We would like to point out that data transmission over the Internet (e.g. communication by e-mail) may have security gaps. A complete protection of data against access by third parties is not possible. The security and confidentiality of your data is very important to us. Therefore, we take the utmost care and apply the necessary security standards to ensure the protection of your personal data.
1. Information on the collection of personal data
2. Your rights
3. Collection of personal data when using our webapp
4. Data processing by the operator(s) of social media platforms
5. Data processing by the operator(s) of other tools
6. International Transfer
7. Legal basis of the processing
(1) In the following we provide information about the collection of personal data when using our website or webapp. Personal data are all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.
(2) The person responsible in accordance with Art. 4 para. 7 of the EU Data Protection Regulation (EU) 2016/679 (DSGVO) is Florian Baum, Yucca Technologies, Bismarckstr. 90, Raum:BC 109, 47057 Duisburg, Germany (see our legal notice). You can reach our data protection officer at firstname.lastname@example.org or at our postal address with the addition “the data protection officer”.
(3) When you contact us by e-mail or via a contact form, we will store your e-mail address and, if you have provided it, your name and telephone number in order to answer your questions. We delete the data arising in this connection after storage is no longer necessary or – in the case of legal storage obligations – restrict processing.
(4) If we wish to use commissioned service providers for individual functions of our offer or to use your data for advertising purposes, we will inform you in detail about the respective processes below. We will also state the specified criteria for the storage period.
(1) You have the following rights in relation to the personal data concerning you:
- Right to information, Pursuant to Art. 15, paras. 1 and 2 of the DSGVO, you have the right to obtain information about your personal data processed by us. In this context, you also have the right to receive a copy of the personal data processed by us in accordance with Article 15, paragraphs 3 and 4 of the DPA.
- Right of correction or deletion, In accordance with Art. 16 DSGVO, you have the right to ask us to correct or complete your personal data. Pursuant to Art. 17, paras. 1 and 3 of the DSGVO, you have the right to request that your personal data processed by us be deleted. If we have made this data public, you also have the right, in accordance with Art. 17, paras. 2 and 3 DSGVO, to demand that we inform other responsible parties of your request to delete all links, copies or replications of this data.
- Right to object to the processing, Pursuant to Art. 21 paras. 1, 2, 5 and 6 DSGVO, you have the right to object to the processing of your personal data by us if this is done for the purpose of direct advertising and/or on the basis of a “legitimate interest” within the meaning of Art. 6 para. 1 sentence 1 letter f) DSGVO.
- Right to data portability In accordance with Art. 20 Paragraphs 1 and 2 of the DSGVO, you have the right to receive the personal data you have provided us with concerning your person in a structured, common and machine-readable format and to request that we transfer this data directly to another person responsible.
- Revocation of your consent: If you have given us permission to process your personal data, you can revoke this permission at any time, in total or with regard to individual processing purposes, in each case without giving reasons.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data in our company.
(1) When using the app, we collect the personal data described below to enable convenient use of the functions. If you would like to use our webapp, we collect the following data, which is technically necessary for us to offer you the functions of our webapp and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f DS-GVO):
In general we process and store the following data:
- IP address (in abbreviated anonymous form)
- Date and time of the request
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Operating system and its interface
- Language and version of the browser software.
We collect the following data trough our website:
- Basic contact data such as e-mail address and name of your contact person, company name, address, telephone number, preferred language, e-mail address of the invoice recipient, online IDs (e.g. device IDs, session IDs).
Date and time of consent (Consent Management Protocol).
When you use our contact form, we store the following data:
- First name, last name, e-mail address, telephone number (optional), message.
When you use our chatbot, we store the following data:
- At least indication of e-mail address.By using “Don’t use slack” button„Don’t use slack” button leads to a redirection to Google Survey or Mailchimp-Survey. The user enters the information which alternative he wants to use and finally enters his mail address.
By using “Don’t use slack” button
- „Don’t use slack” button leads to a redirection to Google Survey or Mailchimp-Survey. The user enters the information which alternative he wants to use and finally enters his mail address.
