Select Page

Privacy Policy

This privacy policy provides an overview of the nature, scope, and purposes of the processing of personal data
when you visit our website. Personal data is all information with which you can be personally identified,
including your IP address.

Furthermore, this privacy policy contains a further section with general information on data protection, which
applies to all our processing activities.

The terms used in this declaration are based on the definitions in Art. 4 of the EU General Data Protection
Regulation (GDPR).

Information for users of our website

Responsible for the data
collection on this website

ReqPOOL GmbH, Freistädter Straße 313-315, 4040 Linz, Austria

Data collection on our website

On the one hand, your data is collected by you communicating it to us; on the other hand, data, in particular,
technical data, is collected automatically when you visit our website. Some of the data is collected in order to
ensure that our website functions correctly. Other data may be used for analysis. You can find out more about
this in the next section.

Used modules, plug-ins
or tools from third party providers

AWIN Affiliate Program

On our website, we use the AWIN affiliate program, in which advertising fees can be earned through the placement
of advertisements and links. This is an affiliate marketing network of AWIN AG, Eichhornstraße 3, 10785 Berlin,
Germany (“AWIN”).

Through the affiliate program, AWIN provides advertising materials that can be placed on external websites and
enable a link to AWIN. Participants in this affiliate program are advertisers and operators of websites that
sell products and services online. AWIN can track that you have been redirected to AWIN from our website. AWIN
also uses tracking tools to store and trace user actions. According to the manufacturer, the data is processed
in pseudonymised form.

For further information on data use by AWIN and the possibility of objecting, please refer to the AWIN data
protection declaration at: https://www.awin.com/gb/legal

Cloudflare

On our website Cloudflare is used as a so-called content delivery network (CDN). Cloudflare is a service of
Cloudflare Inc., 101 Townsend Street, San Francisco, California 94107, USA, (“Cloudflare”). 

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

A CDN is a service that helps us to provide content from our website, especially large media files, such as
images, by using regional and Internet-connected servers to be delivered faster. Delivering content through
servers near you reduces average website load times.

Cloudflare contributes both web optimization and security services. Cloudflare blocks threats and limits misuse
of server resources and bandwidth. Our website is significantly more powerful and less vulnerable to spam or
other attacks thanks to Cloudflare.

Cloudflare uses cookies and processes data of our website users.

If you visit our website, your requests will be directed by the server of Cloudflare. In this case, statistical
access data is collected when visiting our website. 

Access data includes:

– your IP address,
– the addresse(s) of our website you have visited,
– type and version of the internet
browser you are using,
– the operating system you are using,
– the website from which you have switched to
our website (referrer URL),
– the time of your stay on our website and
– the frequency of calling our
websites.

This data helps Cloudflare in particular to detect new threats and to ensure a high security standard for the
operation of our website.

Your data is processed to maintain the security and functionality of the CDN and to optimize our loading times.
The use of cookies by Cloudflare is done for security reasons to ensure the trustworthiness of an end device and
is absolutely necessary for the security function. This represents a legitimate interest within the meaning of
Art 6 paragraph 1 lit. f GDPR.

Cloudflare keeps data logs only as long as necessary and this data is deleted within 24 hours in most cases.
However, there is information that Cloudflare keeps indefinitely as part of its permanent logs in order to
improve Cloudflare’s overall performance. However, this data is not personal and is anonymized by Cloudflare.
What data is involved can be found at https://www.cloudflare.com/application/privacypolicy/.

For more information on handling the transferred data to Cloudflare, see Cloudflare’s Privacy Policy: https://www.cloudflare.com/security-policy.

Cookies and Local Storage

We use cookies to make our website as user-friendly and functional as possible for you. Some of these cookies are
stored on the device you use to access the site. 

Cookies are small packages of data that are exchanged between your browser and our web server whenever you visit
our website. They do not cause any damage and are used solely to recognise website visitors. Cookies can only
store information provided by your browser, e.g. information that you have entered into your browser or that is
available on the website. Cookies cannot execute code and cannot be used to access your terminal device. 

