Privacy Policy
Data protection is a subject of special importance for YAGEO Nexensos: We process your personal data exclusively in compliance with legal requirements and in accordance with appropriate technical and organizational data security measures.
The purpose of this privacy policy is to inform you about the nature, scope and purpose of personal data processing on our internet website and the associated sites, functionalities and content (hereinafter collectively referred to as “website”). The privacy policy applies irrespective of the domains, systems, platforms, and devices (e.g., desktop or mobile) on which the website is made available.
Contact details of the Controller
The provider of the website and legally responsible for it under privacy law is YAGEO Nexensos GmbH, Reinhard-Heraeus-Ring 23, 63801 Kleinostheim, Germany (hereafter referred to as the “provider”, “we” or “us”). For further details as well as how to contact us, please see the legal information on our website.
Contact details of the Data Protection Officer
Our Data Protection Officer can be reached via the following email address: : yageo@2b-advice.com or by post:
Data Protection Officer
2B Advice GmbH
Joseph-Schumpeter-Allee 25
53 227 Bonn
Data Processing in Detail
Collection of access data
When accessing our website, information is automatically transmitted from your browser to us; this includes the name of the website and files that are accessed, the date and time they are accessed, the quantity of data transmitted, reports about successful access, the browser type and version, your operating system, the referrer URL (the page you visited prior to visiting our website), your IP address and the requesting provider.
The processing of your above-mentioned personal data is technically necessary for offering our website as a service to you and is carried out based on our legitimate interests in accordance with Art. 6(1) (f) GDPR regarding the operation of our website and, to ensure the safeguarding of the security of the processing (e.g., to prevent and identify cyber-attacks).
The collection and storage of your personal data in log files is necessary for the provision of the website. For this reason, you may not request the deletion or correction of this data or object to its processing.
Contacting us
When you contact us (via contact form or e-mail), the request including all resulting personal data (identification data, contact details) will be stored and processed by us for the purpose of processing your request.
This data is processed based on Art. 6 (1) (b) GDPR if the request is related to the fulfillment of an order or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR), if applicable.
Your information may be stored in our customer relationship management systems (“CRM systems”). The legal basis for the further processing of your data is the preparation of a business transaction (in accordance with Art. 6 (1) (f) GDPR).
Application / Career
We process your personal data (Identification data, contact details, application data and documents) exclusively exclusively for the purpose of carrying out the application process, in particular for checking your application documents and conducting interviews. The legal basis for processing your personal data is part of the application process is Art. 6 (1) (b) GDPR, namely the performance of a contract or in order to take steps prior to entering into a contract.
Your data will only be passed on to those persons who are essential for the application process. These are, in particular, the HR department and those specific departments that are interested in your application. Your data will only be passed on to third parties if this is absolutely necessary to conduct the application process. In this case, recipients may be our service providers or affiliated companies.
Under certain circumstances, it may be necessary to transfer your application documents to our parent company in Taiwan. This may be the case particularly if a decision on your application has to be made in close cooperation with our Taiwanese colleagues.
In this context, we would like to point out that Taiwan is not part of the European Economic Area (EEA) and does not ensure an adequate level of data protection within the meaning of the General Data Protection Regulation (GDPR). However, we will ensure that your personal data is protected in accordance with the provisions of the GDPR and other relevant data protection laws by implementing technical measures such as encrypting your data.
We will ensure, for example, that the appropriate legal framework for the transfer is in place before a transfer takes place, either by entering into standard contractual clauses or by obtaining your explicit consent. We will also ensure that the transfer includes only those personal data that are necessary for the purpose of the transfer.
If your application does not lead to the conclusion of an employment contract, your application documents will be deleted six months after the end of the application process. Your data will only be stored for a longer period if you expressly consent to it being stored in our talent pool. In this case, we store your data for a period of two years or until you revoke your consent.
Use of cookies
We only use non-essential cookies if you have given your express consent (opt-in) in accordance with § 25 German Telecommunications-Telemedia Data Protection Act (TTDSG). In addition, if you do not want to have cookies stored on your computer you can deactivate the corresponding option in the Cookie Consent Management Tool available here Cookie Settings
The legal basis for the use of cookies that are required for the technical functionality of the online platform is Art. 6 (1) (f) GDPR. Our legitimate interest is the user-oriented and economically efficient operation of our website.
