Data protection

Notes on data protection

We welcome you to our website and appreciate your interest. Vow to the new takes the protection of personal data seriously. Therefore, we would like to inform you in the following which data of your visit will be used for which purposes.

Privacy policy

With this data protection declaration, we would like to inform you about how your data is processed when you use our website. In particular, the data protection declaration informs you about the extent to which, the manner in which and the purpose for which your personal data is processed. Your data will be processed in compliance with the applicable data protection regulations. With regard to the terms used in the data protection declaration, we refer to Art. 4 DSGVO.

1. responsible party

vow to the new GmbH & Co. KG
Hansaring 12
50670 Köln
T +49 221.67770367
hello@vowtothenew.com

2. legal basis for processing

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6(1)(a) DSGVO serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as processing of personal data is necessary for compliance with a legal obligation to which we are subject, Article 6(1)(c) DSGVO serves as the legal basis.

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Article 6(1)(d) DSGVO serves as the legal basis.

In the event that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, Article 6(1)(e) DSGVO is the legal basis.

If the processing is necessary to protect a legitimate interest or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Article 6 (1) lit. f DSGVO serves as the legal basis for the processing. Our legitimate interest lies in the performance of our business activities.

3. collection of general data and information

When calling up our website, we collect data and general information provided to us by the browser of your terminal device.

We collect and use the following access data/log files when you use our website:

/ IP address of the requesting computer (if applicable: in anonymized form)
/ Date and time of access
/ Method (POST/GET)
/ URL
/ referring website
/ client/browser
/ operating system

This data is processed for the purpose of enabling the use of the website (connection establishment), system security, technical administration of the network infrastructure and optimization of the Internet offer, thus based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO and to protect users and other unauthorized use. A transfer of this data to third parties or any other evaluation does not take place. The collected data is not used, a personal user profile is not created.

4. processing of personal data when contacting us

When inquiries are sent to us via contact form or e-mail, personal data is processed for their handling. Which data is collected when using the communication channels can be seen from the contact form or depends on your message by mail. This data is used for the purpose of responding to your request or for contacting you. The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted after final processing of your request and the deletion does not conflict with any legal retention obligations.

5. rights of the data subject

a) Right to information

According to Art. 15 DSGVO, you have the right to request information about the personal data we process.

In particular, you can request information about what data is processed for what purpose and to whom it may be disclosed.

b) Right of rectification

According to Art. 16 DSGVO, you have the right to correct incorrect or complete incomplete data.

c) Right to erasure and restriction of processing.

Pursuant to Art. 17 DSGVO, you may request the erasure of your data on the basis of the grounds stated therein. If erasure is not possible, a restriction of the processing of your personal data must take place in accordance with Art 18 DSGVO.

d) Right to data portability

According to Art. 20 DSGVO, you have the right to receive your data in a structured, common and machine-readable format and to transfer it to another controller.

e) Right to complain

Art. 77 DSGVO gives you a general right to complain to the competent supervisory authority.

6. right of withdrawal

In accordance with Art. 7 (3) DSGVO, you can revoke a consent given to us at any time with effect for the future.

The revocation can be made via the contact data named above.

7. Right of objection

In accordance with Art. 21 DSGVO, you may object at any time to the processing of data collected on the basis of a legitimate interest, provided that there is a reason for doing so named in Art. 21 DSGVO.

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) DSGVO (data processing in the public interest) and Article 6(1)(f) DSGVO (data processing on the basis of a balance of interests).

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

8. data protection in the context of job applications

In the context of applications, we collect personal data for the purpose of processing the application procedure. These are based on the information you provide. In particular, we require your name, address, contact details, description of work experience and skills for an application. The personal data will only be used to process the application.

After the application process has been completed, your applicant data will be deleted unless you have given your separate consent for the data to be stored beyond this (e.g. for inclusion in an applicant pool for future positions). Applicant data will be deleted no later than 3 months after the rejection has been sent, if we have not received any legal action or assertion, e.g. in proceedings under the General Equal Treatment Act (AGG), by this time.

