Data Protection and Security (for Clients and Clickworkers)

§1 Responsible body and data protection officer

This privacy policy informs the users of this website about the type, scope and purpose of the collection and use of personal data by the operator of the websites https://www.clickworker.de/, https://www.clickworker.com/, https://marketplace.clickworker.com and https://workplace.clickworker.com.

We take your data protection very seriously and always treat your personal data confidentially and in accordance with the statutory provisions. Due to new technologies and the constant further development of this website, changes may be made to this privacy policy. We therefore recommend that you visit our privacy policy at regular intervals.

§1.1 The responsible body within the meaning of Art. 4 No. 7 GDPR is:

clickworker GmbH
Büropark Bredeney
Theodor-Althoff-Straße 41
45133 Essen

The person authorized to represent the company is Christian Rozsenich, Managing Director.
The person responsible is based in Essen (Register Court: Essen Local Court, HRB 22914).

§1.2 Data protection officer

For all questions relating to data protection concerning our website and our range of services or to exercise your personal rights, please contact our data protection officer:

Prof. Dr. Thomas Jäschke
DATATREE AG
Märkische Straße 212-218
44141 Dortmund
E-mail: [email protected]
T +49 231 54380-798


§2 Rights of the data subject

You can exercise your data protection rights at any time and free of charge. Our data protection officer reviews and responds to each request individually. You can find his contact details under point 1.2.

§2.1 Right to information pursuant to Art. 15 GDPR

You have the right to receive information free of charge at any time as to whether we are processing your personal data.

§2.2 Right to rectification pursuant to Art. 16 GDPR, right to erasure pursuant to Art. 17 GDPR, right to restriction of processing pursuant to Art. 18 GDPR, right to data portability pursuant to Art. 20 GDPR and right to object pursuant to Art. 21 GDPR

You also have the option of exercising your rights to rectification, erasure or restriction of processing. You can also object to the processing of your data by us at any time.

§2.3 Revocation in the event of consent pursuant to Art. 7 para. 3 GDPR

If we process your personal data on the basis of consent, you have the right to withdraw your consent at any time for the future. However, your withdrawal is only valid from the time you give it and has no retroactive effect. The use of your data up to this point remains lawful.

§2.4 Your right to lodge a complaint with the supervisory authority

If you are of the opinion that the processing of your personal data by clickworker GmbH is not lawful, you have the right to lodge a complaint with any data protection supervisory authority at any time (pursuant to Art. 55 GDPR). The competent supervisory authority is: 

North Rhine-Westphalia

North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information

Bettina Gayk
Kavalleriestr. 2-4
40102 Düsseldorf
T +49 211 384240
Email: [email protected]

For further information and current contact details, please visit the website of www.ldi.nrw.de.

 

§3 Data processing when accessing the page

When you use the website for purely informational purposes, i.e. if you do not register or otherwise provide us with information, only the following personal data that your browser transmits to our server will be processed without your intervention:

  • the IP address
  • The date and time of the request
  • The time zone difference to Greenwich Mean Time (GMT)
  • Referrer URL (the previously visited page)
  • the access status / HTTP status code
  • the amount of data transferred in each case
  • the website from which the request comes
  • the browser, its interface, the language and the version of the browser software

This data is stored in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with. § 25 para. 2 no. 2 TTDSG, in order to carry out error analysis and to ensure the stability and security of the website.

This data is deleted after 365 days.

For the operation of this website, we use the services of a service provider specializing in web hosting. Upon request, we will provide you with information about the service providers we use. Furthermore, this privacy policy informs you about other integrated service providers and third-party providers.

 

§4 Processing of your data when registering as a Clickworker

clickworker collects and processes further personal data when users register on the website. If you register as a Clickworker and become active as a Clickworker, the following data will be processed by you:

  • Name, first name, address, e-mail address, gender
  • Bank details, PayPal or Payoneer address
  • Work history, work quality (duration of the order, rejection rate)
  • IP address, time/day of registration or login on our portals

In addition, clickworker creates profiles for individual users, which contain both data resulting from a user's contractual relationship with clickworker (e.g. address, tax information, etc.), as well as voluntary information from a user about their qualifications, education, hobbies, etc.. This data is used in order to be able to offer users suitable services within the platform. In the course of the contractual relationship, data on work history and work quality is collected.

