Data protection declaration
This data protection declaration clarifies the manner, the extent and purpose of the processing of personal data (in the following “data”) within our online content and the websites, functions and contents connected with it as well as external online presences as e.g. our social media profile (in the following all together designated as “online content”). Regarding the terminology used such as e.g. “processing” or “person responsible”, we draw your attention to the definitions in Art. 4 of the General Data Protection Regulation (DSGVO).
Person responsible
novalink GmbH
Christoph Hodel
Zürcherstrasse 310
8500 Frauenfeld
Switzerland
info@novalink.ch
Types of processed data:
– Inventory data (e.g. names, addresses).
– Contact data (e.g. email, telephone numbers).
– Content data (e.g. text input, photos, videos).
– Usage data (e.g. websites visited, interest in contents, access times).
– Meta-/communication data (e.g. device information, IP addresses).
Categories of parties concerned
Visitors and users of the online content (in the following we also describe the parties concerned in summary as “users”).
Purpose of the processing
– Provision of the online content, its functions and contents
– Answering of contact enquiries and communication with users
– Security procedures
– Reach measurement /marketing
Terminology used
“Personal data” is all information which refers to an identified or identifiable natural person (in the following “person concerned”); a natural person is seen as being identifiable who can be identified, directly or indirectly, especially by way of allocation to an identification such as a name, an identification number, location data, an online identification (e.g. cookie) or one or several special features, which are the expression of the physical, physiological, genetic, psychic, economic, cultural or social identity of this natural person.
“Processing” is each procedure carried out with or without aid from automatic processes or any such set of operations in connection with personal data. The term is broad and can describe practically any handling of data.
As “responsible person” is designated the natural or legal person, authority, organisation or other office which decides alone or together with others on the purposes and means of the processing of personal data.
Relevant legal bases
According to Art. 13 DSGVO we inform you of the legal bases of our data processing. Insofar as the legal basis in the data protection declaration is not named, the following applies: The legal basis for the obtaining of permission is Art. 6 Para. 1 lit. a and Art. 7 DSGVO, the legal basis for the processing to fulfil our services and execution of contractual measures as well as answering enquiries is Art. 6 Para. 1 lit. b DSGVO, the legal basis for the processing to fulfil our legal obligations is Art. 6 Para. 1 lit. c DSGVO, and the legal basis for the processing for the protection of our legitimate interests is Art. 6 Para. 1 lit. f DSGVO. For the case that vital interests of the person concerned or another natural person makes a processing of personal data necessary, Art. 6 Para. 1 lit. d DSGVO serves as legal basis.
Cooperation with processors and third parties
Insofar as we disclose data in the scope of our processing to other persons and companies (processors or third parties), transmit it to these or grant them otherwise access to the data, this ensues only on basis of a legal permission (e.g. if a transmission of the data to third parties such as payment service providers as according to Art. 6 Para. 1 lit. b DSGVO is necessary for contract fulfilment), you have agreed, a legal obligation plans this or on the basis or our legitimate interests (e.g. use of authorised representatives, web hosts, etc.).
Insofar as we commission third parties with the processing of data on the basis of a so called “processor contract”, this occurs on the basis of Art. 28 DSGVO.
Transmissions into third countries
Insofar as we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or this occurs in the scope of the use of services of third parties or disclosure or transmission of data to third parties, this only ensues if it occurs to fulfil our (pre) contractual obligations, on the basis of your permission, on the basis of a legal obligation or on the basis of our legal interests. Subject to legal or contractual permission, we process or have the data processed in a third country only if the special requirements according to Art. 44 ff. DSGVO are fulfilled. I.e. the processing ensues e.g. on the basis of special guarantees such as the officially recognised ascertainment of a level of data protection corresponding to the EU (e.g. for the USA via the “privacy shield”) or the observation of officially recognised special contractual obligations (so called “standard contractual clauses”).
Rights of the persons concerned
You have the right to demand a confirmation whether relevant data is processed and of information about this data as well as further information and copy of the data according to Art. 15 DSGVO.
You have the right according to Art. 16 DSGVO to demand the completion of the data concerning you or the correction of the incorrect data concerning you.
You have the right according to Art. 17 DSGVO to demand that the relevant data is immediately deleted or alternatively according to Art. 18 DSGVO to demand a restriction in the processing of the data.
