Privacy Policy
General
As the operator of this website and as a company, we come into contact with your personal data. This refers to all data that tells us something about you and with which you can be identified. In this data protection declaration, we would like to explain how, for what purpose and on what legal basis we process your data.
The person responsible for data processing on this website and in our company is:
Dr Ansay Ltd, Andrea Tselepou, 8, KARABELLA COURT, Flat/Office 5, 8010, Paphos, Cyprus.
E-mail: support@getfastscripts.com
General notes
SSL or TLS encryption
When you enter your data on websites, place online orders or send emails over the Internet, you always have to reckon with unauthorised third parties gaining access to your data. There is no complete protection against this type of access. However, we do our utmost to protect your data as well as possible and to close security loopholes as much as we can.
One important protection mechanism is our website’s SSL or TLS encryption, which ensures that the data you transmit to us cannot be read by third parties. You can recognise the encryption by the padlock icon in front of the Internet address entered in your browser and the fact that our Internet address starts with https:// and not http://.
Encrypted payment transactions
Payment data, such as account or credit card numbers, require special protection. For this reason, payment transactions with the most common payment methods are carried out exclusively via an encrypted SSL or TLS connection.
How long do we store your data?
At some points in this privacy policy, we inform you how long we or the companies that process your data on our behalf will store it. In the absence of such information, we store your data until the purpose of the data processing no longer applies, you object to the data processing or revoke your consent to the data processing.
In the event of objection or revocation, however, we may continue to process your data if at least one of the following conditions applies:
We have compelling legitimate grounds to continue processing the data that override your interests, rights and freedoms (only in the case of an objection to data processing; if the objection is to direct marketing, we cannot provide legitimate grounds).
Data processing is necessary to assert, exercise or defend legal claims (does not apply if your objection is to direct marketing).
We are legally obliged to retain your data.
In this case, we will delete your data as soon as the requirement(s) no longer apply or no longer apply.
Data transfer to the USA
On our website, we also use tools from companies that transfer your data to the USA, store it there and process it if necessary. This is particularly important for you because your data in the US does not enjoy the same protection as in the EU, where the General Data Protection Regulation (GDPR) applies. For example, US companies are obliged to hand over personal data to security authorities without you, as the data subject, being able to take legal action against this. It is therefore possible for US authorities (e.g. intelligence services) to process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence over these processing activities.
Data protection officer
We have appointed a data protection officer for our company:
PRIVE Datenschutz GmbH
Reinhardtstr. 7
10117 Berlin
Telephone: 030 / 887 27 609
E-mail: datenschutz@prive.eu
Your rights
Objection to data processing
IF YOU READ IN THIS PRIVACY STATEMENT THAT WE HAVE LEGITIMATE INTERESTS TO PROCESS YOUR DATA AND THEREFORE RELY ON ART. 6 ABS. 1 PHRASE 1 LIT. F) DSGVO, YOU HAVE THE RIGHT, PURSUANT TO ART. 21 DSGVO, TO OBJECT TO THIS. 21 DSGVO, YOU HAVE THE RIGHT TO OBJECT TO THIS. THIS ALSO APPLIES TO THE CREATION OF PROFILES WHICH IS CARRIED OUT ON THE BASIS OF THE AFOREMENTIONED PROVISION. THE PREREQUISITE IS THAT YOU STATE THE REASONS FOR THE OBJECTION THAT ARISE FROM YOUR PARTICULAR SITUATION. NO JUSTIFICATION IS REQUIRED IF THE OBJECTION IS DIRECTED AGAINST THE USE OF YOUR DATA FOR DIRECT ADVERTISING.
THE CONSEQUENCE OF THE OBJECTION IS THAT WE WILL NO LONGER BE ABLE TO PROCESS YOUR DATA. THIS ONLY DOES NOT APPLY IF ONE OF THE FOLLOWING CONDITIONS APPLIES:
● WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS.
THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
THE EXCEPTIONS DO NOT APPLY IF YOUR OBJECTION IS DIRECTED AGAINST DIRECT ADVERTISING OR PROFILING RELATED TO IT.
Other rights
Revoking your consent to data processing
Many data processing operations are based on your consent. You give this consent, for example, by ticking the appropriate box on online forms before submitting the form or by allowing certain cookies when visiting our website. You can revoke your consent at any time, without having to give reasons (Art. 7 (3) DSGVO). From the moment of revocation, we will no longer be able to process your data. The only exception: we are legally obliged to retain the data for a certain period of time. These retention periods exist in particular in tax and commercial legislation.
Right to complain to the competent supervisory authority
If you believe that we are in breach of the General Data Protection Regulation (GDPR), you have the right to complain to a supervisory authority in accordance with Article 77 of the GDPR. You can contact a supervisory authority in the Member State of your residence, place of work or place where the alleged violation occurred. The right to complain exists alongside administrative or judicial remedies.
Right to data portability
We must deliver the data we process automatically on the basis of your consent or in fulfilment of a contract to you or to a third party in a common machine-readable format if you request it. We may only transfer the data to another controller,
insofar as this is technically possible.
