Privacy policy
Introduction
With the following data protection Declaration we would like to inform you which types of your personal data (hereinafter also abbreviated as "data") we process for which purposes and in which scope. The privacy policy applies to all of us carried out the processing of personal data, both in the framework of the provision of our services as well as, in particular, on our websites, in mobile applications and within external online presences, e.g. our Social Media Profile (hereinafter collectively referred to as "online offer").
The terms used are not gender-specific.
Stand: 17. December 2021
Contents overview
- Introduction
- Responsible
- Overview of processing
- Relevant Legal Bases
- Security measures
- Transfer of personal data
- Data processing in third countries
- Use of Cookies
- Business Services
- Provision of the online offer and Webhosting
- Special instructions to applications (Apps)
- Reference of applications on AppStore
- Registration, login and user account
- Blogs and publication media
- Contact
- Communication via Messenger
- Push Messages
- Video conferencing, online meetings, webinars, and screen Sharing
- Music and Podcasts
- Application procedure
- Cloud Services
- Newsletter and electronic notifications
- Promotional communications via E-Mail, Post, Fax, or phone
- Polls and surveys
- Web Analytics, Monitoring, and optimization
- Online marketing
- Affiliate programs and Affiliate Links
- Presence in social networks (Social Media)
- Plugins and embedded functions and content
- The Management, organization and tools
- Deletion of data
- Amendments and updates to this privacy statement
- Rights of persons concerned
- Definitions
Responsible
Cultway GmbH
Revaler Str. 13
10245 Berlin
Overview of processing
The following Overview summarizes the types of data processed and the purposes of its processing and refers to the persons concerned.
Types of data processed
- Inventory data (e.g. names, addresses).
- Candidate data (e.g., information about the Person, Postal and contact addresses and the documents for the application belonging and the information contained therein, such as cover Letter, CV, certificates, and more in terms of a specific job or volunteer applicants notified information to the Person or qualification).
- Content data (e.g. entries in online forms).
- Contact information (e.g. E-Mail, telephone numbers).
- Meta/communication data (e.g. device information, IP addresses).
- Usage data (e.g. websites visited, interest in content, access times).
- Contract data (e.g. subject matter of the contract, duration, customer category).
- Payment data (e.g. Bank details, invoices, payment history).
Categories of affected persons
- Employees (e.g., employees, applicants, former employees).
- Applicants.
- Business and contract partners.
- Interested parties.
- Communication partner.
- Customers.
- Users (e.g. website visitors, users of online services).
Purposes of the processing
- A/B Testing.
- Affiliate Tracking.
- Provision of our online offer and user-friendliness.
- Conversion measurement (measurement of the effectiveness of marketing measures).
- Application procedure (statement of reasons and any subsequent implementation as well as possible subsequent to the termination of the employment relationship).
- Office and organization procedures.
- Click tracking.
- Content Delivery Network (CDN).
- Direct marketing (e.g. by E-Mail or by post).
- Feedback (e.g., Collect Feedback via the Online form).
- Heatmaps (mouse movements on the part of the users, which are combined to form an overall picture.).
- Marketing.
- Contact requests and communication.
- Profiles with user-related information (creation of user profiles).
- Range measurement (e.g. access statistics, recognition of returning visitors).
- Security measures.
- Surveys and questionnaires (e.g., surveys, input options, Multiple-Choice questions).
- Provision of contractual services and customer service.
- Managing and responding to requests.
Relevant Legal Bases
The following is an Overview of the legal foundations of the DSGVO, which we apply to the processing of personal data. Please note, to fit that in addition to the provisions of the DSGVO, national data protection regulations of your or our residential, or home country to apply. Furthermore, in individual cases, more specific legal basis, should be governed, we will inform you of this in the privacy statement.
- Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO) – The Person concerned has given his / her consent to the processing of their personal data for a specific purpose or more specific purposes.
- Fulfilment of the contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO) – The processing is necessary for the performance of a contract whose contractual party is the data subject, or for the execution of pre-contractual measures will be required, at the request of the Person concerned.
- Legal Obligation (Art. 6, Para. 1 S. 1 lit. C. DSGVO) – The processing is necessary for compliance with a legal obligation that is subject to the Responsible party.
- Legitimate Interests (Art. 6, Para. 1 S. 1 lit. f. DSGVO) – The processing is necessary to safeguard the legitimate interests of the controller or of a third party is required, unless the interests or fundamental rights and freedoms of the data subject which require protection of personal data, prevail.
- The application procedure as a pre-contractual or contractual relationship (art. 9, Para. 2 lit. b DSGVO) – To the extent that, in the context of the application process special categories of personal data within the meaning of article 9 Para. 1 DSGVO (e.g. health data, such as the severely disabled feature or ethnic origin) in the case of applicants will be requested so that the person in charge or the Person concerned to exercise him or her from the labour law and the law of social security and social protection, rights and obligations under, and its and their respective duties, is carried out the processing according to article 9, Para. 2 lit. b. DSGVO, life in the case of the protection of the vital interests of the applicant or other persons pursuant to art. Art. 9 Abs. 2 lit. C. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the working capacity of the employee, for medical diagnosis, care or treatment in a health or social care or for the management of systems and services in the health or social gem. Art. 9 Abs. 2 lit. h. DSGVO. In the case of a voluntary consent, based notification of special categories of data, will be processed on the basis of article 9, Para. 2 lit. a. DSGVO.
National data protection regulations in GermanyIn addition to the data protection regulations of the General data protection regulation, national data protection regulations in Germany. In particular, the law on protection against misuse of personal data in data processing (Federal data protection act – BDSG) belongs to. The data protection act contains special provisions on the right to information, the right to Erasure, the right to object to the processing of special categories of personal data, processing for other purposes and for Transmission as well as automated decision making in individual cases, including Profiling. Furthermore, it regulates the processing of data for the purposes of the employment relationship (§ 26 BDSG), in particular with regard to the justification, execution or termination of employment, as well as the consent of the employee. Furthermore, the country's data protection laws of the individual States can move to the application.
Security measures
We meet in accordance with the legal requirements, taking into account the State of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different probability of Occurrence and the extent of the threat to the rights and freedoms of natural persons take appropriate technical and organizational measures to ensure the level of risk appropriate level of protection.
The measures include in particular the securing of confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as the access, input, transmission, the securing of availability and its separation. Furthermore, we have established procedures to ensure that users ' rights, the deletion of data and reaction to endangerment of the data. In addition, we take into account the protection of personal data already in the development or Selection of Hardware, Software and procedures, in accordance with the principle of data protection by technology design and by privacy-friendly default settings.
Reduction of the IP address: To the extent that IP addresses from us, or by the performance of the service providers and technologies are being processed, and the processing of a full IP-address is not required, the IP address will be truncated (also known as "IP Masking"). Here, the last two digits, or the last part of the IP address are removed after a point, or a placeholder to be replaced. With the shortening of the IP address is the identification of a Person is to be prevented on the basis of their IP address or significantly more difficult.
SSL encryption (https): Its via to protect our Online quote data provided, we use SSL-encryption. You can recognize such encrypted Connections by the prefix https:// in the address bar of your browser.
Transfer of personal data
In the context of our processing of personal data that the data can be transmitted to other Bodies, enterprises, legally independent organizational units or individuals, or they will be disclosed to. The recipients of this data, for example, with IT tasks commissioned service providers or providers of services and content that are embedded in a website,. In such a case, we observe the legal requirements and include, in particular, appropriate contracts or Agreements, which serve the protection of your data, with the recipients of your data.
Data processing in third countries
If we process data in a third country (i.e. outside the European Union (EU), the European economic area (EEA)) or the processing in the context of the use of third-party services or disclosure or Transmission of data to other persons, Bodies or companies, this will only be done in accordance with the statutory requirements.
Subject to Express consent or contract or by law required Submission of article 44 to 49 DSGVO, information page of the EU Commission, we process or leave the data only in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, the Existence of certifications or binding internal data protection regulations process (: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).
Use of Cookies
Cookies are text files that contain data from visited Websites or Domains and from a Browser on the user's Computer to be stored. A Cookie serves primarily to store the information about a user during or after his visit within an online offer. The stored information includes, for example, the language settings on a website, the login status, a shopping cart, or the point at which a Video has been watched. To include the notion of Cookies, we also use other technologies, which fulfil the same functions as Cookies (e.g., if the information of the user is stored using pseudonymous Online identifiers, also known as "user IDs") are
The following Cookie types and functions can be distinguished:
- Temporary Cookies (also known as a Session or "session Cookies"): Temporary Cookies are deleted after a user has left a quote Online, and its Browser is closed.
- Permanent Cookies: Permanent Cookies remain after the browser is closed. The Login can, for example, Status or preferred content displayed directly saved when the user visits a Website. Likewise, the interests of users used for range measurement or marketing purposes may be stored in such a Cookie.
- First-Party Cookies: First-Party Cookies are set by us.
- Third-Party Cookies (including third party Cookies): Third-party Cookies are mainly used by advertisers (so-called third parties) in order to process the user information.
- Necessary (also called essential or strictly necessary) Cookies: Cookies can store gifts for the operation of a website is absolutely necessary (e.g. for Logins, or any other user information to or for reasons of safety).