If you have consented to the storage of cookies or to access information on your end device, both activities are carried out based on § 25 (1) TTDSG.
The legal basis for the data processing of data stored in cookies for the online marketing measures described below is your consent in accordance with Art. 6 (1) (a) GDPR.
More information about the cookies we use can be found here Cookie Settings.
Cookie Consent Management Tool (OneTrust)
We use Cookies on our website. For the use of some of them, we are required by law (e.g. § 25 (1) of the German Telecommunications Telemedia Data Protection Act – TTDSG) to obtain your prior consent. To do so and in order to document in a compliant way your consent, we use the Cookie Consent Management Tool provided by One Trust, a company registered under the trade name OneTrust LLC, Atlanta, GA, USA, 1200 Abernathy Rd NE, Building 600, Atlanta, GA 30328. For this processing activity, personal data may be collected and processed (e.g. IP address, UID, user preferences, or geolocation).
We concluded with OneTrust as Service Provider a Data Processing Agreement pursuant to Art. 28 GDPR. The use of OneTrust is based on our legitimate interest pursuant to Art. 6 (1) f GDPR and to comply with our legal obligation to obtain a valid consent for the processing of personal data, pursuant to Art. 6 (1) c GDPR in conj. with § 25 (1) TTDSG.
Concerning the retention period of the installed cookies, please refer the settings in the Consent Management Tool.
We would like to inform you, that it cannot be excluded that your personal data may be transferred to the USA. For the transfer of personal data to the USA, the European Commission adopted an adequacy decision for companies that are part to the so called EU-US Privacy Framework Agreement, which means, that personal data may be transferred to a recipient established in the USA if it has taken part to the Framework Agreement. One Trust LLC has taken part to this program. Furthermore, applicable Standard Contractual Clauses have been concluded with OneTrust, in accordance with Art. 46 GDPR. These Standard Contractual Clauses are available under https://legal.onetrust.com/.
Google Tag Manager
We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The Google Tag Manager is a tool that we can use either directly in your browser (client-side tagging) or indirectly cloud-based (server-side tagging) to integrate tracking or statistical tools and other technologies on our website. No user profiles are created by the Google Tag Manager itself, no cookies are set or stored and no independent analyzes are carried out. The Google Tag Manager only serves to manage and display the tools integrated via it. When using the Google Tag Manager, however, your IP address is recorded, which can also be transmitted to Google's parent company in the United States.
With regard to the processing of users' personal data, reference is made to the following information on Google services. Usage guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html
The Google Tag Manager is used based on your consent under Art. 6 (1) (a) GDPR and § 25 (1) TTDSG. The consent can be revoked at any time for the future.
Google Analytics
This website uses functions of the web analysis service Google Analytics either directly in your browser (client-side tracking) or indirectly on our webserver (server-side tracking). The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors.
The website operator receives various usage data, such as page views, length of stay, operating systems used and origin of the user. This data may be summarized by Google in a profile that is assigned to the respective user or their device.
The aim of using Google Analytics is to enable the user to be recognized for the purpose of analyzing user behavior through the use of various technologies (e.g., cookies or device fingerprinting). We use demographic characteristics for our analyses. The information collected by Google about the use of our website is usually transmitted to a Google server in the USA and stored there.
The use of Google Analytics is based on your consent according to Art. 6 (1) (a) GDPR and § 25 (1) TTDSG. The consent can be revoked at any time for the future.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/ .
You can object to the collection and storage of data at any time with effect for the future. You can object to the future collection and storage of your data by Google Analytics by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout .
We have concluded Data Processing Agreement with Google.
Data stored by Google at the user and event level that is linked to cookies, user identifiers (e.g., User ID) or advertising IDs (e.g., DoubleClick cookies, Android advertising ID) are anonymized after 26 months or deleted. You can find details on this under the following link: https://support.google.com/analytics/answer/7667196 .
