Legal

Privacy Policy (GDPR)

Alphadi Deutschland GmbH — Privacy information in accordance with the General Data Protection Regulation (EU) 2016/679.

Last updated: 01.11.2021 approx. 38 min reading time
This privacy policy explains how we handle your personal data while you take part in one of our seminars, and how we maintain our relationship with you after you have successfully completed the seminar, or while we provide support to you, or you provide a service to us or we provide a service to you.

This privacy policy describes how we collect, use and process your personal data and how we comply with our legal obligations towards you in doing so. Protecting your data matters to us, and we have made it our task to protect and uphold your data protection rights.

This privacy policy applies to the personal data of visitors to our website, candidates, customers, suppliers and other individuals with whom we may make contact. It also applies to the emergency contacts of our employees. If you are an Alphadi employee, please refer to the Alphadi Employee Privacy Policy.

For the purposes of applicable data protection laws (including, among others, the General Data Protection Regulation (Regulation (EU) 2016/679), the “GDPR”), the company responsible for your personal data is “Alphadi” .

If you disagree with any aspect of our privacy policy, you may be entitled to certain legal remedies, which are also described here in the relevant section.

This privacy policy applies in the respective countries within our international network. Different countries may take slightly different approaches to data protection, which is why this privacy policy contains country-specific sections.
1

CANDIDATE DATA: We need to process certain information about you in order to determine the optimal seminar and your suitability for it. We only ask for information that helps us establish your qualifications, such as your name, age, contact details, education details, and professional background. A more detailed description of the personal data we collect about you can be found on the customer master data sheet. We also collect certain data about you when you access our website.

CUSTOMER DATA: If you are an Alphadi customer, we need to collect and use information about you or individuals within your organisation in order to provide services to you, e.g. for an in-house training course. A more detailed description of the personal data collected in this way can be found on the customer master data sheet. We also collect certain data about you when you access our website.

CLIENT DATA: We require a small amount of information from our clients to ensure a smooth seminar process. We need the contact details of the responsible persons within your organisation in order to communicate with you. A more detailed description of the personal data we collect about you can be found in the customer master data sheet. We also collect certain data about you when you access our website.

VISITORS TO OUR WEBSITE: We collect a limited amount of data from visitors to our website and use it to make our website easier to use and to better manage the services we offer. This includes, among other things, information about how you use our website and how often you access it, as well as the times when our website is particularly in demand. We need some elements of the personal data we collect from you in order to fulfil our contractual obligations to you or others. Others are only needed to ensure a smooth business relationship. Depending on the type of personal data in question and the reasons why we process it, we may be unable to fulfil our contractual obligations or, in extreme cases, may be unable to maintain the business relationship if you refuse to provide us with this data. How is your personal data collected?

CANDIDATE DATA: Your personal data is essentially collected: 1. Directly from you. If you access our website or read or click on an email from us, we may also automatically collect certain data, or you may provide it to us yourself.

CUSTOMER DATA: Your personal data is essentially collected: 1. Directly from you. If you access our website or read or click on an email from us, we may also automatically collect certain data, or you may provide it to us yourself.

SUPPLIER DATA: We collect your personal data in the course of working with you. If you access our website or read or click on an email from us, we may also automatically collect certain data, or you may provide it to us yourself.

VISITORS TO OUR WEBSITE: We automatically collect your data using cookies in accordance with your browser's cookie settings when you visit our website. We also collect data from you when you contact us via the website.

2

CANDIDATE DATA: The main reason for using your personal information is to help you find a seminar that suits you. The more information we have about you, your abilities and your goals, the better we can tailor our services to you. Where appropriate and permitted under local laws and regulations, we may also use your personal data for advertising purposes. Where applicable, we will ask for your consent for some of these measures.

CUSTOMER DATA: The main reason we use information about customers is to ensure that the contractual agreements between us can be properly implemented, so as to ensure a smooth business relationship. The more information we have, the better we can tailor our services to you.

SUPPLIER DATA: We use your personal data primarily for two reasons: firstly, to ensure that the contractual agreements between us can be properly implemented, thereby enabling a smooth business relationship, and secondly, to ensure compliance with legal requirements.

PERSONS WHOSE DATA WE RECEIVE FROM CANDIDATES AND EMPLOYEES, E.G. EMERGENCY CONTACT PERSONS: We use the personal information of the emergency contacts of candidates or employees in the event that the candidate or employee is involved in an accident or emergency.

