Datahearts

Search
Close this search box.

Privacy Policy

1. An overview of the privacy policy

General information

The fol­lo­wing infor­ma­tion will pro­vide you with an easy to navi­gate over­view of what will hap­pen with your per­so­nal data when you visit this web­site. The term “per­so­nal data” com­pri­ses all data that can be used to per­so­nally iden­tify you. For detailed infor­ma­tion about the sub­ject mat­ter of data pro­tec­tion, please con­sult our Data Pro­tec­tion Decla­ra­tion, which we have included beneath this copy.

Data recording on this website

Who is the respon­si­ble party for the recor­ding of data on this web­site (i.e., the “con­trol­ler”)?

The data on this web­site is pro­ces­sed by the ope­ra­tor of the web­site, whose cont­act infor­ma­tion is available under sec­tion “Infor­ma­tion about the respon­si­ble party (refer­red to as the “con­trol­ler” in the GDPR)” in this Pri­vacy Policy.

How do we record your data?

We coll­ect your data as a result of your sha­ring of your data with us. This may, for ins­tance be infor­ma­tion you enter into our cont­act form.

Other data shall be recor­ded by our IT sys­tems auto­ma­ti­cally or after you con­sent to its recor­ding during your web­site visit. This data com­pri­ses pri­ma­rily tech­ni­cal infor­ma­tion (e.g., web brow­ser, ope­ra­ting sys­tem, or time the site was acces­sed). This infor­ma­tion is recor­ded auto­ma­ti­cally when you access this web­site.

What are the pur­po­ses we use your data for?

A por­tion of the infor­ma­tion is gene­ra­ted to gua­ran­tee the error free pro­vi­sion of the web­site. Other data may be used to ana­lyze your user pat­terns.

What rights do you have as far as your infor­ma­tion is con­cer­ned?

You have the right to receive infor­ma­tion about the source, reci­pi­ents, and pur­po­ses of your archi­ved per­so­nal data at any time wit­hout having to pay a fee for such dis­clo­sures. You also have the right to demand that your data are rec­ti­fied or era­di­ca­ted. If you have con­sen­ted to data pro­ces­sing, you have the option to revoke this con­sent at any time, which shall affect all future data pro­ces­sing. Moreo­ver, you have the right to demand that the pro­ces­sing of your data be rest­ric­ted under cer­tain cir­cum­s­tances. Fur­ther­more, you have the right to log a com­plaint with the com­pe­tent super­vi­sing agency.

Please do not hesi­tate to cont­act us at any time if you have ques­ti­ons about this or any other data pro­tec­tion rela­ted issues.

Analysis tools and tools provided by third parties

There is a pos­si­bi­lity that your brow­sing pat­terns will be sta­tis­ti­cally ana­ly­zed when your visit this web­site. Such ana­ly­ses are per­for­med pri­ma­rily with what we refer to as ana­ly­sis pro­grams.

For detailed infor­ma­tion about these ana­ly­sis pro­grams please con­sult our Data Pro­tec­tion Decla­ra­tion below.

2. Hosting

External Hosting

This web­site is hos­ted extern­ally. Per­so­nal data coll­ec­ted on this web­site are stored on the ser­vers of the host. These may include, but are not limi­ted to, IP addres­ses, cont­act requests, meta­data and com­mu­ni­ca­ti­ons, con­tract infor­ma­tion, cont­act infor­ma­tion, names, web page access, and other data gene­ra­ted through a web site.

The exter­nal hos­ting ser­ves the pur­pose of ful­fil­ling the con­tract with our poten­tial and exis­ting cus­to­mers (Art. 6(1)(b) GDPR) and in the inte­rest of secure, fast, and effi­ci­ent pro­vi­sion of our online ser­vices by a pro­fes­sio­nal pro­vi­der (Art. 6(1)(f) GDPR). If appro­priate con­sent has been obtai­ned, the pro­ces­sing is car­ried out exclu­si­vely on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­tion in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TTDSG. This con­sent can be revo­ked at any time.

Our host(s) will only pro­cess your data to the ext­ent neces­sary to ful­fil its per­for­mance obli­ga­ti­ons and to fol­low our ins­truc­tions with respect to such data.

