Privacy policy

Information requirements (according to Art. 13 and 14 DS-GVO)

As of May 25, 2018, the General Data Protection Regulation (DS-GVO) enacted by the European Union is directly applicable. We would hereby like to inform you of the following:

Responsible for the processing of your data is:

 

senswork GmbH

Industrial Park Lindach D 3

84489 Burghausen / Germany

Telephone: +49 (0) 8677 40 99 58 0

Fax: +49 (0) 8677 40 99 58 9

E-mail: info@senswork.com

 

You can reach our data protection officer / person responsible for data protection at: datenschutz@itago.de

 

In order to process your request, we need various information from you, including personal data.

We take the protection of your data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations, and only within the scope of our legal mandate or the fulfillment of a contract or within the scope of your consent (if any).

If you do not provide the required data, you must expect that your request can not be processed or a contract with you can not be concluded.

Your data will be stored by the responsible body for as long as is necessary for the fulfillment of its tasks, taking into account the respective statutory retention periods.

You also have the right to information about the data stored about you (Art. 15 GDPR). If incorrect data has been processed, you have the right to rectification (Art. 16 GDPR). In exceptional cases, you may request the deletion or restriction of processing and object to processing (Art. 17, 18 and 21 GDPR). If you have consented to the data processing or if a contract for data processing exists and the data processing is carried out with the help of automated procedures, you may have the right to data portability (Art. 20 GDPR). If you wish to make use of these rights, the controller will check whether the legal requirements are met.

You can lodge a complaint with a supervisory authority at any time, e.g. the competent supervisory authority in the federal state of your residence or the authority responsible for us as the controller.

For Bavaria:

A list of the supervisory authority (for the non-public sector) with address can be found at:

https://www.lda.bayern.de/media/veroeffentlichungen/flyer_baylda_organisation_de.pdf

A list of the supervisory authority (for the public sector) with address can be found at:

https://www.bfdi.bund.de

For all other federal states (except Bavaria):

A list of supervisory authorities (for the non-public sector) with address can be found at:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

If you have consented to the processing of your data by making a corresponding declaration, you can revoke your consent to data processing at any time with effect for the future. This does not affect the lawfulness of the processing up to the time of the revocation. However, it may not be possible to process your request further.

If you would like further information on the purpose and legal basis of the data processing, possible further recipients and storage periods or criteria for deletion, you can obtain this information from the responsible office in writing or verbally.

 

Your data subject rights

You can exercise the following rights at any time using the contact details provided by our data protection officer:

- Information about your data stored by us and its processing,

- Correction of incorrect personal data,

- Deletion of your data stored by us,

- Restriction of data processing, if we are not yet allowed to delete your data due to legal obligations,

- objection to the processing of your data by us and

- Data portability, provided that you have consented to the data processing or have concluded a contract with us.

If you have given us consent, you can revoke this at any time with effect for the future.

You may at any time lodge a complaint with the supervisory authority responsible for you. Your competent supervisory authority depends on the federal state of your residence, your work or the alleged violation. A list of the supervisory authorities (for the non-public sector) with address can be found under: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

 

Purposes of data processing by the data controller and third parties

We process your personal data only for the purposes stated in this Privacy Policy. Your personal data will not be transferred to third parties for purposes other than those stated. We will only share your personal data with third parties if:

- you have given your express consent to this,

- the processing is necessary for the performance of a contract with you,

- the processing is necessary for compliance with a legal obligation,

- the processing is necessary to protect legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data.

The basis for data processing is Art. 6 (1) lit. f DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Deletion or blocking of data

We adhere to the principles of data avoidance and data economy. We therefore store your personal data only for as long as is necessary to achieve the purposes stated here or as stipulated by the various storage periods provided for by law. After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.

 

Collection of general information when visiting our website

When you access our website, information of a general nature is automatically collected by means of a cookie. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider and the like. This is exclusively information that does not allow any conclusions to be drawn about your person.