- Statistics, Marketing and personalization CookiesIn addition, Cookies may be used in a rule, also in the context of the range of measurement, and then, if the interests of a user or his behavior (e.g., Viewing of certain content, Use of functions, etc.) on each of the web pages in a user profile are saved. Such Profiles are used, the users, i.e., contents that correspond to their potential interests. This procedure is also referred to as "Tracking", i.e., tracking the potential interests of the users. To the extent that we use Cookies or "Tracking"technologies, we inform you separately in our data protection Declaration, or in the context of obtaining consent.
Notes on legal bases: The legal basis on which we process your personal data with the help of the Cookies depends on whether we ask you for consent. If this is the case, and you consent to the use of Cookies, the legal basis for the processing of your data is the consent. Otherwise, by using Cookies data processed on the basis of our legitimate interests (e.g. to be in a business operation of our online offer and its improvement) processes or, if the use of Cookies is necessary to comply with our contractual obligations.
Storage duration: If we tell you there is no explicit information about the storage duration of permanent Cookies (e.g., in the context of a so-called Cookie Opt-Ins), please assume that the storage period can be up to two years.
General instructions for revocation and objection (Opt-Out): Depending on whether the processing is carried out on the basis of a consent or legal permission, you have the option at any time, your consent to revoke or to the processing of your data through Cookie technology to contradict (collectively, the "Opt-Out" means). You can restrict explain your right of objection, first, using the settings of your browser, e.g. by deactivating the use of Cookies (wherein this the functionality of our online offer). An objection to the use of Cookies for the purposes of online marketing can be a web page by means of a variety of services, especially in the case of tracking, via the https://optout.aboutads.info and https://www.youronlinechoices.com/ be explained. In addition, you can get more contradiction notes in the context of the information about the service providers and Cookies.
Processing of Cookie data on the basis of a consentWe use a method for Cookie-Consent-Management, in the framework of the consent of the users in the use of the Cookies, or within the framework of the Cookie-Consent-Management-procedure-mentioned processing, and provider obtained, as well as from the users and revoke can be managed. This Declaration of consent will be stored, the query again to have and to be able to consent, according to the legal obligation to prove. The storage can be done on the server side and/or in a Cookie (so-called Opt-In Cookie, and use comparable technologies) to consent to a user, and / or its assign the device to. Subject to individual information to the providers of Cookie Management services, subject to the following: the duration of The storage of the consent can be up to two years. Here is a pseudonymous user is formed identifier with the date of the consent, information on the scope of the consent (e.g., what are the categories of Cookies and/or service provider) as well as the Browser System and the terminal used and stored.
- Types Of Data Processed: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Business Services
We process conditions, the data of our contractual and business partners, such as customers and prospective customers (referred to collectively as "contractual partners") in the context of contractual and other similar rights, as well as associated measures and in the context of the communication with the parties to the contract (or pre-contractually), for example, to answer requests.
These data do we process for the fulfilment of our contractual obligations, to secure our rights and for the purposes of this information is associated administrative tasks, as well as the entrepreneurial organization. The data of the contractual partner, we give in the scope of the applicable Law only to the extent to third parties, as this is for the purposes indicated above or to comply with legal obligations or with the consent of the persons concerned (e.g. to persons involved in the telecommunications, Transport and other ancillary services, as well as subcontractors, banks, tax and legal consultant, payment service provider or tax authorities). Through further Processing, e.g. for the purposes of marketing, you will be informed the parties to the contract in accordance with this privacy statement.
What are the data for the aforementioned purposes, we inform the parties to the contract prior to, or within the framework of the data collection, for example, in online forms, by special marking (e.g., colors) and symbols (e.g., asterisks, etc.), or in person.
We delete the data after expiry of statutory warranty and comparable obligations, i.e., in principle, after the expiry of 4 years, unless the data are stored in a customer account, for example, as long as they need to be retained for legal reasons, in the archive (for example, for tax purposes, usually 10 years). Data put in the context of a contract by the contract partner is open, we will delete according to the specifications of the order, in principle after the end of the contract.
To the extent that we use to provide our services to third-party providers or platforms, apply to the relationship between the users and the providers of the terms and conditions and data protection notices of the respective third-party providers or platforms.
Customer account: The contractual partner can create within our online offer an account (e.g., customer or user account, in short, the "customer account"). If the registration of a customer account is required to be a contract drawn to the partners, as well as on the information required for registration. The customers ' accounts are not public and cannot be indexed by search engines. In the context of the registration, as well as subsequent applications and uses of the customer account, we store the IP to the customer in addition to the access points in time, the registry evidence and any misuse of the client's account to prevent addresses.
If customers have terminated your account will be deleted in the customer account data in question, subject to their retention is for legal reasons. It is the responsibility of the customer to secure their data upon termination of the customer account.
Artistic and literary achievementsWe process the data of our customers, to provide you with the selection, acquisition, or retention of the selected services or works, and other related activities, as well as their payment and delivery, or execution or provision.
The information required is as such under the contract, order or similar contract is identified, and include the delivery and billing information, and contact information, to any consultations.
Publication activityWe process the data of our contact partners, the interview partners, as well as other people, the subject of our publicist, editorial and journalistic, as well as related activities. In this context, we refer to the applicability of the protection provisions of the freedom of expression and freedom of the press gem. Article 85 of the DSGVO in conjunction with the respective national laws. The processing serves the fulfilment of our contract, activities, and takes place in the Other, in particular on the basis of the interest of the General public in information and Media.
Range of Software and platform servicesWe process the data of our users, logged on, and any test user (hereinafter referred to as the "user"), and to provide you with our contractual services, as well as to be able, on the basis of legitimate interests, the safety of our offer, ensure and develop it further. The information required is as such under the contract, order, or comparable contract is identified, and include for the provision of services and billing information, and contact information, to any consultations.
- Types Of Data Processed: Inventory data (e.g. names, addresses), payment data (e.g. Bank details, invoices, payment history), contact data (e.g. E-Mail, telephone numbers), contract data (e.g. subject matter of the contract, duration, customer category), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Interested parties, business and contract partners, customers.
- Purposes of the processing: Provision of contractual services and customer service, contact requests and communication, office and organization, procedure, management, and responding to requests, security measures.
- Legal basis: Fulfilment of the contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legal obligation (art. 6, Para. 1 S. 1 lit. C. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Provision of the online offer and Webhosting
To be able to our online offer reliable and efficient, we take the services of one or more web-hosting providers, their servers (and / or managed servers), the online offering can be accessed. For these purposes, we have infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services.
To be able to within the framework of the provision of Hosting data processed all of the users of our online offer relevant information that arises in the context of the use and communication. This includes the IP address, which is necessary to the content offered online to the Browser to deliver, and all within our online offer or websites made submissions on a regular basis. This also includes all the data of the users of our App, including the data required for the registration and use of customer's or a user's account, such as your E-Mail address and password.
E-Mail and HostingThe used web hosting services also include sending, receiving and storing E-Mails. For these purposes, the addresses of the recipient and sender, as well as further information regarding the E-mail sending (e.g., the participating Provider), as well as the contents of the respective emails processed. The above data can be processed further, for the purposes of the detection of SPAM. We kindly ask you to note that E-Mails on the Internet are generally not sent in encrypted form. As a rule, E to be encrypted emails while in transit, but (unless there is a so-called end-to-end encryption is the method used) not on the servers from which you sent and received. We can therefore assume for the Transmission of E-Mails between the sender and the reception on our Server and no responsibility.
Collection of access data and Logfiles: We (or our web hosting provider) collect data on each access to the Server (so-called Server log files). The Server log files, the address and Name of the accessed web pages and files, date and time of the retrieval, amount of data transferred, message about successful retrieval, browser type and Version, the operating system of the user, Referrer URL (the previously visited page), and as a rule, IP address and the requesting Provider belong.
The Server log files can be used for the purposes of security, for example, to avoid Overloading the Server (especially in the case of abusive attacks, so-called DDoS attacks), and secondly, the utilization of the servers and ensure stability.
Content Delivery NetworkWe may use a "Content Delivery Network" (CDN). A CDN is a service, by which the content of the online offer, especially big media files, such as graphics or program scripts, with the help of regionally distributed and Internet-connected Server faster and more secure delivery.
- Types Of Data Processed: Content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Provision of our online offer and user-friendliness, Content Delivery Network (CDN), the provision of the contractual services and customer service.
- Legal basis: Legitimate Interests (Art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- WordPress.com: Hosting platform for Blogs / websites; service provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA; Website: https://wordpress.comPrivacy statement: https://automattic.com/de/privacy/.
- Amazon Web Services (AWS): Services in the field of provision of information technology infrastructure and related services (e.g., memory and/or processing capacity); service providers: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA; Website: https://aws.amazon.com/de/Privacy statement: https://aws.amazon.com/de/privacy/?nc1=f_pr.
- Cloudflare: Content Delivery Network (CDN); service provider: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA; Website: https://www.cloudflare.comPrivacy statement: https://www.cloudflare.com/privacypolicy/.
- netcup: Services in the field of provision of information technology infrastructure and related services (e.g., memory and/or processing capacity); service provider: netcup GmbH, Daimler straße 25, D-76185 Karlsruhe, Germany; Website: https://www.netcup.de/Privacy statement: https://www.netcup.de/kontakt/datenschutzerklaerung.php.
- STRATO: Services in the field of provision of information technology infrastructure and related services (e.g., memory and/or processing capacity); service provider: STRATO AG, Pascalstraße 10,10587 Berlin, Germany; Website: https://www.strato.dePrivacy statement: https://www.strato.de/datenschutz.