We are using the fol­lo­wing host(s):

united-domains AG
Gau­tin­ger Straße 10
82319 Starn­berg

Data processing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the above-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­vacy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

3. General information and mandatory information

Data protection

The ope­ra­tors of this web­site and its pages take the pro­tec­tion of your per­so­nal data very seriously. Hence, we handle your per­so­nal data as con­fi­den­tial infor­ma­tion and in com­pli­ance with the sta­tu­tory data pro­tec­tion regu­la­ti­ons and this Data Pro­tec­tion Decla­ra­tion.

When­ever you use this web­site, a variety of per­so­nal infor­ma­tion will be coll­ec­ted. Per­so­nal data com­pri­ses data that can be used to per­so­nally iden­tify you. This Data Pro­tec­tion Decla­ra­tion explains which data we coll­ect as well as the pur­po­ses we use this data for. It also explains how, and for which pur­pose the infor­ma­tion is coll­ec­ted.

We here­with advise you that the trans­mis­sion of data via the Inter­net (i.e., through e‑mail com­mu­ni­ca­ti­ons) may be prone to secu­rity gaps. It is not pos­si­ble to com­ple­tely pro­tect data against third-party access.

Information about the responsible party (referred to as the “controller” in the GDPR)

Storage duration

The data pro­ces­sing con­trol­ler on this web­site is:

Stat­Soft GmbH
Eiff­ler­straße 43
22769 Ham­burg

Phone: +49 40 2285 9000
E‑mail: info@statsoft.de

The con­trol­ler is the natu­ral per­son or legal entity that sin­gle-han­dedly or jointly with others makes decis­i­ons as to the pur­po­ses of and resour­ces for the pro­ces­sing of per­so­nal data (e.g., names, e‑mail addres­ses, etc.).

Unless a more spe­ci­fic sto­rage period has been spe­ci­fied in this pri­vacy policy, your per­so­nal data will remain with us until the pur­pose for which it was coll­ec­ted no lon­ger applies. If you assert a jus­ti­fied request for dele­tion or revoke your con­sent to data pro­ces­sing, your data will be dele­ted, unless we have other legally per­mis­si­ble reasons for sto­ring your per­so­nal data (e.g., tax or com­mer­cial law reten­tion peri­ods); in the lat­ter case, the dele­tion will take place after these reasons cease to apply.

General information on the legal basis for the data processing on this website

If you have con­sen­ted to data pro­ces­sing, we pro­cess your per­so­nal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if spe­cial cate­go­ries of data are pro­ces­sed accor­ding to Art. 9 (1) DSGVO. In the case of expli­cit con­sent to the trans­fer of per­so­nal data to third count­ries, the data pro­ces­sing is also based on Art. 49 (1)(a) GDPR. If you have con­sen­ted to the sto­rage of coo­kies or to the access to infor­ma­tion in your end device (e.g., via device fin­ger­prin­ting), the data pro­ces­sing is addi­tio­nally based on § 25 (1) TTDSG. The con­sent can be revo­ked at any time. If your data is requi­red for the ful­fill­ment of a con­tract or for the imple­men­ta­tion of pre-con­trac­tual mea­su­res, we pro­cess your data on the basis of Art. 6(1)(b) GDPR. Fur­ther­more, if your data is requi­red for the ful­fill­ment of a legal obli­ga­tion, we pro­cess it on the basis of Art. 6(1)© GDPR. Fur­ther­more, the data pro­ces­sing may be car­ried out on the basis of our legi­ti­mate inte­rest accor­ding to Art. 6(1)(f) GDPR. Infor­ma­tion on the rele­vant legal basis in each indi­vi­dual case is pro­vi­ded in the fol­lo­wing para­graphs of this pri­vacy policy.

Designation of a data protection officer

We have appoin­ted a data pro­tec­tion offi­cer.

