Privacy Policy

We would like to inform you at this point which of your personal data we collect when you visit our website and for what purposes it is used.

This data protection declaration applies to the Internet offer of Ninox Software GmbH, which can be reached under the domain ninox.com as well as the various subdomains ("our website").

Who is responsible?

Responsible Body

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

Ninox Software GmbH
Monbijouplatz 5
10178 Berlin
E-Mail: support@ninox.de

You will find further information in our imprint.

Data Protection Officer

DataSolution LUD GmbH
Isarstr. 13
14974 Ludwigsfelde

Berit Schubert
E-Mail: dpo@ninox.com

What is it about?

This data protection declaration meets the legal requirements for transparency in the processing of personal data. This is all information that relates to an identified or identifiable natural person. This includes, for example, information such as your name, your age, your address, your telephone number, your date of birth, your e-mail address, your IP address or user behavior when visiting a website. Information with which we cannot (or only with disproportionate effort) relate to you personally, e.g. through anonymization, are not personal data. The processing of personal data (e.g. the collection, querying, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data are deleted as soon as the purpose of the Processing has been achieved and there are no legitimate reasons for further retention of the data. We will inform you about the specific storage periods and criteria for storage in the individual processing operations. Regardless of this, we store your personal data in individual cases to assert, exercise or defend legal claims and if there are statutory retention requirements.

Who gets my data?

We only pass on your personal data that we process on our website to third parties if this is necessary for the fulfillment of the purposes and in individual cases is covered by the legal basis (e.g. consent or protection of legitimate interests). In addition, we pass on personal data to third parties in individual cases if this serves to assert, exercise or defend legal claims. Possible recipients can then e.g. Law enforcement authorities, lawyers, auditors, courts, etc.

Insofar as we use service providers for the operation of our website who, as part of order processing on our behalf, provide personal data in accordance with. Process Art. 28 GDPR, these recipients of your personal data can be. You can find more detailed information on the use of processors and web services in the overview of the individual processing operations.

What rights do I have?

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you as a data subject have the following rights:

  • Information in accordance with Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing and a copy of your data
  • Correction in accordance with Art. 16 GDPR of inaccurate or incomplete data stored by us;
  • Deletion in accordance with Art. 17 GDPR of the data stored by us, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • Restriction of the processing in accordance with Art. 18 GDPR, insofar as the correctness of the data is disputed, the processing is unlawful, we no longer need the data and you refuse to delete it, because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
  • Data portability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data within the framework of consent pursuant to Art. 6 sec. 1 lit. a GDPR or on the basis of a contract pursuant to Art. 6 sec. 1 lit.b GDPR and these were processed by us by means of automated procedures. You receive your data in a structured, common and machine-readable format or we transmit the data directly to another responsible person, as far as this is technically feasible.
  • In accordance with Art. 21 GDPR, you object to the processing of your personal data, insofar as they are carried out on the basis of Art. 6 sec. 1 lit. e, f GDPR and there are reasons for doing so, which arise from your particular situation or if the objection is directed against direct marketing. The right to object does not exist if overriding, overriding reasons for processing are proven or if the processing is carried out for the assertion, exercise or defence of legal claims. Insofar as there is no right to object in individual processing operations, this is indicated therein.
  • Revocation in accordance with Art. 7 sec. 3 GDPR of your given consent with effect for the future.
  • Complaint under Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.

Protection of minors

This service is mainly aimed at adults. We do not currently market any specific areas for children. Accordingly, we do not knowingly collect age-identifying information, nor do we knowingly collect personal information from children under the age of 16. However, we caution all visitors to our website under the age of 16 not to disclose or provide any personally identifiable information through our service. In the event that we discover that a child under the age of 16 has provided us with personal information, we will delete the child's personal information from our files to the extent technically feasible.

Security

We use technical and organisational security measures in accordance with Art. 32 GPDR to protect your data managed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. Our security measures are continuously improved in line with technological developments. Access to this data is only possible for a few authorised persons and persons with a special obligation to protect data who are involved in the technical, administrative or editorial management of data. 

For security reasons and to protect the transmission of confidential content that you send to us as site operator, our website uses SSL or TLS encryption. This means that data you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the "https://" address line of your browser and the padlock symbol in the browser line.

