Privacy Policy

Last updated: 20th August, 2025

This Privacy Policy outlines in detail how Emigrate101 (“Emigrate101,” “we,” “us,” or “our”) collects, processes, uses, shares, and safeguards the personal information of individuals who visit our website or use our services at emigrate101.com. Our services include various smart tools and job-related features designed to support individuals seeking immigration opportunities in Germany (collectively referred to as the “Services”). The policy also explains the rights of individuals as data subjects under relevant data protection laws, including the European Union’s General Data Protection Regulation (GDPR) and applicable German legislation, such as the Federal Data Protection Act (Bundesdatenschutzgesetz or BDSG) and the Telecommunications-Digital Services Data Protection Act (Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz – TDDDG), which governs cookie consent requirements.

By continuing to access or use our Services, users confirm that they have carefully read, understood, and agreed to the terms set out in this Privacy Policy.

1. Controller and Contact Details

Emigrate101’s role in data protection varies with its partnerships and service delivery methods, acting either as a joint controller alongside partners or independently. In joint controller arrangement, Emigrate101 and its partners share decision-making responsibilities about how and why personal data is processed and must establish a clear, transparent agreement detailing each party’s responsibilities. This agreement’s summary is available upon request, ensuring data subjects know who to contact and how their data is handled. Data subjects can exercise their rights against each controller, regardless of the arrangement.

2. Scope and Applicability

This Privacy Policy is designed to protect and inform you about the personal data we collect through our website, forms, customer service, newsletters, and events/webinars. Please note that any personal information you provide or that is collected when accessing third-party sites or services via our platforms is not covered by this Policy but rather by the privacy policies specific to those third parties.

3. Definitions

  • “Personal Data” refers to any kind of information that relates to a natural person who is either identified or can be identified, directly or indirectly. This means that the data concerns an individual who can be recognized based on the information itself or when the information is combined with other data. Identification may occur through obvious identifiers like a person’s name or identification number, or through less direct means such as location data, online identifiers, or characteristics that pertain to that person’s physical, physiological, genetic, mental, economic, cultural, or social identity.
  • “Processing” refers to any action or series of actions carried out on personal data. This includes collecting the data, storing it, using it, sharing it with others, and any other handling of the data throughout its lifecycle. Essentially, processing encompasses every step or operation involving personal information, ranging from the moment it is obtained to its eventual deletion or anonymization.

The terms “Controller,” “Processor,” “Recipient,” “Consent,” “Profiling,” and “Special categories of data” as defined in Article 4 of the General Data Protection Regulation (GDPR) have specific and important meanings relating to the handling of personal data.

  • A “Controller” is the natural or legal person, public authority, agency, or other body that alone or jointly with others determines the purposes and means of processing personal data. Basically, the controller decides why and how personal data is processed and is primarily responsible for ensuring that the data processing complies with GDPR requirements.
  • A “Processor” is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller. Unlike the controller, the processor does not decide the purpose or method but acts only under the instructions given by the controller.
  • A “Recipient” is anyone who receives personal data from the controller or processor, whether internal or external.
  • “Consent” is when a person clearly, freely, and knowledgeably agrees to their data being processed.
  • “Profiling” is defined as any automated processing of personal data intended to evaluate certain personal aspects of a natural person, such as their performance at work, economic situation, health, preferences, interests, reliability, behavior, location, or movements. Profiling involves statistical or other automated techniques to predict or analyze these personal aspects.
  • “Special categories of data” are personal data revealing sensitive information about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health, or sex life and sexual orientation. These categories require stricter protections due to the sensitive nature of the information.

4. Categories of Personal Data we Process

4.1 Account and Profile Information:

This includes Personal account details such as your email address, first name, and optionally your last name. It also covers your login details for accessing the service, age or year of birth for identity verification, as well as your country of origin or current residence if you choose to share it. Additionally, it captures your language preferences to personalize the user experience.

4.2 Service Usage Information:

Data collected pertains to your immigration objectives and eligibility details, preferences regarding jobs, and any documents you upload such as CVs and cover letters. This also includes your inquiries related to housing, registrations for events, and all forms of communication linked to the service.

4.3 Communications Data:

This includes the content of your inquiries submitted through forms, messages sent to support, comments you leave, competition entries you participate in, and feedback provided through surveys.

4.4 Transactional and Billing Details:

Billing and payment information related to any paid services, including payment provider details, billing address, and VAT information if relevant.

4.5 Technical and Device Information:

Includes technical data comprising your IP address, unique device identifiers, browser type and operating system details, URLs that referred you to the service, cookie identifiers, your time zone, and logs of your interactions with the platform.

4.6 Special Category Data:

Includes sensitive information which is collected only if absolutely necessary and with your explicit consent. It may include nationality, immigration status, or data that could reveal racial or ethnic origin inferred from nationality or visa history. Such data may also be required by law for visa compliance checks.

The submission of personal data is voluntary. Nevertheless, certain functionalities, such as those related to employment applications, assessments, and housing requests, are contingent upon the provision of specific information.

