Data protection
Processing of personal data by the body responsible for the online application process
Protecting the data that you provide to us and its security and confidential treatment is very important to us. That is why we would like to take this opportunity to inform you to what extent and for what purposes we collect personal data when you use Pod One and how we protect your data on our website. “We” means POD One GmbH, represented by Nino Bönder and Michael Bröhl as responsible operators of the “POD One” offer, Vitalisstraße 202, 50827 Cologne. The legal basis of data protection can be found in the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG 2018).
If you have any questions about the collection, processing or use of your personal data, information, correction, blocking or deletion of data, and revocation of consents given, you can send them to us in particular by e-mail, fax or letter to the following contact details:
POD One GmbH, Vitalisstraße 202, 50827 Cologne, Germany
Telephone: +49 (0) 221 888 999 33
email: info@bnbcloud.net
Responsible body
The responsible body within the meaning of data protection law is:
POD One GmbH
Vitalisstraße 202
50827 Cologne
Phone: 0221 88899933
Registration in the commercial register
Register number: HRB 119216
Register court: Cologne District Court
Gem. Article 37 and Article 39 of the General Data Protection Regulation (GDPR) and Section 38 Federal Data Protection Act (BDSG), it is not necessary to appoint a data protection officer because
- the core activity of the company does not consist in extensive processing of special categories of personal data (e.g. health data, ethnic origin, religious beliefs).
- There is no need for regular and systematic monitoring of affected persons (e.g. tracking or monitoring measures on a large scale).
- At POD One GmbH, fewer than 20 people are regularly involved in the automated processing of personal data (under German law).
How is personal data collected, processed and used?
What we mean by personal data
We only collect, use or share personal data if this is permitted by law, if there is a contractual basis or a legitimate interest, or if you consent to it. This personal data includes, for example, your name, email address or telephone number. But also which websites were viewed by you. In short, all information that can be traced back to you and with the help of which you can be identified as a person.
What data we collect
Some things are obvious, others happen in the background. We would like to provide you with comprehensive information because everything is relevant to data protection law. But again: We only do what is allowed. And transparency is important to us. That is why we will share this with you in detail here. The data obviously collected includes the contact you made. If you write to us via contact form or email, we will save your details so that we can process your request. Follow-up questions may also arise.
We use the data you provide to fulfill and process your order. To fulfill the contract, we will pass on your data to the shipping company responsible for delivery, insofar as this is necessary to deliver ordered goods.
To process payments, we pass on the payment data required for this to the bank commissioned to collect the payment and any payment service provider commissioned by us or to the payment service you have selected during the ordering process. You can find more information about this under “Payment methods”. If you actively subscribe to something, the necessary data will also be saved. This is the case with our newsletter. This is about your email address, which is required to send messages. When you log in, we also save your IP address, your customer group, the date of registration and, if provided by you, your first and last name. This storage serves as proof in the event that someone else misuses your email address and signs up to receive it without your knowledge. You can revoke your consent to the storage of data, email address and their use to send messages at any time. This information helps us to improve customer service levels and respond to your inquiries faster and more personally, and we'd be grateful if you could help us with that.
Provision of the website
Purpose of processing: Functionality and optimization of the website, ensuring the security of our information technology systems when used purely for informational purposes (without using additional functions such as contact forms or social media plug-ins) of our website; integration and display of functions and content (e.g. graphics) that we do not provide ourselves.
Legal basis: Article 6 (1) (f) GDPR
Data categories: usage data, connection data
Recipients of data: Data will only be transferred to third parties insofar as this is necessary to operate our website. For this purpose, personal data is transferred to the following recipients: IT service providers
Intended transfer to third countries:
Webflow, Inc.
398 11th Street, 2nd Floor
San Francisco, CA 94103, United States
An appropriate level of data protection is ensured by using EU standard contractual clauses.
