Privacy Policy

Here you can find our Privacy Policy

1. General Privacy Policy

Insofar as we decide either alone or jointly with others on the purposes and means of data processing, this includes above all the obligation to inform you transparently about the nature, scope, purpose, duration and legal basis of the processing (cf. Articles 13 and 14 GDPR). With this statement (hereinafter: ” Privacy Policy “), we inform you about the manner in which your personal data is processed by us.

Definitions

Following the example of Art. 4 GDPR, this Privacy Policy is based on the following definitions:

  • ‘personal data’ (Art. 4 No. 1 GDPR) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • ‘processing’ (Art. 4 No. 2 GDPR) means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • ‘controller’ (Art. 4 No. 7 GDPR) means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  • ‘third party’ (Art. 4 No. 10 GDPR) means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
  • ‘processor’ (Art. 4 No. 8 GDPR) means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • ‘consent’ (Art. 4 No. 11 GDPR) of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

Data Controller

CleverReach GmbH & Co. KG is responsible for the data collection and processing explained in this policy. You can find our contact data in our imprint.

Usage data & log files

When you visit our web pages, temporary so-called usage data are stored on our web server for statistical purposes as a protocol to improve the quality of our web pages. This data set contains:

  • The page from which the file was requested,
  • The file name,
  • The date and time of the query,
  • The amount of data transferred,
  • The access status (file transferred, file not found),
  • The description of the type of web browser used,
  • The IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.

These log data are only stored anonymously. We store this log data strictly earmarked for a maximum of seven days to be able to detect, limit, and eliminate attacks on our websites. We delete these data at the end of this period. The legal basis is Art. 6 (1) (f) GDPR.
Due to the use of subcontractors, data processing may also be performed outside the EU or EEA. Please note that there is a risk that authorities may access the data for security and monitoring purposes without you being informed or having a right to object. If you consent, the transfer to a third country will be based on Art. 49 (1) (a) GDPR.


2. Analysis tools and third-party tools

When you visit our website, your surfing behavior can be statistically evaluated. This is primarily done with cookies and so-called analysis programs. The analysis of your surfing behavior usually takes place anonymously – it cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools. Read this privacy policy for further details.


3. Cookies

We use cookies on our websites. Cookies are small text files that are assigned to the browser you are using and stored on your hard drive by means of a characteristic string of characters, and through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer and therefore cannot cause any damage. They serve to make the offer as a whole more user-friendly and effective, i.e. more pleasant for you.

Cookies can contain data that make it possible to recognize the device used. In some cases, however, cookies only contain information on certain settings that cannot be related to a specific person. However, cookies cannot directly identify a user.
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

In terms of their function, cookies are in turn distinguished between:

  • Technical cookies: these are mandatory to move around the website, use basic functions and ensure the security of the website; they do not collect information about you for marketing purposes, nor do they store which web pages you have visited;
  • Performance cookies: these collect information about how you use our website, which pages you visit and, for example, whether errors occur during website use; they do not collect information that could identify you – all information collected is anonymous and is only used to improve our website and find out what interests our users;
  • Advertising Cookies, Targeting Cookies: these are used to provide the website user with tailored advertising on the website or third party offers and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 14 months;
  • Sharing cookies: these are used to improve the interactivity of our website with other services (e.g. social networks); Sharing cookies are stored for a maximum of 3 months.

Any use of cookies that is not strictly technically necessary constitutes data processing that is only permitted with your explicit and active consent pursuant to Art. 6 (1) p. 1 lit. a GDPR. This applies in particular to the use of advertising, targeting or sharing cookies. In addition, we will only share your personal data processed through cookies with third parties if you have given your express consent to do so pursuant to Art. 6 (1) p. 1 lit. a GDPR.

3a. Google Analytics

For the demand-oriented design of our website we create pseudonymous usage profiles with Google Analytics. Google Analytics use cookies that are placed on your device and we can read them. This allows us to recognize returning visitors and count them as such.

