Impressum

Impressum

Axel Springer hy GmbH
Axel-Springer-Str. 65
10888 Berlin

Office address: Markgrafenstraße 12-14, 10969 Berlin

Management: Christoph Keese
District Berlin-Charlottenburg HRB 179225 B

E-mail: inbox@hy.co
Phone: +49 30 2591 78150
VAT ID: DE815673401

Privacy Policy Axel Springer hy GmbH

Thank you very much for your interest in Axel Springer hy GmbH. In order to offer our services, we need some data about you. We take the protection of personal data very seriously and always process it in accordance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR). Regarding data protection, we would like to fully inform you on the type, scope, and purpose of the personal data processed by us, and your rights as a data subject.

1. Responsible person(s) and general information

Your data will be processed by Axel Springer hy GmbH, Axel-Springer-Str. 65, 10888 Berlin, Germany, telephone: +49(0)30259178150, e-mail: info@hy.co, service provider within the the German Telemedia Act (TMG) and person(s) responsible within the General Data Protection Regulation (GDPR). Further mentions of “we” and “us” refer to Axel Springer hy GmbH. By “Axel Springer hy GmbH,” we mean in this document, www.hy.co, in each case, including all sub-pages, contents, and functions (e.g. Internet forums, sweepstakes). Individual functions of Axel Springer hy GmbH are hereinafter referred to as “online services,” including website content.

Our services are intended for the general adult public, not for children. We do not knowingly collect personal data from users who are considered children according to the respective national legislation.

2. Collecting and processing personal data

In general, you can use online services for which no payment or registration is required without providing personal data. In certain cases, however, we process the personal data listed in Section 3. In principle, this only happens when necessary for maintaining our functioning website, content, and services. In addition, we process personal data in connection with Axel Springer hy GmbH if you provide it yourself, e.g. in the context of registration, competition, request, application, subscription, or another legal basis (see Item 4). If you prefer to refrain, you will unfortunately not be able to make full use of our services.

3. Categories of processed data

When you use Axel Springer hy GmbH, our system automatically collects information from the accessing computer system. The following data, among others, may be collected:

In addition, we process the following personal data if there is a contractual relationship between you and us, or you have otherwise transmitted the data to us:

4. Legal basis and purpose(s) of processing

We process your data exclusively on the basis of one or more of the possible legal bases:

According to the GDPR, personal data can be processed pursuant to a contract or the implementation of pre-contractual measures, with mutual consent, based on legitimate interest or law and the protection of vital or public interests.

Upon conclusion of a subscription or receipt of a payable service, we use your contract data, including contact data for contract performance and, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of other services or consideration, as well as the enforcement of legal claims or claims (Art. 6 Para. 1 lit. b GDPR). The same applies to such processing operations which are necessary for the implementation of pre-contractual measures, for example in cases of inquiries regarding our products or services. In the case of payable services, we process certain data because we are subject to a legal obligation which requires the processing of personal data, for example to fulfil tax obligations (Art. 6 para. 1 lit. c GDPR).

We also use your e-mail address (collected during registration or contract execution) to inform you about our similar goods or services, existing subscriptions, or about Axel Springer hy GmbH in general. In this case, the e-mail address is processed on the basis of our legitimate interest in advertising our goods and services (Art. 6 para. 1 lit. f GDPR).

If you have give us your prior explicit consent to receive updates or advertising, we use your e-mail address to send you our newsletter. In this case, we process your e-mail address in order to send you the newsletter, as requested (Art. 6 Para. 1 lit. b GDPR). You can unsubscribe your e-mail address at any time in writing to info@hy.co or Axel-Springer-Str. 65 in 10888 Berlin without incurring any costs other than the basic postage tariff.

In the Internet, every device transmits data with a unique IP address. The temporary storage of an IP address is necessary to allow for delivery of the website to the user’s computer. We shorten the IP addresses and process them anonymously. The unabridged IP addresses are not stored or further processed. Our servers store IP addresses for 14 days for security purposes.