Prange Daten­schutz GmbH
Andre Schulte
Reichs­straße 78
58840 Plet­ten­berg

Phone: +49 2391 9592 449
E‑mail: schulte@prangedatenschutz.de

Information on data transfer to the USA and other non-EU countries

Among other things, we use tools of com­pa­nies domic­i­led in the United Sta­tes or other from a data pro­tec­tion per­spec­tive non-secure non-EU count­ries. If these tools are active, your per­so­nal data may poten­ti­ally be trans­fer­red to these non-EU count­ries and may be pro­ces­sed there. We must point out that in these count­ries, a data pro­tec­tion level that is com­pa­ra­ble to that in the EU can­not be gua­ran­teed. For ins­tance, U.S. enter­pri­ses are under a man­date to release per­so­nal data to the secu­rity agen­cies and you as the data sub­ject do not have any liti­ga­tion opti­ons to defend yours­elf in court. Hence, it can­not be ruled out that U.S. agen­cies (e.g., the Secret Ser­vice) may pro­cess, ana­lyze, and per­ma­nently archive your per­so­nal data for sur­veil­lance pur­po­ses. We have no con­trol over these pro­ces­sing acti­vi­ties.

Revocation of your consent to the processing of data

A wide range of data pro­ces­sing tran­sac­tions are pos­si­ble only sub­ject to your express con­sent. You can also revoke at any time any con­sent you have alre­ady given us. This shall be wit­hout pre­ju­dice to the lawful­ness of any data coll­ec­tion that occur­red prior to your revo­ca­tion.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR.

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR.

Right to log a complaint with the competent supervisory agency

In the event of vio­la­ti­ons of the GDPR, data sub­jects are entit­led to log a com­plaint with a super­vi­sory agency, in par­ti­cu­lar in the mem­ber state where they usually main­tain their domic­ile, place of work or at the place where the alle­ged vio­la­tion occur­red. The right to log a com­plaint is in effect regard­less of any other admi­nis­tra­tive or court pro­cee­dings available as legal recour­ses.

Right to data portability

You have the right to have data that we pro­cess auto­ma­ti­cally on the basis of your con­sent or in ful­fill­ment of a con­tract han­ded over to you or to a third party in a com­mon, machine-rea­da­ble for­mat. If you should demand the direct trans­fer of the data to ano­ther con­trol­ler, this will be done only if it is tech­ni­cally fea­si­ble.

Information about, rectification and eradication of data

Within the scope of the appli­ca­ble sta­tu­tory pro­vi­si­ons, you have the right to demand infor­ma­tion about your archi­ved per­so­nal data, their source and reci­pi­ents as well as the pur­pose of the pro­ces­sing of your data at any time. You may also have a right to have your data rec­ti­fied or era­di­ca­ted. If you have ques­ti­ons about this sub­ject mat­ter or any other ques­ti­ons about per­so­nal data, please do not hesi­tate to cont­act us at any time.

Right to demand processing restrictions

You have the right to demand the impo­si­tion of rest­ric­tions as far as the pro­ces­sing of your per­so­nal data is con­cer­ned. To do so, you may cont­act us at any time. The right to demand rest­ric­tion of pro­ces­sing applies in the fol­lo­wing cases:

  • In the event that you should dis­pute the cor­rect­ness of your data archi­ved by us, we will usually need some time to verify this claim. During the time that this inves­ti­ga­tion is ongo­ing, you have the right to demand that we rest­rict the pro­ces­sing of your per­so­nal data.
  • If the pro­ces­sing of your per­so­nal data was/is con­duc­ted in an unlawful man­ner, you have the option to demand the rest­ric­tion of the pro­ces­sing of your data ins­tead of deman­ding the era­di­ca­tion of this data.
  • If we do not need your per­so­nal data any lon­ger and you need it to exer­cise, defend or claim legal entit­le­ments, you have the right to demand the rest­ric­tion of the pro­ces­sing of your per­so­nal data ins­tead of its era­di­ca­tion.
  • If you have rai­sed an objec­tion pur­su­ant to Art. 21(1) GDPR, your rights and our rights will have to be weig­hed against each other. As long as it has not been deter­mi­ned whose inte­rests pre­vail, you have the right to demand a rest­ric­tion of the pro­ces­sing of your per­so­nal data.

If you have rest­ric­ted the pro­ces­sing of your per­so­nal data, these data – with the excep­tion of their archi­ving – may be pro­ces­sed only sub­ject to your con­sent or to claim, exer­cise or defend legal entit­le­ments or to pro­tect the rights of other natu­ral per­sons or legal enti­ties or for important public inte­rest reasons cited by the Euro­pean Union or a mem­ber state of the EU.