By using our webapp:
- From all users in the Slack Workspace to whom yuccaHR has been added, we save the Slack user name, the email address of the registered account, a user and workspace ID and a unique combination of user and workspace ID as well as one link to the user profile picture and the name of the workspace.
- In our webapp, roles can be created for the employee, which are automatically saved and can be an indication of the employee’s position or role in the company. This can also be used to draw conclusions about the employee’s relationship to the employer).
- Created content (news in the Journeys, roles and upcoming events) – not necessarily personal, but may be, depending on the use of the webapp.
- Encrypted password of the webapp.
- Images and attached messages by the users.
(2) In addition to the data mentioned above, cookies are stored on your computer when you use our webapp. Cookies are small text files that are stored in the device memory of your mobile device and assigned to the webapp you are using. Cookies allow certain information to flow to the party that sets the cookie (here: us). Cookies cannot execute programs or transfer viruses to your mobile device. They serve to make webapps more user-friendly and effective overall.
This webapp uses the following types of cookies, the scope and functionality of which are explained below:
- Persistent cookies:
Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can configure the settings of your mobile operating system and the webapp according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of our webapp.
The operator of the social media platform uses web tracking methods. The web tracking can also be carried out independently of whether you are logged in or registered on the social media platform. We have no influence on the webtracking methods of the social media platform. For example, we cannot switch them off.
Please be aware that it cannot be ruled out that the provider of the social media platform will use your profile and behavioral data to evaluate your habits, personal relationships, preferences, etc. In this respect I have no influence on the processing of your data by the provider of the social media platform.
More detailed information on data processing by the provider of the social media platform and further options for objection can be found in the provider’s data protection declaration.
Our pages integrate plugins from the social network Facebook, provider Facebook Inc. 1 Hacker Way, Menlo Park, California 94025, USA. You can recognize the Facebook plugins by the Facebook logo or the “Like Button” (“Like”) on our site. You can find an overview of the Facebook plugins here:
If you do not want Facebook to be able to assign visits to our Pages to your Facebook user account, please log out of your Facebook user account.
Functions of the Instagram service are integrated on our pages. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged in to your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to our sites with your account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.
We use the LinkedIn Insight tag. The LinkedIn Insight tag is provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
The LinkedIn Insight tag creates a unique LinkedIn browser cookie in a visitor’s browser and allows the following information to be collected for that cookie: metadata such as IP address, timestamp, and page events (such as page views).
Functions of the Twitter service are integrated on our pages. These functions are offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
You can change your privacy settings on Twitter in the account settings at https://twitter.com/account/settings/
The operator of the other tools uses web tracking methods. The web tracking can also be carried out independently of whether you are logged in or registered on the other´s tool platform. We have no influence on the webtracking methods of the other´s tool platform. For example, we cannot switch them off.
Please be aware that it cannot be ruled out that the provider of the other´s tool platform will use your profile and behavioral data to evaluate your habits, personal relationships, preferences, etc. In this respect I have no influence on the processing of your data by the provider of the other´s tool platform.
More detailed information on data processing by the provider of the other´s tool platform and further options for objection can be found in the provider’s data protection declaration.
On our website we handle payments via Adyen, among other things. The provider of this payment service is Adyen N.V. Simon Carmiggeltstraat 6-50, 1011 DJ, The Netherlands.
If you choose a paied plan, the payment details you enter will be transmitted to Adyen.
The transmission of your data to Adyen is based on art. 6 par. 1 letter a DSGVO (consent) and art. 6 par. 1 letter b DSGVO (processing for the fulfilment of a contract). You have the possibility to revoke your consent to data processing at any time. Revocation does not affect the effectiveness of data processing operations carried out in the past.
For further Information please see:
On our website we offer payment via Chargebee, among other things. The provider of this payment service is Chargebee Inc. 340 S Lemon Avenue, #1537 Walnut, California 91789, USA (hereafter “ChargeBee”).