Right to information, deletion and correction of data
In accordance with Art. 15 DSGVO, you have the right to receive information free of charge about which of your personal data has been stored, where the data came from, to whom we transmitted it and for what purpose it was stored. If the data is incorrect, you have the right to have it corrected (Art. 16 DSGVO) and, in accordance with the conditions of Art. 17 DSGVO, you can demand that the data be deleted.
Right to restriction of processing
In certain situations, you can demand that we restrict the processing of your data in accordance with Art. 18 DSGVO. The data may then – apart from storage – only be processed in the following ways:
● with your consent
for the assertion, exercise or defence of legal claims
to protect the rights of another natural or legal person
for reasons of important public interest of the European Union or a Member State
The right to restrict processing exists in the following situations:
You have contested the accuracy of your personal data held by us and we need time to verify this. In this case, the right exists for the duration of the verification.
The processing of your personal data is unlawful or has been unlawful in the past. In this case, there is an alternative right to erasure.
We no longer need your personal data, but you need it to exercise, defend or enforce legal claims. In this case, you have the alternative right to have the data deleted.
You have lodged an objection in accordance with Art. 21 (1) DSGVO and now your interests and ours must be weighed against each other. Here, the right exists as long as the outcome of the balancing has not yet been determined.
Hosting and content delivery networks (CDN)
External hosting
Our website is hosted on a server of the following Internet service provider (hoster):
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Have you concluded an order processing contract with the hosting provider?
Yes
How do we process your data?
The hosting provider stores all the data on our website. This includes all personal data that is collected automatically or through your input. This data can be, in particular: Your IP address, pages accessed, names, contact details and enquiries, as well as metadata and communication data. When processing data, Hetzner Online GmbH complies with our instructions and only processes data to the extent that this is necessary to fulfil its obligation to provide services to us.
On what legal basis do we process your data?
As we address potential customers via our website and maintain contacts with existing customers, the processing of data by our hoster serves to initiate and fulfil a contract and is therefore based on Art. 6 para. 1 lit. b DSGVO. In addition, it is our legitimate interest as a company to provide a professional Internet offer that meets the necessary requirements of security, speed and efficiency. In this regard, we also process your data on the basis of Art. 6 para. 1 lit. f DSGVO.
Cloudflare
What is Cloudflare?
Content distribution network (CDN) with domain name system (DNS)
Who processes your data?
Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA
Where can you find more information about data protection at Cloudflare?
https://www.cloudflare.com/privacypolicy/
On what basis do we transfer your data to the USA? On the basis of the European Commission’s standard contractual clauses (cf. https://www.cloudflare.com/media/pdf/cloudflare-customer-dpa.pdf)
How do we process your data?
We use Cloudflare services on our website. The global content delivery network ensures that all the content we make available online reaches you quickly, even when large amounts of data have to be moved over long distances. This is possible because Cloudflare, with all its technical resources and servers around the world, stands between our website and your browser, analysing traffic and filtering out malicious data before it reaches our server. Cloudflare also contacts personal data that is collected through our website. The company may also use cookies or other technologies to recognise Internet users. The processing of data by Cloudflare always has the sole purpose of enabling fast data traffic.
On what legal basis do we process your data?
We have a legitimate interest in providing visitors to our website with an online offer that is as fast and efficient as possible. Data processing is therefore carried out on the basis of Art. 6 para. 1 lit. f GDPR.
Data collection on this site
Use of cookies
Our website places cookies on your device. These are small text files used for different purposes. Some cookies are technically necessary for the website to function (necessary cookies). Others are necessary to be able to perform certain actions or functions on the website (functional cookies). For example, without cookies, it would not be possible to use the benefits of a shopping basket in an online shop. Other cookies are used to analyse user behaviour or to optimise advertising measures. If we use third-party services on our website, for example to process payment transactions, these companies may also leave cookies on your device when you access the website (so-called third-party cookies).
How do we process your data?
Session cookies are only stored on your device during a session. As soon as you close your browser, they disappear automatically. Permanent cookies, on the other hand, remain on your device unless you delete them yourself. This can, for example, cause your user behaviour to be permanently analysed. You can use your browser settings to influence how it handles cookies:
- You wish to be informed when cookies are set
- Do you want to delete cookies in general or in certain cases?
- Do you want cookies to be deleted automatically when you close your browser?
If you deactivate or do not allow cookies, the functionality of the website may be restricted.
If we use cookies from other companies or for analysis purposes, we will inform you of this in this privacy policy. We also ask for your consent in this regard when you visit our website.
On what legal basis do we process your data?
We have a legitimate interest in ensuring that our online services can be used by visitors without technical problems and that all desired functions are available to them. The storage of necessary and functional cookies on your device is therefore based on Art. 6 para. 1 lit. f GDPR. We use all other cookies on the basis of Art. 6 para. 1 lit. a) GDPR, provided that you give us your consent for this. You can revoke this consent at any time with effect for the future. If you consented to the placement of necessary and functional cookies when your consent was requested, these cookies will also be stored exclusively on the basis of your consent.
Server log files
The server log files record all requests and accesses to our website and error messages. They also include personal data, in particular your IP address. However, it is anonymised by the provider after a short period of time, so we cannot attribute the data to you personally. The data is transmitted automatically from your browser to our provider.
How do we process your data?
Our provider stores server log files in order to be able to track activity on our website and detect errors. The files contain the following data:
- Browser type and version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of server request
- IP address (anonymised, if necessary)
We do not merge this data with other data, but only use it for statistical analysis and to improve our website.