This information is technically necessary in order to correctly deliver the content of web pages requested by you and is mandatory when using the Internet. In particular, it is processed for the following purposes:

- Ensuring a smooth connection setup of the website,

- Ensuring the smooth use of our website,

- evaluation of system security and stability, and

- for other administrative purposes.

The processing of your personal data is based on our legitimate interest from the aforementioned purposes for data collection. We do not use your data to draw conclusions about your person. Recipients of the data are only the responsible body and, if applicable, order processors.

Anonymous information of this kind is statistically evaluated by us, if necessary, in order to optimize our Internet presence and the technology behind it.

Cookies

Like many other websites, we also use so-called "cookies". Cookies are small text files that are transferred from a website server to your hard drive. Through this, we automatically receive certain data such as IP address, browser used, operating system and your connection to the Internet.

Cookies cannot be used to launch programs or transmit viruses to a computer. Based on the information contained in cookies, we can facilitate your navigation and enable the correct display of our web pages.

Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent.

Of course, you can also view our website without cookies.

Internet browsers are usually set to accept cookies. In general, you can deactivate the use of cookies at any time via the settings of your browser. Please use the help functions of your internet browser to learn how to change these settings. Please note that individual functions of our website may not work if you have deactivated the use of cookies.Use of Google Analytics.

Nature and purpose of processing:

This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter: "Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these web pages, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. The purpose of the data processing is to evaluate the use of the website and to compile reports on website activity. Based on the use of the website and the Internet, other related services shall then be provided.

Legal basis:

The processing of data is based on the consent of the user (Art. 6 para. 1 lit. a DSGVO).

Recipient:

The recipient of the data is Google as an order processor. For this purpose, we have concluded the corresponding order processing agreement with Google.

Storage period:

The data is deleted as soon as it is no longer required for our recording purposes.

Third-country transfer:

Google processes your data in the USA and has submitted to the EU_US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.

Provision mandatory or required:

The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this may result in functional restrictions on the website.

Revocation of consent:

 

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: Browser Add On to disable Google Analytics. In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking this link. This will install an opt-out cookie on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.

Profiling:

The Google Analytics tracking tool can be used to evaluate the behavior of visitors to the website and analyze their interests. For this purpose, we create a pseudonymous user profile.

YouTube videos

Nature and purpose of processing:

On some of our websites, we embed YouTube videos. The operator of the corresponding plugins is Y-ouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA (hereinafter "YouTube"). When you visit a page with the YouTube plugin, a connection to YouTube servers is established. In the process, YouTube is informed which pages you are visiting. If you are logged into your YouTube account, YouTube can assign your surfing behavior to you personally. You can prevent this by logging out of your YouTube account beforehand.

If a YouTube video is started, the provider uses cookies that collect information about user behavior.

For more information on the purpose and scope of data collection and processing by YouTube, please refer to the provider's privacy policy, where you will also find further information on your rights in this regard and settings options for protecting your privacy (https://policies.google.com/privacy). Google processes your data in the USA and has subjected itself to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework

Legal basis:

The legal basis for the integration of YouTube and the associated data transfer to Google is your consent (Art. 6 para. 1 lit. a DSGVO).

Recipient:

Calling up YouTube automatically triggers a connection to Google.

Storage period and revocation of consent:

Those who have deactivated the storage of cookies for the Google Ad program will not have to expect any such cookies when watching YouTube videos. However, YouTube also stores non-personal usage information in other cookies. If you would like to prevent this, you must block the storage of cookies in the browser.

For more information on data protection at "YouTube", see the provider's privacy policy at: https://www.google.de/intl/de/policies/privacy/

Third-country transfer:

Google processes your data in the USA and has submitted to the EU_US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.

Provision mandatory or required:

The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this may result in functional restrictions on the website.

Google AdWords

Type and purpose of processing:

Our website uses Google conversion tracking. The operating company of the Google Ad-Words services is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you have accessed our website via an ad placed by Google, Google Adwords will place a cookie on your computer. The cookie for conversion tracking is set when a user clicks on an ad placed by Google.

If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies can therefore not be tracked across AdWords customers' websites. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that personally identifies users.

