Our Privacy Policy

1. The scope and purpose of this Privacy Policy

This “Privacy Policy“ explains how Think.iT GmbH (“Think.iT”, “we”, “us”, “our”), collects, uses, shares and otherwise processes your Personal Data in connection with our website https://www.think-it.io/ (the “Website”) in accordance with applicable data privacy laws and the General Data Protection Regulation (EU Regulation 679/2016, “GDPR”). It further describes your choices regarding the ways in which your information is collected, used and shared.

We may provide supplemental privacy policies on specific occasions, when we are collecting or processing Personal Data about you so that you are fully aware of how and why we are using your Personal Data. Those supplemental notices should be read together with this Privacy Policy.

Think.iT is a limited liability company under German law. We are the controller of your personal data, which means that we decide on the means and purpose of the processing of your personal data. We can be reached as set out in the “How to Contact Us” section below.

The term “Personal Data” as used in this Privacy Policy means any information relating to you such as your name, contact details, bank account details etc. Personal Data does not include data from which you can no longer be identified such as anonymized aggregate data.

2. Personal Data collected and processed, Purpose of and legal basis for the processing

2.1 If you visit our website

When you visit our Website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file and automatically deleted after 30 days. The following information is recorded without your intervention and stored until it is automatically deleted:

  • IP address or mobile device identifier,
  • date and time of access,
  • name and URL of the retrieved file,
  • website from which the access takes place (referrer URL),
  • the type of browser used and, if applicable, the operating system of your computer and the name of your access provider.

We process the data mentioned above for the following purposes:

  • to ensure a comfortable use of and smooth connection to our website; and
  • to ensure system security and stability of our Website.

The legal basis for this data processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR. Our legitimate interest follows from the purposes listed above.

We may track and store some of the above listed data and may combine or link this data with data relating to you from other sources in order to analyze how you visit and use the Website so we are able improve the use of the Website and our services. The legal basis for this data processing is your freely given consent pursuant to Art. 6(1)(a) GDPR. You will find more detailed information on this in our Cookie Preference Center and our Cookie Policy, which you can find here.

2.2 If you contact us via our contact forms

When contacting us via the “Get in Touch”, the job application or “Refer a Friend” contact form provided on our website your name and e-mail address is always collected. In addition, we may request you to provide us with your telephone number, job position, the name of the company you work for as well as information about your education or previous work experience. We are processing this Personal Data for the evaluation of your job application or in order to better understand and process your request.

The legal basis for this data processing is to fulfill contractual obligations or to take steps prior to entering into a contract with you pursuant to Art. 6(1)(b) GDPR or as the case may be your voluntarily given consent pursuant to Art. 6(1)(a) GDPR.

2.3 If you contact us via email

When contacting us via the-mail addresses dataprotection@think-it.io, tunis@think-it.io or partners@think-it.io your e-mail address is always collected in order to be able to answer your request. When contacting us via e-mail, Personal Data such as name, address, telephone number, etc. is only collected if you provide it. We are processing this Personal Data in order to be able to understand and process your request.

The legal basis for this data processing is your freely given consent pursuant to Art. 6(1)(a) GDPR.

2.4 Newsletter

When subscribing to our newsletter we always collect your e-mail address and your name. We may collect additional Personal Data, if you choose to provide us with such data. We are processing this Personal Data in order to be able to send you our newsletter and provide you with information about us and our services.

The legal basis for this data processing is your freely given consent pursuant to Art. 6(1)(a) GDPR.

2.5 Personal Data we obtain from other sources about you

We may collect Personal Data not directly from you, but through other sources. This may include the following sources and circumstances:

  • We may collect Personal Data about you from other public websites or social media sites such as LinkedIn, Facebook, Twitter or other websites. This Personal Data may include personal or professional details and interests that you have made publicly available on these websites. We are processing this Personal Data for the evaluation of your job application or requests you send us in connection with other contractual relationships you wish to conclude with us.

    The legal basis for this data processing is to take steps prior to entering into a contract with you pursuant to Art. 6(1)(b) GDPR or our legitimate business interest pursuant to Art. 6(1)(f) GDPR.

    We may collect Personal Data about you when other persons contacting us via our “Refer a Friend” contact form on our Website to refer you for one of our job opportunities. This Personal Data includes always your name and e-mail address. In addition, we may collect your telephone number and other Personal Data such as education details that may be provided from the proposing person. We are processing this Personal Data only if the proposing person confirms that he or she is authorized to forward your Personal Data to us. The processing purpose is the evaluation of the job application in order to determine whether we may offer a contractual relationship to you.

    The legal basis for this data processing is your freely given consent pursuant to Art. 6(1)(a) GDPR.

3. Change of purpose, anonymization

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason which is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.