The legal basis for the data processing of applicant data is Art. 6 para. 1 p. 1 lit. b DSGVO or § 26 para. 1 BDSG (new). If you have given us your consent to store applicant data for a longer period of time, the legal basis is Art. 6 para. 1 p. 1 lit. a DSGVO.

9. newsletter

Furthermore, personal data is processed when you subscribe to our newsletter. The data you provide for the newsletter (e.g. name and e-mail address) will be used by us for our own advertising purposes and other electronic notifications with promotional information about our products, offers, promotions and our company for our newsletter, after you have expressly consented to this.

You can unsubscribe from the newsletter at any time via a link provided in the newsletter e-mail or by sending us a corresponding message, thereby revoking your consent. After you have unsubscribed, your e-mail address will be deleted from our newsletter distribution list immediately, provided that there are no legal retention obligations to the contrary.

For our legitimate interests pursuant to Art. 6 Para. 1 lit. f DSGVO, we use a service provider for the user-friendly and secure sending of the newsletter and carry out statistical surveys and analyses as well as logging of the registration process.

The newsletter is sent and processed using the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA ("Mailchimp"). More about Mailchimp and data security at Mailchimp at: https://mailchimp.com/legal/privacy/ https://mailchimp.com/legal/privacy/

MailChimp is certified under the Privacy Shield agreement: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active

The newsletter we send contains a so-called pixel tag via which technical information such as IP address, browser, operating system, retrieval, retrieval time and clicked links are collected when the customer opens the newsletter. This information is used for technical improvement and better adaptation of our newsletter service for customers.

Translated with www.DeepL.com/Translator (free version)

10. use of cookies

Cookies are small data packets that are transferred between us and the user. The data is transferred from our server to the user's browser and is stored there on the end device for later retrieval. Cookies do not cause any damage to the user's terminal device and do not contain viruses.

In order to make visiting our website attractive and to enable the use of certain functions, we use cookies on our site for legitimate interest according to Art. 6 para. 1 lit. f. DSGVO cookies.

The cookies can be transmitted to a page when it is called up and thus enable the user to be identified. Cookies help to simplify the use of Internet pages for users. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser. Other cookies remain on your terminal device and enable us to recognize your browser on your next visit.

Preventing access through cookies

You can set your browser so that you are informed about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Cookies that have been set can be deleted. For the browsers mentioned below, you can find more about cookie settings under the following links:

Please note that if you do not accept cookies, the functionality of our website may be limited.

11. use of Google Analytics

Based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO, we use Google Analytics to analyze our offers. The legitimate interests here consist of the needs-based design and continuous optimization of our online offerings. This is particularly because the data of our visitors is anonymized and we do not create user-specific profiles.

Google Analytics is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookies about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area, so that it is no longer possible to clearly assign the IP address. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Google has submitted to the EU-US Privacy Shield, whereby they undertake to comply with European data protection law. You can find more information about this here: https://www.privacyshield.gov/EU-US-Framework.

Preventing access by Google Analytics.

You can prevent the storage of cookies by selecting the appropriate settings on your browser software.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

We point out that you may not be able to use all features of the website in full if you prevent the use of Google Analytics.

12. use of the Google Tag Manager

We use the Google Tag Manager. This allows us to manage website tags via an interface. Only tags are implemented through the service, so no personal data is collected. In addition, the Google Tag Manager does not use cookies.

You can find more information about Google Tag Manager here: https://www.google.com/intl/de/tagmanager/.

13. Audio & Video

What are audio and video elements?

We have integrated audio and video elements on our website so that you can watch videos or listen to music/podcasts directly via our website. The content is provided by service providers. All content is therefore also obtained from the corresponding servers of the providers. These are integrated functional elements of platforms such as YouTube, Vimeo or Spotify. The use of these portals is usually free of charge, but paid content can also be published. With the help of these embedded elements, you can listen to or view the respective content via our website. If you use audio or video elements on our website, your personal data may also be transmitted to the service providers, processed and stored.