You have the right to demand to receive the data concerning you which you have given us according to Art. 20 DSGVO and to demand its transmission to other responsible persons.
Further according to Art. 77 DSGVO, you have the right to hand in a complaint to the responsible supervisory authority.
Right of withdrawal
You have the right to withdraw issued permission according to Art. 7 Para. 3 DSGVO with effect for the future
Right of objection
You can object to the future processing of the data concerning you according to Art. 21 DSGVO at any time. The objection can ensue especially against the processing for the purposes of direct advertising.
Cookies and right to objection with direct advertising
Small files are designated as “cookies” which are stored on the computers of the users. Various information can be stored within the cookies. A cookie primarily serves to store the information on a user (or the device on which the cookie is stored) during or also after his visit within an online content. Designated as temporary cookies or “session cookies” or “transient cookies” are cookies which are deleted after a user leaves an online content and closes his browser. In such a cookie e.g. the contents of the shopping cart can be stored in an online shop or a login jam. Cookies are designated as “permanent” or “persistent” which also remain stored after the closing of the browser. Thus e.g. the login status can be stored if the user visits these after several days. Likewise in such cookies the interests of the user can be stored which are used for reach measurement or marketing purposes. Cookies are designated as “third party cookies” which are offered by other suppliers to the persons responsible who operate the online content (otherwise if it is only these cookies they are called “first party cookies”).
We can use temporary and permanent cookies and clarify this in the scope of our data protection declaration.
In case the users do not want cookies stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system setting of the browser. The exclusion of cookies can lead to function restrictions in this online content.
A general objection to the use of the cookies for purposes of online marketing with a great number of services, especially in the case of tracking, can be explained via the American site http://www.aboutads.info/choices/or the EU site http://www.youronlinechoices.com/. Further, the storing of cookies can be achieved by way of their being disabled in the settings of the browser. Please heed that in this case possibly not all functions of this online content can be used.
Deletion of data
The data processed by us is deleted according to Art. 17 and 18 DSGVO or restricted in its processing. Insofar as not expressly stated in the scope of this data protection declaration, the data we have stored is deleted as soon as it is not necessary for its intended purpose any more and statutory storage obligations are not in opposition to the deletion. Insofar as the data is not deleted because it is necessary for other and legally permissible purposes its processing is restricted. I.e. the data is locked and not processed for other purposes. This applies e.g. to data which has to be retained for commercial or tax law reasons.
According to legal requirements in Switzerland, the storage ensues especially for 10 years according to GeBüV. ART. 1 to ART. 12.
Business related processing
In addition we process
– contract data (e.g. contractual object, duration, customer category).
– payment data (e.g. bank details, payment history)
of our customers, interested parties and business partners for the purpose of rendering contractual services, service and customer care, marketing, advertising and market research.
Hosting
The hosting services we use make the following services available: Infrastructure and platform services, computing capacity, storage space and data base services, security services as well as technical maintenance services which we use for the purpose of the operation of this online content.
Here we process or our hosting supplier processes inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, interested parties and visitors of this online content on the basis of our legitimate interests in an efficient and secure provision of this online content according to Art. 6 Para. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO (conclusion of processor contract).
Collection of access data and log files
On the basis of our legitimate interests in the sense of Art. 6 Para. 1 lit. f. DSGVO, we or our hosting suppliers collect data about each access of the server on which this service is (so called server log files). The access data includes the name of the website called up, file, date and time of the calling up, transmitted data volume, communication about successful calling up, browser type as well as version, the operating system of the user, referrer URL (the site visited before), IP address and the enquiring provider.
Log file information is stored for security reasons (e.g. to clear up acts of abuse or fraud) for the duration of 7 days at the most and then deleted. Data the further storage of which is necessary for purposes of proof is excluded from the deletion until the individual event is finally clarified.
Agency services
We process the data of our customers in the scope of our contractual services which include conceptional and strategic advice, campaign planning, software and design development/advice or maintenance, implementation of campaign and processes / handling, server administration, data analysis / advisory services and training.