3

CANDIDATE DATA: We may share your personal data with various recipients in different ways and for different reasons. First and foremost, we pass on your information to the certification body in order to ensure personal certification.

POSSIBLE RECIPIENTS OF YOUR DATA: The certification body CertEuropa®, in order to demonstrate your suitability and issue your certificate. The certification body CertEuropa®, during a surveillance audit or recertification in accordance with DIN EN ISO 9001:2015 and DIN/ISO 29990, to demonstrate the careful handling of your data. The certification body TQCert® and TÜV Hessen, for the same purposes as CertEuropa.

4

GENERAL: Protecting your information matters to us. That is why we take appropriate measures to prevent unauthorised access to, and misuse of, your personal data.

PROCEDURE: Your email data is stored encrypted with us. Your sensitive data, such as your CV, which we use to determine your suitability for certified seminars, is printed out by us and kept in a locked cabinet. Only specifically designated employees have access to this data.

5

DURATION: If, after three years have passed (the due date for the renewal of the certificate you obtained from us), we have had no relevant contact with you (or, where applicable, with the organisation for or with which you work), we will delete your personal data from our systems, unless we believe in good faith that we are legally obliged, or obliged under another regulation, to retain it (for example, because a tax authority has made an enquiry or in connection with anticipated litigation).

6

Even though we already hold your personal data, you have various rights in respect of that data. If you would like to contact us in this regard, please get in touch with us. We will endeavour to process your request as quickly as possible and, in any case, in accordance with applicable statutory provisions. Please note that we may keep records of our communications in order to better resolve any issues you raise.

RIGHT TO OBJECT: If we use your data because we believe it is in our legitimate interests to do so, and you do not agree with this, you have a right to object. We will respond to your request within 30 days (although in certain cases we may be entitled to extend this period). As a rule, we will only object to your request under certain, narrowly defined circumstances.

RIGHT TO WITHDRAW CONSENT: Where we have obtained your consent to process your personal data for certain activities (for example, a customer survey on whether the seminar you attended achieved the desired outcome) or your consent to send you advertising, you may withdraw your consent at any time.

DATA SUBJECT ACCESS REQUEST (DSAR): For clarification: you have the right, at any time, to request confirmation from us as to what information we hold about you, and to ask us to amend, update or delete that information. We may comply with your request accordingly.

ADDITIONALLY, WE HAVE THE FOLLOWING OPTIONS: We may ask you to confirm your identity or ask you for further information regarding your request, and, where legally permitted, we may decline your request. In such a case, we will explain our reasons for declining.

RIGHT TO ERASURE: In certain situations (for example, if we have processed your data unlawfully), you are entitled to ask us to “delete” your personal data. We will respond to your request within 30 days (although in certain cases we may be entitled to extend this period) and will only decline your request under certain, narrowly defined circumstances. If we agree to your request, we will delete your data, but will generally assume that you would like us to include your name in our list of persons who do not wish to be contacted. This minimises the chance of you being contacted again in future if your data is collected separately under other circumstances.
If you do not wish this, please let us know. If your interests or requirements change, you can unsubscribe from some or all of our promotional content (e.g. email notifications about open positions or Alphadi® newsletters) by informing us by email.

7

Alphadi controls the processing of personal data on its server. We have a data protection officer appointed by management. If you have any further questions or would like more details, please contact us.

8

A “cookie” is a small data file stored on your computer's hard drive. Cookies are used by almost all websites. They do not harm your system. We use them to track your activities and ensure that you enjoy a pleasant customer experience when visiting our website. If you would like to review or change which types of cookies are accepted, you can usually do so in your browser settings.

DECLINING COOKIES: If you do not want to receive cookies that are not strictly necessary to carry out basic functions of our website, you can change your browser settings so that cookies are no longer accepted. Most web browsers accept cookies. However, if you would prefer that we do not collect data in this way, you can set your browser's privacy settings so that all or some cookies are accepted, or all cookies are declined. However, if you decline all cookies, you may not be able to use the full functionality of our website. Every browser is different, so please check your browser's help menu to find out how to change your cookie settings. Further general information about cookies, including how to disable them, can be found at aboutcookies.org. There you can also find out how to delete cookies from your computer.

DETAILED SECTIONS IN FULL FORM: WHAT TYPES OF PERSONAL INFORMATION ARE COLLECTED? Would you like to find out in more detail what data we collect about you? Here is a more detailed description of the information we collect. The information described below is, of course, in addition to the personal data we are legally required to process in the relevant situations.