Update and change

We reserve the right to change, update or amend this Privacy Policy at any time. Any revised information on data processing will only apply to personal data collected or modified after the effective date.

Are cookies in use?

Cookies are small text files that we send to the browser of your device and store them as part of your visit to our website. As an alternative to using cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, allow us to perform various analyses, so that we are able, for example, to recognize the browser you use when you visit our website again and to transmit various information to us (not necessary cookies). Cookies enable us to make our website more user-friendly and effective for you, for example by tracking your use of our website and by determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly through your browser. Cookies do not cause any damage to your device. You cannot run programs or contain viruses.

We inform you about the respective services for which we use cookies in the individual processing operations. Detailed information on the cookies used can be found in the cookie settings or in the Consent Manager of this website..

How is my data processed in detail?

In the following, we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Providing the website

Nature and scope of the processing

When you visit and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL the retrieved file
  • website from which access is made (referrer URL)
  • browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

We host our website with Webflow. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter: Webflow). When you visit our website, Webflow collects various log files including your IP addresses.

Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that are necessary for the presentation of the website, to provide certain website functions and to ensure security (necessary cookies).

For details, see the Webflow privacy policy: EU & Swiss Privacy Policy | Webflow 22.

Purpose and legal basis

The processing is carried out to protect our overriding legitimate interest in displaying our website and guaranteeing security and stability on the basis of Art. 6 para. lit. f GDPR. The collection of data and storage in log files is absolutely necessary for the operation of the website. There is no right to object to the processing due to the exception under Art. 21 (1) GDPR. Insofar as the further storage of log files is required by law, the processing is carried out on the basis of Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, however, calling up our website is not technically possible without providing the data.

Retention period

The aforementioned data is stored for the duration of the website display and for technical reasons for a maximum of 7 days.

Contact form/ Contact us

Nature and scope of the processing

When you contact us by e-mail, telephone or via a contact form, the data you provide (e.g. e-mail address, name, telephone number or also the content of the enquiry) is processed by us in order to answer your questions and/or process your request.

For the use of the contact form in the forum, we use the service of the provider Forumbee LLC, 1 Harbor Dr Ste 300, Sausalito, USA. We would like to point out that the provider is a US company.

You can find the privacy policy of Forumbee here: https://forumbee.com/privacy

Furthermore, your data is stored in our CRM system if you communicate with us by e-mail or telephone. The CRM system we use is HubSpot from HubSpot Inc, 25 First Street, 2nd Floor, MA 02141 Cambridge, USA. Corresponding agreements on order processing have been concluded with the service provider.

Purpose and legal basis

Your data is processed for the purpose of communication and processing your enquiry on the basis of your consent pursuant to Art. 6 (1) lit. a GDPR. Insofar as your enquiry relates to an existing contractual relationship with us, the processing is carried out for the purpose of fulfilling the contract on the basis of Art. 6 para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, however, the processing of your request is not possible without the provision of information

Retention period

We store the collected data of each enquiry for a period of three years, starting with the completion of your enquiry or until your consent is revoked.

If you use the contact form as part of a contractual relationship, we store the data collected for each enquiry for a period of three years from the end of the contractual relationship.

Newsletter

Nature and scope of the processing

We send e-mails and other electronic notifications with promotional information (hereinafter "newsletter") only with your consent or legal permission. The newsletters contain information about our products, offers, promotions and our company. By subscribing to our newsletter, you agree to receive it.

To send the newsletter, we use Mailchimp, a service of The Rocket Science Group LLC, USA, which processes your personal data on our behalf in accordance with Art. 28 GDPR. This is a service provider from a third country. The standard contractual clauses have been concluded with the service provider.

Purpose and legal basis

We process your data for the purpose of sending newsletters on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR.  The use of a dispatch service provider, the performance of statistical surveys and analyses as well as the logging of the registration process are based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our interest is directed towards the use of a user-friendly and secure newsletter system that serves both our business interests and meets your expectations.

By unsubscribing from the newsletter, you can declare your revocation at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to send the newsletter without providing your data.

Retention period

After registration for the newsletter, we store the data for a maximum of 24 hours until the registration is confirmed. After successful confirmation, we store your data until revocation of your consent (unsubscription from the newsletter) and for technical reasons beyond that for a maximum of 7 days.