Please note that we need your e-mail address not only to create an account, but also to inform you about suitable projects, changes to our terms of use and other information about your contractual relationship.

The registration and profile data are stored separately and are only linked for billing purposes.

This data is processed in order to fulfill our contractual obligations towards you. Furthermore, clickworker processes personal data in order to ensure quality and prevent repeated registrations and deregistrations or cases of fraud (legitimate interest pursuant to Art. 6 (1) f GDPR).

We will retain your information for as long as your account is active or as long as we need to retain your information to provide you with our services, to comply with our retention obligations, including for the purposes of fraud prevention, dispute resolution and enforcing our agreements, where applicable.

Further information on the protection of the personal data you entrust to us can also be found here: https://www.clickworker.com/clickworker-data-security/ 

§5 Processing of your data when registering as a client

If you commission clickworker as a client with a project, a contact person with surname, first name and e-mail address is required, whereby a functional e-mail can also be entered here.

We process the data you provide as part of the project request in order to process your request (within the scope of your consent, to fulfill the contract) and to follow up on offers made (legitimate interest - Art. 6 (1) lit. f GDPR).

The data you enter will be stored for as long as is necessary to process your request (maximum: to comply with the statutory retention period).

For our CRM, we use the cloud-based software solution of the provider Salesforce.com. Inc, The Landmark @ One Market, Suite 300, San Francisco, CA 94105 (hereinafter referred to as "Salesforce"). We have contractually ensured that our CRM database is hosted by Salesforce on servers located in the European Union. With regard to this data processing, we have concluded a "Data Processing Addendum (DPA)" with Salesforce. This DPA includes the "EU Standard Contractual Clauses" (Art. 46 (2) lit. c GDPR). Through this contract, Salesforce ensures that the data is processed on our instructions and in accordance with the requirements of the General Data Protection Regulation. In addition, Salesforce has implemented "Binding Corporate Rules" for data protection compliance within the company and is certified in accordance with the EU-U.S. Data Privacy Framework.

clickworker uses the data provided during registration (e.g. name, address, e-mail address) exclusively to process the contractual relationship with you as a customer (e.g. to contact you, to inform you about the status of the projects, for invoicing, to answer your inquiries, etc.).


§6 Support/Ticket system

We use the "Freshdesk" service for our Clickworker and customer support and to view FAQs (Frequently Asked Questions). Freshdesk is a support service tool from Freshworks Inc, 1250 Bayhill Drive, Suite 315, San Bruno, CA 94066. If you open a support ticket via Freshdesk, you will be redirected to a separate page of our ticket system. The data you enter in our ticket system will be transmitted to the Freshdesk servers. The server location is usually in the USA, so that a transfer of your data to the USA cannot be ruled out. We have concluded a data processing agreement ("Data Protection Addendum") with Freshdesk to ensure that your data is processed in accordance with the provisions of the GDPR. The agreement includes the conclusion of the EU standard contractual clauses. You can view the agreement here https://www.freshworks.com/data-processing-addendum/. Information. Even though we have concluded a data protection agreement with Freshdesk, we would like to expressly point out that no equivalent level of data protection can be guaranteed for companies based or with a server location in the USA that are not subject to certification under the Data Privacy Framework.

The entry of some data (e-mail address, indication whether clickworker yes/no and request) is mandatory. The processing of this data is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) to exclude spam mails as well as to process your request and to contact you afterwards. The provision of other information is voluntary. Your data will be stored for as long as is necessary for processing. A longer storage period may result from the request, e.g. because we have a legitimate interest in providing evidence of the processing or because statutory retention periods (in particular Sections 238, 257 HGB) require this.

Furthermore, Freshdesk sets cookies. By integrating the above-mentioned cookies, Freshdesk receives information about your browser, your hardware and software, your Internet service provider and your IP address. These are technically necessary cookies (see § 9 of the Privacy Policy). Further information on data protection at Freshdesk can be found here: www.freshworks.com/privacy/ and here: https://www.freshworks.com/privacy/schrems2/.

 

§7 Contact request / contact form

When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, your name and telephone number if applicable) will be stored by us in order to answer your questions. The provision of further data on your part always remains voluntary.

The legal basis for processing your contact request and its handling is Art. 6 para. 1 lit. b GDPR in the case of pre-contractual or already contractual relationships or, in the case of other requests, our legitimate interest in responding to you, Art. 6 para. 1 lit. f GDPR.