On what legal basis do we process your data?
We have a legitimate interest in ensuring that our website runs smoothly. It is also in our legitimate interest to obtain an anonymised overview of access to our website. Data processing is therefore lawful in accordance with Art. 6 para. 1 lit. f) GDPR.
Contact form
You can send us a message using the contact form on this website.
How do we process your data?
We store your message and form information so that we can process your enquiry, including follow-up questions. This also applies to the contact details you provide. We will not pass on the data to other people without your consent.
How long do we store your data?
We will delete your data as soon as one of the following occurs:
- Your enquiry has finally been processed.
- You ask us to delete the data.
- You revoke your consent to storage.
This only does not apply if we are legally obliged to retain the data.
On what legal basis do we process your data?
If your enquiry relates to our contractual relationship or serves to implement pre-contractual measures, we will process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is in our legitimate interest to process enquiries addressed to us effectively. The legal basis for data processing is therefore Art. 6 para. 1 lit. f GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a GDPR is the legal basis. In this case, you can withdraw your consent at any time, with effect for the future.
Enquiry by e-mail, chat or fax
You can send us a message by e-mail or fax.
How do we process your data?
We store your message and the contact details you provide or the telephone number you transmit so that we can process your enquiry, including any follow-up questions. We will not pass this data on to others without your consent.
We use the instant messaging customer service tool Crisp.chat, with which we have concluded an AV contract.
Your customer data is therefore stored and processed by Crisp IM SAS, 2 Boulevard de Launay 44100 Nantes FRANCE.
How long do we store your data?
We will delete your data as soon as one of the following occurs:
- Your enquiry has finally been processed.
- You ask us to delete the data.
- You revoke your consent to storage.
- This only does not apply if we are legally obliged to retain the data.
On what legal basis do we process your data?
If your enquiry relates to our contractual relationship or serves to implement pre-contractual measures, we will process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is in our legitimate interest to process enquiries addressed to us effectively. The legal basis for data processing is therefore Art. 6 para. 1 lit. f GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a GDPR is the legal basis. In this case, you can withdraw your consent at any time, with effect for the future.
Communication via WhatsApp
What is WhatsApp?
Instant messaging service
Who processes your data?
WhatsApp Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Where can you find more information about data protection on WhatsApp?
https://www.whatsapp.com/legal/#privacy-policy
On what basis do we transfer your data to the USA?
WhatsApp adheres to the European Commission’s standard contractual clauses (cf.
https://www.whatsapp.com/legal/business-data-processing-terms?lang=de)
How do we process your data?
To communicate with our customers and other people outside our company, we use the instant messaging service WhatsApp in the “WhatsApp Business” version.
Communication takes place using end-to-end encryption (peer-to-peer). This prevents WhatsApp or other third parties from accessing the content of the communication. We have also configured our accounts so that there is no automatic synchronisation with the address book of the smartphones used. However, WhatsApp gains access to the metadata of the communication process (e.g. sender, recipient and time of communication) and shares this data with Facebook, its US-based parent company, according to its own statement.
How long do we store your data?
We delete your data as soon as one of the following occurs:
The purpose of the data processing no longer applies.
You ask us to delete the data.
You revoke your consent to storage.
This only does not apply if we are legally obliged to retain the data.
On what legal basis do we process your data?
If our exchange of messages via WhatsApp is related to our contractual relationship or serves to implement pre-contractual measures, we will process your data on the basis of Art. 6 para. 1 lit. b) GDPR. In all other cases, it is our legitimate interest to effectively process enquiries addressed to us and to maintain business contact with other persons. The legal basis for data processing is therefore Art. 6 para. 1 lit. f GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a GDPR is the legal basis. In this case, you can withdraw your consent at any time, with effect for the future.
Calendly
What is Calendly?
Appointment scheduling tool
Who processes your data?
Calendly LLC, 271 17th St NW, 10th floor, Atlanta, Georgia 30363, USA
Have you concluded a data processing contract with Calendly?
Yes
Where can you find more information about data protection at Calendly?
https://calendly.com/pages/privacy
On what basis do we transfer your data to the USA?
Calendly adheres to the European Commission’s standard contractual clauses (cf. https://calendly.com/pages/dpa)
How do we process your data?
To book an appointment with us, you can use the Calendly tool on our website. We use the data to plan, realise and, if necessary, follow up the appointment.
How long do we store your data?
We delete your data as soon as one of the following occurs:
The purpose of the data processing no longer applies.
You ask us to delete the data.
You revoke your consent to storage.
This only does not apply if we are legally obliged to retain the data.
On what legal basis do we process your data?
We have a legitimate interest in arranging meetings with customers and other interested parties as easily as possible. Data processing is therefore carried out on the basis of Art. 6 para. 1 lit. f GDPR. If you have consented to the storage of your data, Art. 6 para. 1 lit. a) GDPR is the only legal basis. In this case, you can revoke your consent at any time, with effect for the future.
Registration function
To use certain functions or offers on our website, you need to register. To do this, you will need to enter your e-mail address and possibly other personal data.
How do we process your data?