Here we process inventory data (e.g. customer master data such as names or addresses), contact data (e.g. email, telephone numbers), content data (e.g. text input, photos, videos), contract data (e.g. contract object, duration), payment data (e.g. bank details, payment history), usage and meta-data (e.g. in the scope of the evaluation and measurement of success of marketing measures). We do not basically process special categories of personal data except when they are components of a commissioned processing. The people concerned include our customers, interested parties as well their customers, users, website visitors or staff as well as third parties. The purpose of the processing consists in the rendering of contractual services, settlement and our customer service. The legal bases of the processing ensue from Art. 6 Para. 1 lit. b DSGVO (contractual services), Art. 6 Para. 1 lit. f DSGVO (analysis, statistics, optimisation, security measures). We process data necessary for the justification and fulfilment of the contractual services and point out the necessity of giving it. A disclosure to externals only ensues if necessary in the scope of an order. With the processing of the data submitted to us in the scope of an order, we handle according to the instructions of the customers as well as the legal requirement of an order processing according to Art. 28 DSGVO and process the data for no other purpose than those as ordered.
We delete the data after expiry of legal guarantee and comparable obligations, the necessity of the retention of the data is checked every three years; in the case of the legal archiving obligations the deletion ensues after their expiry (10 years according to GeBüV. ART. 1 to ART. 12). In the case of data which the customer discloses to us in the scope of an order, we delete the data according to the specifications of the order basically after termination of the order.
Administration, financial accounting, office organisation, contact management
We process data in the scope of administrative tasks as well as organisation of our company, financial accounting and compliance with the legal obligations as e.g. the archiving. Here we process the same data which we process in rendering our contractual services. The processing basics are Art. 6 Para. 1 lit. c. DSGVO, Art. 6 Para. 1 lit. f. DSGVO. The processing concerns customers, interested parties, business partners and website visitors. The purpose and our interest in the processing is in the administration, financial accounting, office organisation, archiving of data, thus tasks which serve the maintenance of our business activities, the performing of our tasks and rendering of our services. The deletion of the data regarding contractual services and the contractual communication corresponds to the tasks named among these processing tasks.
We disclose or transmit here data to the financial management, advisors as e.g. tax consultants or auditors as well as further billing centres and payment service providers.
Further, we store information on suppliers, organisers and other business partners e.g. for the purpose of contacting later on the basis of our business interests. We store this mostly company related data permanently.
Economic analyses and market research
In order to economically operate our business and be able to recognise market trends, customer and user wishes, we analyse the existing data on business transactions, contracts, enquiries, etc. Here we process inventory data, communication data, contract data, payment data, usage data and meta-data on the basis of Art. 6 Para. 1 lit. f. DSGVO, whereby the people concerned include customers, interested parties, business partners, visitors and users of the online content.
The analyses ensue for the purpose of economic evaluations, marketing and market research. Here we can consider the profiles of the registered users with information e.g. on their purchase transactions. The analyses serve to increase the user friendliness, the optimisation of our offer and the economic demands. The analyses are only for us and are not disclosed externally insofar as they are not anonymous analyses with summarised values.
Insofar as these analyses or profiles refer to persons they are deleted with termination of the users or anonymised, otherwise after two years after contract conclusion. For the remaining, the total business analyses and general trend determinations are drawn up anonymously if possible.
Data privacy notices in application procedures
We process the applicant’s data only for the purpose and within the application procedure in compliance with legal requirements. The processing of the applicant data ensues for the fulfilling of our (pre)contractual obligations within the application procedure in the sense of Art. 6 Para. 1 lit. b. DSGVO and Art. 6 Para. 1 lit. f. DSGVO, insofar as the data processing e.g. in the scope of legal procedures becomes necessary for us (Section 26 BDSG applies in addition in Germany).
The application procedure requires that applicants communicate the applicant data to us. The necessary applicant data is marked insofar as we offer an online form, ensues otherwise from the job descriptions and basically these include the information on person, postal and contact addresses and the documents which are part of the application such as motivational letter, CV and the certificates. Apart from this, applicants can voluntarily communicate additional information to us.
With the transmission of the application to us, the applicants declare their agreement to the processing of their data for the purposes of the application procedure corresponding to the manner and extent as presented in this data protection declaration.