4. With whom we share your Personal Data

We may share your Personal Data with third parties, as follows:

  • We may share your Personal Data, such as your personal and professional details with Think.iT Labs SARL, which is a Tunisian partner company of Think.iT for the purpose of evaluating or concluding a contractual relationship with you.
  • We may disclose your Personal Data to third parties, if we are required by law to do so or if we reasonably believe that use or disclosure is necessary to protect our rights and/or to comply with judicial or regulatory proceedings, a court order or other legal process.

We will only share your Personal Data with third parties based on one of the following legal bases, i.e. if:

  • you have given your express consent pursuant to Art. 6(1)(a) GDPR;
  • the transfer of Personal Data pursuant to Art. 6(1)(b) GDPR is necessary for the performance of an agreement or, at your request, to initiate a contractual relationship with you;
  • there is a legal obligation to share pursuant to Art. 6(1)(c) GDPR;
  • the transfer of Personal Data pursuant to Art. 6(1)(f) GDPR is necessary for the assessment, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not sharing your data; or
  • we have a legitimate interest pursuant to Art. 6(1)(f) GDPR (e.g. for administrative purposes) to transfer your Personal Data to Think.iT Labs SARL or our suppliers and there is no reason to assume that you have an overriding legitimate interest in your Personal Data not being transferred.

For the purposes described above we may have to transfer your Personal Data from the European Economic Area (“EEA”) to our office in Tunisia or another third party outside of the EEA and in a jurisdiction not being subject to an adequacy decision of the European Commission. We will always ensure that there is a legal basis and a relevant safeguard method for such data transfer so that your Personal Data is treated in a manner that is consistent with, and respects the European laws and other applicable laws and regulations on data protection. We have put in place European standard contractual clauses as our safeguard method. If you require further information about this you can request it from dataprotection@think-it.io.

5. Your rights in relation to your information

You have rights as an individual which you can exercise under certain circumstances in relation to your Personal Data that we hold. These rights are to:

  • request access to your Personal Data (commonly known as a “data subject access request”) and request certain information in relation to its processing pursuant to Art. 15 GDPR;
  • request rectification of your Personal Data pursuant to Art. 16 GDPR;
  • request the erasure of your Personal Data pursuant to Art. 
  • request the restriction of processing of your Personal Data pursuant to Art. 18 GDPR;
  • object to the processing of your Personal Data pursuant to Art. 21 GDPR.

You also have the right to receive your Personal Data in a structured, commonly used and machine-readable format and to have us transmit those Personal Data to another controller, if you have provided these Personal Data to us, if the processing is based on consent pursuant to Art. 6 (1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to point Art. 6(1)(b) GDPR and the processing is carried out by us by automated means, subject, however, to legal restrictions which may apply.

If you want to exercise one of these rights please contact us as set out below under “How to Contact Us”.

You also have the right to make a complaint at any time with the competent data protection supervisory authority of your place of residence or stay or with any other competent data protection supervisory authority of an EEA Member State.

6. Right to withdraw consent

In case you have provided your consent to the collection, processing and transfer of your Personal Data, you have the right to fully or partly withdraw your consent. To withdraw your consent, please contact us as set out below under “How to Contact Us”. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented, unless there are compelling legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

7. What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access Personal Data (or to exercise any of your other rights). This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.

It is in your sole discretion to provide Personal Data to us. If you do not provide us with all or some of the Personal Data we request, we may not be able to accept an engagement from you, to provide all or some of our services, to enter into a contract with you or to send you the requested (marketing) information.

8. How long will we retain your information?

We will only retain your Personal Data for as long as necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.

To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.

Upon expiry of the applicable retention period we will securely destroy your Personal Data in accordance with applicable laws and regulations.

9. Fees

You will in general not have to pay a fee to exercise any of your individual rights mentioned in this Privacy Policy. However, we may charge a reasonable fee if your request to exercise your individual rights is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

10. No automated decision making

We do not apply automated decision making techniques.

11. safety of your data

We have taken suitable technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. For the exchange of data with you via our website, we use the SSL (Secure Sockets Layer) method, a standard security technology for establishing an encrypted connection between a web server and a browser, together with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use a different secure encryption technology instead. When data is transferred securely via SSL, a key or lock symbol is displayed in the status bar of your browser.

12. Changes to this privacy Policy

We reserve the right to update this Privacy Policy at any time, and we will make an updated copy of such Privacy Policy available on our website.

13. How to Contact US

If you have any concerns about this Privacy Policy or wish any further information, please do not hesitate to contact us via e-mail at dataprotection@think-it.io or by writing to Think.iT GmbH, Friedrichstrasse 123, 10117 Berlin, Germany.