Legal basis:

The legal basis for the integration of Google AdWords and the associated data transfer to Google is your consent (Art. 6 para. 1 lit. a DSGVO).

Recipients:

Every time you visit our website, personal data, including your IP address, is transferred to Google in the USA. This personal data is stored by Google. Google may pass on this personal data collected via the technical process to third parties.

Our company does not contain any information from Google by means of which the data subject could be identified.

Storage period:

These cookies expire after 30 days and are not used for personal identification.

Third Country Transfer:

Google processes your data in the USA and has submitted to the EU_US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.

Withdrawal of consent:

If you do not wish to participate in tracking, you can refuse the setting of a cookie required for this purpose - for example, by means of a browser setting that generally disables the automatic setting of cookies or by setting your browser to block cookies from the domain "googleleadservices.com".

Please note that you may not delete the opt-out cookies as long as you do not want any measurement data to be recorded. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again.

Provision mandatory or required:

The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this may result in functional restrictions on the website.

Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in connection with the

cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600

Amphitheatre Parkway, Mountain View, CA 94043, USA.

This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another of your end devices (e.g. tablet or PC). If you have given your consent, Google will link your web and app browsing history with your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you log in with your Google account. To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad targeting. You can permanently opt out of cross-device remarketing/targeting by disabling personalized advertising in your Google account;

https://www.google.com/settings

/The aggregation of the collected data in your Google account is based solely on your consent, which you can give or revoke at Google (Art. 6 para. 1 lit. a DSGVO). In the case of data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merging), the collection of the data is based on Art. 6 (1) lit. f DSGVO. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes. Further information and the data protection provisions can be found in Google's data protection declaration at: https://www.google.com/policies/technologies/ads/.

 

Use and application of DoubleClick

The controller has integrated components of DoubleClick by Google on this website. DoubleClick is a brand of Google, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. The operating company of DoubleClick by Google is Google Inc, 1600 Amphi theatre Pkwy, Mountain View, CA 94043-1351, USA. DoubleClick by Google transfers data to the DoubleClick server with each impression as well as with clicks or other activities. Each of these data transfers triggers a cookie request to the browser of the data subject. If the browser accepts this request, DoubleClick sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. The purpose of the cookie is the optimization and display of advertising. The cookie is used, among other things, to place and display user-relevant advertisements and to create reports on advertising campaigns or to improve them. Furthermore, the cookie is used to avoid multiple displays of the same advertisement. DoubleClick uses a cookie ID, which is required to process the technical procedure. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid duplicate placements. Furthermore, the cookie ID enables DoubleClick to record conversions. Conversions are recorded, for example, when a DoubleClick ad has previously been displayed to a user and the user subsequently makes a purchase on the advertiser's website using the same Internet browser. A DoubleClick cookie does not contain any personal data. However, a DoubleClick cookie may contain additional campaign identifiers. A campaign identifier serves to identify the campaigns with which the user has already been in contact. Each time one of the individual pages of this website operated by the data controller is called up and on which a DoubleClick component has been integrated, the internet browser on the information technology system of the person concerned is automatically caused by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and the settlement of commissions. As part of this technical process, Google obtains knowledge of data that Google also uses to generate commission statements. Among other things, Google can track that the data subject has clicked on certain links on our website. The data subject can prevent the setting of cookies by our website, as already described above, at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, cookies already set by Google can be deleted at any time via an internet browser or other software programs.

Further information and the applicable data protection provisions of DoubleClick by Google can be found at https://www.google.com/intl/de/policies/.

 

Mailchimp

We use Mailchimp from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA (Mailchimp) to send our newsletter. This enables us to contact subscribers directly. In addition, we analyse your usage behaviour in order to optimise our offer.

 

For this purpose, we pass on the following personal data to Mailchimp

 

Email address

[First name]

[surname]

[Telephone number]

 

[Our email mailings contain a link that you can use to update your personal data].

 

Mailchimp is the recipient of your personal data and acts as a processor for us as far as the sending of our newsletter is concerned. The processing of the data specified in this section is not required by law or contract. Without your consent and the transmission of your personal data, we cannot send you a newsletter.