SSL and/or TLS encryption

For secu­rity reasons and to pro­tect the trans­mis­sion of con­fi­den­tial con­tent, such as purchase orders or inqui­ries you sub­mit to us as the web­site ope­ra­tor, this web­site uses eit­her an SSL or a TLS encryp­tion pro­gram. You can reco­gnize an encrypted con­nec­tion by che­cking whe­ther the address line of the brow­ser swit­ches from “http://” to “https://” and also by the appearance of the lock icon in the brow­ser line.

If the SSL or TLS encryp­tion is acti­va­ted, data you trans­mit to us can­not be read by third par­ties.

Rejection of unsolicited e‑mails

We here­with object to the use of cont­act infor­ma­tion published in con­junc­tion with the man­da­tory infor­ma­tion to be pro­vi­ded in our Site Notice to send us pro­mo­tio­nal and infor­ma­tion mate­rial that we have not expressly reques­ted. The ope­ra­tors of this web­site and its pages reserve the express right to take legal action in the event of the unso­li­ci­ted sen­ding of pro­mo­tio­nal infor­ma­tion, for ins­tance via SPAM mes­sa­ges.

4. Recording of data on this website

Cookies

Our web­sites and pages use what the indus­try refers to as “coo­kies.” Coo­kies are small data packa­ges that do not cause any damage to your device. They are eit­her stored tem­po­r­a­rily for the dura­tion of a ses­sion (ses­sion coo­kies) or they are per­ma­nently archi­ved on your device (per­ma­nent coo­kies). Ses­sion coo­kies are auto­ma­ti­cally dele­ted once you ter­mi­nate your visit. Per­ma­nent coo­kies remain archi­ved on your device until you actively delete them, or they are auto­ma­ti­cally era­di­ca­ted by your web brow­ser.

Coo­kies can be issued by us (first-party coo­kies) or by third-party com­pa­nies (so-cal­led third-party coo­kies). Third-party coo­kies enable the inte­gra­tion of cer­tain ser­vices of third-party com­pa­nies into web­sites (e.g., coo­kies for hand­ling pay­ment ser­vices).

Coo­kies have a variety of func­tions. Many coo­kies are tech­ni­cally essen­tial since cer­tain web­site func­tions would not work in the absence of these coo­kies (e.g., the shop­ping cart func­tion or the dis­play of videos). Other coo­kies may be used to ana­lyze user beha­vior or for pro­mo­tio­nal pur­po­ses.

Coo­kies, which are requi­red for the per­for­mance of elec­tro­nic com­mu­ni­ca­tion tran­sac­tions, for the pro­vi­sion of cer­tain func­tions you want to use (e.g., for the shop­ping cart func­tion) or those that are neces­sary for the opti­miza­tion (requi­red coo­kies) of the web­site (e.g., coo­kies that pro­vide mea­sura­ble insights into the web audi­ence), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a dif­fe­rent legal basis is cited. The ope­ra­tor of the web­site has a legi­ti­mate inte­rest in the sto­rage of requi­red coo­kies to ensure the tech­ni­cally error-free and opti­mi­zed pro­vi­sion of the operator’s ser­vices. If your con­sent to the sto­rage of the coo­kies and simi­lar reco­gni­tion tech­no­lo­gies has been reques­ted, the pro­ces­sing occurs exclu­si­vely on the basis of the con­sent obtai­ned (Art. 6(1)(a) GDPR and § 25 (1) TTDSG); this con­sent may be revo­ked at any time.

You have the option to set up your brow­ser in such a man­ner that you will be noti­fied any time coo­kies are pla­ced and to per­mit the accep­tance of coo­kies only in spe­ci­fic cases. You may also exclude the accep­tance of coo­kies in cer­tain cases or in gene­ral or acti­vate the delete-func­tion for the auto­ma­tic era­di­ca­tion of coo­kies when the brow­ser clo­ses. If coo­kies are deac­ti­va­ted, the func­tions of this web­site may be limi­ted.

Which coo­kies and ser­vices are used on this web­site can be found in this pri­vacy policy.

Consent with Borlabs Cookie

Our web­site uses the Borlabs con­sent tech­no­logy to obtain your con­sent to the sto­rage of cer­tain coo­kies in your brow­ser or for the use of cer­tain tech­no­lo­gies and for their data pri­vacy pro­tec­tion com­pli­ant docu­men­ta­tion. The pro­vi­der of this tech­no­logy is Borlabs GmbH, Rüben­kamp 32, 22305 Ham­burg, Ger­many (her­ein­af­ter refer­red to as Borlabs).