Storage of data on your device based on consent: No
Fonts
Font Awesome
This site uses so-called web fonts, which are provided by Fonticons, Inc., to uniformly display fonts. When you call up a page, your browser loads the required web fonts into your browser cache to correctly display texts and fonts. For this purpose, the browser you use must connect to the Fonticons, Inc. servers. As a result, Fonticons, Inc. Knowledge that our website was accessed via your IP address. Web fonts are used in the interest of a uniform and appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. If your browser does not support web fonts, a standard font is used by your computer. For more information about Font Awesome, visit https://fontawesome.com/help and the Fonticons, Inc. privacy policy: https://fontawesome.com/privacy.
Google Web Fonts
This site uses so-called web fonts, which are provided by Google, to uniformly display fonts. When you call up a page, your browser loads the required web fonts into your browser cache to correctly display texts and fonts.
For this purpose, the browser you use must connect to Google's servers. As a result, Google becomes aware that our website has been accessed via your IP address. Google WebFonts are used in the interest of a uniform and appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR for marketing purposes, in particular to address the customer in line with the interests of the customer.
If your browser does not support web fonts, a standard font is used by your computer. You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/.
contacting
There is also a contact form on our website, which can be used to contact us electronically. For the processing of data, reference is made to this privacy policy as part of the sending process. If a user makes use of this option, the data entered in the input mask is transmitted to us and stored.
A valid email address is required so that we know who sent the request and can answer it. In addition, when you use the contact form, we collect your IP address and the time of sending. In addition to the content of the message, no further personal information is required.
The sole purpose of processing personal data is to process the contact. The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems. Data processing for the purpose of contacting us before a contract is carried out in accordance with Art. 6 para. 1 lit. b GDPR.
If you, as a data subject, contact us by e-mail or via a contact form, the personal data transmitted to us will be automatically stored. Your data will be deleted after your request has been processed, provided that you so wish and the deletion does not conflict with any legal storage requirements.
If you contact us via email or form, you can object to the storage of your personal data at any time. In such a case, the conversation cannot be continued. In this case, all personal data stored in the course of contacting us will be deleted.
Webflow contact form
If you use our contact form, the data you enter will be saved to process your request and in case of follow-up questions. The legal basis for processing the data is Art. 6 para. 1 lit. b DSGVO (performance of contract or pre-contractual measures) and Art. 6 para. 1 lit. f DSGVO (legitimate interest in answering your request).
Our contact form is integrated via the Webflow service. Webflow is a website design and hosting provider based in the USA.
Provider: Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA94103, USA
Webflow processes the data you enter in accordance with the provisions of the GDPR and offers standard contractual clauses (SCCs) for data transfer to third countries.
Processed data:
name
email address
message text
Further voluntary information
The data is processed exclusively to process your request. The data will not be passed on to third parties.
Storage period:
Your data will only be stored for as long as is necessary to process your request, provided that there are no legal storage requirements.
Reference to data transfer to third countries:
Please note that when using Webflow, personal data may be transferred to the USA. Webflow ensures data protection in accordance with EU standard contractual clauses.
For more information, see Webflow's privacy policy at: https://webflow.com/legal/privacy
Data in the background
These are used either for statistical purposes (for the operation, security and optimization of our offering) or to connect our website with social networks or other websites. We (or our web space provider) collect data about every access to the offer (so-called server log files). This access data includes: name of the retrieved website, file, date and time of retrieval, amount of data transferred, notification of successful retrieval, browser type and version, your operating system, referrer URL (the previously visited page), IP address and the requesting provider. We also work with cookies. Cookies are small files that make it possible to store device-specific information on your PC, smartphone, etc.
Session cookies
Session cookies are deleted after you close your browser.
Long-term cookies
We use cookies that remain on your hard drive. For your convenience, the expiration time is set to a date in the future. On another visit, it is then automatically recognized that you have already visited us and which inputs and settings you prefer (so-called long-term cookies).
POD One cookies
The cookies used by POD One do not store any personal data, so this information cannot be attributed to a specific person. Instead, data is collected in pseudonymized form by assigning an identification number, which is not combined with your personal data. The cookies contain information about the use of our online offering, for example which pages or products on our offer were visited.
