Responsible:
Name/Company: ADMIN INTELLIGENCE GmbH
Street No.: Sedanstrasse 124
Postal Code, City, Country: 89077 Ulm Germany
Commercial Register/No.: 736144
Managing Director: Tobias Völker
Phone Number: +49 731 388 62810
Email Address: info@admin-intelligence.de
Data Protection Officer:
Name: Marc Weiß – Marc Weiß Verwaltungs-GmbH
Street No.: Herrenkellergasse 6
Postal Code, City, Country: 89073 Ulm Germany
Phone Number: +49 731 3799 861
Email Address: mail@wmv-ulm.de
Status: 14.05.2018
Privacy Policy
1. Basic Information on Data Processing and Legal Bases
1.1. This privacy policy informs you about the type, scope, and purpose of the processing of personal data within our online offering and the associated websites, functions, and content (hereinafter collectively referred to as “online offering” or “website”). The privacy policy applies regardless of the domains, systems, platforms, and devices (e.g., desktop or mobile) used on which the online offering is executed.
1.2. The terms used, such as “personal data” or their “processing,” refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
1.3. The personal data of users processed within the scope of this online offering include inventory data (e.g., names and addresses of customers), contract data (e.g., services used, names of contact persons, payment information), usage data (e.g., the websites visited within our online offering, interest in our products), and content data (e.g., entries in the contact form).
1.4. The term “user” includes all categories of persons affected by data processing. These include our business partners, customers, interested parties, and other visitors to our online offering. The terms used, such as “user,” are to be understood as gender-neutral.
1.5. We process personal data of users only in compliance with the relevant data protection regulations. This means that the data of users are only processed if a legal permission exists. This means, in particular, if the data processing is necessary for the provision of our contractual services (e.g., processing of orders) as well as online services, or is required by law, if the consent of the users is given, as well as based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation and security of our online offering within the meaning of Art. 6 para. 1 lit. f. GDPR, in particular in the measurement of reach, creation of profiles for advertising and marketing purposes, as well as the collection of access data and use of third-party services.
1.6. We point out that the legal basis for consents is Art. 6 para. 1 lit. a. and Art. 7 GDPR, the legal basis for processing for the fulfillment of our services and implementation of contractual measures is Art. 6 para. 1 lit. b. GDPR, the legal basis for processing for the fulfillment of our legal obligations is Art. 6 para. 1 lit. c. GDPR, and the legal basis for processing for the protection of our legitimate interests is Art. 6 para. 1 lit. f. GDPR.
2. Security Measures
2.1. We take organizational, contractual, and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.
2.2. The security measures include, in particular, the encrypted transmission of data between your browser and our server.
3. Disclosure of Data to Third Parties and Third-Party Providers
3.1. Data is only disclosed to third parties within the framework of legal requirements. We only disclose user data to third parties if, for example, this is necessary for contractual purposes based on Art. 6 para. 1 lit. b) GDPR or based on legitimate interests in accordance with Art. 6 para. 1 lit. f. GDPR for the economic and effective operation of our business operations.
3.2. If we use subcontractors to provide our services, we take appropriate legal precautions as well as corresponding technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.
3.3. If, within the scope of this privacy policy, content, tools, or other means from other providers (hereinafter collectively referred to as “third-party providers”) are used and their stated seat is in a third country, it is to be assumed that a data transfer to the seat states of the third-party providers takes place. Third countries are countries in which the GDPR is not directly applicable law, i.e., in principle, countries outside the EU or the European Economic Area. The transfer of data to third countries takes place either if an adequate level of data protection, user consent, or other legal permission is present.
4. Provision of Contractual Services
4.1. We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and service provision in accordance with Art. 6 para. 1 lit. b. GDPR.
4.2. Users can optionally create a user account, in which they can view their orders in particular. During registration, the required mandatory information is communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention is necessary for commercial or tax reasons in accordance with Art. 6 para. 1 lit. c GDPR. It is the responsibility of the users to secure their data before the end of the contract in the event of termination. We are entitled to irretrievably delete all user data stored during the contract period.
4.3. In the context of registration and renewed logins as well as the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the users’ protection against misuse and other unauthorized use. A transfer of this data to third parties does not take place in principle, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with Art. 6 para. 1 lit. c GDPR.
4.4. We process usage data (e.g., the websites visited within our online offering, interest in our products) and content data (e.g., entries in the contact form or user profile) for advertising purposes in a user profile, in order to display product information to the user, for example, based on their previously used services.
5. Contact
5.1. When contacting us (via contact form or email), the user’s information is processed for the purpose of handling the contact request and its processing in accordance with Art. 6 para. 1 lit. b) GDPR.
5.2. The user information can be stored in our Customer Relationship Management System (“CRM System”) or comparable inquiry organization.