If you choose to pay via ChargeBee, the payment details you enter will be transmitted to ChargeBee.
The transmission of your data to ChargeBee is based on art. 6 par. 1 letter a DSGVO (consent) and art. 6 par. 1 letter b DSGVO (processing for the fulfilment of a contract). You have the possibility to revoke your consent to data processing at any time. Revocation does not affect the effectiveness of data processing operations carried out in the past.
For further Information please see:
Our website uses the visitor action pixel of Facebook, Facebook Inc. 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) to measure conversion.
This allows us to track the behavior of site visitors after they have clicked on a Facebook ad to be directed to the provider’s website. This allows the effectiveness of the Facebook Ads to be evaluated for statistical and market research purposes and to optimize future advertising efforts.
The collected data is anonymous to us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Usage Policy. This allows Facebook to enable the placement of advertisements on pages of Facebook and outside of Facebook. This use of the data cannot be influenced by us as a site operator.
You can find further information on the protection of your privacy in the Facebook data protection information:
You can also disable the “Custom Audiences” remarketing feature in the Advertising Settings section at
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook to do this.
If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website:
We use the Google services Google Analytics, Google Analytics Remarketing, Google Ads, Google Search Ads 360, Google Tag Manager and Google Forms. These services are provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA, “Google”). Google has its headquarters in the so-called third country USA, which means that a level of data protection equivalent to that in the EU is generally lacking. However, Google is certified under the EU-U.S. Privacy Shield and thus offers an adequate level of data protection in accordance with Art. 45 DSGVO.
Within the framework of the agreement on commissioned data, which the website operator has concluded with Google Inc., the latter uses the information collected to create an evaluation of website use and website activity and provides associated services.
The data collected by Google on behalf of the website operator is used to evaluate the use of the online offer by individual users, e.g. to create reports on the activity on the website and to improve our online offer.
Google Analytics Remarketing allows you to link the created advertising target groups with the cross-device functions of Google Ads and Google Campaign Manager. In this way, interest-based, personalized advertising messages that have been adjusted on one device depending on the previous usage and surfing behavior of the website visitor can also be displayed on another device of the website visitor. This presupposes that the website visitor has given Google permission to do so. If such consent is given, Google will link the web and app browsing history to the personal Google Account for this purpose.
To support this feature, Google Analytics collects Google-authenticated visitor IDs that are temporarily linked to Google Analytics data to define and create target groups for cross-device advertising.
Visitors who have a Google Account can permanently opt-out of cross-device remarketing/targeting by deactivating personalised advertising in their Google Account (https://www.google.com/settings/ads/onweb/).
In the context of Google Ads, this website uses the so-called conversion tracking. When visitors click on an ad served by Google, a conversion tracking cookie is set. These cookies expire after 30 days and are not used to personally identify site visitors. If the user visits certain pages of this website and the cookie hasn’t expired, we can tell that the user clicked on the ad and was redirected to that page. The information collected using the conversion cookie is used to compile conversion statistics for us as AdWords customers. This tells us the total number of website visitors who clicked on an ad we placed and were redirected to a page with a conversion tracking tag. However, we do not receive any information that personally identifies website visitors.
We use Google AdWords Remarketing to advertise us across the Internet and to advertise on third party websites (including Google) to previous visitors of the website. AdWords remarketing will display ads to Users based on what parts of the our website they have viewed by placing a cookie on the Users’ web browser. It could mean that our advertises to previous visitors who haven’t completed a task on the site or this could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. This cookie does not in any way identify the User or give access to the Users’ computer or mobile device. The cookie is only used to indicate to other websites that the User has visited a particular page on the website, so that they may show the User ads relating to that page. If Users do not wish to participate in Google AdWords Remarketing, they can opt out by visiting Google’s Ads Preferences Manager:
Similar to the previous paragraph; the use of Search Ads 360 allows Google and its partner sites to serve ads based on previous visits to our or other sites on the Internet. The data collected in this context may be transferred by Google to a server in the USA for evaluation and stored there. In contrast to Google Ads, which is limited to the Google Search Network, Google Search Ads 360 enables the exchange of ads and keywords with several supported search engines.