The information a cookie generates about your use of this website is usually transferred to a Google server in the United States and will be stored there. However, because we have activated IP anatomization on this website, your IP address will be shortened beforehand by Google within Member States of the European Union. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and be shortened there. If the data is processed outside the EU/EEA, please note that authorities may access the data for security and monitoring purposes without you being informed or having the right to appeal. If we use providers in unsafe third countries and you give your consent, the transfer to a third country takes place based on Art. 49 para. 1 letter a GDPR.

To ensure the level of data protection in the case of processing in third countries (in particular also the USA), Google Ireland Ltd. has agreed to the standard contractual clauses with its subcontracted processors (in particular Google LLC), which are based on Module 3 of the standard contractual clauses for the transfer of personal data to third countries adopted by the European Commission on June 4, 2021 (https://business.safety.google/adsprocessorterms/sccs/eu-p2p-intra-group/).

The legal basis for the data processing is your consent pursuant to Art. 6 (1) a GDPR or § 25 (1) TTDSG

3b. Facebook Pixel

Our website uses the “visitor action pixel” of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).

This way, the behavior of page visitors can be tracked after they have been forwarded to the provider’s website by clicking on a Facebook advertisement. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

For us as the operator of this website, the collected data is anonymous; we cannot draw any conclusions about the identity of the users.

However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage policy (https://www.facebook.com/about/privacy/).

This allows Facebook to serve ads on Facebook pages and outside of Facebook.
A cookie may also be stored on your computer for this purpose. The data processed by Facebook and linked to cookies are automatically deleted after 90 days.

Please see Facebook’s privacy policy for more information about your privacy: https://www.facebook.com/about/privacy/.
You can also deactivate the marketing function “Custom Audiences” in the settings section for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook.
If you do not have a Facebook account, you can disable Facebook usage-based advertising on the European Interactive Digital Advertising Alliance website: https://www.youronlinechoices.com/uk/your-ad-choices.

The legal basis for the data processing is Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.
With your consent, you also agree pursuant to Art. 49 para. 1 p. 1a) GDPR that your data will be processed in the USA. The USA is assessed by the European Court of Justice as a country with an insufficient level of data protection according to EU standards.
In particular, there is a risk that your data may be processed by U.S. authorities for control and monitoring purposes, possibly also without any legal remedy.

3c. Retargeting Google

We use Google’s cross-device remarketing technologies to enable us to display targeted advertising on other websites based on your visit to our websites.

When you visit our websites, it is possible that Google’s Cross-Device Remarketing technologies may retrieve recognition features for your browser or your end device (e.g. create a so-called browser fingerprint), evaluate your IP address or store a recognition feature in the form of a small data file on your end device (e.g. a so-called third-party cookie).

It is also possible that Google may link and store your visit to our website with one or more of these recognition features in order to display our advertising on other pages on the Internet. The recognition features described above are designed as pseudonyms.

Due to the cross-device remarketing technologies at Google, we can commission the placement of advertisements on other websites that are based on the visits on our websites. So, if you visit another website that is part of Google’s display advertising network, Google can use the recognition features to determine alternatives, and if so, which of our ads should be displayed to you. For more information on how Google Remarketing technologies work, visit https://www.google.com/policies/technologies/ads/.

If you sign in to Google services with your own credentials or use one or more of your own Google accounts, Google may link the recognition features of different browsers and devices.

So, if Google has created a recognition feature for your laptop, desktop PC or smartphone or tablet, you can associate those features once you use or have used a Google service with your sign-in information. In this way, Google can also play our advertising campaigns beyond end devices in a targeted manner. However, Google will only do this if you have agreed to this data processing in the past.

You have the option of making settings for advertising. You can object to this form of advertising at any time. To do so, please visit https://support.google.com/ads/answer/2662922 and deactivate personalized advertising. Please note that these settings may not affect all devices and browsers.

The legal basis for the data processing is Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.

3d. Google AdWords (as of 24.07.2018 Ads) and Google Conversion Tracking

This website uses Google Ads. Google Ads is an online advertising service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The responsible party is Google.

In the context of Google AdWords, we use the so-called Conversion Tracking. When you click on an ad served by Google, a cookie is placed for conversion tracking.

These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and Clever Reach can recognize that the user has clicked on the ad and has been redirected to this page.