The next time you access our website using the same device, the information stored in the cookies can then either
be sent back to us (“first-party cookie”) or to a web application of third party to whom the cookie belongs
(“third-party cookie”).  The information that is stored and sent back allows each web application to
recognise that you have already accessed and visited the website using the browser on your device. 

Cookies contain the following information:

  • Cookie name
  • Name of the server from which the cookie originates
  • Cookie ID number
  • An expiry date, after which the cookie will be automatically deleted

We classify cookies in the following categories depending on their purpose and function:  

  • Technically necessary cookies, to ensure the technical operation and basic functions of our website. These
    types of cookies are used, for example, to maintain your settings while you navigate our website; or they
    can ensure that important information is retained throughout the session (e.g. login, shopping cart). 
  • Statistics cookies, to understand how visitors interact with our website by collecting and analysing
    information on an anonymous basis only. In this way we gain valuable insights to optimize both the website
    and our products and services. 
  • Marketing cookies, to provide targeted promotional and marketing activities for users on our website.
  • Unclassified cookies are cookies that we are trying to classify together with individual cookie providers.

Depending on the storage period, we also divide cookies into session and persistent cookies. Session cookies
store information that is used during your current browser session. These cookies are automatically deleted when
the browser is closed. No information remains on your device. Persistent cookies store information between two
visits to the website. Based on this information, you will be recognized as a returning visitor on your next
visit and the website will react accordingly. The lifespan of a persistent cookie is determined by the provider
of the cookie.

The legal basis for using technically necessary cookies is our legitimate interest in the technically fault-free
operation and smooth functionality of our website as described in Art. 6 paragraph 1 lit. f of the GDPR. The use
of statistics and marketing cookies is subject to your consent, in accordance with Art. 6 paragraph 1 lit. a of
the GDPR.  You can withdraw your consent for the future use of cookies at any time in accordance with Art.
7 paragraph 3 of the GDPR.  Your consent is voluntary. If consent is not given, no disadvantages arise. For
more information about the cookies we actually use (specifically, their purpose and lifespan), refer to this
Privacy Policy and to the information in our cookie banner about the cookies we use.

You can also set your web browser so that it does not store any cookies in general on your device or so that you
will be asked each time you visit the site whether you accept the use of cookies. Cookies that have already been
stored can be deleted at any time. Refer to the Help section of your browser to learn how to do this.
 
Please note that a general deactivation of cookies may lead to functional restrictions on our
website. 

On our website, we also use so-called local storage functions (also called “local data”). This means that data is
stored locally in the cache of your browser, which continues to exist and can be read even after you close the
browser – as long as you do not delete the cache or data is stored within the session storage. 

Third parties cannot access the data stored in the local storage. If special plug-ins or tools use the local
storage functions, you are informed within the description of the respective plug-in or tool. 

If you do not wish plug-ins or tools to use local storage functions, you can control this in the settings of your
respective browser. We would like to point out that this may result in functional restrictions.

Google Analytics

Purpose: Statistics
Recipient country: USA

We use the functions of the web analytics service Google Analytics on our website to analyse user behaviour and
to optimise our website. The provider of this service is Google Ireland Limited, Barrow Street, Dublin 4,
Ireland (“Google”). 

ATTENTION: Within the scope of this service, data transfer to the US takes place or cannot be ruled out.
We would like to point out that, according to the European Court of Justice, there is currently no adequate
level of data protection in the case of data transfer to the US and that there are therefore various risks
(such as possible access by US secret services).

Google Analytics uses cookies that enable an analysis of the use of our website.

In general, information about your use of the website is transferred to a Google server and stored there, such as
the type and version of browser you used, the operating system you used, the site you visited prior to accessing
our site, the host name of the computer (IP address) you used to access the site, and the time of your server
request. For this purpose, we have entered into a contract with Google for contractual processing of your data.