Registration of a customer account

Nature and scope of the processing

As part of the order processing, we collect your personal data for the registration of a customer account. When registering the user account, we also collect a password set by you. Furthermore, you can voluntarily provide additional information that you consider necessary for the processing of the order.

The registration data is stored in the Atlas system of MongoDB, Building 2 Number One Ballsbridge, Shelbourne Rd, Dublin, Ireland. Appropriate agreements on order processing have been concluded with the service provider. Further information can be found in the Privacy Policy of MongoDB.

In the business customer area, information about the company is also requested, which is necessary for the further processing of the contract. If you register as a business customer, we store your data in our CRM system. We use the CRM system of HubSpot Inc., 25 First Street, 2nd Floor, MA 02141 Cambridge, USA to process your data in relation to the implementation of contractual services and marketing activities. Corresponding agreements on order processing have been concluded with the service provider. HubSpot has committed itself to handling your transmitted data in accordance with data protection regulations. The service provider implements organisational and technical security measures to protect your data. We would like to point out that the provider is a US company. You can find further information in the Privacy Policy of Hubspot.

Your personal data will only be passed on to third parties and order processors in accordance with Art. 28 GDPR if this is necessary for the provision of the service.

Purpose and legal basis

We process your personal data for the purpose of registering a customer account for the fulfilment of a contract with you pursuant to Art. 6 para. 1 lit. b GDPR. There is a contractual obligation to provide your data as far as it relates to the mandatory fields, as this information is necessary for the fulfilment of the contract on our part. There is no legal obligation to provide the data. Without the provision of this information, registration and thus the conclusion of a contract is not possible. There is no obligation to provide the additional information provided voluntarily.

The supplementary processing of your password for the registration of the user account is carried out for the purpose of providing a customer account. By deleting your customer account, you can declare your revocation in accordance with Art. 7 (3) GDPR at any time with effect for the future.

Retention period

When registering a permanent customer account, we store the purchase-related data beyond the end of the contract until your consent is revoked (deletion of the customer account). In both cases, your data will only be stored further if there are legal obligations to retain it (e.g. tax and commercial law).

Use of the Ninox platform

Nature and scope of the processing

In the course of using our product, personal data is sometimes entered and stored by the customer in the database applications created by the customer. We have no knowledge of the type of data processed in the applications. This is the responsibility of the customer. In the event of support, support staff may, with the customer's consent, obtain knowledge of the stored data.

Your personal data will only be passed on to third parties and order processors in accordance with Art. 28 GDPR if this is necessary for the provision of the service.

The following service providers are used for hosting the platform:

Public Cloud:

Host Europe: https://www.hosteurope.de/AGB/Datenschutzerklaerung/

Private Cloud:

Amazon AWS : https://aws.amazon.com/de/compliance/germany-data-protection/

Hetzner: https://www.hetzner.com/de/privacy-policy-notice

Purpose and legal basis

We process your personal data for the purpose of hosting the platform, i.e. for the performance of the contract with you pursuant to Art. 6 (1) lit. b GDPR. 

The supplementary processing of your password for the registration of the user account is carried out for the purpose of providing a customer account. Furthermore, we send e-mails with information and product updates within the scope of product information on the basis of legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

Retention period

You can delete the applications created on the platform including the personal data yourself. If you register a permanent customer account, we will store the purchase-related data beyond the end of the contract until you revoke your consent (deletion of the customer account). In both cases, your data will only be stored further if there are legal obligations to retain it (e.g. tax and commercial law).

Comment function / Forum

Nature and scope of the processing

If you use the comment function in the forum on our website, we collect your user name(s) and comment/message and store this data together with the IP address and date. If you write comments as a registered user, we also assign these to your user account.

For the use of the comment function in the forum, we use the service of the provider Forumbee LLC, 1 Harbor Dr Ste 300, Sausalito, USA. We would like to point out that the provider is a US company.

You can find the privacy policy of Forumbee here: https://forumbee.com/privacy

Purpose and legal basis

Your personal data is processed for the purpose of commenting on the content of our website on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR. By informal communication [deletion of your comments], you can declare your revocation at any time with effect for the future pursuant to Art. 7 para. 3 GDPR. There is no legal or contractual obligation to provide your data, but the use of the comment function is not possible without disclosing your data.

