Privacy policy

This Privacy Policy applies to the following websites, including all associated subpages, integrated applications, and online features:
www.gob.de
campus.gob.de (including our "prospect room" application ["Interessentenraum”])
www.fuer-mehr-zukunft.de
www.gob-karriere.de

It applies to all data processing activities related to your visit to these websites, regardless of the device or browser used.

Controller under the GDPR

GOB Software & Systeme GmbH & Co. KG
Europark Fichtenhain A 5, 
47807 Krefeld

Represented by Managing Directors Tim Bellen and Robert Küpper

Phone: +49 2151 349 0
E-mail: datenschutz[at]gob[dot]de
 

Data Protection Officer

GOB Software & Systeme GmbH & Co. KG
Data Protection Officer
Europark Fichtenhain A 5, 47807 Krefeld
E-mail: datenschutz[at]gob[dot]de

In this part, we explain the concrete data processing operations that occur when you use our websites. These include in particular the use of cookies and similar technologies, as well as additional processing activities that arise when you visit our online services (e.g., via forms, embedded services, or user accounts).

We use cookies and similar technologies on our websites. In this statement, the term “cookies” includes not only classic HTTP cookies but all technologies that store or read information on your device, including:

– Cookies (first-party and third-party)

– Local Storage and Session Storage (e.g., storage of consents, video player settings)

– Counting pixels / tracking pixels

– Tag-based tools (e.g., services triggered via Google Tag Manager)

Depending on the category, these technologies serve to provide the basic functionality of our websites, enable statistical analysis, or – subject to your consent – provide embedded content as well as marketing and measurement functionalities.

This section describes the cookies, Local Storage objects, and similar technologies used on our individual websites, grouped by purpose and the respective services used. The specific tools may differ per domain. The full, technically up-to-date list of active cookies and storage objects is available at any time via the cookie settings on each website.

On www.gob.de, we use technically necessary cookies and storage technologies (e.g., Local Storage) to provide the basic functions of the website and the cookie consent management.

With your consent, we also use analytics, marketing, and comfort services, in particular:
(a) Google Analytics/Google Tag Manager (Google Ireland Limited) for reach measurement and statistical analysis,
(b) Meta Pixel (Meta Platforms Ireland Ltd.) to analyse the effectiveness of our online advertising,
(c) Mouseflow (Mouseflow ApS) to analyse user interactions,
(d) Embedded content from YouTube, LinkedIn, and Google Maps, which use their own cookies or storage objects.

All non-essential services are activated only after you have provided consent in the consent tool.

On www.fuer-mehr-zukunft.de, we use technically necessary cookies and storage technologies (e.g., Local Storage) to ensure website functionality and consent management.

With your consent, we use the following services:
(a) Google Analytics 4 (Google Ireland Limited) for statistical analysis,
(b) Google Tag Manager for managing integrated services (does not set its own cookies),
(c) Embedded content, particularly YouTube videos, which use their own cookies or storage objects.

Non-essential technologies are activated only after consent is given.

On www.gob-karriere.de, we use technically necessary cookies and storage technologies to ensure site functionality and consent management.

With your consent, we also use analytics and comfort services, in particular:
(a) Google Analytics (Google Ireland Limited) for reach measurement and statistical analysis,
(b) Embedded YouTube videos that use their own cookies or Local Storage entries.

Non-essential services are activated only after consent.

Beyond cookies and similar technologies, we also process personal data in other website usage scenarios. Below we explain each type of processing, including purpose, data categories, and legal basis.

When accessing our websites, we process technically required information automatically transmitted by your browser (e.g., IP address, browser type, operating system, referrer URL, time of access, technical identifier).

Purposes: Providing the website, stability and security monitoring, error analysis.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and functional website operation).

To deliver our websites quickly and securely, we use the content delivery service Amazon CloudFront (Amazon Web Services EMEA SARL). Technical connection data is transmitted via AWS servers.

Purposes: Optimising loading times, stability, and availability.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in high-performance provision of the website).

When you use a contact form, we process the data you enter (e.g., name, e-mail address, message).
Purposes: Handling your request, communication.
Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (pre-contractual communication where applicable).

If you additionally provide marketing consent, we process further voluntary information (e.g., salutation, industry, company, position).
Purpose: Contacting you about GOB products and services.
Legal basis: Art. 6(1)(a) GDPR (consent).

When using the feedback form, we process your email address and the content of your feedback. Processing occurs in our Microsoft 365 tenant (Microsoft Ireland Operations Limited).
Purpose: Evaluating your feedback to improve our products and documentation.
Legal basis: Art. 6(1)(a) GDPR (consent).

When using our online application form, we process your personal information (e.g., name, contact details, application documents) to assess your suitability and communicate with you.
Legal basis: § 26 BDSG (establishing an employment relationship).

For access to the customer portal, we process your username, password, and the contact data required for use.
Purposes: Use of the ticketing system, provision of information, documents, and videos.
Legal bases: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract/pre-contractual measures).

