Data protection
Introduction and Overview
We have drafted this privacy policy (version 15.05.2021-111740895) to inform you in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we, as the responsible party – and our commissioned data processors (e.g., providers) – process, will process in the future, and what lawful options you have. The terms used are to be understood in a gender-neutral way.
In short: We will comprehensively inform you about the data we process about you.
Privacy policies usually sound very technical and use legal jargon. This privacy policy, however, aims to describe the most important things to you as simply and transparently as possible. To the extent that it is conducive to transparency, technical User-friendly explanation of terms, Links for further information provided and Graphics used. We use this to inform you in clear and simple language that we only process personal data within the scope of our business activities if there is a corresponding legal basis. This is certainly not possible if one gives as concise, unclear, and legally technical explanations as are often standard on the internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is some information you didn't know yet.
If you still have questions, please contact the responsible party listed below or in the imprint, follow the existing links, and view further information on third-party sites. You will also find our contact details in the imprint, of course.
Scope of application
This privacy policy applies to all personal data processed by us within the company and to all personal data processed by companies commissioned by us (contract processors). By personal data, we mean information such as a person's name, email address, and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:
- all online presences (websites, online shops) that we operate
- Social Media Presence and Email Communication
- mobile apps for smartphones and other devices
In short: The privacy policy applies to all areas where personal data is processed in a structured manner within the company.
Legal basis
In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation, that enable us to process personal data.
Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course online on EUR-Lex, access EU law.
We only process your data if at least one of the following conditions applies:
- Consent (Article 6(1)(a) GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you enter in a contact form.
- Contract (Article 6(1)(b) GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we enter into a purchase agreement with you, we require personal information beforehand.
- Legal obligation (Article 6 Paragraph 1 lit. c GDPR): We process your data if we are subject to a legal obligation. For example, we are legally obligated to keep invoices for accounting purposes. These usually contain personal data.
- Legitimate interests (Article 6(1)(f) GDPR): In cases of legitimate interests that do not override your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website in a secure and economically efficient manner. This processing therefore constitutes a legitimate interest.
Further conditions, such as the recording of public interest and the exercise of public authority, as well as the protection of vital interests, do not typically arise in our case. Should such a legal basis nevertheless be relevant, it will be indicated at the corresponding place.
In addition to the EU regulation, national laws also apply:
- in Austria Is this the Federal Law for the Protection of Natural Persons in the Processing of Personal Data (Data Protection Actshort DSG.
- in Germany Is that valid? Federal Data Protection Act, short BDSG.
If other regional or national laws apply, we will inform you in the following sections.
Contact details of the responsible person
If you have any questions regarding data protection, you will find the contact details of the responsible person or office below.
Lorena Hoormann, BSc – Hoormann Consult
1150 Vienna
Tel.: +43 (0) 19527559
Email: office@hoormann-consult.com
Storage duration
As a general criterion, we only store personal data for as long as is absolutely necessary to provide our services and products. For example, if legally required in the case of accounting, this storage period may be exceeded. This means that we delete personal data as soon as the reason for data processing no longer exists. Should you wish for your data to be deleted or revoke your consent to data processing, your data will be deleted as quickly as possible, provided there is no obligation to retain it.
We will inform you about the specific duration of the respective data processing below, provided we have further information on it.
Rights according to the General Data Protection Regulation
According to Article 13 of the GDPR, you have the following rights to ensure fair and transparent data processing:
- Pursuant to Article 15 GDPR, you have a right of access to information on whether we process data concerning you. If this applies, you have the right to obtain a copy of the data and to receive the following information:
- for what purpose we carry out the processing;
- the categories, which are the types of data that are processed;
- who receives this data and if the data is transferred to third countries, how security can be guaranteed;
- how long the data is stored;
- the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
- that you can file a complaint with a regulatory authority (links to these authorities can be found below);
- the origin of the data, if we did not collect it from you;
- whether profiling is carried out, i.e., whether data is automatically evaluated to create a personal profile of you.
- You have the right to rectification of your data under Article 16 of the GDPR, which means we must correct any errors you find.
- Under Article 17 GDPR, you have the right to erasure (the „right to be forgotten“), which specifically means you can request the deletion of your data.
- Under Article 18 of the GDPR, you have the right to restrict processing, meaning we may only store your data but not use it further.
- You have the right to data portability under Article 19 of the GDPR, which means that we will provide you with your data in a common format upon request.
- According to Article 21 GDPR, you have a right to object, which, once exercised, leads to a change in processing.
- If the processing of your data is based on Article 6(1)(e) (public interest, exercise of public authority) or Article 6(1)(f) (legitimate interest), you may object to the processing. We will then review as quickly as possible whether we can legally comply with this objection.
- If data is used for direct advertising, you can object to this type of data processing at any time. We may no longer use your data for direct marketing thereafter.
- If data is used to create profiles, you can object to this type of data processing at any time. We may no longer use your data for profiling thereafter.
- Under Article 22 of the GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g., profiling).
If you believe that the processing of your data violates data protection law or that your data protection rights have been infringed in any other way, you can complain to the supervisory authority. This is for Austria the data protection authority and for Germany you can contact Federal Commissioner for Data Protection and Freedom of Information (BfDI) turn.