Each Google AdWords customer receives a different cookie. Cookies cannot be tracked through the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they will not receive any information that personally identifies users. If you do not wish to participate in tracking, you can opt out of this use by simply deactivating the Google Conversion Tracking cookie via your Internet browser under User Settings. You are then not included in the conversion tracking statistics.

For more information on how Google processes your data for ads, please see Google’s privacy policy and the Google Ads Help.

The legal basis for the data processing is your consent pursuant to Art. 6 (1) subparagraph 1 lit. a GDPR or § 25 (1) TTDSG.

3e. Hotjar

This website uses the Hotjar tool of the provider Hotjar Limited (Hotjar Ltd.), Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta, to analyze the use of our offers. Hotjar provides a variety of options such as heat maps, visitor recordings, funnel and form analytics, feedback polls, surveys, and recruiters (for more information, please visit https://www.hotjar.com/).

Hotjar is a complete analytics-and-feedback tool that provides both online behavior analytics and feedback from website visitors. By combining both A) analytics and B) feedback, Hotjar gives us a “big picture” of how to improve our website user experience and performance.

In doing so, the analytics tool allows us to monitor user behavior (what users are doing), while the feedback tool allows us to hear what users are saying (user voice). By doing so, Hotjar allows us to analyze and understand the behavior patterns of our website visitors and customers on our web presences with the help of using analytics and feedback. The sole purpose of the data collection is to improve the functionality of the website and the overall user experience of users and customers.
As part of the use of Hotjar, data may be processed such as the IP address (stored in anonymized form), screen resolution, device type (unique device identifiers), operating system, browser, geographic location (country only), language preferred to view our website, mouse movements, keystrokes, referral URL and domain, web pages visited and date and time when the web pages were visited. In order to work properly, Hotjar sets cookies in your browser.
These have different lifetimes; some remain stored for up to 365 days, some only during the current website visit (see: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookie-Information).

The legal basis for the data processing is your consent pursuant to Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.
You can revoke your consent via the banner (by clicking on “Cookie settings” in the footer) at any time. The information generated and processed by cookies and, if applicable, integrated script of the service about your use of this website is usually transmitted to a server of Hotjar in Ireland (European Union) and stored there (https://help.hotjar.com/hc/en-us/articles/115011639887-Data-Safety-Privacy- Security#FAQ_1).

We have also entered into a contract for commissioned processing with Hotjar Limited in accordance with Art. 28 GDPR, in which the provider undertakes to make appropriate and legally binding contractual arrangements and to take control measures to ensure data protection and data security when using subcontractors and under which data transfers to third countries take place under EU standard data protection clauses. The processor will also use all information strictly for the purpose of analyzing the use of our website and user-related behavior for us.

For more information on data protection at Hotjar, see: https://www.hotjar.com/privacy/.

3f. Microsoft Ads

This website uses Microsoft Ads, a service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

When you click on one of our ads on Bing or on selected Bing network sites, a temporary cookie is placed on your computer. When you now reach one of our conversion pages – recognizable for Microsoft Bing and us – we know that you have previously clicked on the ad. This is used to create conversion statistics, i.e. to record how many users reach a conversion page after clicking on an ad, i.e. to complete an order process.

If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this.

The legal basis for the data processing is your consent in accordance with Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.

3g. Social plugins

Our website contains icons of the social networks Facebook and Instagram, the Internet video portal YouTube and the microblogging service Twitter. These services are provided by the companies Meta Platforms Ireland Ltd. (“Facebook” and “Instagram”); Google Ireland Limited (“YouTube”) and Twitter International Company. Inc. (“Twitter”) and each have their own privacy regulations.

This gives you the opportunity to share the posts deposited on our website on the aforementioned platforms. These are not plugins, but merely links that forward to the respective provider to share posts there.
Normally, these social plugins lead to the fact that every visitor to a page is immediately recorded by these services with his IP address and his further activities on the Internet are logged. This happens even if the user does not click on any of the buttons.

To prevent this, we use the Shariff method. Our social buttons establish direct contact between the social network and the visitor only when the latter actively clicks on the button.

