Collection and storage of personal data and the nature and purpose of their use
The data mentioned will be processed by us for the following purposes:
- Ensuring a smooth connection of the website (due to legitimate interests)
- Ensuring a comfortable use of our website (due to legitimate interests)
- Evaluation of system security and stability (based on legitimate interests)
- for establishing contact and related correspondence (on the basis of your consent)
- for processing your request and for any further advice you may require (on the basis of your consent)
- to contact you to verify your data (on the basis of your consent)
You can visit our website without revealing your identity. We collect and process your personal data only if you provide them voluntarily with your knowledge, e.g. by filling out our forms or sending e-mails.
We, or our hosting provider (Siteground), collect data on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. of the German Data Protection Act. GDPR collect data about each access to the server on which this service is located (so-called server log files). The following information will be collected without your permission and stored until automated deletion:
- The IP address of the requesting computer,
- The date and time of the access,
- The name and URL of the retrieved file,
- The website from which the access was made (referrer URL),
- The browser you are using and, if applicable, the operating system of your computer as well as the name of your access provider.
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.
Log file information is stored for security reasons (e.g. for the clarification of abuse or fraud actions) for the duration of maximally 7 days and deleted afterwards. Data, the further storage of which is necessary for evidence purposes, are excluded from deletion until the respective incident has been finally clarified.
When contacting us (e.g. via contact form, e-mail, telephone or via social media), the user’s details will be processed for the purpose of processing the contact request and processing it in accordance with Art. 6 Para. 1 lit. b) GDPR. User data can be stored in a customer relationship management system (“CRM system”) or a comparable enquiry organisation. We delete the enquiries if they are no longer necessary. We check the necessity every two years; furthermore, the statutory archiving obligations apply.
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). It is used on the basis of Art. 6 Para. 1 S. 1 lit. f. GDPR. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website such as
- Browser type/version,
- operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- Time of the server request,
are usually transferred to a Google server in the USA and stored there. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google. We have also added the code “anonymizeIP” to Google Analytics on this website. This guarantees the masking of your IP address so that all data is collected anonymously. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
You can find more information on the handling of user data by Google Analytics in Google’s data protection declaration: https://support.google.com/analytics/answer/6004245?
a) Browser Plug-In
You can prevent the storage of cookies by making the appropriate settings in your browser software; however, we would like to point out that you may not be able to access the website in this way.
in this case not all functions of this website may be fully usable. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) as well as Google from processing this data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
(b) Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set to prevent your information from being collected on future visits to this website:
Klicken Sie auf den unteren Button, um das Tracking von Google Analytics abzustellen.
Opt-out von Google Analytics erfolgreich.
(c) order data processing
We have concluded a contract with Google for order data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
d) IP anonymization
We use the function “Activation of IP anonymization” on this website. However, this will shorten Google’s IP address within Member States of the European Union or other countries party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.
e) Demographic characteristics of Google Analytics
This website uses the function “demographic features” of Google Analytics. This allows reports to be generated that contain information about the age, gender and interests of site visitors. This data comes from interest-related advertising by Google and visitor data from third parties. This information cannot be associated with any specific individual. You can deactivate this function at any time via the ad settings in your Google Account or generally prohibit Google Analytics from collecting your data as described under “Objection to data collection”.
The legal basis for the use of Google Analytics is § 15 Abs. 3 TMG or Art. 6 Abs. 1 lit. f GDPR. The data sent by us and linked to cookies, user identifications (e.g. user ID) or advertising IDs are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.
Google Tag Manager
Provision of contractual services
We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 Para. 1 lit b. GDPR. The entries marked as mandatory in online forms are required for the conclusion of the contract.
When using our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. These data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation pursuant to Art. 6 para. 1 lit. c GDPR.
We process usage data (e.g., the websites visited on our website, interest in our products) and content data (e.g., entries in the contact form or user profile) for advertising purposes in a user profile in order to show the user, e.g. product information based on the services they have previously used.
The data will be deleted after statutory warranty and comparable obligations have expired; the necessity of storing the data will be reviewed every three years; in the case of statutory archiving obligations, the data will be deleted after their expiration. Information in any customer account shall remain in place until it is deleted.
Administration, financial accounting, office organisation, contact management
We process data in the context of administrative tasks as well as the organisation of our business, financial accounting and compliance with legal obligations, such as archiving. Here we process the same data that we process within the scope of providing our contractual services. The processing bases are Art. 6 para. 1 lit. c. GDPR, Art. 6 para. 1 lit. f. DSGVO. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks which serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of the data with regard to contractual services and contractual communication corresponds to the data specified in these processing activities.
We disclose or transmit data to the financial administration, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers.
Furthermore, on the basis of our business interests, we store information on suppliers, organisers and other business partners, e.g. for the purpose of establishing contact at a later date. This data, which is mainly company-related, is stored permanently.
With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures and your rights of objection. By subscribing to our newsletter, you declare your agreement with the receipt and the described procedures.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter “newsletter”) only with the consent of the recipient or a legal permission. If the contents of the newsletter are specifically described within the scope of registration, they are decisive for the consent of the user. In addition, our newsletters contain information about our services and us.
Double-Opt-In and logging: The registration to our newsletter takes place in a so-called Double-Opt-In procedure. I.e. after registration you will receive an e-mail in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Likewise, the changes of your data stored with the Provider are logged.
Registration data: To register for the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to enter a name in the newsletter for the purpose of addressing you personally.
The dispatch of the newsletter and the performance measurement associated with it is based on the consent of the recipients pursuant to Art. 6 Para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 Para. 2 No. 3 UWG or on legal permission pursuant to § 7 Para. 3 UWG.
