(Last updated: October 2025)
You will find below information on how we collect and process personal data when you use our website. We have implemented extensive technical and organizational measures to protect your data against accidental or deliberate loss, misuse, or unauthorized access.
1. Data Controller (Art. 4(7) GDPR)
UnisonSteadfast AG
Burchardstraße 13C – Chilehaus
20095 Hamburg, Germany
Phone: +49 (40) 80 90 72 90
Email: info@unisonsteadfast.com
2. Data Protection Officer
You may contact our Data Protection Officer using the postal address above (add “Data Protection Officer”) or by email at dataprotection@unisonsteadfast.com.
3. Subject Matter of Data Protection
“Personal data” under Art. 4(1) GDPR means all information relating to an identified or identifiable natural person. This includes data such as a name, postal address, email address, telephone number, or—under certain circumstances—an IP address.
4. Your Rights Regarding Personal Data
(a) General rights
You have the right to access, rectify, erase, restrict processing, object to processing, and data portability. Where processing is based on consent, you may withdraw that consent at any time with future effect.
(b) Processing based on legitimate interests
Under Art. 21(1) GDPR, you have the right to object at any time—on grounds relating to your particular situation—to processing based on Art. 6(1)(e) (public interest) or Art. 6(1)(f) (legitimate interest), including profiling. We will then cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing serves to establish, exercise, or defend legal claims.
(c) Right to lodge a complaint
You may file a complaint about our processing of your personal data with a competent data protection supervisory authority.
5. Collection, Processing, and Use of Personal Data
UnisonSteadfast collects, processes, and uses personal data only when permitted or required by the GDPR, the German Federal Data Protection Act (BDSG), the Telecommunications and Telemedia Data Protection Act (TTDSG), or other applicable law—or when you have given consent.
6. Data Collected During Informational Use
When you visit our website for information purposes only, we collect only the data your browser transmits to our server. This includes IP address, date and time of request, time zone difference from GMT, requested page (URL), HTTP status code/access status, and amount of data transferred. This data is technically necessary to display the website and ensure stability and security (Art. 6(1)(f) GDPR).
7. Newsletter / Corporate Magazine (“UnisonTimes”)
If you consent under Art. 6(1)(a) and (b) GDPR, you may request to receive our newsletters and corporate magazine UnisonTimes. We process the following data: first name, last name, company name and email address. Providing this information is voluntary. Any additional optional data you provide helps us tailor content and offers to your interests. We use the data solely to respond to your request and deliver the publication. If data is processed for other purposes, this occurs only with your explicit consent.
8. Contact by Email or Contact Form
When you contact us by email or through our contact form, the data you provide (such as your email address, name, and phone number) is stored so we can respond to your inquiry. Optional fields are clearly marked. This processing occurs based on your consent (Art. 6(1)(a) GDPR). You may withdraw your consent at any time with future effect. We delete the collected data once it is no longer needed or restrict processing where legal retention obligations apply.
9. Job Applications
You may apply to UnisonSteadfast AG electronically (by email). We use your information solely to process your application and do not share it with third parties unless required by law or you give explicit consent. If you apply for a specific position that has been filled, or we consider another role suitable, we may forward your application within the company—unless you object. Your data will be deleted after the hiring process concludes or, at the latest, six months thereafter—unless you consent to longer storage or a contract is concluded (Art. 6(1)(a),(b),(f) GDPR and Section 26 BDSG).
10. Cookies
When you use our website, cookies may be stored on your device. Cookies are small text files used to make websites more user-friendly and efficient.
Session cookies are deleted automatically when you close your browser. Persistent cookies remain on your device until deleted or expired; they can be removed manually at any time in your browser settings. HTML5 storage objects and Flash cookies store settings independently of the browser. You can block Flash cookies with an appropriate add-on or by using private browsing mode.
You may configure your browser to reject all or specific cookies. If you do, some website features may not function properly. Cookie-related processing is based on your consent under Section 25(1) TTDSG in conjunction with Art. 6(1)(a) GDPR. Consent can be withdrawn anytime via the cookie settings.
11. Website Analytics
We use services that analyze and optimize our website performance and usability. The data collected (e.g., referrer URL, pages visited, duration of visit) is aggregated or pseudonymized, not personally identifiable. The legal basis is Art. 6(1)(a) GDPR (consent) or Art. 6(1)(f) GDPR (legitimate interest in website optimization).
If you consent, we use Google Analytics, a web analytics service of Google LLC. The EU service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We employ IP anonymization (“anonymizeIP”), which truncates your IP address within the EU/EEA before transmission to the U.S. Only in exceptional cases will your full IP address be transmitted and shortened there. Google analyzes your pseudonymized usage patterns and provides website performance reports. The data recipient is Google Ireland Limited (EU) and Google LLC (USA) under standard contractual clauses where applicable. Analytics data linked with cookies is deleted after 14 months. You can opt out by adjusting cookie settings or installing the browser add-on at https://tools.google.com/dlpage/gaoptout. Further details: https://marketingplatform.google.com/about/analytics/terms/gb/ and https://policies.google.com/privacy.
12. Social Media Buttons
We include buttons that allow you to share website content on social media platforms. When such a button (provided directly by a social network) is loaded, personal data such as your IP address may be automatically transmitted to the respective network operator, even if you are not logged in or not a member. We do not control or receive any data from these networks; please refer to each provider’s privacy policy for details.
13. Disclosure of Personal Data
We may share data with external service providers who process it on our behalf (Art. 28 GDPR). In such cases, only the minimum data necessary are transferred, and processors are contractually bound to comply with data protection law. Unless otherwise stated, data are not shared with third parties except where required by law, necessary to perform a contract, or authorized by you. Personal data are not transferred to countries outside the EU/EEA or Australia unless expressly stated and appropriate safeguards (e.g., EU Standard Contractual Clauses) are in place.
14. Data Security
We use SSL/TLS encryption to protect data transmitted through our website. Internal access to personal data is restricted to employees and service providers who require it to fulfill their duties and are bound by confidentiality and data protection obligations.