At our request, Google will use this information to analyse the use of our website, to create reports on the
activities within our website and to render additional services related to the use of our website and of the
internet. According to Google, the IP address submitted by your browser will not be added to other data held by
Google. 

We use Google Analytics only with IP anonymisation activated, which means we have expanded this website to
include the code ‘anonymizeIP’. This ensures that your IP address is masked, so that all data is collected
anonymously. Only under exceptional circumstances will a full IP address be transmitted to a Google server and
truncated there.

During the website visit, the following data is collected:

  • the pages you call up, your “click path”
  • Achievement of “website goals” (conversions, e.g. newsletter registrations, downloads, purchases)
  • Your user behavior (for example clicks, duration of stay, bounce rates)
  • Your approximate location (region)
  • Your IP address (in shortened form)
  • technical information about your browser and the end devices you use (e.g. language settings, screen
    resolution)
  • Your internet provider
  • the referrer URL (via which website / via which advertising medium you came to our website)

The data about the use of our website is immediately deleted after expiration of the storage limits that we have
set. Google Analytics gives us the following options for the storage limits: 14 months, 26 months, 38 months, 50
months or no automatic deletion. You can ask us any time for the current storage limit that we have set.

The processing of your data using Google Analytics is subject to your explicit consent in the sense of Art 6
paragraph 1 lit. a of the GDPR. You can revoke your consent at any time with effect for the future.

You can also block the collection of data by downloading and installing the browser plugin available through the
link below: http://tools.google.com/dlpage/gaoptout

You can find out exactly where Google data centres are located here: https://www.google.com/about/datacenters/inside/locations/ 

For more information about how Google uses your data, and about options for settings and withdrawal of consent,
refer to the Google Privacy Policy at https://policies.google.com/privacy

The data processing terms and conditions for Google products and the standard contractual clauses for data
transfers to third countries can be found at https://business.safety.google/adsprocessorterms/

Google Fonts

Purpose: External media
Recipient country: USA

To display fonts consistently, our website uses Web Fonts which are provided by Google. Google Fonts is a service
of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). 

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

To display web fonts, the web browser you use must connect with a Google server. This informs Google that our
website is being accessed via your IP address. The IP address from the browser of the device you are using to
access our site is also stored by Google. If your browser does not support Web Fonts, your device will display
the site using a standard font type. With each Google Font request, your IP address is automatically transferred
to a Google server along with information such as your language preferences, display resolution, version and
name of your browser. The usage data collected by Google enables them to determine the popularity of specific
font types. Google publishes these findings on internal analytics sites (e.g. Google Analytics).

Google Fonts enables us to use fonts on our own website without uploading them to our server. Google Fonts is an
important building block for maintaining the high quality of our website. All Google fonts are automatically
optimised for the web. This reduces the data volume and is particularly advantageous for use on mobile devices.
When you visit our site, the low file size allows for quicker loading times. Furthermore, Google Fonts are
secure Web Fonts that support all major browsers.  

Google stores requests for CSS assets for one day on its servers. This enables us to use the fonts with the
support of a Google style sheet. The font files are stored by Google for one year. To delete data prematurely,
you must contact Google Support ( https://support.google.com ).

Your data will only be processed with your express consent pursuant to Art 6 paragraph 1 lit a GDPR.

You can find out exactly where Google data centres are located here: https://www.google.com/about/datacenters/inside/locations/

For more information about Google Fonts, refer to https://developers.google.com/fonts/faq and the
Google Privacy Policy: https://policies.google.com/privacy

The data processing terms and conditions for Google products and the standard contractual clauses for data
transfers to third countries can be found at https://business.safety.google/adsprocessorterms/

Google Maps

Purpose: External media
Recipient country: USA

We embed the service Google Maps on our website to make it easier to read the user’s geographical information,
particularly so that we can display our location and provide you with route directions. The provider of this
service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). 

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

Google Maps is an online map service with which geographic information is made
more readable for you as a user via a terminal device. Among other things, directions are displayed or map
sections of a location can be integrated into a website. 

