Hakuna Matata Logo
Hakuna Matata

Privacy Policy

Responsible Entity

Hakuna Matata Recruitment GmbH
66424 Homburg
Email: info@hakumatata.de

Overview of Processing Activities

The following overview summarizes the types of data processed, the purposes of processing, and the individuals affected.

Types of Processed Data

  • Master data
  • Payment data
  • Contact data
  • Content data
  • Contract data
  • Usage data
  • Meta, communication, and procedural data

Special Categories of Data

  • Health data

Categories of Affected Persons

  • Prospective customers
  • Communication partners
  • Users
  • Business and contractual partners
  • Patients

Purposes of Processing

  • Provision of contractual services and customer support
  • Contact inquiries and communication
  • Security measures
  • Office and organizational procedures
  • Administration and response to inquiries
  • Feedback
  • Provision of our online offer and user-friendliness
  • Information technology infrastructure

Relevant Legal Basis

Below is an overview of the legal bases under the GDPR upon which we process personal data. Please note that, in addition to the GDPR, national data protection regulations in your or our country of residence may apply. If other specific legal bases are relevant, we will inform you of them in this privacy policy.

  • Consent (Art. 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract to which the data subject is a party, or for taking steps at the request of the data subject prior to entering into a contract.
  • Legal obligation (Art. 6(1)(c) GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate interests (Art. 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

Security Measures

We take appropriate technical and organizational measures to ensure a level of security appropriate to the risk, in accordance with the legal requirements, taking into account the state of technology, implementation costs, and the nature, scope, context, and purposes of processing, as well as the likelihood and severity of risks to the rights and freedoms of individuals. These measures include securing the confidentiality, integrity, and availability of data by controlling physical and electronic access to data, as well as access, input, transmission, and availability controls. Additionally, we have established procedures to ensure data subject rights, data deletion, and responses to data breaches. Furthermore, we take into account the protection of personal data during the development or selection of hardware, software, and procedures in accordance with the principle of data protection by design and by default. TLS Encryption (https): To protect your data transmitted via our online offer, we use TLS encryption. You can recognize such encrypted connections by the "https://" prefix in the address bar of your browser.

Transmission of Personal Data

In the course of our processing of personal data, it may occur that the data is transmitted to other entities, companies, legally independent organizational units, or individuals, or disclosed to them. Recipients of such data may include service providers contracted with IT tasks or providers of services and content integrated into a website. In such cases, we comply with legal requirements and, in particular, conclude contracts or agreements to protect your data with the recipients of your data. Internal Data Transfer within the Organization: We may transfer personal data within our organization or allow access to such data. If the transfer is for administrative purposes, it is based on our legitimate business and organizational interests, or if it is necessary for the fulfillment of our contractual obligations, or if consent has been granted by the data subjects or there is a legal permission.

Deletion of Data

The data we process will be deleted in accordance with legal requirements, once their permitted processing has been revoked or other legal permissions cease (e.g., if the purpose of processing the data has been fulfilled or if they are no longer required for their intended purpose). If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted to those purposes. This means the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons, or where their retention is necessary to assert, exercise, or defend legal claims, or to protect the rights of another natural or legal person. Our data protection notices may include further information on the retention and deletion of data, which are relevant for the respective processing activities.

Use of Cookies

Cookies are small text files or other storage marks that store information on devices and retrieve information from devices. For example, to save the login status of a user account, the content of a shopping cart in an e-shop, the accessed content, or the functions used in an online offer. Cookies can also be used for various purposes, such as ensuring the functionality, security, and comfort of online offers, as well as analyzing visitor flows. Consent Notice: We use cookies in accordance with legal regulations. Therefore, we obtain prior consent from users, except where it is not legally required. Consent is not necessary if the storage or retrieval of information (including cookies) is essential to providing a service expressly requested by the users (i.e., our online offer). Essential cookies typically include cookies with functions related to the display and operability of the online offer, load balancing, security, saving user preferences, or related functions for the provision of the main and ancillary functions of the online offer requested by users. The revocable consent is clearly communicated to users and includes information about the respective use of cookies.

Business Services

We process data from our contractual and business partners, e.g., customers and prospective customers (collectively referred to as "contractual partners") in the context of contractual and similar legal relationships, as well as related actions and communications with contractual partners (or pre-contractually), e.g., to respond to inquiries. We process this data to fulfill our contractual obligations. This includes, in particular, obligations to provide the agreed services, any update obligations, and remedies for warranty and other service disruptions. Additionally, we process the data to protect our rights and for purposes related to the administrative tasks and corporate organization associated with these obligations.

Provision of Online Services and Web Hosting

We process the data of users to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the contents and functions of our online services to the user's browser or device.

Contact and Inquiry Management

When contacting us (e.g., by post, contact form, email, phone, or via social media) or within the scope of existing user and business relationships, the information provided by the requesting individuals is processed as necessary to respond to the contact inquiries and any requested actions.

Plugins and Embedded Functions and Content

We integrate functional and content elements from third-party providers (hereinafter referred to as "third-party providers") into our online offer. These elements may include graphics, videos, or maps (collectively referred to as "content"). Integrating this content always requires that third-party providers of this content process the IP address of users, as they would not be able to send the content to their browsers without the IP address.

Changes and Updates to the Privacy Policy

We ask you to regularly inform yourself about the content of our privacy policy. We will adjust the privacy policy as soon as changes to the data processing activities we carry out make this necessary. We will inform you as soon as changes require your cooperation (e.g., consent) or other individual notifications.

Rights of Data Subjects

As a data subject, you have various rights under the GDPR, particularly those arising from Articles 15 to 21 GDPR:

  • Right to object
  • Right to withdraw consent
  • Right of access
  • Right to rectification
  • Right to erasure and restriction of processing
  • Right to data portability
  • Right to lodge a complaint with a supervisory authority

Definition of Terms

This section provides an overview of the terms used in this privacy policy. Many of the terms are taken from the law and are defined in Article 4 of the GDPR. The legal definitions are binding. The following explanations are intended to aid understanding. The terms are listed alphabetically.

  • Personal data
  • Controller
  • Processing