Retention period

We store your personal data until you revoke your consent and, for technical reasons, for a maximum of 7 days thereafter.

Ninox Documentation

Nature and scope of the processing

For the Ninox documentation at: https://docs.ninox.com/de we use the service Gitbook, of GitBook Inc, 340 S Lemon Ave #7171, Walnut, USA. 

We would like to point out that the provider is a US company.

You can find Gitbook's privacy policy here: https://policies.gitbook.com/privacy

Purpose and legal basis

Your personal data is processed for the purpose of providing the documentation of Ninox products on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f GDPR.  

Retention period

We store your personal data for a maximum of 7 days for technical reasons.

Registration and participation in webinars

Nature and scope of the processing

On our website and in our LinkedIn ads, you have the option to register for and participate in webinars. We use the Zoom service of Zoom Video Communications, Inc, 55 Almaden Boulevard, 6th Floor, San Jose, USA, to register for and conduct the webinars. We would like to point out that the provider is a US company. The standard contractual clauses have been concluded with the service provider.

You can find Zoom's privacy policy here: https://explore.zoom.us/de/privacy/

Furthermore, we use services from service providers for the organisation and invitations. These are Mailchimp, a service of The Rocket Science Group LLC, USA and Hubspot, a CRM system of HubSpot Inc, 25 First Street, 2nd Floor, MA 02141 Cambridge, USA. Your personal data is processed on our behalf pursuant to Art. 28 GDPR. We would like to point out that the providers are US companies. The standard contractual clauses have been concluded with the service providers.

Purpose and legal basis

Your data is processed for the purpose of registration, implementation and follow-up of webinars on the basis of your consent pursuant to Art. 6 (1) lit. a GDPR. There is no legal or contractual obligation to provide your data, but participation in the webinars is not possible without providing the information. Retention period

We store the collected registration data for the webinars for a period of one year, starting with the registration or until you revoke your consent.

Application

It is possible to apply for advertised positions via Internet portals such as LinkedIn or directly. If you take advantage of this option as an applicant, the data transmitted to us will be processed electronically. These data include:

  • first name, last name 
  • Contact information (e-mail address, phone)
  • Cover letter
  • File attachments with the detailed application

We use Personio, a service of Persiono GmbH, Munich, to process your application. Further correspondence regarding your application will be carried out via this service. An agreement pursuant to Art. 28 GDPR has been concluded with the service provider. 

Purpose and legal basis for data processing

The data transmitted to us will be used exclusively for processing the application by the specialist department and for communication. The legal basis for the processing of the data is the contract initiation relationship or the conclusion of a contract pursuant to Art. 6Abs.1 lit b GDPR. 

Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, at the latest 6 months after rejection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial law, statutory or contractual retention requirements have been fulfilled.

Possibility to object

You have the possibility to object to the processing of your data at any time. To do so, please send an e-mail to the office where you sent the application.

Presence on social media platforms 

We maintain so-called fan pages or accounts or channels on the networks mentioned below in order to provide you with information and offers also within social networks and to offer you further ways to contact us and to inform yourself about our offers. In the following, we inform you about which data we or the respective social network process from you in connection with the call and use of our fan pages/ accounts.

Data we process from you 

If you wish to contact us via messenger or direct message via the respective social network, we generally process your user name via which you contact us and, if necessary, store other data provided by you insofar as this is required to process/respond to your request.

The legal basis is Art. 6 para. 1 sentence 1 f) GDPR (processing is necessary to protect the legitimate interests of the controller).

(Statistical) usage data that we receive from the social networks

We receive automated statistics regarding our accounts via Insights functionalities. The statistics include, among other things, the total number of page views, likes, page activity and post interactions, reach, video views, and the percentage of men/women among our fans/ followers.

The statistics only contain aggregated data that cannot be related to individual persons. You are not identifiable to us through this.

What data the social networks process from you

In order to view the content of our fan pages or accounts, you do not have to be a member of the respective social network and, in this respect, no user account for the respective social network is required.

Please note, however, that the social networks also collect and store data from website visitors without a user account when the respective social network is called up (e.g. technical data in order to be able to display the website to you) and use cookies and similar technologies, over which we have no control. Details on this can be found in the privacy policy of the respective social network (see the corresponding links above).