If you agree to Google Maps, your browser establishes a connection to Google’s servers. This enables Google to
know that our website has been accessed via your IP address. The use of Google Maps enables Google to collect
and process data about the use of the service.

Google Maps processes for the provision of this service on the basis of your consent in addition to your IP
address, among other things, entered search terms and latitude and longitude coordinates. If you use the route
planner function of Google Maps, the entered starting address will also be stored. This data processing takes
place exclusively through your voluntary use of Google Maps and is not within our sphere of influence.

We point out that when running this service on the part of Google (currently) a setting cookie called “NID” is
set. Google Maps does not currently offer us the option to run this service in a mode without this cookie. The
NID cookie contains information about your user behavior, which Google uses to optimize its own services and to
provide individual, personalized advertising for you. Your consent thus also covers the setting of this cookie.

Google anonymizes data in server logs by deleting part of the IP address and cookie information after 9 and 18
months respectively.

Location and activity data is stored – depending on your decision – either 3 or 18 months and then deleted. You
can also manually delete history at any time via your Google account. If you want to completely prevent your
location tracking, you need to turn off the “Web and App Activity” section in your Google Account.

For further information, refer to the Google Privacy Policy:  https://www.google.com/policies/privacy/

You can find out exactly where Google data centres are located here: https://www.google.com/about/datacenters/inside/locations/

The data processing terms and conditions for Google products and the standard contractual clauses for data
transfers to third countries can be found at https://business.safety.google/adsprocessorterms/

Google reCAPTCHA

Purpose: Technically required
Recipient country: USA

Our website uses the reCAPTCHA service of the provider Google Ireland Limited, Gordon House, Barrow Street,
Dublin 4, Ireland (“Google”) to protect against abuse by non-human visitors (bots) and to prevent spam.

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

When reCAPTCHA is started, your browser establishes a connection to Google’s servers. This enables Google to know
that our website has been accessed via your IP address.

The purpose of reCAPTCHA is to check whether the data entry on our website is made by a human or by an automated
programme. To do this, reCAPTCHA analyses the behaviour of the website visitor on the basis of various
characteristics. This analysis begins automatically as soon as the website visitor enters our website. For the
analysis, reCAPTCHA evaluates various information.

According to our information, the following data is processed by Google:

  • the address of the page from which the visitor comes
  • IP address
  • Information about the operating system
  • Cookies
  • Mouse and keyboard behavior
  • Date and language settings
  • All Java-Script Objects
  • Screen resolution

The data collected during the analysis is forwarded to Google and used by Google. The reCAPTCHA analyses run
completely in the background. 

Cookies are used for the execution of the service. These cookies require a unique identifier for tracking
purposes. According to Google, the IP address is not merged with other data from other Google services unless
you are logged into your Google account while using the reCAPTCHA plug-in. Furthermore, reCAPTCHA also uses the
local storage on the user’s end device to store data.

You can find out exactly where Google data centres are located here: https://www.google.com/about/datacenters/inside/locations/

Further information on Google reCAPTCHA can be found here: https://developers.google.com/recaptcha/

For Google’s privacy policy, please see the following link: https://policies.google.com/privacy

Google Tag Manager

We use the service Google Tag Manager on our website. This service is provided by Google Ireland Limited, Gordon
House, Barrow Street, Dublin 4, Ireland (“Google”).

ATTENTION: Within the scope of this service, data transfer to the USA takes place or cannot be ruled
out.
 

When the Tag Manager is started, your browser establishes a connection to Google’s servers. This informs Google
that our website has been accessed via your IP address.

Google Tag Manager is used to manage website tags via an interface. This enables us to embed code snippets such
as tracking codes or conversion pixels into our website without interfering with the source code. In this
process, Tag Manager data is only transferred; it is not collected or stored. The Tag Manager itself is a
cookie-less domain and does not process any personal data, because it is used solely to manage other services
used on our website. The Tag Manager triggers other tags which in turn collect data under specific
circumstances. However, the Tag Manager has no access to this data. If you have chosen to deactivate cookies on
our site in general or to deactivate specific cookies, this will remain in effect for all tracking tags that are
implemented using the Tag Manager.