CANDIDATE DATA: Depending on the applicable conditions and local laws and regulations, we may collect some or all of the information listed below in order to offer you seminars and services tailored to your situation and interests. In some jurisdictions, we are restricted in processing the following data. In such cases, we do not process the data in those jurisdictions:

  • Name
  • Age/date of birth
  • Gender
  • Photograph
  • Marital status
  • Contact details
  • Education details
  • Professional background
  • Details of a reference contact person
  • Nationality/citizenship/place of birth
  • Diversity information, including physical and mental health, including any information relating to disabilities
  • Additional information you provide to us voluntarily
  • Additional information that your reference contacts voluntarily provide to us about you
  • IP address
  • Video recordings, for training purposes

Please note that this is not an exhaustive list of the personal data we may collect.

CUSTOMER DATA: We only collect data about our customers to a very limited extent. As a rule, we only require your contact details or the contact details of individual contacts within your organisation (such as their names, phone numbers and email addresses) in order to ensure a smooth business relationship. We may also store additional information that someone from your organisation has voluntarily provided to us. If we need any further personal data from you for any reason, we will let you know.

SUPPLIER DATA: We do not collect much data about suppliers. We only need to ensure a smooth business relationship. We collect the data of our contacts within your organisation, such as names, phone numbers and email addresses. We also collect bank details in order to make payments to you. We may also store additional information that someone from your organisation has voluntarily provided to us.

How is your personal data collected?

CANDIDATE DATA: We collect personal data from our candidates primarily

1. Personal data that you provide to us as a candidate

Alphadi requires certain information about you in order to provide you with a tailored service. This allows us to offer you optimal opportunities. You can provide us with information in a variety of ways, depending on what suits you best. This may include: entering your data as part of the registration process on the Alphadi® website or in an application form; submitting a CV in printed or electronic form; sending your CV by email to an Alphadi® consultant.

PERSONAL DATA WE OBTAIN FROM OTHER SOURCES:

-not applicable-

PERSONAL INFORMATION WE COLLECT AUTOMATICALLY: If you access our website or read or click on an email from us, we may automatically collect your data, in accordance with any local regulations and requirements, or you may provide it to us yourself.

1. Personal data we obtain directly from you

We pursue the same objective: we want to ensure that you find the best seminar for yourself or your organisation. We receive data directly from you in two ways: when you contact us of your own accord, usually by phone or email, and/or when we contact you by phone, email or generally in the course of business development activities. Personal data we obtain from other sources:

-not applicable-

PERSONAL DATA WE COLLECT VIA OUR WEBSITE: If you access our website or read or click on an email from us, we may automatically collect your data, in accordance with any local regulations and requirements, or you may provide it to us yourself.

VISITORS TO OUR WEBSITE: When you visit our website, we may automatically collect certain information about you, regardless of whether you use our services. This includes your IP address, the date, time and frequency of your visits to the website, and how you browse the content. We also collect data from you when you contact us via the website.

9

Once we hold data about you, we use it in various ways.

CANDIDATE DATA: In general, we use data about our candidates for four purposes: personal certification; promotional activities; determining reintegration rates; and the assertion, exercise or defence of legal claims. Suitability assessment. Further details on each type: to the extent necessary, and in accordance with any local laws and regulations, we may use and process data for these purposes. Please note that this list is not exhaustive.

PROMOTIONAL ACTIVITIES: We may periodically send you information which we believe may be of interest to you. In particular, where requested and in accordance with local laws and regulations, we may use your data for the purposes listed below. Please note that this list is not exhaustive.

TO DEVELOP AND PROMOTE OTHER PRODUCTS AND SERVICES: to send you details of reports, promotions, offers, networking and customer events, as well as general information about industries which we believe may be of interest to you; to display excerpts of your data for promotional purposes on the Alphadi website as a success story (only with your express consent); and to inform you about certain discounts and offers to which you are entitled due to your business relationship with Alphadi. All our advertising is based on things we believe are particularly helpful to our customers and candidates. However, we are aware that we cannot always get everything right for everyone. We may use your data to show you advertisements and other Alphadi content on other websites such as Facebook. If you do not want us to use your data in this way, please disable the “advertising cookies” option (please consult our cookie policy). Even if you have disabled advertising cookies, you may still be shown Alphadi® advertisements. In this case, however, this is not targeted at you personally, but at an anonymous audience. Assertion, exercise or defence of legal claims.

