Data Protection Declaration

Privacy Policy

We are delighted to welcome you to the website of Pourch Partners AG, part of the Capri Sun Group Holding AG (Capri-Sun website). We have created this privacy statement to demonstrate our firm commitment to the protection of your privacy and personal data.

Pouch Partners AG takes your legitimate interests in data protection very seriously and observes the provisions of the European General Data Protection Regulation (GDPR) and where applicable, the provisions of other applicable data protection regulations.

Pouch Partners AG handles the data transmitted by you carefully and with due diligence. As far as data of any kind is collected, processed or used, this is always done within the scope of the applicable legal provisions or after obtaining explicit consent from you.

Protecting the individual’s privacy on the Internet is crucial to the future of Internet-based business models and the move toward a true Internet economy. Pouch Partners AG has created this privacy statement to demonstrate its firm commitment to the individual’s right to privacy. This privacy statement outlines Pouch Partners AG's personal information handling practices for this website.

This privacy statement covers this website and all other sites that reference this privacy statement. Some Pouch Partners AG entities may have their own, possibly different, privacy statements. We encourage you to carefully read the privacy statements of each of the Pouch Partners websites you visit.

The controller according to Art. 4 Para. 7 of the General Data Protection Regulation (GDPR) is:

Pouch Partners AG
Lindenstrasse 10
6340 Baar
Switzerland
Phone: +41 41 768 9526

Internet: www.pouchpartners.com
Email: info@pouchpartners.com
Trade Register Office Canton of Zug: CH-170.3.030.775-8

You can contact Pouch Partners AG's company data protection officer for Germany at:

Pouch Partners AG
Anke Moser
Email: data-protection@pouchpartners.com

Global Privacy Fundamentals

Our privacy practices reflect current global principles and standards on handling personal information. These principles include notice of data use, choice of data use, data access, data integrity, security, onward transfer, and enforcement/oversight. Pouch Partners AG abides by the EU General Data Protection Regulation (GDPR).
It is our policy not to collect and store any personal data about you when you visit the Pouch Partners AG website. Rather, this only happens in cases where we have expressly asked you for personal data beforehand.

Consent

By using this website, you consent to the electronic storage and use of your data as described below. If Pouch Partners AG decides to make changes to this privacy statement, we will post the changes on this site so that you will always know what data we store, and how we use it.

From time to time, as may be required by applicable law, we may also seek your explicit consent to process certain personal data and information collected on this website or volunteered by you.

Collection and Processing of Your Personal Data

To serve you better and understand your needs and interests, Pouch Partners AG collects and uses personal information in the following manner and in accordance with applicable data protection laws.

When you visit our website, we may record your IP address in anonymized form and use cookies and other Internet technologies (referred to below as "Automated Tools" and "Embedded Web Links") to gather general information about our visitors and their interests. The technologies used and the information collected are described in more detail below.

We may further collect and process any information and data that you volunteer to us, e.g. when you register for events, subscribe to newsletters, participate in online surveys, discussion groups or forums, or when you make purchases.

Use and Purpose of Collected Personal Data

The data Pouch Partners AG collects to understand your needs and interests helps Pouch Partners AG deliver a consistent and personalized experience. Pouch Partners AG will use such data only as described in this privacy statement. We will not subsequently change the way your personal data is used without your consent unless this is otherwise permitted by law.

We always process your personal data for a specific purpose.

In particular, we process your personal data for the following purposes:

  • To manage our relationship with you, e.g. through our databases, in which we collect data about you from our various sources in order to get an overview of the collaboration; also, to improve and individualize our understanding of your preferences and our communication with you;
  • To process your orders and deliver the products and services that you have ordered;
  • To implement tasks in preparation of or to perform existing contracts;
  • To evidence transactions and ensure transparency on transfers of value;
  • To provide you with appropriate and current information about research as well as our products and services;
  • To improve the quality of our products and services by adapting our offering to your specific needs;
  • To answer your requests and provide you with efficient support;
  • To track our activities (e.g. measuring collaboration or sales, number of appointments/calls, issues discussed, documents presented);
  • To invite you to events sponsored or used by us (e.g. speaker events, conferences);
  • To grant you access to our specified IT systems so that you can use certain services of Pouch Partners AG;
  • To manage our IT resources, including infrastructure management and business continuity;
  • To preserve the company’s economic interests and ensure compliance and reporting (such as complying with our policies and local legal requirements, tax and deductions, internally defined contribution caps, managing alleged cases of misconduct or fraud; conducting audits and defending litigation);
  • Archiving and record keeping;
  • To support recruitment inquiries;
  • Billing and invoicing; and any other purposes imposed by law and authorities;
  • In certain cases, we are legally obliged to transfer certain data to the requesting government agency (institution or authority). The legal basis for the processing is Art. 6. Para. 1 (c) GDPR and Art. 24 Para. 2, No 1 of the German Federal Data Protection Act;
  • In some cases, business partners require personal data from our customers. This is usually done for the purpose of order fulfillment (e.g. in case of complaints). This is expressly provided for by law. In this case, Pouch Partners AG remains responsible for the protection of your data – in addition, the processor may also be responsible. The service provider works strictly in accordance with our instructions, which Pouch Partners AG ensures by means of strict contractual regulations;
  • To fulfil legal obligations to record, document and report to the responsible authorities.

IP Addresses

We use IP addresses to help diagnose problems, to administer our website, and to gather demographic information. We may also use IP addresses or other information you have shared on this website to determine which pages on our sites are being visited and topics that may be of interest to our visitors so we can provide you with information about relevant products and services. Pouch Partners AG only collects such data in anonymized form and will not link it to a registered user's profile without the consent of that user. When you visit our site, we recognize only your domain name.

Pouch Partners AG will only gather data related to your visit to the Pouch Partners AG website. We do not track or collect personal data from your visits to companies or entities outside the Pouch Partners AG group of companies.

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

browser type and browser version

the operating system used

referrer URL

the host name of the accessing computer

the time of the server request

IP address

This data is not merged with other data sources. The legal basis for processing these data is Art. 6 Para. 1 (b) GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

Cookie Consent With Borlabs Cookie

Our website uses Borlabs Cookie Content technology to obtain your consent to the storage of certain cookies in your browser and to document this consent in accordance with data protection regulations. This technology is provided by Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is saved in your browser which stores the consent you have given or the revocation of such consent. This data is not shared with the provider of the Borlabs cookie.

The collected data will be stored until you request us to delete it or delete the Borlabs cookie yourself or until the purpose for which the data is stored no longer applies. Statutory retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://borlabs.io/kb/what-information-does-borlabs-cookie-store/

Borlabs Cookie Consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 Para. 1 Sent. 1 (c) GDPR.

Cookies

a) We use cookies on our website(s). These are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our websites. Cookies cannot do damage to your computer and do not contain viruses, trojans or any other malware. The information stored in the cookie pertains to the specific device used. This, however, does not give us direct knowledge of your identity. The use of cookies serves to make using our online services more pleasant for you. For example, we use what are known as session cookies to determine that you have already visited individual pages on our website. These are automatically deleted after leaving our website.

b) In addition, to further improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our website again to use our services, we will automatically determine that you have already visited our website and what inputs and settings you have made in order to avoid having to re-enter them.

c) Furthermore, we use cookies to statistically record the use of our website and to analyze it for the purpose of optimizing our website offerings. These cookies enable us to automatically determine that you have visited our website before. These cookies are automatically deleted after a defined period of time.

d) The data processed by cookies are necessary for the purposes mentioned in order to safeguard our legitimate interests and the interests of third parties under Art. 6 Para.1 Sent. 1 (f) GDPR.

e) Most browsers accept cookies automatically. You can, however, configure your browser in such a way that no cookies are stored on your computer or that a notice is displayed before a new cookie is created. Disabling cookies completely, however, may mean that you will not be able to use all the features on our website.

Email Addresses

If you choose to give us your email address or submit it through our contact form, we will communicate with you via email. We do not share your email address with others outside Pouch Partners AG or the Capri Sun Group Holding AG group of companies. You can opt out of receiving email communications from Pouch Partners AG at any time.

External Service Providers

We work with external service providers that process certain data on our behalf. This is done exclusively in accordance with the applicable data protection laws. In particular, we have entered into commissioned data processing agreements with our service providers which satisfy the requirements of Art. 28 GDPR.