You can find out exactly where Google data centres are located here: https://www.google.com/about/datacenters/inside/locations/

For more information about data protection, refer to the following Google websites:

Privacy Policy: https://policies.google.com/privacy
FAQ Google
Tag Manager: https://www.google.com/intl/de/tagmanager/faq.html
Use
Policy Google Tag Manager: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy/
Google
Ads Data Processing Terms including standard contractual clauses for third country transfers: https://business.safety.google/adsprocessorterms/

Hosting

In the process of hosting our website, we store all data related to the operation of our website. This is
necessary for enabling operation of our website. Therefore, we process this data on the legal grounds of our
legitimate interest in optimising our website as described under Art. 6 paragraph 1 lit. f of the GDPR. To
provide access to our website, we use the services of web hosting providers, to whom we supply the
aforementioned data within the context of contractual processing in accordance with art. 28 of the GDPR.

Hotjar

Our website uses the service Hotjar. Hotjar is a web analytics service provided by Hotjar Ltd., Level 2, St
Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta (‘Hotjar’). 

We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar
is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on
which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build
and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our
users’ behavior and their devices. This includes a device’s IP address (processed during your session and stored
in a de-identified form), device screen size, device type (unique device identifiers), browser information,
geographic location (country only), and the preferred language used to display our website. Hotjar stores this
information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the
data collected on our behalf. 

The processing of your data is subject to your consent in accordance with Art. 6 paragraph 1 lit. a GDPR. You can
withdraw this consent at any time, with effect for the future. 

Hotjar provides further information about its data protection policy at https://www.hotjar.com/privacy.

Jetpack

The Jetpack plugin (in particular the “WordPress Stats” sub-function) is used on our website for the purpose of
analyzing, optimizing and economically operating our online presence. This plugin is a tool from Automattic
Inc., 60 29th Street #343, San Francisco, CA 94110, USA (“Automattic”) for statistical evaluation of visitor
access. Jetpack uses “cookies”, which are text files placed on your computer, to help the website analyze how
users use the site.

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

The processed data can be used to create user profiles, which are only used for analysis and not for advertising
purposes. During processing, your IP address, our website that you visit, the website from which you switched to
our website (referrer URL), your length of stay on our website and the frequency with which you visit our
website are recorded. The information generated by the cookie about your use of this online service is stored on
a server in the USA. However, your IP address will be anonymized immediately after processing and before it is
stored. Further information can be found in Automattic’s privacy policy: https://automattic.com/privacy/ and information
on Jetpack cookies: https://jetpack.com/support/cookies/.

The processing of your data is based on your consent in accordance with Art. 6 paragraph 1 lit. a GDPR. You can
revoke this consent at any time with effect for the future.

Contact

Whenever you contact us, your information is used to process and handle your contact request in the course of
fulfilling pre-contractual rights and obligations in accordance with Art. 6 paragraph 1 lit. b of the GDPR. To
handle and answer your request it is necessary for us to process your data; otherwise we are unable to answer
your request or only able to partially answer it. Your information can be stored in a database of customers and
leads on the grounds of our legitimate interest in direct marketing as described in Art. 6 paragraph 1 lit. f of
the GDPR.

We delete your request and contact information when your request has been definitively answered and there is no
legally required time limit for storing this data prior to deletion (e.g. pursuant to a subsequent contractual
relationship). This is usually the case when there is no further contact with you for three years in a row.

Server Log Files

For technical reasons, particularly to ensure a functioning and secure website, we process the technically
necessary data about accesses to our website in so-called server log files which your browser automatically
sends to us. 