Insofar as you wish to interact with the content on our fan pages/accounts, e.g. comment on, share or like our postings/contributions and/or contact us via messenger functions, prior registration with the respective social network and the provision of personal data is required.

We have no influence on the data processing by the social networks within the scope of their use by you. To our knowledge, your data is stored and processed in particular in connection with the provision of the services of the respective social network, as well as for the analysis of user behavior (using cookies, pixels/web beacons and similar technologies), on the basis of which advertising based on your interests is played both within and outside the respective social network. It cannot be ruled out that your data will be stored by the social networks outside the EU/EEA and passed on to third parties.

In the privacy policy/cookie policy of the social networks, you will find, among other things, information on the exact scope and purposes of the processing of your personal data, the retention period/deletion as well as guidelines on the use of cookies and similar technologies in the context of registration and use of the social networks. There you will also find information on your rights and objection options.

Facebook

When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as operators of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more detailed information on this at the following link: https://facebook.com/help/pages/insights.

It is not possible for us to draw conclusions about individual users by means of the statistical information transmitted. We only use this information to respond to the interests of our users and to continuously improve our online presence and ensure its quality.

We collect your data via our fan page only to realize a possible provision for communication and interaction with us. This collection usually includes your name, message content, comment content and the profile information you provide "publicly".

The processing of your personal data for our above-mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel pursuant to Art. 6 (1) f) GDPR. Should you, as a user, have given your consent to the data processing vis-à-vis the respective provider of the social network, the legal basis of the processing extends to Art. 6 (1) a), Art. 7 GDPR.

Due to the fact that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorized to fully access your data. Due to this, only the provider can directly take and implement appropriate measures to fulfil your user rights (information request, deletion request, objection, etc.). The assertion of corresponding rights is therefore most effective directly against the respective provider.

We are jointly responsible with Facebook for the personal content of the fan page. Data subject rights can be asserted with Facebook Ireland as well as with us.

The primary responsibility for the processing of Insights Data lies with Facebook under the GDPR and Facebook complies with all obligations under the GDPR with respect to the processing of Insights Data, Facebook Ireland provides the essence of the Page Insights Supplement to Data Subjects.

We do not make any decisions regarding the processing of Insights data and any other information resulting from Art. 13 GDPR, including legal basis, identity of the controller and retention period of cookies on user terminals.

Further instructions can be found directly at Facebook (Supplemental Agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

LinkedIn

LinkedIn is a social network of LinkedIn Inc. based in Sunnyvale, California, USA, which enables the creation of private and professional profiles. Users can maintain their existing contacts and make new ones. Businesses can create profiles where photos and other company information are uploaded. Other LinkedIn users have access to this information and can write their own articles and share this content with others.

The focus is on professional exchange on specialist topics with people who have the same professional interests. In addition, LinkedIn is often used by companies and other organizations to hire employees and present themselves as an interesting employer.

Further information can be found at the following link: https://about.linkedin.com/

Further information about data protection at LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy

Über unsere LinkedIn-Unternehmensseite erheben und verarbeiteten wir keine personenbezogenen Daten.

Twitter

We are jointly responsible with Twitter for the personal content of the fan page. Data subject rights can be asserted with Twitter Inc. as well as with us.

The primary responsibility under the GDPR for the processing of Insights Data rests with Twitter and Twitter complies with all obligations under the GDPR with respect to the processing of Insights Data, Twitter Inc. provides the essence of the Page Insights Supplement to Data Subjects.

We do not make any decisions regarding the processing of Insights Data and any other information resulting from art. 13 GDPR, including legal basis, identity of the responsible person and retention period of cookies on user terminals.

Further instructions can be found directly at: Privacy.

You can request the Twitter usage concept on which the offer is based by sending an e-mail to our above-mentioned e-mail address with the keyword "Twitter usage concept".

AWS S3

Nature and scope of the processing

We use AWS S3 to properly deliver the content on our website. AWS S3 is a service provided by Amazon Web Services, Inc. which acts as a Content Delivery Network (CDN) on our website.