In the case of processing operations not covered by one or more of the aforementioned legal bases, processing occurs when necessary to safeguard legitimate interests, with respect to your interests, fundamental rights, and fundamental freedoms, as determined by comprehensive assessment (Art. 6 para. 1 lit. f GDPR). An interest is deemed legitimate when the person concerned is a client of the person responsible. When processing personal data, our legitimate interest is, in particular, the performance of our business activities for the benefit of our employees and shareholders.

We are interested in offering you tailor-made products and information about our products, innovations, or quality features. We strive to continuously improve our products and services, thereby increasing our turnover, as the legal basis for the purpose of web or application analysis. For details on web analytics services, see Section 8.

We are interested in network and information security, including fraud prevention and reliability, which contribute to the legal basis for processing certain data.

Furthermore, we are interested in maintaining the functionality of corporate processes, used for for internal administrative purposes (e.g. address management / invoicing). Upon completion of a paid contract, when you choose the payment method on account, we conduct a credit check to determine your creditworthiness to avoid the risk of unpaid claims.
You may object to the processing on the basis of a legitimate interest (see Section 10).

In the event that data are processed for a purpose other than stated above, a compatibility check is conducted in accordance with Art. 6 para. 4 GDPR. Further processing is only permissible if the original purpose is compatible with the new purpose or permitted by a separate legal basis. Recognized compatible purposes include, but are not limited to, assertion, exercise, or defense of civil law claims, maintaining no overriding interest of the person concerned. In this case, we will inform you about the change of purpose. If the new purpose is incompatible with the one stated when the claim was made, a new claim will be made on a new legal basis. In this case, we will inform you about the change of purpose.

5. Processing location

We do not transfer your personal data to countries outside of the European Economic Area (EEA), except in cases permitted under the GDPR. Whether third parties, with whom you have an independent contractual relationship (such as Facebook, if you have an account) transfer data to countries outside the European Economic Area is beyond our knowledge and influence.

We also process data in countries outside the European Economic Area. In order to effectively protect your personal rights in context of these data transfers, we use the standard contractual clauses of the EU Commission as per Art. 46 para. 2 lit. c GDPR when drafting contractual relationships with recipients in third countries. These can be retrieved at: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF. Alternatively, you can request these documents from us under the contact options listed below.

For the U.S., the European Commission ruled on 12 July 2016 that an adequate level of data protection exists under the provisions of the EU-U.S. Privacy Shield (adequacy decision, Art. 45 GDPR). Further information – in addition to the certification of our service providers – can be found at: https://www.privacyshield.gov. We only use U.S. service providers that are certified according to the EU-U.S. Privacy Shield.

6. Data origin

In certain cases, we receive data because you have consented to the transfer from a third-party.

7. Transferring data to third-parties

We will only transfer your personal data to third parties if the transfer is necessary to fulfill our contractual obligations to you. The transfer is done by or together with another provider (e.g. in the case of corporations): if we are legally entitled or obliged to share your personal data or if you have given us your corresponding consent.

In order to provide our services, selected personal data within our company may be communicated to certain departments. This includes employees from the accounting, product management, marketing, and IT departments.

In certain cases, we use external service providers or associated companies, commissioned by us to process data in accordance with requirements. Such service providers, as contract processors, are obliged to comply with the strict requirements of the GDPR and may not use your data for any other purpose. Our contract processors usually provide the following services: payment service(s), hosting, accounts receivable management, newsletter dispatch, maintenance, tech support, and web application analysis.

Data transfer to contract processors is based on Art. 28 para. 1 GDPR, or alternatively on our legitimate interest in the economic and technical benefits associated with the use of specialized contract processors, referenced in Art. 6 para. 1 lit. f GDPR.

Within the boundaries of data protection law, we transmit personal data to authorities, such as the police or the public prosecutor’s office (Art. 6 Para. 1 lit. c GDPR). This data is disclosed on the basis of our legitimate interest in combating misuse, prosecuting criminal offenses and in securing, asserting, and enforcing claims. In potentially illegal cases, your interest in protecting your personal data is considered, but not prioritized, Art. 6 para. 1 lit. f GDPR.