 

In addition, Mailchimp collects the following personal data using cookies and other tracking methods: Information about your end device (IP address, device information, operating system, browser ID, information about the application you use to read your emails and other information about hardware and internet connection. In addition, usage data such as date and time, when you opened the email / campaign and browser activities (e.g. which emails / websites were opened) are collected. Mailchimp requires this data to ensure the security and reliability of the systems, compliance with the terms of use and the prevention of misuse. This corresponds to Mailchimp's legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the fulfilment of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). Mailchimp also analyses performance data, such as email delivery statistics and other communication data. This information is used to compile usage and performance statistics for the services.

 

Mailchimp also collects information about you from other sources. In an unspecified period and scope, personal data is collected via social media and other third-party data providers. We have no influence on this process.

 

Further information on objection and removal options vis-à-vis Mailchimp can be found at: https://mailchimp.com/legal/privacy/#3._Privacy_for_Contacts

 

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent to the processing of your personal data at any time. There is a corresponding link in all mailings. You can also revoke your consent using the contact options provided. The declaration of revocation does not affect the legality of the processing carried out so far.

 

Your data will be processed for as long as the corresponding consent is available. Apart from this, it will be deleted after termination of the contract between us and Mailchimp, unless legal requirements make further storage necessary.

 

Mailchimp has implemented compliance measures for international data transfers. These apply to all global activities in which Mailchimp processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at: https://mailchimp.com/legal/data-processing-addendum/

HubSpot

On this website, we use the service HubSpot for various purposes. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500. https://www.hubspot.de/

Hubspot is an integrated software solution that we use to cover various aspects of our online marketing. These include:

Email Marketing, Social Media Publishing & Reporting, Reporting, Contact Management (e.g. user segmentation & CRM), Landing Pages and Contact Forms.

Our sign-up service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic information. This information, as well as our website content, is stored on servers operated by our software partner HubSpot. It may be used by us to contact visitors to our website and to determine which of our company's services are of interest to them. All information we collect is subject to this privacy policy.

We use all collected information exclusively to optimize our marketing measures.

More information about HubSpot's privacy policy. Privacy policy of HubSpot: https://legal.hubspot.com/de/product-privacy-policy

More information from HubSpot regarding EU data protection regulations.

As part of the optimization of our marketing measures, the following data may be collected and processed via Hubspot:

- Geographical position

- Browser type

- Navigation information

- Referral URL

- Performance data

- Information about how often the application is used

- Mobile apps data

- HubSpot subscription service credentials

- Files that are displayed on site

- Domain names

- Pages viewed

- Aggregated usage

- Operating system version

- Internet service provider

- IP address

- Device identifier

- Duration of visit

- Where the application was downloaded from

- Operating system

- Events that occur within the application

- Access times

- Clickstream data

- Device model and version

In addition, we also use Hubspot to provide contact forms.

The legal basis for the processing is your consent pursuant to Art. 6 para. 1 lit. a DSGVO. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with effect for the future.

The personal data will be kept for as long as it is required to fulfill the purpose of processing. The data will be deleted as soon as they are no longer required to achieve the purpose.

Within the scope of processing via HubSpot, data may be transmitted to the USA. The security of the transfer is ensured via so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, your consent pursuant to Article 49 (1) (a) of the GDPR may serve as the legal basis for the transfer to third countries. Insofar as non-anonymized data is processed in the USA, we would like to point out that HubSpot Inc. is certified under the Privacy Shield agreement and thereby assures that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TN8pAAG&status=Active).

Use of script libraries (Google Web Fonts)

In order to display our content correctly and in a graphically appealing manner across browsers, we use "Google Web Fonts" from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google") to display fonts on our website. The Google Fonts are installed locally. A connection to Google servers does not take place.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/.

LinkedIn

We operate an account of the social media network LinkedIn, of the company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For the European Economic Area and Switzerland, the company LinkedIn Ireland Unlimited Company Wilton Place in Dublin is responsible for data processing.