Insofar as in the scope of the application procedure, voluntarily special categories of personal data in the sense of Art. 9 Para. 1 DSGVO were communicated, their processing ensues in addition according to Art. 9 Para. 2 lit. b DSGVO (e.g. health data as e.g. status as severely handicapped person or ethnic origin). Insofar as in the scope of the application procedure, special categories of personal data in the sense of Art. 9 Para. 1 DSGV are desired of applicants, their processing ensues in addition according to Art. 9 Para. 2 lit. a DSGVO (e.g. health data if this is necessary for the execution of the profession).
Insofar as made available, applicants can transmit their applications by way of an online form on our website. The data is conveyed to us encrypted using the latest technology.
Further applicants can transmit their applications to us via email. Here, we however ask you to observe that emails are basically not sent encrypted and the applicants have to ensure the encryption themselves. Therefore, we can take over no responsibility for the transmission path of the application between the sender and the reception on our server, and therefore rather recommend an online form or postal dispatch. The applicants also have the possibility to still send us the application by post apart from online form and emails.
The data made available by the applicants can in the case of a successful application be further processed by us for the purposes of the employment relationship. Otherwise insofar as the application for a job vacancy is not successful, the data of the applicant is deleted. The data of the applicant is also deleted if an application is withdrawn, which the applicants have the right to do any time.
The deletion ensues subject to a legitimate withdrawal of the applicant after the expiry of a period of six months, so that we can answer any follow up questions of the application and meet our burdens of proof from the act of equal treatment. Invoices about any travel compensation are archived according to the tax law provisions.
Making contact
In contacting us (e.g. via contact form, email, telephone or via social media), the information of the user for the processing of the contact enquiry and its handling according to Art. 6 Para. 1 lit. b) DSGVO is processed. The information of the users can be stored in a Customer Relationship Management System (“CRM System”) or similar enquiry organisation.
Akismet anti spam check
Our online content uses the service “Akismet”, from Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. The use ensues on the basis of our legitimate interests in the sense of Art. 6 Para. 1 lit. f) DSGVO. With the aid of this service, comments of real people are differentiated from spam comments. For this, all comment information is sent to a server in the USA where it is analysed and stored for four days for comparison purposes. If a comment has been graded as spam, the data is stored beyond this time period. This information includes the name, the email address, the IP address, the contents of the comment, the referrer, information on the browser used as well as the computer system and the time of the entry.
Automattic is certified under the Privacy Shield Agreement and thus offers a guarantee to observe the European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active).
More information on collection and use of the data via Akismet is in the data protection advice of Automattic: https://automattic.com/privacy/.
Users are free to use pseudonyms or refuse entering the name or email address. They can completely prevent the transmission of the data by not using our commentary system. This would be a pity, but unfortunately we do not see any other alternatives which work just as effectively.
Newsletter
With the following advice we inform you about the contents of our newsletter as well as the registration, dispatch and the statistical evaluation procedure as well as your rights of objection. By subscribing to our newsletter you declare agreement with the reception and the described procedures.
Contents of the newsletter: We send newsletters, emails and further electronic messages with advertising information (in the following “newsletter”) only with the agreement of the receiver or a legal permission. Insofar as the contents are specifically outlined in the scope of a registration for the newsletter, they are significant for the agreement of the users. For the rest our newsletters contain information on our services and us.
Double opt in and recording: The registration to our newsletter ensues in a so called double opt in procedure. I.e. after the registration you receive an email in which you are asked to confirm your registration. This registration is necessary so that no one can register with email addresses which are not theirs. The registrations for the newsletter are recorded in order to be able to prove the registration procedure corresponding to the legal requirements. This includes the storing of the registration and the confirmation time as well as the IP address. Likewise the changes of data stored with the shipping provider are recorded.
Registration data: In order to register for the newsletter it is sufficient if you give your email address. Optionally we ask you to enter a name to be able to address you personally in newsletters.
Germany: The dispatch of the newsletter and the measurement of success connected with it ensue on the basis of an agreement of the receivers according to Art. 6 Para. 1 lit. a and Art. 7 DSGVO in conjunction with Section 7 Para. 2 No. 3 UWG or on basis of the legal permission according to Section 7 Para. 3 UWG.
The recording of the registration procedure ensues on the basis of our legitimate interests according to Art. 6 Para. 1 lit. f DSGVO. Our interest is aimed at the use of a user friendly as well as safe newsletter system, which serves both our business interests as well as meets the expectations of the users and further allows the proof of agreements.