8. Social networks

You can find information about us on social networks, such as Facebook or Twitter. We have also integrated select network functions into our online services. If you want to use them, you must be registered and logged into the respective social network. Please note that the terms of use and data protection of this company apply to the respective social network, over which we have no influence. However, we are happy to explain how such networks process your personal data in this context:

Facebook

On this website we have integrated components of the company Facebook. Facebook is a social network.

A social network is an Internet-based social meeting place, an online community enabling users to communicate with each other and to interact in digital space. A social network can serve as a platform for exchanging personal or company-related opinions, experiences, and information. Facebook enables users to create private profiles, upload photos, and network via friend requests.

The operating company of Facebook is Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. The entity responsible for processing personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, if the data subject lives outside of the USA or Canada.

Each time a page with an integrated Facebook component (Facebook plug-in) is accessed, the Facebook component automatically prompts the Internet browser on the user’s computer to download aspects of the corresponding Facebook profile from Facebook. A complete overview of all Facebook plug-ins can be found at: https://developers.facebook.com/docs/plugins/?locale=en_DE. As part of this technical process, Facebook obtains information on which subpage(s) of our website the user visits.

If the user is logged into Facebook at the same time, Facebook recognizes which specific subpage of our website the person concerned views, each time this person visits our website and throughout the duration of the visit. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of this person. If the data subject clicks one of the Facebook buttons, such as the “like” button, or makes a comment, Facebook assigns this information to the user’s personal Facebook account and stores this personal data.

Through the plug-in, Facebook receives information that the user has visited our website whenever this user is logged into Facebook when accessing our website, whether or not they click on the Facebook component. If the data subject does not choose to submit this information to Facebook, said user should log out of their Facebook account before visiting our website.

Facebook’s published privacy policy, available at https://de-de.facebook.com/about/privacy/, discloses Facebook’s methods of collecting, processing, and using personal information. It also explains what settings Facebook offers to protect the privacy of the person concerned. In addition, various applications make it possible to suppress data transmission to Facebook. Such applications can be used by the user to suppress data transmission to Facebook.

LinkedIn

We have integrated LinkedIn components into this website. LinkedIn is an Internet-based social network, allowing users to connect with existing business contacts and make new business contacts. Over 400 million registered users use LinkedIn in more than 200 countries. This makes LinkedIn the largest platform for business contacts and one of the most frequented websites worldwide.

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For privacy matters outside of the United States, please refer to: LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Each time a page with an integrated LinkedIn component (LinkedIn plug-in) is accessed, the component automatically prompts the Internet browser on the user’s computer to download aspects of the corresponding LinkedIn profile from LinkedIn. More information about LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn obtains information on which specific subpage(s) of our website the user visits.

If the user is logged into LinkedIn at the same time, LinkedIn recognizes which specific subpage of our website the person concerned views, each time this person visits our website and throughout the duration of the visit. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of this person. If the data subject clicks one of the LinkedIn buttons, such as the “retweet” button, or makes a comment, LinkedIn assigns this information to the user’s personal LinkedIn account and stores this personal data.

Through the plug-in, LinkedIn receives information that the user has visited our website whenever this user is logged into LinkedIn when accessing our website, whether or not they click on the LinkedIn component. If the data subject does not choose to submit this information to LinkedIn, said user should log out of their LinkedIn account before visiting our website.

LinkedIn at https://www.linkedin.com/psettings/guest-controls offers the possibility to manage ad settings or unsubscribe from e-mail messages, SMS messages, and targeted ads. LinkedIn also partners with Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame who may set cookies. Such cookies may be declined at https://www.linkedin.com/legal/cookie-policy.

