Our aim is to provide you with services, for which you can be sure that the personal data you provide will be processed in strict confidence and for the intended purpose, and that it is always you who decides on disclosure and transfer to third parties. You entrust us with your personal data and we reliably protect it in compliance with legal requirements. Here, we will provide you with detailed information about what data we collect and store on which occasion, why we do it, and how this data is processed. Your personal information and personal data are collected and stored with the utmost care and integrity and used only for the intended purpose. **Data controller and contact details** Edunet GmbH Luisenstr. 41 10117 Berlin Managing director: Jeniffer Muvai email: [jm@edunet.works](mailto:jm@edunet.works) Commercial register: HRB 264074 B District Court Berlin Charlottenburg **Data processor and contact details** Workconsult GmbH Harkortstrasse 5 04107 Leipzig phone +49 341 242560-0 fax +49 341 242560-19 email: [info@workconsult.de](mailto:info@workconsult.de) website: [www.workconsult.de](http://www.workconsult.de) Managing director Ralf Bultschnieder, Master of Business Administration, Master of Economics Commercial register: Leipzig District Court HRB 27707 **Contact details of the Data protection officer:** The data protection officer of our data processor's company will be happy to provide you with information or receive your suggestions on data protection:\ \ Vladyslav Prykhodko Workconsult GmbH office in Leipzig: Harkortstrasse 5 04107 Leipzig Germany phone: +49 341 242560-0 email: [vp@workconsult.de](mailto:vp@workconsult.de) website: [www.workconsult.de](http://www.workconsult.de) **Purposes of data processing** The purpose of data processing is the execution of the following tasks by the Controller: technical realization and support of the web application to enable the Social Enterprise Solutions. **Legal basis for data processing** The legal basis for data processing, in case the user registers voluntarily on his/her own initiative, is provided by Art. 6 para. 1 p. a GDPR as well as by Art. 9 para. 2 p. a GDPR – explicit consent of the data subject to the processing of his/her personal data for one or more specific purposes. **Types of personal data collected** \- Information and content provided by users (content, communications, and other information that users provide while using the community, including account registration information, content creation or sharing, as well as messaging or communicating with other users). \-Networks and Connectivity (information about the people, pages, accounts, hashtags, and groups that users are connected to and how users interact with them in the community. For example, people with whom users communicate the most, or groups the users join). **Categories of data subjects** Persons affected by data processing: website visitors, community users. **Storage of IP address** The IP address transmitted by web browsers is stored strictly for the purpose of detecting, limiting, and eliminating attacks on these web pages for a maximum period of seven days. After this period, the IP addresses will be deleted or anonymized. The legal basis for the storage of IP address is Art. 6 para. 1 p. 1 p. f GDPR. **Usage data** Access data is temporarily stored whenever a file is requested from this website. Each data set consists of the following: \- the name of the file \- the date and time of the request \- the amount of data transferred \-the access status (file transferred, file not found, etc.) \- the description of the type of the browser used \- the IP address of the requesting computer The stored data is analyzed exclusively for statistical purposes. The transfer to third parties, even in the form of extracts, does not take place. **Cookies** Due to technical reasons, we use temporary cookies (i.e. identifiers that a web server can send to your computer, also known as session cookies) to control your connection to our websites during the session. These cookies are automatically deleted when you leave the service, so no data is stored on your computer. The processing is based on Art. 6 para. 1 p. 1 p. f GDPR and in the interest of optimizing or enabling user guidance and customizing our website. You can set your browser so that it informs you about the placement of cookies. This makes the use of cookies transparent for you. However, we would like to point out that the functionality of the service is impaired if you do not accept the session cookies. **Use of the collected data** We need you to give us your personal data in the cases mentioned above so that we can provide you with certain services. We always collect only the data that is absolutely necessary for the fulfillment of the purpose. You can be sure that the data is only used for the purpose for which it is meant to be used. **Data security** We use technical and organizational security measures to protect your data managed by us against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security measures are continuously improved in line with technological developments. We have no liability for the actual process of data transmission over the Internet. No claims can be made against us for the loss of data for whatever reason as well. **Rights: Your rights as a user** When processing your personal data, the GDPR grants you as a website user the following rights: 1\. The right to information (Art. 15 GDPR): You have the right to obtain confirmation as to whether or not personal data concerning you are being processed; where that is the case, you have the right to access this personal data and the information specified in Art. 15 GDPR. 2\. The right to rectification and erasure (Art. 16 and 17 GDPR): You have the right to obtain without undue delay rectification of inaccurate personal data concerning you and, if necessary, to have incomplete personal data completed. You also have the right to obtain the erasure of personal data concerning you without undue delay if one of the grounds listed in Art. 17 GDPR applies, e.g. if the data are no longer necessary for the purposes for which they were collected. 3\. The right to restriction of processing (Art. 18 GDPR): You have the right to obtain restriction of processing if one of the conditions listed in Art. 18 GDPR applies, e.g. if you have objected to the processing of your personal data pursuant to Art. 21 GDPR or for the duration of verification whether our legitimate interests override your interests as a data subject. 4\. Right to data portability (Art. 20 GDPR): In certain cases, which are listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format or to request that this data be transmitted to a third party. 5\. Right to object (Art. 21 GDPR): If data is collected based on Art. 6 para. 1 p. 1 p. f GDPR (data processing for the protection of legitimate interests) or based on Art. 6 para. 1 p. 1 p. e GDPR (data processing for the protection of public interest or in the exercise of official authority), you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you. We will no longer process the personal data unless there are compelling grounds for the processing that override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. 6\. Right to lodge a complaint with a supervisory authority Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of data concerning you infringes Data Protection Regulation. The right to lodge a complaint can be asserted before a supervisory authority in the Member State of your place of residence, your place of work, or the place of the alleged infringement. \ **Automated decision-making** We do not use automated decision-making or profiling in the sense of making decisions that have legal effects or significant influence on the data subject (e.g. as with insurers or credit intermediaries). **Duration of the personal data storage** The personal data will be stored in a form that enables the identification of data subjects only for the period necessary for the mentioned purposes.