Third party cookies
POD One works with companies to make the website interesting for you. Therefore, when you visit our online offerings, cookies from partner companies are also stored on your hard drive. No personal data is stored in third-party cookies either, so that this information cannot be attributed to a specific person either. Data is collected in pseudonymized form by assigning an identification number, which is not combined with your personal data. The cookies contain information about the use of our online offering, for example which websites and products on our offer were visited. You can object to the creation of user profiles using pseudonyms. We will present you with the corresponding options with third-party providers below.
Content Delivery Networks (CDN)
Our services use MaxCDN (BootstrapCDN), a CDN from NetDNA, LLC (3575 Cahuenga Blvd. West, Suite 330, Los Angeles, CA 90068, USA; “MaxCDN”) and GoogleFonts, a CDN from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA94043, USA; “Google”). CDNs reduce the loading time of common Javascript libraries and fonts because the files are transferred from fast, local or sparsely loaded servers. Among other things, your IP address is transferred to MaxCDN or Google. Both providers operate servers in the EU, but it cannot be ruled out that your browser also accesses servers outside the EU. The content of our service and communication is not handled via CDN. To prevent JavaScript from running altogether, you can install a JavaScript blocker in your browser. You can find more information about the providers' data protection at https://www.maxcdn.com/legal/#privacy and https://www.google.com/intl/de/policies/privacy/.
Personal data as part of the application process
Personal data is information about the personal or factual circumstances of a specific or identifiable natural person. This includes information such as your name, address, telephone number and date of birth, but also data about your specific career, etc., which can be assigned to a specific person with reasonable effort. On the other hand, information that is not (in) indirectly linked to your real identity is not personal data.
Basics and purposes for processing personal data in applications and in the application process
If you apply to us electronically, i.e. by e-mail or via our web form, we will collect and process your personal data for the purpose of processing the application process and carrying out pre-contractual measures.
By submitting an application on our recruiting page, you are expressing your interest in working with us. In this context, you provide us with personal data, which we use and store exclusively for the purpose of your job search/application.
In particular, the following data is collected:
- Name (first and last name)
- email address
- phone number
- Channel where you found out about us
You also have the option to upload informative documents such as a cover letter, curriculum vitae and certificates. This may contain other personal data such as date of birth, address, etc. Only authorized employees from the HR department or employees involved in the application process have access to this data.
In principle, personal data is stored exclusively for the purpose of filling the vacant position for which you have applied. Your data is stored over a period of 180 Saved days after the application process has been completed. This is usually done to fulfill legal obligations or to defend against any claims arising from legal regulations. We are then required to delete or anonymize your data. In this case, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (for example, the proportion of women or men in applications, number of applications per period, etc.).
In addition, we reserve the right to include your data in our “TalentPool” for 700 days after completion of the application process in order to identify any other interesting jobs for you. This also applies, for example, to applications for an apprenticeship or internship. By accepting the privacy policy, you consent to any further storage of your data and inclusion in our “talent pool”.
If you receive an offer to work with us as part of the application process and accept it, we will store the personal data collected as part of the application process at least for the duration of the employment relationship.
Transfer of data to third parties
The data submitted as part of your application is transmitted using TLS encryption and stored in a database. This database is operated by Personio GmbH, which offers personnel administration and applicant management software (https://www.personio.de/impressum/). In this context, Personio is our contract processor in accordance with Art. 28DS-GVO. The basis for processing is a contract for order processing between us as the responsible body and Personio.
Rights of data subjects
If personal data is processed by us as the responsible body, you as a data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), including, where applicable, in particular the right to information (Art.15 GDPR), right to correction (Art.16GDPR), right to deletion (Art. 17 GDPR), right to restrict processing (Art. 18 GDPR), right to data portability (Art. 20DS-GVO), right to object (Art. 21 GDPR). If the processing of personal data is based on your consent, you have the right to withdraw this consent under data protection law in accordance with Article 7III GDPR.
To assert your rights as a data subject with regard to the data processed in this online application process, please contact our data protection officer (see section 2.).
