top of page

Privacy Policy

Hinweis zu den verwendeten Cookies dieser Webseite:

Auf unserer Webseite werden Cookies eingesetzt. Einige sind notwendig, während andere dazu dienen, unser Online-Angebot zu analysieren, zu optimieren und wirtschaftlich zu betreiben. Sie können die nicht notwendigen Cookies akzeptieren oder die Cookies die Sie auswählen möchten in den "Einstellungen" aussuchen. Sie können die Einstellung jederzeit aufrufen, um Cookies auch nachträglich wieder abzuwählen. 

Hinweis auf Verarbeitung Ihrer auf dieser Webseite erhobenen Daten in den USA durch Calendly, Google Analytics und Wix.

Indem Sie „Ich akzeptiere“ klicken, willigen Sie zugleich gem. Art. 49 Abs. 1, S.1., lit. a DSGVO ein, dass Ihre personenbezogenen Daten in den USA verarbeitet werden. Die USA werden vom Europäischen Gerichtshof als Land mit einem nach EU-Standards unzureichendem Datenschutzniveau eingeschätzt. Es besteht insbesondere das Risiko, dass Ihre Daten durch US-Gerichte, US- Strafverfolgungsbehörden- und nationale Sicherheitsbehörden im Einklang mit dessen Gesetzen zu Kontroll- und zu Überwachungszwecken, möglicherweise auch ohne Rechtsbehelfsmöglichkeiten, verarbeitet werden. Sofern Sie Ihre Einwilligung nicht erteilt haben und/ oder die Datenverarbeitung nicht aufgrund vorvertraglicher bzw. vertraglicher Maßnahmen beruht, findet die vorgenannte Übermittlung nicht statt.

Weitere Hinweise erhalten Sie in unserer Datenschutzerklärung.

Data protection information for data subjects

With the following information on data protection we inform you about the processing of personal data in the context of our business activities and for the purpose of fulfilling contracts or our service provision. This data protection information also informs data subjects about the rights of data subjects.


  1. Name and contact details of the person responsible for processing

This information on data protection applies to data processing by:


Julia Bünger, Nordplatz 7, 04105 Leipzig, email:

  1. Processing of personal data


  1. Definition of "Personal Information"

Personal data is information relating to a natural person (a human being) and from which that natural person can be identified, directly or indirectly. "Personal data" means personal data within the meaning of Art. 4 No. 1 GDPR. 

  1. Which personal data we process 

As part of our business activities and for the purpose of fulfilling contracts or providing services, we usually process the following personal data: 

  • Contact details (name, address, telephone number, e-mail address)

  • Bank and payment details

  • Information on personal and professional circumstances, insofar as this is necessary for our service provision

  • Documents and other documents submitted to us for review

As part of our work, it is regularly not possible for us to work with anonymized or pseudonymised data, since our work regularly depends on specific personal references. 

  1. Duration of storage of personal data

We store personal data for as long as this is necessary for the execution of the respective contractual relationship or for the provision of services. This regulation is subject to legal storage obligations according to the legal requirements that are binding for us (commercial law, tax law storage obligations, e.g. according to HGB, AO). 


  1. Purposes and legal basis of the processing of personal data

We process personal data as part of our business activities and for the purpose of fulfilling contracts or providing services. The basis for processing is one of the following legal bases, depending on the individual case:

  1. Fulfillment of contractual obligations (Art. 6 Para. 1 S. 1 lit b GDPR)

The processing of personal data usually takes place to implement a contract or for pre-contractual measures with the data subject. The scope of the processing and the details result from the respective contract.

  1. Consent of the data subject (Art. 6 Para. 1 S. 1 lit. a, Art. 7 GDPR)

For certain services and activities within the scope of our business activities, the processing of personal data is based on the express, voluntary and revocable consent of the person concerned. 

  1. Fulfillment of legal obligations (Art. 6 Para. 1 S. 1 lit c GDPR)

We are subject to legal requirements that may oblige us to process personal data. In this context, we are obliged, among other things, to properly store and document our business activities and to provide information to lawfully acting authorities, courts or other public bodies in Germany and abroad. 

  1. Protection of legitimate interests (Art. 6 Para. 1 lit. f GDPR)

As part of our business activities and for the purpose of fulfilling contracts or providing services, we process personal data on the basis of a balance of interests, provided that the interests of the data subject that are worthy of protection do not prevail. 

Our legitimate interest in the processing of personal data lies primarily in the performance of our contractual obligations towards our customers and business partners. In principle, we only process personal data to the extent that this is necessary for our business activities and for the purpose of fulfilling contracts or providing services. 

