Responsible authority

The responsible body within the meaning of the Federal Data Protection Act (BDSG) and the General Data Protection Regulation (GDPR) is Cashlink Technologies GmbH, legally represented by the Managing Directors Lars Olsson and Michael Duttlinger, Sandweg 94c, 60316 Frankfurt am Main, Germany (Cashlink). If you have any questions regarding the collection, processing or use of your personal data, for information, correction, blocking or deletion of data as well as revocation of consents granted, please contact Cashlink by post at the business address given in the imprint or at support@cashlink.de. You can contact our data protection officer, Mr. Thomas Reimann, at datenschutz@leistungen.de or at the postal address beratergruppe:Leistungen PartGmbB, Rüppurrer Str. 4, 76137 Karlsruhe, Germany.

General information

We, Cashlink, take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Website

Webhosting

Our website is hosted on a server of the company Raidboxes GmbH, Hafenstraße 32, 48153 Münster. We have concluded the legally required data processing agreement with this company.

Cookies

Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies, known as “transient cookies”, remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit. If the purpose of these cookies is to track your user behavior on subsequent visits or across pages, we only set the cookies with your consent, which we ask for when you first access the website.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Further information on cookies and an overview of the cookies we use can be found here: Cookie Policy. There you can also revoke or (re-)grant any declarations of consent you may have given for cookies, which we may only set with your consent.

Server-Log-Files

Raidboxes GmbH automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use. The legal basis for the processing of the data in the server log files is Art. 6 para. 1 lit. b) and f) GDPR (General Data Protection Regulation). We store this data for a period of 7 days.

Google Analytics

If you agree, this website uses functions of the web analysis service Google Analytics. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. a) GDPR (General Data Protection Regulation). You can find out how long the data is stored at the following link: https://support.google.com/analytics/answer/6004245?hl=de. The provider is Google Ireland Ltd, Google Building, 4 Barrow St., Grand Central Dock, Dublin 4, Ireland.

Google Analytics also uses so-called “cookies”. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

Further information on the use of user data by Google Analytics can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

Browser-Plugin

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

Demographic characteristics of Google Analytics

This website uses the “Demographics” function of Google Analytics. This allows reports to be generated that contain information about the age, gender and interests of visitors to the website. This data comes from Google’s interest-based advertising and from visitor data from third parties. This information cannot be linked to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics, as described above.

Zapier

We use the Zapier automation software for our website. The service provider is our processor, the American company Zapier Inc, 548 Market Street 6241, San Francisco, CA 94104, USA. Zapier also processes your data in the USA, among other places. This may entail various risks for the lawfulness and security of data processing.

Zapier uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union or the European Economic Area) or for data transfer there. The data processing terms (Data Processing Agreements), which correspond to the standard contractual clauses, can be found at https://zapier.com/help/account/data-management/standard-contractual-clauses-at-zapier.

You can find more information about the data processed through the use of Zapier in the Privacy Policy at https://zapier.com/privacy.

Pipedrive

We use the Pipedive software, a sales platform, for our website. The service provider is our processor Pipedrive Inc, 460 Park Ave South, New York, NY, 10016, USA. Pipedrive also processes your data in the USA, among other places. This may entail various risks for the lawfulness and security of data processing.

Pipedrive uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union or the European Economic Area) or for data transfer there.

The Pipedrive Data Processing Terms (Data Protection Addendum), which corresponds to the Standard Contractual Clauses, can be found at https://www-cms.pipedriveassets.com/documents/2021-02-16-Pipedrive-DPA-Signed.pdf.

You can find out more about the data processed through the use of Pipedrive in the Privacy Policy at https://www.pipedrive.com/en/privacy.

LinkedIn Insight-Tag

We use the LinkedIn Insight Tag tracking software for our website. The service provider is our processor LinkedIn Ireland Unlimited, Wilton Place, Dublin 2, Ireland. The company also processes your data in the USA, among other places. This may entail various risks for the lawfulness and security of data processing.

LinkedIn uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing for recipients based in third countries (outside the European Union or the European Economic Area) or for data transfer there.

You can find more information about LinkedIn’s standard contractual clauses at https://de.linkedin.com/legal/l/dpa or https://www.linkedin.com/legal/l/eu-sccs

You can find out more about LinkedIn Insight Tag at https://www.linkedin.com/help/linkedin/answer/a427660. You can also find out more about the data processed through the use of LinkedIn Insight Tag in the privacy policy at https://de.linkedin.com/legal/privacy-policy.

Google Tag Manager

We use the Google Tag Manager service provided by our processor Google Ireland Ltd (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is an auxiliary service and processes personal data itself only for technically necessary purposes. Google Tag Manager ensures that other components are loaded, which in turn may collect data. Google Tag Manager does not access this data. You can find more information about Google Tag Manager in Google’s privacy policy. The legal basis for the transfer of data to Google Ireland Limited is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. This may also involve the transfer of personal data to a country outside the European Union. The data is transferred on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) in conjunction with Art. 49 para. 1 lit. a) GDPR. You were already informed before giving your consent that the USA does not have a level of data protection corresponding to the standards of the EU. In particular, US intelligence services can access your data without you being informed and without you being able to take legal action against this. The duration of processing is variable and ends when the purpose of processing ceases to apply.