5. Purposes and Legal Bases for Processing

We collect and process your personal data for several specific purposes, each complying with Article 6 of the GDPR and, where applicable, Article 9 of the GDPR regarding special categories of data:

5.1 Service Delivery and Account Management:

We use your information for the purposes of contract performance and pre-contractual measures as defined in Article 6(1)(b) of the GDPR. This includes using your information to establish and manage your account, deliver services, provide customized content, address your inquiries, and offer customer support. Additionally, this processing is justified under the legitimate interest clause of Article 6(1)(f), as it is essential for maintaining the security and integrity of our systems.

5.2 Communication:

Your personal data is used to respond to your questions, send you important service announcements, and deliver transactional messages related to your account or our services These processing activities are necessary for the performance of contract and are based on our legitimate interests, as defined by Article 6(1)(b) and Article 6(1)(f) of the GDPR.

5.3 Marketing and Newsletter Distribution:

By providing explicit consent, you agree to receive marketing communications, newsletters, event invitations, and special offers from us. We ensure compliance with consent requirements under Article 6(1)(a) of the GDPR by providing clear and accessible methods for you to withdraw your consent at any time.

5.4 Analytics, Product Enhancement, and Fraud Prevention:

We analyze data about how you use our services to improve functionality, offer enhanced features, and prevent fraudulent activities. This processing is based on our legitimate interests as per the General Data Protection Regulation (GDPR).

5.5 Legal and Regulatory Compliance:

We process your data to meet our legal obligations under the General Data Protection Regulation (GDPR), National Data Protection Laws such as the German Federal Data Protection Act (Bundesdatenschutzgesetz or BDSG), tax laws, and Anti-Money Laundering (AML) or Know-Your-Customer (KYC) requirements. Additionally, personal data may be processed to assert, exercise, or defend legal rights.

5.6 Special Categories of Data:

Data deemed sensitive under GDPR such as, health information or data relating to racial or ethnic origin is only processed when you have given explicit consent or under other specific lawful conditions. This includes cases necessary for legal claims or significant public interest as recognized by EU or German law.

When consent is the legal basis for processing data, it must be specific, informed, and freely given. An individual has the right to withdraw their consent at any time. This withdrawal does not affect the legality of any processing that occurred before the consent was withdrawn.

6. Cookies and Third-Party Tools Disclosures

We provide detailed disclosures in our Cookie Policy and consent banner, including a list of third-party tools (e.g., analytics and advertising vendors), processing purposes, and data categories, with controls to change or withdraw consent at any time, in compliance with TDDDG and GDPR.

7. Disclosures and International Transfers

We only disclose personal data when necessary and with appropriate safeguards in place. Data may be shared with service providers (processors) for functions like hosting, CRM, and payment processing under data processing agreements. It can also be shared with professional and business partners, including recruiters, housing providers, and legal advisors. Intra-group transfers occur for processing aligned with this policy. We may also disclose data for legal and compliance purposes to competent authorities as required by law or to protect our rights and safety. Any international transfers outside the EEA/UK are protected by safeguards such as adequacy decisions or Standard Contractual Clauses (SCCs), supplemented with risk assessments and additional measures.

8. Retention

Data is retained only as long as necessary for its intended purpose. Account data is held for the duration of an active account and for a subsequent safety period post-deletion request, unless legal obligations, dispute resolution, or fraud prevention necessitate longer retention. Application and inquiry records are kept for statutory limitation periods or as legally mandated. Transactional data is retained to fulfill tax, accounting, and other legal requirements. When full retention is no longer required, data is pseudonymized or anonymized through appropriate technical and organizational measures.

9. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction, proportionate to risk and industry practice. However, no system is entirely impenetrable given the inherent nature of the internet.

10. Rights

Data subjects can access their data and related processing details and request the rectification of inaccurate information. Individuals also have the right to erasure, also known as the “right to be forgotten,” and can seek to restrict processing. The right to data portability allows for the transfer of their data. Furthermore, subjects can object to processing based on legitimate interests, including profiling and direct marketing, and can withdraw consent at any time. Requests to exercise these rights can be submitted to the designated contacts, and a response will be provided within one month, with possible extensions.

11. Children’s Privacy

Our Services are not intended for children under the age of 16. We do not knowingly process children’s data without appropriate consent and legal basis. If individuals believe we have collected data from a child, they should contact us to request deletion.

12. Automated Decision-Making and Profiling

We may use automated processing, including profiling, to personalize content like eligibility assessments or job matches, improve user experience, and detect fraudulent activity, but not to make decisions producing legal or similarly significant effects without human involvement, unless permitted by law and with appropriate safeguards.

13. Marketing Communications

We send newsletters and marketing communications with prior consent or as permitted by law. Recipients may opt out at any time via unsubscribe links or by contacting us. Opting out does not affect transactional or service communications.

14. Changes to this Policy

We may update this Policy to reflect changes in our processing or legal requirements. We will post updates with a revised “Last updated” date and, where appropriate, notify users through the Services or email. Continued use of the Services after updates constitutes acknowledgment of the revised Policy.

15. How to Contact Us

For questions or to exercise rights, Contact: contact@emigrate101.com.

Scroll to Top