Concluding provisions
We reserve the right to amend this privacy policy at any time so that it always complies with current legal requirements or to reflect changes to the application process or the like. If you visit this recruiting page again or apply again, the new privacy policy will then apply. In addition to this privacy policy, you can view general privacy policy at https://www.shirtee.com/de/cookie-policy/unsere.
Processing of (personal) data by the operator of the recruiting site
general
This recruiting site is operated by Personio SE & Co.KG, a company based in Germany, which offers personnel administration and application management software (https://www.personio.com/legal-notice/Data). The data submitted as part of your application is transmitted using TLS encryption and stored in a database. The company that carries out this online application process is solely responsible for this data within the meaning of Article 24 of the GDPR. Personio is only the operator of the software and this recruiting site and, in this context, a contract processor in accordance with Art. 28 GDPR. The basis for processing by Personio is an order processing contract between the responsible body and Personio. Personio SE & Co. KG also processes further data, some of which may also be personal data, in order to provide its services, in particular to operate this recruiting site. This is discussed in more detail below.
Responsible body
The responsible body within the meaning of data protection law is:
Personio SE & Co. KG
Seidlstraße 3
80335 Munich
Phone: +49 (89) 1250 1004
Registration in the commercial register
Register number: HRA 115934
Register court: Munich District Court
Data Protection Officer: privacy@personio.com
Access logs (“server logs”)
With every access to this recruiting page, general log data, so-called server logs, is automatically collected. This data is usually pseudonyms and therefore does not allow any conclusions to be drawn about a natural person. Without this data, it would sometimes be technically impossible to deliver and display the content of the software. In addition, the processing of this data is absolutely necessary for security reasons, in particular for access, input, transfer and storage control. In addition, the anonymous information can be used for statistical purposes and to optimize the offer and technology. In addition, the log files can be checked and evaluated retrospectively if illegal use of the software is suspected. The legal basis for this is in Section 15 (1) of the German Telemedia Act (TMG) and Art. 6 (1) f GDPR. Data such as the domain name of the website, the web browser and the web browser version, the operating system, the IP address and the time stamp of access to the software are generally collected. The scope of this logging does not exceed the usual scope of any other website on the Internet. These access logs are stored for up to 7 days. There is no right of objection.
error logs (“error logs”)
So-called error logs (“error logs”) are created for the purpose of identifying and correcting errors. This is absolutely necessary in order to be able to react as quickly as possible to possible problems with the presentation and implementation of content (legitimate interest). This data is usually pseudonyms and therefore does not allow any conclusions to be drawn about a natural person. The legal basis for this is in Section 15 Abs.1TMG and Art. 6 (1) f GDPR. If an error message occurs, general data such as the domain name of the website, the web browser and the web browser version, the operating system, the IP address and the time stamp when the corresponding error message/specification occurs are collected. These error logs are stored for up to 7 days. There is no right of objection.
Use of cookies
So-called cookies are sometimes used on this recruiting page. These are small text files that are stored on the device with which you access this recruiting page. In principle, cookies are used to ensure security when visiting a website (“absolutely necessary”), to implement certain functionalities such as standard language settings (“functional”), to improve the user experience or performance on the website (“performance”) or to display target group-based advertising (“marketing”). In principle, only absolutely necessary, functional and performance cookies are used on this recruiting page, in particular to implement certain default settings such as language, to identify the application channel or to analyze the performance of a job posting that brought a user to this recruiting page. The use of cookies is absolutely necessary for the provision of our services and therefore for the performance of the contract (Art. 6 (1) b) GDPR). Storage period: Up to 1 month or until the end of the browser session Right of objection: You can determine for yourself whether you want to allow cookies or object to the use of cookies via your browser settings. Please note that disabling cookies may result in limited or completely prevented functionality of this recruiting site.