The access data we process includes:

  • The name of the website you are accessing  
  • The browser type (including version) you use
  • The operating system you use
  • The site you visited before  accessing our site (referrer URL)
  • The time of your server request
  • The amount of data transferred
  • The host name of computer (IP address) you are using to access the site

This data cannot be traced back to any natural person and is used solely to perform statistical analyses and to
operate and improve our website while also optimising our site and keeping it secure. This data is sent
exclusively to our website operator. The data is neither connected nor aggregated with other data sources. In
case of suspicion of unlawful use of our website, we reserve the right to examine the data retroactively. This
data processing takes place on the legal grounds of our legitimate interest in maintaining a technically
fault-free and optimal website, as described under Art. 6 paragraph 1 lit. f of the GDPR.

The access data is deleted within a short period of time after serving its purpose (usually within a few days)
unless further storage is required for evidence purposes. In such cases, the data is stored until the incident
is definitively resolved.

Social Networks

We take the current discussion about data protection in social networks very seriously, as we ourselves operate
appearances in social networks in order to inform the active users there about our range of services. The
specific social media we use for this purpose are represented on our website by logos. In this regard, we would
like to point out that, on the basis of current case law, we have a joint controllership within the meaning of
Art 26 GDPR with the respective operator of the social network. We have taken the necessary precautions for this
as far as the provider has made this possible for us. The primary responsibility according to GDPR for the
processing of personal data in the respective social network lies with the respective provider of the social
network. In the case of the assertion of rights of persons affected, we state that these are best asserted with
the social networks themselves. We as operators do not make any decisions regarding the processing of data in
the social network. Only the respective provider has access to the data of the users and can therefore only take
direct measures. 

User data can be processed in social networks for advertising and market research purposes. Among other things,
users can create their own user profiles based on their various interests. The user profiles can then be used,
for example, to place targeted advertisements within and outside the social media. For these purposes, cookies
are also used by the social medium in which the user behaviour and interests of the users are stored.
Furthermore, these user profiles may also contain data on the users as members of the respective social media,
provided that they are logged in to these.

For a detailed description of the respective processing operations and the possibilities for objection or
revocation, please refer to the data protection declaration of the respective social network.

A selection of the most important providers of social media including additional information can be found here:

  • Facebook

Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com
Additional
information: https://www.facebook.com/legal/terms/information_about_page_insights_data
Joint
Controllership: https://www.facebook.com/legal/terms/page_controller_addendum
Further
privacy information:
https://www.facebook.com/about/privacy

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

  • Xing

Provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland
Website: https://www.xing.de
Additional information:
https://privacy.xing.com/en

  • LinkedIn

Provider: LinkedIn Ireland, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Website: https://www.linkedin.com
Additional
information: https://www.linkedin.com/legal/privacy-policy

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

  • Pinterest

Provider: Pinterest Inc., 635 High Street, Palo Alto, 94301 California, USA
Website: https://www.pinterest.com
Additional
information: https://policy.pinterest.com/en-gb/privacy-policy

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

  • Twitter

Provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, 94301 California, USA
Website: https://www.twitter.com
Additional
information: https://twitter.com/en/privacy

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

  • YouTube: 

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://www.google.com
Additional information:
https://policies.google.com/privacy?hl=en-GB

ATTENTION: Within the scope of this service, data is transferred to the US or such a transfer cannot be
excluded.

Whatchado:

Provider: whatchado GmbH, Möllwaldplatz 4/39, 1040 Wien, Österreich
Website:  https://www.whatchado.com
Additional
information:  https://www.whatchado.com/en/about-us, https://www.whatchado.com/en/terms/users/

  • kununu:

Provider: kununu GmbH, einer Tochter der XING SE, Dammtorstraße 30, 20354 Hamburg, Deutschland
Website: https://www.kununu.com/
Additional
information: https://privacy.xing.com/en/privacy-policy

SSL Encryption

Within your visit to our website, we use the widespread SSL procedure (Secure Socket Layer) in conjunction with
the highest level of encryption supported by your browser. You can tell whether an individual page of our
website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower
status bar of your browser. We use this encryption procedure on the basis of our justified interest in the use
of suitable encryption techniques in accordance with Art. 6 paragraph 1 lit. f GDPR.