LinkedIn’s current privacy is available at https://www.linkedin.com/legal/privacy-policy. LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

Twitter

We have integrated Twitter components on this website. Twitter is a multilingual, publicly accessible microblogging service on which users can publish or distribute tweets, i.e. short messages limited to 140 characters. These short messages can be accessed by anyone, including people not registered on Twitter. The tweets are also displayed to the respective user’s followers. Followers are other Twitter users who follow a certain user’s tweets. Furthermore, Twitter makes it possible to address a broad audience via hashtags, links, or retweets.

The operating company of Twitter is Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Each time a pages with an integrated Twitter component (Twitter plug-in) is accessed, the component automatically prompts the Internet browser on the user’s computer to download aspects of the corresponding Twitter profile from Twitter. Further information on Twitter plug-ins can be found at https://about.twitter.com/de/resources/buttons. As part of this technical process, Twitter obtains information on which specific subpage(s) of our website the user visits. The purpose of integrating the Twitter component is to enable our users to redistribute the content of this site, to make this site known in the digital world and to increase our traffic.

If the person concerned is logged in to Twitter at the same time, Twitter recognizes which specific subpage of our website the person concerned is visiting each time the person visits our website and for the entire duration of that person’s stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the person concerned. If the person concerned clicks on one of the Twitter buttons integrated into our website, the data and information transmitted will be assigned to the personal Twitter user account of the person concerned and stored and processed by Twitter.

Twitter receives information through the Twitter component that the person concerned has visited our website whenever that person is logged in to Twitter at the same time as accessing our website, regardless of whether that person clicks on the Twitter component or not. If the data subject does not wish to transmit this information to Twitter in this way, he or she can prevent the transmission by logging out of his or her Twitter account before accessing our website.

The current Twitter privacy policy can be found at https://twitter.com/privacy?lang=en.

Xing

We have integrated components from Xing on this website. Xing is an Internet-based social network that allows users to connect to existing business contacts and make new business contacts. Individual users can create a personal profile of themselves at Xing. Companies can, for example, create company profiles or publish job offers on Xing.

Xing’s operating company is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time one of the individual pages of this website is accessed, which is operated by the person for whom we operate and on which an Xing component (Xing plug-in) has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information on the Xing plug-ins can be found at https://dev.xing.com/plugins . As part of this technical process, Xing obtains information about which specific subpage of our website is visited by the person concerned.

If the person concerned is logged in to Xing at the same time, Xing recognizes which specific subpage of our website the person concerned is visiting each time the person concerned accesses our website and for the entire duration of that person’s stay on our website. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the data subject. If the person concerned presses one of the Xing buttons integrated into our website, for example the “Share” button, Xing assigns this information to the personal Xing user account of the person concerned and saves this personal data.

Xing receives information through the Xing component that the individual concerned has visited our Web site whenever the individual concerned is logged in to Xing at the same time as accessing our Web site, regardless of whether the individual concerned clicks on the Xing component or not. If the data subject does not wish this information to be transferred to Xing in this way, he or she can prevent this by logging out of his or her Xing account before accessing our website.

The data protection regulations published by Xing, which can be accessed at https://www.xing.com/privacy, provide information about the collection, processing and use of personal data by Xing. Furthermore, Xing has published data protection information for the XING Share button at https://www.xing.com/app/share?op=data_protection.

YouTube

We have integrated components from YouTube on this website. YouTube is an internet video portal that allows video publishers to post video clips and other users to view, rate and comment on them free of charge. YouTube allows the publication of all types of videos, which is why complete film and television programmes, but also music videos, trailers or videos made by users themselves can be accessed via the Internet portal.

YouTube is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time one of the individual pages of this website is accessed, which is operated for us by YouTube and on which a YouTube component (YouTube video) has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/ As part of this technical process, YouTube and Google obtain information about which specific subpage of our website is visited by the person concerned.

If the person concerned is logged into YouTube at the same time, YouTube recognizes which specific subpage of our website the person concerned is visiting by calling up a subpage containing a YouTube video. This information is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.

