The protection of your privacy when using our website is particularly important to us. In the following, we would like to inform you about when we process which data when you use our website.  


1. Provider / controller according to data protection law

This website is a service of the company 

eos.uptrade GmbH 

Schanzenstr 70 

20357 Hamburg 

Tel: +49 (0)40 80 80 700 

represented by Mathias Hüske and Babette Röder (Managing Directors) 

registered in the commercial register of Hamburg Local Court under HRB 79328 

You can find the complete imprint here: 


2. Contact information of the data protection organization 

The eos.uptrade data protection organization provides support in all matters relating to data protection. Complaints can also be made to the eos.uptrade data protection organization and the rights mentioned in this Privacy Policy can be asserted. The eos.uptrade data protection organization can be contacted at  


3. Competent supervisory authority

The Hamburg Commissioner for Data Protection and Freedom of Information, (HmbBfDI), Ludwig-Erhard-Str 22, 7th floor, 20459 Hamburg, Tel.: 040/42854-4040, Fax: 040/42854-4000, E-Mail:  


4. Basic principles

4.1 Lawfulness of data processing 

Your personal data is stored and processed by us on our website in compliance with the relevant statutory data protection regulations, in particular REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the General Data Protection Regulation - GDPR), the Federal Data Protection Act (BDSG) and other data-related laws (e.g. the Telecommunications Digital Services Data Protection Act (TDDDG)).  

Personal data is only collected and used if the processing of the data is permitted by law or with consent. The specific legal bases for the processing of personal data are listed below as part of the description of the individual data processing operations. 

4.2 Storage period 

Your personal data will be deleted or made unavailable as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which our company is subject. The data will also be made unavailable or deleted if a storage period prescribed by the aforementioned regulations expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract. 

4.3 Transfer of personal data 

When we transfer personal data, we do so primarily to service providers that support us in the fulfilment of the data processing described below. These companies may only use your personal data as so-called processors to fulfil their tasks on our behalf and are obliged to comply with the relevant data protection regulations. The processors we use are 

  • PARROT MEDIA GmbH, Bei der Gasanstalt 2-4, 23560 Lübeck (hosting of the website) 
  • Personio SE & Co KG, Seidlstraße 3, 80335 Munich (applicant portal) 
  • Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin (Job E-Mail-Newsletter) 

Otherwise, personal data will only be passed on to third parties if this is specified below in the description of the individual data processing operations or if we are legally obliged to do so in individual cases. 

4.4 Place of data processing 

The processing of your personal data stored by us takes place in countries of the European Union (EU) or the European Economic Area (EEA). With regard to any processing of personal data by service providers or other third parties based outside the EU/EEA, please refer to the descriptions of the individual data processing operations below. 


5. Collection of personal data when visiting our website, log files 

In principle, you can visit our website without telling us who you are. When you visit our website, we generally only learn 

  • the name of your internet service provider 
  • the website from which you visit us (referrer URL) 
  • the pages of our website that you visit 
  • date and time of access and the amount of data transferred 
  • notification of successful retrieval 
  • browser type and version of the requesting computer/device 
  • the operating system of the requesting computer/device 
  • the IP addresses of the requesting computer/device 

This information is only analyzed locally on our server for statistical purposes. As an individual user, you will always remain anonymous, and your personal data will of course not be merged unless you have expressly consented to this. There is no transfer of data to external systems. Cookies that are not technically necessary are not used. 

We store the IP address transmitted by your web browser for a period of seven days, during which time the IP address is anonymized daily. This is done in the interest of recognizing, limiting and eliminating attacks on our websites and servers. At the end of this period, we delete the IP address. 

The legal basis for the temporary storage of data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest in storing the above information in log files lies in particular in ensuring the security of our information technology systems. 

Right of objection: 

You have the right to object. The objection can be made by sending a message to the above contact information in Section 2 of the Privacy Policy. 


6. E-mail contact and contact form

There is a contact form on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask (mandatory and optional information) will be transmitted to us and stored.  

Alternatively, it is possible to contact us via the e-mail address provided by us. In this case, the user's personal data transmitted with the e-mail will be stored. 

No data will be passed on to third parties in this context. The data is used exclusively for processing the conversation. 

The legal basis for the processing of the data is Art. 6 para. 1 lit. f GDPR. If the contact is aimed at the conclusion of a contract or contract-like obligation, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. 

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For personal data sent by email or via the contact form, this is the case when the respective conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. 

Right of objection: 

If you contact us by e-mail or via the contact form, you can object to the storage of your personal data at any time. The objection can be made by sending a message to the above contact information in Section 2 of the Privacy Policy. In the event of an objection, the conversation cannot be continued and all personal data stored in the course of making contact will be deleted by us. 


