qSkills Logo

Privacy Policy

qSkills™ GmbH & Co. KG

This applies to our entire website, regardless of the domain (e.g., qskills.com, qskills-security-summit.com, qskills-security-summit.de, etc.), platform (e.g., website, Facebook, XING, LinkedIn, etc.), and/or medium (e.g., homepage, email, postal mail, etc.).

We welcome you to our website and appreciate your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with the applicable legal provisions for the protection of personal data, in particular the General Data Protection Regulation (GDPR) and the country-specific implementing laws applicable for us, as well as the Telecommunications Digital Services Data Protection Act (TDDDG). With the help of this privacy policy, we provide you with comprehensive information about the processing of your personal data by qSkills™ GmbH & Co.KG and your rights.

Personal data is information that enables the identification of a natural person. This includes, in particular, your name, date of birth, address, telephone number, email address, and your IP address. Anonymous data is data that cannot be linked to a specific user.

Responsible body and data protection officer

qSkills™ GmbH & Co. KG
Südwestpark 65, 90449 Nuremberg, Germany

contact information:
www.qskills.de
telephone: +49 (911) 80103-0
e-mail: Show Mail-Adress
Contact details of the data protection officer: Show Mail-Adress

Your rights as a data subject

First of all, we would like to inform you about your rights as a data subject. These rights are standardized in Articles 15–22 of the GDPR. They include:

  • Right of access (Article 15 GDPR)

  • Right to erasure (Article 17 GDPR)

  • Right to rectification (Article 16 GDPR)

  • Right to data portability (Article 20 GDPR)

  • Right to restriction of processing (Article 18 GDPR)

  • Right to object to processing (Article 21 GDPR)

To exercise these rights, please contact Show Mail-Adress. The same applies if you have any questions about data processing carried out by our company. You also have the right to file a complaint with a data protection supervisory authority.

Rights to object

Please note the following in connection with your rights to object:
If we process your personal data for direct marketing purposes, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling insofar as it is related to direct marketing.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be made informally, preferably by email to Show Mail-Adress.

In the event that we process your data to protect legitimate interests, you may object to this processing at any time for reasons arising from your particular situation; This also applies to profiling based on these provisions.

We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

Purposes and legal basis of data processing

When processing your personal data, we comply with the provisions of the GDPR and all other applicable data protection regulations. The legal basis for data processing is derived in particular from Art. 6 GDPR.

We use your data for business development, to fulfill contractual and legal obligations, to execute the contractual relationship, to offer products and services, and to strengthen customer relationships, which may also include analyses for marketing purposes and direct advertising. We will process the data you have provided specifically for the organization and implementation of training courses, including hotel reservations and accompanying events.

Your consent also constitutes a permission requirement under data protection law. In this context, we will inform you about the purposes of data processing and your right of withdrawal. If the consent also relates to the processing of special categories of personal data, we will expressly point this out to you in the consent form.

Special categories of personal data within the meaning of Art. 9 (1) GDPR will only be processed if this is required by law and there is no reason to assume that your legitimate interest in excluding such processing outweighs this requirement.

For your protection, we may also collect data in order to track down malfunctions and minimize them in the future. This includes, for example, logs and artifacts from firewalls, intrusion detection systems, emails/files with viruses/spam, and the like. This may also include data that can be traced back to the sender/creator. This enables us to take appropriate protective measures.

Disclosure to third parties

We will only disclose your data to third parties within the scope of legal provisions, within the scope of contract fulfillment, or with your consent. Otherwise, your data will not be disclosed to third parties unless we are obliged to do so by mandatory legal provisions (disclosure to external bodies such as supervisory authorities or law enforcement agencies).


Recipients of the data / categories of recipients

Within our company, we ensure that only those people receive your data who need it to fulfill contractual and legal obligations.

In many cases, service providers support our specialist departments in fulfilling their tasks. The necessary data protection agreements have been concluded with all service providers (data destruction, shipping, IT service providers, payment services, etc.).

Third-country transfers / intention to transfer data to third countries

Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is necessary for the performance of the contractual obligation, is required by law, or you have given us your consent to do so.

We transfer your personal data to a service provider or group companies outside the European Economic Area (e.g., the USA). Compliance with the level of data protection is ensured by a corresponding commitment to the GDPR and case-related order data processing agreements.