Rights of data subjects
If personal data is processed by Personio SE & Co. KG as the responsible body, you as a data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), including, where applicable, in particular the right to information (Article 15 GDPR), right to correction (Article 16 GDPR), right to deletion (Article 17 GDPR), right to restrict processing (Article 18 GDPR), right to data portability (Article 20 GDPR), right to object (Article 21 GDPR). If the processing of personal data is based on your consent, you have the right to withdraw this consent under data protection law in accordance with Article 7 IIIDS GVO. To assert your rights as a data subject with regard to the data processed to operate this recruiting page, please contact the data protection officer of Personio SE & Co. KG (see section B.).
Concluding provisions
Personio reserves the right to amend this privacy policy at any time so that it always meets current legal requirements or to implement changes to the services in the privacy policy, e.g. when introducing new services. If you visit this recruiting page again or apply again, the new privacy policy will then apply.
Use of social plugins
Components of the Internet video portal YouTube are integrated on these websites. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, MountainView, CA 94043-1351, USA.
Each time you access one of the individual pages of this website on which a YouTube component (YouTube video) has been integrated, the Internet browser on the information technology system is automatically prompted by the respective YouTube component to download a representation of the corresponding component from YouTube. However, this requires explicit confirmation of the playback of a video by the site visitor. More information about YouTube can be found at About YouTube - YouTube. As part of this technical process, YouTube and Google are aware of which specific subpage of our website you are visiting, provided that you are logged in to YouTube as the person concerned at the same time. This information is collected by YouTube and Google and assigned to the respective YouTube account. This takes place regardless of whether you click on a YouTube video or not. If such transmission of this information is not intended, she can prevent the transmission by logging out of her YouTube account before accessing our website.
The privacy policy published by YouTube, which is available at Privacy Statement—Privacy Policy & Terms of Use — Google are available, provide information about the collection, processing and use of personal data by YouTube and Google.
Purpose of processing: Integration of videos via the YouTube video plugin to personalize our website.
Legal basis: Article 6 (1) (f) GDPR
Data categories: connection data
Recipient of the data: Google Ireland Ltd., GordonHouse, Barrow Street Dublin 4 Ireland
Intended transfer to third countries: In individual cases USA (in accordance with standard data protection clauses of the EU Commission, Art. 46 (2) (c) GDPR)
Storage of data on your device based on consent: No
How secure is my data?
Will my data be shared?
Your personal data will be passed on to service providers used by us as part of the execution of the order and billing (e.g. carrier, logistician, banks) and when third parties process data on our behalf.
Can I request information, correction, blocking and deletion of my data? According to the GDPR, if the legal requirements are met, you have the right to receive free information about your stored data and a right to correct, block or delete this data.
You have the following rights vis-à-vis us with regard to personal data concerning you:
— right to information,
— right to correction or deletion,
— Right to restrict processing
— Right to object to processing
— Right to data portability
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
The supervisory authority responsible for us is
State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia, Cavalleriestr. 2-4, 40213 Düsseldorf
Telephone: 0211/38424-0
Fax: 0211/38424-10
email: poststelle@ldi.nrw.de
external sites
Purpose of processing: We have set up a page about our company on the “LinkedIn” platform. When you access this page, LinkedIn processes personal data about you. We receive statistics about the use of this site, which are derived from this data.
Legal basis: Article 6 (1) (f) GDPR
Data categories: Master data, contact data, content data, usage data, connection data
Recipient of the data: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (as joint controller, Art. 26 GDPR — the essence of the agreement can be found at https://legal.linkedin.com/pages-joint-controller-addendumabgerufen)
Intended transfer to third countries: In individual cases USA (in accordance with standard data protection clauses of the EU Commission, Art. 46 (2) (c) GDPR)
Storage of data on your device based on consent: No
Data subject rights: LinkedIn is responsible for implementing your data subject rights. LinkedIn will inform you about your rights as a data subject at https://www.linkedin.com/legal/privacy-policy. You can also assert your rights against us, and we will immediately forward your request to LinkedIn.
Timeliness and amendment of this privacy policy
This privacy policy is currently valid and was last updated on 04.03.2025. As a result of the development of our websites and offers or due to changes in legal or regulatory requirements, it may be necessary to adapt this privacy policy.