We also make use of suitable technical and organisational security measures in accordance with Art. 32 GDPR to
protect your data against accidental or intentional manipulation, partial or complete loss, destruction or
against unauthorised access by third parties. Our security measures are continuously improved in line with
technological developments and kept state-of-the-art.

WebCare

In order to obtain consent for the use of cookies on our website in accordance with data protection regulations,
we use the Consent Banner of DataReporter WebCare. This is a service provided by DataReporter GmbH,
Zeileisstraße 6, 4600 Wels, Austria (“DataReporter”). More information about this company can be found at
www.datareporter.eu. The Consent Banner records and stores the consent to cookie use for the respective user of
our website. Our Consent Banner ensures that statistical and marketing cookies are only set when the user has
given his express consent to their use. 

We store information on the extent to which the user has confirmed the use of cookies. The user’s decision can be
revoked at any time by calling up the setting for cookies and managing the declaration of consent. Existing
cookies will be deleted after revocation of the consent. A cookie is also set to store information on the status
of the user’s consent, which is indicated in the cookie details. Furthermore, the IP address of the respective
user is transmitted to DataReporter’s server for calling this service. The IP address is neither stored nor
associated with any other data of the user, it is only used for the correct execution of the service. The use of
the above data is therefore based on our legitimate interest in the legally compliant design of our website in
accordance with Art. 6 paragraph 1 lit. f GDPR.

Further information can be found in the DataReporter data protection declaration at https://www.datareporter.eu/de/privacystatement.html
Please feel free to send your enquiries about this service to office@datareporter.eu.

Email

If you send us enquiries by e-mail, your details including the contact details you provided will be stored by us
for the purpose of processing the enquiry and in the event of follow-up questions. We expressly point out that
data transmission on the Internet (e.g. communication by e-mail) is subject to security gaps and cannot be
completely protected against access by third parties.

Commercial advertising

The use of the contact data of our imprint or our website for commercial advertising is expressly not desired
unless we give a written consent. All persons named on this website hereby object to any commercial use and
disclosure of this data.

General Information on privacy
for data subjects

Person responsible for privacy:

ReqPOOL GmbH, Freistädter Straße 313-315, 4040 Linz, Austria

Handling of personal data:

The protection of your personal data is important to us.

Personal data is information that can be individually assigned to you. Examples include your name, postal
address, email address or telephone number. Details such as the number of users who visit a website are not
personal data because they are not assigned to a specific person.

We treat personal data in accordance with the statutory data protection regulations, in particular, the EU
General Data Protection Regulation and in accordance with this privacy policy as well as the applicable national
data protection laws.

Processing of personal data by us:

Rights of data subjects

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In
    particular, you may request information on the processing purposes, the category of personal data, the
    categories of recipients to whom your data have been or will be disclosed, the planned storage period, the
    existence of a right of rectification, deletion, restriction of processing or objection, the existence of a
    right of complaint, the origin of your data if not collected from us, as well as the existence of an
    automated decision-making process including profiling and, if applicable, meaningful information on its
    details;
  • to demand the immediate correction of incorrect or incomplete personal data stored by us in accordance with
    Art. 16 GDPR;
  • to demand the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless processing
    is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a
    legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;
  • to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR if the
    correctness of the data is disputed by you, the processing is unlawful but you refuse its deletion and we no
    longer need the data but you need it to assert, exercise or defend legal claims or you have lodged an
    objection to the processing in accordance with Art. 21 GDPR;
  • to receive, in accordance with Art. 20 GDPR, your personal data which you have provided to us in a
    structured, common and machine-readable format or to request the transfer to another responsible person;
  • pursuant to Art 21 GDPR, if your personal data is processed on the basis of our legitimate interest, to
    object to the processing of your personal data if there are reasons for doing so which arise from your
    particular situation or the objection is directed against direct advertising. In the latter case, you have a
    general right of objection, which is implemented by us without stating a particular situation.
  • In accordance with Art. 7 paragraph 3 GDPR, you have the right to revoke your consent to us at any time. The
    consequence of this is that we may no longer continue the data processing based on this consent in the
    future.
  • Pursuant to Art. 77 GDPR, you are entitled to complain to a supervisory authority regarding the unlawful
    processing of your data by us. As a rule, you can contact the supervisory authority at your usual place of
    residence or workplace or at our company headquarters.

