Social Media Privacy Policy
Privacy policy for our social media pages
We would like to inform you of how we handle your data in line with Article 13 of the General Data Protection Regulation (GDPR).
Data Controller
FIRST PRIVACY GmbH and FIRST PRIVACY BV operate the following social media pages:
- LinkedIn: https://www.linkedin.com/company/first-privacy
- LinkedIn: https://www.linkedin.com/showcase/first-privacy-benelux/
- Xing: https://www.xing.com/pages/first-privacy-gmbh/about_us
Our contact details can be found in our legal notice.
Apart from our processing the operator of the social media platform itself is also processing personal data. The platform is another data controller who carries out data processing upon whom we however have only limited influence. In those places where we can exert an influence and parameterize the data processing, we work to the best of our ability towards data handling by the operators of the social media platform which is in line with data protection legislation. In many places however we are unable to influence the data processing by the operator of the social media platform and also do not know exactly which data is being processed.
Data processing by us
The data you enter on our social media pages, such as comments, videos, pictures, likes, public messages, etc., are published by the social media platform and are at no time used or processed by us for other purposes. We only retain the right to delete content if this should be necessary. We may share your content on our website if this is a function of the social media platform and communicate with you via the social media platform. The legal basis is Article 6 (1) sentence 1 (f) GDPR. The data processing is done in the interests of our public relations and communication.
If you wish to object to particular data processing over which we have an influence, please refer to the contact details given in the legal notice. We will then investigate your objection to the processing of your data as it relates to us. If you wish to assert your right of objection against the platform, this latter must be contacted directly.
If you post an enquiry to us on the social media platform we will, after any required response, also refer you to other safer methods of communication which guarantee confidentiality. You always have the option of sending us confidential enquiries to the address given in the legal notice.
On recruitment platforms, you can send us your application based on art. 6 (1) b GDPR which serves the establishment of an employment relationship between you and us. We only retain your data for as long as required to fill the vacancy.
As already set out we ensure in those places where the operator of the social media platform gives us the opportunity that our social media pages are designed to conform to data protection legislation as far as possible. With regard to statistics provided to us by the operator of the social media platform, we have only limited influence over the generation of the statistic and can’t deactivate them. But we do ensure that we are not provided with any additional optional statistics.
We sometimes also use our social media platforms to roll out advertising.
For advertisement purposes we use target group definitions provided by the social media operator. We use only anonymous target group definitions – so we define characteristics e.g. on the basis of general demographic details, behaviour, interests and connections. These are used by the operator of the social media platform to roll out suitable advertising to its members. The legal basis for this is the consent which the operator of the social media platform obtained from its members. If you wish to revoke this consent, please use the revocation options provided by the operator of the social media platform. Occasionally, we or the operator of the social media platform also use publically available data for target group definitions. The legal basis is then Article 6 (1) (f) GDPR. We never use the sensitive categories listed in Articles 9 and 10 GDPR for target group definition.
We do not use target group definition based on location data.. We never pass on personal data to the operator of the social media platform in the course of target group definition.
Occasionally, target group definition is also done using information about the visits or interactions with other sites (known as remarketing). We use cookies for this purpose and other technologies. However, in these cases we obtain the consent of users in advance with the help of a consent banner on the other sites involved and inform the visitors about the data processing.
Data processing by the operator of the social media platform
The operator of the social media platform uses web tracking methods. Web tracking can be done regardless of whether you are signed up for an account on the social media platform or not. As already set out, we unfortunately have very little influence over the web tracking methods of the social media platform. We cannot, for instance, deactivate this feature.
Please be aware: We can’t prevent that the operators of the social media platform use your profile and behavioural data to, for instance, analyse your habits, your personal relationships, your preferences, etc. In this respect we have no influence over the processing of your data by the operators of social media platforms.
Further information on data processing by the operator of the social media platform, other possibilities of objection and, if available and concluded, the arrangement in line with Article 26 GDPR can be found in the data protection statement of the provider:
- LinkedIn: https://www.linkedin.com/legal/privacy-policy and https://legal.linkedin.com/pages-joint-controller-addendum
- Xing: https://privacy.xing.com/en/privacy-policy and https://privacy.xing.com/en
Your rights as users
In the processing of your personal data the GDPR grants you as website users certain rights which can be exercised both towards us and towards the providers of the social media platform:
1.) Right of access (Article 15 GDPR):
You have the right to demand confirmation as to whether personal data concerning you is being processed; if this is the case you have the right to access this personal data and to the information set out specifically in Article 15 GDPR.
2.) Right to rectification and erasure (Articles 16 and 17 GDPR):
You have the right to demand the immediate rectification of inaccurate personal data concerning you and the completion of any incomplete personal data.
You also have the right to demand that personal data relating to you is erased immediately if one of the legal bases stated specifically in Article 17 GDPR apply, e.g. if the data is no longer needed for the intended purposes.
3.) Right to restriction of processing (Article 18 GDPR):
You have the right to demand the restriction of processing if the preconditions set out in Article 18 GDPR are fulfilled, e.g. if you have lodged an objection to the processing. The access to your data will be restricted for the duration of the investigation.
4.) Right to data portability (Article 20 GDPR):
In certain cases, which are set out specifically in Article 20 GDPR, you have the right to receive relevant personal data in a structured, commonly used and machine-readable format and to have this data transmitted to a third party.
5.) Right to object (Article 21 GDPR):
If data is collected on the basis of Article 6 (1) sentence 1 (f) (data processing for the purpose of the legitimate interests of the controller), you have the right, for reasons arising from your specific situation, to object to the processing at any time. We will then not process the personal data anymore, unless there are compelling protective reasons for the processing which outweigh the interests, rights and freedoms of the affected person or the processing serves the assertion, exercise or defence against legal claims.
Right to lodge a complaint with a supervisory authority
You have the right in accordance with Article 77 GDPR to complain to a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection regulations. The right of complaint to a supervisory authority can be exercised in particular in the member state of your habitual residence, place of employment, or the place of the alleged violation.
Contact details for the data protection representative
Our data protection officer is available to you for information or advice regarding data protection:
E-mail: dpo@dsn-group.de
Phone: +49 (0) 931 30 49 76-0