In accordance with the requirements of Article 13 GDPR, we hereby inform you about the processing of your personal data collected by us (hereinafter referred to as “data”) and about your related rights. Which data we process in detail depends on the services requested by or agreed with you.
The controller responsible for the processing of your data is DEVDEER GmbH, Herderstraße 31, 39108 Magdeburg. You can contact us by email at hello@devdeer.com or by telephone at +49 391 5568005-0.
You can contact our data protection officer at Metzeler-DS, Halberstädter Straße 90, 39112 Magdeburg, by email at hallo@metzeler-ds.de or by telephone at +49 391 59776307.
The provision of data by you is generally voluntary. However, for certain processing activities, the provision of data is required, as we would otherwise not be able to process our or your requests, for example to enter into a contractual relationship.
If the provision of data is mandatory, for example for the processing of a contract or order or for the provision of certain functions of a website or an online shop, no right of objection can be exercised.
Where possible, for example in contact or contract forms, we distinguish between optional fields and mandatory fields. Mandatory fields are marked as such. Data from mandatory fields contain information that we require in order to process your request.
Profiling (Article 4(4) GDPR) describes a form of automated processing of data consisting of the use of personal data to evaluate, analyse or predict certain personal aspects relating to a natural person, such as work performance, economic situation, health or personal preferences. We do not use automated decision-making or profiling.
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The legal bases for processing depend on the respective purpose and therefore differ. The specific processing activities are described in the subsections below.
The following general principles apply at all times, independently of or in addition to the provisions specified for the individual processing activities:
Our website is built using the Next.js web framework. Only technically necessary processes are used to deliver the website content. In doing so, the browser may use temporary storage mechanisms to correctly display the content. No cookies are stored.
Article 6(1)(f) GDPR (legitimate interest in the technically and visually proper delivery of the website and anonymous statistical evaluation) as well as Section 25(2) sentence 2 TTDSG.
The storage period for telemetry data and locally stored data is generally one year or until you request deletion or delete the data yourself in your browser.
We provide you with the option to contact us via forms.
The legal basis is Article 6(1)(b) GDPR (pre-contractual and contractual measures).
The storage period for form data depends on its purpose, i.e. until it has been fulfilled or until you request deletion.
We process data that is related to the establishment of a contract or pre-contractual measures. This includes general data relating to you or persons within your organisation (name, address, contact details, etc.) as well as any additional data that you provide to us in the context of entering into the contract.
The legal basis is Article 6(1)(b) GDPR (performance of a contract) and Article 6(1)(a) GDPR (your consent). Your consent may be withdrawn at any time with effect for the future.
The storage period for form data depends on its purpose, i.e. until it has been fulfilled or until you request deletion.
We process data that is required for the establishment, performance and termination of the employment relationship. This includes personal status data, contact data, qualifications, working hours, salary data, social security contributions and similar data that you provide to us in the context of entering into the contract (your application) or that is determined and calculated during the course of the employment relationship.
Where necessary, additional personal data may be processed that is not listed here. In such cases, you will receive additional privacy information on a case-by-case basis.
Article 6(1)(b) GDPR (performance of a contract)
Article 6(1)(c) GDPR (legal obligation)
In the case of inclusion in the applicant pool: Article 6(1)(a) GDPR (consent)
Personnel data is stored for the duration of the employment relationship and for an additional four years thereafter, provided that no statutory requirements or legal disputes prevent deletion.
Applicant data is stored for up to six months after completion of the application process. Storage is extended if it is apparent that the data will continue to be required, for example in the event of a legal dispute.
Further storage may take place if you have given corresponding consent for inclusion in the applicant pool or if statutory retention obligations prevent deletion.
For efficient business operations, we use third-party providers as processors in several places to whom we transfer data. This includes the following services.
We use the service “Calendly” to schedule appointments, which operates via an external website. When you use this service, certain technical data is transferred to Calendly. A data processing agreement has been concluded with Calendly.
In addition to appointment data, further personal data is processed. Details can be found in Calendly’s privacy policy.
Article 6(1)(a) GDPR (consent). Consent may be withdrawn at any time with effect for the future.
The storage period of the data depends on its purpose, i.e. until it has been fulfilled or until you request deletion. In addition, Calendly’s retention periods as set out in its privacy policy apply.
We strive to carry out all processing activities within the European Union or in countries for which an adequacy decision by the European Commission exists.
In the context of engaging external service providers, personal data may in individual cases be transferred to service providers in third countries.
Processing in third countries takes place only in compliance with the requirements of Articles 44 et seq. GDPR, in particular on the basis of appropriate safeguards or your consent.
If we make use of such services in the future as part of our business development, we will inform you of this in this privacy information and indicate it in the respective processing activity.
We have implemented technical and organisational measures to ensure the security of the processing of your personal data.
As a data subject, you are entitled to the rights arising from Articles 7 and 15 to 22 GDPR.
Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data is not lawful.
Status: October 2025