When­ever you visit our web­site, a Borlabs coo­kie will be stored in your brow­ser, which archi­ves any decla­ra­ti­ons or revo­ca­ti­ons of con­sent you have ente­red. These data are not shared with the pro­vi­der of the Borlabs tech­no­logy.

The recor­ded data shall remain archi­ved until you ask us to era­di­cate them, delete the Borlabs coo­kie on your own or the pur­pose of sto­ring the data no lon­ger exists. This shall be wit­hout pre­ju­dice to any reten­tion obli­ga­ti­ons man­da­ted by law. To review the details of Borlabs’ data pro­ces­sing poli­cies, please visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Borlabs coo­kie con­sent tech­no­logy to obtain the decla­ra­ti­ons of con­sent man­da­ted by law for the use of coo­kies. The legal basis for the use of such coo­kies is Art. 6(1)© GDPR.

Server log files

The pro­vi­der of this web­site and its pages auto­ma­ti­cally coll­ects and stores infor­ma­tion in so-cal­led ser­ver log files, which your brow­ser com­mu­ni­ca­tes to us auto­ma­ti­cally. The infor­ma­tion com­pri­ses:

  • The type and ver­sion of brow­ser used
  • The used ope­ra­ting sys­tem
    Refer­rer URL
  • The host­name of the acces­sing com­pu­ter
  • The time of the ser­ver inquiry
  • The IP address

This data is not mer­ged with other data sources.

This data is recor­ded on the basis of Art. 6(1)(f) GDPR. The ope­ra­tor of the web­site has a legi­ti­mate inte­rest in the tech­ni­cally error free depic­tion and the opti­miza­tion of the operator’s web­site. In order to achieve this, ser­ver log files must be recor­ded.

Contact form

If you sub­mit inqui­ries to us via our cont­act form, the infor­ma­tion pro­vi­ded in the cont­act form as well as any cont­act infor­ma­tion pro­vi­ded the­r­ein will be stored by us in order to handle your inquiry and in the event that we have fur­ther ques­ti­ons. We will not share this infor­ma­tion wit­hout your con­sent.

The pro­ces­sing of these data is based on Art. 6(1)(b) GDPR, if your request is rela­ted to the exe­cu­tion of a con­tract or if it is neces­sary to carry out pre-con­trac­tual mea­su­res. In all other cases the pro­ces­sing is based on our legi­ti­mate inte­rest in the effec­tive pro­ces­sing of the requests addres­sed to us (Art. 6(1)(f) GDPR) or on your agree­ment (Art. 6(1)(a) GDPR) if this has been reques­ted; the con­sent can be revo­ked at any time.

The infor­ma­tion you have ente­red into the cont­act form shall remain with us until you ask us to era­di­cate the data, revoke your con­sent to the archi­ving of data or if the pur­pose for which the infor­ma­tion is being archi­ved no lon­ger exists (e.g., after we have con­cluded our response to your inquiry). This shall be wit­hout pre­ju­dice to any man­da­tory legal pro­vi­si­ons, in par­ti­cu­lar reten­tion peri­ods.

Request by e‑mail, telephone, or fax

If you cont­act us by e‑mail, tele­phone or fax, your request, inclu­ding all resul­ting per­so­nal data (name, request) will be stored and pro­ces­sed by us for the pur­pose of pro­ces­sing your request. We do not pass these data on wit­hout your con­sent.

These data are pro­ces­sed on the basis of Art. 6(1)(b) GDPR if your inquiry is rela­ted to the ful­fill­ment of a con­tract or is requi­red for the per­for­mance of pre-con­trac­tual mea­su­res. In all other cases, the data are pro­ces­sed on the basis of our legi­ti­mate inte­rest in the effec­tive hand­ling of inqui­ries sub­mit­ted to us (Art. 6(1)(f) GDPR) or on the basis of your con­sent (Art. 6(1)(a) GDPR) if it has been obtai­ned; the con­sent can be revo­ked at any time.