Termination/revocation – you can terminate the reception of our newsletter at any time, i.e. cancel your agreements. There is a link for the termination of the newsletter at the end of each newsletter. We can store the used email addresses up to three years on basis of our legitimate interest before we delete them to be able to prove a formerly given agreement. The processing of this data is limited to the purpose of a possible defence against claims. An individual deletion application is possible at any time insofar as at the same time the former existence of an agreement is confirmed.
Newsletter – shipment service provider
The shipment of the newsletter ensues by way of the shipment service provider “MailChimp”, a newsletter shipment platform of the American supplier Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The data protection regulations of the shipment service provider are found here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and due to this offers a guarantee to observe the European level of data protection (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The shipment service provider is used on the basis of our legitimate interests according to Art. 6 Para. 1 lit. f DSGVO and a processor contract according to Art. 28 Para. 3 Sent. 1 DSGVO.
The shipment service provider can use the data of the receivers in pseudonym form, i.e. without allocation to a user, for the optimisation or improvement of the own services, e.g. for the technical optimisation of the shipment and the representation of the newsletter or for statistical purposes. The shipment service provider uses the data of our newsletter receivers however not to write to them himself or to pass the data on to third parties.
Newsletter – Measurement of success
The newsletters contain a so called “web-beacon”, i.e. a pixel sized file which is called up by the server in opening the newsletter by our server or insofar as we use a shipment service provider from their server. In the scope of this calling up, first technical information such as information on the browser and your system as also your IP address and time of the calling up are collected.
This information is used for the technical improvement of the services by way of the technical data or the target groups and their reading behaviour by way of their call up locations (which can be determined with the aid of the IP address) or the times of access. The statistical collection also includes the ascertainment whether the newsletters are opened, when they are opened and which links were clicked on. This information can be allocated to the individual newsletter receivers for technical reasons. However it is neither our intent nor insofar as is used that of the shipment service provider to observe individual users. The evaluations are used rather to recognise the reading habits of our users and adjust our contents to them or send different contents corresponding to the interests of our users.
Google Analytics
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online content in the sense of Art. 6 Para. 1 lit. f. DSGVO), we use Google Analytics, a web analysis service of Google LLC („Google“). Google uses cookies. The information generated by the cookie about the usage of the online content by the users is as a rule transmitted to a Google server in the USA and stored there.
Google is certified under the Privacy Shield Agreement and due to this offers a guarantee to observe the European data protection law: (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information in our behalf to evaluate the usage of our online content by the users, to compile reports about the activities within this online content and to render further services connected with the use of this online content and the internet use to us. In so doing pseudonym usage profiles of the users can be drawn up from the processed data.
We only use Google Analytics with activated IP anonymisation. This means that the IP address of the users is shortened by Google within the member states of the European Union or in other contractual states of the agreement about the European Economic Area. Only in exceptions is the full IP address transmitted to a Google server in the USA and shortened there.
The IP address transmitted from the browser of the user is not merged with other Google data. The users can prevent the storing of the cookies with a corresponding setting of their browser software; beyond this, the users can prevent the recording of the data generated by the cookie and relating to their use of the online content to Google as well as the processing of this data by Google by downloading and installing the browser plug in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Further information on the data use by Google, setting and objection options are found on the websites of Google: https://www.google.com/intl/de/policies/privacy/partners (“data use by Google in your use of websites or apps of our partners”), http://www.google.com/policies/technologies/ads (“data use for advertising purposes”), http://www.google.de/settings/ads (“manage information which Google uses to fade in advertising”).
Google Re/Marketing Services
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online content in the sense of Art. 6 Para. 1 lit. f. DSGVO), we use the marketing and remarketing services (short “Google Marketing Services”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).