- Back endless: Services in the field of provision of information technology infrastructure and related services (e.g., memory and/or processing capacity); service provider: back endless Corp., 2591 Dallas Pkwy, Ste 300, Frisco, TX 75034, USA; website: https://backendless.com/Privacy statement: https://backendless.com/privacy-policy; Datenverarbeitungserklärung: https://backendless.com/data-processing-agreement/
Special instructions to applications (Apps)
We process the data of users of our application, insofar as these are necessary to the users of the application and its functionalities to their safety, and they continue to develop to monitor. We may also contact users in compliance with the statutory requirements, to the extent the communication for the purposes of the Administration or use of the application is required. In addition, we refer to with regard to the processing of the data, the user on the privacy policy in this privacy policy.
Legal basis: The processing of data for the provision of the functionalities of the application and necessary to the fulfillment of contractual obligations. This shall also apply if the provision of the functions requires a permission, the user (e.g., shares of the functions of the device) in advance. If the processing of data for the provision of the functionality of the application is necessary, but the security of the application or our economic interest (for example, Collection of data for the purposes of optimization of the application or security purposes), it is carried out on the basis of our legitimate interests. If users are explicitly asked for their consent to the processing of your data, the processing of the consent included data on the basis of consent.
Commercial UseWe process the data of users of our application, logged on, and any test user (hereinafter referred to as the "user"), and to provide you with our contractual services, as well as to be able, on the basis of legitimate interests, the safety of our application, you warrant and develop. The information required is as such under the terms of use, contract, order, or comparable contract is identified, and can include for the provision of services and any billing information, and contact information, to any consultations.
The storage of a universal unique identifier (UUID)The application saves for the purposes of the analysis of the use and functionality of the application, as well as the storage of the settings of the users of a so-called universal unique identifier (English Universally Unique Identifier, UUID). This identifier is generated upon Installation of this application (but is not associated with the device, so no device ID in this sense), between the Start of the application, as well as of their updates stored and is deleted when the user remove the application from your device.
The storage of a pseudonymous identifier: So we can make the application ready for use, and their ability to function to make sure, we use a pseudonymous identifier. The ID is a mathematical value (i.e., there is no clear data, such as names) that is assigned to a device and/ or of the installed Installation of the application. This identifier is generated upon Installation of this application, remains between the Start of the application, as well as of their updates stored and is deleted when the user remove the application from the device.
Device permissions for access to functions and dataThe use of our application or its features may require permissions from the user for access to certain features of the equipment used or stored on the devices, or with the help of the devices accessible data. By default, these permissions must be granted by users and may at any time in the settings of the respective device is revoked. The exact procedure for controlling App permissions may be from the device and the Software, the users on -. In the explanation needs may contact users to us. We remind you that the refusal or withdrawal of the respective permissions may affect the functionality of our application.
- Types Of Data Processed: Inventory data (e.g. names, addresses), Meta/communication data (e.g. device information, IP addresses), payment data (e.g. Bank details, invoices, payment history), contract data (e.g. subject matter of the contract, duration, customer category).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Provision of contractual services and customer service.
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), performance of contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Adalo: Programmierfreie Entwicklungsplattform für mobile Applikationen (No-Code Development Platform, NCDP): Apto Labs, Inc., 911 Washington Avenue, Suite 501, St. Louis, MO 63101; Webseite: https://www.adalo.com/; Datenschutzerkl√§rung: https://www.adalo.com/privacy-policy
Reference of applications on AppStore
The relation of our application is done via a special Online platforms operated by other service providers (the so-called "app stores"). In this context, in addition to our data protection the data protection statements of the respective app stores. This applies in particular with regard to the platforms used method for reach measurement and for interests related Marketing, as well as any costs, duty.
- Types Of Data Processed: Inventory data (e.g. names, addresses), payment data (e.g. Bank details, invoices, payment history), contact data (e.g. E-Mail, telephone numbers), contract data (e.g. subject matter of the contract, duration, customer category), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Customers.
- Purposes of the processing: Provision of contractual services and customer service.
- Legal basis: Fulfilment of the contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Apple App Store: App and Software sales platform; service provider: Apple Inc., Infinite Loop, Cupertino, CA 95014, USA; Website: https://www.apple.com/de/ios/app-store/Privacy statement: https://www.apple.com/legal/privacy/de-ww/.
- Google Play: App and Software sales platform; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://play.google.com/store/apps?hl=dePrivacy statement: https://policies.google.com/privacy.
Registration, login and user account
Users can create a user account. In the context of the registration, the users will be informed of the data required for the purposes of provision of the user's account on the basis of a contractual duty is processed. The data processed includes in particular the Login information (user name, password and E-Mail address).
In the context of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as that of the user for protection against misuse and other unauthorized use. A passing on of your data to third parties does not take place, unless it is for the prosecution of our claims or there is a legal obligation to do so exists.
The user can be informed of operations which have for their user account, such as technical Changes, by E-Mail.
Two-Factor AuthenticationThe Two-factor authentication provides an additional layer of security for your account and ensures that only you can access your account, even if someone else knows your password. To this end, they perform in addition to your password, an additional authentication measure (for example, enter a to a mobile device messengers Code). We will inform you about the process applied by us.
Deletion of data upon termination ofIf users of your users have terminated account will be deleted their data with regard to the user account, subject to statutory permission, obligation, or consent of the user.
It is the responsibility of the users to secure their data upon termination before the end of the contract. We are entitled to delete all during the duration of the contract data that is stored by the user permanently.
- Types Of Data Processed: Inventory data (e.g. names, addresses), contact data (e.g. E-Mail, telephone numbers), content data (e.g. entries in online forms), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Provision of contractual services and customer service, security measures, managing and responding to requests.
- Legal basis: Fulfilment of the contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Car code: Service zum Management von Nutzer-Registrierungen und zur Validierung von E-Mail-Adressen; Dienstanbieter: Polybit Inc., Department 2390 30th Ave., San Francisco CA 94116, USA; Webseite: https://autocode.com/; Datenschutzerklärung: https://autocode.com/privacy-policy/; Datenverarbeitungserklärung: https://autocode.com/dpa/
Blogs and publication media
We use Blogs, or other comparable means of online communication and publication (hereinafter referred to as "publication media"). The data of the reader will be processed for the purposes of the publication medium only to the extent that it is for the representation and communication between authors and readers, or for reasons of security required. In addition, we refer to the information on the processing of the visitors to our publication medium in the framework of this privacy policy.
- Types Of Data Processed: Inventory data (e.g. names, addresses), contact data (e.g. E-Mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Provision of contractual services and customer service, Feedback (e.g., Collect Feedback via the Online form).
- Legal basis: Fulfilment of the contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Medium: Hosting platform for Blogs / Websites; service provider: A Medium Corporation, P. O. Box 602, San Francisco, CA 94104-0602, USA; Website: https://medium.com/Privacy statement: https://medium.com/policy/medium-privacy-policy-f03bf92035c9.
Contact
When contacting us (e.g. via contact form, E-Mail, telephone or via social media) will be processed the information in the request to individuals, to the extent necessary to reply to the requests and any requested action is required.
To reply to the contact request in the framework of the contractual or pre-contractual relations for the fulfilment of our contractual obligations or to respond to (pre -) contractual requests, and in Other respects, on the basis of legitimate interests to reply to the requests.
- Types Of Data Processed: Inventory data (e.g. names, addresses), contact data (e.g. E-Mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Communication partner.
- Purposes of the processing: Contact requests and communication.
- Legal basis: Fulfilment of the contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Communication via Messenger
We use for the purposes of communication, Messenger, and therefore ask the following notes for the functionality of the Messenger, for encryption, for the use of the meta-data of the communication, and your options to object to observe.
You can also contact us in alternative Ways, e.g. via phone or E-Mail. Please use the provided contact or within our online offer, contact options specified.
To show in the case of an end-to-end encryption of content (i.e. the content of your message and attachments) that the communication content (i.e., the content of the message, and attached images) of the end will be encrypted to the end. This does not mean that the content of the message is visible, not even the Messenger-provider. You should always use the latest Version of the Messenger with encryption enabled, the encryption of messages is ensured content.
We point our communication partner, however, in addition to the fact that the provider of the Messenger to view the content, but in that and when communication to communicate to partner with us, as well as technical information about the used device of the communication partner, and depending on the settings of your device will also be processed location information (known as metadata).
Notes on legal bases: If we ask for communication partners, the communication with them via Messenger to a permit, the legal basis of our processing of your data is the consent. Moreover, if we are not asking for consent and for example, contact with us, we will use Messenger in relation to our contractual partners, as well as in the context of the Contract as a contractual measure, and, in the case of other interested parties and communication partners on the basis of our legitimate interests in a fast and efficient communication and meeting the needs of our communication partners, the communication via Messenger. Furthermore, we point out that we transmit personal contact data without your consent, for the first time to the Messenger.
Cancellation, opposition and cancellation: You can at any time revoke your consent and object to the communication with us via Messenger at any time. In the case of communication via Messenger, we will delete the messages, in accordance with our deletion policies (i.e., for example, as described above, after the end of the contractual relations, in the context of archiving requirements, etc.) and otherwise, as soon as we can expect to have any information of the communication partners is answered, if no return is to be expected with respect to a previous conversation, and the deletion of no legal storage obligations to the contrary.