Data storage period

We store your data for as long as it is required for the respective processing purpose. Please note that numerous retention periods require that the data must remain stored. This applies in particular to commercial law or tax law retention obligations (e.g., Commercial Code, Tax Code, etc.). As a rule, a retention period of 10 years applies here. Unless there are further retention obligations, the data will be routinely deleted once the purpose has been achieved.

In addition, we may retain data if you have given us your permission to do so or if legal disputes arise and we use evidence within the scope of statutory limitation periods, which can be up to thirty years; the regular limitation period is three years.

Secure transmission of your data

We use appropriate technical and organizational security measures to protect the data we store against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. The security levels are continuously reviewed in collaboration with security experts and adapted to new security standards.

Data exchange to and from our website is encrypted. We offer HTTPS as the transmission protocol for our website, using the current encryption protocols. If you are unsure how to communicate with us securely, please give us a call and we will be happy to clarify this. It is also possible to use alternative communication channels (e.g., postal mail).

Obligation to provide data

Various personal data are necessary for the establishment, execution, and termination of the contractual relationship and the fulfillment of the associated contractual and legal obligations. The same applies to the use of our website and the various functions it provides.

In certain cases, data must also be collected or made available due to legal requirements. Please note that it is not possible to process your request or execute the underlying contractual obligation without providing this data.

Categories, sources, and origin of data

The context determines which data we process: This depends on whether, for example, you place an order online, send us an application, enter a request in our contact form, or submit a complaint. In doing so, we observe the principle of data minimization and data avoidance by only requiring you to provide the data that we absolutely need from you for further processing.

Please note that we may also provide information for specific processing situations separately in the appropriate place, e.g., when uploading application documents or submitting a contact request.

We collect and process your data within the scope of various contact interfaces, such as when you visit our website, submit a contact request, place an order or make a booking, apply for a job online, subscribe to newsletters, enter prize competitions, and similar processes. At this point, it is clearly indicated whether the information is voluntary or mandatory; mandatory information is marked separately. Without this mandatory information, further processing or participation is unfortunately not possible. In addition to this visible information, we also collect and process the following information on a case-by-case basis:

  • Name of your Internet service provider

  • Information about the website from which you are visiting us

  • Web browser and operating system used

  • The IP address assigned by your Internet service provider

  • Requested files, amount of data transferred, downloads/file exports

  • Data that may be lawfully processed from other sources

  • We also use data that we have lawfully obtained from publicly accessible directories (e.g., professional networks).

  • Information about the web pages you visit on our site, including date and time

  • Analysis data from the above information

For reasons of technical security (in particular to defend against attempts to attack our website), this data is stored in accordance with Art. 6 (1) lit. f GDPR.

Contact form / Contact via email (Art. 6 (1) (a), (b) GDPR)

Our website features a contact form that can be used to contact us electronically. If you write to us using the contact form, we will process the data you provide in the contact form in order to contact you and respond to your questions and requests.

The principle of data minimization and data avoidance is observed here, as you only need to provide the data that we absolutely need to contact you. This includes, in particular, your first and last name, title, email address, company, and the message field and subject line itself. In addition, your IP address is processed for technical reasons and for legal safeguarding. All other data is optional and can be provided voluntarily (e.g., to enable us to respond to your questions in a more personalized manner).

If you contact us by email, we will process the personal data provided in the email solely for the purpose of processing your request.

Newsletter (Art. 6 (1) (a) GDPR)

You can subscribe to a free newsletter on our website. The email address you provide when registering for the newsletter and your other details will be used to send you the personalized newsletter.

The principle of data minimization and data avoidance is observed here, as only your email address, name, title, and company are marked as mandatory fields. For technical reasons and for legal safeguarding, your IP address is also processed when you subscribe to the newsletter.

We use the double opt-in procedure for sending newsletters by email. This means that you will only receive advertising by email if you have expressly confirmed in advance that you want us to activate the newsletter service. We do this by sending you a notification email and asking you to confirm that you want to receive our newsletter at this email address by clicking on a link contained in this email. Alternatively, you can also subscribe to our newsletter when registering for one of our events.

You can, of course, unsubscribe at any time using the unsubscribe option provided in the newsletter and thus revoke your consent.

Prize competition / Advertising consent (Art. 6 (1) (a), (b) GDPR)

You have the opportunity to participate in our prize competition on our website. When you fill out the prize competition form, we process the data provided there exclusively for the purpose of conducting the prize competition.

