The requirements of the EU General Data Protection Regulation (hereinafter referred to as GDPR) apply throughout Europe. We would like to inform you about the processing of personal data carried out by our company in accordance with this regulation (compare Articles 13 and 14 GDPR). If you have any questions or comments about this privacy policy, you can send them at any time to the following e-mail address: info@jj-jebagro.de


Table of Contents:


I. Overview
1. Scope of application
2. Controller
3. Data protection officer
4. Data security

II. Data processing in detail
1. General information on data processing
2. Accessing the website/application
3. Data protection information for applicants
4. Contact form
5. Tracking
6. Social media plugins

III. Rights of the data subjects
1. Right to object
2. Right of access by the data subject
3. Right to rectification
4. Right to erasure ("right to be forgotten")
5. Right to restriction of processing
6. Right to data portability
7. Right of withdrawal in case of consent
8. Right of appeal

IV. Amendment of this privacy policy

I. Overview
In this section of the privacy policy, you will find information on the scope of application, the controller, its data protection officer and data security.

1. Scope of application
Data processing by Jebagro GmbH can essentially be divided into two categories:
- For the purpose of contract processing, all data required for the performance of a contract with Jebagro GmbH will be processed. If external service providers are also involved in the processing of the contract, your data will be passed on to them to the extent necessary in each case.
- When you access the Jebagro GmbH website/application, various pieces of information are exchanged between your terminal device and our server. This may also involve personal data. The information collected in this way is used, among other things, to optimize our website.
This data protection declaration applies to the following offers:
- our online offer available at jebagro.com
- whenever otherwise referred to this privacy statement from one of our offers (e.g. websites, subdomains, mobile applications, web services or integrations in third-party sites), regardless of the way you access or use it.
All these offers are also referred to collectively as "services".

2. Controller
The controller of data processing - i.e. the person who decides on the purposes and means of the processing of personal data - in connection with the services is
Jebagro GmbH
Kehrwieder 11
20457 Hamburg
E-mail: info@jj-jebagro.com

3. Data protection officer
You can contact our data protection officer as follows:

DS EXTERN GmbH
Dipl.-Kfm. Marc Althaus
Frapanweg 22
D-22589 Hamburg
anfragen@dsextern.de

4. Data security
In order to develop the measures required by Article 32 of the GDPR and thus achieve a level of protection appropriate to the risk, we have established an information security standard in our company.

II. Data processing in detail
In this section of the privacy policy, we inform you in detail about the processing of personal data within the scope of our services. For better clarity, we structure this information according to certain functionalities of our services. During the normal use of the services, different functionalities and thus also different processing operations may take effect one after the other or at the same time.

1. General information on data processing
Unless otherwise specified, the following applies to all processing operations described below:

a. No obligation to provide
There is neither a contractual nor a legal obligation to provide the personal data. You are not obliged to provide data.

b. Consequences of non-provision
In the case of required data (data that is marked as mandatory when entered), failure to provide it will mean that the service in question cannot be provided. Otherwise, failure to provide the data may mean that our services cannot be provided in the same form and quality.

c. Consent
In various cases, you have the option of giving us your consent to further processing in connection with the processing described below (where applicable, for part of the data). In this case, we will inform you separately in connection with the submission of the respective declaration of consent about all modalities and the scope of the consent and about the purposes we pursue with these processing operations.

d. Transfer of personal data to third countries
If we transfer data to third countries, i.e. countries outside the European Union, then the transfer takes place exclusively in compliance with the legally regulated permissibility requirements.
The permissibility requirements are regulated by Art. 44 -49 GDPR.

e. Hosting with external service providers
In individual cases, our data processing is carried out using so-called hosting service providers who provide us with storage space and processing capacity in their data centers and also process personal data on our behalf according to our instructions. These service providers either process data exclusively in the EU or we have guaranteed an appropriate level of data protection with the help of the EU standard data protection clauses.

f. Transmission to government authorities
We transfer personal data to government authorities (including law enforcement authorities) if this is necessary for the fulfillment of a legal obligation to which we are subject (legal basis: Art. 6 para. 1 c) GDPR) or if it is necessary for the assertion, exercise or defense of legal claims (legal basis Art. 6 para. 1 f) GDPR).