We store the data you provide during registration and use it to provide the function or offer for which you registered. If there are any changes to the offer or function, we will use your e-mail address to inform you. We also use your e-mail address to make you other contractual offers if necessary.
How long do we store your data?
We delete your data as soon as one of the following occurs:
The purpose of the data processing no longer applies.
You ask us to delete the data.
You revoke your consent to storage.
This only does not apply if we are legally obliged to retain the data.
On what legal basis do we process your data?
We store and use your data to fulfil the relationship with you established during registration and, if necessary, to initiate further contracts. The legal basis is therefore Art. 6 para. 1 lit. b) GDPR.
Social media plug-ins
Use of social media plug-ins
Regular use
We use social media plug-ins on our website. You can recognise them by their social media logos. Thanks to the plug-ins, you can easily share the content of our website on social networks. The individual plug-ins we use can be found in the list at the end of this section. Here you will also find the relevant information on data protection for the networks.
How do we process your data?
Due to the built-in plug-ins, a connection to the servers of the social networks is established when you visit our site. This happens even if you don’t share any content. In this way, the offering companies learn that the site has been visited via your IP address. If you are logged into your social network account when you visit our site, the data transmitted may also be assigned to your personal profile. If you don’t want this to happen, you should log out of your account before continuing to browse the Internet.
With the exception of Xing, all networks store the IP address. Other personal data can be added. Your data is usually transferred to servers in the USA. If this is the case, you can find out the basis on which this is done in the information about the networks below.
On what legal basis do we process your data?
It is important for the success of our company to be present on social networks. It is therefore in our legitimate interest to use social media plug-ins to ensure that the content of our website and our offers can be easily shared. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR.
If you have consented to data processing, we process your data exclusively on the basis of Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time. We will no longer be able to process your data from the moment of revocation.
Which social media plug-ins do we use?
Facebook
What is Facebook?
Social network
Who processes your data?
Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland
Where can you find more information about data protection on Facebook?
https://de-de.facebook.com/privacy/explanation
On what basis do we transfer your data to the USA and other third countries?
On the basis of the standard contractual clauses and adequacy decisions of the European Commission (cf. https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381)
What is Twitter?
Social network
Who processes your data?
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland
Where can you find more information about data protection on Twitter?
https://twitter.com/de/privacy
On what basis do we transfer your data to the USA?
On the basis of the European Commission’s standard contractual clauses (cf. https://gdpr.twitter.com/en/controller-to-controller-transfers.html)
What is Instagram?
Social network
Who processes your data?
Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Where can you find more information about data protection on Instagram?
https://instagram.com/about/legal/privacy/
On what basis do we transfer your data to the USA and other third countries?
On the basis of standard contractual clauses and adequacy decisions of the European Commission (cf
.
https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381)
What is LinkedIn?
Social network
Who processes your data?
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland
Where can you find more information about data protection at LinkedIn?
https://www.linkedin.com/legal/privacy-policy
On what basis do we transfer your data to the USA?
On the basis of the European Commission’s standard contractual clauses (cf. https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs)
Analysis and advertising tools
We use the following tools to analyse the behaviour of visitors to our site and show them advertising.
Google Tag Manager
What is Google Tag Manager?
Tag management system for the integration of tracking codes and conversion pixels from Google Ireland. Ltd.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
Where can you find more information about data protection in Google Tag Manager?
https://policies.google.com/privacy
On what basis do we transfer your data to the USA?
On the basis of the European Commission’s standard contractual clauses (https://privacy.google.com/businesses/compliance)
How do we process your data?
We use Google Tag Manager. The tool helps us integrate tracking codes and conversion pixels into our website, manage them and reproduce them. Google Tag Manager itself does not create any user profiles, does not place any cookies on your device and does not analyse your user behaviour. However, it does record your IP address and transmits it to Google’s servers in the USA.
On what legal basis do we process your data?
We have a legitimate interest in the quick and uncomplicated integration and management of various tools on our website. The use of Google Tag Manager is therefore lawful under Art. 6 (1) (f) GDPR. If you have consented to the transfer of your IP address, we process your data exclusively on the basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, with effect for the future.
Google Analytics
What is Google Analytics?
A tool for analysing user behaviour from Google Ireland Ltd.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
Have you entered into a data processing agreement with Google Analytics?
Yes
Where can you find more information about data protection at Google Analytics?
https://support.google.com/analytics/answer/6004245?hl=de
On what basis do we transfer your data to the USA?
On the basis of the European Commission’s standard contractual clauses
(https://privacy.google.com/businesses/compliance)
How can you prevent data collection?
With a browser plug-in, among other things:
https://tools.google.com/dlpage/gaoptout?hl=de
How do we process your data?
We are always interested in optimising our web offer for our website visitors and placing advertising in the best possible way. Google Analytics, a tool that analyses user behaviour and therefore provides us with the necessary database for adjustments, helps us to do this. The tool provides us with information on the origin of our visitors, their page views and the time they spend on the pages, as well as the operating system they are using.
Standard processing
To collect the data, Google Analytics uses cookies, device fingerprinting or other technologies to recognise users. The data is transmitted to Google’s servers in the USA and summarised in a profile that can be assigned to you or your device using the IP address that is also logged.
You can prevent Google from processing your data by installing a browser plug-in that Google itself provides:
https://tools.google.com/dlpage/gaoptout?hl=de.
