Privacy Policy for www.getbaito.com

    This privacy policy aims to inform you as a user about the collection of personal data on this website. We therefore place great importance on providing a transparent presentation of all essential information regarding the protection of your data. If there are still any uncertainties, questions, or need for clarification, please do not hesitate to contact us.

    (A) Controller

    The controller within the meaning of the General Data Protection Regulation (Art. 4 Para. 7 GDPR) and other national data protection laws and data protection provisions is:

    baito UG (haftungsbeschränkt)
    Silbersteinstraße 124, 10829 Berlin
    Email: max@getbaito.de

    Complete provider identification:www.getbaito.com/en/imprint

    These contact details are therefore relevant for all data protection questions regarding this website and for all your data protection claims.

     

    (B) Collection and Storage of Personal Data When Visiting Our Website

    Below we inform you about the data protection-relevant processes that take place when accessing our website.

    1. Log Files
    Every time you access our website, we automatically collect data and information from the computer system you use to access the website.
    The following data is collected:

    ○ Information about your browser type and version used

    ○ Information about your operating system

    ○ Information about your Internet service provider

    ○ Date and time of your access

    ○ Websites from which your system accesses our website

    ○ Websites accessed by your system through our website

    2. The data is stored in our system's log files and deleted after 3 months at the latest. This does not apply to your IP addresses or other data that enables the data to be assigned to you. The legal basis for the temporary storage of this data is Art. 6 Para. 1 lit. f GDPR.
    The collection and storage of data in log files is essential for providing and operating our website. Therefore, you have no right to object.

    3. Website Marketing
    We use "Facebook Pixel", operated by Facebook Ireland Ltd., to display advertisements more targeted and interest-based in the Facebook network. If you are logged into the Facebook Ireland Ltd. website while visiting our website, it can recognize that you have visited our website.
    For information about the purpose and scope of data collection by Facebook and your related rights, please refer to Facebook's privacy policy (https://www.facebook.com/about/privacy/). You can adjust your settings for advertisements on Facebook yourself (https://www.facebook.com/settings?tab=ads).
    The legal basis for this processing is Art. 6 Para. 1 lit. f GDPR.

    4. Website Analysis
    We use Google Analytics from Google Ireland Limited to analyze the use of our website. Google Analytics uses cookies to analyze website usage. The collected data (e.g., browser information, device type, source, length of stay) is transferred to Google servers in the USA. The legal basis for processing is Art. 6 Para. 1 lit. f GDPR.
    You can disable the use of cookies through appropriate settings in your browser or via a browser add-on (https://tools.google.com/dlpage/gaoptout).

    5. Marketing Campaign Tracking
    We advertise our services on other websites and evaluate advertising measures through tracking. This allows us to determine which users access our offer through advertisements. The legal basis is Art. 6 Para. 1 lit. f GDPR.

    Google Ads: Information about data processing by Google can be found in Google's privacy policy (https://policies.google.com/privacy).

    LinkedIn Ads: Further information can be found in LinkedIn's privacy policy (https://www.linkedin.com/legal/privacy-policy).

    6. Image Service
    We use Cloudinary Ltd., a cloud-based media management service that enables us to efficiently manage and provide media on our website. The legal basis for storing this data is Art. 6 Para. 1 lit. f GDPR. Privacy information can be found here:https://cloudinary.com/privacy.

     

    (C) Processing and Analysis of Resume Data

    On our platform, you can upload your resume to receive personalized job alerts and find suitable job offers. The processing of your resume data is carried out in compliance with GDPR and serves exclusively to optimize our job matching. Your data is analyzed using a large language model (LLM) hosted by Azure in Europe.

    The data is only used for analysis and is neither stored at Azure nor used for training purposes.

    Data Deletion: Your resume data can be deleted at any time and will be automatically removed when your account is deleted.

    The legal basis for processing your personal data in the context of resume analysis is Art. 6 Para. 1 lit. b GDPR.