Title of the reference to other means of communication: To conclude, we would like to point out that we reserve the right, for reasons of their safety, to answer inquiries via Messenger. This is the case if, for example, the contract of international special require secrecy or a response via Messenger does not meet the formal requirements. In such cases, we refer you to more adequate ways of communication.
- Types Of Data Processed: Contact information (e.g. E-Mail, telephone numbers), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses), content data (e.g. entries in online forms).
- Affected Persons: Communication partner.
- Purposes of the processing: Contact requests and communication, direct marketing (e.g. by E-Mail or by post).
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Facebook Messenger: Facebook Messenger with end-to-end encryption (end-to-end encryption of the Facebook messenger requires an activation, if you should not be enabled by default); service provider: https://www.facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.facebook.comPrivacy statement: https://www.facebook.com/about/privacy; Possibility Of Contradiction (Opt-Out): https://www.facebook.com/settings?tab=ads.
- Slack: Slack Messenger without end-to-end encryption; service provider: Slack Technologies, Inc., 500 Howard Street, San Francisco, CA 94105, USA; Website: https://slack.com/intl/de-de/Privacy statement: https://slack.com/intl/de-de/legal.
- Telegram Broadcast: Telegram Broadcasts Messenger with end-to-end encryption; service provider: Telegram, Dubai Website: https://telegram.org/Privacy statement: https://telegram.org/privacy.
- WhatsApp: WhatsApp Messenger with end-to-end encryption; service provider: WhatsApp Inc. WhatsApp Legal 1601 Willow Road Menlo Park, California 94025, USA; Website: https://www.whatsapp.com/Privacy statement: https://www.whatsapp.com/legal.
Push Messages
With the consent of users, we can send to the users of so-called "Push notifications". These are messages that are displayed on the screens, devices, or browsers of the users, even if our online service is not actively being used.
In order for the Push messages to log in, users must confirm the prompt of your browser or terminal device to the receipt of Push messages. This consent process will be documented and stored. The storage is required to detect whether users have consented to the receipt of Push messages, as well as the consent can prove to be. For these purposes, a pseudonymous identifier of the browser (so-called "Push Token"), or the device ID of a device is stored.
The Push messages can be for the fulfillment of contractual obligations (e.g. for the use of our online offer relevant technical and organizational information) and be otherwise, if the following does not specifically named, on the basis of a consent of the user sent in. Users can change the reception of Push messages at any time by using the notification settings in your Browser, and devices.
Push messages with advertising contentThe sent Push notifications may include promotional information. The promotional Push messages are processed based on the consent of the users. If, in the context of a consent to the receipt of promotional Push messages whose content is specifically described, the descriptions for the consent of the users significantly. Incidentally, our newsletters contain information about our services and us.
Analysis and measurement of success: We Push messages statistically and can detect whether and when the Push message is displayed and clicked on. This information is behavior for the technical improvement of our Push messages on the basis of the technical data or the target groups and their Retrieval or retrieval times used. This analysis also includes the determination of whether the Push messages are opened, when they are opened, and whether users with its content, or switching to interact surfaces inter. This information can be assigned for technical reasons, the individual Push messages to the recipients. It is neither our intention is, however, if used, to observe the Push-messages-service provider of individual users. The evaluations serve us, rather, to recognize the usage habits of our users and our Push messages to adapt them or to send different Push-messages according to the interests of our users.
The evaluation of the Push messages and the success is to be measured, on the basis of an Express consent of the user, which is done with the consent to receive the Push messages. Users can object to the analysis and measurement of performance in which you opt out of receiving Push messages. A separate revocation of the analysis and performance measurement is unfortunately not possible.
- Types Of Data Processed: Usage data (e.g. websites visited, interest in content, access times).
- Purposes of the processing: Provision of contractual services and customer service, direct marketing (e.g. by E-Mail or post), range measurement (e.g. access statistics, recognition of returning visitors).
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), performance of contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO).
Used services and service providers:
- Firebase: Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://firebase.google.comPrivacy statement: https://policies.google.com/privacy.
Video conferencing, online meetings, webinars, and screen sharing
We use platforms and applications from other providers (hereinafter referred to as the "conference platforms") for purposes related to the implementation of Video - and Audio-conferences, webinars and other types of Video and Audio Meetings (hereinafter referred to as "the conference"). In the selection of the conference platforms and services, we comply with the legal requirements.
By conference platforms of data processed: In the framework of the participation in a conference, the conference platforms to process the Following personal data of the participants. The scope of the processing depends on what data are required in the context of a specific conference (for example, giving access data or real name) and which optional information provided by participants will be made. In addition to the processing for the implementation of the conference, can be processed by the data of the participants through the conference platforms, also for security purposes or improvement in service. Among the processed data to the Person (first name, last name), contact information (E-Mail address, phone number), access data (access codes or passwords), profile images, information on the occupational position/function, the IP address of the Internet access information to the mobile devices of the participants, their operating system, the Browser and its technical and linguistic settings, information about the content of the communication process, i.e., entries in chat as well as Audio and video data, as well as the use of other available functions (e.g., surveys). The contents of the communications are encrypted by the conference provider of technically provided scope. If the participants are registered for the conference platforms, as a user, then additional data in accordance with the agreement with the conferencing provider may be processed.
Logging and recording: If text input, participation results (e.g., surveys), and Video or audio recordings are logged in, this will be communicated to the participants in advance in a transparent and you will be asked the extent necessary, with a view to approval.
Data protection measures of the participants: Please note the Details of the processing of your data by the conference platforms, their privacy notices and select in the context of the settings of the conference platforms, the optimal security and privacy settings. Please ensure that for the duration of a video conference for the data and the protection of privacy in the Background of your recording (e.g., by information on roommate, Completing doors and use, insofar as this is technically possible, the function to the blurring of the background). Links to the conference rooms, as well as access data shall not be available to unauthorized third parties.
Notes on legal bases: If next to the conference platforms, we process the data of the user and the user's consent to the use of the conference platforms or certain features ask (for example, consent to a recording of conferences), the legal basis of the processing of this consent. Further, our processing for the fulfilment of our contractual obligations lists may be required (e.g., in the participants, in the case of the processing of interview results, etc.). In all Other respects, the data of the users are processed on the basis of our legitimate interests in an efficient and safe communication with our communication partners.
- Types Of Data Processed: Inventory data (e.g. names, addresses), contact data (e.g. E-Mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Communication partners, users (e.g. website visitors, users of online services).
- Purposes of the processing: Provision of contractual services and customer service, contact requests and communication, office and organizational procedures.
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), performance of contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Google Hangouts / Meet: Messenger and conference Software; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://hangouts.google.com/Privacy statement: https://policies.google.com/privacy.
- Skype: Messenger and conference Software; service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; Website: https://www.skype.com/de/Privacy statement: https://privacy.microsoft.com/de-de/privacystatementSafety notes: https://www.microsoft.com/de-de/trustcenter.
- Slack: Messenger and conference Software; service provider: Slack Technologies, Inc., 500 Howard Street, San Francisco, CA 94105, USA; Website: https://slack.com/intl/de-de/Privacy statement: https://slack.com/intl/de-de/legal.
- Whereby: Video conferencing, web conferencing and webinars; service provider: Video Communication Services AS, Gate 1 no. 101, 6700 Måløy, Norway; Website: https://whereby.com/Privacy statement: https://whereby.com/information/tos/privacy-policy/; Standard contractual clauses (guarantee level of data protection when processing in third countries): as part of the terms and conditions part of the contractual relationship.
- Zoom: Video conferencing, web conferencing and webinars; service provider: Zoom Video Communications, Inc., 55 Almaden Blvd., Suite 600, San Jose, CA 95113, USA; Website: https://zoom.usPrivacy statement: https://zoom.us/docs/de-de/privacy-and-legal.html; Standard contractual clauses (guarantee level of data protection when processing in third countries): https://zoom.us/docs/de-de/privacy-and-legal.html (Referred to as the global DPA).
Music and Podcasts
We use Hosting and analysis offerings of a service provider to our Audio content to Listen to or to Download, and statistical information for retrieval of Audio content.
- Types Of Data Processed: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Range measurement (e.g. access statistics, recognition of returning visitors), conversion measurement (measurement of the effectiveness of marketing measures), Profiles with user-related information (creation of user profiles).
Used services and service providers:
- Soundcloud: Soundcloud – Music Hosting; Service Provider: SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany; Website: https://soundcloud.comPrivacy statement: https://soundcloud.com/pages/privacy.
- Spotify: Spotify – music hosting and Widget; service provider: Spotify AB Regeringsgatan 19, SE-111 53 Stockholm, Sweden; Website: https://www.spotify.com/dePrivacy statement: https://www.spotify.com/de/legal/privacy-policy/.
Application procedure
The application process requires applicants to provide us with the assessment and selection of the required data. What information is required, it follows from the description, or in the case of online forms from the information therein.
In principle, the information about the Person, such as Name, address, contact information, as well as the evidence for a point of necessary qualifications include the necessary information. On requests we inform in addition, what information is needed.
If available, you can provide us with candidates submit their applications via an online form. The data will be transferred according to the state-of-the-art encrypted to us. Also, applicants can send us their applications via E-Mail. Please note, however, that E-Mails on the Internet are generally not sent in encrypted form. Normally messages are encrypted while in transit, but not on the servers of which you receive and will be sent out. We can therefore assume for the Transmission of the application between the sender and the reception on our Server and no responsibility.