What is LinkedIn?

LinkedIn is the largest social network for business contacts. Companies can present services and products on the platform and establish business relationships. Many people also use LinkedIn for job searches or to find suitable employees for their own company.

What data is stored by LinkedIn?

Your browser establishes a direct connection to LinkedIn's servers. In this way, the company logs various usage data. In addition to your IP address, this may include login data, device information, or information about your Internet or mobile provider. If you access LinkedIn services via your smartphone, your location (after you have allowed this) can also be determined. LinkedIn may also share this data in "hashed" form with third-party advertisers. Hashing means turning a set of data into a string of characters. This makes it possible to encrypt the data in such a way that individuals can no longer be identified.

Most data about your user behavior is stored in cookies. These are small text files that are usually set in your browser. Furthermore, LinkedIn may also use web beacons, pixel tags, display tags and other device identifiers.

Legal basis:

The legal basis for the processing of personal data and the associated data transfer to LinkedIn is your consent (Art. 6 para. 1 lit. a DSGVO).

Storage period:

In principle, LinkedIn stores your personal data for as long as the company considers it necessary to offer its own services.

However, LinkedIn deletes your personal data when you delete your account. In some exceptional cases, LinkedIn may retain some data in aggregate and anonymized form even after you delete your account. Once you delete your account, other people will not be able to see your data within one day. LinkedIn generally deletes the data within 30 days. However, LinkedIn retains data if it is necessary for legal reasons. Data that can no longer be assigned to a person remains stored even after the account has been closed. The data is stored on various servers in America and probably also in Europe.

You also have the option in your browser to prevent data processing by LinkedIn. As mentioned above, LinkedIn stores most data via cookies that are set in your browser. You can manage, deactivate or delete these cookies. Depending on which browser you have, the management works slightly differently.

You can also set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.

Recipients:

The recipient of the data is LinkedIn and, if applicable, order processors.

Third country transfer:

LinkedIn is an active participant in the EU-U.S. Privacy Shield Framework. This framework ensures proper data transfer between the U.S. and the European Union. You can learn more about it at https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0. At https://www.linkedin.com/legal/privacy-policy you can learn even more about the data processing of the social media network LinkedIn.

Twitter

We have integrated Twitter functions on our website. These are, for example, embedded tweets, timelines, buttons or hashtags. Twitter is a short message service and a social media platform of the company Twitter Inc, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.

To our knowledge, in the European Economic Area and in Switzerland, no personal data or data about your web activities are transmitted to Twitter by the mere inclusion of the Twitter function. Only when you interact with the Twitter functions, such as clicking on a button, can data be sent to Twitter, stored and processed there. We have no influence on this data processing and bear no responsibility for it. Within the scope of this privacy policy, we want to give you an overview of what data Twitter stores, what Twitter does with this data and how you can protect yourself from the data transfer to a large extent.

What is Twitter?

For some, Twitter is a news service, for others a social media platform, and still others speak of a microblogging service. All these terms have their justification and mean more or less the same thing.

Both private individuals and companies use Twitter to communicate with interested people via short messages. Twitter only allows 280 characters per message. These messages are called "tweets. Unlike Facebook, for example, the service does not focus on developing a network for "friends," but wants to be understood as a worldwide and open news platform. With Twit-ter, it is also possible to have an anonymous account and tweets can be deleted by the company on the one hand and by the users themselves on the other.

Why do we use Twitter on our website?

Like many other websites and companies, we try to offer our services and communicate with our customers through different channels. Especially Twitter has grown on us as a useful "little" news service. Again and again we tweet or retweet exciting, funny or interesting content. We realize that you can't follow every channel separately. After all, you also have something else to do. That's why we have included Twitter features on our website.

You can follow our Twitter activity "on the spot" or follow a direct link to our Twitter page. Through the integration, we want to strengthen our service and user-friendliness on our website.

What data is stored by Twitter?