Email Newsletter

Information About the Newsletter and Consent

With the following information, we inform you about the content of our newsletter as well as the registration, sending and statistical analysis procedures as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.

Content of the Newsletter

You can subscribe to an email newsletter on the Pouch Partners website.
To sign up for the newsletter, it is sufficient to enter your email address. We also use additional data such as last and first name, country, and customer group. The sole purpose of the information provided is personalization and segmentation of the newsletter.

We send newsletters and emails with advertising information (hereinafter "newsletter") only with the consent of the recipient or a legal permission. The content of the newsletter described as part of the newsletter registration are authoritative for the consent of the users.

Your consent – which may be withdrawn at any time – is given by entering your email address in the field for subscribing to the newsletter and confirming the following statement by checking a click box:

"Yes, I would like to receive the Pouch Partners AG newsletter by email so that I can stay informed about news and promotions. I can unsubscribe from the Pouch Partners AG newsletter at any time by clicking the unsubscribe link in the newsletter."

Double Opt-in and Logging

Subscribing to our newsletter involves what is known as a double opt-in process. This means that after subscribing, you will receive an email requesting that you confirm your subscription. This confirmation is necessary to verify that you are subscribing with your own email address. Subscriptions to the newsletter are logged in order to be able to verify that the subscription process was consistent with legal requirements. This includes storing the time of subscription and confirmation as well as the IP address.

Statistical Survey and Analysis

The newsletters contain a "web beacon", that is, a pixel-sized file that is retrieved when the newsletter is opened. With this retrieval, technical information such as information about the browser and your system as well as your IP address and the time of retrieval is initially collected. This information serves to improve the technical performance of services based on the technical data or target audiences and their reading habits, based on their locations (which can be determined using the IP address) or access times.

These statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. Even though this information can be attributed to individual newsletter recipients for technical reasons we do not endeavor to monitor individual users. Rather, these analytics serve to determine the reading habits of our users and to adapt our content accordingly or to send different content that accommodates the interests of our users.

Data Transfer, Transfer to a Third Country

Your personal data will not be transferred to third parties for any purposes other than those set out below. We will only transfer your personal data to third parties if:
a) you have given your express consent in accordance with Art. 6 Para. 1 Sent. 1 (a) GDPR, Art. 26 Para. 2 German Federal Data Protection Act (BDSG),

b) the transfer is necessary in accordance with Art. 6 Para. 1 Sent. 1 (f) GDPR for the purpose of asserting, exercising or defending legal claims, and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

c) in the event that there is a legal obligation to transfer the data pursuant to Art. 6 Para. 1 Sent. 1 (c) GDPR and

d) this is legally permissible and necessary under Art. 6 Para. 1 Sent. 1 (b) GDPR, Art. 26 Para. 1 German Federal Data Protection Act (BDSG) for the execution of a contractual relationship with you or for pre-contractual measures at your request.

With the exception of the Capri Sun Group Holding AG group of companies and Pouch Partners AG, transfer to a third country or an international organization is not intended and there is no automated decision making unless otherwise provided in this privacy statement.

Pouch Partners AG, however, may also share such information with business partners, service vendors, authorized third-party agents or contractors in order to provide a requested service or transaction, including processing orders, providing customer support, or providing you with information on products and services that may be of interest to you.

We do not sell or rent your personal data to third parties for marketing purposes unless you have granted us permission to do so.
Pouch Partners AG may respond to subpoenas, court orders, or legal process by disclosing your personal data and other related information, if necessary. We also may choose to establish or exercise our legal rights or defend against legal claims.
Circumstances may arise where, whether for strategic or other business reasons, Pouch Partners AG decides to sell, buy, merge, or otherwise reorganize businesses. Such a transaction may involve, in accordance with applicable law, the disclosure of personal information to prospective or actual purchasers. It is Pouch Partners AG’s practice to seek appropriate protection for information in these types of transactions.
We may collect and possibly share personal data and any other additional information available to us in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, or violations of Pouch Partners AG's terms of use, or as otherwise required by law.