In short: You have rights – do not hesitate to contact the responsible party listed above!
Data Processing Security
To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. This makes it as difficult as possible, within our capabilities, for third parties to infer personal information from our data.
Art. 25 GDPR refers here to “data protection by design and by default” and means that security is considered and appropriate measures are implemented for both software (e.g., forms) and hardware (e.g., access to the server room). Below, we will discuss specific measures as needed.
TLS encryption with HTTPS
TLS, encryption, and HTTPS sound and are very technical. We use HTTPS (Hypertext Transfer Protocol Secure) to transmit data securely over the internet.
This means that the complete transfer of all data from your browser to our web server is secured – no one can “listen in.”.
This way, we've introduced an additional layer of security and are fulfilling "data protection by design." Article 25(1) GDPRBy using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission security by the small lock icon at the top left of the browser, to the left of the internet address (e.g., examplepage.com) and the use of the https schema (instead of http) as part of our internet address.
If you want to know more about encryption, we recommend searching Google for “Hypertext Transfer Protocol Secure wiki” to get good links for further information.
Communication
Communication Summary
👥 Affected parties: Anyone who communicates with us by phone, email, or online form
Processed data: e.g., phone number, name, email address, entered form data. More details can be found for each contact method used.
Purpose: Handling communication with customers, business partners, etc.
📅 Storage Duration: Duration of the business case and legal regulations
Legal Basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(b) GDPR (Contract), Art. 6(1)(f) GDPR (Legitimate Interests)
When you contact us and communicate by phone, email, or online form, personal data may be processed.
The data is usually stored for the duration of the business transaction or as long as required by law. The data is processed for the purpose of conducting our business activities.
Phone
When you call us, call data will be stored pseudonymously on the respective terminal device and with the telecommunications provider used. In addition, data such as name and phone number may subsequently be sent by email and stored for answering inquiries. The data will be deleted as soon as the business case has been completed and legal requirements permit.
When you communicate with us via email, data is stored on the respective end device (computer, laptop, smartphone, etc.) and data is stored on the email server. The data will be deleted as soon as the business case has been concluded and legal requirements permit.
Online Forms
If you communicate with us via the online form, data will be stored on our web server. The data will be deleted as soon as the business case has been concluded and legal requirements permit.
Legal basis
The processing of data is based on the following legal grounds:
- Art. 6(1)(a) GDPR (Consent): You give us your consent to store your data and use it for purposes related to the business case.;
- Art. 6(1)(b) GDPR (Contract): There is a need for the performance of a contract with you or a processor such as a telephone provider, or we must process the data for pre-contractual activities, such as preparing a quote.;
- Art. 6(1)(f) GDPR (Legitimate Interests): We aim to conduct customer inquiries and business communication in a professional setting. To achieve this, certain technical facilities such as email programs, Exchange servers, and mobile carriers are necessary for efficient communication.
Web hosting
|
Webhosting Summary |
What is web hosting?
When you visit websites nowadays, certain information—including personal data—is automatically generated and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By "website," we mean the entire set of web pages on a domain, meaning everything from the start page (homepage) to the very last sub-page (like this one). By "domain," we mean, for example, example.com or sample.org.
If you want to view a website on a screen, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.
This web browser must connect to another computer where the website's code is stored: the web server. Operating a web server is a complex and labor-intensive task, which is why it is usually handled by professional providers. These providers offer web hosting and thus ensure reliable and error-free storage of website data.
When connecting your browser on your computer (desktop, laptop, smartphone) and during data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, and on the other hand, the web server must also store data for a period of time to ensure proper operation.
Why do we process personal data?
The purposes of data processing are:
- Professional website hosting and operational security
- For operational safety and to create access statistics
What data is processed?
Even while you are visiting our website right now, our web server, which is the computer where this website is stored, typically automatically saves data such as
- the complete internet address (URL) of the called website (e.g. https://www.examplewebsite.com/examplesubpage.html?tid=111740895)
- Browser and browser version (e.g., Chrome 87)
- the operating system used (e.g., Windows 10)
- the address (URL) of the previously visited page (referrer URL) (e.g., https://www.examplesourcelink.com/whereicamefrom.html/)
- the hostname and IP address of the device being accessed (e.g., COMPUTERNAME and 194.23.43.121)
- Date and time
- in files, so-called web server log files
How long is data stored?
As a rule, the data mentioned above is stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data may be accessed by authorities in the event of unlawful behavior.
In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not share your data without consent!
Legal basis
The lawfulness of processing personal data in the context of web hosting arises from Art. 6(1)(f) GDPR (legitimate interests), as the use of professional hosting with a provider is necessary to present the company online in a secure and user-friendly manner.
Cookies
|
Cookie Summary |
What are cookies?
Our website uses HTTP cookies to store user-specific data.
Below, we explain what cookies are and why they are used, so that you can better understand the following privacy policy.
Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
One thing is undeniable: cookies are really useful helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically placed in the cookie folder, which is essentially the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data, such as language or personal page settings. When you revisit our site, your browser sends the „user-related“ information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are accustomed to. In some browsers, each cookie has its own file; in others, like Firefox, all cookies are stored in a single file.
