Privacy Policy

We, littlebigFuture gGmbH, operate the website https://my.littlebigfuture.de and collect certain data from our visitors and customers, where necessary. In the following privacy policy, you will be informed what we do with your data, so-called personal data, and why we do this. We will also inform you how we protect your data, when this data is deleted and what rights you have within data protection.

Who can I contact?

Responsible for this website is:

littlebigFuture gGmbH
Pretzfelder Str. 15
90425 Nürnberg

+49 (0) 911 148 999 54
datenschutz@littlebigfuture.de

Via the contact data you can reach our Data Protection Officer or another data protection relevant contact. Don’t hesitate to contact us if you have specific questions about your personal data, deletion of your personal data or similar things.

What are my rights?

You can contact us at any time if you have any questions about your rights regarding data protection or if you wish to exercise any of the following rights:

• Right to withdraw your consent in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to cancel a previously given consent to a newsletter)
• Right to access your data in accordance with Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
• Right to correct your data in accordance with Art. 16 GDPR (e.g. you can contact us if your e-mail address has changed and we should replace your old e-mail address)
• Right to have your data deleted in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete certain data that we have stored about you) 
• Right to limit data collection in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your e-mail address, but only to send absolutely necessary e-mails) 
• Right to data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data in a zipped format, if you want to upload it to another website) 
• Right to object how your data is handled in accordance with Art. 21 GDPR (e.g. you can contact us if you do not agree with advertising or user analytics procedures as described within this privacy policy) 
• Right to send complaints to the supervisory authority in accordance with Art. 77 para. 1 f) GDPR (e.g. you can contact the data protection supervisory authority directly: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm) 

Deletion of data and storage periods

Unless otherwise stated, we will delete or anonymize your data as soon as it is no longer needed (e.g. your e-mail address after you have unsubscribed from a newsletter). Your data will also be deleted or anonymized automatically if the mandatory storage period expires, except when such data is required to be stored for a contract or performance of contract. Such data may be needed for longer periods of time for legal reasons. You can request information about all personal data we have stored about you.

Visiting our website

If you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser sends to us, e.g:

• IP address (e.g. 97.93.116.example or 2a02:7122:99222:1112:bdb2:723f:example)
• Approximate location based on IP range (e.g. “Berlin city”)
• Internet provider (e.g. “Telecom” or „AT&T“)
• Internet connection speed (e.g. 120 Mbit)
• Date and time of visit (e.g. 11:45 on 25.05.2018)
• Last visited website (e.g. google.com)
• Browser and version (e.g. Chrome or Safari)
• Operating system (e.g. Mac OS)
• Hardware (e.g. Intel processor)

As a safeguard to protect your privacy, we delete or anonymise your IP address after your visit. Therefore, all other data possibly attached to it can no longer be traced back to you. It will only serve anonymous and statistical purposes to optimise our website. The purpose of temporarily storing this data is necessary to establish a connection as well as loading our website the way it was designed to. Such data is therefore required to display the website on your screen, to avoid display problems and other technical error messages. The legal basis is the legitimate interest which we evaluated in accordance with the European data protection requirements under Art. 6 para. 1 lit. f) GDPR. 

Contact form

You can contact us through the contact form. You can decide to submit the following data:

• First- / Last name
• Telephone
• E-mail address
• Message or online request

As a safeguard to protect your privacy, contact is established via a secure connection like the rest of the website. After the successful establishment of contact with you and final omission of the contact reason your data are deleted. The purpose of the data requested is to contact you, which is why the data is only used for this purpose. The legal basis is the legitimate interest which we evaluated in accordance with the European data protection requirements under Art. 6 para. 1 lit. f) GDPR. 

Application

We collect and process the personal data of applicants* for the purpose of carrying out the application process. The processing may also take place electronically. This is particularly the case if applicants send us application documents electronically, e.g. by e-mail, or via the career site (jobs.businessbynature.de). If we conclude an employment contract with applicants, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If no employment is concluded, the application documents will be deleted 6 months after the end of the application process, unless you have given your explicit consent to a longer storage.

As a protective measure, the data you enter is transmitted via an encrypted connection. We also make sure that only absolutely necessary employees* have access to your application documents. We also ensure that the data is always deleted, as described above. The purpose of the data requested is to carry out the application process and the associated hiring decision. The legal basis is the decision on the establishment and implementation of an employment relationship pursuant to Art. 6 para. 1 lit. b), Art. 88 GDPR, Paragraph 26 BDSG. 