In less common cases, we may also use your personal data to assert, exercise or defend legal claims.

CUSTOMER DATA: We use information about our customers for the following purposes:

Promotional activities and the assertion, exercise or defence of legal claims. Further details on each type: conducting customer satisfaction surveys; processing your data to enable suitable advertising campaigns to be targeted at you. We may use your personal data for these purposes where it is in our legitimate interests to do so. If you do not agree with this, you have a right to object under certain circumstances. Promotional activities: to the extent compatible with applicable local laws and regulations, we will not necessarily ask for your consent when sending you promotional materials to a business postal address or email address. If you do not agree with this, you are entitled to opt out of receiving promotional materials from us. Assertion, exercise or defence of legal claims: in less common cases, we may also use your personal data to assert, exercise or defend legal claims.

SUPPLIER DATA: We know that you are probably busy and do not want to constantly bother you. In order to strike a balance, we only use your information for the following purposes: storing (and, where applicable, updating) your data in our database so that we can contact you in connection with our agreements; offering you services, or receiving support and services from you; fulfilling certain legal obligations; developing appropriately targeted advertising campaigns; and, in less common cases, the assertion, exercise or defence of legal claims. We may use your personal data for these purposes where it is in our legitimate interests to do so. We will not necessarily ask for your consent to send you promotional communications to a business postal address or email address. If you do not agree with this, you have a right to object under certain circumstances.

PERSONS WHOSE DATA WE RECEIVE FROM CANDIDATES AND EMPLOYEES, E.G. EMERGENCY CONTACT PERSONS: We will only use the information our candidates provide to us about you for the following purposes: when candidates or employees have named you as an emergency contact on our form.

WHO IS YOUR PERSONAL DATA SHARED WITH? Where appropriate and in accordance with local laws and regulations, we may share your personal data in various ways and for various purposes with the following categories of persons: individuals and organisations that work with us, such as current, former or future employees, external trainers, instructors and examination boards; tax, auditing or other authorities, if we believe in good faith that we are legally obliged, or obliged under another regulation, to disclose this data (for example, because a tax authority has made an enquiry or in connection with anticipated litigation); external service providers who provide services on our behalf (including external consultants, business partners and professional advisors such as lawyers, auditors and accountants, technical support functions and IT consultants who carry out development and testing work on our company's technology systems); outsourced IT service providers and storage providers, where an appropriate processing agreement (or comparable safeguard) is in place. Should Alphadi® merge with, or be acquired by, another company or entity in future (or should meaningful discussions about such a possibility take place), we may disclose your personal data to the (future) new owners of the company or entity.

HOW IS YOUR PERSONAL DATA PROTECTED? We will take all reasonable and appropriate measures to protect the personal information we hold from misuse, loss or unauthorised access. To this end, we have implemented a range of technical and organisational measures. This includes measures to deal with any suspected data breaches. If you suspect that your personal information has been misused, lost, or accessed without authorisation, please let us know as soon as possible.

HOW LONG IS YOUR PERSONAL DATA STORED? We will delete your personal data from our systems if we have had no relevant contact with you (or, where applicable, with the company for or with which you work) for three years (or for a longer period if we believe in good faith that we are legally obliged, or obliged under another regulation, to retain your data). After this period, your data is presumably no longer relevant for the purpose for which it was collected. For candidates whose services are provided via a third-party company or other entity, “relevant contact” with you means relevant contact with the company or entity providing your services. If we are notified by this company or entity that there is no longer a business relationship with you, we will retain your data for a maximum of two years from that point, or, if later, two years from the point at which we last had relevant direct contact with you. When we refer to “relevant contact”, we mean, for example, communication (oral or written) between us, or you actively contacting us. If you are a candidate, we assume that relevant contact exists if you submit your updated CV or attend one of our training courses. It is also considered relevant contact if you communicate with us regarding possible positions. This can be in the form of oral or written communication. If you receive an email or other digital message from us and open or read it, this does not count as relevant contact. This is only the case if you click on something in it or reply directly.