Google Ads

If you agree, the Google Ads software is used when you visit this website. We process data about the use of the website and the logging of clicks on individual elements. The purpose of the processing is to examine user behavior, analyze the effect of online marketing measures and select online advertising on other platforms, which are automatically selected by means of real-time bidding based on user behavior. Data is transferred to the independent controller Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The legal basis for the transfer of data to Google Ireland Limited is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. This may also involve the transfer of personal data to a country outside the European Union. The data is transferred on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) in conjunction with Art. 49 para. 1 lit a) GDPR. You were already informed before giving your consent that the USA does not have a level of data protection corresponding to the standards of the EU. In particular, US intelligence services can access your data without you being informed and without you being able to take legal action against this. The duration of processing: is variable and ends when the purpose of processing ceases to apply.

Hotjar

If you agree, this website uses the Hotjar service of Hotjar Ltd. to analyze the behavior of individual users. If you continue to use this website, you consent to the use of Hotjar in accordance with the privacy policy (https://www.hotjar.com/privacy). The legal basis for the use of Hotjar is Art. 6 para. 1 sentence 1 lit. a) GDPR. You can find out how long the data is stored by clicking on the link above.

You can opt out of Hotjar by not consenting, withdrawing your consent or clicking on this link and following the instructions: Hotjar Opt-out

SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the padlock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Newsletter

We use Mailchimp from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA (Mailchimp) to send our newsletter. This enables us to contact subscribers directly. In addition, we analyze your usage behavior in order to optimize our offer.

For this purpose, we pass on the following personal data to Mailchimp:

E-mail address, company name, first and last name

Our emails contain a link that you can use to update your personal data.

Mailchimp is the recipient of your personal data and acts as a processor for us as far as the sending of our newsletter is concerned. The processing of the data specified in this section is neither legally nor contractually required. Without your consent and the transmission of your personal data, we cannot send you a newsletter.

In addition, Mailchimp collects the following personal data using cookies and other tracking methods: Information about your end device (IP address, device information, operating system, browser ID, information about the application you use to read your emails and other information about hardware and internet connection. In addition, usage data such as date and time, when you opened the email / campaign and browser activities (e.g. which emails / websites were opened) are collected. Mailchimp requires this data to ensure the security and reliability of the systems, compliance with the terms of use and the prevention of misuse. This corresponds to Mailchimp’s legitimate interest (pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR) and serves the performance of the contract (pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR). Mailchimp also analyzes performance data, such as email delivery statistics and other communication data. This information is used to compile usage and performance statistics for the services.

Mailchimp also collects information about you from other sources. In an unspecified period and scope, personal data is collected via social media and other third-party data providers. We have no influence on this process.

Further information on objection and removal options regarding Mailchimp can be found at: https://mailchimp.com/legal/privacy/#3._Privacy_for_Contacts

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. You can withdraw your consent to the processing of your personal data at any time. There is a corresponding link in all mailings. You can also withdraw your consent using the contact options provided. The declaration of revocation does not affect the legality of the processing carried out to date.

Your data will be processed for as long as the corresponding consent is available. Apart from this, it will be deleted after the termination of the contract between us and Mailchimp, unless legal requirements make further storage necessary.

Mailchimp has implemented compliance measures for international data transfers. These apply to all global activities where Mailchimp processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at: https://mailchimp.com/legal/data-processing-addendum/

Contact by e-mail/letter

If you contact us by email or letter, we will only process your personal data if we have a legitimate interest in doing so (Art. 6 para. 1 sentence 1 lit. f) GDPR), if you have consented to the data processing (Art. 6 para. 1 sentence 1 lit. a) GDPR), if the processing is necessary for the initiation, establishment, content or amendment of a legal relationship between you and us (Art. 6 para. 1 sentence 1 lit. b) GDPR) or if another legal standard permits the processing.

Your personal data will remain with us until you revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods under tax and commercial law – remain unaffected by this.

Applications

In order to carry out our application procedure, your personal data submitted to us as part of an application will be stored in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR in conjunction with. § 26 para. 1 BDSG stored. If an employment relationship is established between you and us, we may process the personal data already received from you for the purposes of the employment relationship in accordance with Section 26 (1) BDSG if this is necessary for the performance or termination of the employment relationship or for the exercise or fulfillment of the rights and obligations of the representation of interests or employees arising from a law or a collective agreement.

We store your personal data from the application for as long as this is necessary for the decision on your application. If an employment relationship is not established between you and us, we may also continue to store data if this is necessary to defend against possible legal claims. In this case, the application documents will be deleted 6 months after notification of the rejection decision, unless longer storage is required due to legal disputes.

In individual cases, we may offer to include you in our talent pool. If you agree to this, we will store the application documents until you withdraw your consent at the latest.

The personal data we store in the context of applications includes First name, surname, address, telephone number, e-mail address, date of birth, place of birth, nationality, details of your school career, details of your professional career, The storage of your data is limited to the above-mentioned purpose. In individual cases, we do not collect all the data provided.

For the processing of application documents, we work with the processor Personio SE & Co. KG Seidlstraße 3 80335 Munich, Germany, commissioned by us in writing.

Crypto securities registry

Information on the processing of your personal data when using our crypto securities register can be found here: „Datenschutzerklärung Cashlink Technologies GmbH für die Kryptowertpapierregisterführung im Sinne des elektronischen Wertpapiergesetzes (eWpG)“.

Your rights

You have the following rights towards us in relation to the personal data concerning you:

1. Right to information,
2. Right to rectification or erasure,
3. Right to restriction of processing,
4. Right to object to processing,
5. Right to data portability.

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

Personio

Privacy policy for applicants

§ 1 Information on the collection of personal data