Privacy Policy


This data protection information applies to data processing on the part of

Leopoldstrasse 21
80802 Munich

The data protection officer for TALENTspy can be reached by e-mail at


a)    When visiting our website
When accessing our website at information is automatically sent by the browser used on your terminal device to server of our website. This information is saved temporarily to a so-called log file. The following information is collected without input from you and is saved until it is automatically deleted:

  • IP address of the computer making the request
  • Date and time of access
  • Name and URL of the file retrieved
  • Website from which access ensued (referrer URL)
  • Browser used and operating system, as applicable, of your computer together with the name of your access provider.

The above data is processed by us for the following purposes:

  • To ensure smooth connection to the website
  • To ensure comfortable use of our website
  • Evaluation of system security and stability
  • Other administrative purposes.

The legal basis for data processing is Art. 6 (1) Item (f) GDPR. Our legitimate interest ensues from the above purposes for data acquisition. Under no circumstances will we use the collected data for the purpose of drawing conclusions about your person

b) Contacting us by e-mail/via social media (LinkedIn, XING,

When you make contact with us by e-mail/via social media (LinkedIn, XING, etc.) the data supplied by you, e.g. your e-mail address and name, together with further contact data, is stored for the purposes of responding to your request. We delete the data that is generated in this connection as and when its storage is no longer necessary, or we restrict its processing insofar as this is specified by statutory retention requirements. Upon confirmation, we will reserve the right to hold your data for a period longer than six months. If you wish otherwise, please mention this explicitly.

Data is processed by us for the purposes of establishing contact pursuant to Art. 6 (1) Item (a) GDPR on the basis of consent voluntarily provided by you, or pursuant to Art. 6 (1) Item (b) GDPR for the execution of pre-contractual measures ensuing from your query.


Your personal data will not be transferred to third parties for any purpose other than listed in the following.  We will only pass on your personal data to a third party if:

  • you have provided your express consent pursuant to Art. 6 (1) Item (a) GDPR
  • this is required pursuant to Art. 6 (1) Item (f) GDPR for the purposes of safeguarding our justified interests or those of a third party, except where such interests are overridden by your own interests or fundamental rights and freedoms, or those of another involved person that requires the protection of personal data
  • a legal obligation exists for the transfer of data pursuant to Art. 6 (1) Item (c) GDPR
  • it is legally admissible pursuant to Art. 6 (1) Item (b) GDPR and necessary for the execution of contractual relationships with you or the implementation of pre-contractual measures.


We currently use the following social media plug-ins: Google+, XING and LinkedIn. We deploy the so-called two-click solution. This means that when you visit our website, no personal data is initially passed on to the vendors of plug-ins. The vendors of the plug-ins can be recognised by first letter or logo in the marking on the box. We enable you to make direct contact with the vendor of the plug-in by clicking on the button. Only when you click on the marked field to activate it will the plug-in vendor receive the information that you have accessed our website. In addition, the data specified under 2 a) of this declaration will be submitted. In the case of XING, according to the respective vendor in Germany the IP-address is anonymised immediately after acquisition. Personal data will be forwarded by activation of the plug-in to the respective plug-in vendor and stored there (vendors in the USA). Since the plug-in vendor acquires data in particular via cookies, we recommend that you delete all cookies via the security settings of your browser prior to clicking on the greyed-out box.

We have no influence on the acquired data and data processing procedures, and we have no knowledge of the full extent of data acquisition, the purpose of processing or the retention periods. Similarly, we have no information on the deletion of acquired data by the plug-in vendor.

The plug-in vendor stores the acquired data pertaining to you as a user profile and employs it for the purposes of advertising, market research and/or design of its website to better suit the needs of users. Such an analysis is carried out in particular (including for users who are not logged in) to provide customer-oriented advertising and to inform other social network users about your activities on our website. You have the right to object to the creation of this user profile. However, you must contact the respective plug-in vendor in order to exercise this right. With the plug-ins we enable you to interact with the social networks and other users, with the aim of further improving our services and achieving a more attractive design of our website. The legal basis for the use of plug-ins is Art. 6 (1) Item (f) GDPR.

Data is passed on irrespectively of whether you have an account with the plug-in vendor and are logged in. When you are logged into the plug-in vendor, your data acquired by us is directly assigned to your existing account with the plug-in vendor. When you activate the button and, e.g. link to the site, the plug-in vendor will save this information in your user account and share your contact data openly. We recommend regularly logging out after using a social network, in particular prior to activation of the buttons, as you will then prevent assignment to your profile at the plug-in vendor.

Further information regarding the purpose and scope of data acquisition and processing by the plug-in vendor can be obtained in the data protection declarations of the respective vendors below. Here you will also find further information concerning your rights and setting options for the protection of your private sphere.

The addresses of the respective plug-in vendor and URL with their data protection statements are:


You have the right:

  • pursuant to Art. 15 GDPR, to demand information concerning the personal data we process. In particular, you may request information relating to the purpose of processing, categories of personal data, categories of recipients to which your data was or will be disclosed and proposed storage term, the existence of a right to rectify, erase, limit processing or object, the existence of a right to lodge a complaint, the origin of your data if we did not acquire it, as well as the existence of an automated decision and profiling procedure, and particular information on the pertinent details;
  • pursuant to Art. 16 GDPR, to demand the immediate rectification or completion of your personal data stored by us;
  • pursuant to Art. 17 GDPR, to demand the deletion of your personal data stored by us, insofar as we are not required to process the said data in order to exercise the right of free expression and information, to comply with legal requirements, for reason of public interest or to assert, exercise or defend legal claims;
  • pursuant to Art. 18 GDPR, to demand restriction of the processing of your personal data, insofar as you dispute the correctness of the data, processing is unlawful, you refuse its deletion and we no longer require the data, but you need it for the purpose of asserting, exercising or defending legal claims, or you have filed an objection to processing pursuant to Art. 21 GDPR;
  • pursuant to Art. 20 GDPR, to receive the personal data you have provided in a structured, commonly used and machine-legible format, or the transfer of this data to another responsible party;
  • pursuant to Art. 7 (3) GDPR, to withdraw the consent you gave us at any time. This means that in future we will no longer process the data to which this consent relates;
  • pursuant to Art. 77 GDPR, to lodge a complaint with a supervisory authority. Generally, you may contact the supervisory authority that has jurisdiction at your usual place of residence or work, or our registered office.


Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) Item (f) GDPR, you have the right pursuant to Art. 21 GDPR to object to the processing of your personal data, provided reasons arising from your special situation exist, or your objection relates to direct advertising. In the latter case you have a general right to object, and we will act upon it without the need to specify the circumstances.

Should you wish to exercise your right to withdraw consent or object, it will suffice to send an e-mail to


During website visits we deploy the widely used SSL (Secure Socket Layer) process in conjunction with the highest level of encryption that is supported by your browser. Generally this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether an individual page of our website is provided with encryption is shown by the depiction of the closed lock, in the bottom status bar of your browser.

We also implement the appropriate technical and organizational security measures to protect your data against random or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are subject to ongoing improvement in line with technological developments.


This data protection declaration is up-to-date. Its current status is dated May 2018.

On account of the further development of our website and services provided within it, or due to new statutory or regulatory provisions it may be necessary to amend this data protection declaration. The current data protection declaration may be downloaded from the website and printed at any time.