For the purposes of searching for applicants, submission of applications and selection of candidates, we can take into account the statutory requirements, applicant management, and Recruitment Software and platforms, and services from third parties.
Candidates can contact us on the nature of the filing of the application or us the application by post-send it.
Processing of special categories of data: To the extent that, in the context of the application process special categories of personal data within the meaning of article 9 Para. 1 DSGVO (e.g. health data, such as the severely disabled feature or ethnic origin) in the case of applicants will be requested so that the person in charge or the Person concerned to exercise him or her from the labour law and the law of social security and social protection, rights and obligations under, and its and their respective duties, is carried out the processing according to article 9, Para. 2 lit. b. DSGVO, life in the case of the protection of the vital interests of the applicant or other persons pursuant to art. Art. 9 Abs. 2 lit. C. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the working capacity of the employee, for medical diagnosis, for the care or treatment in a health or social care or for the management of systems and services in the health or social gem. Art. 9 Abs. 2 lit. h. DSGVO. In the case of a voluntary consent, based notification of special categories of data the processing of which is carried out on the basis of article 9, Para. 2 lit. a. DSGVO.
Deletion of data: The applicants provided data may in the case of a successful application for the purposes of the employment relationship one of us can be further processed. Otherwise, if the application is for a job successfully, the data will be deleted by the applicant. The data of the applicant will also be deleted if an application is withdrawn, which the applicants are entitled at any time. The deletion occurs, subject to a justified revocation of the applicant, at the latest after the expiry of a period of six months, so we can answer any follow-up questions to the application and our proof to fulfil obligations arising from the provisions on equal treatment of applicants. Invoices for any reimbursement of travel expenses are archived in accordance with tax law requirements.
Inclusion in the applicant pool: The inclusion in a Pool of applicants, if offered, on the basis of a consent. The applicants are informed that their consent to the inclusion in the talent pool is voluntary, has no influence on the current application process, and you may revoke your consent at any time for the future.
- Types Of Data Processed: Candidate data (e.g., information about the Person, Postal and contact addresses and the documents for the application belonging and the information contained therein, such as cover Letter, CV, certificates, and more in terms of a specific job or volunteer applicants notified information to the Person or qualification).
- Affected Persons: Applicants.
- Purposes of the processing: Application procedure (statement of reasons and any subsequent implementation as well as possible subsequent to the termination of the employment relationship).
- Legal basis: The application procedure as a pre-contractual or contractual relationship (art. 9, Para. 2 lit. b DSGVO).
Used services and service providers:
- LinkedIn Recruiter: Recruiting platform, and services; service provider: https://www.linkedin.comLinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.comPrivacy statement: https://www.linkedin.com/legal/privacy-policy.
- Xing: Service provider: XING AG, dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.comPrivacy statement: https://privacy.xing.com/de/datenschutzerklaerung.
Cloud Services
We use accessible via the Internet and on the servers of your provider or software services (so-called "Cloud services", also referred to as "Software-as-a-Service") for the following purposes: document storage and management, calendar management, E-Mail, spreadsheets, and presentations, exchange of documents, content and information with specific recipients or publication, web pages, forms, or other content and information as well as Chats and participate in Audio - and video conferences.
In this context, personal data may be processed and on the servers of the provider, as far as this part of the communication transactions with us or from us, such as in the context of this privacy policy will be processed. The data can include, in particular master data and contact details of the users, the data include transactions, contracts, and other processes and their contents. The provider of the Cloud services process further use of data and meta-data used by them for security purposes and for service improvement.
If we provide you with the help of the Cloud services for other users, or publicly-accessible websites, forms, documents and content, can save the party Cookies on the devices of the users for the purposes of web Analytics, or to the settings of the user (e.g., in the case of the media control),.
Notes on legal bases: If we ask for a consent to the use of the Cloud services, the legal basis of the processing is the consent. Furthermore, their use may be a part of our (pre)contractual services, provided that the use of the Cloud, it was agreed services in this context. Otherwise, the users ' data is processed on the basis of our legitimate interests (i.e. interest in the efficient and safe management and collaboration processes)
- Types Of Data Processed: Inventory data (e.g. names, addresses), contact data (e.g. E-Mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Customers, Employees (e.g., employees, applicants, former employees), prospective customers, communication partners.
- Purposes of the processing: Office and organization procedures.
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), performance of contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Dropbox: Cloud Storage Services; Service Providers: Dropbox, Inc., 333 Brannan Street, San Francisco, California 94107, USA; Website: https://www.dropbox.com/dePrivacy statement: https://www.dropbox.com/privacy; Standard contractual clauses (guarantee level of data protection when processing in third countries): https://www.dropbox.com/terms/business-agreement-2016.
- Google Cloud Services: Cloud storage services; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://cloud.google.com/Privacy statement: https://www.google.com/policies/privacySafety notes: https://cloud.google.com/security/privacy; Standard contractual clauses (guarantee level of data protection when processing in third countries): https://cloud.google.com/terms/data-processing-terms; https://cloud.google.com/terms/data-processing-terms.
- Microsoft Cloud Services: Cloud storage services; service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA; Website: https://microsoft.com/de-dePrivacy statement: https://privacy.microsoft.com/de-de/privacystatementSafety notes: https://www.microsoft.com/de-de/trustcenter.
Newsletter and electronic notifications
We send newsletters, E-Mails and further electronic notifications (hereinafter referred to as "Newsletter") only with the consent of the recipients or a legal permission. Provided that, in the context of a registration for the Newsletter, whose contents are concretely described, they are for the consent of the users significantly. Incidentally, our newsletters contain information about our services and us.
To opt-in to our newsletter, it is sufficient in principle, if you specify your E-Mail address. We can, however, ask you to make a name, for the purpose of personal address in the Newsletter, or other information, unless they are for the purpose of the newsletter is required.
The Double-Opt-In Procedure: The registration to our Newsletter takes place in a so-called Double-Opt-In procedure. That is, you received after the registration, an E-Mail to confirm your registration asked. This confirmation is necessary so that nobody can register with strangers E-Mail addresses. The registrations for the Newsletter are logged in order to be able to sign-in process according to the legal requirements to prove. For this purpose, the storage of the login and confirmation time as well as the IP address. Similarly, the Changes of the shipping service provider stored data is logged.
Cancellation and limitation of processing: We can use the term E-Mail addresses of up to three years on the basis of our legitimate interests before we delete them to be able to a previously given consent prove. The processing of these data is limited to the purpose of a possible defence against claims. An individual application for cancellation is possible at any time, provided that at the same time the former Existence of a consent is confirmed. In the case of obligations for the permanent attention of discrepancies we reserve the right to store the E-Mail address for this purpose in a revocation list (so-called "Blocklist").
The logging of the registration process is carried out on the basis of our legitimate interests for the purposes of the proof to its proper performance. As far as we mail appoint a service provider with sending E -, this is done on the basis of our legitimate interests in an efficient and safe delivery system.
Notes on legal bases: The dispatch of the Newsletter takes place on the basis of a consent of the recipients, or, if consent is not required, on the basis of our legitimate interests, direct marketing, if and to the extent the law allows, for example, in the case of existing customers, the advertising,. If we engage a service provider with the ability to send E-Mails, this is done on the basis of our legitimate interests. The registration procedure is recorded on the basis of our legitimate interests, in order to prove that it was carried out in Accordance with the law.
Content: information about us and our services, promotions and offers, innovations in relation to our App, as well as references to articles, and other content created by us or our partners and, for example, via our App or on our website can be accessed.
The measurement of the Opening and click-through ratesThe newsletters contain a so-called "web-beacon", i.e. a pixel-sized file that is retrieved when Opening the newsletter from our Server, or, if we use a delivery service from the Server. As part of this retrieval, technical information is collected, such as information about the Browser and your System, as well as your IP address and time of retrieval,.
This information is used for technical improvement of our newsletter on the basis of the technical data or the target groups and their reading behaviour based on their retrieval locations (which are using the IP address can be determined) or the access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which Links are clicked. This information will be assigned to the individual newsletter recipients and their profiles up to the deletion of saved. The evaluations help us recognize the reading habits of our users and our content and to adapt them or to send different contents according to the interests of our users.
The measurement of the open rates and click-through rates, as well as storing the measurement results in the profiles of the users, as well as their further processing is carried out on the basis of a consent of the user.
A separate revocation of the performance measurement is unfortunately not possible, in this case the entire newsletter must have terminated the subscription, and it must be objected to. In this case, the profile is stored information will be deleted.
- Types Of Data Processed: Inventory data (e.g. names, addresses), contact data (e.g. E-Mail, telephone numbers), Meta/communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times).
- Affected Persons: Communication partner.
- Purposes of the processing: Direct marketing (e.g. by E-Mail or by post).
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
- Objection Option (Opt-Out): You can terminate the receipt of our newsletter at any time your consent is revoked, and the other receiving contradict. A Link to cancel the newsletter can be found either at the end of every newsletter or otherwise use any of the above contact methods, preferable E-Mail, to do so.
Used services and service providers:
Mailchimp: E-Mail Marketing platform; service provider: "Mailchimp" – Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA; Website: https://mailchimp.comPrivacy statement: https://mailchimp.com/legal/privacy/; Standard contractual clauses as the basis of the processing in the United States: https://mailchimp.com/legal/data-processing-addendum/; special security measures: https://mailchimp.com/help/Mailchimp-european-data-transfers/.
