility against loss, destruction, unauthorized access, alteration, or disclosure by unauthorized persons through a range of technical and organizational measures in line with the current state of technology.

The input and transmission of personal data are encrypted using the SSL (Secure Socket Layer) protocol.

What is SSL?

An SSL-encrypted website transmits personal data to the server in a way that makes it impossible for third parties to intercept or read it. A certificate verifies our identity. Depending on your browser, you can recognize a secure connection by the green address bar and/or the lock icon. By clicking on the lock icon or the green address bar, you can read our online identity verification.

What does SSL do?

Encryption ensures that the data you enter can only be read by us. The green address bar confirms that you are connected to our server and not to a third-party site.

Rights of the Data Subject

You have the following rights regarding your personal data:

  1. Right of access (Article 15 GDPR)
  2. Right to rectification or erasure (Articles 16 and 17 GDPR)
  3. Right to restriction of processing (Article 18 GDPR)
  4. Right to data portability (Article 20 GDPR)
  5. Right to object to processing (Article 21 GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data. The competent authority is:
State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf, Germany
Email: poststelle@ldi.nrw.de

Right to Object to Processing; Withdrawal of Consent

If you have given your consent to the processing of your data, you may withdraw this consent at any time. Such a withdrawal will affect the permissibility of processing your personal data after you have communicated it to us.


If we process your personal data based on a balancing of interests under Article 6(1)(f) GDPR, you have the right to object to the processing. When exercising such an objection, please provide the reasons why your personal data should not be processed in the manner we have conducted. In the case of a justified objection, we will review the situation and either cease or adjust the data processing or demonstrate compelling legitimate grounds for continuing the processing.
You may object to the processing of your personal data for advertising and data analysis purposes at any time.
Please communicate your objection to the contact details provided under "Controller."

Questions and Comments; Changes to the Privacy Policy

If you have any questions or comments regarding data protection, please contact us under the reference "Data Protection" (see Controller section above).
The continued development of the internet also impacts our data protection strategy. We reserve the right to adjust this privacy policy periodically to align with underlying processes. We will inform data subjects of changes to the privacy policy via our website.

Privacy Policy for the Application Process at Modell Aachen GmbH

Below, you will find additional information on the processing of your personal data during the application process at Modell Aachen GmbH. For the mandatory disclosures under Articles 13(1) and (2) GDPR, please refer to Part A of this privacy policy.
We offer you the opportunity to apply to us (e.g., via email, postal mail, or an online application form). The following explains the scope, purpose, and use of the personal data collected during the application process. We assure you that the processing of your data complies with applicable data protection laws and all other statutory provisions and that your data will be treated as strictly confidential.


In the application process, we use the services of the provider EVERYDAY SOFTWARE, S.L., based at Calle Alaba, 61 5º-2ª, 08005, Barcelona, Spain, as a processor under Article 28 GDPR.

Type, scope and purpose of data collection in the application process

If you send us an application, we process the personal data associated with it (e.g. contact and communication data, application documents, notes taken during job interviews, etc.) to the extent necessary to decide whether to establish an employment relationship. The legal basis for this is Art. 6 (1) sentence 1 lit. b in conjunction with § 26 (1) sentence 1 BDSG. Your personal data will be shared within our company only with those persons who are involved in processing your application. 
If your application is successful, the data you have submitted will be stored in our data processing systems on the basis of Art. 6 (1) sentence 1 lit. b in conjunction with § 26 (1) sentence 1 BDSG for the purpose of implementing the employment relationship. 

Storage period for data

If we are unable to offer you a job, if you reject a job offer or withdraw your application, we reserve the right to store the data you have provided on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). After that time, the data will be deleted and the physical application documents destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the six-month period (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies. The storage thus serves in particular as evidence in the event of a legal dispute, cf. § 61b Abs. 1 ArbGG i.V.m. § 15 Abs. 4 AGG


Longer storage may also take place if you have given your consent (Art. 6 para. 1 sentence 1 lit. a DSGVO) or if statutory storage requirements preclude deletion.