The storage of your data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you have given us by sending your contact request/clicking the send button. We delete the data collected in this context after storage is no longer required and the deletion does not conflict with any statutory retention obligations (e.g. in the event of subsequent contract processing).

Since you have given your consent, we would like to inform you that you can revoke your consent at any time and without giving reasons with effect for the future, Art. 7 para. 3 GDPR. If you would like to exercise this option to withdraw your consent, please contact us.

 

§8 Use of our appointment booking tool

If you as a client are interested in our services, you have the option of booking an appointment with our sales team online. In this case, we process the data you enter in order to book and carry out the appointment. Some details are required for this (name, company, contact details). You provide other information voluntarily (e.g. position in the company). The data entered will be used for the planning, execution and, if necessary, follow-up of the appointment. The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. b GDPR (implementation of pre-contractual measures). Your data will be deleted as soon as processing is no longer necessary. If the appointment results in further contact and/or an assignment, your data will continue to be stored in other systems (e.g. CRM system, correspondence, offer and contract documents) - if necessary until the expiry of possible retention periods in accordance with Sections 238, 257 of the German Commercial Code (HGB).

We use the services of Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA, to provide the appointment tool and have concluded a Data Processing Addendum. When using our appointment tool, personal data is transferred to Calendly's servers located in the USA, i.e. outside the legal area of the European Union. Calendly is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA.

Information on data protection at Calendly can be found here: https://calendly.com/privacy and https://calendly.com/security.

 

§9 Newsletter

You have the option of registering for our newsletter. To register, we need your e-mail address and your first and last name. Only this data is mandatory for sending the newsletter. The provision of further data, such as title, your company and department affiliation, position, always remains voluntary. We send newsletters with promotional information, in particular our current and interesting offers.

The so-called double opt-in procedure is used to subscribe to the newsletter. This means that after you have registered, we will send you an email to the email address you have provided in which we ask you to confirm that you wish to receive the newsletter. This confirmation is necessary in order to prevent someone from registering with someone else's email address. We store the IP addresses you use and the time of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data; the logging of the registration procedure is our legitimate interest pursuant to Art. 6 para. 1 lit. GDPR.

The newsletter is sent on the basis of your express consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with § Section 7 para. 2 no. 3 UWG.

After your confirmation, we will store your data for the purpose of sending you the newsletter. Your data will be stored in our CRM system Campaign Monitor, a software of the company Campaign Monitor Pty Ltd, 10 Lower Thames Street, Ground Floor Billingsgate, London EC3R 6GAF, UK and will only be used for sending the newsletter. The server location is usually in the USA, so that a transfer of your data to the USA cannot be ruled out. We have concluded a data processing agreement ("Data Protection Addendum") with Campaign Monitor Ltd. to ensure that your data is processed in accordance with the provisions of the GDPR. The agreement includes the conclusion of the EU standard contractual clauses. You can find more information on Campaign Monitor's data protection provisions at https://www.campaignmonitor.com/policies/#privacy-policy. Irrespective of the agreement concluded, we expressly point out that no equivalent level of data protection can be guaranteed for companies with their registered office or server location in the USA that are not subject to certification under the Data Privacy Framework.

You can revoke your consent to the sending of the newsletter at any time for the future and without giving reasons and thus unsubscribe from the newsletter, Art. 7 para. 3 GDPR. You can declare your revocation by clicking on the unsubscribe link provided in every newsletter email or by sending a message to the contact details provided in the legal notice.

We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, our newsletters contain so-called web beacons or tracking pixels, which are one-pixel image files and are stored on our website.

For the evaluations, we link data and the web beacons with your email address and an individual ID, which is contained in the links in the newsletter. The following data is processed and evaluated for this purpose:

  • the IP address, the date and time of the request
  • The time zone difference to Greenwich Mean Time
  • The content of the request (specific page)
  • the access status/HTTP status code; the amount of data transferred in each case
  • the website from which the request comes, the browser
  • the operating system and its interface, the language and the version of the browser software.

The data is collected exclusively pseudonymized, so the IDs are not linked to your other personal data, a direct personal reference is excluded.


§10 Use of the comment function in the blog

On our website, we offer the opportunity to publish questions, answers and opinions, hereinafter referred to as "comments". If you use this comment function, we would like to point out that we will process and publish your contribution, the date of submission and your chosen pseudonym. We recommend that you use a pseudonym instead of your real name. Your username and email address are required, all other information is voluntary.