A CDN helps to provide content of our online offer, in particular files such as graphics or scripts, more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Amazon Web Services, Inc., whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the above purposes and to maintain the security and functionality of AWS S3.Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimization of our online offer pursuant to art. 6 para. 1 lit. f. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by Amazon Web Services, Inc. Further information can be found in the privacy policy for AWS S3: https://aws.amazon.com/de/privacy/.

Bing Ads

Nature and scope of the processing

We have integrated Bing Ads on our website. Bing Ads is a service provided by Microsoft Corporation to display targeted advertising to users. Bing Ads uses cookies and other browser technologies to analyze user behavior and recognize users.

Bing Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Furthermore, Bing Ads delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identifiers, such as your user agent, are transmitted to the provider.

In this case, your data will be passed on to the operator of Bing Ads, Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States.

Purpose and legal basis

We process your data with the help of Bing Ads for the purpose of optimizing our website and for marketing purposes based on your consent pursuant to art. 6 para. 1 lit. a. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by Microsoft Corporation. You can find further information in the privacy policy for Bing Ads: https://privacy.microsoft.com/de-de/privacystatement.

Bing Pixel

Nature and scope of the processing

We use Bing Pixel from Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States, to create so-called Custom Audiences, i.e. to segment visitor groups of our online offer, to determine conversion rates and to subsequently optimize them. This happens in particular when you interact with advertisements that we have placed with Microsoft Corporation.

Purpose and legal basis

We process your data with the help of Bing Pixel for the purpose of optimizing our website and for marketing purposes based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR.

Retention period

The concrete retention period of the processed data cannot be influenced by us but is determined by Microsoft Corporation. You can find further information in the privacy policy for Bing Pixel: https://privacy.microsoft.com/en-us/privacystatement.

Clarity

Nature and scope of the processing

We have integrated Clarity on our website. Clarity is a service of Microsoft Corporation and provides optimization tools that analyze the behavior and feedback of users of our website through analytics and feedback tools.

Clarity uses cookies and other browser technologies to evaluate user behavior and to recognize users.

This information is used, among other things, to compile reports on website activity and to statistically analyze visitor data. Furthermore, Clarity records clicks, mouse movements and scroll heights in order to create so-called heat maps and session replays.

In this case, your data will be passed on to the operator of Clarity, Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States.

Purpose and legal basis

We process your data with the help of Clarity for the purpose of optimizing our website and for marketing purposes based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us but is determined by Microsoft Corporation. You can find further information in the privacy policy for Clarity: https://privacy.microsoft.com/en-us/privacystatement.

Cookiebot

Nature and scope of the processing

We have integrated Cookiebot on our website. Cookiebot is a consent solution from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, which can be used to obtain and document consent to store cookies. Cookiebot uses cookies or other web technologies to recognize users and store consent given or revoked.

Purpose and legal basis

The use of the service is based on obtaining the legally required consent to the use of cookies pursuant to Art. 6 para. 1 lit. c. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by Cybot A/S. You can find further information in the privacy policy for Cookiebot: https://www.cookiebot.com/de/privacy-policy/.

Cookiebot CDN

Nature and scope of the processing

We use Cookiebot CDN to properly deliver the content of our website. Cookiebot CDN is a service provided by Cybot A/S, which acts as a Content Delivery Network (CDN) on our website to ensure the functionality of other Cybot A/S services. For said services, you will find a separate section in this Privacy Policy. This section is only about the use of the CDN.

A CDN helps to provide content of our online offer, especially files such as graphics or scripts, faster with the help of regionally or internationally distributed servers. When you access this content, you connect to servers of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the purposes mentioned above and to maintain the security and functionality of Cookiebot CDN.

Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimization of our online offer pursuant to Art. 6 para. 1 lit. f. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by Cybot A/S. For more information, please see the privacy policy for Cookiebot CDN: https://www.cookiebot.com/de/privacy-policy/.

Crazy Egg

Nature and scope of the processing

We use Crazy Egg from Crazy Egg, Inc. to perform so-called A/B tests on our online offering. This involves simultaneously publishing different versions of our online offering and measuring which of these versions is more user-friendly.

When testing the versions, data such as the operating system used, the user agent of the browser and the time of the call can be collected to measure the success of the version.

Web tracking technologies are used to associate the above data with the version of our online offering being tested.