You can find more information about the use of data by Google as well as settings and opt-out options on Google’s websites: https://www.google.com/intl/de/policies/privacy/partners (“Use of data by Google when using the websites or apps of our partners”), https://www.google.com/policies/technologies/ads (“Use of data for advertising purposes), https://www.google.de/settings/ads (“Managing information that Google uses to show you advertising”).
Google Target Audience
We use Google Analytics (for details please see above) to form target groups, provided you have given your consent to the use of Google Analytics, in order to show the ads that are displayed within the advertising services of Google and its affiliates only to those users who have either shown an interest in our website or who have certain characteristics (e.g., interests in certain topics or products determined from websites visited) and that we have sent to Google (so-called “remarketing” or “Google Analytics Audiences”).
We use Remarketing Audiences to ensure that our ads correspond to the potential interests of users.
The data is processed on the basis of your consent in accordance with Art. 6 (1) (a) GDPR.
You can find more information about the use of data by Google as well as settings and opt-out options on Google’s websites: https://www.google.com/intl/de/policies/privacy/partners (“Use of data by Google when using the websites or apps of our partners”), https://www.google.com/policies/technologies/ads (“Use of data for advertising purposes), https://www.google.de/settings/ads (“Managing information that Google uses to show you advertising”).
Google Display & Video 360
This website uses functions of Google Display and Video 360. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
We use the Google online marketing service “Display & Video 360” to place ads in the Google advertising network (e.g., in search results, in videos, on websites, etc.). Display & Video 360 differs from other services in that it shows real time advertisements based on your presumed interests. This allows us to show ads for and within our website in a more targeted manner so that we only show you those ads that potentially correspond to their interests. When you are shown an ad for products that you have been viewing on other websites, this is referred to as “remarketing”. For these purposes, upon accessing our websites and other websites on which the Google Advertising Network is active, Google will immediately run a code and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") will be incorporated into the website. With their help, an individual cookie, i.e., a small file, will be saved on the user’s device (comparable technologies may also be used instead of cookies). This file keeps a record of which websites you have visited, what content you are interested in and what offers you have clicked on, as well as technical information about the browser and operating system, websites that have referred you, access duration, and other information regarding the use of our website.
The above information may also be linked with such information from other sources by Google. If you subsequently visit other websites, you may be shown advertisements tailored to your presumed interests on the basis of your user profile.
Your data is processed pseudonymously within the Google Advertising Network. This means that Google does not store and process, for example, your name or email address but instead processes the relevant data using cookies within the pseudonymous user profile. In other words, from the perspective of Google, the ads are not managed and displayed for a person who is concretely identifiable, but rather for the person with the cookie, irrespective of who this person is. This does not apply if you have expressly permitted Google to process the data without pseudonymization. The information about you collected by Google Marketing Services is transmitted to Google and stored on Google servers in the U.S.
The use of Google Remarketing is based on your consent according to Art. 6 (1) (a) GDPR and § 25 (1) TTDSG. The consent can be revoked at any time for the future.
You can find more information about the use of data by Google as well as setting and opt-out options in Google’s privacy policy ( https://policies.google.com/technologies/ads s) as well as the settings for showing ads by Google ( https://adssettings.google.com/authenticated ).
Google (re)marketing services
This website uses functions of Google Analytics Remarketing. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Remarketing analyzes your user behavior while visiting our website in order to classify you into certain advertising target groups in order to show you suitable web messages when you visit other online offers (remarketing or retargeting).
Furthermore, the advertising target groups created with Google Remarketing can be linked to Google's cross-device functions. In this way, interest-related, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. mobile phone) can also be displayed on another of your end devices (e.g. tablet or PC).
If you have a Google account, you can object to personalized advertising using the following link: https://www.google.com/settings/ads/onweb/ .
The use of Google Remarketing is based on your consent according to Art. 6 (1) (a) GDPR and § 25 (1) TTDSG. The consent can be revoked at any time for the future.
Further information and the data protection regulations can be found in Google's data protection declaration at: https://policies.google.com/technologies/ads .
LinkedIn Lead Gen Form
As part of our use of LinkedIn, a service offered by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, we use so-called Lead Gen Forms.