When you use our remote maintenance tool (Splashtop), we process your IP address and access data after you have actively granted access.
Purpose: Providing individual support services.
Legal basis: Art. 6(1)(a) GDPR (consent).

For access to the GOB prospect room (“Interessentenraum”), we process account data such as name, company, position, email address, and login logs. The service is hosted by Netigo GmbH. 
Purposes: Providing personalized offer and information content; optimizing the offering process.
Legal bases: Art. 6(1)(a) GDPR, Art. 6(1)(b) GDPR, Art. 6(1)(f) GDPR. You may object to processing based on legitimate interests at any time under Art. 21 GDPR.

The provider of this website uses services from etracker GmbH in Hamburg, Germany (www.etracker.com) to analyze usage data. The etracker consent manager module is used for consent management. The etracker tag manager module can be used to integrate script codes from other tools. When used in combination, the etracker tag manager and consent manager enable the control of certain cookies and services with the appropriate consent. Even if statistical cookies are rejected, usage data is collected in accordance with the legal requirements of the EU General Data Protection Regulation (EU GDPR) and the Telecommunications Digital Services Data Protection Act (TDDDG). Data processing is carried out on the basis of the legal provisions of Art. 6 (1) lit. f (legitimate interest) of the EU GDPR. Our concern within the meaning of the EU GDPR (legitimate interest) is the optimization of our online offering and the legally compliant integration and administration of additional services on our website. Provided that consent has been given, other technologies are used on the basis of Art. 6 (1) (a) of the EU GDPR. Consent can be revoked at any time.

The web analysis data generated by etracker is processed and stored exclusively in Germany on behalf of the provider of this website and is therefore subject to strict German and European data protection laws and standards. etracker has been independently audited, certified, and awarded the ePrivacyseal data protection seal of approval. As the privacy of our visitors is important to us, data that could potentially be linked to an individual, such as IP addresses, login IDs, or device IDs, is anonymized or pseudonymized as soon as possible. It is not used for any other purpose, combined with other data, or passed on to third parties.

You can object to the data processing described above at any time by clicking on the slider. Objecting will not have any negative consequences. If no slider is displayed, data collection has already been prevented by other blocking measures.



Further information on data protection at etracker can be found here.

We only disclose personal data to external parties where necessary for operating our websites or for using the offered functionalities.

This includes in particular:

Processors (Art. 28 GDPR): IT service providers working on our behalf, such as:
(a) hosting and infrastructure providers (e.g., cloud/server services)
(b) maintenance and technical support providers
(c) analytics, tag management, or feedback system providers
(d) Microsoft Ireland (operation of the feedback form)
(e) Netigo GmbH

Processing agreements exist with these service providers.

Third-party providers acting as independent controllers
For embedded services and external platforms (e.g., YouTube, Google Maps, LinkedIn, Meta Pixel), data processing is also carried out by these providers in their own responsibility. These services act on their own responsibility under data protection law.

Data is only shared with other recipients if legally required or if you have provided consent.

We store personal data only as long as necessary for the respective purposes or as required by law.

(a) Technically necessary server log data: stored briefly for security and logging, then deleted or anonymised.
(b) Contact/support inquiries: stored for processing and subsequently archived per legal retention requirements.
(c) Application data: processed in accordance with legal requirements; deleted after the recruitment process unless employment occurs or consent for longer storage exists.
(d) User account data (e.g., customer portal, Interessentenraum): stored for the duration of use or contractual relationship.
(e) Feedback data: deleted after evaluation unless legal obligations prevent deletion.
(f) Consent data (e.g., cookie settings): typically stored for one year and then automatically deleted or must be re-requested.

We delete or anonymize personal data once the respective purpose no longer applies and no legal retention obligations exist.

Under the GDPR, you have the following rights:

(a) Access (Art. 15 GDPR): Request information on the personal data we process about you.
(b) Rectification (Art. 16 GDPR): Request correction of inaccurate or incomplete data.
(c) Erasure (Art. 17 GDPR): Request deletion of your personal data unless legal obligations or legitimate interests prevent this.
(d) Restriction of Processing (Art. 18 GDPR): Request limitation of processing under certain conditions.
(e) Objection (Art. 21 GDPR): Object to processing based on legitimate interests if reasons arise from your particular situation.
(f) Withdrawal of Consent (Art. 7(3) GDPR): Withdraw previously given consent (e.g., cookies, contact forms) at any time with effect for the future.
(g) Data Portability (Art. 20 GDPR): Request the data you have provided in a structured, commonly used, machine-readable format.
(h) Right to Lodge a Complaint (Art. 77 GDPR): File a complaint with a supervisory authority, typically at your residence, workplace, or the location of the alleged violation.

We update this Privacy Policy whenever changes to our processing activities or legal requirements make this necessary. The current version is always available on our websites.

Internal Reporting Office under the Whistleblower Protection Act
E-mail: compliance[at]gob[dot]de