IP anonymisation
We have activated the “IP anonymisation” function in Google Analytics. For you, this means that Google truncates your IP address (from the EU or EEA) before transmitting it to the USA. Only in exceptional cases does Google transmit the full IP address to servers in the USA and truncate it there.
E-commerce tracking
We use the “e-commerce tracking” function of Google Analytics. This allows us to analyse the purchasing behaviour of visitors to our website and improve our online marketing campaigns. E-commerce tracking records, for example, your orders, average order values, shipping costs and the time between viewing and purchasing a product. Google can summarise the data into a transaction ID and assign it to the user or their device.
How long do we store your data?
Google deletes or anonymises data stored at user and event level that is linked to cookies, user identifiers (e.g. user IDs) or advertising IDs after 14 months, according to its own information (cf.
. https://support.google.com/analytics/answer/7667196?hl=de).
On what legal basis do we process your data?
As the website operator, we have a legitimate interest in analysing user behaviour with the aim of optimising our website and the advertising on it. Data processing is therefore lawful under Art. 6 (1) (f) GDPR. If, for example, you have consented to the storage of cookies or have consented to data processing by Google Analytics, the legal basis is exclusively Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.
Hotjar
What is Hotjar?
A tool for analysing user behaviour
Who processes your data?
Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta
Have you concluded a data processing contract with Hotjar?
Yes
Where can you find more information about data protection at Hotjar?
https://www.hotjar.com/privacy
How can you prevent data collection?
There are two ways to deactivate the tool: https://www.hotjar.com/opt-out
How do we process your data?
We are always interested in optimising our site for users and placing advertising in the best possible way. Hotjar, a tool that analyses user behaviour and therefore provides us with the necessary database for adjustments, helps us to do this. Specifically, Hotjar processes website visitor data as follows
Among other things, it records which clicking and scrolling movements users make with the mouse and how long the mouse pointer remains in a certain position. The tool then uses the data collected from all users to create so-called heat maps, which visualise which areas of the site are particularly popular.
It tells us how long users stayed on a subpage of our site and when they left the page.
It can get direct feedback from you as a site visitor.
If users started filling in our contact form, the tool records the point at which they cancelled their entry (so-called conversion funnels).
To recognise you as a user, Hotjar places cookies on your device or reads the information stored on it via the device’s fingerprint.
If you don’t want Hotjar to collect your data, you can deactivate the tool. Hotjar Ltd. offers two options for this at the following link:
https://www.hotjar.com/opt-out.
On what legal basis do we process your data?
As the website operator, we have a legitimate interest in analysing user behaviour with the aim of optimising our website and the advertising on it. Data processing is therefore lawful under Art. 6 (1) (f) GDPR. In the event that, for example, you have consented to the storage of cookies or have otherwise consented to data processing by Hotjar, the legal basis is exclusively Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.
Google Ads
What is Google Ads?
Google Ireland Ltd’s online advertising programme.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
Have you entered into a data processing agreement with Google Ads?
Yes
Where can you find more information about data protection at Google Ads?
https://policies.google.com/privacy?hl=de&gl=de
On what basis do we transfer your data to the USA?
Google adheres to the European Commission’s standard contractual clauses (https://privacy.google.com/businesses/compliance)
How do we process your data?
We use Google Ads. Google’s advertising programme allows us to display adverts on the Google search engine or on third-party websites when visitors to our website type certain search terms into Google (keyword targeting). We may also place targeted adverts based on user data available on Google (e.g. location data and interests) (target group targeting). We evaluate the data collected quantitatively, analysing, for example, which search terms led to our ads being shown and how many ads led to the corresponding clicks.
On what legal basis do we process your data?
As the operator of the website, we have a legitimate interest in the placement and analysis of adverts. Data processing is therefore lawful under Art. 6 (1) (f) GDPR. If, for example, you have consented to the storage of cookies or have otherwise consented to data processing by Google, the legal basis is exclusively Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.
Remarketing no Google Analytics
What is Google Analytics Remarketing?
Personalised advertising tool from Google Ireland Ltd.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
Have you entered into a data processing agreement with Google Analytics Remarketing?
Yes
Where can you find more information about data protection in Google Analytics Remarketing?
https://www.google.de/intl/de/policies/privacy/ and https://policies.google.com/technologies/ads
On what basis do we transfer your data to the USA?
Google adheres to the European Commission’s standard contractual clauses (https://privacy.google.com/businesses/compliance)
How can you prevent data processing?
By objecting to personalised advertising in your Google account or on this page: https://www.google.com/settings/ads/onweb/
How do we process your data?
We are always interested in optimising the positioning of our advertising. The remarketing function of Google Analytics helps us to do this.
Standard processing
Remarketing means that we analyse your behaviour on our website in order to assign you to a specific advertising target group and then show you appropriate advertising messages when you visit other websites. In addition, we link advertising target groups to Google’s cross-device functions. This allows us to display personalised, interest-based advertising messages that have been tailored to you based on your usage and browsing behaviour on one device (e.g. your mobile phone) on another device (e.g. a tablet or PC).
Objecting to personalised advertising
You can personalise the advertising settings in your Google account. To do this, click on the following link and sign in:
https://adssettings.google.com/authenticated. Outside your Google account, you can object to personalised advertising by clicking on the following link: https://www.google.com/settings/ads/onweb/ (the setting only applies to the device and browser you are currently using).