The following diagram shows a possible interaction between a web browser, such as Chrome, and a web server. The web browser requests a website and receives a cookie back from the server, which the browser then reuses when another page is requested.
There are both first-party and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans, or other „malware.“ Cookies also cannot access information on your PC.
This is what cookie data might look like, for example:
Name: _ga
Value: GA1.2.1326744211.152111740895-9
Purpose Distinguishing Website Visitors
Expiration date: after 2 years
These minimum sizes a browser should be able to support:
- At least 4096 bytes per cookie
- At least 50 cookies per domain
- At least 3000 cookies in total
What types of cookies are there?
The specific cookies we use depend on the services employed and will be clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.
You can distinguish 4 types of cookies:
Essential Cookies
These cookies are necessary to ensure basic website functions. For example, these cookies are needed when a user adds a product to their shopping cart, then browses other pages, and only later proceeds to checkout. Because of these cookies, the shopping cart will not be deleted, even if the user closes their browser window.
Functional Cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are used to measure loading times and website behavior across different browsers.
Goal-oriented cookies
These cookies ensure a better user experience. For example, entered locations, font sizes, or form data are saved.
Advertising cookies
These cookies are also called targeting cookies. They are used to deliver personalized advertising to the user. This can be very convenient, but also very annoying.
When you first visit a website, you are usually asked which of these cookie types you want to allow. And of course, this decision is also stored in a cookie.
If you want to learn more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments from the Internet Engineering Task Force (IETF) named “HTTP State Management Mechanism”.
Purpose of processing via cookies
The purpose ultimately depends on the specific cookie. You can find more details about this below or from the software manufacturer that sets the cookie.
What data is processed?
Cookies are small helpers for a variety of tasks. Unfortunately, it's impossible to generalize what data is stored in cookies, but we will inform you about the data processed or stored within the scope of the following privacy policy.
Cookie duration
The storage duration depends on the specific cookie and is further specified below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years.
Right to object - how can I delete cookies?
You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete, disable, or only partially allow cookies. For example, you can block third-party cookies while allowing all other cookies.
If you want to find out which cookies are stored in your browser, or if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, enable, and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: Delete and Manage Cookies
Microsoft Edge: Delete and Manage Cookies
If you do not want cookies at all, you can set up your browser to always inform you when a cookie is to be set. This way, you can decide for each individual cookie whether to allow it or not. The procedure varies depending on the browser. It is best to search for instructions in Google using the search terms “delete cookies Chrome” or “disable cookies Chrome” in the case of a Chrome browser.
Legal basis
Since 2009, there have been so-called „cookie policies.“ They stipulate that storing cookies is a Consent (Article 6(1)(a) GDPR) requires you to do so. However, there are still very different reactions to these directives within the EU countries. In Austria, however, this directive was implemented in § 96(3) of the Telecommunications Act (TKG). In Germany, the cookie guidelines were not implemented as national law. Instead, this directive was largely implemented in § 15(3) of the Telemedia Act (TMG).
For strictly necessary cookies, where no consent exists legitimate interests (Article 6(1)(f) GDPR), which in most cases are economic in nature. We want to provide website visitors with a pleasant user experience, and cookies are often absolutely necessary for this.
In the following sections, you will be informed in more detail about the use of cookies, provided that the implemented software uses cookies.
Web Analytics
Web Analytics Privacy Policy Summary
👥 Affected: Website visitors
Purpose: Evaluation of visitor information for the optimization of the web offering.
Processed data: Access statistics, which include data such as access locations, device data, access duration and time, navigation behavior, click behavior, and IP addresses. More details can be found in the respective web analytics tool used.
Storage duration: depends on the web analytics tool used
Legal basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate interests)
What is Web Analytics?
We use software on our website to analyze visitor behavior, referred to as web analytics. This involves collecting data that is stored, managed, and processed by the respective analytics tool provider (also known as a tracking tool). This data is used to create analyses of user behavior on our website and is made available to us as the website operator. In addition, most tools offer various testing options. For example, we can test which offers or content are most popular with our visitors. To do this, we present two different offers for a limited period. After the test (known as an A/B test), we know which product or content our website visitors find more interesting. For such testing procedures, as well as for other analytics processes, user profiles can be created and data can be stored in cookies.
Why do we do web analytics?
Our website has a clear goal: we want to deliver the best web offering on the market for our industry. To achieve this goal, we want to offer the best and most interesting products and services on the one hand, and on the other, ensure that you feel completely comfortable on our website. With the help of web analytics tools, we can take a closer look at the behavior of our website visitors and then improve our web offering accordingly for you and for us. For example, we can see the average age of our visitors, where they come from, when our website is visited the most, or which content or products are particularly popular. All of this information helps us optimize the website and thus adapt it as best as possible to your needs, interests, and desires.
What data is processed?
The exact data that is stored naturally depends on the analysis tools used. However, typically, it is stored which content you view on our website, which buttons or links you click, when you access a page, which browser you use, which device (PC, tablet, smartphone, etc.) you use to visit the website, or which computer system you use. If you have consented to location data also being collected, this can also be processed by the web analytics tool provider.