By clicking on the corresponding icon, the respective target page opens in a separate tab/window and you must then log in there with your data. In doing so, you will leave our website and your data will be processed by these services in accordance with their privacy protection regulations. Information on the page of origin (so-called referrer data) is transferred to the target page so that the content or posts can be displayed there.

For further information and technical details on the Shariff solution, please visit: Initiative of heise.de for a 2-click method called “Shariff”.

For more information on data processing on the provider pages, please refer to the data protection notices of the operators.
Data protection information from Facebook: https://www.facebook.com/policy.php
Privacy policy of YouTube: https://policies.google.com/privacy?hl=en
Privacy policy of Twitter: https://twitter.com/privacy

3h. Taboola

We use services provided by Taboola Inc (1115 Broadway, 7th Floor, New York, NY 10010, USA) on our website. Taboola uses cookies that determine which content you use and which of our pages you visit.
These cookies are not used for personal identification, but only collect pseudonymized data.

Taboola collects the following user information by means of cookies: User’s operating system, web pages/content accessed on our websites, referrer/link through which the user came to our website, time and number of website visits, location information (city and state), IP addresses in shortened form.
If you visit certain pages of ours and the cookie has not yet expired, we and the providers can recognize that someone has clicked on the ad and thus been redirected to our site.

You can find more data protection information on Taboola at: https://www.taboola.com/policies/privacy-policy.
The legal basis for data processing is your consent pursuant to Art. 6 para. 1 subparagraph 1 lit. a GDPR or § 25 para. 1 TTDSG.

3i. SurveyMonkey

For individual surveys, we use the web service SurveyMonkey (SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Ballsbridge, Dublin 4, Ireland) to create and analyse online surveys. Your Participation is voluntary.

SurveyMonkey collects information about the device and application you use to take the survey. This includes your IP address, operating system version, device type, device ID/MAC address, system and performance information, and browser type. If you participate in the survey via a mobile device, SurveyMonkey also collects the device’s UUID. SurveyMonkey also uses third-party tracking services, which in turn use cookies and page tags to collect usage data and user statistics. We have no control over the amount of data SurveyMonkey collects. In addition, SurveyMonkey collects response data, metadata and cookie data using machine learning techniques to develop new features and improve its service, detect fraud and develop products with aggregated data. This is also used to provide useful and relevant insights to survey companies, such as CleverReach in this case.

For more information about the cookies SurveyMonkey uses, privacy and retention periods, please visit the following link https://www.surveymonkey.com/mp/legal/privacy/.
As a survey participant, you can contact us at any time to request deletion of your survey data, including personal data if collected. A subsequent correction of individual answers after the survey has been sent is not possible.

The legal basis for data processing is your consent in accordance with Art. 6 (1) lit. a DS-GVO or § 25 (1) TTDSG.
With your consent, you also consent to your data being processed in the USA pursuant to Art. 49 (1) p. 1a DSGVO. For transfers to the U.S., an adequate level of data protection is ensured by the certification of the provider under the adequacy decision (EU-U.S. Privacy Framework).

3j. WiredMinds

Our website uses the pixel-code technology of WiredMinds GmbH (www.wiredminds.de, Lindenspürstraße 32, 70176 Stuttgart) to analyse visitor behaviour. This involves processing the IP address of a visitor. The processing is carried out exclusively for the purpose of collecting company-relevant information such as the company name. IP addresses of natural persons are excluded from further use (whitelist procedure). The IP address is not stored in LeadLab under any circumstances. When processing the data, it is in our particular interest to protect the data protection rights of natural persons.

Our interest is based on Art. 6 para. 1 lit. (f) GDPR. The data we collect does not allow any conclusions to be drawn about an identifiable person at any time, and WiredMinds GmbH uses this information to create anonymous user profiles based on the visiting behaviour on our website. The data obtained is not used to personally identify visitors to our website. An order processing contract has been concluded with WireMinds GmbH in accordance with Art. 28 GDPR.