On some of our sub-pages you will find the built-in Twitter functions. When you interact with the Twitter content, such as clicking on a button, Twitter may collect and store data. This is the case even if you do not have a Twitter account yourself. Twitter calls this data "log data." It includes demographic data, browser cookie IDs, your smartphone's ID, hashed email addresses, and information about which pages you visited on Twitter and what actions you took. Twit-ter, of course, stores more data if you have a Twitter account and are logged in. Most often, this storage happens via cookies.

Cookies are small text files that are usually set in your browser and transmit different information to Twitter.

We will now show you which cookies are set when you are not logged in to Twitter but visit a website with built-in Twitter features. Please consider this list as an example.

We can in no way guarantee a claim to completeness here, as the choice of cookies is always changing and depends on your individual actions with the Twitter content.

How long and where is the data stored?

When Twitter collects data from other websites, it is deleted, aggregated or otherwise obscured after a maximum of 30 days. Twitter's servers are located on various server centers in the United States. Accordingly, it can be assumed that collected data is collected and stored in America. After our research, we could not clearly determine whether Twitter also has its own servers in Europe. In principle, Twitter can store the collected data until it is no longer useful to the company, you delete the data or there is a statutory deletion period.

How can I delete my data or prevent data storage?

Twitter repeatedly emphasizes in its privacy policy that it does not store data from external website visitors if you or your browser are located in the European Economic Area or Switzerland. However, if you interact with Twitter directly, Twitter will of course store data from you.

If you have a Twitter account, you can manage your data by clicking "More" under the "Profile" button. Then click on "Settings and privacy". Here you can manage the data processing individually.

If you do not have a Twitter account, you can go to twitter.com and then click on "Individualization". Under the item "Individualization and data" you can manage your collected data.

Most of the data is stored via cookies, as mentioned above, and you can manage, disable or delete them in your browser. Please note that you only "edit" cookies in the browser you choose. This means that if you use a different browser in the future, you will have to manage your cookies there again according to your wishes.

You can also manage your browser in such a way that you are informed for each individual cookie. Then you can always decide individually whether you allow a cookie or not.

Twitter also uses the data for personalized advertising inside and outside of Twitter. You can switch off personalized advertising in the settings under "Individualization and data". If you use Twitter on a browser, you can disable personalized advertising at http://optout.aboutads.info/?c=2&lang=EN.

Twitter is an active participant in the EU-U.S. Privacy Shield Framework. This framework ensures proper data transfer between the U.S. and the European Union. You can learn more about it at https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO.

We hope we have given you a basic overview of Twitter's data processing. We do not receive any data from Twitter, nor do we bear any responsibility for what Twitter does with your data. If you have any further questions about this topic, we recommend that you read the Twitter privacy statement at https://twitter.com/de/privacy.

Facebook pixel

We use the Facebook pixel from Facebook on our website. For this we have implemented a code on our website. The Facebook pixel is a snippet of JavaScript code that loads a collection of functions that allow Facebook to track your user actions if you came to our website via Facebook ads.

For example, when you purchase a product on our website, the Facebook pixel is triggered and stores your actions on our website in one or more cookies. These cookies allow Facebook to match your user data (customer data such as IP address, user ID) with your Facebook account data. Facebook then deletes this data again.

The collected data is anonymous and not visible to us and can only be used for advertising purposes. If you are a Facebook user and are logged in, your visit to our website will automatically be assigned to your Facebook user account.

We want to show our services and products only to those people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better tailored to your wishes and interests. Thus, Facebook users (if they have allowed personalized advertising) get to see appropriate advertising. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.

In the following, we show you those cookies that were set by embedding Facebook Pixel on a test page. Please note that these are only sample cookies. Different cookies are set depending on the interaction on our website.

If you are logged into Facebook, you can change your ad settings yourself at https://www.facebook.com/adpreferences/advertisers/. If you are not a Facebook user, you can generally change your usage settings at

https://www.youronlinechoices.com/de/praferenzmanagement/ to manage your usage-based online advertising. There you have the option of deactivating or activating providers.