YouTube and Google will receive information through the YouTube component that the individual concerned has visited our website whenever that individual is logged into YouTube at the same time as accessing our website, whether or not that individual clicks on a YouTube video. If the data subject does not want this information to be transmitted to YouTube and Google in this way, they may prevent it from being transmitted by logging out of their YouTube account before visiting our website. YouTube’s privacy policy, which is available at https://www.google.de/intl/de/policies/privacy/, discloses the collection, processing and use of personal data by YouTube and Google.

On smartphones and tablets, the aforementioned services are often not implemented through plug-ins, but through a device-internal “share” function. Depending on its settings, information can also be given to other social media service providers. Please refer to your device information for details.

9. Storage period

We store personal data only as long as we are entitled to do so and the processing purpose has not ceased. For the duration of the storage of personal data the respective legal retention period applies. After this period has expired, the corresponding data will be routinely deleted unless they are no longer required for contract fulfilment or contract initiation.

10. Contact details and your rights as a data subject

If you have any questions or suggestions regarding data protection or the enforcement of your rights as a data subject, please contact our data protection officer at any time:

Axel Springer hy GmbH
data protection
Axel-Springer-Str. 65
10888 Berlin
olaf.koglin@axelspringer.de

Information and correction

You can obtain from us at any time and free of charge information as to whether personal data relating to your person is being processed by us and also specifically which data about you is being stored and a copy of the stored data. You can also have incorrect data corrected and completed.

Deletion, restriction, and the right to be forgotten

You can request the deletion and restriction of your personal data. Please note that there are legal storage obligations, e.g. for paid contracts such as the purchase of a subscription to Axel Springer hy GmbH, and that we may therefore not delete your data completely in every case. In this case, your data will be marked with the aim of restricting its future processing.

Data transferability

You also have the right, where applicable, to have your personal data transmitted to you or to another controller in a structured, common and machine-readable format, provided that the processing is based on consent or a contract and is carried out by automated means. However, this shall not apply where the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Furthermore, you have the right to obtain that the personal data be transferred directly from one responsible person to another responsible person, as far as this is technically feasible and as long as the rights and freedoms of other persons are not affected.

Revocation / objection

You can revoke your consent at any time with effect for the future at the above contact address. In particular, you can object to the use of your e-mail address for the purpose of sending the newsletter at any time in writing or in text form to info@hy.co or Axel-Springer-Str. 65 in 10888 Berlin with effect for the future, without incurring any costs other than the transmission costs according to the basic tariffs. Furthermore, you have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you on the basis of a legitimate or public interest. This also applies to profiling based on these provisions. In the event of objection, we will no longer process the personal data unless we can prove compelling reasons for the processing worthy of protection which outweigh the interests, rights and freedoms of the person concerned, or the processing serves the assertion, exercise or defense of legal claims.

If we process personal data for the purpose of direct advertising, you have the right to object at any time to the processing of personal data for the purpose of such advertising at the above contact address. This also applies to profiling as far as it is connected with such direct advertising. In addition, you have the right to object to the processing of personal data concerning you by us for scientific or historical research purposes or for statistical purposes for reasons arising from your particular situation, unless such processing is necessary to fulfil a task in the public interest.

Right of appeal
Furthermore, you have the right to appeal to the competent supervisory authority and the possibility to lodge appeals. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy.

Presence of automated decision making process

We do without automatic decision making or profiling.

Status: May 25, 2018

Limited liability clause

The contents of our web pages have been prepared carefully and to the best of our knowledge. Similarly, no guarantee can be given for the topicality, completeness and correctness of all pages. The use of the contents of the website is at the user’s own risk. The mere use of the provider’s website does not constitute a contractual relationship between the user and the provider.

Furthermore, our website contains links to third-party websites. Since we have no influence on these contents, no guarantee can be assumed for the foreign contents. The respective information provider of the linked website is always responsible for the content and correctness of the information. At the time of linking, no violations of the law were discernible. As soon as we become aware of an infringement, we will remove the respective link immediately.