Privacy Policy

If you have subscribed to the Metaplan newsletter, Metaplan will use the data you provided during registration (title, first name, last name, email address) for the purpose of sending you the Metaplan newsletter.
 
We use Microsoft Dynamics 365 Marketing to send our newsletter. To improve customer service, your data/usage behavior is evaluated

and processed in this system. This includes information about interactions with sent emails (e.g., open or click rates).

Legal basis: Art. 6 (1) (a) GDPR (consent).
You can revoke your consent at any time by clicking on the unsubscribe link in the newsletter.

Users who no longer wish to receive our newsletter can click on a link called “Unsubscribe from newsletter,” which

is included in all Metaplan newsletters. They will then be removed from our mailing list.

If you contact us via the contact form or via registration and download forms, your details from the forms, including the contact details you provided there,

will be stored by us for the purpose of processing your enquiry and in case of follow-up questions.
We will not pass on this data without your consent.

In our forms, we only ask for information that we need for you to register for a seminar/event or to provide downloadable content. Your data will not be passed on to third parties.

We require your contact details so that we can send you an invoice for events that incur a charge and arrange other services (e.g., hotel reservations) for you. We also use your contact details to contact you if we have any questions.

To protect our forms, we use Friendly Captcha on our website, a service designed to prevent automated access. This ensures that the people who contact us are real people and not so-called bots.
Friendly Captcha collects technical data such as the anonymized IP address, request data, and the time taken to solve the captcha.

The captcha does not set any cookies and does not store any personal data of users. Detailed information on data processing by the provider can be found at: https://friendlycaptcha.com/de/legal/privacy-end-users/

Legal basis: Article 6(1)(f) GDPR (legitimate interest in protection against misuse).

The provider of the pages collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: IP address of the requesting device, date and time of the server request, browser type and browser version, operating system, referrer URL, host name of the accessing computer.

Processing is carried out to ensure smooth connection establishment, system security and stability, and for administrative purposes (Art. 6(1)(f) GDPR).

This data cannot be attributed to specific individuals. This data is not merged with other data sources. We reserve the right to review this data retrospectively if we become aware of specific indications of illegal use.

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

When SSL encryption is enabled, the data you transmit to us cannot be read by third parties.

We use cookies on our website. Cookies are text files that are stored on your hard drive by your browser. This data contains information about which websites you have visited and which advertisements you have seen.

However, cookies never enable the collection of personal data such as names, addresses, email addresses, etc.

By default, your browser accepts cookies and stores them, for example, in a directory named

“Temporary Internet Files,” as these do not pose a security risk.

If you do not want Metaplan to use cookies, please deactivate this function in your browser. For more information on deactivating cookies, please refer to your browser’s help dialog. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.

We use cookies and similar technologies to make our website more user-friendly. You can adjust your cookie settings at any time in the cookie banner.

Necessary cookies

Necessary cookies are required for the basic functions of the Metaplan website and its proper display.

Necessary cookies help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Statistics

We use various services to collect anonymized usage data.

Statistical cookies help us understand how visitors interact with our website. To do this, anonymous information is collected and evaluated, which we can use to improve the site.

Marketing

In order to present our offerings to as wide an audience as possible who are interested in our services and to analyze the success of our campaigns, we work with various marketing providers.

To the cookie settings

We use the web analytics service Google Analytics provided by Google Ireland Limited, Gordon House, Barrow Street 4, Dublin.

Google Analytics uses cookies to enable analysis of website usage. The information collected is usually transferred to Google servers in the USA and stored there. Google uses this stored information to evaluate your website usage, to compile reports on website activity for website operators, and to provide other services related to website and internet usage. Google may also transfer this information to third parties.

if required by law or if third parties process this data on behalf of Google.

Further information on this can be found at: https://policies.google.com/privacy?hl=de

Legal basis: Art. 6 (1) (a) GDPR (consent).
Data transfer to the USA: in accordance with Art. 46 GDPR via standard contractual clauses.

You can revoke your consent at any time via the cookie banner.

We have activated the “IP anonymization” function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your

use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. This prevents any direct personal references.

We use Microsoft Dynamics 365 for CRM processes, managing our customer data, processing contact requests, seminar registrations, event registrations, and download registrations via corresponding forms.

Processed data primarily includes:

• Contact details: Title, last name, first name, email address, phone number
• Professional details: Company, position

• Billing information: Address, VAT number

• Contents of your message/request

• Data on seminar or event registrations

Purposes: Depending on the type of event (free or paid) and whether an event is restricted to a specific group of participants, the necessary data will be requested in the respective forms. We require this data to process your registration, manage customer relationships, organize and conduct events, and provide downloadable content.