On what legal basis do we process your data?
As a website operator, we have a legitimate interest in the effective marketing of our services and products. Data processing is therefore lawful under Art. 6 (1) (f) GDPR. If you have consented to the storage of cookies, for example, or have otherwise consented to data processing by Google Analytics Remarketing, the legal basis is exclusively Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time, with effect for the future.
Google Conversion Tracking
What is Google Conversion Tracking?
A tool for analysing user behaviour on Google Ireland Ltd.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
Have you entered into a data processing agreement with Google Conversion Tracking?
Yes
Where can you find more information about data protection at Google Conversion Tracking?
https://www.google.de/intl/de/policies/privacy/
On what basis do we transfer your data to the USA?
Google adheres to the European Commission’s standard contractual clauses
(https://privacy.google.com/businesses/compliance)
How do we process your data?
We are always interested in optimising our site for users and placing advertising in the best possible way. We also use Google conversion tracking for this purpose. With this help, we can record whether and how often visitors clicked on certain buttons on our website and which products were viewed and purchased most often (conversion statistics). In the course of collecting and storing data, we do not receive any information with which we can personally identify individual visitors. Google itself uses cookies or comparable recognition technologies for identification purposes.
On what legal basis do we process your data?
As the website operator, we have a legitimate interest in analysing user behaviour with the aim of optimising our website and the advertising on it. Data processing is therefore lawful under Art. 6 (1) (f) GDPR. If, for example, you have consented to the storage of cookies or have otherwise consented to data processing by Google Conversion Tracking, the legal basis is exclusively Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.
Facebook Pixel
What is Facebook Pixel?
A tool for analysing user behaviour that measures the effectiveness of advertising on Facebook
Who processes your data?
Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland
Has a data processing agreement been concluded with Facebook Pixel?
Yes
Where can you find more information about data protection at Facebook Pixel?
https://de-de.facebook.com/about/privacy/
On what basis do we transfer your data to the USA and other third countries?
Facebook adheres to the standard contractual clauses of the European Commission (cf. https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381)
How can you prevent data processing?
If you have a Facebook account: Deactivate the “Custom Audiences” remarketing function in the Ad Settings section. (https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen).
If you don’t have a Facebook account: Switch off Facebook usage-based advertising on the website of the European Interactive Digital Advertising Alliance:http://www.youronlinechoices.com/de/praferenzmanagement/.
How do we process your data?
We use Facebook Pixel on our website. This analysis tool helps us learn more about the behaviour of our website visitors after they click on one of our Facebook ads. This allows us to measure the effectiveness of our Facebook adverts and to align future advertising measures with the knowledge gained. The data that Facebook collects via the pixel is anonymised for us as operators of this website. We cannot therefore identify you as a visitor. However, the data is stored and processed by Facebook. Facebook establishes a connection to your Facebook account via the pixel and also uses the data to place adverts on and off the network (see Facebook’s Data Use Policy). In the course of storage and processing, Facebook also transfers the data to the USA and other third countries.
If you have a Facebook account, you can activate the “Custom Audiences” remarketing function in the ad settings under
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen deactivate.
If you don’t have a Facebook account, you have the option of deactivating advertising based on your use of Facebook on the website of the European Interactive Digital Advertising Alliance:
http://www.youronlinechoices.com/de/praferenzmanagement/.
On what legal basis do we process your data?
As the website operator, we have a legitimate interest in effective advertising measures on social networks. Data processing is therefore lawful under Art. 6 (1) (f) GDPR. If you have consented to the storage of cookies, for example, or have otherwise consented to data processing by Facebook, the legal basis is exclusively Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.
LinkedIn Insight Tag
What is LinkedIn Insight Tag?
Tool for analysing LinkedIn Ireland Unlimited Company user behaviour
Who processes your data?
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland
Has a data processing contract been concluded with LinkedIn Insight Tag?
Yes
Where can you find more information about data protection at LinkedIn Insight Tag?
https://www.linkedin.com/legal/privacy-policy#choices-oblig
https://www.linkedin.com/legal/l/dpa%20und%20https://www.linkedin.com/legal/l/eu-sccs)
How can you prevent data processing?
By objecting to the analysis of your user behaviour and targeted advertising by LinkedIn at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. If you have a LinkedIn account, you can also make settings for the use of your personal data for advertising purposes.
How do we process your data?
We use the LinkedIn Insight Tag on our website. The analysis tool helps us learn more about our website visitors and adapt our online offer accordingly. If our visitors are registered with LinkedIn, we can use the tool to analyse their key professional data, such as career level, company size, country, location, sector and job title. We can also measure whether they make a purchase or take another action (conversion measurement). This data is collected across all devices. Finally, the LinkedIn Insight Tag offers a retargeting function that we can use to display targeted advertising to our visitors outside of our website. LinkedIn ensures that the individual recipients of the advertising cannot be identified.
In addition to the data mentioned, the analysis tool collects the following data when you visit our website URL, referring URL, IP address, device and browser properties and the time of access. IP addresses are shortened or pseudonymised. The latter is done if you, as a LinkedIn member, have to be contacted on multiple devices.
