- ‘personal data’ (Art. 4 No. 1 GDPR) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
- ‘processing’ (Art. 4 No. 2 GDPR) means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- ‘controller’ (Art. 4 No. 7 GDPR) means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
- ‘third party’ (Art. 4 No. 10 GDPR) means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
- ‘processor’ (Art. 4 No. 8 GDPR) means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
- ‘consent’ (Art. 4 No. 11 GDPR) of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
CleverReach GmbH & Co. KG is responsible for the data collection and processing explained in this policy. You can find our contact data in our imprint.
Usage data & log files
When you visit our web pages, temporary so-called usage data are stored on our web server for statistical purposes as a protocol to improve the quality of our web pages. This data set contains:
- The page from which the file was requested,
- The file name,
- The date and time of the query,
- The amount of data transferred,
- The access status (file transferred, file not found),
- The description of the type of web browser used,
- The IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.
These log data are only stored anonymously. We store this log data strictly earmarked for a maximum of seven days to be able to detect, limit, and eliminate attacks on our websites. We delete these data at the end of this period. The legal basis is Art. 6 (1) (f) GDPR.
Due to the use of subcontractors, data processing may also be performed outside the EU or EEA. Please note that there is a risk that authorities may access the data for security and monitoring purposes without you being informed or having a right to object. If you consent, the transfer to a third country will be based on Art. 49 (1) (a) GDPR.
2. Analysis tools and third-party tools
Cookies can contain data that make it possible to recognize the device used. In some cases, however, cookies only contain information on certain settings that cannot be related to a specific person. However, cookies cannot directly identify a user.
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.
In terms of their function, cookies are in turn distinguished between:
- Technical cookies: these are mandatory to move around the website, use basic functions and ensure the security of the website; they do not collect information about you for marketing purposes, nor do they store which web pages you have visited;
- Performance cookies: these collect information about how you use our website, which pages you visit and, for example, whether errors occur during website use; they do not collect information that could identify you – all information collected is anonymous and is only used to improve our website and find out what interests our users;
- Advertising Cookies, Targeting Cookies: these are used to provide the website user with tailored advertising on the website or third party offers and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 14 months;
- Sharing cookies: these are used to improve the interactivity of our website with other services (e.g. social networks); Sharing cookies are stored for a maximum of 3 months.
3a. Google Analytics
The information a cookie generates about your use of this website is usually transferred to a Google server in the United States and will be stored there. However, because we have activated IP anatomization on this website, your IP address will be shortened beforehand by Google within Member States of the European Union. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and be shortened there. If the data is processed outside the EU/EEA, please note that authorities may access the data for security and monitoring purposes without you being informed or having the right to appeal. If we use providers in unsafe third countries and you give your consent, the transfer to a third country takes place based on Art. 49 para. 1 letter a GDPR.
To ensure the level of data protection in the case of processing in third countries (in particular also the USA), Google Ireland Ltd. has agreed to the standard contractual clauses with its subcontracted processors (in particular Google LLC), which are based on Module 3 of the standard contractual clauses for the transfer of personal data to third countries adopted by the European Commission on June 4, 2021 (https://business.safety.google/adsprocessorterms/sccs/eu-p2p-intra-group/).
The legal basis for the data processing is your consent pursuant to Art. 6 (1) a GDPR or § 25 (1) TTDSG
3b. Facebook Pixel
Our website uses the “visitor action pixel” of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
This way, the behavior of page visitors can be tracked after they have been forwarded to the provider’s website by clicking on a Facebook advertisement. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
For us as the operator of this website, the collected data is anonymous; we cannot draw any conclusions about the identity of the users.
However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage policy (https://www.facebook.com/about/privacy/).
This allows Facebook to serve ads on Facebook pages and outside of Facebook.
A cookie may also be stored on your computer for this purpose. The data processed by Facebook and linked to cookies are automatically deleted after 90 days.
You can also deactivate the marketing function “Custom Audiences” in the settings section for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook.
If you do not have a Facebook account, you can disable Facebook usage-based advertising on the European Interactive Digital Advertising Alliance website: https://www.youronlinechoices.com/uk/your-ad-choices.
The legal basis for the data processing is Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.
With your consent, you also agree pursuant to Art. 49 para. 1 p. 1a) GDPR that your data will be processed in the USA. The USA is assessed by the European Court of Justice as a country with an insufficient level of data protection according to EU standards.
In particular, there is a risk that your data may be processed by U.S. authorities for control and monitoring purposes, possibly also without any legal remedy.
3c. Retargeting Google
We use Google’s cross-device remarketing technologies to enable us to display targeted advertising on other websites based on your visit to our websites.