The principle of data minimization and data avoidance is observed in that you only need to provide the data that we absolutely need to run the competition and notify you if you win. This includes, in particular, your name, company, address, telephone number, and email address.

The mandatory fields are marked accordingly. For technical reasons and for legal protection, your IP address is also processed in online prize competitions. The remaining fields are optional and can be filled in if you wish. Unfortunately, we cannot run the prize competition without the mandatory fields. Participation is then not possible.

Within the prize competition form, you also have the option of giving us your consent to receive advertising. Of course, it is also possible to participate in the prize competition without giving your consent to receive advertising.
If you give us your consent by ticking the respective checkbox, we will also process your data in order to send you information and offers about our products/services as well as our newsletter by email, post, telephone, or fax.

You can revoke your consent at any time without giving reasons by sending an email to Show Mail-Adress or by post to qSkills™ GmbH & Co.KG, Südwestpark 65, 90449 Nuremberg, Germany.

Advertising purposes for existing customers (Art. 6 (1) (f) GDPR)

We are interested in maintaining our customer relationship with you and sending you information and offers about our products/services. We therefore process your data in order to send you relevant information and offers by email.

If you do not wish to receive this information, you can object to the use of your personal data for direct marketing purposes at any time; this also applies to profiling (e.g., tailoring content to your needs) insofar as it is related to direct marketing. If you object, we will no longer process your data for this purpose.

The objection can be made free of charge and without giving reasons and should be sent by email to Show Mail-Adress or by post to qSkills™ GmbH & Co.KG, Südwestpark 65, 90449 Nuremberg, Germany.


Registration (Art. 6 (1) (b) GDPR)

We process the data you provide during registration solely for the purpose of executing or processing the contractual relationship, unless you consent to further use.

The principle of data minimization and data avoidance is observed in that you only need to provide us with the data that we absolutely need to perform the contract or fulfill our contractual obligations (i.e., in particular, your name, contact details, company, and the payment details required for the selected payment method) or information that we are obliged to collect due to our relationship with manufacturers/partners or due to other legal requirements.

In addition, your IP address is processed for technical reasons and for legal safeguarding. Without this data, we will unfortunately have to refuse to conclude the contract, as we will then be unable to perform it or may have to terminate an existing contract. Of course, you can also provide more data if you wish.

Payment service provider Stripe

You can process credit card payments via the payment service provider Stripe. The provider is Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dunlin, Ireland. The data and information required for payment are transmitted to Stripe for payment processing. The legal basis for this is Art. 6 (1) (b) GDPR and your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time. Stripe is certified under the Data Privacy Framework. More detailed information about Stripe can be found at: stripe.com/en-de/privacy.

Cookies (Art. 6 (1) (a), (f) GDPR, § 25 (1), (2) TDDDG)

Our website uses cookies and similar technologies such as local storage. These serve to make our offering more user-friendly, effective, and secure, to improve usability, and to enable statistical analysis of website usage. Cookies are small text files that are stored on your device and saved by your browser (locally). Cookies only contain pseudonymous, mostly even anonymous data. Some cookies remain for the duration of a browser session (so-called session cookies), others are stored for a longer period (so-called persistent cookies, e.g., consent settings). The latter are automatically deleted after the specified time. In addition to our own cookies, we also use cookies that are controlled by third-party providers. These use the information contained in the cookies to display content to you, for example, or to record the pages you have visited.

Based on our legitimate interest (Art. 6 (1) (f) GDPR), we use technically necessary cookies that are essential for the operation of the website and to ensure its functionality. Furthermore, we use cookies without your consent if their sole purpose is to store or access information stored on the end device for the transmission of messages or if they are absolutely necessary to provide the service you have expressly requested, § 25 (2) TDDDG.

We use the following technically necessary cookies:

Name

Function

Lifetime

Group

et_allow_cookies

When using data-block cookies, this cookie is set to “1” by the API call etracker.enableCookies() to indicate that etracker is allowed to set cookies. When using the etracker Consent Manager, this cookie is set to “0” if etracker cookies are rejected to indicate that etracker is not allowed to set cookies. The cookie is deleted when etracker.disableCookies() is called.

480 days

etracker

et_oi_v2

Required for the opt-out function. Also used for a possible opt-in if data processing is only to take place with consent.

"no" - 50 years
"yes" - 480 days

etracker

et_scroll_depth

Cache for scroll depth measurement.