The data collected by LinkedIn is anonymised for us as site operators. This means that we cannot identify you as a visitor. However, LinkedIn will store your personal data on its servers in the USA and use it for its own advertising purposes.
You can prevent LinkedIn from linking the data collected on our website to your LinkedIn account by logging out of your account before continuing to browse the Internet. You can also prevent the use of your data for advertising purposes by making the appropriate settings on your account.
If you do not have a LinkedIn account, you can object to the analysis of your usage behaviour and targeted advertising by LinkedIn by clicking on the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
How long do we store your data?
LinkedIn deletes the direct identifiers of LinkedIn members after 7 days. The remaining pseudonymised data is deleted after 180 days.
On what legal basis do we process your data?
As the website operator, we have a legitimate interest in optimising our online offer and our advertising measures. Data processing is therefore lawful under Art. 6 (1) (f) GDPR. If you have consented to the storage of cookies, for example, or have consented to data processing in any other way, the legal basis is exclusively Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time, with effect for the future.
Newsletter and postal advertising
Sendinblue
What is Sendinblue?
Service for sending newsletters and analysing recipient behaviour
Who processes your data?
Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany
Have you concluded a data processing contract with Sendinblue?
Yes
Where can I find more information about data protection at Sendinblue?
https://de.sendinblue.com/legal/privacypolicy/ and https://de.sendinblue.com/legal/antispampolicy/
How do we process your data?
We use Sendinblue to send our newsletter. The service manages newsletter subscriber data for us, sends our newsletter and analyses our newsletter campaigns.
If you want to receive our newsletter, we need your e-mail address. We will also use a confirmation e-mail (double opt-in procedure) to check that you are actually the owner of this e-mail address. We do not collect any other data or only on a voluntary basis. We use your data exclusively to send you the newsletter.
If we send you a newsletter via Sendinblue and you open it, a file contained in the newsletter automatically connects to Sendinblue’s servers. This informs the service that the newsletter has been opened and records all clicks on the links it contains. Sendinblue also records technical information such as the time of access, IP address, browser type and operating system.
You can unsubscribe from the newsletter at any time.
How long do we store your data?
After unsubscribing, your data will be deleted from the newsletter distribution list. Under certain circumstances, we may also blacklist your e-mail address; this is necessary, for example, if we have received an objection to your advertising. The storage is done on the basis of Art. 6 para. 1 lit. f) GDPR.
Otherwise, we reserve the right to delete the data at any time when the purpose for which it was collected no longer applies or at our own discretion.
On what legal basis do we process your data?
By joining the subscriber list, you consent to the processing of your data by Sendinblue. This is therefore lawful on the basis of Art. 6 para. 1 lit. a) GDPR. You can revoke your consent by unsubscribing from the newsletter or by sending us an informal message. For us, this means that we will no longer be able to send you newsletters from that point onwards.
Plug-ins and tools
Google Web Fonts (local hosting)
We use fonts from the US company Google on our website. We install the fonts locally so that there is no connection to Google’s servers when you visit our site.
You can find more information about Google Web Fonts at
https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Font Awesome (local hosting)
We use icons from the Font Awesome icon library on our website. The library is provided by Fonticons Inc. We install the icons locally so that there is no connection to the company’s servers when you visit our site.
You can find more information about Font Awesome at
https://fontawesome.com/ and specifically in the privacy policy: https://fontawesome.com/privacy.
E-commerce and payment providers
Customer data and contracts
How do we process your data?
When we enter into a contract with you, we ask for certain personal data. We collect, process and use this data only to the extent that it is necessary to establish our legal relationship, organise its content or change it. If you can only use our services via our website or if services are charged for via the website, we will also collect usage data if this is necessary to enable you to use our services or to charge you for the service used.
How long do we store your data?
We store your data until the end of our legal relationship, unless we are legally obliged to store the data for longer.
On what legal basis do we process your data?
We store your data in order to fulfil the contract with you or to carry out pre-contractual measures. The basis for data processing is therefore Art. 6 para. 1 lit. b) GDPR.
Data transmission when using services and digital content
How do we process your data?
In order to process the payment, we transmit your data to a payment service or to the credit institution in charge of processing the payment. We only transmit data that is absolutely necessary for the payment process. If we wish to transmit data other than this, we will obtain your consent.
On what legal basis do we process your data?
We transmit your data in order to fulfil the contract we have concluded with you. The basis for data processing is therefore Art. 6 para. 1 lit. b GDPR. If you have consented to the disclosure of your data, the data processing is based on Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time, with effect for the future.
Payment services
So that you can conveniently pay for your purchases on our website, we use payment services, i.e. external companies that process payments for us. You can find a list of these companies at the end of this section.
How do we process your data?
You must provide certain personal data for the payment process, for example your name, bank account details or credit card number. We pass this data on to the respective payment service. The respective contractual and data protection provisions of the respective services apply to the transaction itself.
On what legal basis do we process your data?
We transmit your data in order to fulfil the contract we have concluded with you. The basis for data processing is therefore Art. 6 para. 1 lit. b) GDPR. We also have a legitimate interest in processing purchases as quickly, conveniently and securely as possible. In this respect, the legal basis is also Art. 6 para. 1 lit. f GDPR. If you have consented to the transfer of your data, the data processing is based on Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time, with effect for the future.