Additionally, your IP address is also stored. According to the General Data Protection Regulation (GDPR), IP addresses are considered personal data. However, your IP address is generally stored in a pseudonymized form (i.e., in an unintelligible and abbreviated format). For the purposes of testing, web analysis, and web optimization, direct data such as your name, age, address, or email address are generally not stored. All such data, if collected, is stored pseudonymously. This ensures that you cannot be identified as an individual.
The following example schematically shows how Google Analytics works as an example of client-based web tracking with JavaScript code.
How long specific data is stored always depends on the provider. Some cookies only store data for a few minutes or until you leave the website, while other cookies can store data for several years.
Duration of data processing
We will inform you about the duration of data processing below, provided we have further information on it. Generally, we only process personal data for as long as is absolutely necessary for the provision of our services and products. If, as is the case with accounting for example, it is legally required, this retention period may also be exceeded.
Right of objection
You also have the right and the ability to revoke your consent to the use of cookies or third-party providers at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, disabling, or deleting cookies in your browser.
Legal basis
The use of web analytics requires your consent, which we obtained with our cookie popup. According to Article 6(1)(a) GDPR (Consent) the legal basis for processing personal data, as can occur when collected by web analytics tools.
In addition to consent, we have a legitimate interest in analyzing the behavior of website visitors in order to improve our services both technically and economically. With the help of web analytics, we can identify website errors, detect attacks, and improve profitability. The legal basis for this is Art. 6(1)(f) GDPR (Legitimate interests).
Since web analytics tools use cookies, we also recommend reading our general cookie data protection policy. To find out exactly what data is stored and processed about you, you should read the data protection policies of the respective tools.
Information on special web analytics tools, if available, can be found in the following sections.
Matomo Privacy Policy
We use Matomo, website analytics software, on our website. The service provider is the New Zealand company InnoCraft Ltd, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand.
Learn more about the data processed by using Matomo in the Privacy Policy at https://matomo.org/privacy-policy/ .
You can send data protection inquiries by email to privacy@matomo.org aim.
Email Marketing
|
Email Marketing Summary |
What is email marketing?
To keep you up-to-date, we also utilize email marketing. If you have consented to receive our emails or newsletters, your data will be processed and stored. Email marketing is a sub-category of online marketing, where news or general information about a company, products, or services is sent via email to a specific group of interested individuals.
If you wish to participate in our email marketing (mostly via newsletter), you usually just need to sign up with your email address. To do this, you fill out an online form and submit it. However, it may also happen that we ask for your salutation and name so that we can address you personally.
Basically, signing up for newsletters works using what's known as the „double opt-in procedure.“ After you sign up for our newsletter on our website, you'll receive an email to confirm your newsletter subscription. This ensures that the email address belongs to you and that no one has signed up with someone else's email address. We, or a notification tool used by us, will log every single registration. This is necessary so that we can prove the legally compliant registration process. This typically involves saving the time of registration, the time of registration confirmation, and your IP address. Additionally, any changes you make to your stored data are also logged.
Why do we use email marketing?
We naturally want to stay in touch with you and always present you with the most important news about our company. For this purpose, we use e-mail marketing - often also referred to as “newsletter” - as an essential component of our online marketing. If you agree to this or if it is legally permitted, we will send you newsletters, system emails, or other notifications via e-mail. When we use the term „newsletter“ in the following text, we mean regularly sent emails. Of course, we do not want to bother you with our newsletters in any way. Therefore, we always strive to offer only relevant and interesting content. For example, you will learn more about our company, our services, or our products. Since we are constantly improving our offerings, you will also always find out about news or special, lucrative promotions via our newsletter. If we commission a service provider that offers a professional sending tool for our e-mail marketing, we do so in order to be able to offer you fast and secure newsletters. The purpose of our e-mail marketing is fundamentally to inform you about new offers and also to achieve our business goals.
What data is processed?
By subscribing to our newsletter via our website, you confirm your membership in an email list via email. In addition to your IP address and email address, your salutation, name, address, and phone number may also be stored. However, this will only happen if you consent to this data storage. Furthermore, information about your device or your preferred content on our website may also be stored. You can find more information about data storage when visiting a website in the “Automatic Data Storage” section.
Duration of data processing
If you unsubscribe from our email/newsletter distribution list, we may store your address for up to three years based on our legitimate interests in order to prove your consent at that time. We may only process this data if we need to defend ourselves against any claims.
However, if you confirm that you have given us consent to subscribe to the newsletter, you can submit an individual deletion request at any time. If you permanently object to the consent, we reserve the right to store your email address in a blocklist. As long as you have voluntarily subscribed to our newsletter, we will of course also keep your email address.
Cancellation – How can I cancel my subscription?
You can unsubscribe from our newsletter at any time. To do so, you simply need to revoke your consent to receive newsletter subscriptions. This usually takes only a few seconds or one or two clicks. You'll typically find a link to unsubscribe from the newsletter directly at the bottom of every email. If you can't find the link in the newsletter, please contact us by email, and we will cancel your newsletter subscription immediately.