Why do we use audio & video elements on our website?

Of course we want to provide you with the best offer on our website. And we are aware that content is no longer conveyed merely in text and static images. Instead of just giving you a link to a video, we offer audio and video formats directly on our website that are entertaining or informative and ideally even both. This enhances our service and makes it easier for you to access interesting content. Thus, in addition to our texts and images, we also offer video and/or audio content.

What data is stored by audio & video elements?

When you call up a page on our website that has an embedded video, for example, your server connects to the service provider's server. This also transfers data from you to the third-party provider and stores it there. Some data is collected and stored regardless of whether or not you have an account with the third-party provider. This usually includes your IP address, browser type, operating system and other general information about your end device. Furthermore, most providers also collect information about your web activity. This includes, for example, session duration, bounce rate, which button you clicked on or via which website you use the service. All this information is usually stored via cookies or pixel tags (also called web beacons). Pseudonymised data is usually stored in cookies in your browser. You can always find out exactly what data is stored and processed in the privacy policy of the respective provider.

Duration of data processing

You can find out exactly how long the data is stored on the servers of the third-party providers either below in the data protection text of the respective tool or in the privacy policy of the provider. In principle, personal data is only processed for as long as is absolutely necessary for the provision of our services or products. As a rule, this also applies to third-party providers. In most cases, you can assume that certain data will be stored on the servers of third-party providers for several years. Data can be stored for different lengths of time specifically in cookies. Some cookies are deleted as soon as you leave the website, others may be stored in your browser for several years.

Right of objection

You also have the right and the possibility to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating or deleting cookies in your browser. The lawfulness of the processing until the revocation remains unaffected. Since the integrated audio and video functions on our site usually also use cookies, you should also read our general data protection declaration on cookies. You can find out more about the handling and storage of your data in the data protection declarations of the respective third-party providers.

Legal basis

If you have consented that data from you can be processed and stored through integrated audio and video elements, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated audio and video elements if you have given your consent.

14. Vimeo Privacy Policy

What is Vimeo?

We also use videos from the company Vimeo on our website. The video portal is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. With the help of a plug-in, we can show you interesting video material directly on our website. In the process, certain data may be transferred from you to Vimeo. In this privacy policy, we will show you what data is involved, why we use Vimeo and how you can manage or prevent your data or the data transfer. Vimeo is a video platform that was founded in 2004 and has made it possible to stream videos in HD quality since 2007. Since 2015, it has also been possible to stream in 4k Ultra HD. The use of the portal is free of charge, but paid content can also be published. Compared to the market leader YouTube, Vimeo places priority on high-quality content. On the one hand, the portal offers a lot of artistic content such as music videos and short films, but on the other hand, it also offers documentaries on a wide variety of topics that are worth knowing.

Why do we use Vimeo on our website?

The aim of our website is to provide you with the best possible content. And to do so as easily accessible as possible. Only when we have achieved this are we satisfied with our service. The video service Vimeo helps us to achieve this goal. Vimeo gives us the opportunity to present you with high-quality content directly on our website. Instead of just giving you a link to an interesting video, you can watch the video directly on our website. This expands our service and makes it easier for you to access interesting content. Thus, in addition to our texts and images, we also offer video content.

What data is stored on Vimeo?

When you call up a page on our website that has a Vimeo video embedded, your browser connects to the Vimeo servers. This results in a data transfer. This data is collected, stored and processed on the Vimeo servers. Regardless of whether you have a Vimeo account or not, Vimeo collects data about you. This includes your IP address, technical information about your browser type, operating system or very basic device information. Furthermore, Vimeo stores information about which website you use the Vimeo service and what actions (web activities) you perform on our website. These web activities include, for example, session duration, bounce rate or which button you clicked on our website with a built-in Vimeo function. Vimeo may track and store these actions using cookies and similar technologies. If you are logged in to Vimeo as a registered member, more data can usually be collected as more cookies may have already been set in your browser. In addition, your actions on our website are directly linked to your Vimeo account. To prevent this, you must log out of Vimeo while "surfing" on our website. Below we show you cookies that are set by Vimeo when you are on a website with an integrated Vimeo function. This list is not exhaustive and assumes that you do not have a Vimeo account.