In the context of training registration and subject to your prior express consent, we will share your personal data with third parties, in this case organizers or hotels. This means that 2 weeks

Data Transfer to Third Countries, Particularly to the USA

Some third-party providers also process personal data in a third country without an adequate level of EU data protection, e.g. in the USA. We are obliged to inform you that according to the decision of the European Court of Justice and in the opinion of the Conference of Independent Data Protection Supervisory Authorities of the Federation and the Länder (DSK) of July 28, 2020 (Schrems II), there is currently no adequate level of data protection for the transfer of data to the USA. This can be associated with various risks to the legality and security in terms of data protection law. As a basis for data processing at recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway and particularly in the USA) or a data transfer there, third party providers use standard contractual clauses approved by the EU Commission (= Art. 46 Para. 2 and 3 GDPR). These clauses oblige third-party providers to comply with the EU level of data protection when processing relevant data even outside the European Union. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places:

Links to social networks

The Capri Sun's website has links on some of its pages that can serve to establish a connection to social networks such as Facebook, Instagram, LinkedIn, and XING.

This allows for a connection between your Internet browser and the server of the relevant social network to be established for a short period of time and the content of the platform to be transmitted from there to your Internet browser.
The operator of the social network learns your IP address when you click on these links. In certain cases, the operator of the social network additionally tries to store a cookie on your computer, which is deleted when you close your internet browser.

If you are logged in to your relevant social network account at the same time, information regarding your visit to the Capri Sun AG website may be attributed to your account with that social network and stored, processed and used by the operator of the social network.

The Capri Sun Website contains links to the social networks www.facebook.com and www.instagram.com. You can only use the website if you have a Facebook user account and or an Instagram user account and are logged in with it. Go to www.facebook.com/about/privacy/ to learn how Facebook processes and uses the data you disclose as a user of facebook.com and to what extent you can restrict its publication.

Analysis Tools

The tracking measures listed below and used by us are carried out based on Art. 6 Para. 1 Sent. 1 (f) GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. Furthermore, we use tracking measures to statistically record the use of our website and to analyze it for the purpose of optimizing our website offerings. These interests are considered legitimate within the meaning of the aforementioned provision. For the respective data processing purposes and data categories, please refer to the corresponding tracking tools described in detail below.

Privacy Statement for the Use of Matomo

(1) This website uses the Matomo web analytics service to analyze the use of our website and regularly improve it. The statistics we compile enable us to improve our offering and make it more engaging for you as a user. The legal basis for the processing of personal data is Art. 6 Para. 1 Sent. 1 (f) GDPR.
(2) For this analysis, cookies (more details in section 3) are stored on your computer. The data controller stores the information collected in this way exclusively on a server in France. You can prevent the analysis by deleting existing cookies and preventing the storage of cookies. If you prevent the storing of cookies, please note that you may not be able to use this website in its entirety You can prevent the storing of cookies by making the appropriate settings in your browser. You can prevent the use of Matomo by removing the following check mark to activate the opt-out option:
(3) This website uses Matomo with the "AnonymizeIP" setting. This means that IP addresses are processed in truncated form, so as to eliminate any direct tracking to a specific person. The IP address transmitted by your browser via Matomo is not associated with other data collected by us.
(4) The Matomo program is an open source project.
(5) For more information on the third-party provider's privacy policy, please visit:

Privacy Statement for the Use of Facebook Social Plugins

We use social plugins ("plugins") of the social network facebook.com on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 Para. 1 (f) GDPR) social plugins ("plugins") of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are recognizable by one of the Facebook logos (white "f" on blue tile, the terms "Like" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". For a list and appearance of Facebook social plugins go to: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law.

FACEBOOK INC. and THE EU-US PRIVACY SHIELD and SWISS-US PRIVACY SHIELD

Facebook Inc. ("Facebook") is now certified for the EU-US Privacy Shield Framework Agreement and the Swiss-US Privacy Shield Framework Agreement (collectively, the "Privacy Shield Framework Agreements") by the U.S. Department of Commerce. These agreements address the collection and processing of personal data of our advertisers, customers, or business partners in the European Union and Switzerland (if a Swiss data controller uses Facebook as a data processor) (the "Partners") in connection with the products and services described in the "Scope" section below and in our Certification.

https://www.facebook.com/about/privacyshield

When a user calls up a function of this online offering that contains such a plugin, his device establishes a direct connection with the Facebook servers. The content of the plugin is transmitted directly from Facebook to the user’s device, which integrates it into the online offering. In doing so, usage profiles of the users can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.