Legal basis
Sending our newsletter is based on your Consent (Article 6(1)(a) GDPR). This means we may only send you a newsletter if you have actively subscribed to it beforehand. If consent is not necessary, then newsletter distribution will be based on legitimate interest in direct marketing (Article 6(1)(f)), provided this is legally permissible. Even if we commission a service provider, this happens on the basis of our legitimate interest. We record your registration process so that we can always prove that it complies with our laws.
Information about special email marketing services and how they process personal data can be found in the following sections, if available.
Active Campaign Privacy Policy
Active Campaign Privacy Policy Summary
|
👥 Affected: Newsletter Subscribers 🤝 Purpose: Direct email advertising, notification of system-relevant events Processed data: Data entered during registration, but at least the email address. Storage duration: Duration of the subscription's existence Legal basis: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests) |
We use the newsletter to inform you about us and our offers. If you wish to receive the newsletter, we require a valid email address from you, as well as information that allows us to verify that you are the owner of the provided email address or that its owner agrees to receive the newsletter. Furthermore, we ask for your first name to personalize our newsletter; this information is provided voluntarily. No further data will be collected. This data will only be used for sending newsletters and will not be passed on to third parties. By subscribing to the newsletter, we will store your IP address and the date of subscription. This storage serves solely to provide proof in the event that a third party misuses an email address and subscribes to the newsletter without the knowledge of the authorized person. You can revoke your consent to the storage of your data, your email address, and its use for sending the newsletter at any time. The revocation can be done via a link in the newsletters themselves, in your profile area, or by contacting us using the contact options provided above.
Information on Newsletters and Consents
With the following information, we will inform you about the content of our newsletter, as well as the registration, sending, and statistical evaluation procedures, and your rights to object. By subscribing to our newsletter, you agree to receive it and the procedures described.
Newsletter content
We send newsletters, emails, and other electronic notifications with advertising information (hereinafter „newsletters“) only with the consent of the recipients or a legal permission. If the content of the newsletter is specifically described when signing up, it is decisive for the users' consent. Furthermore, our newsletters contain information about our products and our company (this can include, in particular, references to blog posts, lectures or workshops, our services, or online presences).
Double opt-in and logging
Subscription to our newsletter is done using a so-called double opt-in procedure. This means that after subscribing, you will receive an email asking you to confirm your subscription. This confirmation is necessary so that no one can subscribe using someone else's email address. Newsletter subscriptions are logged to be able to prove the subscription process according to legal requirements. This includes storing the subscription and confirmation times, as well as the IP address.
Using the shipping service provider „ActiveCampaign“
The newsletter is sent via ActiveCampaign a newsletter distribution platform from the US provider ActiveCampaign, LLC, 150 N. Michigan Ave Suite 1230, Chicago, IL, US, USA.
The email addresses of our newsletter subscribers, as well as their other data described in these notices, are stored on ActiveCampaign's servers in the USA. ActiveCampaign uses this information to send and analyze the newsletters on our behalf. Furthermore, according to its own information, ActiveCampaign may use this data to optimize or improve its own services, e.g., for the technical optimization of the sending and presentation of newsletters or for economic purposes, to determine which countries recipients come from. However, ActiveCampaign does not use the data of our newsletter subscribers to contact them itself, nor does it pass the data on to third parties.
We rely on the reliability and IT and data security of ActiveCampaign. ActiveCampaign is under the Data Processing Agreement EU-US Privacy Shield certified and thereby commits to complying with EU data protection requirements. We have concluded a Data Processing Agreement with the provider in accordance with Article 28 of the GDPR. You can find ActiveCampaign's privacy policy here.Additionally, ActiveCampaign protects our newsletter subscribers with a comprehensive Anti-Spam Policy.
Login credentials
To subscribe to the newsletter, simply provide your email address.
Statistical surveys and analyses
The newsletters contain a so-called „web beacon,“ which is a pixel-sized file that is retrieved from ActiveCampaign's server when the newsletter is opened. During this retrieval, technical information, such as information about your browser and system, as well as your IP address and the time of retrieval, are collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times.
Statistical surveys also include determining whether newsletters are opened, when they are opened, and which links are clicked. While this information can be technically assigned to individual newsletter recipients, it is neither our intention, nor that of ActiveCampaign, to monitor individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to our users' interests.
Online call and data management
There are cases where we direct newsletter recipients to ActiveCampaign's websites. For example, our newsletters contain a link that allows newsletter recipients to view the newsletters online (e.g., in case of display problems in their email program). Furthermore, newsletter recipients can subsequently correct their data, such as their email address. Likewise, the Privacy Policy available from ActiveCampaign only on their site.
In this context, we pointed out that ActiveCampaign uses cookies on its websites and thus processes personal data by ActiveCampaign, its partners, and service providers (e.g., Google Analytics). We have no influence over this data collection. We would also like to draw your attention to the opt-out options for data collection for advertising purposes on the websites. https://www.aboutads.info/choices/ and https://www.youronlinechoices.com/ (for the European region).
