We are very delighted that you have shown interest in our website and services. Data protection is of a particularly high priority for AFLE Betriebs GmbH. The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR) and in accordance with applicable national data protection regulations.
By means of this Privacy Policy, we would like to inform you about the nature, scope, and purpose of the personal data we collect, use, and process, as well as your rights as a data subject.
If you have any questions regarding data protection, please contact us at info@aflepro.com.
1. Name and address of the controller
Controller pursuant to Art. 4 (7) GDPR is:
Höltystraße 8
22085 Hamburg
Germany
E-mail: info@aflepro.com
Website: www.aflepro.com
2. Data protection officer
BSP. Compliance & Solutions GmbHIris Duch
Vorsetzen 35
20459 Hamburg
3. General information on data processing
3.1 Legal bases for processing
We process personal data on the following legal bases:
- Art. 6(1)(a) GDPR – consent
- Art. 6(1)(b) GDPR – performance of a contract or pre-contractual measures
- Art. 6(1)(c) GDPR – legal obligation
- Art. 6(1)(f) GDPR – legitimate interests
3.2 Recipients and processors
We may engage service providers (processors) who process personal data on our behalf (Art. 28 GDPR), e.g. hosting providers, analytics providers, consent management providers, payment service providers, or IT service providers.
All processors are contractually bound to process personal data only in accordance with our instructions.
3.3 Third-party websites
Our website may contain links to external websites. We have no influence on the content or data protection practices of third-party websites and assume no liability for them.
3.4 Data security
We use appropriate technical and organizational measures to protect personal data, including SSL/TLS encryption for data transmission.
4. Server log files
When you visit our website, the following data is automatically collected and stored in server log files:
- browser type and version
- operating system
- referrer URL
- pages accessed
- date and time of access
- IP address
- internet service provider
Purpose of processing
- ensuring website functionality and security
- error analysis
- protection against misuse and cyber-attacks
Legal basis: Art. 6(1)(f) GDPR (legitimate interest)
Storage period: Server log files are deleted after 7 days, unless longer storage is required for security or legal reasons.
5. Cookies and consent management (Usercentrics)
5.1 General information on cookies
Our website uses cookies and similar technologies to ensure proper functionality, security, and – where consent is given – analytics and marketing. Cookies are small text files stored on your device.
5.2 Usercentrics consent management platform (CMP)
We use Usercentrics as a consent management platform to obtain, manage, and document user consent for cookies and similar technologies.
Provider:
Usercentrics GmbH
Sendlinger Straße 7
80331 Munich
Germany
Purpose of processing
- obtaining and documenting consent
- enabling consent-based control of cookies and services
Legal basis: Art. 6(1)(c) GDPR (legal obligation); Art. 6(1)(f) GDPR (legitimate interest in legally compliant consent management)
Usercentrics stores consent information (e.g. consent status, timestamp, anonymized IP address).
5.3 Cookie categories
Depending on your consent selection, we may use:
- essential cookies
- analytics cookies (only with consent)
- marketing cookies (only with consent)
You can change or withdraw your consent at any time via the cookie settings.
6. Contact via e-mail or contact form
If you contact us via e-mail or contact form, we process the data you provide (e.g. name, e-mail address, message).
Legal basis: Art. 6(1)(b) GDPR (contractual or pre-contractual communication) or Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries)
Storage period: Your data will be deleted once your inquiry has been fully processed, unless statutory retention obligations apply.
7. Newsletter
If a newsletter is offered, it will only be sent after explicit consent.
Legal basis: Art. 6(1)(a) GDPR
You may withdraw your consent at any time by using the unsubscribe link or contacting info@aflepro.com.
8. Social media links
We integrate social media platforms via linked graphics. No data is transmitted to the respective provider until you actively click on the link.
Once clicked, the respective provider may process personal data (e.g. IP address, visit information).
Integrated platforms (linked only)
Facebook / Instagram – Meta Platforms Ireland Ltd.
https://www.facebook.com/policy.php
YouTube – Google Ireland Limited
https://policies.google.com/privacy
X (Twitter) – X Corp.
https://twitter.com/privacy
Data processing may take place outside the EU/EEA.
9. AFLE Live Content Collective (LCC) – Application Data
We collect and process personal data from users who apply to the AFLE Live Content Collective program.
Data collected
- First and last name
- Country of residence
- Email address and phone number
- Main and secondary role/professional interests
- Short introduction/biography (max. 500 characters)
- LinkedIn profile URL
- Portfolio/website links
- Market interest (region)
- Salary expectation
Purpose of processing
- evaluation and selection of candidates for the LCC program
- contacting applicants regarding their application
- building a talent pool for future project opportunities
- general communication about program updates (with prior consent)
Legal basis
Art. 6(1)(b) GDPR (contract/negotiation) and Art. 6(1)(f) GDPR (legitimate interest in talent management and program administration).
Recipients
- AFLE Betriebs GmbH staff members responsible for talent acquisition
- Email hosting providers (necessary for communication)
- MongoDB Atlas (secure cloud database for application storage)
Storage period
Application data is stored for 12 months after submission. If an applicant is accepted into the LCC program, data may be retained longer for contract management purposes. Applicants can request deletion of their data at any time.
Third-country transfer
Data may be processed in the USA via MongoDB Atlas. Appropriate safeguards (EU Standard Contractual Clauses) are in place.
Your rights
You can request access, correction, or deletion of your application data at any time. Contact: info@aflepro.com
10. Google Analytics (optional – only with consent)
If enabled and consent is given, we use Google Analytics, provided by:
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland
Google Analytics uses cookies to analyze website usage.
Legal basis: Art. 6(1)(a) GDPR (consent)
IP anonymization: IP addresses are anonymized within the EU/EEA before transmission.
Third-country transfer: Data may be transferred to the USA. Appropriate safeguards (EU Standard Contractual Clauses) are used.
Opt-out: https://tools.google.com/dlpage/gaoptout
11. Rights of data subjects
You have the following rights under the GDPR:
- right of access (Art. 15)
- right to rectification (Art. 16)
- right to erasure (Art. 17)
- right to restriction of processing (Art. 18)
- right to data portability (Art. 20)
- right to object (Art. 21)
- right to withdraw consent (Art. 7(3))
- right to lodge a complaint with a supervisory authority (Art. 77)
To exercise your rights, contact: info@aflepro.com
12. Supervisory authority
You may lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace, or place of the alleged infringement.
13. Changes to this privacy policy
We reserve the right to update this Privacy Policy to reflect legal or technical changes.
14. Restriction for visitors under 16
This website is not intended for children under the age of 16. Parental consent is required for the use of optional services.