The registration procedure is recorded on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our interest is directed towards the use of a user-friendly and secure newsletter system that serves our business interests as well as the expectations of the users and furthermore allows us to provide evidence of consent.
Cancellation/revocation – You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before deleting them in order to be able to provide evidence of a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of a consent is confirmed at the same time.
Newsletter Software MailChimp
We use the newsletter provider MailChimp to send our newsletter. MailChimp is an offer from The Rocket Science Group, LLC, 512 Means St. Suite 404, Atlanta, GA 30318, USA (“MailChimp”).
When you subscribe to our newsletter, the information you provide when subscribing to the newsletter is transferred to MailChimp and stored there. After registration, MailChimp will send you an e-mail confirming your registration (“Double Opt-In”). MailChimp offers extensive analysis possibilities for the use of the newsletter. These analyses are group-related and are not used by us for individual evaluation. MailChimp also uses the analysis tool Google Analytics (see section 5) and integrates it into the newsletter if required.
Rocket Science Group, LLC. participates in the U.S. Department of Commerce and the EU-US Privacy Shield Framework Program of the European Commission regarding the collection, use and storage of personal data from member states of the European Economic Area. Here you will find information about what data The Rocket Science Group, LLC collects, processes and uses under the EU-US Privacy Shield Framework Program and for what purposes: https://www.privacyshield.gov/participant?id=a2zt000000000TO6hAAG.
Further information on MailChimp and data protection at MailChimp can be found here: http://mailchimp.com/legal/privacy/
Newsletter Success Measurement
The newsletters contain a so-called “web-beacon”, i.e. a file the size of a pixel, which is retrieved from our server when the newsletter is opened or, if we use a dispatch service provider, from its server. Within the scope of this retrieval, technical information such as information about the browser and your system, as well as your IP address and time of retrieval are first collected.
This information is used to technically improve the services on the basis of technical data or target groups and their reading behavior on the basis of their retrieval locations (which can be determined with the help of the IP address) or access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. It is, however, neither our endeavor nor, if used, that of the dispatch service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.
CRM Software Bitrix24
We use a CRM system to manage contacts and customer accounts. Contact information and e-mail correspondence are recorded in our Bitrix system. We also use Bitrix24 as a database for partner who work with us or wish to work with us. For this use of personal data as an partner, we expressly request confirmation of inclusion in our database via the appropriate contact form.
Economic analyses and market research
In order to operate our business economically, to identify market trends, customer and user wishes, we analyse the data available to us on business transactions, contracts, enquiries, etc., in order to identify the most suitable and appropriate solutions. We process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Art. 6 para. 1 lit. f. GDPR, whereby the persons concerned include customers, interested parties, business partners, visitors and users of the online offer.
The analyses are carried out for the purpose of economic evaluations, marketing and market research. We can take into account the profiles of registered users with information, e.g. on the services they make use of. The analyses serve us to increase the user friendliness, the optimization of our offer and the business economy. The analyses serve us alone and are not disclosed externally unless they are anonymous analyses with summarized values.
If these analyses or profiles are person-related, they will be deleted or anonymised upon termination by the user, otherwise after two years from the conclusion of the contract. In all other respects, the macroeconomic analyses and general trend determinations are prepared anonymously wherever possible.
Users can create a user account. Within the scope of registration, the required mandatory data will be communicated to the users and processed on the basis of Art. 6 Para. 1 lit. b GDPR for the purpose of providing the user account. The processed data includes in particular the login information (name, password and an e-mail address). The data entered during registration will be used for the purposes of using the user account and its purpose.
Users may be informed by e-mail of information relevant to their user account, such as technical changes. If users have terminated their user account, their data will be deleted with regard to the user account, subject to a statutory retention obligation. It is the responsibility of the users to secure their data before the end of the contract in the event of termination. We are entitled to irretrievably delete all user data stored during the term of the contract.
Within the scope of using our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. This data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so pursuant to Art. 6 Para. 1 lit. c GDPR. The IP addresses will be anonymized or deleted after 7 days at the latest.
Integration of third-party services and content
Within the scope of our online offer, we act on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. of the German Civil Code). GDPR) content or service offers from third parties in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).
This always presupposes that the third-party providers of this content perceive the IP address of the user, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We make every effort to use only those contents whose respective providers only use the IP address to deliver the contents. Third party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring web pages, visit times and other information about the use of our online services, as well as may be linked to such information from other sources.
a) “Share” function for social networks
We use the parts feature on our website for the following social media channels: Facebook To share our content on social networks, we use the privacy-compliant WordPress plugin “Shariff Wrapper”, which does not process any personal data. The information is only transferred to the social network when you actively click on the corresponding buttons. This ensures that there is no unwanted and automatic data transfer to the corresponding social networks when you visit our pages. The legal basis for this processing is our legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR). You can find more information on the Shariff project from the developers of the magazine c’t: www.ct.de.
b) Google Web Fonts
This website so-called Web Fonts, which are provided by Google. This is done in order to be able to display fonts uniformly. When you call up a page, your browser loads the required web fonts into its browser memory. For this purpose, your browser does not need to connect to Google’s servers in the United States, as we have saved the fonts locally. There is no processing of personal data by third parties.
The hosting services used by us serve the provision of the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services which we use for the purpose of operating this online service.
Conclusion of a data processing agreement
We have concluded a so-called “Data Processing Agreement” with our hosting service Siteground, in which we oblige Siteground to protect the data of our customers and not to pass it on to third parties. This contract can be viewed at the following link: https://www.siteground.com/term/301.htm?scid=3&lang=en.