5.3. When using our contact form, the data you enter is processed by the external provider Formspree.io and is subject to its privacy policy. Further information and opt-out options can be found in the privacy policy of Formspree.io: http://docs.formspree.io/files/privacy.pdf.
6. Comments and Contributions
6.1. When users leave comments or other contributions, their IP addresses are stored based on our legitimate interests in accordance with Art. 6 para. 1 lit. f. GDPR for 7 days.
6.2. This is done for our security, in case someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we can be held liable for the comment or contribution and are therefore interested in the identity of the author.
7. Collection of Access Data and Logfiles
7.1. We collect data on every access to the server on which this service is located (so-called server log files) based on our legitimate interests in accordance with Art. 6 para. 1 lit. f. GDPR. The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address, and the requesting provider.
7.2. Logfile information is stored for security reasons (e.g., to investigate misuse or fraud) for a maximum of seven days and then deleted. Data whose further retention is required for evidence purposes is excluded from deletion until the respective incident is finally clarified.
8. Cookies & Reach Measurement
8.1. Cookies are information that is transferred from our web server or third-party web servers to the users’ web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
8.2. We use “session cookies,” which are only stored for the duration of the current visit to our online presence (e.g., to enable the storage of your login status or the shopping cart function and thus the use of our online offering at all). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. In addition, a cookie contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offering and, for example, log out or close the browser.
8.3. Users are informed about the use of cookies in the context of pseudonymous reach measurement within this privacy policy.
8.4. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offering.
8.5. You can object to the use of cookies for reach measurement and advertising purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
9. Google Analytics
9.1. We use Google Analytics, a web analytics service provided by Google Inc. (“Google”), based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. GDPR). Google uses cookies. The information generated by the cookie about the use of the online offering by the users is usually transmitted to a Google server in the USA and stored there.
9.2. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
9.3. Google will use this information on our behalf to evaluate the use of our online offering by the users, to compile reports on the activities within this online offering, and to provide us with other services related to the use of this online offering and the internet. Pseudonymous usage profiles of the users can be created from the processed data.
9.4. We use Google Analytics to display the ads placed within Google’s advertising services and its partners only to those users who have also shown an interest in our online offering or who have certain characteristics (e.g., interests in certain topics or products, which are determined based on the visited websites) that we transmit to Google (so-called “remarketing” or “Google Analytics Audiences”). With the help of the remarketing audiences, we also want to ensure that our ads correspond to the potential interest of the users and do not have a harassing effect.
9.5. We use Google Analytics only with activated IP anonymization. This means that the IP address of the users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
9.6. The IP address transmitted by the user’s browser will not be merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and related to their use of the online offering to Google as well as the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
9.7. Further information on data use by Google, setting and objection options can be found on Google’s websites: https://www.google.com/intl/en/policies/privacy/partners (“Data use by Google when you use websites or apps of our partners”), http://www.google.com/policies/technologies/ads (“Data use for advertising purposes”), http://www.google.de/settings/ads (“Manage information that Google uses to show you advertising”).
10. Google Re/Marketing Services
10.1. We use the marketing and remarketing services (short “Google Marketing Services”) of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”) based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. GDPR).
10.2. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
10.3. The Google Marketing Services allow us to display advertisements for and on our website in a more targeted manner, so that users are only presented with ads that potentially correspond to their interests. If a user is shown ads for products in which he was interested on other websites, this is referred to as “remarketing.” For these purposes, when our and other websites on which Google Marketing Services are active are called up, Google immediately executes a code from Google and so-called (re)marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. With their help, an individual cookie, i.e., a small file, is stored on the user’s device (instead of cookies, comparable technologies can also be used). The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com. In this file, it is noted which websites the user visited, which content he is interested in, and which offers he clicked on, as well as technical information about the browser and operating system, referring websites, visit time, and other information about the use of the online offering. The IP address of the users is also recorded, whereby we inform within the scope of Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases is completely transferred to a Google server in the USA and shortened there. The IP address is not merged with data of the user within other offers from Google. The above information may also be combined by Google with such information from other sources. If the user subsequently visits other websites, he can be shown ads tailored to his interests.
10.4. The data of the users are processed pseudonymously within the framework of the Google Marketing Services. This means that Google does not store and process, for example, the name or email address of the users, but processes the relevant data cookie-related within pseudonymous user profiles. This means that from Google’s point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie owner, regardless of who this cookie owner is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected by Google Marketing Services about the users is transmitted to Google and stored on Google’s servers in the USA.
10.5. Among the Google Marketing Services we use is the online advertising program “Google AdWords.” In the case of Google AdWords, each AdWords customer receives a different “conversion cookie.” Cookies can therefore not be tracked via the websites of AdWords customers. The information obtained with the help of the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. The AdWords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that personally identifies users.