Browser Session

etracker

isSdEnabled

Detection of whether the visitor's scroll depth is measured

24 hours

etracker

et_cssSelectors

Cache for the configured CSS selector events.

Browser Session

etracker

et_tagManagerEntries

Cache for the configured Tag Manager entries.

Browser Session

etracker

et_tagManagerVars

Cache for the configured Tag Manager variables.

Browser Session

etracker

qskills_session

qSkills™ session cookie

Browser Session

qSkills™

XSRF-TOKEN

Cross-site request forgery tokens serve as a security measure. They ensure that HTTP requests actually originate from the legitimate user and the relevant website.

1 hour

qSkills™

qskills-cart

shopping cart information

1 day

qSkills™

PHPSESSID

qSkills™ Security Summit Session Cookie

Browser Session

qSkills™ Security Summit

viewed_cookie_policy

This cookie is set by the consent manager of the qSkills™ Security Summit website and is used to store whether or not the user has consented to the use of cookies.

1 year

qSkills™ Security Summit

cookielawinfo-checkbox-necessary

This cookie is set by the Consent Manager of the qSkills™ Security Summit website and is used to store the user's consent for cookies in the “Necessary” category.

1 year

qSkills™ Security Summit

CookieLawInfoConsent

The cookie named “CookieLawInfoConsent” in the qSkills™ Security Summit Consent Manager stores the user's consent regarding the use of cookies on the website.

1 year

qSkills™ Security Summit

Analytical or functional cookies (blocked by default):

Name

Function

Lifetime

Group

cookiesAvailable

Once set, it attempts to read and is immediately deleted again to determine whether cookies are supported in principle.

Browser Session

etracker

_et_coid

User recognition

720 days

etracker

et_oi_services

When using the Consent Manager, this is used to save the categories and providers selected by the user.

720 days

etracker

vuid

Vimeo-generated ID used for generating analytics information for the video owner.

2 years

Vimeo

player

Stores preferences for player controls (i.e. volume, stream quality, captions).

1 year

Vimeo

flags

Specifies feature flags enabled by the video owner.

1 year

Vimeo

[clip_id]_password

Stores an encoded password entered to authenticate a password-protected clip.

Browser Session

Vimeo

[webinar_uuid]_webinar_registrrant

Stores the ID of a user who has registered for a webinar.

7 days

Vimeo

lc_[hash]

Stores the ID of a user who has submitted information through a video registration form.

7 days

Vimeo

player_ clearance

Vimeo cookie used for bot prevention 

7 days

Vimeo

_cf_bm

Cloudflare bot manager manages incoming traffic that matches the criteria associated with bots.

1 hour

Vimeo

_cfuvid

Cloudflare cookie used to enforce rate-limiting rules.

Browser Session

Vimeo

cf_ clearance

Cloudflare cookie used for bot prevention.

1 year

Vimeo

Provided you give your consent, additional cookies and local storage are used for marketing purposes, enabling us or third parties to evaluate how our services are used, for example. This allows us to tailor content to user needs. Cookies also enable us to measure the effectiveness of a particular advertisement and place it according to the user's thematic interests, for example. The legal basis for this is your express consent (Art. 6 (1) (a) GDPR, § 25 (1) TDDDG).

You can revoke your consent at any time with future effect via our consent banner and change your cookie settings. Please note that changes must be made separately for each device.

Consent-Banner

If you have accounts with the third-party providers we use and are logged in to these accounts, your data may be linked to the respective account. You can prevent this by not giving your consent to the relevant cookies or by revoking your consent, or by logging out of the respective third-party providers in advance.

Most browsers automatically accept cookies. You can also manually disable, restrict, or delete cookies on your device via your browser settings or with the help of software. If you disable cookies, you will not be able to use our website entirely or only to a limited extent.

Please also note our information in the section of the respective service that uses cookies.

User profiles / Web tracking methods

The provider of this website uses services from etracker GmbH in Hamburg, Germany (www.etracker.com) to analyze usage data.

The etracker consent manager module is used for consent management. The etracker tag manager module can be used to integrate script codes from other tools. When used in combination, the etracker tag manager and consent manager enable the control of certain cookies and services with the appropriate consent. Even if statistical cookies are rejected, usage data is collected in accordance with the legal requirements of the General Data Protection Regulation (GDPR) and the Telecommunications Digital Services Data Protection Act (TDDDG). Data processing is carried out on the basis of the legal provisions of Art. 6 (1) lit. f (legitimate interest) of the GDPR. Our concern within the meaning of the GDPR (legitimate interest) is the optimization of our online offering and the legally compliant integration and administration of additional services on our website. Provided that consent has been given, other technologies are used on the basis of Art. 6 (1) (a) of the EU GDPR. Consent can be revoked at any time.