To manage the Google Analytics tracking (see above) we use the Google Tag Manager service. The Google Tag Manager itself does not collect any personal data.
We use the services of Google Forms to conduct surveys. The data collected with a Google Forms form is stored on a cloud storage provided by Google for us, “Google Drive”. Further information on data processing in connection with Google Forms and Google Drive can be found in Google’s data protection information:
Our website uses on some of our websites the web analytics service hotjar of Hotjar Ltd, Level 2 St Julians Business Centre, 3, Elia Zammit Street St Julians STJ 1000, Malta, Europe +1 (855) 464-6788 email@example.com
This tool records movements on the observed web pages in so-called heat maps. This enables us to identify anonymously where visitors click and how far they scroll. This enables us to make our website better and more customer-friendly.
The protection of your personal data is very important to us when using this tool. All data is collected without us being able to assign it to specific users. We can only track how the mouse is moved, where clicked and how far scrolled. We also record the screen size of the device, the type of device, information about the browser, the country from which it was accessed and the preferred language. If personal information is displayed on a web page, Hotjar automatically hides it. They are therefore not traceable for us.
A “Do Not Track header” can prevent the use of the hotjar tool. In this case, no data is collected about the visit to our website. The browser must be set up accordingly. Instructions in German can be found at: http://www.akademie.de/wissen/do-not-track-datenschutz. The tool hotjar alone can also be deactivated using the opt out switch at https://www.hotjar.com/opt-out.
Further information about hotjar Ltd. and about the tool hotjar can be found at:
We use functions of HubSpot Inc, 2nd Floor, 25 First Street, Cambridge, MA 02141, USA (hereinafter referred to as HubSpot). This is an integrated software solution with which we cover various aspects of our online marketing. These include among others: Email marketing (newsletters and automated mailings, e.g. to provide downloads), social media publishing & reporting, reporting (especially traffic sources, access, etc.), contact management (especially user segmentation & CRM), landing pages and contact forms. HubSpot sets a cookie on your computer. It may be stored and analyzed personal data, especially the activity of the user (especially which pages have been visited and which elements have been clicked on), device and browser information (especially the IP address and operating system), data about the ads displayed (especially which ads were displayed and whether the user clicked on them) and also data from advertising partners (especially pseudonymized user IDs). The data may be transferred to servers of Hubspot in the USA. HubSpot has subjected itself to the Privacy-Shield-Agreement between the European Union and the USA and is certified. Thereby HubSpot commits itself to comply with the standards and regulations of European data protection law. Further information can be found in the following linked entry:
For more information on how HubSpot processes the data, click here:
The use of the HubSpot plug-in serves exclusively to optimize our marketing.
The legal basis for the processing of users’ personal data is in principle the consent of the user in accordance with Art. 6 Paragraph 1 S.1 lit. a DSGVO.
You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of the processing that took place on the basis of your consent until revocation.
You may prevent HubSpot from collecting and processing your personal data by preventing the storage of third-party cookies on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
For more information on how to object to and resolve issues with HubSpot, please see:
We use JOIN to carry out our services by our webapp. Join is brought to you by JOIN Solutions GmbH, Schönhauser Allee 36, 10435 Berlin, Germany.
The data processing by JOIN can essentially be divided into two categories:
- For the purpose of contract processing or for the provision of our platform, all data required for the execution of the platform usage agreement with JOIN is processed. If external service providers are also involved in the processing of the contract, e.g. companies that advertise jobs, optimization services, hosters, CRM tools, etc., your data will be passed on to them to the extent necessary in each case.
- When you access our platform, various information is exchanged between your terminal device and our server. This may also involve personal data. The information collected in this way is used, among other things, to further optimise our offer.