Google is certified under the Privacy Shield Agreement and due to this offers a guarantee to observe the European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
The Google Marketing Services allow us to show advertisements for and on our website more targettedly to only show users advertisements which potentially correspond to their interests. In case a user e.g. is shown advertisements for products he has shown interest in on other websites, this is here called “Remarketing”. For these purposes in calling up our and other websites on which Google Marketing Services are active, immediately Google carries out a Google code and so called (Re)marketing tags (invisible graphics or code, also known as “Web Beacons”) are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the device of the user (instead of cookies also comparable technologies can be used). The cookies can be set by different domains among others by google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. In this file it is noted which websites the user visits, for which content he is interested in and which offers he has clicked, further technical information on the browser and operating system, referring websites, visiting time as well as further information on the use of the online content. Also the IP address of the user is recorded, whereby we communicate in the scope of Google Analytics that the IP address is shortened within the member states of the European Union or in other contractual states of the agreement about the European Economic Area and only in exceptions totally transmitted to a Google server in the USA and shortened there. The IP address is not merged with data of the user within other offers of Google. The above-named information can also be connected with such information from other sources by Google. If the user wants to subsequently visit other websites, advertisements can be shown corresponding to his interests.
The data of the users is processed in the scope of the Google Marketing Services with a pseudonym. I.e. Google stores and processes e.g. not the name or email address of the use but processes the relevant data cookies related content within pseudonym user profiles. I.e. in the view of Google, the advertisements are not managed and shown for a concretely identifiable person but for the cookie owner, independent of who this cookie owner is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected on the user by Google Marketing Services is transmitted to Google and stored on Google’s servers in the USA.
The Google Marketing Services we use include among others the online advertising programme “Google AdWords”. With Google AdWords, each AdWords customer receives a different “Conversion cookie”. Cookies can thus not be retraced over the websites of AdWords customers. The information collected with the aid of cookies serves to draw up conversion statistics for AdWords customers who have decided on conversion tracking. The AdWords customers learn the total number of the users who have clicked on their advertisement and were directed to a site with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.
On the basis of the Google Marketing Service “AdSense”, we can integrate advertisements of third parties. AdSense uses cookies with which Google and its partner websites enable the placing of advertisements on the basis of the visits of users on this website or other websites in the internet.
Further, we can use the “Google Tag Manager” to integrate the Google Analysis and e- marketing services in our website and to manage them.
You can find further information on the data use for marketing purposes by Google on the overview page: https://www.google.com/policies/technologies/ads, the Google data protection declaration can be called up under https://www.google.com/policies/privacy.
If you would like to object to the interest related advertising by Google Marketing Services, you can use the setting and opt out options provided by Google: http://www.google.com/ads/preferences.
Facebook pixel, custom audiences and Facebook conversion
Within our online content on the basis of our legitimate interests in analysis, optimisation and economic operation of our online content and for these purposes, we use the so called “Facebook pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or in case you are in the EU Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
Facebook is certified under the Privacy Shield Agreement and due to this offers a guarantee to observe the European data protection law: (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
With the aid of the Facebook pixel, Facebook is on the one hand able to determine the visitors of our online content as target group for the representation of advertisements (so called “Facebook Ads”). Accordingly, we use the Facebook pixel to only show the Facebook Ads we have placed to Facebook users who have also shown an interest in our online content or the certain features (e.g. interests in certain topics or products which are determined using the visited websites) which we transmit to Facebook (so called “Custom Audiences”). With the aid of the Facebook pixel, we would also like to ensure that our Facebook Ads meet the potential interest of the user and do not seem to pester him. With the aid of the Facebook pixel, we can further understand the effectiveness of the Facebook advertisements for statistical and market research purposes, in which we see whether users were directed to our website after a click on a Facebook advertisement (so called “Conversion”).
The processing of the data by Facebook ensues in the scope of Facebook’s data use policy. Accordingly general information on the Facebook Ads in the data use policy of Facebook: https://www.facebook.com/policy.php. Special information and details on the Facebook pixel and its operating principle are found in the help section of Facebook: https://www.facebook.com/business/help/651294705016616.
You can object to the recording by the Facebook pixel and use of your data for the representation of Facebook Ads. In order to set which types of advertisements are shown to you within Facebook, you can call up the site set up by Facebook and there follow the instructions on the settings of usage based advertising: https://www.facebook.com/settings?tab=ads. The settings ensue independent of the platform, i.e. they are taken over for all devices such as desk top computers or mobile devices.