10.6. We can integrate third-party ads based on the Google Marketing Service “DoubleClick.” DoubleClick uses cookies that enable Google and its partner websites to display ads based on users’ visits to this website or other websites on the internet.
10.7. We can integrate third-party ads based on the Google Marketing Service “AdSense.” AdSense uses cookies that enable Google and its partner websites to display ads based on users’ visits to this website or other websites on the internet.
10.8. We can also use the “Google Optimizer” service. Google Optimizer allows us to track the effects of various changes to a website within the framework of so-called “A/B testing” (e.g., changes to input fields, design, etc.). For these test purposes, cookies are stored on the users’ devices. Only pseudonymous data of the users are processed.
10.9. Furthermore, we can use the “Google Tag Manager” to integrate and manage the Google analysis and marketing services on our website.
10.10. Further information on data use for marketing purposes by Google can be found on the overview page: https://www.google.com/policies/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.
10.11. If you wish to object to interest-based advertising by Google Marketing Services, you can use the settings and opt-out options provided by Google: http://www.google.com/ads/preferences.
11. Facebook Social Plugins
11.1. We use social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. GDPR). The plugins can display interaction elements or content (e.g., videos, graphics, or text contributions) and are recognizable by one of the Facebook logos (white “f” on a blue tile, the terms “Like,” “Gefällt mir,” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin.” The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/
11.2. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
11.3. When a user calls up a function of this online offering that contains such a plugin, his device establishes a direct connection with the servers of Facebook. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated into the online offering. In the process, usage profiles of the users can be created from the processed data. We therefore have no influence on the extent of the data that Facebook collects with the help of this plugin and therefore inform the users according to our knowledge.
11.4. By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offering. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example by pressing the “Like” button or leaving a comment, the corresponding information is transmitted directly from your device to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and store his IP address. According to Facebook, only an anonymized IP address is stored in Germany.
11.5. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the related rights and setting options for protecting the privacy of users, can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy
11.6. If a user is a Facebook member and does not want Facebook to collect data about him via this online offering and link it to his member data stored on Facebook, he must log out of Facebook and delete his cookies before using our online offering. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. The settings are platform-independent, i.e., they are adopted for all devices, such as desktop computers or mobile devices.
12. Facebook, Custom Audiences, and Facebook Marketing Services
12.1. Within our online offering, the so-called “Facebook Pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used based on our legitimate interests in analysis, optimization, and economic operation of our online offering and for these purposes.
12.2. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
12.3. With the help of the Facebook Pixel, it is possible for Facebook to determine the visitors of our online offering as a target group for the display of ads (so-called “Facebook Ads”). Accordingly, we use the Facebook Pixel to display the Facebook Ads placed by us only to those Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g., interests in certain topics or products, which are determined based on the visited websites) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook Pixel, we also want to ensure that our Facebook Ads correspond to the potential interest of the users and do not have a harassing effect. With the help of the Facebook Pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).
12.4. The Facebook Pixel is directly integrated by Facebook when our websites are called up and can store a so-called cookie, i.e., a small file, on your device. If you subsequently log in to Facebook or visit Facebook in the logged-in state, the visit to our online offering is noted in your profile. The data collected about you is anonymous to us, so it does not provide us with any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and can be used by Facebook as well as for its own market research and advertising purposes. If we should transmit data to Facebook for matching purposes, this is locally encrypted in the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of matching with the data encrypted in the same way by Facebook.
12.5. Furthermore, we use the additional function “extended matching” when using the Facebook Pixel (here, data such as phone numbers, email addresses, or Facebook IDs of the users) to form target groups (“Custom Audiences” or “Look Alike Audiences”) to Facebook (encrypted). Further information on “extended matching”: https://www.facebook.com/business/help/611774685654668
12.6. Also based on our legitimate interests, we use the “Custom Audiences from File” procedure of the social network Facebook, Inc. In this case, the email addresses of the newsletter recipients are uploaded to Facebook. The upload process is encrypted. The upload is solely to determine recipients of our Facebook ads. We want to ensure that the ads are only displayed to users who have an interest in our information and services.
12.7. The processing of the data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, general information on the display of Facebook Ads, in Facebook’s data usage policy: https://www.facebook.com/policy.php. Special information and details about the Facebook Pixel and its functionality can be found in Facebook’s help section: https://www.facebook.com/business/help/651294705016616
12.8. You can object to the collection by the Facebook Pixel and use of your data for the display of Facebook Ads. To set which types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e., they are adopted for all devices, such as desktop computers or mobile devices.
12.9. You can also object to the use of cookies for reach measurement and advertising purposes via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
13. Integration of Third-Party Services and Content
13.1. We use content or service offers from third-party providers within our online offering based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. GDPR) to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”). This always requires that the third-party providers of this content perceive the IP address of the users, as they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We strive to use only such content whose respective providers use the IP address solely for the delivery of the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information, such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and contain, among other things, technical information about the browser and operating system, referring websites, visit time, as well as other information about the use of our online offering, and can also be linked to such information from other sources.