g. Storage period
We do not store your data longer than we need them for the respective processing purposes. If the data are no longer required for the fulfillment of contractual or legal obligations, they are regularly deleted, unless their temporary storage is still necessary. Reasons for this may include, for example, the following:
The fulfillment of retention obligations under commercial and tax law, or the preservation of evidence for legal disputes within the framework of the legal statute of limitations.
It is also possible for us to continue to store your data with us if you have given your express consent for this.

h. Data categories
- Personal master data: Title, salutation/gender, first name, last name, date of birth.
- Address data: Street, house number, if necessary address additions, postal code, city, country
- Contact data: Telephone number(s), fax number(s), e-mail address(es)
- Access data: Date and time of the visit to our service; the page from which the accessing system accessed our site; pages called up during use; data for session identification (session ID); in addition, the following information of the accessing computer system: Internet protocol address (IP address) used, browser type and version, device type, operating system and similar technical information.
- Application data: Curriculum vitae, references, proofs, work samples, certificates, pictures.

2. Accessing the website/application
Here we describe how we process your personal data when you access our services. In particular, we point out that the transmission of access data to external content providers is unavoidable due to the technical functioning of information transmission on the Internet.

a. Information about processing

b. Recipients of personal data

3. Data protection information for applicants
We are pleased that you are interested in us and are applying or have applied for a position in our company. We would like to provide you below with information on the processing of your personal data in connection with the application.

a. Who is responsible for data processing?
The controller of applicant data processing is different from the controller of general data processing.
The joint data controllers within the meaning of data protection law are.
Jebagro GmbH
Kehrwieder 11
20457 Hamburg
(“Jebagro“)

and Jebsen & Jessen (GmbH & Co.) KG
("Jebsen & Jessen")
Kehrwieder 11
20457 Hamburg

You will find further information about our company, details of the persons authorized to represent it and further contact options in our imprint on our website https://www.jebagro.com/imprint/ and on the website of the Jebsen & Jessen Hamburg Group jebsen-jessen.de

b. Which of your personal data do we process? And for what purposes?
We process personal data that you have sent us in connection with your application in order to assess your suitability for the position (or other open positions in our companies, if applicable) and to carry out the application process. This information includes, in particular, your contact details, the information contained in your CV and your references.

c. What is the legal basis for this?
The legal basis for the processing of your personal data in this application procedure is primarily Section 26 BDSG. According to this, the processing of data required in connection with the decision on the establishment of an employment relationship is permissible. In our application form on our website, you have the option of having CV data automatically extracted from documents or your profile on Xing.com or LinkedIn.com by a tool and transferred in structured form to the appropriate form fields (so-called "CV parsing"). The offer to you to use CV parsing serves the user-friendly design of the application process and is based on Section 26 (1) sentence 1 BDSG. The tool does not serve the purpose of screening applications. Any decision on the suitability of a candidate is made by one of our employees. If you do not apply to us via the applicant management system, we will transfer your application into the system and also use CV parsing for this purpose to extract your data from the CV into the system. This processing is also based on Section 26 (1) sentence 1 of the BDSG and is necessary to carry out the application process effectively and securely. If you apply for a specific position, you can consent to us reviewing your application for further employment opportunities in our company. This processing is based on Art. 6 Para. 1 lit. a GDPR. You can revoke your consent to this at any time. The revocation of your consent does not affect the permissibility of the data processing carried out up to this point. Furthermore, you are free to consent to the inclusion of your application in our general applicant pool. We will then store your application on the basis of Art. 6 Para. 1 lit. a GDPR for newly opening positions. You can revoke your consent to this at any time. The revocation of your consent does not affect the permissibility of the data processing carried out up to this point. Should the data be required for legal prosecution after the application process has been completed, if applicable, data processing may be carried out on the basis of Art. 6 (1) lit. f GDPR for the purpose of safeguarding legitimate interests. Our legitimate interest then consists of the assertion or defense of claims.

d. How long will the data be stored?
Data of applicants will be deleted after 6 months in case of rejection. In the event that you have consented to your data being included in the applicant pool, your data will be deleted there after two years. If you are accepted as part of the application process and are hired, we will transfer your personal data from the applicant data system to our HR information system.