Exclude from tracking (A technically necessary cookie is set to permanently exclude you from tracking by WiredMinds LeadLab on this website)


4. Explanation of safety measures

To protect your data from unwanted access as comprehensively as possible, we take technical and organizational measures. We use encryption on our pages. Your information is transmitted from your computer to our server and vice versa via the Internet using TLS encryption. You know this by the fact that the lock symbol is closed in the status bar of your browser and the address line starts with https://.


5. Rights of the data subject

When processing your personal data, GDPR grants you as a website user certain rights:

  1. Right of access by the data subject (Art. 15 GDPR):
    You have the right to obtain from the controller confirmation as to whether personal data concerning you are being processed; if this is the case, you have a right to access this personal data and to all information specified in Art. 15 GDPR.
  2. Right to rectification and erasure (Art. 16 and 17 GDPR):
    You have the right to request the immediate rectification of inaccurate personal data concerning you and, if necessary, the completion of incomplete personal data. You also have the right to obtain the immediate erasure of personal data concerning you if one of the reasons specified in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued.
  3. Right to restriction of processing (Art. 18 GDPR):
    You have the right to request a restriction on processing if one of the conditions set out in Article 18 GDPR applies, e.g. if you have lodged an objection to processing, for the duration of any examination.
  4. Right to data portability (Art. 20 GDPR):
    In certain cases, which are listed in Article 20 of GDPR, you have the right to receive personal data concerning you in a structured, commonly used and machine-readable format or to request the transmission of this data to a third party.
  5. Right to object (Art. 21 GDPR):
    If data is collected on the basis of Art. 6 (1) (f) GDPR (data processing to protect legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process your personal data unless there are demonstrably compelling reasons worthy of protection for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
  6. Right to lodge a complaint with a supervisory authority
    According to Art. 77 GDPR, you have the right of appeal to a supervisory authority if you believe that the processing of data concerning you violates data protection regulations. The right of appeal may be exercised in particular before a supervisory authority in the Member State where you are staying, working or suspected of infringing.

6. Contact details of the data protection officer

Our company data protection officer will be happy to provide you with information or suggestions on the subject of data protection:

Dr. Uwe Schläger
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Germany
Web: www.datenschutz-nord-gruppe.de
Email: office@datenschutz-nord.de
Phone: +49 421/696632-0


7. Newsletter on request

We offer you the opportunity to subscribe to our newsletter on our website. If you have given us your separate consent to inform you about our own products and services by email, the corresponding processing is based on Art. 6 (1) (a) GDPR. In addition, we offer you the opportunity to subscribe to our info newsletter with relevant information about selected partners and their services for your email marketing. These are primarily services that can improve online marketing.

By registering for this newsletter, you agree that we may track your clicking and opening behavior in order to provide you with the best possible newsletter service. If we process your personal data on the basis of your consent, you may revoke your consent at any time without affecting the legality of the processing to date. If you do not wish to receive our newsletter in the future, you can easily unsubscribe at any time, e.g. by sending an email to info@cleverreach.com or by clicking on the unsubscribe link you can find in every newsletter email. Your personal data will be deleted within 3 months after the end of your newsletter subscription, provided that the deletion does not conflict with any legal obligation to retain your data.


8. Contact & Support Form

You can contact us via web forms. To use our contact form, we usually only need your email address. You can provide further information, but you do not have to. By submitting the respective form, you agree that the data you provide will be electronically recorded and stored for up to 6 years. In the contractual relationship, the legal basis of the processing is Art. 6 (1) (b) GDPR, otherwise Art. 6 (1) (f) GDPR. The web page operator has a justified interest to lead your exchange and to process your inquiry appropriately. In this respect, we use your data exclusively for processing your inquiry.

To process your support or contact request, we use the Zendesk software solution provided by Zendesk Inc, 1019 Market St, San Francisco, CA 94103, USA. Your data will be processed on servers hosted by Zendesk exclusively in the USA and within the scope of the GDPR. We have also concluded data protection agreements with Zendesk (in accordance with the EU standard data protection clauses, among others), by which we oblige the provider to process our customers’ data strictly in accordance with their instructions, to protect it and not to pass it on to third parties. Zendesk Inc. takes further technical precautions to protect personal data. Personal data will not be transferred to third parties in the sense of Art. 4 (10) GDPR.