By embedding the plugins, Facebook receives the information that a user has called up a certain page of the online offering. If the user is logged in to Facebook, Facebook may match the visit to their Facebook account. If users interact with the plugins, e.g. press the Like button or leave a comment, the respective information is transmitted directly to Facebook by your device and stored there. If a user has no Facebook account, there is still a possibility that Facebook identifies and stores their IP address. According to Facebook, only an anonymized IP address is saved in Germany.

Purpose and extent of data collection, further processing and use of data by Facebook as well as rights in this regard and configuration options to protect the privacy of users can be found in the Privacy Policy of Facebook at: https://www.facebook.com/about/privacy/.

If a user has a Facebook account and does not want Facebook to collect data about them through this online offering and link it to their account data stored by Facebook, they must log out of Facebook before using our online offering and delete their cookies. Further settings and objections to the use of data for advertising purposes, are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

Privacy Statement for the Use of YouTube Plug-Ins

Our website employs plug-ins provided by the Google-operated website YouTube. Operator of this site is: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, fax: +353 (1) 436 1001.
When you visit a site equipped with a YouTube plug-in, a connection is established to the YouTube servers. In the process, the YouTube server is informed which of our pages you have visited. If you are logged in to your YouTube account, you enable YouTube to associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube takes place in the interest of an appealing presentation of our online services. This represents a legitimate interest in the sense of Art. 6 Para. 1 (f) GDPR. For more information on the handling of user data, please refer to YouTube's privacy policy at: https://www.google.com/analytics/terms/us.html, the data protection overview at: https://support.google.com/analytics/answer/6004245?hl=en, and the privacy statement at: https://policies.google.com/privacy?hl=en&gl=en.

If you do not wish to participate in the tracking process, you can disable the automatic setting of cookies in your browser settings. You can also choose to block only specific cookies for conversion tracking by modifying your browser settings so that cookies from the domain "googleadservices.com" are not allowed.

For further information and to view the Google privacy policy, click here and here.

Privacy Statement on the Use of Facebook

Our website uses technology from Facebook Ireland Limited ("Facebook", 4 Grand Canal Square, Dublin 2, Ireland). Facebook is an Internet advertising service that allows advertisers to target users with ads on Facebook directly and on the Facebook ad network. By using the remarketing function "Custom Audiences", users of the website are shown what is known as "Facebook Ads" when visiting Facebook or other sites using the technology, which contain interest-based ads. The purpose is to make our website more attractive through targeted marketing as well as the placement of ads. If you have a Facebook account, this can be recognized by the set Facebook pixel through which the collected usage data is transmitted to Facebook. The Facebook pixel is a JavaScript code. Facebook uses tracking cookies to target Facebook ads based on information about user behavior and device-related information. This data is stored for no longer than 180 days. For more information on the purpose and extent of data collection, further processing and use of data by Facebook and your configuration options to protect your privacy please refer to Facebook's Privacy Policy. If you do not want to be shown interest-based ads, you can disable this feature in your browser.

We have no influence on information that is processed and/or merged by Facebook. Facebook may be able to identify you, for example, if the data can be matched to your Facebook account or you are logged into a Facebook account.

You can find out about corresponding Facebook ad settings at https://www.facebook.com/about/basics/advertising and manage settings accordingly. Instructions on how to do this can be found here https://www.facebook.com/about/basics/advertising/ad-preferences. Logged in users can disable and manage the settings here https://www.facebook.com/settings/?tab=ads#_. 

The data generated in this context may be transferred by Facebook to a server in the USA for analysis and stored there. In the event that personal data is transferred to the USA, we obtain your express consent for this data transfer via the cookie banner in accordance with Art. 49 Para. 1 (a) GDPR.