e. To which recipients will the data be forwarded?
After receipt of your application, your applicant data will be viewed by Human Resources at Jebsen & Jessen, which is responsible for all subsidiaries. In addition to the Jebsen & Jessen HR department, the relevant employees of Jebagro have access to applications. As a matter of principle, only those persons have access to your data who require it for the proper conduct of our application process. We use specialized applicant management software from the provider d.vinci HR-Systems GmbH, Nagelsweg 37-39, 20097 Hamburg ("d.vinci") for the application process. D.vinci acts as a service provider for us and may also obtain knowledge of your personal data in connection with the maintenance and servicing of the systems. We have concluded a so-called order processing agreement with this provider, which ensures that the data processing is carried out in a permissible manner. The provider of the CV parsing tool and to that extent our processor is Textkernel BV, Nieuwendammerkade 28/a17, 1022, Amsterdam, The Netherlands ("Textkernel"). Textkernel processes the received data immediately and sends it back after analysis without any storage by entering it into the form fields and displaying it to the user.

f. Where is the data processed?
The data is primarily processed in data centers within the Federal Republic of Germany and in some cases also in other EU or EEA countries.

g. Consent to the examination of further deployment options
I consent to Jebsen & Jessen considering my application not only for the selected position, but also for other employment opportunities within the company. I agree that other companies of the Jebsen & Jessen group of companies may have access to my personal data for this purpose. If my details include a picture and/or references to my ethnic origin, religion or health (e.g. skin color, headgear, glasses), my consent also relates to these details. My application will be deleted from the system after six months at the latest. This consent is voluntary. I can refuse it without giving reasons and without having to fear any disadvantages. I can also revoke this consent at any time in text form (e.g. letter, e-mail) and without giving reasons. In the event of revocation, my application will no longer be reviewed for further employment opportunities. However, the revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

h. Consent to inclusion in the applicant pool
I agree that Jebsen & Jessen may include my application in the applicant pool of the Jebsen & Jessen Group of Companies. Applications in the applicant pool are considered on an ongoing basis for newly opening positions. I agree that my personal data may be repeatedly inspected by the personnel department for this purpose and, if suitable, that other companies of the Jebsen & Jessen group of companies may be granted access to my personal data. If my details include a picture and/or references to my ethnic origin, religion or health (e.g. skin color, headgear, glasses), my consent also relates to these details. My application will be deleted from the system after two years at the latest. This consent is voluntary. I can refuse it without giving reasons and without having to fear any disadvantages. I can also revoke this consent at any time in text form (e.g. letter, e-mail) and without giving reasons. In the event of revocation, my application will be deleted from the applicant pool. However, the revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

4. Contact form
When contacting us, the user's details are processed for the purpose of handling the contact request and its processing pursuant to Art. 6 para. 1 lit. b., Art. 6 para. 1 lit. f. GDPR processed. The user's details may be stored in a customer relationship management system ("CRM system") or comparable request organization. We delete the inquiries if they are no longer necessary. We review the necessity every two years; Furthermore, the legal archiving obligations apply.

5. Tracking
In the following, we describe how your personal data is processed using tracking technologies to analyze and optimize our services and for advertising purposes. The description of the tracking methods also includes information on how you can prevent or object to the data processing. To generally agree to the tracking, to generally reject it or to set individual preferences, please use the consent management tool, which is displayed to you at the beginning of the website visit and is permanently available by pressing the button displayed at the bottom of the screen. Please note that the so-called "opt-out", i.e. the refusal of processing, is usually stored via cookies. If you use our services via a new end device or in a different browser, or if you have deleted the cookies set by your browser, you must declare the rejection again. The tracking methods presented process personal data only in pseudonymous form. A connection with a concrete, identified natural person, i.e. a combination of the data with information about the bearer of the pseudonym, does not take place.

a. Purposes of the processing
The analysis of user behavior by means of tracking helps us to check the effectiveness of our services, to optimize them and adapt them to the needs of users, and to correct errors. It also serves to statistically determine key data on the use of our services (reach, intensity of use, user surfing behavior) on the basis of uniform standard procedures and thus to obtain values that can be compared across the market. Tracking to measure the success of advertising campaigns serves to optimize our ads for the future and also to enable marketers and advertisers to optimize their ads accordingly. The purpose of tracking to optimize the display of advertising is to show users advertising tailored to their interests, to increase the success of advertising and thereby also to increase advertising revenues.

b. Legal basis of the processing For services that make the behavior of data subjects on the Internet traceable and for the creation of user profiles, informed consent as defined by the GDPR is required.