13.2. The following presentation provides an overview of third-party providers and their content, along with links to their privacy policies, which contain further information on data processing and, in part already mentioned here, opt-out options:
External fonts from Google, Inc., https://www.google.com/fonts (“Google Fonts”). The integration of Google Fonts takes place by a server call at Google (usually in the USA). Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
Maps of the service “Google Maps” of the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, provided. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
Videos of the platform “YouTube” of the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
Within our online offering, functions of the service Google+ are integrated. These functions are offered by the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you are logged into your Google+ account, you can link the content of our pages to your Google+ profile by clicking the Google+ button. This allows Google to associate the visit to our pages with your user account. We point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data as well as their use by Google+. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
Within our online offering, functions of the service Instagram are integrated. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data as well as their use by Instagram. Privacy policy: http://instagram.com/about/legal/privacy/.
Our online offering uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our internet pages with your IP address. If you click the “Recommend” button of LinkedIn and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to our website with you and your user account. We point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data as well as their use by LinkedIn. Privacy policy: https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We use social plugins of the social network Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA (“Pinterest”). When you call up a page that contains such a plugin, your browser establishes a direct connection to Pinterest’s servers. The plugin transmits log data to Pinterest’s server in the USA. This log data may include your IP address, the address of the visited websites that also contain Pinterest functions, type and settings of the browser, date and time of the request, your use of Pinterest, and cookies. Privacy policy: https://about.pinterest.com/en/privacy-policy.
Within our online offering, functions of the service Twitter can be integrated. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. In the process, data is also transmitted to Twitter. We point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data as well as their use by Twitter. Twitter’s privacy policy at http://twitter.com/privacy. You can change your privacy settings on Twitter in the account settings at http://twitter.com/account/settings.
We use social plugins of the social network Tumblr, which is operated by Tumblr, Inc. located at 35 East 21st Street, 10E, New York, NY 10010, USA (“Tumblr”). When you call up a page that contains such a plugin, your browser establishes a direct connection to Tumblr’s servers. The plugin transmits log data to Tumblr’s server in the USA. This log data may include your IP address, the address of the visited websites that also contain Tumblr functions, type and settings of the browser, date and time of the request, your use of Tumblr, and cookies. Privacy policy: https://www.tumblr.com/policy/en/privacy.
We use functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our pages containing Xing functions is accessed, a connection to Xing servers is established. According to our knowledge, no personal data is stored. In particular, no IP addresses are stored or the usage behavior is evaluated. Privacy policy: https://www.xing.com/app/share?op=data_protection.
Web analysis and optimization with the help of the Hotjar service, of the third-party provider Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe. With Hotjar, movements on the websites on which Hotjar is used can be traced (so-called heatmaps). For example, it is possible to see how far users scroll and which buttons users click on how often. Furthermore, technical data such as selected language, system, screen resolution, and browser type are recorded. In the process, at least temporarily during the visit to our website, user profiles can be created. Furthermore, it is also possible to obtain feedback directly from the users of the website with the help of Hotjar. In this way, we obtain valuable information to make our websites even faster and more customer-friendly. Privacy policy: https://www.hotjar.com/privacy. Opt-Out: https://www.hotjar.com/opt-out.
External code of the JavaScript framework “jQuery”, provided by the third-party provider jQuery Foundation, https://jquery.org.
14. User Rights
14.1. Users have the right to request free information about the personal data we have stored about them.
14.2. In addition, users have the right to correct incorrect data, restrict processing, and delete their personal data, if applicable, to assert their rights to data portability, and in the event of the assumption of unlawful data processing, to file a complaint with the competent supervisory authority.
14.3. Likewise, users can revoke consents, in principle with effect for the future.
15. Deletion of Data
15.1. The data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations. If the users’ data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data of users that must be retained for commercial or tax reasons.
15.2. According to legal requirements, the retention is for 6 years in accordance with § 257 para. 1 HGB (commercial books, inventories, opening balances, annual financial statements, commercial letters, booking vouchers, etc.) and for 10 years in accordance with § 147 para. 1 AO (books, records, management reports, booking vouchers, commercial and business letters, documents relevant for taxation, etc.).
16. Right to Object
16.1. Users can object to the future processing of their personal data in accordance with the legal requirements at any time. The objection can be made in particular against processing for direct marketing purposes.
17. Changes to the Privacy Policy
17.1. We reserve the right to change the privacy policy to adapt it to changed legal situations or in the event of changes to the service as well as data processing. This applies, however, only with regard to declarations on data processing. If user consents are required or components of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.
17.2. Users are requested to inform themselves regularly about the content of the privacy policy.
Status: 14.05.2018