 We also work with the HR service provider Personio (https://www.personio.de) based in Germany. We have concluded the required order processing agreement with Personio in accordance with Art. 28 GDPR. The processing of applications also takes place using the services of Personio. You can find more information about Personio’s data protection here. 

Cookies

Our website partially uses so-called cookies. Cookies are small text files that are usually stored in a folder of your browser. Cookies contain information about the current or last visit to the website: 

• Name of the website
• Expiration date of the cookie 
• Any value 

If cookies do not contain an exact expiration date, they are stored only temporarily and are automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date will still be stored even when you close your browser or restart your device. Such cookies will not be deleted until the specified date or if you delete them manually. 

We use the following three types of cookies on our website: 

• required cookies (cookies that are required, e.g. to display the website correctly for you and to store certain settings temporarily) 
• functional and performance-related cookies (cookies that help us improve our website, e.g. to evaluate technical data of your visit and avoid error messages) 
• advertising and analytics cookies (cookies that provide analytics and personalized ads, e.g. advertising for shoes is displayed if you have previously searched for shoes)

You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly. Helpful information and instructions for the most common browsers can be found here: https://www.allaboutcookies.org/manage-cookies/stop-cookies-installed.html

Cookiebot 

Cookiebot, operated by Cybot A/S, Havnegade 39, 1058 Copenhagen (Denmark). We use the Cookie Bot Consent Platform (“Cookiebot”) to inform you about the technologies we use on our website and to obtain, manage and document your consent to the processing of your personal data by these technologies. When you visit our website, Cookiebot’s web server stores a so-called server log file, which also contains your anonymized IP address, date and time of visit, device and browser information, and information about your consent behavior. The data is stored in Denmark. For more information, please see Cookiebot’s privacy policy. 

Google Tagmanager 

Google Tagmanager, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Through this service, website tags can be managed through an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager. Depending on your location, the data is stored either in the European Union or the USA. For more information, please see Google’s privacy policy. 

Matomo

We use the open-source software Matomo for analyzing and statistically evaluating the usage of the website. For this purpose, cookies are employed. The information obtained about the website usage is transmitted exclusively to our servers and summarized in pseudonymous usage profiles. We use this data to evaluate the usage of the website. The collected data is not shared with third parties.

IP addresses are anonymized (IP masking), so that it is not possible to associate them with individual users.

The processing of data is based on Art. 6(1)(a) of the General Data Protection Regulation (DSGVO). We pursue our legitimate interest in optimizing our website for our external representation.

You can revoke your consent at any time by deleting the cookies in your browser or changing your privacy settings.

Opt-out complete; your visits to this website will not be recorded by the Web Analytics tool. Note that if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

The tracking opt-out feature requires cookies to be enabled.

Goolge Analytics 

Google Tagmanager, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) is a web analytics service. Google uses the advertising and analytics cookies described above to analyze our website with regard to your usage behavior. However, your IP address is shortened before the usage statistics are evaluated, so that no direct connection to you as a person can be made. For this purpose, we use the “anonymizeIp” function to ensure anonymous collection of IP addresses. Google will use the anonymous information collected by the cookies to evaluate the usage of the website and to compile reports on website activity. Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. 

If you delete your cookies in this browser, you must click this link again. Depending on your location, the data is stored either in the European Union or the USA. For more information, please see Google’s privacy policy. 

Facebook Pixel 

Facebook-Pixel, operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Irland. We use Facebook Pixel as a social network. With the help of the Facebook pixel, it is possible for Facebook to determine you as a visitor to our website as a target group for the display of ads (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products, which are determined based on the websites visited) that we transmit to Facebook. Depending on your location, the data is stored either in the European Union or the USA. For more information, please see Facebook’s privacy policy. 

We only share data that is necessary for the execution of the mutual contract or if you have given us consent, for example in the context of our newsletter or cookie banner. If no contract exists yet, we share the data in certain cases in the context of legitimate interests. This is the case, for example, if you only want to visit our website or contact us. When you visit our website, it is in the interest of both parties to provide access to the offer and to communicate with each other. 

We have also entered into contract processing agreements with all external recipients to comply with European law requirements. Depending on your location, some of the above service providers – if specified – will also transfer your data to the United States. The European Court of Justice has ruled that the United States does not have a level of data protection equivalent to the EU and authorities may be able to access data without due process. Additional safeguards are therefore required to ensure a sufficient level of data protection. To meet this requirement, we have concluded additional contracts for commissioned processing, called standard contractual clauses. We also review each service provider together with our data protection officer and ensure that additional security measures are available, such as strong data encryption. 

Date of the privacy policy: Juni 2021