7. Job e-mail newsletter

If you have registered to receive our job e-mail newsletter, we will use your e-mail address for the purpose of sending the newsletter. We use the "Brevo" tool of the service provider Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany, for the technical processing of the newsletter dispatch. 

With the help of Brevo, we are also able to analyze our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links have been clicked on. We can also recognize whether certain previously defined actions were carried out after opening/clicking (conversion rate).  

The legal basis for the processing of data for sending the newsletter and for data analysis is Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TDDDG if the user has given consent. 

The user's e-mail address will only be stored for the aforementioned purposes for as long as the user wishes to receive the Job e-mail newsletter. 


The user can revoke its consent to receive the Job e-mail newsletter and the associated data analysis at any time. The cancellation can be made in the newsletter itself or by sending an email to 


8. Use of cookies

Cookies are small text files that are stored on your computer. We only use the technically necessary session cookies listed below, which are necessary for the smooth functioning of our website:  


Technically unnecessary cookies and third-party cookies are not used. 

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. b and lit. f GDPR. Our legitimate interest is to simplify the use of the website for users. 

You can deactivate the use of cookies at any time via your browser or delete individual cookies that have already been set. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent. 


9. LinkedIn

Within our online offering, we link to our company profile on the LinkedIn service. This service is offered by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter "LinkedIn"). No social plugins are used in this context, i.e. no data is transferred to LinkedIn when you simply visit our website. If you click on the link to our company profile (LinkedIn logo), you will be automatically redirected to our company profile on LinkedIn. If you are logged in with your LinkedIn profile, LinkedIn will associate your visit to our LinkedIn page with your profile. You can prevent this by logging out of LinkedIn before visiting our LinkedIn page. 

LinkedIn processes your personal data when you visit our company profile. As the owner of the company profile, we have no influence on data processing by LinkedIn. You can find out which personal data is processed by LinkedIn and what data protection rights you have vis-à-vis LinkedIn in LinkedIn's privacy policy, which you can view at the following link: 


10. Applicant portal

To make the application process easier for job applicants, we provide you with the opportunity to apply online in our applicant portal. Further information and a separate privacy policy in the applicant portal can be found here .  


11. Linking to external content

As part of our online offer, you will find links to third-party websites over whose content we have no influence. We cannot accept any liability for this third-party content. We therefore expressly distance ourselves from the linked pages. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not recognizable at the time of linking. Should we become aware of any legal infringements, we will remove the corresponding link immediately. Please refer to the respective pages for the applicable data protection information, which you will generally find under "Data protection" or "Privacy policy". 


12. Your rights as a data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller: 

12.1 Right of access 

You have the right to request information as to whether data concerning you is being processed; if this is the case, you have the right to information about this personal data and to the information listed in detail in Art. 15 GDPR. 

12.2 Right to rectification 

You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, where applicable, the completion of incomplete personal data (Art. 16 GDPR). 

12.3 Right to restriction of processing 

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have lodged an objection to the processing, for the duration of the examination as to whether the objection can be upheld. 

12.4 Right to erasure 

You have the right to demand that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 GDPR applies in detail, e.g. if the data is no longer required for the purposes pursued and the statutory retention requirements do not prevent deletion. 

12.5 Right to data portability 

In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format so that you can transmit those data to a third party either yourself or - where technically feasible - through us. 

12.6 Right to object 

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e GDPR (data processing in the public interest) and Art. 6 para. 1 lit f GDPR (data processing on the basis of a balancing of interests) (Art. 21 GDPR); this also applies to profiling based on this provision (within the meaning of Art. 4 no. 4 GDPR). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims. 

12.7 Right to withdraw consent  

You have the right to revoke a declaration of consent given to us under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. 

12.8 Right to lodge a complaint with a supervisory authority 

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes data protection regulations. 

The contact details of the supervisory authority responsible for us can be found above in this Privacy Policy. 

12.9 Miscellaneous 

Please note that the aforementioned data subject rights may be restricted by EU law or applicable national law. 

To assert the above rights, please use the following contact information:   

eos.uptrade GmbH 

Schanzenstr 70 

20357 Hamburg 

Tel: +49 (0)40 80 80 700 

Enquiries that are submitted to us electronically will generally be answered electronically unless you have specified otherwise in your enquiry. 


13. Data security

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. 

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. 


14. Update of the Privacy Policy

The constant development of the Internet and the frequent associated changes to the applicable legal standards make it necessary to adapt our Privacy Policy from time to time. You can access the current Privacy Policy at any time on our website. 


Hamburg, May 2024