The legal basis for this is Art. 6 para. 1 lit. a GDPR. You can revoke your consent in accordance with Art. 7 para. 3 GDPR at any time and without giving reasons with effect for the future. All you need to do to withdraw your consent is contact us.

If you leave a comment, we also store your email and IP address, which we delete after 365 days. The data provided in the context of comments and contributions will be stored by us until the user objects.

The legal basis for this is Art. 6 para. 1 lit. f GDPR. The storage is necessary for us to be able to defend ourselves against liability claims in cases of possible publication of unlawful content. We need your email address in order to contact you if a third party objects to your comment as unlawful. Comments are not checked before publication. We reserve the right to delete comments if they are objected to as unlawful by third parties.

 

§11 Cookies

§11.1 Definition: Temporary and permanent cookies

Cookies are small text files that are stored on your computer by a web server. The next time you visit the website, it can use the cookie to recognize your web browser. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.

There are different types of cookies, the scope and function of which we would now like to explain:

  • There are so-called temporary or transient cookies, which are automatically deleted when you close the browser. These include session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to a common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close your web browser.
  • Furthermore, there are permanent or persistent cookies, which initially remain stored after the browser is closed, but are automatically deleted after a specified period of time. The duration differs depending on the cookie, but we would like to point out that you can delete the cookies at any time using the security settings of your web browser.
  • Third-party cookies are cookies that are offered by providers other than the controller who operates the online service.

§11.2 Legal basis for the use

The use of certain cookies is necessary to ensure the functionality and security of our website (Art. 6 para. 1 lit. f GDPR, legitimate interest). When you visit our website for the first time, you will be informed via our consent banner which technically necessary cookies are mandatory for the operation of the website. You can also use the consent banner to select which technically not required cookies are used based on your visit to our site.

The implementation of this selection via the consent banner used by us requires the use of a cookie, which is stored on your end device for a period of one year, unless you delete it beforehand through your browser settings. The following data is processed through the use of a consent banner:

  • Date and time of the visit
  • Browser information
  • Information on consents,
  • Device information
  • The IP address of the requesting device.

The legal basis is our legitimate interest (Art. 6 para. 1 lit. f GDPR) to provide evidence of your cookie selection and to comply with our accountability obligation pursuant to Art. 5 para. 2 GDPR.

If you agree via the consent banner that technically unnecessary cookies (usually for the implementation of tracking and remarketing tools) are set, the processing of your personal data is based on your consent (Art. 6 para. 1 lit. a GDPR in conjunction with. § 25 para. 1 TTDSG).

§11.3 Option to revoke cookies

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR by clicking on "Cookie settings" in the footer of our website and calling up the consent banner. You can then use the banner to make a new selection.

You also have the option of restricting or preventing the installation of cookies via your browser settings. You can also delete cookies that have already been saved at any time. The respective steps and measures for deleting cookies depend on the specific Internet browser you are using.

 

§12 Use of Google services

§12.1 Google Analytics

We use Google Analytics on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This is a web-based analysis tool with which we can analyze the use of our website and make our web presence more interest-oriented.

During your visit to our website, Google Analytics places a cookie on your end device with which your browser can be recognized and your behavior analyzed. If subpages of our website are accessed, the following personal data is collected by Google Analytics:  

  • Your IP address
  • the subpage accessed and time of access
  • Source of origin of your visit (i.e. via which website you came to us)
  • technical information (information about browser, internet provider, end device and screen resolution)
  • the achievement of "website goals" (e.g. contact requests, newsletter registrations)

The use of Google Analytics is in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § 25 para. 1 TTDSG only if you have given us your consent via the selection in our content banner. If you have not consented, no data processing will take place.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the "Cookie settings" button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection. Alternatively, Google provides a deactivation add-on that can be installed on standard Internet browsers. You can find the link to the deactivation add-on at https://tools.google.com/dlpage/gaoptout?hl=de. This add-on ensures that information about your visit to our website is not transmitted to Google Analytics.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA. Furthermore, we have concluded agreements with Google regarding data processing. Through these agreements, Google guarantees that it will process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject ("EU Standard Contractual Clauses" (Art. 46 (2) lit. c GDPR)).