Termination/Cancellation
You can unsubscribe from our newsletter at any time, i.e., revoke your consent. This will simultaneously revoke your consent for its dispatch via ActiveCampaign and for statistical analyses. Separate revocation of dispatch via ActiveCampaign or statistical analysis is not possible. You will find a link to unsubscribe from the newsletter at the end of each newsletter.
TidyCal Privacy Policy
TidyCal
You can book an appointment with me on my website. I use the “TidyCal” service for this purpose. „TidyCal“ is a service provided by Sumo Group Inc. (d/b/a “TidyCal”), 305 E. 6th St #3, Austin, TX 78702, United States. When you click the booking button, you will be automatically connected to my TidyCal account. After selecting your appointment, confirming it, and entering your contact information and request, you will receive an email from TidyCal confirming your appointment.
Your information from the TidyCal form, including the data you provided there, will be stored by me for the purpose of processing your request and in case of follow-up questions. This data will remain with me until you request its deletion, revoke your consent for storage, or the purpose for data storage no longer applies (e.g., appointment completed). Mandatory legal provisions – particularly retention periods – remain unaffected.
Furthermore, I have concluded a „Data Processing Addendum“ with TidyCal. This is a contract in which TidyCal commits to protecting my users' data, processing it on my behalf in accordance with its data protection regulations, and in particular not passing it on to third parties. You can view further information about TidyCal and data protection at TidyCal here: https://tidycal.com/privacy-policy
Zoom Privacy Policy
Zoom
We use the tool „Zoom“ to conduct telephone conferences, online meetings, video conferences, and/or webinars (hereinafter: „Online Meetings“). „Zoom“ is a service of Zoom Video Communications, Inc., which is based in the USA.
To the extent that you access the „Zoom“ website, the provider of „Zoom“ is responsible for data processing. However, accessing the website is only necessary to download the software for using „Zoom.“ You can also use „Zoom“ by entering the respective meeting ID and, if applicable, other access credentials for the meeting directly in the „Zoom“ app. If you do not want to or cannot use the „Zoom“ app, the basic functions can also be used via a browser version, which you can also find on the „Zoom“ website.
When using „Zoom,“ various types of data are processed. The scope of the data also depends on what data you provide before or during participation in an „online meeting.“ The following personal data are subject to processing:
- User Information: First name, Last name, Phone (optional), Email address, Password (if „Single Sign-On“ is not used), Profile picture (optional), Department (optional)
- Meeting Metadata: Topic, Description (optional), Participant IP addresses, Device/Hardware information
- When recording (optional): MP4 file of all video, audio, and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
- When dialing in by phone: Information on the incoming and outgoing phone number, country name, start and end time. Additional connection data, such as the IP address of the device, may also be stored.
- Text, audio, and video data: You may have the option to use the chat, question, or polling functions in an „online meeting.“ In this regard, the text input you provide will be processed to display and, if necessary, log it in the „online meeting.“ To enable video display and audio playback, data from your device's microphone and any video camera on your device will be processed for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the „Zoom“ application.
To participate in an „online meeting“ or enter the „meeting room,“ you must at least provide your name.
We use „Zoom“ to conduct „online meetings.“ If we want to record „online meetings,“ we will transparently inform you in advance and, if necessary, ask for your consent. The fact of the recording will also be displayed in the „Zoom“ app. In the case of webinars, we may also process questions asked by webinar participants for the purpose of recording and follow-up of webinars.
If you are registered as a user on „Zoom,“ then reports on „online meetings“ (meeting metadata, telephone dial-in data, Q&A in webinars, polling feature in webinars) can be stored on „Zoom“ for up to one month. Automated decision-making pursuant to Art. 22 GDPR is not used.
Personal data processed in connection with participation in „online meetings“ is generally not disclosed to third parties unless it is intended for disclosure. Please note that content from „online meetings,“ just like with in-person meetings, often serves precisely to communicate information with customers, prospective customers, or third parties and is therefore intended for disclosure.
Other recipients: The provider of „Zoom“ will necessarily be informed of the above-mentioned data, insofar as this is provided for within the scope of our data processing agreement with „Zoom.“.
„Zoom“ is a service provided by a US-based provider. This means that personal data is also processed in a third country. We have concluded a Data Processing Agreement with the provider of „Zoom“ that complies with the requirements of Art. 28 GDPR. An appropriate level of data protection is guaranteed, firstly, by concluding the so-called EU Standard Contractual Clauses. As supplementary protective measures, we have also configured our Zoom settings to ensure that only data centers in the EU, the EEA, or secure third countries such as Canada or Japan are used for conducting „online meetings.“.
YouTube Privacy Policy
We have embedded YouTube videos on our website. This allows us to present interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that has an embedded YouTube video, your browser automatically connects to YouTube's or Google's servers. This transfers various data (depending on your settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in the European region.
In the following, we will explain in more detail which data is processed, why we have embedded YouTube videos, and how you can manage or delete your data.
What is YouTube?
On YouTube, users can watch, rate, comment on, and upload videos for free. Over the past few years, YouTube has become one of the most important social media channels worldwide. To display videos on our website, YouTube provides a code snippet that we have integrated into our page.