Privacy Statement for the Use of LinkedIn

Our website employs plug-ins provided by the LinkedIn network, a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter "LinkedIn"). You can recognize the LinkedIn plug-ins by the LinkedIn logo or the "Share" button on our site (hereinafter referred to as "LinkedIn plug-ins"). When you visit our website, the LinkedIn plug-ins establish a direct connection between your browser and the LinkedIn server. This provides LinkedIn with the information that you have visited this website using your IP address. When you click the LinkedIn “Share” button while you are logged into your LinkedIn account, you can link the contents of this website with your LinkedIn profile. This allows LinkedIn to allocate the visit to this website to your account. Please note that as the provider of this website we receive no information from LinkedIn regarding the contents of the transmitted data or how it is used. For details on data collection (purpose, extent, further processing, use) as well as your rights in this regard and your settings options, refer to LinkedIn's privacy policy. You can find the LinkedIn privacy policy at http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv

Privacy Statement for the Use of XING

The "XING share button" is used on this website. When you visit this website, your web browser will briefly connect to the servers of XING AG ("XING") which provide the functions of the "XING share button" (including a visitor counter). XING does not store any personal data about you and your visit when you visit the website. XING does not store IP addresses or use cookies to monitor your visit behavior in relation to the "XING share button". Please visit the following website for the latest version of the XING share button privacy policy and for further information: https://dev.xing.com/plugins/share_button/privacy_policy
Privacy Statement for the Use of Instagram
Our online offering may include functions and contents of the service Instagram, provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. This may include, for example, content such as images, videos, or text and buttons that allow users to express their liking for the content, subscribe to the content creators, or subscribe to our posts. If the users are members of the Instagram platform, Instagram can match the accessing of the above-mentioned content and functions to the profiles of the users there. Instagram's Privacy Policy: http://instagram.com/about/legal/privacy/.

Privacy Statement for the Use Microsoft Teams

We use the "Microsoft Teams" service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter "Microsoft Teams") to conduct online meetings, video conferences, and/or webinars. In the case of using Microsoft Teams, different types of data are processed.
The extent of the data processed depends on the data you provide before or during participation in an online meeting, video conference, or webinar. When using Microsoft Teams, data of the communication participants is processed and stored on Microsoft Teams servers. This data may include, but is not limited to, your credentials (name, email address, phone (optional), and password) and meeting data (topic, participant IP address, device information, description (optional)).

In addition, visual and auditory contributions of the participants, as well as voice inputs in chats may be processed. When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 Para. 1 (b) GDPR serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 Para. 1 (a) GDPR. Consent, once given, can be withdrawn at any time with effect for the future. Furthermore, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest in accordance with Art. 6 Para. 1 (f) GDPR in the effective conduct of the online meeting, webinar, or video conference.

For more information regarding data usage by Microsoft Teams, please refer to the Microsoft Teams Privacy Policy at:

https://privacy.microsoft.com/en-us/privacystatement

Links to Other Websites

Our website may contain links to third-party websites. Pouch Partners AG is not responsible for the privacy practices or the content of third-party websites or websites that are not owned by Pouch Partners AG or its affiliates.

Data Retention

Pouch Partners AG will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.

Applicant Privacy Notice

(1) We process applicant data only for the purpose and in the context of the application procedure in accordance with the legal requirements. The processing of the applicant data takes place in order to fulfil our (pre)contractual obligations within the scope of the application procedure pursuant to Art. 6 Para. 1 (b). GDPR, Art. 6 para. 1 (f) GDPR insofar as data processing becomes necessary for us, e.g. within the framework of legal proceedings (in Germany, Art. 26 of the German Federal Data Protection Act (BDSG) also applies).

(2) The application process requires that applicants provide us with their data. Necessary applicant data are personal details, postal and contact addresses and the documents accompanying the application, such as cover letter, curriculum vitae and certificates. In addition, applicants may voluntarily provide us with additional information.

(3) By submitting the application to Pouch Partners AG, applicants agree to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this privacy statement.

(4) Insofar as special categories of personal data pursuant to Art. 9 Para. 1 GDPR are voluntarily disclosed in the application process, they are additionally processed in accordance with Art. 9 Para. 2 (b) GDPR (e.g. health data, e.g. severely disabled status or ethnic origin). Insofar as special categories of personal data pursuant to Art. 9 Para. 1 GDPR are requested from applicants in the application process, they are additionally processed in accordance with Art. 9 Para. 2 (a) GDPR (e.g. health data, if these are required for exercising the profession).