For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by Google Analytics, please refer to Google's privacy policy: https://policies.google.com/technologies/partner-sites?hl=de.

§12.2 Use of Google Firebase (when using the app)

Our app uses the technology of Google Firebase, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Firebase is part of the Google Cloud Platform and offers other services in addition to a real-time database:

Firebase Analytics and Google Analytics enable us to analyze the use of our website. Information about the use of our app is collected, transmitted to Google and stored there. Google uses the advertising ID of the end device for this purpose. Google will use this information to anonymously evaluate the use of our app and to provide us with other services related to the use of apps. You can restrict the use of the advertising ID in the device settings (iOS: Privacy/Advertising/No Ad Tracking; Android: Account/Google/Ads).

Examples of information about the use of the app
Job list viewed, job accepted, job rejected, job successfully transferred, error when transferring the job or other functions of the app, device information (manufacturer, model, operating system, operating system version)

Firebase Crash Reporting is used for the stability and improvement of the app. It collects information about the devices used and the use of our app (e.g. the time stamp, when the app was started and when the crash occurred), which enables us to diagnose and solve problems.

Firebase Performance
Firebase Performance Monitoring is a service that gives us insight into the performance characteristics of our app. We use the Performance Monitoring SDK to collect performance data from our app and to review and analyze this data. With the help of this data, we can understand where and when the performance of our app can be improved.

Dynamic Links
By using Dynamic Links, users of our app get the best possible experience for the platform on which they open a link from our system. When a user opens a dynamic link on iOS or Android, they can be taken directly to the linked content in your native app. If a user opens the same Dynamic Link in a desktop browser, they can be redirected to the corresponding content on your website.
In addition, Dynamic Links work on app installs: If a user opens a Dynamic Link on iOS or Android and does not have your app installed, the user can be prompted to install it. Once installed, your app will be launched and can access the link.

Data retention period in Firebase: the data is deleted after the user has been inactive for two months.

Legal basis: The legal basis for the use of the above-mentioned tools is Art. 6 (1) lit. f GDPR. We use the above-mentioned tools to analyze the use of our app and to improve the user experience according to usage as well as to ensure the stability of the systems and to carry out troubleshooting. The data is not processed for advertising purposes. If you do not wish your data to be processed through the use of Google Firebase, you can use our offer by logging in via the browser and using the same services as in the app version.

Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA. We have also concluded agreements with Google regarding data processing. Through these agreements, Google guarantees that it will process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject ("EU Standard Contractual Clauses" (Art. 46 (2) lit. c GDPR)).

For details on the processing of your personal data by Google, please refer to Google's privacy policy: https://policies.google.com/privacy

§12.3 Google Tag Manager

We use Google Tag Manager on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This is an organizational tool with which we can manage our analysis tags via an interface. The Google Tag Manager collects data on our website and forwards it to our connected analysis tools. The connected analysis tools store and evaluate this data. The Google Tag Manager itself does not set any cookies and does not store any personal data. The organization tool only collects data on how individual tags are used.

The Google Tag Manager is used in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § 25 para. 1 TTDSG only if you have given us your consent via the selection in our content banner. If you have not given your consent, the Google Tag Manager will not be used.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the link "Cookie settings" integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection.

Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA. We have also concluded agreements with Google regarding data processing. Through these agreements, Google guarantees that it will process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject ("EU Standard Contractual Clauses" (Art. 46 (2) lit. c GDPR)).

For details on the processing of your personal data by Google, please refer to Google's privacy policy: https://policies.google.com/privacy. 

§12.4 Google reCAPTCHA, Google Fonts

We use Google reCAPTCHA on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google reCAPTCHA attempts to distinguish whether a particular action is performed by a human or a computer program or "bot".

During the verification by Google reCAPTCHA, the following personal data, among others, is transmitted to Google:

  • the page that integrates Google reCAPTCHA
  • Your IP address
  • Your set language in the browser
  • Screen and window resolution information
  • The time zone
  • Installation of browser plugins

In addition, Google reCAPTCHA checks whether a cookie has already been created in your browser. If this is not the case, a cookie will be set by Google reCAPTCHA.