For further information please see JOIN´s privacy polivy:
This website uses the services of MailChimp for sending newsletters. Provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service to organize and analyze the sending of newsletters. If you enter data for the purpose of receiving newsletters (e.g. e-mail address), this data is stored on the servers of MailChimp in the USA.
MailChimp is certified according to the “EU-US-Privacy-Shield”. The “Privacy-Shield” is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.
With the help of MailChimp we can analyse our newsletter campaigns. When you open an e-mail sent with MailChimp, a file contained in the e-mail (so-called web-beacon) connects to the servers of MailChimp in the USA. This way it can be determined whether a newsletter message has been opened and which links have been clicked on. Furthermore, technical information is collected (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want to receive any analysis by MailChimp, you have to unsubscribe the newsletter. For this purpose we provide a corresponding link in every newsletter message. Furthermore you can unsubscribe the newsletter directly on the website.
The data processing is based on your consent (art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data that you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after the cancellation of the newsletter. Data, which was stored for other purposes (e.g. e-mail addresses for the member area) remain unaffected.
We use the LinkedIn advertising feature of LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland, “LinkedIn”). LinkedIn is based in the third country USA, which generally does not have an EU level of protection. However, LinkedIn is certified according to the EU-US Privacy Shield and thus offers an adequate level of protection for personal data in accordance with Article 45 DSGVO.
This function is used to target visitors with a LinkedIn user account with interest-based advertising on the LinkedIn social network.
A remarketing tag has been implemented on this website for this purpose. This tag is used to create a direct link to the LinkedIn servers when visitors visit the website, and to transmit to the LinkedIn servers which pages of our website have been visited by the visitors. LinkedIn associates this information with your LinkedIn user account, if you have one. Within LinkedIn, visitors to our site who are also LinkedIn members will see personalized LinkedIn advertisements and sponsored posts/messages based on their interests.
For further information please see:
We use Slack on pur homepage and webapp. Slack is privided by Slack Technologies, Inc.500 Howard Street San Francisco, CA 94105 USA.
We use the Slack-API especially for single sign on, registration process an providing our service to you within the slack ecosystem an workflows. Slack acts as a service for certain data processing activities and as a processor for other activities. The users data is transmitted from the Slack user to Slack via the Slack API (or another integration method). Slack then uses this data to complete the transaction within the slack ecosystem. In this role, Slack therefore acts as a processor of orders. However, Slack also uses the data to fulfill its regulatory obligations. In this role, Slack acts as a responsible party.
For further information please see:
As we are located in Germany while using Amazon’s AWS Data centre located in Frankfurt, Germany, any information you provide maybe be processed and stored in the USA, which means that the personal information of our EU residents may be kept in a jurisdiction that isless protective than that whichthe GDPR currently requiresas standard. In the event that we need to transfer such information from the EU to third-parties which are not subject to laws requiring the GDPR levels ofprotection, we will either enter into contracts which are based on the EU Standard Contractual Clauses with these parties or transfer information under the scope of the EU/US Privacy Shield.
(1) We process your personal data in accordance with Art. 6 para. 1 lit. a), b), c) and f) DSGVO. This means that we process personal data only if you have given your consent (lit. a)), to the extent necessary for the performance of a contract or pre-contractual measures (lit. b)), if we are legally obliged to do so (lit. c)) or if we have a legitimate interest in the processing (lit. f)).
(2) In the following reasons and purposes are given for processing your data:
- To personalize the experience.
- To improve our website.
- To identify someone as a contractor.
- To enable a quick registration.
- To set up a primary communication channel.
- To enable the automated handling of subscriptions.
- To create and display cookie statements for end users and store and display scan reports for you.
- To send emails at certain intervals (The email address you provide for order processing can be used to send you information and updates regarding your order. In addition, if you have accepted, you will occasionally receive company news, updates, information about related products or services, etc.). If at any time you wish to unsubscribe from receiving future emails, you can cancel your account by clicking “Delete My Account” after logging in.