Facebook also processes data from you in the USA, among other places. Facebook and Meta Platforms are active participants in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information on this can be found at https://commission.europa.eu/document/fa09cbad- dd7d-4684-ae60-be03fcb0fddf en.

In addition, Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an enforcement decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur- lex.europa.eu/eIi/dec impl/2021/914/oj?IocaIe=en

Facebook's data processing terms and conditions, which refer to the standard contractual clauses, can be found at.

https://www.facebook.com/legal/terms/dataprocessing.

If you want to learn more about Facebook's privacy policy, we recommend that you read the company's own data policy at https://www.facebook.com/privacy/policy.

XING

We operate an account of the social media network Xing, of the company Xing SE, Dammtorstraße 30, 20354 Hamburg, Germany. Through these functions, you can, for example, share content on Xing directly via our website, log in via Xing or follow interesting content. When you access the website, data may be transmitted to the "Xing servers", stored and evaluated.

What is Xing?

Xing is a social network headquartered in Hamburg, Germany. The company specializes in managing professional contacts. That is, unlike other networks, Xing is primarily about professional networking. The platform is often used for job searches or to find employees for one's own company. In addition, Xing offers interesting content on various professional topics. The global counterpart is the American company LinkedIn.

What data is stored by Xing?

Xing offers the share button, the follow button, and the log-in button as plug-ins for websites. As soon as you open a page where a social plug-in from Xing is installed, your browser connects to servers in a data center used by Xing. In the case of the share button, no data is to be stored - according to Xing - that could infer a direct reference to a person. In particular, Xing does not store your IP address. Furthermore, no cookies are set in connection with the share button. Thus, no evaluation of your user behavior takes place. You can obtain more information about this at https://www.xing.com/app/share%3Fop%3Ddata_protection.

As soon as you are logged in to Xing or become a member, further personal data is definitely collected, processed and stored. Xing also passes on personal data to third parties if this is necessary for the fulfillment of its own business purposes, if you have given your consent or if there is a legal obligation.

Legal basis:

The legal basis for the processing of personal data and the associated data transfer to Xing is your consent (Art. 6 para. 1 lit. a DSGVO).

Storage period:

Xing stores the data on various servers in various data centers. The company stores this data until you delete the data or until a user account is deleted. Of course, this only affects users who are already Xing members.

Recipients:

The recipient of the data is Xing and, if applicable, order processors.

How can I delete my data or prevent data storage?

You have the right to access and also delete your personal data at any time. Even if you are not a Xing member, you can use your browser to prevent possible data processing or manage it according to your wishes. Most data is stored via cookies. Depending on which browser you have, the management works slightly differently.

You can also basically set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not. You can learn more about the data processing of the social media network Xing at https://privacy.xing.com/de/datenschutzerklaerung.

Changes to our privacy policy

We reserve the right to adapt this data protection declaration so that it always complies with the current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services.

The new privacy policy will then apply to your next visit.

International data transfers

Data processing in third countries: If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, entities or companies, this is only done in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer (see Art. 49 DSGVO), we process or allow the data only in third countries with a recognized level of data protection (Art. 45 DSGVO), in the presence of and compliance with contractual obligation by so-called standard protection clauses of the EU Commission (Art. 46 DSGVO) or in the presence of certifications or binding internal data protection regulations (see Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

Trans-Atlantic Data Privacy Framework (TADPF): Under the so-called "Data Privacy Framework" (DPF), the level of data protection in the EU has also been recognized for certain companies from the USA.

The list of certified companies as well as further information on the DPF can be found on the website of the U.S. Department of Commerce at https://www.dataprivacyframework.gov/. Information in German and other languages can be found on the website of the EU Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/eu-us-data-transfers_de. We also inform you about the companies we use that are certified under the Data Privacy Framework.

SSL encryption

To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.

 

 

Questions to the data protection officer

If you have any questions about data protection, please write us an e-mail or contact the person responsible for data protection in our organization directly:

Dipl-Inform.(FH) Stefan Michl

datenschutz@itago.de

Sources: Our data protection declaration was created using the data protection generators of AdSimple and ActiveMind, among others.