We would also like to point out that Google Fonts is part of the Google reCAPTCHA tool and is also loaded as a necessary sub-function within this service. Google Fonts is a service that makes it possible to integrate various web fonts on websites. When you access our website on which reCAPTCHA is used, the required font is loaded into the browser cache by your web browser. These fonts are integrated by a server call to a Google server. Among other things, the following personal data is collected by Google Fonts:

  • Your IP address
  • the page you are visiting
  • Your preferred language setting
  • technical information (information about browser, internet provider, end device, screen and window resolution and operating system)

The use of Google reCAPTCHA is carried out in accordance with Art. 6 para. 1 lit. f GDPR, i.e. based on our legitimate interest in recognizing spam mails and bots and also fending them off in the interest of our users. Data processing only takes place if you use certain of our services, e.g. the contact form, subscribe to the newsletter or register.

Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA. We have also concluded agreements with Google regarding data processing. Through these agreements, Google guarantees that it will process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject ("EU Standard Contractual Clauses" (Art. 46 (2) lit. c GDPR)).

For details on the processing of your personal data by Google, please refer to Google's privacy policy: https://policies.google.com/privacy.

 

§13 Integration of YouTube with plug-in

We have integrated YouTube videos into our online offering, which are stored on http://www.youtube.com and can be played directly from our website. These are all integrated in "extended data protection mode" and via a plug-in, i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned below be transmitted. We have no influence over this data transfer.

If you play a video from YouTube on our website, YouTube will receive the following personal data from you:

  • Your IP address
  • The date and time of the request
  • The time zone difference to Greenwich Mean Time
  • The content of the request (specific page)
  • The access status/HTTP status code
  • the amount of data transferred in each case
  • the website from which the request comes
  • Browser type, the operating system and its interface as well as the language and version of the browser software

This is done regardless of whether YouTube provides a user account through which you are logged in or whether a user account exists or not.

If you have a YouTube user account and/or Google account and are logged in, YouTube can analyze your usage behavior and create a usage profile corresponding to your usage behavior. Cookies are stored on your device for this purpose. These cookies allow YouTube to create user profiles based on your preferences and interests and to show you customized advertising (inside and outside the platform). We have no access to the usage data that YouTube collects to compile these statistics. The individual data processing operations and their scope are not necessarily traceable for us.

If you do not agree to YouTube assigning the collected data directly to your YouTube user account and/or Google account, we recommend that you log out of the respective accounts of the above-mentioned portals before clicking on the video, delete your cookies as part of the browser settings and restart the browser. You also have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

The use of YouTube takes place in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § 25 para. 1 TTDSG only if you have given us your consent via the selection in our content banner/by clicking the play button. If you have not consented/if you have not played the YouTube video, no data processing will take place.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the "Show cookie settings" button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection.

YouTube is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA.

For details about the collection and storage of your personal data as well as the type, scope and purpose of its use by YouTube, please refer to YouTube's privacy policy: https://policies.google.com/privacy

 

§14 Integration of Trustpilot

We use the review portal Trustpilot, provided by the provider Trustpilot A/S, Pilestræde 58, 5, 1112 Copenhagen, Denmark, to collect and publish reviews. If you have used our service as a clickworker or as a client, we ask for your consent to send you a review email [a pop-up with a request for a review appears]. If you give your consent [by clicking on a link] [click on the checkbox], you will receive an e-mail with a request for evaluation and a link to the evaluation page. In this case, we will send your name, e-mail address and a reference number to Trustpilot. This is necessary in order to verify that the rating is actually only given by the person who has used our service and to address them in the email. This data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent given to us at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by sending us an email to [add contact address].

We have concluded an agreement on order processing (Art. 28 para. 3 GDPR) with Trustpilot for the data processing that Trustpilot carries out on our behalf. We are the controller for this data processing. Trustpilot is the controller for the data processing that takes place due to the writing and publication of your review on the review platform. Information on the responsibility for the respective data processing can be found here https://support.trustpilot.com/hc/de/articles/360001141547--Is-Trustpilot-a-data-processor-or-data-controller-. If you wish to revoke your consent to data processing vis-à-vis Trustpilot, exercise your rights vis-à-vis Trustpilot and/or request the deletion of your rating, please contact Trustpilot.

We have also integrated a widget from Trustpilot on our website. Due to the integration of this widget, reviews published on Trustpilot and the current average value of all reviews are displayed on our site (https://www.clickworker.com/clickworker/). This widget is an element integrated on our site that makes it possible to retrieve the current content from Trustpilot's servers and display it on our site, i.e. to display new reviews and continuously update the average score.