Promotional communications via E-Mail, Post, Fax, or phone
We process personal data for the purposes of commercial communication, such as E-Mail, telephone, Postal mail or Fax, can be done through various channels, such as in accordance with legal requirements.
The receiver shall have the right, granted to revoke the consent at any time, or to speak of promotional communications at any time.
After the revocation and contradiction, we can save the proof of the consent of the required data for up to three years on the basis of our legitimate interests before we delete them. The processing of these data is limited to the purpose of a possible defence against claims. An individual application for cancellation is possible at any time, provided that at the same time the former Existence of a consent is confirmed.
- Types Of Data Processed: Inventory data (e.g. names, addresses), contact data (e.g. E-Mail, telephone numbers).
- Affected Persons: Communication partner.
- Purposes of the processing: Direct marketing (e.g. by E-Mail or by post).
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Polls and surveys
We conducted surveys and interviews (hereinafter referred to as "surveys") will be evaluated anonymously. The processing of personal data takes place only insofar as this is about deployment and technical implementation of the surveys required (e.g., the processing of IP-address to the survey to display in the Browser of the user, or to allow using a temporary Cookies (Session-Cookie) is a re-recording of the survey), or the users have consented to it.
Notes on legal bases: If we ask the participants to consent to the processing of your data, the legal basis of the processing, otherwise the processing of the data of the participants on the basis of our legitimate interests is carried out in the implementation of an objective survey.
- Types Of Data Processed: Contact information (e.g. E-Mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Communication partners, users (e.g. website visitors, users of online services).
- Purposes of the processing: Contact requests and communication, direct marketing (e.g. by E-Mail or post), surveys, and questionnaires (e.g., surveys, input options, Multiple-Choice questions), Feedback (e.g., Collect Feedback via the Online form).
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Google Form: Google-Cloud-forms; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://firebase.google.comPrivacy statement: https://policies.google.com/privacy; Possibility Of Contradiction (Opt-Out): Opt-Out-Plugin: https://tools.google.com/dlpage/gaoptout?hl=deSettings for the display of advertisements: https://adssettings.google.com/authenticated.
- LimeSurvey: LimeSurvey Survey Services; Service Provider: LimeSurvey GmbH Survey Services & Consulting, Papenreye 63, 22453 Hamburg, Germany; Website: https://www.limesurvey.org/dePrivacy statement: https://www.limesurvey.org/de/richtlinien/datenschutzrichtlinie.
Web Analytics, Monitoring, and optimization
The web Analytics (also known as the "audience measurement" means) is used for the analysis of the visitor flows of our online offer and behaviour, interests or demographic information to the visitors, such as include the age or gender, as a pseudonymous values. With the help of range analysis, we can detect, for example, to be used at which time our online offer, or whose functions or content go to most often, or for re-use invite. Similarly, we can see which areas of optimization is required.
In addition to web Analytics, we can also use the test procedure to test different versions of our online offer or that of its components, and optimize.
For these purposes, so-called user profiles are created and saved in a file (so-called "Cookie"), or similar procedure, with the same purpose will be saved. To these data, for example, considered include content, websites visited, and there used elements and technical details, such as the Browser used, the computer system used and information on use of time. If users have consented to the collection of their location data, depending on the provider, these will be processed.
It is also the IP addresses are stored to the user. However, we use an IP-Masking procedure (i.e., use of Pseudonyms by shortening the IP-address) in order to protect the user. Generally speaking, it is stored in the context of web Analytics, A/B testing and optimization, there is no clear data of the user (such as E-Mail addresses or names), but pseudonyms. This means that we as the provider of the used Software does not know the actual identity of the user, but only for the purposes of the respective procedure in the profiles stored information.
Notes on legal bases: If we ask users for their consent to the use of the third party, the legal basis of the processing of data is the consent. Otherwise, the users ' data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and receiver-friendly services). In this context, we would like to point out to you on the information to our use of Cookies in this privacy policy.
- Types Of Data Processed: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Range measurement (e.g. access statistics, recognition of returning visitors), Profiles with user-related information (creation of user profiles), click tracking, A/B testing, Feedback (e.g., Collect Feedback via the Online form), heat maps (mouse movements on the part of the users, which are combined to form an overall picture.), Surveys and questionnaires (e.g., surveys, input options, Multiple-Choice questions), and Marketing.
- Safety measures: IP-Masking (Pseudonymization of the IP address).
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Firebase: Google Firebase is a platform for developers of applications ("Apps") for mobile devices and websites. Google Firebase offers a variety of functions for the Testing of Apps, the Monitoring of their ability to function and their optimization (which will be shown on the overview page: https://firebase.google.com/products). The features include, among other things, the storage of Apps, including any personal data of the application users, such as for example, you create content or information concerning your interaction with the Apps (so-called "Cloud Computing"). Google Firebase also offers interfaces that allow interaction between users of the App and other services, for example, the authentication services such as Facebook, Twitter or by E-Mail and password combination. ; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://firebase.google.comPrivacy statement: https://policies.google.com/privacy.
- Google Analytics: Audience measurement and web Analytics; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://marketingplatform.google.com/intl/de/about/analytics/Privacy statement: https://policies.google.com/privacy.
- Google Tag Manager: Google Tag Manager is a solution that we so-called site-manage Tags and other services in our online offer can include (please refer to additional information in this privacy policy). The Tag Manager itself (which implements the Tags) will be produced, for example, no Profiles of the users or the Cookies stored. Google learns the IP address of the user, which is necessary to the Google Tag Manager to carry out. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://marketingplatform.google.comPrivacy statement: https://policies.google.com/privacy.
- Hotjar: Testing and optimization; service provider: Hotjar Ltd., 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta ; Website: https://www.hotjar.comPrivacy statement: https://www.hotjar.com/legal/policies/privacy. Cookie Policy: https://www.hotjar.com/legal/policies/cookie-information; Deletion of data: The Cookies, the uses Hotjar, have a different "life"; some stay for up to 365 days, some only during the current visit to be valid; possibility of contradiction (Opt-Out): https://www.hotjar.com/legal/compliance/opt-out.
- Mixpanel: A variety of tools, including machine Learning-based tools that are used in the analysis of user behaviour, the development and improvement of services, applications and websites, user-friendliness, providing contractual services, the support of the customers and the communication with the client and web Analytics. Service Provider: Mixpanel, Inc., 405 Howard Street, Floor 2, San Francisco, CA 94105, USA; Website: https://mixpanel.com/Privacy statement: https://mixpanel.com/legal/privacy-policy; Possibility Of Contradiction (Opt-Out): https://mixpanel.com/legal/privacy-overview.
Online Marketing
We can handle-fall personal data for the purposes of online marketing, including in particular the marketing of advertising space or presentation of advertising and other content (collectively, "content"), with reference to potential interests of the users, as well as the measurement of their effectiveness.
For these purposes, so-called user profiles are created and saved in a file (so-called "Cookie") is stored as or similar to methods used are stored, by means of which the for the presentation of the above content information relevant to the user. To these data, for example, looked at the content of visited web sites, used online networks, but also communication partners and technical information such as the Browser used, the computer system used and information on use are included. If users have consented to the collection of your location data may also be processed.
It is also the IP addresses are stored to the user. However, we use available IP-Masking procedure (i.e., use of Pseudonyms by shortening the IP-address) in order to protect the user. We generally process within the framework of the online marketing is no clear data of the user (such as E-Mail addresses or names) will be stored but pseudonyms. That is, we don't know the provider of the online marketing method, the actual identity of the users, but only in their profiles stored information.
The information contained in the profiles are stored in Cookies or other similar methods. These Cookies may later be used generally, to other websites in the same online marketing procedures, read and analysed for the purposes of the presentation of content as well as supplemented with additional data and on the Server of the online marketing method provider will be saved.
Exceptionally clear data can be assigned to the profiles. This is the case if the users are, for example, members of a social network, the online marketing we use and the network connects to the Profiles of the users with the information referred to above. We kindly ask you to note that users can make with the providers of the additional agreements, for example, by consent, in the context of the registration.
We obtain, in principle, only have access to aggregate information about the success of our ads. However, we can examine in the context of so-called conversion measurements, which of our online marketing methods have led to a so-called conversion, i.e. to conclude a contract with us. The conversion measurement is used to analyse the success of our marketing measures.
Unless otherwise specified, please, we assume you that Cookies be stored for a period of two years.
Notes on legal bases: If we ask users for their consent to the use of the third party, the legal basis of the processing of data is the consent. Otherwise, the users ' data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and receiver-friendly services). In this context, we would like to point out to you on the information to our use of Cookies in this privacy policy.
- Types Of Data Processed: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Marketing Profiles with user-related information (creation of user profiles), conversion measurement (measurement of the effectiveness of marketing measures).
- Safety measures: IP-Masking (Pseudonymization of the IP address).
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
- Objection Option (Opt-Out): We refer to the data privacy information of the respective providers, and the providers specified Objections (so-called "Opt-Out"). If no explicit Opt-Out option has been specified, there is the possibility that you turn off Cookies in your browser settings. This, however, can be functions of our online offer is limited. We therefore recommend, in addition, the following Opt-Out opportunities, which are collectively offered on specific areas addressed:a) Europe: https://www.youronlinechoices.eu. b) Canada: https://www.youradchoices.ca/choices. c) USA: https://www.aboutads.info/choices. d) area across: https://optout.aboutads.info.