When you visit our websites, it is possible that Google’s Cross-Device Remarketing technologies may retrieve recognition features for your browser or your end device (e.g. create a so-called browser fingerprint), evaluate your IP address or store a recognition feature in the form of a small data file on your end device (e.g. a so-called third-party cookie).
It is also possible that Google may link and store your visit to our website with one or more of these recognition features in order to display our advertising on other pages on the Internet. The recognition features described above are designed as pseudonyms.
Due to the cross-device remarketing technologies at Google, we can commission the placement of advertisements on other websites that are based on the visits on our websites. So, if you visit another website that is part of Google’s display advertising network, Google can use the recognition features to determine alternatives, and if so, which of our ads should be displayed to you. For more information on how Google Remarketing technologies work, visit https://www.google.com/policies/technologies/ads/.
If you sign in to Google services with your own credentials or use one or more of your own Google accounts, Google may link the recognition features of different browsers and devices.
So, if Google has created a recognition feature for your laptop, desktop PC or smartphone or tablet, you can associate those features once you use or have used a Google service with your sign-in information. In this way, Google can also play our advertising campaigns beyond end devices in a targeted manner. However, Google will only do this if you have agreed to this data processing in the past.
You have the option of making settings for advertising. You can object to this form of advertising at any time. To do so, please visit https://support.google.com/ads/answer/2662922 and deactivate personalized advertising. Please note that these settings may not affect all devices and browsers.
The legal basis for the data processing is Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.
3d. Google AdWords (as of 24.07.2018 Ads) and Google Conversion Tracking
This website uses Google Ads. Google Ads is an online advertising service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The responsible party is Google.
In the context of Google AdWords, we use the so-called Conversion Tracking. When you click on an ad served by Google, a cookie is placed for conversion tracking.
These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and Clever Reach can recognize that the user has clicked on the ad and has been redirected to this page.
Each Google AdWords customer receives a different cookie. Cookies cannot be tracked through the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they will not receive any information that personally identifies users. If you do not wish to participate in tracking, you can opt out of this use by simply deactivating the Google Conversion Tracking cookie via your Internet browser under User Settings. You are then not included in the conversion tracking statistics.
The legal basis for the data processing is your consent pursuant to Art. 6 (1) subparagraph 1 lit. a GDPR or § 25 (1) TTDSG.
This website uses the Hotjar tool of the provider Hotjar Limited (Hotjar Ltd.), Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta, to analyze the use of our offers. Hotjar provides a variety of options such as heat maps, visitor recordings, funnel and form analytics, feedback polls, surveys, and recruiters (for more information, please visit https://www.hotjar.com/).
Hotjar is a complete analytics-and-feedback tool that provides both online behavior analytics and feedback from website visitors. By combining both A) analytics and B) feedback, Hotjar gives us a “big picture” of how to improve our website user experience and performance.
In doing so, the analytics tool allows us to monitor user behavior (what users are doing), while the feedback tool allows us to hear what users are saying (user voice). By doing so, Hotjar allows us to analyze and understand the behavior patterns of our website visitors and customers on our web presences with the help of using analytics and feedback. The sole purpose of the data collection is to improve the functionality of the website and the overall user experience of users and customers.
As part of the use of Hotjar, data may be processed such as the IP address (stored in anonymized form), screen resolution, device type (unique device identifiers), operating system, browser, geographic location (country only), language preferred to view our website, mouse movements, keystrokes, referral URL and domain, web pages visited and date and time when the web pages were visited. In order to work properly, Hotjar sets cookies in your browser.
These have different lifetimes; some remain stored for up to 365 days, some only during the current website visit (see: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookie-Information).
The legal basis for the data processing is your consent pursuant to Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.
You can revoke your consent via the banner (by clicking on “Cookie settings” in the footer) at any time. The information generated and processed by cookies and, if applicable, integrated script of the service about your use of this website is usually transmitted to a server of Hotjar in Ireland (European Union) and stored there (https://help.hotjar.com/hc/en-us/articles/115011639887-Data-Safety-Privacy- Security#FAQ_1).
We have also entered into a contract for commissioned processing with Hotjar Limited in accordance with Art. 28 GDPR, in which the provider undertakes to make appropriate and legally binding contractual arrangements and to take control measures to ensure data protection and data security when using subcontractors and under which data transfers to third countries take place under EU standard data protection clauses. The processor will also use all information strictly for the purpose of analyzing the use of our website and user-related behavior for us.
For more information on data protection at Hotjar, see: https://www.hotjar.com/privacy/.
3f. Microsoft Ads
This website uses Microsoft Ads, a service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.