To ensure this, it is necessary to establish a data connection from our servers to the Trustpilot servers and to retrieve the necessary technical data:

  • the IP address
  • The date and time of the request
  • The time zone difference to Greenwich Mean Time (GMT)
  • Referrer URL (the previously visited page)
  • the access status / HTTP status code
  • the amount of data transferred in each case
  • the website from which the request comes
  • the browser, its interface, the language and the version of the browser software

Information on the processing of this data by Trustpilot, e.g. for the creation of user profiles or for analysis purposes, can be found here: and https://legal.trustpilot.com/for-businesses/business-privacy-policy

This data processing is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) to measure the quality of our service and the satisfaction of our users and to offer interested users an opportunity to obtain "first-hand" information about their actual satisfaction with us as a provider.

 

§15 Processing of your data in the event of an application

You can apply for open positions via our website or send us unsolicited applications. As part of the application process, we will process your application data electronically.

The processing of applicant data is only carried out to fulfill our (pre-)contractual obligations in the context of the application process in accordance with Art. 88 para. 1, Art. 6 para. 1 lit. b GDPR and in accordance with § 26 BDSG-new.

In order to guarantee that your application is processed exclusively by the authorized person of our company, we ask you to use the e-mail address provided for this purpose, which can be found on our "Careers" subpage.

In the event of a rejection, your documents will be deleted or destroyed immediately, whereby the legally stipulated minimum security level will always be observed when destroying the documents. Exceptionally, no immediate deletion will take place if the data requires longer storage of up to 4 months or until the conclusion of legal proceedings due to legal provisions (e.g. due to a burden of proof within the meaning of the AGG). The legal basis for this results from Art. 6 para. 1 lit. f GDPR i.V.m. § Section 24 para. 1 no. 1 BDSG.

Our legitimate interest lies in legal defense and enforcement. If we retain your application for a longer period of time in order to contact you again at a later date about career prospects at our company, this will only take place if you have previously given us your consent in accordance with Art. 6 para. 1 lit. a GDPR. Here, too, you have the right to revoke your consent at any time in accordance with Art. 7 para. 3 GDPR by submitting a declaration to us with effect for the future.

In the event of an acceptance and consequently the conclusion of an employment contract, we store your data transmitted to us as part of the application for the purpose of standard administrative and organizational processes. The legal basis for this results from Art. 6 para. 1 lit. b, Art. 88 para. 1 GDPR i.V.m. § Section 26 BDSG.

 

§16 Use of Visitor InSites Smart Pixel

(on client related pages of our .com website only)

We use Smart Pixel of Visitor InSites Inc. Tracking pixel are implemented on all client related pages of our clickworker.com website. The Tracking identifies visitors and leverages an identity Graph focused on adults in the US only. The tracking tool provides the visiting user’s contact details (name and email), job title, company name and LinkedIn profile.
Visitor InSites is compliant with California’s CCPA regulation.

Information is collected about our website visitors for Marketing purposes only. If you’d like to have your information deleted, please send an email to: [email protected]

Provider of the above services is Visitor InSites, 1805 High Grove Lane, Suite 201, Naperville, Illinois 60540
You will find more information on the technology and the compliance with data protection laws on Visitor Insites‘ website: https://www.visitorinsites.com/faqs/

 

§17 Simplified linkage to the social media websites

The LinkedIn, Xing, YouTube link integrated on our site is not integrated via a so-called social plug-in. The embedded graphic only contains an http link to our LinkedIn, Xing, YouTube page. This means that no direct connection to the servers of the aforementioned sites is established when our site is accessed.

 

§18 Privacy policy for our corporate presence on social networks

As the operator of company presences on social networks, we process personal data together with the respective provider of the social network. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in presenting our company in common communication media and in offering users, interested parties and our customers a preferred form of communication with our company that is common in today's world.

Our company operates the following company presences on social networks:

  • LinkedIn
  • Xing
  • YouTube
  • Facebook
  • X (formerly Twitter)

We would like to point out that the use of social media by you, in particular the interaction with the networks, such as the posting and sharing of contributions, is at your own risk and that you can alternatively contact us via the contact form on our website or by e-mail/letter/telephone.