The data sent by you to us via cont­act requests remain with us until you request us to delete, revoke your con­sent to the sto­rage or the pur­pose for the data sto­rage lap­ses (e.g. after com­ple­tion of your request). Man­da­tory sta­tu­tory pro­vi­si­ons — in par­ti­cu­lar sta­tu­tory reten­tion peri­ods — remain unaf­fec­ted.

Zoro CRM

We use Zoho CRM on this web­site. Pro­vi­der is Zoho Cor­po­ra­tion GmbH., Estancia IT Park, Plot No. 140 151, GST Road, Vallan­cherry Vil­lage, Chen­gal­pattu Taluk, Kan­chip­uram Dis­trict 603 202, India (her­ein­af­ter “Zoho CRM”).

Zoho CRM enables us, in par­ti­cu­lar, to manage exis­ting and poten­tial cus­to­mers and cus­to­mer cont­acts and to orga­nize sales and com­mu­ni­ca­tion pro­ces­ses. Using the CRM sys­tem also enables us to ana­lyze and opti­mize our cus­to­mer-rela­ted pro­ces­ses. The cus­to­mer data is stored on Zoho CRM’s ser­vers. Details of Zoho CRM’s func­tions can be found here: https://www.zoho.com/de/crm/help/getting-started/key-functions.html.

The use of Zoho CRM is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­mate inte­rest the most effi­ci­ent cus­to­mer manage­ment and cus­to­mer com­mu­ni­ca­tion. If appro­priate con­sent has been obtai­ned, the pro­ces­sing is car­ried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­tion in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TTDSG. This con­sent can be revo­ked at any time.

The data trans­fer to third count­ries out­side the Euro­pean Union is based on the stan­dard con­trac­tual clau­ses of the EU Com­mis­sion.

Details can be found in the Zoho CRM pri­vacy policy: https://www.zoho.com/privacy.html and https://www.zoho.com/gdpr.html.

Data processing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the above-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­vacy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

5. Analysis tools and advertising

Matomo

This web­site uses the open-source web ana­ly­sis ser­vice Matomo.

Through Matomo, we are able to coll­ect and ana­lyze data on the use of our web­site-by-web­site visi­tors. This enables us to find out, for ins­tance, when which page views occur­red and from which region they came. In addi­tion, we coll­ect various log files (e.g. IP address, refer­rer, brow­ser, and ope­ra­ting sys­tem used) and can mea­sure whe­ther our web­site visi­tors per­form cer­tain actions (e.g. clicks, purcha­ses, etc.).

The use of this ana­ly­sis tool is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­mate inte­rest in the ana­ly­sis of user pat­terns, in order to opti­mize the operator’s web offe­rings and adver­ti­sing. If appro­priate con­sent has been obtai­ned, the pro­ces­sing is car­ried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­tion in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TTDSG. This con­sent can be revo­ked at any time.

IP anonymization

For ana­ly­sis with Matomo we use IP anony­miza­tion. Your IP address is shor­tened before the ana­ly­sis, so that it is no lon­ger cle­arly assi­gnable to you.

Hosting

We host Matomo with the fol­lo­wing third-party pro­vi­der:

Hetz­ner Online GmbH
Indus­trie­str. 25
91710 Gun­zen­hau­sen

Data processing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the above-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­vacy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

6. Plug-ins and Tools

Ninja Firewall

We have inte­gra­ted Ninja Fire­wall on this web­site. The pro­vi­der is Nin­Tech­Net Limi­ted, Unit 1603, 16th Floor, The L. Plaza 367 — 375 Queen‘s Road Cen­tral Sheung Wan, Hong Kong (her­ein­af­ter refer­red to as “Ninja Fire­wall”).

Ninja Fire­wall pro­tects our web­site against unde­si­ra­ble access or mali­cious cyber-attacks. For this pur­pose, Ninja Fire­wall coll­ects IP address, request, refer­rer, and the time of page access. Ninja Fire­wall is instal­led locally on our ser­vers and does not trans­mit any per­so­nal data to the pro­vi­der of the tool or other third par­ties.

We have enab­led IP anony­miza­tion for Ninja Fire­wall, so that the tool only coll­ects the IP address in a shor­tened form.

The use of Ninja Fire­wall is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­mate inte­rest in the most effec­tive pro­tec­tion of his web­site against cyber­at­tacks.