Name: player
Value: “”
Purpose: This cookie saves your settings before you play an embedded Vimeo video. This way, the next time you watch a Vimeo video, you will get your preferred settings again.
Expiry date: after one year

Name: vuid
Value: pl1046149876.614422590312473115-4
Purpose: This cookie collects information about your actions on websites that have a Vimeo video embedded.
Expiry date: after 2 years

Note: These two cookies are always set as soon as you are on a website with an embedded Vimeo video. When you watch the video and click on the button to "share" or "like" the video, for example, other cookies are set. These are also third-party cookies such as _ga or _gat_UA-76641-8 from Google Analytics or _fbp from Facebook. Exactly which cookies are set here depends on your interaction with the video. The following list shows a sample of possible cookies that are set when you interact with the Vimeo video:

Name: _abexps
Value: %5B%5D
Purpose: This Vimeo cookie helps Vimeo to remember the settings you have made. This can be, for example, a preset language, a region or a user name. In general, the cookie stores data about how you use Vimeo.
Expiry date: after one year

Name: continuous_play_v3
Value: 1
Purpose: This cookie is a first-party cookie from Vimeo. The cookie collects information about how you use the Vimeo service. For example, the cookie records when you pause or replay a video.
Expiry date: after one year

Name: _ga
Value: GA1.2.1522249635.1578401280312473115-7
Purpose: This cookie is a third-party cookie from Google. By default, analytics.js uses the cookie _ga to store the user ID. Basically, it is used to distinguish website visitors.
Expiry date: after 2 years

Name: _gcl_au
Value: 1.1.770887836.1578401279312473115-3
Purpose: This third-party cookie from Google AdSense is used to improve the effectiveness of advertisements on websites.
Expiry date: after 3 months

Name: _fbp
Value: fb.1.1578401280585.310434968
Purpose: This is a Facebook cookie. This cookie is used to display advertisements or advertising products from Facebook or other advertisers.
Expiry date: after 3 months

Vimeo uses this data, among other things, to improve its own service, to communicate with you and to set its own targeted advertising measures. Vimeo emphasises on its website that only first-party cookies (i.e. cookies from Vimeo itself) are used for embedded videos as long as you do not interact with the video.

How long and where is the data stored?

Vimeo has its headquarters in White Plains in the state of New York (USA). However, the services are offered worldwide. The company uses computer systems, databases and servers in the USA and also in other countries. Your data can therefore also be stored and processed on servers in America. The data remains stored by Vimeo until the company no longer has an economic reason for storing it. Then the data will be deleted or anonymised.

How can I delete my data or prevent data storage?

You always have the option to manage cookies in your browser according to your wishes. For example, if you do not want Vimeo to set cookies and thus collect information about you, you can delete or deactivate cookies in your browser settings at any time. Depending on the browser, this works a little differently. Please note that after deactivating/deleting cookies, various functions may no longer be available to the full extent. Under the section "Cookies" you will find the corresponding links to the respective instructions of the most popular browsers. If you are a registered Vimeo member, you can also manage the cookies used in the settings at Vimeo.

Legal basis

If you have consented that data from you can be processed and stored through embedded Vimeo elements, this consent is considered the legal basis for data processing (Art. 6 para. 1 lit. a DSGVO). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated Vimeo elements if you have given your consent. Vimeo also sets cookies in your browser to store data. We therefore recommend that you read our privacy policy on cookies carefully and consult the privacy policy or cookie policy of the relevant service provider. Vimeo also processes data from you in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may be associated with various risks for the lawfulness and security of the data processing. Vimeo uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO) as the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data comply with European data protection standards even if they are transferred to third countries (such as the USA) and stored there. Through these clauses, Vimeo undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de More information on the standard contractual clauses at Vimeo can be found at https://vimeo.com/privacy#international_data_transfers_and_certain_user_rights. You can find out more about the use of cookies at Vimeo at https://vimeo.com/cookie_policy, and information on data protection at Vimeo can be found at https://vimeo.com/privacy. All texts are protected by copyright.