§18.1 Joint responsibility pursuant to Art. 26 GDPR

In accordance with Art. 26 GDPR, joint data processing with the respective provider of the social network requires the conclusion of an agreement in which the distribution of our obligations under the GDPR and the obligations of the respective provider of the social network are bindingly defined.

With the creation and publication of our company websites, we have concluded such an agreement by accepting the so-called terms of use of the respective social network, which regulate the conditions for the use of the site and the resulting data processing.

The providers of the social network generally assume primary responsibility for fulfilling their data protection obligations (see ECJ judgment of 5.6.2018, case C-210/16). This includes, among other things:

  • The fulfillment of information obligations (pursuant to Art. 12, 13 GDPR)
  • The rights of data subjects (pursuant to Art. 15 - 22 GDPR)
  • The security of the processing (pursuant to Art. 32 GDPR)
  • The notification of data protection breaches (pursuant to Art. 33, 34 GDPR)

Further details on the collection and storage of your personal data as well as the type, scope and purpose of its use by the respective provider of the social network can be found in the respective privacy policy of the platform operator.

As operators of company presences on social networks, we also assume responsibility for fulfilling our data protection obligations. This includes, among other things:

  • The lawfulness of the data processing (pursuant to Art. 6 para. 1 GDPR)
  • The forwarding of requests from data subjects relating to content published by us on the respective social networks to the respective platform operator

The obligation to create a privacy policy for our corporate presence on social networks.

§18.2 Data processing by the social networks

We use the technical platform and services of the following companies for the information services offered:

https://www.linkedin.com/company/clickworker/, offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

https://www.xing.com/pages/clickworkergmbh, offered by New Work SE, Am Strandkai 1 in 20457 Hamburg

https://www.youtube.com/channel/UC1FQK9j006czw8Esbenz5LA, offered by Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland)

https://www.facebook.com/clickworkercom/ and https://www.facebook.com/groups/335751699950/, offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

https://twitter.com/clickworker_de and https://twitter.com/clickworker_com, offered by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX0, Ireland

Your visit to our profile on the respective social network triggers a variety of data processing operations. Your personal data is not only collected, used and stored by us, but also by the social network. This happens even if you do not have a profile on this network yourself. We only process the personal data that you provide to us through your public account and by commenting on our posts. You are not obliged to provide us with your personal data. However, this may be necessary for individual functionalities of our social media profile. These functionalities will not be available to you, or only to a limited extent, if you do not provide us with your personal data.

The legal basis for the processing of your personal data is in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in being able to communicate with users or interested parties as well as customers and to inform them about our services.

If you have a profile in the respective social network and are logged in, the social network processes, among other things, your voluntarily entered data such as first and last name, user name, email address and telephone number. In addition, the social network can analyze your usage behavior and create a usage profile corresponding to your usage behavior. Cookies are stored on your end device for this purpose. These cookies allow the social network to create user profiles based on your preferences and interests and to display customized advertising (inside and outside the platform). We do not have access to the usage data that the social network collects to create these statistics. The individual data processing operations and their scope are not necessarily traceable for us. We are only provided with anonymous usage statistics by the social network, which we use in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR to improve the user experience for specific target groups when visiting our company profile.

If you do not agree to the social network assigning the collected data directly to your profile, we recommend that you log out of this social network, delete your cookies as part of the browser settings and restart the browser. You also have the right to object to the creation of these user profiles, whereby you must contact the respective social network to exercise this right.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA, when our company presence on social networks is accessed. Furthermore, we expressly point out that no equivalent level of data protection can be guaranteed for the USA.

For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by the social networks we use, please refer to the data protection declarations published there:

LinkedIn:
https://www.linkedin.com/legal/privacy-policy? and
https://www.linkedin.com/help/linkedin/answer/a545600

Xing:
https://privacy.xing.com/en/privacy-policy,
https://privacy.xing.com/en/privacy-policy/what-rights-can-you-assert and
https://privacy.xing.com/en/your-privacy

YouTube

https://policies.google.com/privacy and
https://myaccount.google.com/intro/privacycheckup

Facebook

https://www.facebook.com/about/privacy/update?ref=old_policy;
https://www.facebook.com/privacy/policy/?section_id=7-WhatIsOurLegal
https://www.facebook.com/privacy/guide/security

X (Twitter)
https://twitter.com/en/privacy and
https://help.twitter.com/en/resources/how-you-can-control-your-privacy

Version: November 9, 2023