HOW CAN YOU ACCESS, CHANGE OR WITHDRAW PERSONAL DATA YOU HAVE PROVIDED TO US? One of the main objectives of the GDPR is to protect and clarify the data protection rights of EU citizens and individuals within the EU. This means that you continue to have various rights regarding your data, even after you have already provided it to us. These rights are described in more detail below. If you would like to contact us regarding these rights, please get in touch with us. We will endeavour to respond to your request as quickly as possible and, in any case, within one month (extensions to which we are legally entitled may apply). Please note that we may keep records of our communications in order to better resolve any issues you raise. Right to object: on the basis of this right, you can object to our processing of your personal data if we do so for one of the following reasons: our legitimate interests, so that we can perform a task in the public interest or exercise official authority, or so that we can send you direct marketing materials. The above categories of “legitimate interests” and “direct marketing” are the categories most likely to apply to visitors to our website, candidates, customers and suppliers. If you object to us processing your personal data because we consider it necessary for our legitimate interests, we must cease the relevant activities as a result of your objection, unless:

we can demonstrate compelling legitimate grounds for the processing which override your interests, or we are processing your data in order to assert, exercise or defend a legal claim. If you object in connection with direct marketing, we must cease this activity. Right to withdraw consent: where you have given us your consent to process your personal data for certain activities (e.g. our promotional arrangements or automated profiling), you can withdraw this consent at any time. We will cease the activity to which you had previously consented, unless we believe there is an alternative reason justifying our continued processing of your data for that purpose. Should this be the case, we will inform you. Data subject access request (DSAR):

You can request confirmation from us at any time as to what information we hold about you, and ask us to amend, update or delete that information. We may ask you to confirm your identity or ask you for further information regarding your request. If we grant you access to the information we hold about you, we will not charge a fee for this unless your request is “manifestly unfounded or excessive”. If you request further copies of this information from us, we may charge you a reasonable administrative fee, where legally permitted. We may decline your request where legally permitted. If we decline your request, we will always give reasons for doing so. Please note that in some jurisdictions in which we operate, we are subject to additional local statutory provisions regarding data subject access requests and may decline your request in accordance with these laws. Right to erasure: under certain circumstances, you may request that we delete your personal data. As a rule, the information must meet one of the following criteria:

the data is no longer needed for the purpose for which we originally collected and/or processed it; you have withdrawn consent previously given for us to process your data and there is no other valid reason to continue processing; the data was processed unlawfully (i.e. in a manner contrary to the GDPR); the data must be deleted in order for us to comply with our obligations as data controller; or you object to the processing and we cannot demonstrate overriding legitimate grounds for continuing to process it, where we process the data because we consider it necessary for our legitimate interests. Please note that in some jurisdictions in which we operate, we are subject to additional local statutory provisions regarding erasure requests and may decline your request in accordance with these laws. We may only decline your request for one of the following reasons: to exercise the right to freedom of expression and information; to comply with legal obligations, perform a task in the public interest or exercise official authority; where this is in the public interest for reasons of public health; for archiving, research and statistical purposes; or to exercise or defend a legal claim. Where we comply with a valid erasure request, we will take all reasonable and feasible measures to delete the data concerned. Right to restriction of processing: under certain circumstances, you may request that we restrict the processing of your personal data. This means that we will only store your data in future and will not carry out any further processing activities until: one of the conditions listed below has been resolved, you give your consent, or further processing is necessary to assert, exercise or defend legal claims, to protect the rights of others, or where necessary for reasons of important public interest of the EU or a member state.

Under the following circumstances, you may request that we restrict the processing of your personal data:

If you dispute the accuracy of the personal data we process about you. In this case, our processing of your personal data will be restricted until the accuracy of the data has been verified. If you object to our processing of your personal data on the basis of our legitimate interests. In this case, you can request that the data be restricted while we review our reasons for processing your personal data. If our processing of your data is unlawful, but you would prefer to restrict processing rather than have the data deleted. If we no longer need to process your personal data, but you need the data to assert, exercise or defend legal claims. Should we have disclosed your personal data to third parties, we will inform them of the restricted processing, where this is possible and does not involve disproportionate effort. We will of course inform you before lifting any restrictions on the processing of your personal data. Right to rectification: you may also request that we correct any inaccurate or incomplete personal data we hold about you. Should we have disclosed this personal data to third parties, we will inform them of the correction, where this is possible and does not involve disproportionate effort. Where applicable, we will inform you which third parties we have disclosed the inaccurate or incomplete personal data to. If we consider it inappropriate to comply with your request, we will explain our reasons for this decision. Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint with the relevant local supervisory authority. If you wish to exercise any of these rights, or withdraw your consent to the processing of your personal data (where your consent forms the legal basis for the processing of your personal data), you can contact us by email. It is important that the personal information we hold about you is accurate and up to date. Please keep us informed of any changes to your personal data during the period in which we store it.

WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL DATA ON THE Alphadi® WEBSITE? Responsibility lies with the data protection officer appointed by management.

HOW IS YOUR DATA STORED AND TRANSFERRED INTERNATIONALLY? Our data, primarily emails, is stored on German servers and/or with German service providers. International disclosure to third parties is only possible with the candidate's consent, for the purpose of: enquiries with consulting firms in order to offer the candidate a possible job; enquiries from companies seeking a suitable employee. COOKIE POLICY. What is a cookie? A “cookie” is information stored on your computer's hard drive that records your navigation on a website. This allows tailored options to be offered to you based on information stored from your last visit. Cookies can also be used to analyse traffic and for advertising and marketing purposes. Cookies are used by almost all websites and do not harm your system. If you would like to review or change which types of cookies are accepted, you can usually do so in your browser settings.

10

We use cookies for two purposes: to record your use of our website, so that we can understand how you use the website and identify patterns that develop, whether individually or across larger groups. This helps us further develop and improve our website and services in line with the wishes and needs of our visitors; and to show you positions we believe may interest you. We hope this means you spend less time searching through many pages and find the position you want more quickly. There are several types of cookies:

Session cookies: These are only stored on your computer during your internet session and are automatically deleted when you close your browser. They usually store an anonymous session ID that allows you to use a website without having to log in on every single page. However, they do not collect any information from your computer.

Persistent cookies: A persistent cookie is stored as a file on your computer and remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again. We use persistent cookies for Google Analytics and for personalisation (see below). Cookies can also be categorised as follows:

Strictly necessary cookies: These cookies are necessary in order for you to use the website effectively, for example, when applying for a position. They cannot therefore be disabled. Without these cookies, we cannot provide the services we offer via our website. These cookies do not collect any information about you that could be used for advertising purposes, or that would reveal which websites you have visited.

Performance cookies: These cookies allow us to monitor and improve the performance of our website. For example, they allow us to count visits, identify traffic sources and see which parts of the website are particularly popular.

Functionality cookies: These cookies allow our website to remember choices you have made (e.g. your username, language, or the region you are in) and to provide enhanced features. For example, this allows us to provide you with news or updates about the services you use. These cookies may be used to save changes you have made to text size, font, or other parts of the website that you can customise. They may also be used to provide services you have requested, such as playing a video or commenting on a blog. Information collected by these cookies is usually anonymised.

Personalisation cookies: These cookies allow us to advertise details of employment opportunities we believe may interest you. These are persistent cookies that are stored permanently (for as long as you remain registered with us). This means that when you log in or return to the website, you will be shown advertisements for similar positions to those you have previously viewed.

OUR LEGAL BASES FOR PROCESSING YOUR DATA

LEGITIMATE INTEREST: This is set out in Article 6(1)(f) of the GDPR, which states that we may process your data if this is “necessary for the purposes of the legitimate interests pursued by [us] or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of [you], which require protection of personal data.”

We do not believe the following activities affect individuals in any way. Rather, they help us provide tailored, more efficient services for you, and are therefore beneficial to all parties involved. However, you have the right to object to our processing of your personal data on this basis. Please note that in some jurisdictions in which we operate, a different legal basis for data processing may apply in certain cases. We must ensure that our business operations run smoothly so that we can continue to provide services to candidates like you. We must therefore also use your data for internal administrative purposes, such as remuneration and, where applicable, invoicing. We are subject to our own legal obligations, and it is in our legitimate interest to ensure they are met. Where we believe in good faith that it is necessary, we may therefore disclose your data where this serves the purposes of law enforcement, tax collection, or actual or threatened disputes.

CUSTOMER DATA: To ensure that we provide optimal services to you, we store your personal data and/or the personal data of individual contacts within your organisation. Occasionally, we may also ask you to take part in a customer satisfaction survey. We consider this appropriate.

SUPPLIER DATA: We use and store the personal data of individuals within your organisation in order to make use of services from you as one of our suppliers. We also store your financial data so that we can pay for your services. We consider all these activities to fall within the scope of our legitimate interests as a recipient of your services, and that we consider it necessary for our legitimate interests as a company offering recruitment services, and as an employer. Should a candidate or employee have named you as an emergency contact, we use this data to contact you in the event of an accident or emergency. You will surely agree that this is an important element for our organisation, which is primarily about people, and is therefore necessary for our legitimate interests.

