PRIVACY POLICY

   Your responsibility.

‍We will process the above Personal Data in accordance with the GDPR and on the assumption that they refer to You or to third parties who have authorized You to provide them pursuant to an appropriate legal basis which legitimizes the Processing at stake. In this case, unless You accepted a specific data processing agreement with Us, You act as an independent Data Controller, taking on all relevant obligations and responsibilities according to the GDPR. In this regard, You shall indemnify and hold Us harmless from and against all damages, losses, and expenses of any kind (including reasonable legal fees and costs) arose by any claim made by any third party whose Personal Data have been Processed in breach of the applicable law (including, without limitation, the GDPR) as regards to Your obligations as independent Data Controller of the same Personal Data.


    PURPOSES AND LEGAL BASIS OF THE PROCESSING

Purposes. Personal Data above will be processed by Us for the purposes and legal basis specified below:

 

Third parties required by laws or authorities. We may disclose Your Personal Data to a third party if: (i) We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request (including to meet national security or law enforcement requirements), or (ii) to protect ourselves, Our customers, or the public from harm or illegal activities. If We are required by law to disclose any of Your Personal Data, then We will use reasonable efforts to provide You with notice of that disclosure requirement, unless We are prohibited from doing so by statute, subpoena or court or administrative order. Further, We object to requests that We do not believe were issued properly.


Third Parties recipients of anonymised, de-identified and aggregated data. We may transform Your Personal Data in such a manner (i.e., through anonymisation, de-identification and aggregation) that these data can no longer be attributed to You. Such anonymised, de-identified or aggregated data will be shared to third parties for various purposes, including for business or marketing purposes or to assist third parties in understanding Our users’ interest, habits and usage patterns for certain programs, content, services and functionalities of our Site and/or Services.


‍WHERE YOUR PERSONAL DATA MAY BE TRANSFERRED

‍We are based in Germany and Your Personal Data may be further transferred to, and stored at, any of our affiliates, partners or service providers mentioned in previous Sect. 7. We will ensure that the jurisdiction in which the recipient third party is located ensures an adequate level of protection of Your Personal Data; if it is not the case, our non-EU service providers mentioned in Sect. 7 above shall be signatories of a data transfer agreement which shall include the “Standard Contractual Clauses for data transfers between EU and non-EU countries” adopted by the European Commission.





Application via Email and application form

Scope of processing personal data

There is an application form on our website which can be used for electronic applications.

The following data is processed:

Your Name

Email address

Curriculum vitae

Open field for commenting


Your consent will be obtained for the processing of your data as part of the sending process and reference will be made to this privacy policy.


Alternatively, you can send us your application by email. In this case, we collect your email address and the information you provide in the email.

After sending your application, you will receive confirmation of receipt of your application documents from us by email.

The data will be used exclusively for processing your application.



Purpose of data processing

‍The processing of personal data from the application form serves us solely to process your application. If you contact us by email, this also constitutes the necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the application form and to ensure the security of our information technology systems.

‍

Legal basis for data processing

‍The legal basis for the processing of the data is the initiation of the contractual relationship at the request of the data subject, Art. 6 (1) (b) GDPR and § 26 (1) BDSG.



Duration of storage

‍After completion of the application procedure, the data will be stored for up to six months. Your data will be deleted after six months at the latest. In the event of a legal obligation, the data will be stored within the framework of the applicable provisions.



Objection and removal
‍
‍The applicant has the possibility to object to the processing of personal data at any time. If the applicant contacts us by email via people@codepan.com, they can object to the storage of their personal data at any time. In such a case, your application will no longer be considered.

All personal data stored in the course of electronic applications will be deleted in this case.


YOUR RIGHTS

Right of access. You are always entitled to receive confirmation as to whether Your Personal Data is being processed or not and, where that is the case, access and receive a copy of such Personal Data in an intelligible form. Furthermore, You are also entitled to receive information concerning: (i) the purposes of the processing; (ii) the categories of Personal Data concerned; (iii) the recipients (or categories thereof) to whom the Personal Data have been or will be disclosed; (iv) where possible, the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine that period; (v) the existence of the right to request from Us the rectification or the erasure of Personal Data or the restriction of the Processing of Your Personal Data or to object to such processing; (vi) the right to lodge a complaint with a Supervisory Authority; (vii) the source of the Personal Data; (viii) the existence of automated decision-making; (ix) where Personal Data is transferred to a third country or to an international organization, the appropriate safeguards relating to the transfer.


Right to withdraw consent. You are always entitled to withdraw, at any time, Your consent to the Processing of Your Personal Data, both on legitimate grounds (even though they are relevant to the purpose of the collection) and if the Processing is carried out for direct marketing purpose. The preceding will not affect the lawfulness of Your Personal Data Processing based on consent before the withdrawal.
‍

Right to rectification, erasure and restriction. You are always entitled to obtain from Us, without undue delay: the rectification or integration of Your Personal Data that are inaccurate or incomplete; the erasure of Your Personal Data that have been processed unlawfully or whose retention is unnecessary for the Purposes; the restriction of Processing, in case You challenge either the accuracy of Your Personal data or the lawfulness of the Processing, or in case We no longer need the Personal Data for the Purposes, but they are required by you for the establishment, exercise or defense of a legal claim.


Right to data portability. You have the right to receive Your Personal Data in a structured, commonly used and machine-readable format, as well as the right to transmit those data to another Data Controller without hindrance from Us, where technically feasible.

‍
Right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects. We may use automated decision-making only if it is authorized by legislation and if You have provided Us with an explicit consent or if it is necessary for the performance of a contract. You can always request a manual decision-making process instead, express Your opinion or contest decision based solely on automated processing, including profiling, if such a decision would produce legal effects or otherwise similarly significantly affect You.


Right to lodge a complaint. You have the right to lodge a complaint before the Supervisory Authority, if You believe that the Processing of Your Personal Data is against the GDPR. Such relevant Supervisory Authority is the Berliner Beauftragte für Datenschutz und Informationsfreiheit (located at Friedrichstr. 219, 10969 Berlin, tel.: +49 (0)30 13889-0, fax: +49 (0)30 2155050, email: mailbox@datenschutz-berlin.de).


Contacts. Requests to exercise the rights above must be sent by e-mail to [admin@Codepan] or by post to Codepan GmbH, Paul Lincke Ufer 8b, 10999 Berlin, Germany. Any access request is always completed within one (1) month; however, where the retrieval or provision of information is particularly complex or is subject to a valid delay, the period may be extended by two (2) further months. If this is the case, We will write You within one (1) month and keep You informed of the delay and the reasons thereof.


AMENDMENTS TO THIS POLICY

This Privacy Policy came into force on the “Effective Date” specified above.

We reserve the right to amend or to update its content, whether in whole or in part, also following changes in the legal and regulatory obligations regarding data protection. We will inform You on such amendments and updates through their publication on our website at [link] as soon as they are adopted, and they will be binding from the moment of their publication. Therefore, We invite You to visit this page of Our website regularly, in order to be aware of the most recent and updated version thereof, so that You are always updated on the Processing activities that We carry out.