In addition to the appropriate technical measures, all of our employees entrusted with the processing of personal data have been instructed and obliged to comply with the data protection regulations and to treat personal data confidentially in accordance with these regulations._cc781905-5cde- 3194-bb3b-136bad5cf58d_

  1. Performance of a task in the public interest (Art. 6 Para. 1 lit. e GDPR)

In exceptional cases, processing can also be carried out to perform a task that is necessary in the public interest or in the exercise of official authority, insofar as this has been delegated to us. 

  1. Protection of vital interests (Art. 6 Para. 1 lit. d GDPR)

In exceptional cases, processing can also be carried out to protect the vital interests of the data subject or another natural person. 


  1. Disclosure of Data to Third Parties

In compliance with legal requirements, personal data may be disclosed or transmitted to the following recipients: 

  • As far as necessary and legally permissible, authorities, courts or other public bodies at home and abroad

  • IT service providers and other contract data processors strictly earmarked, e.g. B. Service providers in the area of hosting, specialist services, public relations (sending newsletters, customer information, etc.)

  • DisCheck team members and external DisCheck consultants

When commissioning service providers within the framework of an order data processing relationship pursuant to Article 28 GDPR, a contract pursuant to Article 28 GDPR is concluded with these processors. 

Personal data will only be transmitted to countries outside the European Economic Area (EEA) if this is necessary in the context of our business activities and for the purpose of fulfilling contracts or providing services, if the person concerned has given their consent, if this is necessary to fulfill a legal obligation Obligation within the meaning of Art. 6 Para. 1 S. 1 lit c DSGVO is required or in the context of an order data processing relationship. 

Insofar as a transfer to countries outside the European Economic Area (EEA) takes place as part of an order data processing relationship, the appropriate level of data protection required by the GDPR is ensured by compliance with the requirements of Art. 45 et seq. GDPR. 


  1. data subject rights

You have various rights in connection with data protection. We would like to inform you about this below. You will not incur any costs for exercising these rights.

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to complain, the origin of your data, if not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details;

  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;

  • According to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;

  • According to Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you use them to assert, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 GDPR;

  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible;

  • pursuant to Art. 7 Para. 3 GDPR, to revoke the consent you have given to us at any time. As a result, we will no longer continue the data processing based on this consent for the future;

  • to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.


If you would like to exercise your rights towards us, an email to  is sufficient.


  1. Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided there are reasons for this, which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation.

If you would like to make use of your right of objection, an e-mail to is sufficient.


  1. Data protection in the application process


We process the personal data of applicants exclusively for the purpose of handling the application process. Processing can also take place electronically, for example if the applicant applies by e-mail and sends us his application documents with personal data in this way. 

If we conclude an employment contract with the applicant at the end of the application process, the data from the application and the data that may be communicated or transmitted by the applicant in the further course of the application process or during recruitment will be used for the purpose of processing the employment relationship stored in compliance with legal regulations. 

If no employment contract is concluded between the applicant and us, the application documents will be deleted three months after notification of the rejection decision, provided that this deletion does not conflict with any other legitimate interests on our part or statutory storage obligations. Another legitimate interest is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

The applicant has the option of voluntarily agreeing to the storage of their personal data beyond the application process. His application documents and personal data will then (exclusively in the case of voluntary consent) be included in our pool of applicants and stored until the consent is revoked. In this case, the data is stored and processed exclusively for the purpose of being able to inform the applicant of other job offers. 

A possible consent has no effect on the chances in a current or in a subsequent application process. The applicant can refuse it without giving reasons and without having to fear disadvantages as a result. Consent can be revoked at any time (e.g. by email to without giving reasons. 


  1. Consent to email correspondence


You agree that we may use your specified e-mail address for unencrypted communication  as part of the processing. You are advised that communication via unencrypted e-mail is insecure and does not ensure adequate protection of my data. At your own request, you do not follow the recommendation to communicate via encrypted e-mail.


The e-mail address will be used for unencrypted communication until you withdraw your consent. 


Your consent is voluntary. You can refuse them without giving reasons and without fear of any disadvantages. In particular, there are no additional costs if consent is not given. 


Revocation of consent: You can revoke your consent at any time (e.g. by email to or by telephone). The legality of the processing that took place on the basis of the consent up to the point of revocation is not affected by the revocation, so the revocation only applies to the use planned after the revocation. 


Consequences of the revocation: In the event of revocation, communication will be stopped by means of unencrypted e-mail and, if necessary, continued by means of encrypted e-mail or only communication by telephone and post. 


9. Changes to the Privacy Policy

This data protection information is dated March 2022. We reserve the right to adapt our data protection declaration at any time with regard to applicable data protection regulations. The current data protection declaration can be accessed and printed out at any time on our website.

bottom of page