CONSENT: Under Article 4(11) of the GDPR, consent (via opt-in) is “any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” In simple terms, this means that: you must give us your consent freely, without us exerting any form of pressure on you; you must know what you are consenting to – so we will ensure that we have provided you with sufficient information; you should have control over the processing activities to which you consent, or do not consent; you must give us your consent in the form of a positive, affirmative action. We will likely present you with a box that you need to tick, so that this requirement is clearly and unambiguously met. We keep records of consents given to us in this way.

ASSERTION, EXERCISE OR DEFENCE OF LEGAL CLAIMS It may sometimes be necessary for us to process personal data and, where applicable and in accordance with local laws and regulations, sensitive personal data in connection with the exercise or defence of legal claims. Article 9(2)(f) of the GDPR permits this where processing “is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.” This may occur, for example, where we require legal advice in connection with legal proceedings, or are legally required to retain or disclose certain information as part of court proceedings.

11

-Country in which you use Alphadi® services or provide services to Alphadi: -Germany-

-Alphadi company responsible for processing the personal data of visitors to our website: -Alphadi, Kassel-

How to reach us:

-to access, change or withdraw personal data you have provided to us,

-if you suspect that your personal information has been misused, lost, or accessed without authorisation,

-to withdraw your consent to the processing of your personal data (where consent forms the legal basis for the processing of your personal data),

-for comments or suggestions regarding this privacy policy. Postal address: Alphadi Deutschland GmbH, Miramstr. 87, 34123 Kassel, Data Protection Officer, Germany. Alternatively, you can reach our data protection officer and data protection team by email at: datenschutz@alphadi.org

APPENDIX 2: Contact details of the competent local supervisory authority. The Hessian Data Protection Commissioner, PO Box 3163, 65021 Wiesbaden. Phone: +49 611 1408 – 0. Fax: +49 611 1408 – 611.

APPENDIX 3: Country-specific deviations from our privacy policy. Jurisdiction: -Germany-

Country-specific legal provision: In Germany, we collect data on candidates' religious affiliation in order to facilitate our remuneration processes. Because this is required by law, we do not ask for your express consent to process this information.

APPENDIX 4: Cookie list. Cookie name: Cache cookie, to enable faster loading of the website on your second visit, and your entered data.

GLOSSARY Candidates/Customers/Clients: This term describes seminar participants or companies for all seminars and services advertised by Alphadi. Suppliers: This category includes parties such as external trainers, service providers and other parties who provide services to Alphadi in the course of its business activities. Deletion: Even though we endeavour to permanently delete your personal data at the end of the retention period, or when appropriately requested by you to do so, some of your data may remain in our systems, for example while awaiting being overwritten. For our purposes, this data has been rendered unusable, i.e. while it still exists in an archive system, it can no longer be accessed by our operating systems, processes or staff. General Data Protection Regulation (GDPR): A regulation of the European Union to harmonise European data protection law. It came into force on 25 May 2018, and all references to it should be interpreted taking into account the national laws implementing it. Other persons whom Alphadi may contact: These may include emergency contacts as well as contacts of candidates and Alphadi employees. We will only contact these individuals where appropriate in the circumstances. Employees: This term describes employees and interns directly involved in Alphadi's business (or who have accepted an offer of involvement), as well as certain other workers involved in the business through the provision of services to Alphadi (even if they are not classified as employees).

12

Below, we inform you about the processing of personal data in connection with the use of “Zoom”.

Purpose of processing:
We use the “Zoom” tool to conduct conference calls, online meetings, video conferences and/or webinars (hereinafter: “online meetings”). “Zoom” is a service provided by Zoom Video Communications, Inc., which is based in the USA.

Controller
The controller for data processing directly related to conducting “online meetings” is the Alphadi Academy.

Note:
Insofar as you visit the “Zoom” website, the provider of “Zoom” is responsible for that data processing. Visiting the website is only necessary for using “Zoom” in order to download the software required to use “Zoom”.

You can also use “Zoom” by entering the relevant meeting ID and, where applicable, further access details directly into the “Zoom” app.

If you do not want to or cannot use the “Zoom” app, the basic functions are also available via a browser version, which you can also find on the “Zoom” website.