You can object to the use of cookies which serve the reach measurement and advertising purposes further over the deactivation site of the Network Advertising Initiative (http://optout.networkadvertising.org/) and in addition the American website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
Online presences in social media
We maintain online presences within social networks and platforms to be able to communicate with the customers, interested parties and users active there and inform them about our services. In calling up the respective networks and platforms, the general terms and conditions and the data processing guidelines of the respective operator applies.
Insofar as is not given otherwise in the scope of our data protection declaration, we process the data of the users insofar as these communicate with us within the social networks and platforms e.g. write contributions on our online presences or send us news.
Integration of services and contents of third parties
Within our online content on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online content in the sense of Art. 6 Para. 1 lit. f. DSGVO), we use content or service offers of third party providers to integrate their contents and services as e.g. videos or fonts (in the following uniformly referred to as “contents”).
This always assumes that the third providers of these contents use the IP address of the users because they are not able to send the contents to their browser without the IP address. The IP address is thus necessary for the representation of these contents. We only attempt to use such contents the respective providers of which only use the IP address to deliver the contents. Third suppliers can further use so called pixel tags (invisible graphics also designated as “Web Beacons”) for statistical and marketing purposes. Due to the “pixel tags” information such as the visitor traffic on the sites of this website can be evaluated. The pseudonym information can be further stored in cookies on the device of the user and among other things contain technical information on the browser and operating system, linking websites, visiting time as well as further information on the use of our online content as also are connected with such information from other sources.
Vimeo
We integrate the videos of the platform “Vimeo” of the provider Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Data protection declaration: https://vimeo.com/privacy.
Youtube
We integrate the videos of the platform “YouTube” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt out: https://adssettings.google.com/authenticated.
Google Maps
We integrate the maps of the service “Google Maps” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google Fonts
We integrate the fonts (“Google Fonts”) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt out: https://adssettings.google.com/authenticated.
Google ReCaptcha
We integrate the function to recognise bots, e.g. in input in online forms (“ReCaptcha”) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt out: https://adssettings.google.com/authenticated.
Use of Facebook social plug ins
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online content in the sense of Art. 6 Para. 1 lit. f. DSGVO), we use social plug ins (“plug ins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plug ins can represent interaction elements or contents (e.g. videos, graphics or text) and can be recognised in one of the Facebook logos (white “f” on blue tile, the term “Like” or a “Thumbs up” sign) or are shown with the addition “Facebook social plug in”. The list and the look of the Facebook social plug ins can be seen here: https://developers.facebook.com/docs/plugins/.
Facebook is certified under the Privacy Shield Agreement and here offers a guarantee to observe the European data protection law: (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
If a user calls up a function of this online content containing such a plug in, his device builds up a direct connection to the Facebook servers. The content of the plug in is directly transmitted by Facebook to the device of the user and integrated into the online content by it. In so doing user profiles of the users can be created out of the processed data. Therefore, we have no influence on the extent of data which Facebook collects with the aid of this plug in and inform the users according to our level of knowledge.
Due to the integration of the plug ins, Facebook receives the information that a user has called up the relevant site of the online content. If the user is logged in with Facebook, Facebook can allocate the visit to his Facebook account. If users interact with the plug ins for example press the Like button or write a comment, the corresponding information will be directly transmitted from your device to Facebook and stored there. In case a user is not a member of Facebook, it is nevertheless possible that Facebook finds out his IP address and stores it. According to Facebook, only one anonymised IP address is stored in Germany.
Purpose and extent of the data collection and the further processing and use of the data by Facebook as well as the rights and setting options to protect the private sphere of the users regarding this can be found in the data privacy notices of Facebook: https://www.facebook.com/about/privacy/.
If a user is a Facebook member and does not want Facebook to collect data about him over this online content and link it with his member data stored in Facebook, he has to log out from Facebook before using our online content and delete his cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or over the American site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings ensue independent of the platform, i.e. they are taken over for all devices such as desktop computers or mobile devices.
Functions and contents of the service Instagram are integrated within our online content provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. This can include e.g. contents like pictures, videos or texts and buttons which users can use as they like however they like to communicate whether they like the contents, subscribe to the authors of the contents or our contributions. Insofar as the users are members of the platform Instagram, Instagram can allocate the calling up of the above contents and functions to the profiles of the users there. Data protection declaration of Instagram: http://instagram.com/about/legal/privacy/
Support