The privacy policy was last updated on 2022-01-01
We are happy about your interest in our collective. However, if a data subject wants to use special services of our collective via our website, processing of personal data could become necessary. If processing of personal data is necessary and there is no legal basis for such processing, we will generally obtain the consent of the data subject. The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation, and in accordance with the country-specific data protection regulations applicable to the fnordkollektiv GmbH. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this data protection declaration.
As the website operator, the fnordkollektiv GmbH has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, internet-based data transmissions can always be vulnerable to security risks, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.
Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we explain the terminology used at the end of the statement.
fnordkollektiv GmbH
Dillweg 27
57250 Netphen
Email: Please enable Javascript to view email address!
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2–4
40213 Düsseldorf
Phone: +49 211 38424-0
E-Mail: poststelle@ldi.nrw.de
The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process personal data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data. Furthermore, we have taken active measures to protect our visitors.
We use the following hoster:
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
In order to ensure data protection-compliant processing, we have concluded an order processing
agreement
with our hoster.
We do not use cookies on our website.
We do not use any analytics services.
We use a reverse proxy and do not store server log files.
The website operator collects and processes the personal data of applicants for the purpose of handling the application procedure. The processing may also take place electronically. This is the case, in particular, if an applicant submits relevant application documents by electronic means. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted four months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG). In the case of a job interview, it is possible that we offer a job interview via video chat. For this purpose, we use the service Jitsi Meet, which we provide on our own server. For this purpose, we have explicitly disabled the forwarding of data to third parties. The e-mail address jobs@fnordkollektiv.de is available for applications and is not archived. Please apply exclusively via this e-mail address or by post.
We do not use profiling.
In the WorkAdventure game world, participants can meet other participants virtually in small groups and talk to each other (via text, video, or audio chat) or share screen content from their own screen.
Data processing is based on your consent (Art. 6 (1) a DSGVO/GDPR). Participation in the WorkAdventure and the Jitsi chat is largely (IP is recorded for technical reasons) anonymous using a nickname. Camera and audio can be switched off. Likewise, there is the possibility via settings that other participants can not contact your WOKA (avatar). As soon as you visit our WorkAdventure and Jitsi Meet, certain data such as IP address, operating system/browser information and the current time are transmitted to our system. We do not store this data. To enable communication between participants, audio and video data is transmitted between participants and the system. During transmission, these are encrypted, but must be decrypted on the system in order to be decrypted on the system so that they can be processed further. No communication data is viewed, recorded or stored. A direct connection is established between the participants during the use of WorkAdventure and the embedded video conferences. If this is not possible for technical reasons, a STUN/TURN server is used to establish a connection between the participants. This server serves only as a "relay", which only passes the data between the clients and does not store any data. Furthermore, there is a connection via WebRTC in the WOKA communication circles (up to 5 people), which is also encrypted. We use our own Jitsi Meet Server on our infrastructure.We use the software service Nextcloud (accessible via the Internet and executed on the servers of fnordkollektiv GmbH) for the following purposes: Document exchange between customers. In this context, personal data may be processed and stored on the servers of fnordkollektiv GmbH, insofar as these are part of communication processes with us or are otherwise processed by us as set out in the context of this privacy policy. Furthermore, fnordkollektiv GmbH processes usage data and metadata that are used for security purposes and deleted within 30 days. Notes on legal bases: We ask for consent for the use of our cloud services, the legal basis of the processing is consent. Furthermore, their use may be a component of our (pre)contractual services, provided that the use of the cloud services has been agreed within this framework. Otherwise, user data is processed on the basis of our legitimate interests (i.e., interest in efficient and secure administration and collaboration processes). User accounts are not created for customers in this regard. Furthermore, each exchange is password protected, whereby passwords are transmitted separately by us. Data processing types: personal data (e.g. names, addresses), contact data (e.g. e-mail, user names), content data (e.g. text input, photographs, videos), usage data (e.g. interest in content, access times), meta/communication data (e.g. device information, IP addresses). Data processing purposes: Organizational procedures. Legal bases: Consent (Art. 6 para. 1 p. 1 lit. a DSGVO), performance of contract.
Appointments can be booked using our calendar-based booking tool (https://book.fnordkollektiv.de). Of course, this service is not mandatory and appointments can also be made by email. The booking tool is connected to the fnordkollektiv Nextcloud calendar. The service is designed to help you find a free appointment with one or more people at the same time and to facilitate coordination. The booking requires a name, the type of booking (sales meeting, training, etc.), the date of the appointment and an email address. Confirmation emails are sent through our own email server. All appointments take place as Jitsi meetings (on Jitsi Severn of the fnordkollektiv as well as on connected STUN/TURN servers of the fnordkollektiv).
We recommend all users to inform themselves about the processing of their data by Mastodon and to protect their privacy as much as possible.
We have no influence on the type and scope of the data processed by Mastodon, the way it is processed and used, or the transfer of this data to third parties, as Mastodon is a decentralized network. Consuming our Mastodon toots is possible almost anonymously, since you do not need a Mastodon account to read our TToots. Only the IP address is stored when visiting our account at kanoa (a project of Adminforge) for 14 days (https://kanoa.de/terms).
If you have a Mastodon account, your personal data will be collected, transferred, stored, disclosed as well as pushed to other entities (also outside the European Union) by Mastodon.
Article 6 I lit. a GDPR serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Article 6 I lit. b GDPR.
The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data might become necessary to protect vital interests of the data subject or another natural person.
This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d GDPR. Finally, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the website operator (recital 47 sentence 2 GDPR).
In accordance with the applicable data protection law, you are entitled in particular to the following data protection rights:
Right of access, rectification, erasure and restriction: You may have the right to request information about your personal data stored by us at any time. When we process or use your personal data, we strive to take reasonable steps to ensure that your personal data is accurate and up to date for the purposes for which it was collected. In the event that your personal data is inaccurate or incomplete, you may request that it be corrected. Furthermore, you may have the right to request the erasure or restriction of the processing of your personal data if, for example, there is no longer a legitimate business purpose for such processing under this Privacy Policy or applicable law and legal retention obligations do not require its continued storage.
Right to data portability: you may have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format or to transfer this data to another party.
Right to withdraw your consent: If you have consented to the processing of your personal data, you may withdraw your consent at any time with effect for the future, but without affecting the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
Right of objection pursuant to Art. 21 (1) and (2) GDPR: You have the right to object at any time, on grounds relating to their particular situation, to the processing of your personal data carried out on the basis of Art. 6(1)(e) or (f) GDPR. We will not further process your personal data after an objection, unless we can demonstrate compelling legitimate grounds for further processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims (cf. Art. 21 (1) GDPR, so-called "limited right of objection"). In this case, you must provide reasons for the objection that arise from your particular situation.
The data protection declaration of the fnordkollektiv GmbH is based on the terms used by the European Directive and Regulation Authorities when issuing the Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would also like to explain the terminology used. The data protection declaration of the fnordkollektiv GmbH is based on the terms used by the European Directive and Regulation Authorities when issuing the Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would also like to explain the terminology used.