When you click on one of our ads on Bing or on selected Bing network sites, a temporary cookie is placed on your computer. When you now reach one of our conversion pages – recognizable for Microsoft Bing and us – we know that you have previously clicked on the ad. This is used to create conversion statistics, i.e. to record how many users reach a conversion page after clicking on an ad, i.e. to complete an order process.
If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this.
The legal basis for the data processing is your consent in accordance with Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.
3g. Social plugins
Our website contains icons of the social networks Facebook and Instagram, the Internet video portal YouTube and the microblogging service Twitter. These services are provided by the companies Meta Platforms Ireland Ltd. (“Facebook” and “Instagram”); Google Ireland Limited (“YouTube”) and Twitter International Company. Inc. (“Twitter”) and each have their own privacy regulations.
This gives you the opportunity to share the posts deposited on our website on the aforementioned platforms. These are not plugins, but merely links that forward to the respective provider to share posts there.
Normally, these social plugins lead to the fact that every visitor to a page is immediately recorded by these services with his IP address and his further activities on the Internet are logged. This happens even if the user does not click on any of the buttons.
To prevent this, we use the Shariff method. Our social buttons establish direct contact between the social network and the visitor only when the latter actively clicks on the button.
By clicking on the corresponding icon, the respective target page opens in a separate tab/window and you must then log in there with your data. In doing so, you will leave our website and your data will be processed by these services in accordance with their privacy protection regulations. Information on the page of origin (so-called referrer data) is transferred to the target page so that the content or posts can be displayed there.
For further information and technical details on the Shariff solution, please visit: Initiative of heise.de for a 2-click method called “Shariff”.
For more information on data processing on the provider pages, please refer to the data protection notices of the operators.
Data protection information from Facebook: https://www.facebook.com/policy.php
These cookies are not used for personal identification, but only collect pseudonymized data.
Taboola collects the following user information by means of cookies: User’s operating system, web pages/content accessed on our websites, referrer/link through which the user came to our website, time and number of website visits, location information (city and state), IP addresses in shortened form.
If you visit certain pages of ours and the cookie has not yet expired, we and the providers can recognize that someone has clicked on the ad and thus been redirected to our site.
You can find more data protection information on Taboola at: https://www.taboola.com/policies/privacy-policy.
The legal basis for data processing is your consent pursuant to Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.
For individual surveys, we use the web service SurveyMonkey (SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Ballsbridge, Dublin 4, Ireland) to create and analyse online surveys. Your Participation is voluntary.
For more information about the cookies SurveyMonkey uses, privacy and retention periods, please visit the following link https://www.surveymonkey.com/mp/legal/privacy/.
As a survey participant, you can contact us at any time to request deletion of your survey data, including personal data if collected. A subsequent correction of individual answers after the survey has been sent is not possible.
The legal basis for data processing is your consent in accordance with Art. 6 (1) lit. a DS-GVO or § 25 (1) TTDSG.
With your consent, you also consent to your data being processed in the USA pursuant to Art. 49 (1) p. 1a DSGVO. The USA has been assessed by the European Court of Justice as a country with an insufficient level of data protection according to EU standards.
In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without any legal remedy.
4. Explanation of safety measures
To protect your data from unwanted access as comprehensively as possible, we take technical and organizational measures. We use encryption on our pages. Your information is transmitted from your computer to our server and vice versa via the Internet using TLS encryption. You know this by the fact that the lock symbol is closed in the status bar of your browser and the address line starts with https://.
5. Rights of the data subject
When processing your personal data, GDPR grants you as a website user certain rights:
- Right of access by the data subject (Art. 15 GDPR):
You have the right to obtain from the controller confirmation as to whether personal data concerning you are being processed; if this is the case, you have a right to access this personal data and to all information specified in Art. 15 GDPR.
- Right to rectification and erasure (Art. 16 and 17 GDPR):
You have the right to request the immediate rectification of inaccurate personal data concerning you and, if necessary, the completion of incomplete personal data. You also have the right to obtain the immediate erasure of personal data concerning you if one of the reasons specified in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued.
- Right to restriction of processing (Art. 18 GDPR):
You have the right to request a restriction on processing if one of the conditions set out in Article 18 GDPR applies, e.g. if you have lodged an objection to processing, for the duration of any examination.
- Right to data portability (Art. 20 GDPR):
In certain cases, which are listed in Article 20 of GDPR, you have the right to receive personal data concerning you in a structured, commonly used and machine-readable format or to request the transmission of this data to a third party.