Lead Gen Forms are ad placements that enable the integration of contact forms in sponsored content directly on the platform. We use the data you provide there to process your request for information. This data is transmitted to us by LinkedIn.
Our processing of the data is based exclusively on your consent (Art. 6 (1) (a) GDPR). You can revoke this consent for the future at any time. For this purpose, a communication by email to nexensos@yageo.com is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data you entered will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.
The specific purpose of the data processing of the respective Lead Gen Forms is explicitly listed in the context of the advertisement (e.g., sending product information or contacting you for the purpose of answering your inquiry).
LinkedIn Insight Tag
We use the service LinkedIn Insight Tag, provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, to measure conversions.
This tool creates a cookie on your web browser. We set the cookie exclusively with your consent in accordance with § 25 (1) TTDSG. The processing of the data is based exclusively on your consent (Art. 6 (1) (a) GDPR).
The cookie enables the collection of data regarding LinkedIn member’s visits on our website including the URL, referrer, IP address, device and browser characteristics (User Agent), and timestamp. The IP addresses are truncated or hashed (when used for reaching LinkedIn members across devices), and LinkedIn members’ direct identifiers are removed within seven days in order to make the data pseudonymous. This remaining pseudonymized data is then deleted within 180 days.
LinkedIn does not share any personal data with us, but offers anonymous reports on website audience and display performance.
LinkedIn members can control the use of their personal data for advertising purposes through their account settings: https://www.linkedin.com/psettings/advertising/actions-that-showed-interest
Further information on data protection at LinkedIn can be found in LinkedIn's data protection information: https://www.linkedin.com/legal/privacy-policy
LinkedIn Retargeting
We use the LinkedIn remarketing provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, to display our advertising to a dedicated target group.
We use LinkedIn to show the advertisements displayed within LinkedIn advertising services and its affiliates only to those users who have also shown an interest in our website or who have certain characteristics (e.g., interests in specific themes or products that are determined from the websites visited), which we submit to LinkedIn (so-called "remarketing"). We use LinkedIn to ensure that our ads correspond to the potential interests of users.
In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. We can use this data to display targeted advertising outside of our website without identifying you as a website visitor.
The processing of the data is based exclusively on your consent (Art. 6 (1) (a) GDPR). You can revoke this consent for the future at any time by changing the Cookie Settings
LinkedIn members can control the use of their personal data for advertising purposes through their account settings: https://www.linkedin.com/psettings/advertising/actions-that-showed-interest
Further information on data protection at LinkedIn can be found in LinkedIn's data protection information: https://www.linkedin.com/legal/privacy-policy
CRM Systems
Salesforce
We use the Salesforce CRM system from Salesforce (Salesforce, Inc. Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, California 94105, United States) – hereafter referred to as “Salesforce” – as a cloud service. We use the system to manage customers and prospective customers (leads) and to process user requests faster and more efficiently. The use of the system is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR.
Salesforce acts as a Processor in the meaning of Art. 4 (8) GDPR and a Data Processing Agreement pursuant to Art. 28 GDPR has been concluded accordingly. We also inform you, that personal data may be transferred to a third-country, namely the USA. According to Art. 45 seq. GDPR, personal data may be transferred to a third country only if the country of destination benefits from an adequacy decision from the European Commission. If the country of destination does not benefit from an adequacy decision, the transfer is still possible if the Parties adopt appropriate safeguards such as so called Standard Protection Clauses pursuant to Art. 46 (2) (c) GDPR.
Standard Protection Clauses are included in the Data Processing Agreement concluded with Salesforce. Furthermore, we inform you that the European Commission adopted in July 2023 an adequacy decision for the United States to the adequacy decision. However, this adequacy decision only applies to companies that take part to the EU-US Data Privacy Framework. Salesforce took part to the EU-US Data Privacy Framework.
More information on how Salesforce processes personal data can be found HERE.
Hubspot
We use Hubspot for our marketing activities (e.g. for capturing leads, for sending out marketing mailings) from Hubspot Inc. The legal basis for using Hubspot is our legitimate interests in accordance with Art. 6 (1) GDPR.
Hubspot acts as a Processor in the meaning of Art. 4 (8) GDPR and a Data Processing Agreement pursuant to Art. 28 GDPR has been concluded accordingly.