(5) Applicants can send their applications by mail or email. Please note, however, that emails are generally not sent in encrypted form and that the applicants themselves must ensure that they are encrypted. We therefore cannot accept any responsibility for the transmission of the application between the sender and the reception on our server. If the applicant is concerned about the security of the application documents sent by email, we recommend sending the application documents by mail.

(6) The data provided by the applicants may be further processed by us in the event of a successful application for employment purposes. Otherwise, if the application for a job opening is not successful, the applicants' data will be deleted. Applicants' data will also be deleted if an application is withdrawn, which the applicants are entitled to do at any time.

(7) The deletion is subject to a legitimate withdrawal by the applicant and carried after a six-month application period so that we can answer any follow-up questions regarding the application and meet our obligations under the Equal Treatment Act.
In the event that you have agreed to the continued storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years.
If you have been accepted for a job in the application process, the data from the applicant data system will be transferred to our personnel information system.

Invoices for any reimbursement of travel expenses are archived in accordance with tax regulations.

Data subject rights

You have the right

a) in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the categories of personal data concerned, the categories of recipients to whom your personal data have been or will be disclosed, the planned storage period, the existence of the right to rectification, deletion, restriction or objection of processing of personal data, the right to lodge a complaint with a supervisory authority, the origin of your data where the personal data was not collected by us, and the existence of automated decision-making and, if applicable, meaningful information about the logic involved;

b) in accordance with Art. 16 GDPR, to demand without delay the correction of incorrect data or the completion of your personal data stored by us;

c) to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

d) in accordance with Art. 18 GDPR to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you reject its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims, or if you have filed an objection to the processing in accordance with Art. 21 GDPR;

e) in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request its transfer to another person responsible;

f) in accordance with Art. 7 Para. 3 GDPR, to revoke your consent to us at any time. As a result, we will no longer be allowed to continue processing the data based on this consent in the future and

g) in accordance with Art. 77 GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or of the registered office of our company.

For the assertion of the aforementioned rights as well as for questions regarding data protection, you can contact the person responsible or send an email to data-protection@pouchpartners.com.

Right to Object

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 Para. 1 Sent. 1 (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to exercise your right of withdrawal or objection, simply send an email to data-protection@pouchpartners.com.

The competent supervisory authority for data protection for Pouch Partners AG at its German location in Eppelheim is:

Baden-Württemberg Supervisory Authority
Die Landesbeauftragte für Datenschutz und Informationsfreiheit Baden-Württemberg
[The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg]
Postfach 10 29 32, 70025 Stuttgart
Urbanstr. 32, 70182 Stuttgart, Germany
Phone +49 711 615541 - 0
Fax: +49 711 615541 - 15
Email: poststelle@lfd.bwl.dee
https//www.baden-wuerttemberg.datenschutz.de

The competent supervisory authority for data protection for Pouch Partners AG at its Italian location is:

Contact data:
Garante per la protezione die dati personali
Piazza di Monte Citorio, 121
00186 Roma, Italy
Phone: 0039 – 06696771
Email: garante@gpdp.it
Internet: https://www.gpdp.it

The competent supervisory authority for data protection for Pouch Partners AG at its Swiss location is:

Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter
[Federal Data Protection and Information Commissioner]
Feldeggweg 1
3003 Bern
Switzerland
Phone:  0041 - 058 464 94 10 (for media inquiries only)
Fax: 0041 - 058 465 99 96

Data Security

a) While you visit our website, we use the common SSL procedure (Secure Socket Layer) with the highest possible encryption level supported by your browser. As a general rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we will resort to 128-bit v3 technology instead. Whether an individual page of our website is transmitted in encrypted form is indicated by the display of the closed key/lock symbol in the lower status bar of your browser.

b) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional tampering, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Furthermore, we bind our employees to observe your privacy and confidentiality rights pursuant to the EU General Data Protection Regulation (GDPR).

Changes to This Privacy Statement

In the event of new developments such as changes to the applicable data privacy laws, we will, if necessary, update this privacy statement accordingly.

Last updated: June 2, 2022