Which payment services do we use?
PayPal
What is PayPal?
Online payment service
Who processes your data?
PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg
Where can you find more information about data protection at PayPal?
https://www.paypal.com/de/webapps/mpp/ua/privacy-full
On what basis do we transfer your data to the USA?
PayPal adheres to the European Commission’s standard contractual clauses (cf. https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full)
Paydirekt
What is Paydirekt?
Online payment method for German banks and savings banks
Who processes your data?
Paydirekt GmbH, Hamburger Allee 26-28, 60486 Frankfurt am Main, Germany
Where can you find more information about data protection at Paydirekt?
https://www.paydirekt.de/agb/index.html
Instant bank transfer
What is Sofortüberweisung?
Online payment method that works like a bank transfer, but in which a third-party company is involved and confirms the payment to us as the seller.
Who processes your data?
Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany (Sofort GmbH is part of the Klarna Group)
Where can you find more information about data protection with Sofortüberweisung?
https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/
Audio and video conferencing
As a company, we are in contact with many people: customers, business partners, service providers, etc. In addition to other means of communication, we also use online conferencing tools. Information relevant to data protection law about the provider(s) of the tools we use can be found at the end of this section. If you communicate with us via one of these tools, not only us, but primarily the provider of the respective tool will process your personal data.
How do we process your data?
Online conferencing tools collect and store various personal data to enable participation in an online conference and its smooth organisation. In addition to registration, conference and technical data, this also applies to certain communication content.
Registration data: Your e-mail address and/or telephone number and any other data you provide when registering for the conference.
Conference dates: The start, end and duration of your participation in the conference, the number of participants and other conference metadata.
Technical data: IP address, MAC address, device ID, device type, operating system and version, client version, type of camera, microphone or speaker, as well as the type of connection.
Communication content: Cloud recordings, chat/instant messages, voice messages, uploaded photos and videos, files, whiteboards and other information shared while using the service.
For details on data processing, please refer to the privacy policies of the respective conferencing tool provider.
How long do we store your data?
As your communication partner, we will delete your data from our systems as soon as one of the following occurs:
The purpose of the data processing no longer applies.
You ask us to delete the data.
You revoke your consent to storage.
This only does not apply if we are legally obliged to retain the data.
Cookies remain on your end device until you delete them.
Conference tool providers also store your data for their own purposes. Please contact the providers directly to find out what this means for the duration of the storage of your data.
On what legal basis do we process your data?
If we already have a contractual relationship or if you wish to conclude a contract with us, we will use conferencing tools to fulfil the contract or to inform you about our services or products. In this respect, data processing is carried out on the basis of Art. 6 para. 1 lit. b) GDPR. On the other hand, the use of conferencing tools serves the purpose of simple and fast communication, without which we could not run our company efficiently. Therefore, we also have a legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR. Another legal basis may be your consent. In this case, Art. 6 para. 1 lit. a) GDPR is relevant. This basis will cease to apply in the future if you withdraw your consent.
What online conferencing tools do we use?
Google Meet
What is Google Meet?
Video conferencing service provided by Google Ireland Ltd.
Who processes your data?
Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
Has a data processing agreement been concluded with Google Meet?
Yes
Where can you find more information about data protection at Google Meet?
https://policies.google.com/privacy?hl=de
On what basis do we transfer your data to the USA?
Google adheres to the European Commission’s standard contractual clauses
(https://privacy.google.com/businesses/compliance)
In-house services / other
Handling candidate data
If you would like to work for us, we would be delighted to receive your application. We treat all personal data submitted as strictly confidential. This also applies to data that we only collect later during the application process.
How do we process your data?
We store and use all the data we collect as part of the application process, insofar as this is necessary for the decision on establishing an employment relationship. In addition to contact and communication data and application documents, this also applies, for example, to the notes we make during job interviews. We only pass on your data within our company to the people involved in processing your application.
If your application is accepted, we will store the data required to fulfil the employment contract in our data processing systems.
If we cannot offer you a suitable vacancy at the moment, we will be happy to add your data to our candidate database with your consent. This gives us the opportunity to contact you if there is a vacancy available that matches your profile.
How long do we store your data?
If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain your documents and other application data for up to 6 months after the end of the application process. The reason for this is that we may need the data for evidential purposes in the event of a legal dispute. After the end of this period, we will delete the data and destroy the documents. If a legal dispute is actually imminent or already pending, we will delete the data and documents if they are no longer needed for evidence purposes.
We delete data from the applicant pool no later than two years after consent has been granted. If you withdraw your consent before the expiry of this period, we will delete it earlier.
The deletion of your data always assumes that we are not legally obliged to keep it any longer.
On what legal basis do we process your data?
We process your applicant data on the basis of § 26 BDSG-new (commencement of an employment relationship) and Art. 6 para. 1 lit. b) GDPR (general commencement of contract).
The same applies if your application is successful.
If we are unable to make you a job offer, if you reject a job offer or if you withdraw your application, we have a legitimate interest in using your data as evidence in any legal dispute. Data processing is therefore carried out on the basis of Art. 6 para. 1 lit. f) GDPR.
If you have expressly consented to the storage of your data, we process your data on the basis of Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time, with effect for the future.