- Right to object (Art. 21 GDPR):
If data is collected on the basis of Art. 6 (1) (f) GDPR (data processing to protect legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process your personal data unless there are demonstrably compelling reasons worthy of protection for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
- Right to lodge a complaint with a supervisory authority
According to Art. 77 GDPR, you have the right of appeal to a supervisory authority if you believe that the processing of data concerning you violates data protection regulations. The right of appeal may be exercised in particular before a supervisory authority in the Member State where you are staying, working or suspected of infringing.
6. Contact details of the data protection officer
Our company data protection officer will be happy to provide you with information or suggestions on the subject of data protection:
Dr. Uwe Schläger
datenschutz nord GmbH
Phone: +49 421/696632-0
7. Newsletter on request
On our website we offer you the possibility to subscribe to our newsletter.
For the registration to our newsletter, we use the so-called double opt-in procedure. This means that after your registration we send you an e-mail to the specified e-mail address, in which we ask you to confirm that you wish to receive the newsletter. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data. You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail, by e-mail to email@example.com or by sending a message to the contact details given in the imprint. Your data for the newsletter dispatch will be deleted within 3 months after termination of the newsletter receipt, provided that the deletion does not conflict with any legal retention obligations.
By subscribing to our newsletter, you agree that we monitor your clicking and opening behavior in order to create an optimal offer of our newsletter for you. If we process your personal data on the basis of your consent, you can withdraw your consent at any time without this affecting the legality of the processing carried out so far. If the consent is revoked, we will stop processing your data.
8. Contact & Support Form
You can contact us via web forms. To use our contact form, we usually only need your email address. You can provide further information, but you do not have to. By submitting the respective form, you agree that the data you provide will be electronically recorded and stored for up to 6 years. In the contractual relationship, the legal basis of the processing is Art. 6 (1) (b) GDPR, otherwise Art. 6 (1) (f) GDPR. The web page operator has a justified interest to lead your exchange and to process your inquiry appropriately. In this respect, we use your data exclusively for processing your inquiry.
To process your support or contact request, we use the Zendesk software solution provided by Zendesk Inc, 1019 Market St, San Francisco, CA 94103, USA. Your data will be processed on servers hosted by Zendesk exclusively in the USA and within the scope of the GDPR. We have also concluded data protection agreements with Zendesk (in accordance with the EU standard data protection clauses, among others), by which we oblige the provider to process our customers’ data strictly in accordance with their instructions, to protect it and not to pass it on to third parties. Zendesk Inc. takes further technical precautions to protect personal data. Personal data will not be transferred to third parties in the sense of Art. 4 (10) GDPR.
9. Account registration to use our software
To use our CleverReach software for free, you need to register first. For account registration we collect your email address on the basis of Art. 6 (1) (b) GDPR. We will store your data until you object to its storage by email to firstname.lastname@example.org in which you wish to delete your account. If there are no legal retention periods, your data will be deleted within 10 days after you have entered your objection.
You can use a free account if we may send you regular email account reports, news & product information in return. The CleverReach GmbH & Co. KG will use your data exclusively for the aforementioned purpose and will not pass it on to third parties. You can unsubscribe from the newsletter in any email or object to the storage of your data by email to email@example.com and request that we delete your data at any time, provided that the erasure does not conflict with any legal storage obligations.
10. Paid use
If you want to use our CleverReach software as a paid version, you have to register first. We store and use your personal data, which you transmit in the course of the registration or an order process, on the basis of Art. 6 (1) (b) GDPR exclusively for the processing of your orders. We will use your email address to inform you about the status of your order or to send you the respective receipts. We also offer you to send you account reports and news & product information by email.
If after the conclusion of a chargeable contract there is an obligation to provide us with your payment data (e.g. account number for direct debit authorization), this data is required for payment processing. Payment transactions via the common means of payment (Visa/MasterCard, PayPal, direct debiting) are made exclusively via an encrypted SSL or TLS connection.In the case of encrypted communication, your payment data you transmit to us cannot be read by third parties. We may transfer data to other responsible parties (such as PayPal (Europe) or Mollie B.V.) who are necessary payment service providers for the secure execution of the payment.
11. Applications, in particular via HCM4all
We process your data within the scope of applicant management for the purpose of deciding on establishing an employment relationship on the basis of § 26 of the Federal Data Protection Act (BDSG). We process the data you provide in the course of your (online) application exclusively for the purpose of selecting applicants. Data will not be processed for other purposes.
You yourself determine the scope of data that you would like to submit as part of your application. Applications are transmitted electronically to our Human Resources Department where they are processed as quickly as possible. Applications are forwarded to the heads of the relevant specialist departments in our company. Beyond that, your data will not be passed on. our information will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after 6 months.
With your express consent, we will store your data for an additional 24 months in our applicant or talent pool to consider it in future job advertisements.
