Data protection

I. Introduction

In the following we would like to give you, as the person concerned, an overview of the processing of your personal data by JoCos GmbH and your rights under data protection laws. Our website can generally be used without entering any personal data. However, if you would like to use special services of our company via our website, processing of personal data could become necessary. However, you are free to transmit personal data to us in alternative ways, for example by telephone or post.

II. Responsible

The person responsible within the meaning of the GDPR is:

JoCos GmbH
Prinz-Ludwig-Straße 17
93055 Regensburg
Phone: (+49) 941 463 703 0

III. Data Protection Officer

You can contact the data protection officer at:

Niklas Hanitsch
c/o secjur GmbH
Steinhöft 9
20459 Hamburg, Germany
+49 40 228 599 520

Please feel free to contact our data protection officer directly for any questions or suggestions you may have pertaining to data privacy.

IV. Log files

When merely using our website for informational purposes, we only collect the data your browser transmits to our server (in so-called “server log files”). Our website collects a series of general data and information every time you or an automated system accesses the website. This general data and information are stored in the log files of the server. The following may be collected:

  • Name of the accessed website
  • File
  • Date and time of the call
  • Amount of data transferred
  • Notification of successful retrieval
  • Browser type and version
  • operating system of the user
  • Referrer URL (the previously visited page)
  • IP address
  • requesting provider

When using this general data and information, we do not draw any conclusions about your person. Rather, this information is required to deliver the content of our website correctly, to ensure the long-term functionality of our IT systems and the technology of our website, and to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber-attack. This collected data and information is therefore evaluated by us with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. The data of the server log files are stored separately from all personal data provided by an affected person. The data is stored for a maximum of 7 days. The legal basis for data processing is Article 6 Paragraph 1 Clause 1 Letter f) GDPR. Our legitimate interest follows from the above purposes.

The website is hosted by DomainFactory GmbH, c/o WeWork, Neuturmstrasse 5, 80331 München, Germany.

V. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your IT system (laptop, tablet, smartphone, etc.) when you visit our site. Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed of your identity. We use cookies on our website, which are technically necessary for operation and proper functionality. The legal basis for technically necessary cookies is Article 6 Paragraph 1 Clause 1 Letter f) GDPR, our legitimate interest. On the other hand, we use cookies for analysis and statistical evaluation as well as for marketing purposes. The aim is to optimize our website and offers for you. If you visit our site again, for example, it will automatically be recognized that you have already been with us. The legal basis for these technically unnecessary cookies is Article 6 Paragraph 1 Clause 1 Letter a) GDPR, your consent, which you have given us by opting in in the cookie banner.

VI. Contents of our website – contact options, job exchange

1. Contact options

When contacting us (e.g. by telephone / e-mail / contact form / request for quotation form), personal data is processed. This data is stored and used for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Article 6 1 Clause 1 Letter f) GDPR. Your data from the inquiry will generally be deleted after your inquiry has been finally processed. This is the case if it can be inferred from the circumstances that the facts in question have been finally clarified and provided that there are no legal storage obligations to the contrary. If your contact, e.g. via the offer request form, is aimed at concluding a contract, Article 6 1 Clause 1 Letter b) GDPR (pre-contractual relationship) may also be relevant. We will then store your personal data in our CRM.

The following data is collected from the contact form:

  • Name (mandatory field)
  • E-mail address (required field)
  • regarding
  • news
  • desired date
  • Telephone number for queries

In addition, we process personal data from you (see log files) when sending the form in accordance with Article 6 1 Clause 1 Letter f) GDPR on the legal basis of our legitimate interest in technically secure and non-abusive use of our form, personal data from you (see log files).

2. Application management / job exchange

We collect and process the personal data of applicants for the purpose of handling the application process. The processing can also take place electronically. This is particularly the case if an applicant sends us the relevant application documents electronically, for example by email. The legal basis for the processing of your data is Article 6 Paragraph 1 Clause 1 Letter b) GDPR in conjunction with Art. § 26 BDSG. If you are hired, the data will be included in the personnel file and stored there. If we have to reject you, we will delete your application documents 6 months after the rejection. Until then, the data will be processed in accordance with Article 6 1 Clause 1 Letter f) GDPR, on the basis of our legitimate interest (AGG). If we would like to include you in our pool of applicants, we will obtain your separate consent in accordance with Article 6 1 Clause 1 Letter a) GDPR. It will then be stored for one year.

VII. Web Analysis

Google Analytics

On our website we use Google Analytics, a web analytics service provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookies about your use of this website, such as

  • browser type/version,
  • operating system used,
  • referrer URL (the previously visited page),
  • host name of the accessing computer (IP address),
  • time of server request,

are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of our website. This information may also be transferred to third parties. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking). These processing operations only take place if you have given your express consent in accordance with Article 6 1 Clause 1 Letter a) GDPR.