Legal basis: Article 6(1)(b) GDPR (contract/pre-contractual relationship), Article 6(1)(f) GDPR (legitimate interest).

Microsoft Dynamics is operated by Microsoft Ireland. Data is transferred to third countries (e.g., the US) on the basis of standard contractual clauses in accordance with Art. 46 GDPR.

We embed videos from the YouTube platform (Google Ireland Limited). This is done in extended privacy mode. When playing a video, data may be transferred to YouTube/Google, e.g.,

IP address, device information, usage data (e.g., playback history).
Legal basis: Art. 6 (1) (a) GDPR (consent via cookie banner).

Our website uses a share button from LinkedIn in some places. A connection to LinkedIn is only established when you actively click on the button.

Legal basis: Art. 6 (1) (a) GDPR (consent).
LinkedIn may process user data in the US on the basis of standard contractual clauses.

The learning content for our Metaplan Academy seminars is provided via the external learning platform Thinkific Labs Inc.

Processed data: Name, email address, assignment to booked seminars, learning progress, access data.

Legal basis: Art. 6 (1) (b) GDPR (performance of the seminar contract).
Data transfer in Canada: Thinkific is based in Canada; Canada is considered a safe third country according to the adequacy decision (Art. 45 GDPR).

We use Microsoft Bookings to quickly arrange personal appointments with our consultants.

Processed data: Name, email address, selected appointment, other voluntary information.

Legal basis: Article 6(1)(b) GDPR.

Transfers to the US are secured by standard contractual clauses.

You can find out about job vacancies and submit applications via our careers page. You can also send us speculative applications.

The following information provides you, as an applicant, with details about the collection and processing of your personal data in the context of your application and after your application. This information is based, among other things, on the provisions of Articles 13 and 14 of the EU General Data Protection Regulation (GDPR) and the provisions of the Federal Data Protection Act (BDSG).

As a result of your application, we process the data you have provided to us, in particular your first and last name, title, and contact details such as your address,

Telephone number, email address, fax number, etc., and the data from your application, such as your cover letter, resume, references, applicant questionnaires, applicant interviews, and other documents. During the application process, we may also collect additional personal data from you personally or from publicly available sources.

The legal basis for data processing is provided by Art. 6 (1) sentence 2 b in conjunction with Art. 28 GDPR and § 26 (1) BDSG.

a. Your data will initially only be considered for a decision regarding the position for which you have expressly applied. In the course of the application process, further data may also be collected (which we receive from you or obtain from generally accessible sources). Your personal data will be deleted or destroyed if you are not hired and as soon as six months have passed since the end of the selection process.

If your application for a specific vacancy is unsuccessful, we may wish to use it in the selection process for another position that may become available in our company. For this purpose, we would—with your consent—make your data and documents available to the persons responsible for the application process in our company and use them in automated searches. The legal basis for this data processing is Art. 6 (1) sentence 2 a, b, f GDPR and § 26 (1) and (2) BDSG.

b. If you have submitted a speculative application that does not relate to a specific position in our company, we will continue to consider your application data and documents in accordance with Art. 6 (1) sentence 2 b in conjunction with Art. 28 GDPR and § 26 BDSG when making decisions on filling any suitable position in our company. We will therefore keep this data and these documents available in automated searches for the persons responsible for the application process in our company and use them for new recruitment decisions.

c. Your application data/documents from unsolicited applications and from applications for which you have given us your consent for further use will be stored for a maximum period of one year after completion of the application process and then deleted. If the application is still in an ongoing application process before the end of one year, it will be deleted within six months of the completion of that process.

If, in the cases mentioned above, we are still interested in your application after the specified deadlines have expired, we will contact you and ask you to confirm your interest, update your application data/documents, or renew your consent.

d. Once an application has led to your hiring, we will add your application data/documents to your personnel file in accordance with Art. 6 (1) sentence 2 b GDPR and § 26 BDSG.

Personal data will be deleted as soon as the purpose no longer applies or you revoke your consent, provided that there are no legal retention obligations to the contrary.

Below is an overview of the sections in the GDPR that govern your rights as a data subject:

• Information (Art. 15 GDPR)

• Rectification (Art. 16 GDPR)

• Deletion (Art. 17 GDPR)

• Restriction of processing (Art. 18 GDPR)

• Data portability (Art. 20 GDPR)

• Objection (Art. 21 GDPR)

• Withdrawal of consent (Art. 7(3) GDPR)

• Complaint to a supervisory authority (Art. 77 GDPR)

We use technical and organizational measures to protect your data against loss, manipulation, or unauthorized access.

We reserve the right to update this privacy policy as necessary. The current version is available on our website at any time.