c. The tracking methods used in detail


d. Reach measurement with Google Analytics
The following data is processed as part of the reach analysis: the type and version of browser you use, the operating system you use, your country of origin, the date and time of the server request, the number of visits, the time you spend on the website, and the external links you click. The IP address of users is anonymized before it is stored. Google Analytics uses cookies that are stored on the user's computer and that enable an analysis of the use of our online offer by the user. In the process, pseudonymous user profiles can be created from the processed data. The cookies have a storage period of one week. The information generated by the cookie about your use of this website is only stored on our server and is not passed on to third parties. Users can object to the anonymized data collection by Google Analytics at any time with effect for the future by clicking on the corresponding button in the consent management tool. In this case, a so-called opt-out cookie will be stored in their browser, with the result that Google Analytics will no longer collect any session data. If users delete their cookies, however, this has the consequence that the opt-out cookie is also deleted and must therefore be reactivated by the users. The logs with the users' data are deleted after 6 months at the latest.If we ask the users for consent (e.g. in the context of a cookie consent), the legal basis of this processing is Art. 6 para. 1 lit. a. GDPR. Otherwise, the users' personal data is processed on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) are processed.

e.) Consent to the use of cookies
For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com referred to as CookieFirst. When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned. CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR). Data processing agreement We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR. Server log files Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:
-Your consent status or the withdrawal of consent
-Your anonymised IP address
-Information about your Browser
-Information about your Device
-The date and time you have visited our website
-The webpage url where you saved or updated your consent preferences
-The approximate location of the user that saved their consent preference
-A universally unique identifier (UUID) of the website visitor that clicked the cookie banner

Information about the cookies we use on the website can be viewed and managed here at any time.
6. Social Media-Plugins
We use social media plugins to connect our website to our social media channels. The integration of the plugins is intended to make it easier for visitors to our website to follow, share, like or comment on our social media channels. Some social media plugins make it possible to analyze the user behavior of visitors to the website about their behavior on social networks. Plugins are intended to increase awareness and followers of our channels. The plugins also process personal data and transmit data to these social networks. This transfer takes place as soon as the website is accessed. The data processed include, for example, Name, address, email address, telephone number, access time, device information, and IP address. Data processing is based on the legal basis of consent (Art. 6 para. 1 lit. a) GDPR). As a website visitor, you have voluntarily and explicitly consented to process your personal data. Without separate consent, personal data will not be processed by us as described above unless there is another legal basis within the meaning of Art. 6 (1) GDPR on which we base the processing. We will do the same if you revoke your consent. The lawfulness of the processing carried out until the revocation remains unaffected.

LinkedIn
We use the LinkedIn service on our website. The service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Service use may involve a data transfer to a third country (USA). Further information can be found in the provider's privacy statement at the following URL: https://www.linkedin.com/legal/privacy-policy.

III. Rights of the data subjects

1. Right to object
According to Art. 21 GDPR you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1).

2. Right of access by the data subject
You have the right to know whether personal data concerning you are processed by us, which personal data these are, if any, as well as further information according to Art. 15 GDPR.

3. Right to rectification
You have the right to demand that we correct any inaccurate personal data concerning you without undue delay (Art. 16 GDPR). Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.

4. Right to erasure ("right to be forgotten")
You have the right to request that we delete personal data concerning you without undue delay, provided that one of the grounds set out in Article 17(1) of the GDPR applies and the processing is not necessary for one of the purposes regulated in Article 17(3) of the GDPR.

5. Right to restriction of processing
You are entitled to request a restriction in the processing of your personal data if one of the conditions regulated in Art. 18(1) a) to d) GDPR is met.

6. Right to data portability
According to Art. 20 GDPR you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. Furthermore, you have the right to transfer this data to another controller without hindrance by us or to obtain that a direct transfer is made by us, if this is technically possible. This shall always apply if the basis of the data processing is consent or a contract and the data is processed automatically. Accordingly, this does not apply to data held only in paper form.

7. Right of withdrawal in case of consent
Insofar as the processing is based on your consent, you have the right to revoke your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

8. Right of appeal
You have a right of appeal to a supervisory authority. This is the Hamburgische Beauftragte für Datenschutz und Informationsfreiheit, Ludwig-Erhard-Str. 22, 20459 Hamburg, Tel. +4940 428 54 4040, E-Mail: mailbox@datenschutz.hamburg.de.

IV. Amendment of this privacy policy
We reserve the right to change this Privacy Policy from time to time as we update our processes. Please visit this page regularly to review the most current privacy policy.

This privacy policy was last updated on 05.06.2023.