9. Account registration to use our software

To use our CleverReach software for free, you need to register first. For account registration we collect your email address on the basis of Art. 6 (1) (b) GDPR. We will store your data until you object to its storage by email to info@cleverreach.com in which you wish to delete your account. If there are no legal retention periods, your data will be deleted within 10 days after you have entered your objection.

You can use a free account if we may send you regular email account reports, news & product information in return. The CleverReach GmbH & Co. KG will use your data exclusively for the aforementioned purpose and will not pass it on to third parties. You can unsubscribe from the newsletter in any email or object to the storage of your data by email to info@cleverreach.com and request that we delete your data at any time, provided that the erasure does not conflict with any legal storage obligations.

We use the software solution HubSpot Sales Hub, provided by HubSpot, Inc., 25 First Street, Cambridge, MA 02141 USA, for the registration and administration of customer data. Your data is processed on servers hosted by HubSpot, Inc. in Germany, among other places, and within the scope of the GDPR. We have also entered into appropriate data protection agreements with HubSpot, Inc. (including in accordance with the EU standard data protection clauses or a DPA in accordance with order processing pursuant to Art. 28 GDPR) that require the provider to process our customers’ data strictly in accordance with our instructions, to protect it, and not to share it with third parties. HubSpot, Inc. takes additional technical precautions to protect personal information. We do not share personal data with third parties as defined by Art. 4 (10) GDPR.


10. Paid use

If you want to use our CleverReach software as a paid version, you have to register first. We store and use your personal data, which you transmit in the course of the registration or an order process, on the basis of Art. 6 (1) (b) GDPR exclusively for the processing of your orders. We will use your email address to inform you about the status of your order or to send you the respective receipts. We also offer you to send you account reports and news & product information by email.

If after the conclusion of a chargeable contract there is an obligation to provide us with your payment data (e.g. account number for direct debit authorization), this data is required for payment processing. Payment transactions via the common means of payment (Visa/MasterCard, PayPal, direct debiting) are made exclusively via an encrypted SSL or TLS connection.In the case of encrypted communication, your payment data you transmit to us cannot be read by third parties. We may transfer data to other responsible parties (such as PayPal (Europe) or Mollie B.V.) who are necessary payment service providers for the secure execution of the payment.


11. Applications, in particular via HCM4all

We process your data within the scope of applicant management for the purpose of deciding on establishing an employment relationship on the basis of § 26 of the Federal Data Protection Act (BDSG). We process the data you provide in the course of your (online) application exclusively for the purpose of selecting applicants. Data will not be processed for other purposes.
You yourself determine the scope of data that you would like to submit as part of your application. Applications are transmitted electronically to our Human Resources Department where they are processed as quickly as possible. Applications are forwarded to the heads of the relevant specialist departments in our company. Beyond that, your data will not be passed on. our information will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after 6 months.

With your express consent, we will store your data for an additional 24 months in our applicant or talent pool to consider it in future job advertisements.

The talent pool is managed by the entire Ashampoo group of companies that consists of the following companies:

  • Ashampoo GmbH & Co. KG
  • CleverReach GmbH & Co. KG
  • Personizer GmbH & Co. KG

In case your application is considered for another vacant position at the Ashampoo group of companies, we will forward your application documents to the respective department and contact you by phone or e-mail if necessary. Your data will be processed based on art. 6 para. 1 lit. a, 7 GDPR in connection with § 26 paragraph 2 BDSG.
Your declaration of consent includes the processing of all data that you have made available to us within the scope of the application procedure. In addition, data that was necessary to process the application (correspondence, handwritten notes from job interviews, etc.) will also be processed and stored. Additionally, we may process job-related information made publicly available by you, such as a profile on business-related social media networks or online job portals.

Your data is only accessible to selected employees within the Ashampoo group of companies who are involved in filling vacant positions. Your data will only be passed on within the Ashampoo group of companies to the extent necessary for the application process. Your data will not be passed on to third parties or used for other purposes.
Unless you revoke your consent to the processing of your data in the talent pool, your data will be completely deleted after 24 months at the latest. You will not be informed about the deletion of your data.
You can revoke your consent informally at any time, e.g. by sending an e-mail to hr@crash.immo.
We use the software solution HCM4all GmbH, Trogerstraße 48, 81675 Munich, Germany, to carry out the application management.