The responsible supervisory authority for ReqPOOL GmbH is:

Österreichische Datenschutzbehörde
Barichgasse 40-42, 1030 Wien, Österreich
Phone: +43 1
52 152-0, dsb@dsb.gv.at

Assertion of rights of data
subjects:

You yourself decide on the use of your personal data. If you wish to exercise any of the above rights against us,
you are welcome to contact us by email at office@reqpool.com. Please send a copy of an official photo
ID together with your request for unambiguous identification and support us in concretizing your request by
answering questions from our responsible staff regarding the processing of your personal data. In your inquiry,
please state the role (employee, applicant, supplier, customer, etc.) and the period in which you have been in
contact with us. This enables us to process your request promptly.

Storage duration (deletion
periods):

Pursuant to Art. 5 paragraph 1 lit. e GDPR, we are obliged to delete personal data immediately as soon as the
purpose for processing has been fulfilled. In this context, we would like to point out that legal storage
obligations and periods are a legitimate purpose for the processing of personal data.

In any case, data will be stored and retained by us in personal form until the termination of the business
relationship or until the expiry of applicable warranty, guarantee or limitation periods; furthermore until the
termination of any legal disputes in which the data is required as evidence; or in any case until the expiry of
the third year after the last contact with a business partner.

Disclosure of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only pass on your personal data to third parties if:

you have given your express consent pursuant to Art. 6 paragraph 1 lit. a GDPR, the disclosure pursuant to Art. 6
paragraph 1 lit. f GDPR is necessary to safeguard operational interests and to assert, exercise or defend legal
claims, and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure
of your data, in the event that the disclosure is necessary due to a legal obligation in accordance with Art. 6
para. 1 letter c GDPR, as well as this is legally permissible and necessary according to Art. 6 paragraph 1 lit.
b GDPR for the execution of contractual relationships with you.

Collaboration with contract
processors

If we commission third parties with the processing of data on the basis of an order processing contract, this is
done on the basis of Art. 28 GDPR.

Transmission in third countries

If we process data in a third country or if this occurs in the context of the use of third party services or
disclosure or transfer of data to other persons or companies, this will only occur for the reasons described
above for the transfer of data. Subject to express consent or contractual necessity, we will only process or
have the data processed in third countries with a recognized level of data protection, including US processors
certified under the “Privacy Shield” or on the basis of special guarantees, such as contractual obligations
under so-called standard contractual clauses of the EU Commission, the existence of certifications or binding
corporate rules (Art. 44 – 49 GDPR).

Security measures

In accordance with Art 32 GDPR, we take appropriate technical and organizational measures to ensure a level of
protection appropriate to the risk, taking into account the state of the art, the implementation costs and the
nature, extent, circumstances and purposes of the processing as well as the different probabilities of
occurrence and severity of the risk to the rights and freedoms of natural persons.

Measures shall include, in particular, ensuring the confidentiality, integrity, and availability of data by
controlling physical access to, inputting, disclosure, securing and separation of data. In addition, we have
established procedures to ensure the exercise of data subjects’ rights, the deletion of data and the response to
data threats. Furthermore, the protection of personal data is already taken into account during the development
or selection of hardware, software, and procedures, in accordance with the principle of data protection through
technology design and data protection-friendly default settings (Art 25 GDPR).

Up-to-dateness and amendment
of this privacy policy

Due to the further development of our website and offers about it or due to changed legal or official
requirements, it may become necessary to change this data protection declaration. You can call up and print out
the current privacy policy on our website at any time.