You can also prevent the collection of the data generated by the cookie and related to your use of the website and the processing of this data by Google by downloading and installing a browser add-on (

Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (

VIII. Other Services

1. Google Tag Manager

This website uses the Google Tag Manager, a cookie-free domain that does not collect any personal data itself but is used by us to organize and control website tags. Nevertheless, we would like to draw your attention to the use of the Google Tag Manager. The tool triggers other tags, which in turn may collect data (e.g. Google Analytics). The Google Tag Manager does not access this data itself.

2. Google Search Console

We use Google Search Console. We would like to monitor and manage the presence of our website in the Google search results in order to be able to make optimizations and, if necessary, identify and correct errors. However, the data collection takes place exclusively on the Google website and not on our site. You can find more information at:

3. Gravatar

We use Gravatar. This is an image visualization service provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. We use Gravatar to create an association between you and an avatar on Gravatar. Gravatar is used in accordance with Article 6 Paragraph 1 Clause 1 Letter f) GDPR on the basis of our legitimate interest. For more information, see Gravatar’s privacy policy:

4. creditreform Boniversum

Our company regularly checks and monitors your creditworthiness when concluding contracts and in certain cases where there is a legitimate interest, including with existing customers. To do this, we work with Creditreform Boniversum GmbH, Hammfelddamm 13, 41460 Neuss, from whom we receive the necessary data. For this purpose we transmit your Names, addresses and dates of birth to Creditreform Boniversum GmbH. The information in accordance with Article 14 of the EU General Data Protection Regulation on the data processing taking place at Creditreform Boniversum GmbH can be found here: or scan the QR code.

IX. Your rights as a data subject

  • Right to confirmation:You have the right to request confirmation from us as to whether personal data relating to you are being processed.
  • Right to information Art. 15 DS-GVO: You have the right to receive information from us free of charge at any time about the personal data stored about you as well as a copy of this data in accordance with the statutory provisions.
  • Right to correction Art. 16 DS-GVO: You have the right to request the correction of incorrect personal data concerning you. You also have the right, taking into account the purposes of the processing, to request the completion of incomplete personal data.
  • Deletion Art. 17 DS-GVO: You have the right to demand that the personal data concerning you be deleted immediately if one of the statutory reasons applies and if the processing or storage is not necessary.
  • Restriction of processing Art. 18 DS-GVO: You have the right to demand that we restrict processing if one of the legal requirements is met.
  • Data transferability Art. 20 DS-GVO: You have the right to receive the personal data concerning you that you have provided to us in a structured, common, and machine-readable format. You also have the right to transmit this data to another person responsible without hindrance from us, to whom the personal data was provided, provided that the processing is based on the consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR or Article 9 paragraph 2 letter a) GDPR or on a contract in accordance with Article 6 paragraph 1 Clause 1 Letter b) GDPR and the processing is carried out using automated procedures, provided that the processing is not for the perception is required for a task that is in the public interest or in the exercise of official authority that has been delegated to us. Furthermore, when exercising your right to data transferability in accordance with Art. 20 Para. 1 DS-GVO, you have the right to obtain that the personal data is transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible and insofar as this is not the case the rights and freedoms of other people are impaired.
  • Objection Art. 21 DS-GVO: You have the right, for reasons arising from your particular situation, at any time against the processing of personal data concerning you, which is based on Art. 6 Para. 1 Clause 1 Letter e) (Data processing in the public interest) or f) (data processing on the basis of a balance of interests) DS-GVO to file an objection. This also applies to profiling based on these provisions within the meaning of Art. 4 No. 4 DS-GVO. If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. In individual cases, we process personal data in order to operate direct advertising. You can object to the processing of personal data for the purpose of such advertising at any time. This also applies to profiling insofar as it is associated with such direct advertising. If you object to us processing for direct marketing purposes, we will no longer process the personal data for these purposes. In addition, you have the right, for reasons arising from your particular situation, to object to the processing of personal data relating to you, which we carry out for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Para. 1 DS-GVO object, unless such processing is necessary to fulfill a task in the public interest. You are free to exercise your right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.
  • Revocation of consent under data protection law: You have the right to revoke consent to the processing of personal data at any time with effect for the future. You can address your revocation to the following office:
  • Complaint to a supervisory authority: You have the right to complain to a supervisory authority responsible for data protection about our processing of personal data. In principle, the LDA Bayern is responsible for us.

X. Updating and changing the privacy policy

This data protection declaration is currently valid and has the status: Juli 2023

Due to the further development of our websites and offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at ““.

Scroll to Top