     

    (D) Personalized Job Alerts and Matching

    Using the resume data you provide, we create personalized job alerts that enable precise matching between your professional qualifications and current job offers. This serves to show you the best possible job offers.

    The legal basis for data processing is Art. 6 Para. 1 lit. b GDPR.

     

    (E) Direct Contact Function for Recruiters and Impact Companies

    Our platform offers you the possibility to share anonymized details of your resume with selected recruiters and impact companies. This facilitates targeted approaches by suitable job providers.

    How the Direct Contact Option Works:

    ● When the function is activated, recruiters can send an invitation to make contact based on anonymized data.

    ● If you agree to a request, we will forward your complete resume to the respective party.

    Withdrawal of Settings: You can withdraw the settings for the direct contact function at any time, so that no further anonymized data will be shared.

    The legal basis for this data processing is Art. 6 Para. 1 lit. a GDPR (consent).

     

    (F) Extraction of Resume Data via LinkedIn

    Our platform offers you the possibility to use data from your LinkedIn profile to create a standardized resume. When you provide your LinkedIn profile URL, we extract the relevant information from your profile to create a normalized resume that can be used for job matching and the direct contact function on our platform.

    Process and Usage:

    ● After providing your LinkedIn profile URL, we copy the information from your profile (e.g., work experience, qualifications, and education).

    ● The extracted data is used exclusively for creating a standardized resume that is available for job matching and targeted approaches through the direct contact function.

    Right of Withdrawal: You can request at any time that the extracted LinkedIn data be deleted. You can also revoke your consent to the further use of LinkedIn data at any time.

    The legal basis for processing this data is Art. 6 Para. 1 lit. a GDPR (consent).

     

    (G) Contact

    You can contact us electronically via email or through a form on the website. In this case, the data you send to us will be stored.

    This includes:

    ● Your name

    ● Date of contact

    ● Your email address

    ● Any additional data you provide

    The legal basis for data processing is Art. 6 Para. 1 lit. b GDPR.

    The data will be deleted when it is no longer needed for the respective purpose.

     

    (H) Newsletter

    We offer a newsletter to inform you about our services. Registration takes place on our site. The dispatch is carried out via "SendGrid" (Twilio Inc.), which has committed to the TADPF (Trans-Atlantic Data Privacy Framework).

    You can revoke your consent to data processing at any time by using the unsubscribe link in the newsletter.

     

    (I) Use of Telegram

    We offer the Telegram messenger service for content. When using Telegram, we store the following personal data:

    ● Your Telegram ChatId

    ● Your profile name (firstName)

    ● Other data you share during communication

    Further information about data protection at Telegram:https://telegram.org/privacy.

     

    (J) Registration and Payment

    The following information concerns registration and use of a paid service. We use service providers like Stripe for the payment process.

    Payment Provider: Stripe Payments Europe Ltd. Privacy Notice:https://stripe.com/de/privacy.

    The legal basis for storing and processing this data arises from Art. 6 Para. 1 lit. b GDPR.

     

    (K) Processing in Third Countries in General

    Unless otherwise stated above, the processing of your personal data in third countries takes place exclusively in accordance with Art. 44 GDPR.

     

    (L) General Storage Duration

    Personal data is stored exclusively for as long as necessary for fulfilling the purpose or complying with the legal retention period. Resume data and other personal data related to the use of our services will be removed at the latest when the account is deleted.

     

    (M) Data Subject Rights

    You have the following rights:

    ● Right to information (Art. 15 GDPR)

    ● Right to rectification (Art. 16 GDPR)

    ● Right to erasure (Art. 17 GDPR)

    ● Right to restriction of processing (Art. 18 GDPR)

    ● Right to data portability (Art. 20 GDPR)

    ● Right to withdraw consent (Art. 7 Para. 3 GDPR)

    ● Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

     

    (N) Right to Object

    If your personal data is processed on the basis of legitimate interests, you have the right to object to the processing in accordance with Art. 21 GDPR.

    If you wish to exercise your right of withdrawal or objection, simply send an email to the email address mentioned above.