The web analysis data generated by etracker is processed and stored exclusively in Germany on behalf of the provider of this website and is therefore subject to strict German and European data protection laws and standards. etracker has been independently audited, certified, and awarded the ePrivacyseal data protection seal of approval. As the privacy of our visitors is important to us, data that could potentially be linked to an individual, such as IP addresses, login IDs, or device IDs, is anonymized or pseudonymized as soon as possible. It is not used for any other purpose, combined with other data, or passed on to third parties.

You can object to the data processing described above at any time by clicking on the slider. Objecting will not have any negative consequences. If no slider is displayed, data collection has already been prevented by other blocking measures.

Further information on data protection at etracker can be found at www.etracker.com/en/data-privacy.

Links to other providers

Our website also contains links to the websites of other companies. Where links to websites of other providers are provided, we have no influence on their content. Therefore, we cannot accept any liability or guarantee for this content. The respective provider or operator of the pages is always responsible for the content of these pages.

The linked pages were checked for possible legal violations and recognizable infringements to the best of our knowledge and belief at the time of linking. No illegal content was apparent at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any violations of the law, such links will be removed immediately.

Vimeo

We embed videos from the Vimeo Inc. platform (555 West 18th Street, New York, 10011, NY, USA) on our website. To do this, a connection is established to the Vimeo servers, along with information about which website you are currently visiting or have visited. If you are logged into your Vimeo account, your surfing behavior can be directly assigned to your profile. You can prevent this by logging out of your Vimeo account before visiting our website.

Vimeo may use cookies and similar technologies, such as local storage, to analyze user behavior in order to play the video, save your user preferences, or statistically evaluate the use of the video.

Processing is based on your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time.

Data transfer to a third country cannot be ruled out, as Vimeo is based in the USA. Vimeo is certified under the Data Privacy Framework. The necessary data protection agreements are in place. More detailed information about Vimeo can be found at https://www.vimeo.com/legal/privacy/policy.

Links to social media

Our website contains links to the social media services of Facebook/Meta, X (formerly Twitter), YouTube, LinkedIn, and Xing. Links to the websites of social media services can be identified by the respective company logo. If you follow these links, you will be taken to the qSkills™ GmbH & Co. KG company page on the respective social media service. When you click on a link to a social media service, a connection to the servers of the social media service is established. This transmits to the servers of the social media service that you have visited our website. In addition, further data is transmitted to the provider of the social media service. This includes, for example:

  • Address of the website on which the activated link is located

  • Date and time of the website visit or activation of the link

  • Information about the browser and operating system used

  • IP address

In addition to us, the following companies are responsible for the company's online presence in terms of the GDPR and other data protection regulations

  • Meta
    Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

  • LinkedIn
    LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

  • X (vormals Twitter)
    X Internet Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland

  • Xing
    News Work SE, Dammtorstraße 30, 20354 Hamburg, Germany

  • YouTube
    Google™ Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

If you are already logged in to the relevant social media service when you activate the link, the provider of the social media service may be able to determine your user name and, in some cases, even your real name from the transmitted data and assign this information to your personal user account with the social media service. You can prevent this association with your personal user account by logging out of your user account beforehand.

The servers of the social media services are located in the USA and other countries outside the European Union. The data may therefore also be processed by the social media service provider in countries outside the European Union. Please note that companies in these countries are subject to data protection laws that generally do not protect personal data to the same extent as in the member states of the European Union.

Please note that we have no influence on the scope, type, and purpose of data processing by the social media service provider. For more information on how your data is used by the social media services integrated into our website, please refer to the privacy policy of the respective social media service.

Overall, you have the following rights regarding the processing of your personal data:

Right to information; right to correction; right to deletion; right to restriction of processing; right to object; right to data portability; right to complain about unlawful processing of your personal data to the competent data protection authority.

However, as we do not have full access to your personal data, you should contact the social media providers directly when asserting your rights, as they have access to their users' personal data and can take appropriate measures and provide information.

Automated individual decision-making

We do not use purely automated processing to make decisions.