The talent pool is managed by the entire Ashampoo group of companies that consists of the following companies:
- Ashampoo GmbH & Co. KG
- CleverReach GmbH & Co. KG
- Personizer GmbH & Co. KG
In case your application is considered for another vacant position at the Ashampoo group of companies, we will forward your application documents to the respective department and contact you by phone or e-mail if necessary. Your data will be processed based on art. 6 para. 1 lit. a, 7 GDPR in connection with § 26 paragraph 2 BDSG.
Your declaration of consent includes the processing of all data that you have made available to us within the scope of the application procedure. In addition, data that was necessary to process the application (correspondence, handwritten notes from job interviews, etc.) will also be processed and stored. Additionally, we may process job-related information made publicly available by you, such as a profile on business-related social media networks or online job portals.
Your data is only accessible to selected employees within the Ashampoo group of companies who are involved in filling vacant positions. Your data will only be passed on within the Ashampoo group of companies to the extent necessary for the application process. Your data will not be passed on to third parties or used for other purposes.
Unless you revoke your consent to the processing of your data in the talent pool, your data will be completely deleted after 24 months at the latest. You will not be informed about the deletion of your data.
You can revoke your consent informally at any time, e.g. by sending an e-mail to firstname.lastname@example.org.
We use the software solution HCM4all GmbH, Trogerstraße 48, 81675 Munich, Germany, to carry out the application management.
We have also concluded appropriate data protection agreements with HCM4all (including the EU standard data protection clauses), by which we oblige the provider to process our applicants’ data strictly in accordance with instructions, to protect them and not to pass them on to third parties. HCM4all takes further technical precautions to protect personal data. A transfer of personal data to third parties in terms of Art. 4 (10) GDPR does not take place.
12. YouTube videos
Our website uses plugins from Google’s YouTube site. This website is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited. Furthermore, Youtube can store various cookies on your end device. With the help of these cookies, Youtube can obtain information about visitors to our website. This information is used, among other things, to collect video statistics, improve user-friendliness and prevent fraud attempts.
The cookies remain on your terminal until you delete them.
If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. Further information on how user data is handled can be found in YouTube’s data protection declaration at: https://policies.google.com/privacy?hl=en.
13. Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites.
The provider is Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
With reCAPTCHA it should be checked whether the data entry on our websites (e.g. in a contact form) is done by a human being or by an automated program. For this reCAPTCHA analyzes the behavior of the web site visitor on the basis of different characteristics. This analysis starts automatically as soon as the website visitor enters the website. For analysis reCAPTCHA evaluates various information (e.g. IP address, dwell time of the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background. Visitors to the website are not informed that an analysis is taking place.
The data processing is based on Art. 6 para. 1 lit. f GDPR or § 25 TTDSG.
14. Online Seminars
If you would like to take part in our voluntary online seminars, a separate registration is required. For the online seminar registration, we collect your email address, first and last name on the basis of Art. 6 (1) (b) GDPR. Your data will be stored for 12 months (after the last registration) or until you object to the storage by sending an email to email@example.com and wish to delete your data. If there are no legal retention periods, your data will be deleted within 10 days after discussion of the revocation.
To conduct the online seminars we use the GoToWebinar software solution provided by LogMeIn Ireland Limited, Bloodstone Building Block C, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland. Your data is processed on servers hosted by LogMeIn solely in the USA and within the scope of the GDPR. We have also entered into data protection agreements with LogMeIn (including the EU standard data protection clauses), in which we oblige the provider to process our customers’ data strictly in accordance with their instructions, to protect it and not to pass it on to third parties.
LogMeIn Limited takes additional technical precautions to protect personal information. Personal data is not transferred to third parties in accordance with Art. 4 (10) GDPR.
15. Integration- and Agency Partners
If you are a developer and want to become an integration or agency partner, we need some more details about your app and your contact details. The data processing is carried out for contacting and verification reasons based on your voluntary consent according to Art. 6 (1) (a) GDPR. You will be publicly listed as an integration or agency partner after our review and coordination with you. In the process, the contact details you provide will be published. You can revoke your consent at any time with effect for the future by sending an email to firstname.lastname@example.org and terminate the cooperation or listing as an integration or agency partner.
For the testing and management as an integration or agency partner, we use the external service provider (Atlassian PTy Ltd), which is strictly bound by instructions in accordance with a closed data protection agreement and has taken appropriate technical and organizational measures to protect personal data. By submitting your information, you also consent to the transfer of the personal data you have provided to the service provider and thus to a third country on the basis of Art. 49 (1) (a) GDPR. You can object to your consent at any time by sending an email to email@example.com.