Used services and service providers:
- Google Analytics: Online marketing and web Analytics; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://marketingplatform.google.com/intl/de/about/analytics/Privacy statement: https://policies.google.com/privacy; Possibility Of Contradiction (Opt-Out): Opt-Out-Plugin: https://tools.google.com/dlpage/gaoptout?hl=deSettings for the display of advertisements: https://adssettings.google.com/authenticated.
- Google Ads and conversion measurement: We use the online marketing process "Google Ads", to display Ads on the Google advertising to place the network (e.g., in search results, in Videos, on websites, etc.), so that they are visible to users who have a suspected interest in the Ads. Furthermore, we measure the conversion of the Display. We know, however, only the anonymous total number of users that have clicked on our ad and were forwarded to a so-called "Conversion Tracking" page provided were. We do not receive any information with which users can be identified. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://marketingplatform.google.comPrivacy statement: https://policies.google.com/privacy.
- Pipedrive: Cloud-based Software for the organization and optimization of our customer and partner relationships, as well as to manage incoming E-Mails and requests for information; service provider: Pipedrive OÜ, Paldiski mnt 80, Tallinn, 10617, Estonia; Website: https://www.pipedrive.com/dePrivacy statement: https://www.pipedrive.com/de/privacy.
Affiliate programs and Affiliate Links
n our online offer, we use so-called Affiliate a tie-include Links or other references (which, for example, search screens, Widgets or discount Codes can) on the products and services of third parties (collectively referred to as "Affiliate Links"). If users follow the Affiliate Links and then take up offers, we can obtain from these third-party Commission or other benefits (collectively referred to as the "Commission").
To be able to track whether the users have perceived the offers of used Affiliate Links, it is necessary that the respective third-party provider know that the user followed a within our online offer used Affiliate Link. The assignment of the Affiliate Links to the respective business transactions or other actions (e.g., purchases) is solely for the purpose of accounting of commissions and will not be revoked once it is required for the purpose.
For the purposes of the foregoing assignment of the Affiliate Links, the Affiliate can be added to the left of certain values, which are a component of the link or otherwise, e.g. in a Cookie can be stored. The values, in particular the initial website (Referrer), the time a Online identifier of the operator of the website on which the Affiliate Link was located, an Online identification of the respective offer, the type of Links that are used, the type of offer and an Online identification of the user.
Notes on legal bases: If we ask users for their consent to the use of the third party, the legal basis of the processing of data is the consent. Furthermore, their use may be a part of our (pre)contractual services, provided that the use of the third-party, it was agreed in this context. Otherwise, the users ' data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and receiver-friendly services). In this context, we would like to point out to you on the information to our use of Cookies in this privacy policy.
- Types Of Data Processed: Contract data (e.g. subject matter of the contract, duration, customer category), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Affiliate Tracking.
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), performance of contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Presence in social networks (Social Media)
We maintain online presences within social networks and processed in this context, data of the user in order to communicate with active users, or information about us can offer.
We point out that data of the users outside the area of the European Union can be processed. This may result to the users of the risks, because, for example, could be made more difficult the enforcement of the rights of the users.
Furthermore, the data of the users within social networks for market research and promotional purposes. So, for example, can on the basis of user behavior and the resulting interests of the users, user profiles inferred to be created. The usage profiles can in turn be used to show both within and outside of the ad networks, which may correspond presumably to the interests of the user. For these purposes, stored in a rule, Cookies on the computers of the users, in which the user behavior and the interests of the users are stored. Further, in the use of data profiles are saved regardless of the users used devices (in particular if the users are members of the respective platforms and these are logged in).
For a detailed description of the respective Processing and the options to object (Opt-Out), we refer to the privacy statements and information provided by the operator of the respective networks.
Also, in the case of requests for information and the assertion of rights, we point out that these can be effectively made in the vendors claim. Only the providers have access to the data of the users and can directly take appropriate measures and information. If you still need help, then you can contact us.
FacebookWe are together with Facebook Ireland Ltd. for the collection (but not the further processing) of the data of visitors to our Facebook page (so-called "fan page") is responsible. These data include information on the types of content that users will see or interact with, or the actions performed (see below under "From you and the others made and provided things" in the Facebook data policy: https://www.facebook.com/policy), as well as information on the users devices (e.g., IP addresses, operating system, browser type, language settings, Cookie-data; see under "device info" in the Facebook data policy-statement: https://www.facebook.com/policy). As in the Facebook data policy under "How we use this information?" explains, collects and uses Facebook information, analysis services, so-called "page Insights", for site operators to deliver these insights about how people with their pages and associated content interact. We have concluded with Facebook, a special agreement ("information about page Insights", https://www.facebook.com/legal/terms/page_controller_addendum), in particular, is regulated, what security is necessary to observe measures of Facebook and the Facebook ready has to fulfill explains the rights of the data subject (i.e., users can address, for example, information or deletion requests directly to Facebook). The rights of users (and in particular the right to information, cancellation, opposition and complaint with the competent Supervisory authority), is not to be limited by the agreements with Facebook. Additional information may be found in the "information about page Insights" (https://www.facebook.com/legal/terms/information_about_page_insights_data).
- Types Of Data Processed: Contact information (e.g. E-Mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Contact requests and communication, Feedback (e.g., Collect Feedback via the Online form), and Marketing.
- Legal basis: Legitimate Interests (Art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- Clubhouse: Social network with the audio chat feature; details of provider: exclusively to support the investigation of incidents Clubhouse records temporarily set the tone in a Chat room, while the room is active and then, if a user reports a confidence - and security breach, while the space is active, until the investigation is completed; Audio from muted the speakers and the listeners will never recorded, and all of the temporary audio recordings are encrypted; the Clubhouse processed personal data may be processed for marketing purposes or disclosed to third parties; service provider: Alpha Exploration co., Inc.; Website: https://www.joinclubhouse.com/Privacy statement: https://privacy.joinclubhouse.com/.
- Instagram: Social Network; Service Provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.instagram.comPrivacy statement: https://instagram.com/about/legal/privacy.
- Facebook: Social network; service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.facebook.comPrivacy statement: https://www.facebook.com/about/privacy; Possibility of contradiction (Opt-Out): ad preferences: https://www.facebook.com/settings?tab=ads.
- LinkedIn: Social Network; Service Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.comPrivacy statement: https://www.linkedin.com/legal/privacy-policy; Possibility Of Contradiction (Opt-Out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
- Twitter: Social network; service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, parent company: Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; data protection Declaration: https://twitter.com/de/privacy, (Settings) https://twitter.com/personalization.
- YouTube: Social network and video platform; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; privacy policy: https://policies.google.com/privacy; Possibility Of Contradiction (Opt-Out): https://adssettings.google.com/authenticated.
- Xing: Social network; service provider: XING AG, dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.dePrivacy statement: https://privacy.xing.com/de/datenschutzerklaerung.
Plugins and embedded functions and content
We tie in our online offer function and content elements, which are obtained from the servers of their respective providers (hereinafter referred to as "third-party"). This can be, for example, graphics, Videos, or maps of the city (hereinafter jointly referred to as the "content").
The integration always presupposes that the third-party provider of this content, and process the IP address of the users, since they could not send the IP address of the content to their Browser. The IP address for the presentation of this content or functions required. We endeavor to use only content whose respective providers use the IP address only for distributing the content. Third-party providers may also use so-called Pixel Tags (invisible graphics, also known as "Web Beacons") for statistical or marketing purposes. The "Pixel Tags" information, such as visitor traffic on the pages of this website, is evaluated. The pseudonymous information may also be Cookies on the device of the user is stored and, among other things, technical information about the Browser and operating system, referral websites, visiting time as well as further information on use of our online offer included with such information from other sources to be connected.
Notes on legal bases: If we ask users for their consent to the use of the third party, the legal basis of the processing of data is the consent. Otherwise, the users ' data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and receiver-friendly services). In this context, we would like to point out to you on the information to our use of Cookies in this privacy policy.
- Types Of Data Processed: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Users (e.g. website visitors, users of online services).
- Purposes of the processing: Provision of our online offer and user-friendliness, the provision of the contractual services and customer service.
- Legal basis: Legitimate Interests (Art. 6, Para. 1 S. 1 lit. f. DSGVO), consent (art. 6, Para. 1 S. 1 lit. a. DSGVO).
Used services and service providers:
- Google Fonts: We integrate the fonts ("Google Fonts") of the provider Google, wherein the data of the user is used solely for the purposes of the representation of the font in the Browser of the user. The integration is carried out on the basis of our legitimate interests in a technically safe, maintenance-free and efficient use of fonts, their uniform appearance, as well as taking into account possible license legal restrictions for their integration. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://fonts.google.com/Privacy statement: https://policies.google.com/privacy.
- reCAPTCHA: We bind the function of "reCAPTCHA" is to be able to recognize whether the inputs (for example to be made in online forms) of people, and not automatically operating machines (so-called "Bots"). The processed data, IP addresses, operating systems, devices, or browsers, language settings, location, mouse movements, keystrokes, time spent on pages previously visited web sites, interactions with the ReCaptcha on other web sites may use "Cookies" as well as the results of manual detection procedures (e.g., Answer questions, or a selection of objects in images, etc.). Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://www.google.com/recaptcha/Privacy statement: https://policies.google.com/privacy; Possibility Of Contradiction (Opt-Out): Opt-Out-Plugin: https://tools.google.com/dlpage/gaoptout?hl=deSettings for the display of advertisements: https://adssettings.google.com/authenticated.