We also inform you, that personal data may be transferred to a third-country, namely the USA. According to Art. 45 seq. GDPR, personal data may be transferred to a third country only if the country of destination benefits from an adequacy decision from the European Commission. If the country of destination does not benefit from an adequacy decision, the transfer is still possible if the Parties adopt appropriate safeguards such as so called Standard Protection Clauses pursuant to Art. 46 (2) (c) GDPR.
Standard Protection Clauses are included in the Data Processing Agreement concluded with Hubspot. Furthermore, we inform you that the European Commission adopted in July 2023 an adequacy decision for the United States to the adequacy decision. However, this adequacy decision only applies to companies that take part to the EU-US Data Privacy Framework. Hubspot took part to the EU-US Data Privacy Framework.
More information on how Hubspot processes personal data can be found HERE.
Online Presence in Social Media
We maintain a presence in social networks and platforms in order to be able to communicate with active customers, interested parties and users who are active there and to provide information to users there about our services.
Please note that user data may be processed outside of the European Union and Switzerland. This may imply risks for users because, for example, it could be more difficult to enforce user rights.
In addition, user data is generally processed for market research and advertising purposes. For example, user behavior and the resulting information about the user’s interests can be used to create user profiles. The user profiles can, in turn, be used to place advertisements, for example, within and outside of platforms that are supposedly in line with user interests. For these purposes, cookies that record the user’s behavior and interests are generally stored on the user’s computer. In addition, data can also be stored in the user profiles separately from the users' devices (in particular if the users are members of the relevant platforms and are logged in to them).
The personal data of users is processed on the basis of our legitimate interests in providing effecting information to users and communicating with users. If the users are asked to consent to data processing by the respective providers (i.e., give their consent, for example, by clicking a check box or pressing a button), the legal basis of the processing is consent.
For a detailed overview of the processing and opt-out options discussed in this paragraph, see the information from the provider in the following link:
- Google/YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
a.) Privacy policy: https://policies.google.com/privacy
b.) Opt-out: https://adssettings.google.com/authenticated
- LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
a.) Privacy policy: https://www.linkedin.com/legal/privacy-policy
b.) Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Please note that if you are looking for information or asserting your rights, it is best to contact the respective provider directly. Only the providers have access to your data and can take appropriate measures and provide information. You can contact us if you still need assistance.
Your data privacy rights
You can assert your rights as a data subject with regard to your processed personal data at any time using the contact details of the Data Protection Officer given above. As a data subject, you have the following rights.
Right to revoke consent: If personal data is processed on the basis of consent, you have the right to revoke this consent at any time for the future in accordance with Art. 7 GDPR.
Right to information and access: In accordance with Art. 15 GDPR, you can request confirmation of whether their data is being processed. If this is the case, users have the right to information regarding the information at no charge.
Right to rectification: If personal data has been processed while incorrect, you have the right, to request that this data be corrected immediately in accordance with Art. 16 GDPR.
Right to erasure: If you have revoked your consent, objected to the processing of your personal data (and there are no overriding legitimate reasons for the processing), your personal data is no longer necessary for the original purpose of the processing, there is a corresponding legal obligation or personal data has been processed unlawfully, you have the right to request the deletion of your personal data in accordance with Art. 17 GDPR.
Right to restriction of processing: Under the provisions of Art. 18 GDPR, you have the right to demand that the processing of their personal data be restricted.
Right to data portability: In accordance with Art. 20 GDPR, you have the right to receive the personal data they provided in a structured, commonly used and machine-readable format.
Right to object: If processing the personal data is necessary to safeguard the legitimate interests of our company, you can object to the processing at any time in accordance with Art. 21 GDPR.
Right to file a complaint: In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the responsible supervisory authorities.
Changes to the Privacy Policy
We reserve the right to change the privacy policy in order to adapt to changes in the legal situation or to changes in our services and data processing. However, this only applies to policies regarding data processing.
If the consent of the user is required or if elements of the privacy policy contain components of the contract agreed the user, the changes will only be made with the user's consent.
Users are requested to familiarize themselves regularly with the content of the privacy policy.