What data is processed?
Various types of data are processed when using “Zoom”. The scope of the data also depends on what information you provide before or during your participation in an “online meeting”.

The following personal data is subject to processing:
User information:
First name, last name, phone (optional), email address, password (if “single sign-on” is not used), profile picture (optional), department (optional)

Meeting metadata:
Topic, description (optional), participant IP addresses, device/hardware information

For recordings (optional):
MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.

When dialling in by telephone:
Details of incoming and outgoing phone numbers, country name, start and end time. Additional connection data such as the IP address of the device may also be stored.

Text, audio and video data:
You may have the option, within an “online meeting”, to use chat, question or poll functions. In this case, the text entries you make are processed in order to display them in the “online meeting” and, where applicable, log them. In order to enable the display of video and playback of audio, data from your device's microphone and any device camera is processed for the duration of the meeting. You can switch off or mute your camera or microphone at any time via the “Zoom” applications.

To take part in an “online meeting” or enter the “meeting room”, you must at least provide your name. Scope of processing. We use “Zoom” to conduct “online meetings”. If we intend to record “online meetings”, we will inform you transparently in advance and, where necessary, ask for your consent. The fact of the recording will also be displayed to you within the “Zoom” app.

Where necessary for the purposes of documenting the outcomes of an online meeting, we will log the chat contents. However, this will generally not be the case.

In the case of webinars, we may also process questions submitted by webinar participants for the purposes of recording and following up on webinars.

If you are registered as a user with “Zoom”, reports on “online meetings” (meeting metadata, telephone dial-in data, questions and answers in webinars, poll functions in webinars) may be stored by “Zoom” for up to one month.

Automated decision-making within the meaning of Art. 22 GDPR is not used.

Legal bases for data processing
Insofar as personal data of Alphadi Academy employees is processed, Section 26 of the German Federal Data Protection Act (BDSG) is the legal basis for the data processing. Should personal data in connection with the use of “Zoom” not be required for establishing, performing or terminating an employment relationship, but nevertheless be an integral part of using “Zoom”, Art. 6(1)(f) GDPR is the legal basis for the data processing. In these cases, our interest lies in the effective conduct of “online meetings”. Otherwise, the legal basis for data processing when conducting “online meetings” is Art. 6(1)(b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships. If no contractual relationship exists, the legal basis is Art. 6(1)(f) GDPR. Here, too, our interest lies in the effective conduct of “online meetings”.

Recipients / Disclosure of data
Personal data processed in connection with participation in “online meetings” is generally not disclosed to third parties unless it is specifically intended for disclosure. Please note that the content of “online meetings”, like that of in-person meetings, often serves precisely the purpose of communicating information to customers, prospects or third parties, and is therefore intended for disclosure. Other recipients: the provider of “Zoom” necessarily gains knowledge of the above data, insofar as this is provided for under our data processing agreement with “Zoom”.

Data processing outside the European Union
“Zoom” is a service provided by a US-based provider. This means that personal data is also processed in a third country. We have concluded a data processing agreement with the provider of “Zoom” that meets the requirements of Art. 28 GDPR. An adequate level of data protection is guaranteed, on the one hand, through the conclusion of the so-called EU Standard Contractual Clauses. As additional protective measures, we have also configured our Zoom setup so that only data centres in the EU, the EEA or safe third countries such as Canada or Japan are used to conduct “online meetings”.

Data Protection Officer
We have appointed a data protection officer:

Alphadi Deutschland GmbH
Ines Pitikaris
Heinrich-Hertz-Straße 3b, 34123 Kassel
Email: info@alphadi.org

Your rights as a data subject
You have the right to information about the personal data we hold concerning you. You can contact us at any time to request this information. For information requests not made in writing, we ask for your understanding that we may require proof of your identity. You also have the right to rectification, erasure or restriction of processing, insofar as you are legally entitled to this. Finally, you have the right to object to processing within the scope of statutory requirements.
You also have a right to data portability within the scope of applicable data protection requirements.

Deletion of data
As a rule, we delete personal data once there is no longer a need for further storage. Such a need may exist, in particular, where the data is still required to fulfil contractual obligations, or to assess and grant or defend against warranty and, where applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after the relevant retention period has expired.

Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority regarding our processing of personal data.

Changes to this privacy notice
We revise this privacy notice in the event of changes to data processing or other circumstances that make this necessary. The current version can always be found on this website.

Last updated: 01.11.2021

Cart