- Soundcloud Music Player Widget: Soundcloud Music Player Widget; Service Provider: SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany; Website: https://soundcloud.comPrivacy statement: https://soundcloud.com/pages/privacy.
The Management, organization and tools
We use the services, platforms, and Software from other providers (hereinafter referred to as "third-party") for the purposes of the organization, management, planning, and the provision of our services. In the selection of the third-party providers and their services, we comply with the legal requirements.
In this context, personal data may be processed and on the servers of the third-party provider. This data can be affected, which we process in accordance with this privacy statement. The data can include, in particular master data and contact details of the users, the data include transactions, contracts, and other processes and their contents.
If a user in the context of the communication, of business or other relations are referred to us on the third-party or that the Software or platforms, to be able to process the third-party use of data and meta-data for security purposes, the service optimization or marketing purposes. We ask, therefore, to refer to the privacy notices of the respective third-party provider.
Notes on legal bases: If we ask users for their consent to the use of the third party, the legal basis of the processing of data is the consent. Furthermore, their use may be a part of our (pre)contractual services, provided that the use of the third-party, it was agreed in this context. Otherwise, the users ' data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and receiver-friendly services). In this context, we would like to point out to you on the information to our use of Cookies in this privacy policy.
- Types Of Data Processed: Inventory data (e.g. names, addresses), contact data (e.g. E-Mail, telephone numbers), content data (e.g. entries in online forms), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Affected Persons: Communication partners, users (e.g. website visitors, users of online services).
- Purposes of the processing: Office and organization procedures.
- Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), performance of contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).
Used services and service providers:
- calendly: Online scheduling; service provider: Calendly LLC., 271 17th St NW, Ste 1000, Atlanta, GA, 30363, USA; Website: https://calendly.com/dePrivacy statement: https://calendly.com/pages/privacy.
- Doodle: Online scheduling; service provider: Doodle AG, Werdstrasse 21, Postfach, 8021 Zürich, Switzerland; Website: https://doodle.com/dePrivacy statement: https://doodle.com/de/datenschutzrichtlinie.
- Miro: Online Whiteboard and collaboration platform; service provider: real-time Board Inc. dba Miro, 201 Spear Street Suite 1100, San Francisco, California, 94105, USA; Website: https://miro.com/Privacy statement: https://miro.com/legal/privacy-policy/.
- Trello: Project Management Tool; Service Provider: Trello, Inc., 55 Broadway New York, NY 10006, USA, parent company: Atlassian Inc. (San Francisco, Harrison Street Location), 1098 Harrison Street, San Francisco, California 94103, USA; Website: https://trello.com/Privacy statement: https://trello.com/privacy.
Deletion of data
The processed data will be deleted in accordance with statutory requirements, as soon as their processing is allowed consent will be revoked or other permits may be omitted (e.g., if the purpose of the processing of this data is omitted or they are not required for the purpose).
If the data are not deleted because they are required for other and legally permissible purposes, is limited to the processing for these purposes. I.e., the blocking of the data and not for other purposes. This applies, for example for data that must be retained for commercial or tax reasons, or their storage for the assertion, exercise or defence of legal claims or for the protection of rights of another natural or legal Person is required.
In the context of our privacy policy, we may notify the users for more information about the deletion, as well as to the storage of data, which are specific for the respective processing.
Amendments and updates to this privacy statement
We ask you to inform yourself regularly about the contents of our privacy policy. We adapt the privacy policy as soon as the Changes of the data processing operations carried out this necessary. We will inform you as soon as by the Changes in an act of Cooperation on their part (e.g. consent) or other individual notification is required.
Unless we specify in this privacy statement addresses and contact information of the enterprises and organizations, please note that the addresses may change over time, and ask for the details, please contact to check.
Rights of persons concerned
You have various rights as a data subject according to the DSGVO, which arise in particular from art. from 15 to 21 DSGVO:
- Right to object: you have the right for reasons arising from your particular Situation, at any time, to the processing of personal data relating to them, on the basis of article 6 Para. 1 lit. e or f DSGVO takes to submit an objection; this also applies to a rules-based Profiling. The personal data shall be processed in order to operate direct advertising, you have the right to at any time object to the processing of personal data concerning them for the purpose of appeal of such advertising; this also applies to Profiling, insofar as it relates to such direct advertising.
- Right of revocation in case of consent: You have the right to withdraw consent at any time.
- Right to information: You have the right to request confirmation as to whether data to be processed and to request information about these data as well as further information and a copy of the data in accordance with legal requirements.
- Right to rectification: They have, in accordance with the statutory requirements, the right to request the completion of data concerning you or the rectification of the inaccurate data.
- Right to Erasure and to restriction of processing: They have, in accordance with the statutory requirements, the right to request that you delete data in question without delay, or, alternatively, in accordance with the statutory requirements, a restriction of the processing of the data.
- Right to data portability: You have the right to receive data you have provided to us, in accordance with the statutory requirements in a structured, common and machine-readable Format or to request its Transfer to another person responsible.
- Complaint with Supervisory authority: In accordance with legal requirements and without prejudice to any other administrative or judicial remedy, you have the right at a data protection Supervisory authority, in particular of a Supervisory authority in the member state where they usually stay, the Supervisory authority of your workplace or the place of the suspected infringement, file a complaint, if you should be of the opinion that the processing of the personal data violates the DSGVO.
Definitions
In this section you get an Overview of this privacy statement terminology used. Many of the concepts are taken from the law, and especially in art. 4 DSGVO defined. The legal definitions are binding. The following explanations are intended to serve mainly the understanding. The terms are sorted alphabetically.
- A/B-Testing: A/B Tests serve to improve the user-friendliness and efficiency of the offered online. In users, for example, different versions of a website or its elements can be made, such as input forms, on which the placement of the content or labels of the navigation elements are different. Then, it can be determined on the basis of the behavior of the user, e.g. longer stays on the website or more frequent interaction with the elements, which of these websites or elements are more in line with the needs of the users.
- Affiliate Tracking: In the framework of the Affiliate tracking Links, with the help of the linked sites refer users to websites with product or other Offers will be logged. The operators of the respective linking websites can purchase receive a Commission if users of these so-called Affiliate consequences to the left, and then offers to perceive (e.g., Goods or services). For this purpose, it is necessary that the providers can track whether users who are interested in certain offers, take this then, on the initiative of the Affiliate Links. Therefore, it is for the functionality of Affiliate Links requires that they be supplemented by certain values that are a part of the link or otherwise, e.g. in a Cookie is stored. The values include in particular the initial website (Referrer), time, an Online identifier of the operator of the website on which the Affiliate Link was located, an Online identification of the respective offer, an Online identification of the user, as well as tracking specific values such as, for example, advertising material ID, Partner ID and categorisations
- Content Delivery Network (CDN): A "Content Delivery Network" (CDN) is a service, with the aid of contents of the online offer, especially big media files, such as graphics or program scripts with the help of regionally distributed and Internet-connected servers, faster and safer delivery.
- Heatmaps: "Heatmaps" are mouse movements of the users, which are combined to form an overall picture, with the aid of, for example, can be detected, which website is to be controlled elements are preferred and which website elements users prefer less.
- IP Masking: To as "IP Masking" refers to a method in which the last octet, i.e. the last two Numbers of an IP address is deleted so that the IP address can no longer serve the unique identification of a Person. Therefore, IP Masking is a means for the Pseudonymization of processing methods, especially in online marketing
- Click tracking: Click tracking allows to understand the movements of users within an entire website. Since the results of these Tests are more accurate if the user interaction can be monitored over a certain period of time (e.g., so that we can find out whether a user returns to happy again), will be stored for this Test purposes, as a rule, Cookies on the computers of the users.
- Conversion measurement: The conversion measurement (also known as "conversion tracking") is a procedure with which the effectiveness of marketing measures can be determined. This case is stored in the rule places a Cookie on the user devices within the websites on which the marketing activities take place, and then again on the target website. For example, we can relate to, whether the us on other websites, the Ads were successful.
- Personal Data: "Personal data" is any information that relates to an identified or identifiable natural Person (hereinafter "data subject") relate to; as identifiable is a natural Person, directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, Online identifier (e.g. Cookie) or to identify one or more specific characteristics can be, the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of this natural Person.
- Profiles with user-related information: The processing of "profiles, with user-related information", or "profiles" includes any type of automated processing of personal data that consists in this, that, these personal data will be used to provide certain personal aspects of a natural Person (depending on the type of profiling can be of different information regarding the demographics, behavior and interests, such as the interaction with websites and their contents, etc.) to analyze, assess or to predict (e.g., the interest in certain contents or products, click behaviour on a website or the location). For the purposes of Profiling Cookies and Web are often used Beacons.
- Range of measurement: The range measurement (also known as Web Analytics refers to) is used for the analysis of the visitor flows of the online offer and can include the behavior or interests of the visitors to certain information, such as the content of web pages. With the help of range analysis, website owners, for example, can recognize, to visit which time visitors to your website and what content is of interest to you. This allows you to customize the contents of the website to the needs of the visitors. For purposes of the coverage analysis is often pseudonyms Cookies and Web Beacons are used to recognize repeat visitors to get more accurate analyses of use of the online offer.
- Owner: As a "responsible person" means the natural or legal Person, public authority, Agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
- Processing: "Processing" is any with or without the aid of automated processes executed transaction or any such series in connection with personal data. The term goes far and includes virtually every handling of data, be it the Collect, Analyze, Store, Submit, or Delete.