15. online presences in social media

We maintain online presences within social networks and platforms in order to communicate with customers, interested parties and users active there and to be able to inform you about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of the respective provider apply. Particularly with regard to a detailed presentation of the respective processing and the options to object (opt-out), we refer to the information of the providers linked below. Also with regard to the assertion of data subject rights, we point out that these can best be asserted with the respective provider, as only the provider has access to your data.

Unless otherwise stated in our privacy policy, we process the data of users insofar as they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.

LinkedIn: Social network; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland;

Website: https://www.linkedin.com

Privacy policy: https://www.linkedin.com/legal/privacy-policy

Privacy Shield (guaranteeing the level of data protection for data processing in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active Opt-out option: : https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Xing: Social network; service provider: New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung

14. disclosure of data to third parties

The personal data entered by the data subject is collected and stored exclusively for internal use by the data controller and for its own purposes. Within our company, those internal offices or organizational units will receive your data that require it to fulfill our contractual and legal obligations or in the context of processing and implementing our legitimate interest. The controller may use subcontractors to provide and fulfill its services or arrange for the transfer to one or more processors who also use the personal data exclusively for an internal use attributable to the controller, e.g. in connection with the processing of contracts; for the purposes of fulfilling legal requirements under which we are obliged to provide information, report or transfer data or the transfer of data is in the public interest; insofar as external service companies process data on our behalf as processors or function transferees (e.g. e.g. external data centers, support/maintenance of EDP/IT applications, archiving, data destruction, purchasing/procurement, customer management, lettershops, website management, auditing services, credit institutions, printers or companies for data disposal, courier services, logistics); on the basis of our legitimate interest or the legitimate interest of the third party (e.g. to authorities, credit agencies, debt collection, lawyers, courts, appraisers, affiliated companies and supervisory bodies).

15. legal obligation to process

Like anyone who participates in economic activity, we are subject to a variety of legal obligations. Primarily, these are legal requirements (e.g., commercial and tax laws), but also, where applicable, regulatory or other official requirements. The purposes of processing may include the fulfillment of control and reporting obligations under tax law as well as the archiving of data for purposes of data protection and data security as well as auditing by tax and other authorities. In addition, the disclosure of personal data may be necessary in the context of official/court measures for the purposes of gathering evidence, criminal prosecution or enforcement of civil claims.

16. data security

In order to prevent unauthorized access or disclosure, to ensure the accuracy of the data and to ensure the authorized use of the data, we have set up technical and organizational procedures in accordance with Art. 32 DSGVO to secure and protect the data we collect online. We secure our website and other systems against manipulation, loss, destruction, access, modification or distribution of your data by unauthorized persons.

17. deletion and blocking of personal data

We delete or block personal data collected by us in accordance with Art. 17 and 18 DSGVO.

We store and process personal data only as long as this is necessary to achieve the purpose of storage. Storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which we are subject. In this case, the data will be blocked for other purposes.

As soon as the storage purpose ceases to apply or a storage period prescribed by the aforementioned regulations expires, the personal data will be routinely blocked or deleted.

18. questions and hints

The version of the data protection declaration available online at the time of your visit always applies to the use of our website. We reserve the right to change or update this data protection declaration due to further development of the website or changed legal or official requirements.

We ask our users to inform themselves regularly about the content of the data protection declaration.

If you have any further questions on the subject of data protection with regard to our website, you can contact us at the e-mail address given above. We will then try to answer your questions and clear up any possible concerns.

Status: May 2023