Why do we use YouTube videos on our website?
YouTube is the video platform with the most visitors and the best content. We strive to provide you with the best possible user experience on our website. And of course, interesting videos should not be missing. With the help of our embedded videos, we provide you with further helpful content in addition to our texts and images. Furthermore, our website is more easily found on the Google search engine thanks to the embedded videos. Even when we place advertisements via Google Ads, Google - thanks to the collected data - can really only show these ads to people who are interested in our offers.
YouTube stores data such as: viewing history, search history, likes and dislikes on videos, comments you leave, and videos you subscribe to. If you have a YouTube Premium subscription, they also store your payment information. Additionally, YouTube collects data on your device (like IP address and device type), your location, and how you interact with the platform (e.g., time spent watching videos, clicks).
As soon as you visit one of our pages that has an embedded YouTube video, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can usually associate your interactions on our website with your profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution, or your internet provider. Further data may include contact details, any ratings, sharing content via social media, or adding to your favorites on YouTube.
If you are not signed into a Google Account or a YouTube Account, Google will store data associated with a unique identifier linked to your device, browser, or app. This allows for things like remembering your preferred language settings. However, many interaction data cannot be saved as fewer cookies are set.
In the following list, we show cookies that were set in a browser test. On the one hand, we show cookies that are set without a logged-in YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be exhaustive because user data always depends on interactions on YouTube.
Name: YSC
Value: b9-CV6ojI5Y111740895-1
Purpose This cookie registers a unique ID to store statistics of the viewed video.
Expiration date: after session end
Name: PREF
Value: f1=50000000
Purpose This cookie also registers your unique ID. Google uses PREF to collect statistics on how you use YouTube videos on our website.
Expiration date: after 8 months
Name: GPS
Value: 1
Purpose This cookie registers your unique ID on mobile devices to track GPS location.
Expiration date: after 30 minutes
Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose This cookie attempts to estimate the user's bandwidth on our websites (with embedded YouTube video).
Expiration date: after 8 months
Further cookies that are set when you are logged in with your YouTube account:
Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7111740895-
Purpose This cookie is used to create a profile of your interests. The data is used for personalized advertisements.
Expiration date: after 2 years
No
Purpose This cookie stores information on how you use the website and what advertisements you may have seen before visiting our site.
Expiration date: after 3 months
How long and where will the data be stored?
The data that YouTube receives and processes from you is stored on Google servers. Most of these servers are located in America. Under https://www.google.com/about/datacenters/inside/locations/?hl=de See exactly where Google data centers are located. Your data is distributed across servers. This makes data retrieval faster and provides better protection against manipulation.
Google stores the collected data for different lengths of time. Some data you can delete at any time, other data is automatically deleted after a limited time, and still other data is stored by Google for longer periods. Some data (like items from „My Activity,“ photos or documents, products) stored in your Google Account remain as long as you delete them. Even if you are not signed in to a Google Account, you can delete some data associated with your device, browser, or app.
How can I delete my data or prevent data storage?
Basically, you can manually delete data in your Google Account. With the automatic deletion feature for location and activity data introduced in 2019, information is stored depending on your decision – either for 3 or 18 months and then deleted.
Regardless of whether you have a Google account or not, you can configure your browser to delete or disable cookies from Google. The way this works varies depending on the browser you use. The following instructions show you how to manage cookies in your browser:
Chrome: Delete, enable, and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: Delete and Manage Cookies
Microsoft Edge: Delete and Manage Cookies
If you generally do not want cookies, you can set up your browser to always inform you when a cookie is to be set. This way, you can decide for each individual cookie whether to allow it or not. As YouTube is a subsidiary of Google, there is a joint privacy policy. If you want to learn more about how your data is handled, we recommend Privacy Policy.
Google Maps Privacy Policy
We use Google Maps from Google Inc. on our website. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. With Google Maps, we can show you locations better and thus adapt our service to your needs. By using Google Maps, data is transferred to Google and stored on Google's servers. Here we want to go into more detail about what Google Maps is, why we use this Google service, what data is stored, and how you can prevent this.
What is Google Maps?
Google Maps is an internet mapping service from the company Google. With Google Maps, you can search for precise locations of cities, attractions, accommodations, or businesses online via a PC, tablet, or app. If businesses are listed on Google My Business, additional information about the company is displayed along with the location. To show how to get there, map sections of a location can be embedded into a website using HTML code. Google Maps displays the Earth's surface as a street map or as an aerial or satellite image. Thanks to Street View images and high-quality satellite images, very precise representations are possible.
Why do we use Google Maps on our website?
All our efforts on this page aim to provide you with a useful and meaningful time on our website. By integrating Google Maps, we can provide you with the most important information about various locations. You can see where our company headquarters are at a glance. The directions will always show you the best or fastest route to us. You can retrieve directions for car, public transport, walking, or cycling routes. For us, providing Google Maps is part of our customer service.