We have also concluded appropriate data protection agreements with HCM4all (including the EU standard data protection clauses), by which we oblige the provider to process our applicants’ data strictly in accordance with instructions, to protect them and not to pass them on to third parties. HCM4all takes further technical precautions to protect personal data. A transfer of personal data to third parties in terms of Art. 4 (10) GDPR does not take place.


12. YouTube videos

Our website uses plugins from Google’s YouTube site. This website is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited. Furthermore, Youtube can store various cookies on your end device. With the help of these cookies, Youtube can obtain information about visitors to our website. This information is used, among other things, to collect video statistics, improve user-friendliness and prevent fraud attempts.

The cookies remain on your terminal until you delete them.
If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. Further information on how user data is handled can be found in YouTube’s data protection declaration at: https://policies.google.com/privacy?hl=en.


13. Captcha

To protect our web forms from automated queries, we use a third party captcha provider. As part of the captcha function, you may be asked to complete tasks or click on checkboxes. The user’s input and, where applicable, mouse movements are used to determine whether the input is from a human or an automated program. As the functionality is provided by a third party, displaying the captcha will cause the third party’s content to be reloaded. As a result, the third party receives information that you have accessed our site and the usage data technically required in this context. We have no control over the further processing of the data by the third party.

The embedding takes place on the basis of Art. 6 (1 lit. f)GDPR and in the interest of protection against spam and misuse.

If the data is processed in this context outside the EU or the EEA (in particular in the USA), we provide information on the level of data protection in the following table.


14. Online Seminars

If you would like to take part in our voluntary online seminars, a separate registration is required. For the online seminar registration, we collect your email address, first and last name on the basis of Art. 6 (1) (b) GDPR. Your data will be stored for 12 months (after the last registration) or until you object to the storage by sending an email to info@cleverreach.com and wish to delete your data. If there are no legal retention periods, your data will be deleted within 10 days after discussion of the revocation.

To conduct the online seminars we use the GoToWebinar software solution provided by LogMeIn Ireland Limited, Bloodstone Building Block C, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland. Your data is processed on servers hosted by LogMeIn solely in the USA and within the scope of the GDPR. We have also entered into data protection agreements with LogMeIn (including the EU standard data protection clauses), in which we oblige the provider to process our customers’ data strictly in accordance with their instructions, to protect it and not to pass it on to third parties.

LogMeIn Limited takes additional technical precautions to protect personal information. Personal data is not transferred to third parties in accordance with Art. 4 (10) GDPR.


15. Integration Partners

If you are a developer interested in becoming one of our integration partners, we will need some information about your app as well as your contact details. This data processing is carried out for contact and verification purposes on the basis of your voluntary consent according to Art. 6 (1) (a) GDPR. After our review, you will be publicly listed as an integration partner. Your contact details will be published. You may withdraw your consent at any time with future effect by sending an email to info@cleverreach.com and terminate the cooperation or listing as an integration partner.

We use an external service provider (Atlassian PTy Ltd) to verify and manage our integration partners. The service provider acts on our behalf under strict instructions in accordance with a data protection agreement and has taken appropriate technical and organizational measures to protect personal data. Your data will be transferred to the service provider and thus to a third country based on Art. 49 (1) (a) GDPR. You may withdraw your consent at any time by sending an email to info@cleverreach.com.


16. Publication of Agency Directory Entries

Our Agency Directory is published on our website. The individual entries contain the information provided when the entry was created, including your name, legal form and address, phone number, email address, logo, the languages you offer and use in email marketing campaigns, year of establishment, CleverReach client ID and website URL, as well as the type of services you offer, your area of specialization and your minimum budget. Your listing serves the fulfillment of the concluded contract according to Art. (6) (b) GDPR. Apart from the listing, there will be no further processing of your data. If you do not agree with the publication in the agency directory, you can terminate the contract according to legal regulations. We will store your data until you notify us that the entry should no longer be published.