Google Maps speichert verschiedene Daten über Ihre Nutzung, um Ihnen personalisierte Dienste anzubieten und die Qualität der Karten zu verbessern. Dazu gehören: * **Standortverlauf:** Wenn Sie den Standortverlauf aktiviert haben, speichert Google eine Chronik der Orte, die Sie mit Ihrem Gerät besucht haben. Dies hilft bei der Verkehrsinfo-Vorhersage, der Verbesserung von Empfehlungen und der Anzeige relevanter Orte in Ihrer Nähe. * **Gesuchte Orte:** Suchanfragen, die Sie in Google Maps eingeben, werden gespeichert. Dies ermöglicht es Google, Ihnen bei zukünftigen Suchen Vorschläge zu machen und Ihnen relevante Ergebnisse zu liefern. * **Von Ihnen besuchte Orte und Bewertungen:** Wenn Sie Orte bewerten oder Rezensionen hinterlassen, werden diese Informationen zusammen mit Ihrem Namen und Profilbild (falls öffentlich sichtbar) auf Google Maps angezeigt. * **Geräteinformationen:** Informationen über Ihr Gerät, wie z. B. Betriebssystem, Hardwaremodell, eindeutige Gerätekennungen und Mobilfunknetz-Informationen, können gespeichert werden, um die Dienste zu optimieren und Sicherheitsprobleme zu beheben. * **Nutzungsdaten:** Details darüber, wie Sie mit Google Maps interagieren, z. B. welche Funktionen Sie nutzen, wie oft Sie die App öffnen und welche Routen Sie planen, werden gesammelt. * **Kontoinformationen:** Wenn Sie mit Ihrem Google-Konto angemeldet sind, werden die Daten mit Ihrem Konto verknüpft. Dazu gehören auch Einstellungen und Präferenzen, die Sie in Ihrem Google-Konto festgelegt haben. * **Daten von verbundenen Diensten:** Wenn Sie Google Maps mit anderen Google-Diensten verknüpfen (z. B. Google Assistant), können auch Daten aus diesen Diensten verwendet werden, um Ihre Erfahrung zu verbessern. Sie können ihre über Google Maps gesammelten Daten in den Datenschutzeinstellungen ihres Google-Kontos einsehen, verwalten und löschen.
For Google Maps to offer its full service, the company must record and store data from you. This includes, among other things, your search terms, your IP address, and your latitude and longitude coordinates. If you use the route planner function, the starting address you enter will also be stored. However, this data storage happens on the Google Maps websites. We can only inform you about this and have no influence. Since we have integrated Google Maps into our website, Google sets at least one cookie (name: NID) in your browser. This cookie stores data about your user behavior. Google primarily uses this data to optimize its own services and to provide you with personalized advertising.
The following cookie is set in your browser due to the integration of Google Maps:
Name: National Identity Card
Value: 188=h26c1Ktha7fCQTx8rXgLyATyITJ111740895-5
Purpose NID is used by Google to customize ads for your Google searches. With the help of the cookie, Google „remembers“ your most frequent search queries or your previous interactions with ads, so you always get tailored ads. The cookie contains a unique ID that Google uses to collect your personal settings for advertising purposes.
Expiration date: after 6 months
Note: We cannot guarantee the completeness of the stored data. Changes can never be ruled out, especially when using cookies. A separate test page was created to identify the NID cookie, where only Google Maps was integrated.
How long and where will the data be stored?
Google's servers are located in data centers around the world. However, most of the servers are in America. For this reason, your data is also increasingly stored in the USA. Here Can you tell me exactly where Google's data centers are located.
Google distributes its data across various storage media. This makes the data accessible more quickly and better protects it from potential manipulation attempts. Each data center also has special emergency programs. For example, if there are problems with Google's hardware or a natural disaster brings down the servers, the data remains quite safely protected.
Google stores some data for a set period. For other data, Google only offers the option to delete it manually. Furthermore, the company also anonymizes information (such as advertising data) in server logs by deleting a portion of the IP address and cookie information after 9 or 18 months.
How can I delete my data or prevent data storage?
With the automatic deletion of location and activity data introduced in 2019, location and web/app activity information are stored for either 3 or 18 months, depending on your decision, and then deleted. Additionally, you can manually delete this data from your history at any time via your Google Account. If you want to completely prevent location tracking, you must pause the „Web & App Activity“ section in your Google Account. Click „Data & privacy“ and then click the „Activity controls“ option. Here you can turn activities on or off.
In your browser, you can also disable, delete, or manage individual cookies. Depending on the browser you are using, this always works a little differently. The following instructions show you how to manage cookies in your browser:
Chrome: Delete, enable, and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: Delete and Manage Cookies
Microsoft Edge: Delete and Manage Cookies
If you don't want cookies at all, you can set up your browser to always inform you when a cookie is about to be set. This way, you can decide whether to allow each individual cookie.
Please note that when using this tool, data may also be stored and processed by you outside the EU. Most third countries (including the USA) are considered not secure under current European data protection law. Therefore, data may not be simply transferred, stored, and processed in insecure third countries unless there are suitable safeguards (such as EU Standard Contractual Clauses) between us and the non-European service provider.
If you want to learn more about Google's data processing, we recommend their in-house Company Privacy Policy.
All texts are protected by copyright.
Source: Created with the Privacy Policy Generator from AdSimple