Purpose and legal basis

The use of Crazy Egg is based on our legitimate interests, i.e. interest in optimizing our online offer according to Art. 6 para. 1 lit. f. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by Crazy Egg, Inc. You can find further information in the privacy policy for Crazy Egg: https://www.crazyegg.com/privacy.

Facebook Pixel

Nature and scope of the processing

We use Facebook Pixel from Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, to create so-called Custom Audiences, i.e. to segment visitor groups of our online offer, to determine conversion rates and to subsequently optimize them. This happens in particular when you interact with advertisements that we have placed with Meta Platforms Ireland Limited.

Purpose and legal basis

We process your data with the help of Facebook Pixel for the purpose of optimizing our website and for marketing purposes based on your consent pursuant to Art. 6 (1) lit. a. GDPR.

Retention period

The concrete retention period of the processed data cannot be influenced by us, but is determined by Meta Platforms Ireland Limited. Further information can be found in the privacy policy for Facebook Pixel: https://www.facebook.com/privacy/explanation.

Google Ads

Nature and scope of the processing

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to evaluate user behavior and recognize users.

Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Furthermore, Google Ads delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identifiers such as your user agent are transmitted to the provider.

If you are registered with a Google Ireland Limited service, Google Ads can associate the visit with your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find out and store your IP address and other identification features.

In this case, your data will be passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis

We process your data with the help of Google Ads for the purpose of optimizing our website and for marketing purposes based on your consent pursuant to Art. 6 (1) lit. a. GDPR.

Retention period

The concrete retention period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy.

Google Analytics

Nature and scope of the processing

If you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by means of the cookies about your use of this website is generally transferred to a Google server in the USA and stored there.

Google Analytics 4 has IP address anonymization enabled by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your website visit, your user behavior is recorded in the form of "events". Events can be:

  • Page views
  • First visit to the website
  • Start of session
  • Your "click path", interaction with the website
  • Scrolls (whenever a user scrolls to the bottom of the page (90%))
  • clicks on external links 
  • internal search queries
  • interaction with videos
  • file downloads
  • seen / clicked ads
  • language settings

Also recorded:

  • Your approximate location (region)
  • your IP address (in shortened form)
  • technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • your internet service provider
  • the referrer URL (via which website/advertising medium you came to this website)

Purpose and legal basis

We process data with the help of Google Analytics for the purpose of optimizing our website, to compile reports, data analysation and for marketing purposes like based on your consent pursuant to Art. 6 (1) lit. a. GDPR.

You can revoke your consent at any time with effect for the future by accessing the cookie settings and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in a restriction of functionalities on this and other websites. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google, by

  1. not giving your consent to the setting of the cookie or
  2. downloading and installing the browser add-on to disable Google Analytics here.

Third country transfer

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

Retention period

The concrete retention period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. For more information on Google Analytics' terms of use and Google's privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/us/ and at https://policies.google.com/?hl=en.

Google DoubleClick

Nature and scope of the processing

We have integrated components of DoubleClick by Google on our website. DoubleClick is a brand of Google, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with each impression as well as with clicks or other activities.

Each of these data transfers triggers a cookie request to the browser of the data subject. If the browser accepts this request, DoubleClick sets a cookie in your browser.

DoubleClick uses a cookie ID, which is required to handle the technical process. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid duplicate placements. Furthermore, the cookie ID enables DoubleClick to record conversions. Conversions are recorded, for example, if a DoubleClick ad was previously displayed to a user and the user subsequently makes a purchase on the advertiser's website using the same Internet browser.

A DoubleClick cookie does not contain personal data, but may contain additional campaign identifiers. A campaign identifier serves to identify the campaigns with which you have already been in contact on other websites. As part of this service, Google obtains knowledge of data that Google also uses to generate commission statements. Among other things, Google can track that you have clicked on certain links on our website. In this case, your data is passed on to the operator of DoubleClick, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information and the applicable data protection provisions of DoubleClick by Google can be found at https://policies.google.com/privacy.

Purpose and legal basis

We process your data with the help of the Double-Click cookie for the purpose of optimizing and displaying advertising based on your consent pursuant to Art. 6 (1) lit. a GDPR. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future pursuant to Art. 7 (3) GDPR. The cookie is used, among other things, to place and display user-relevant advertising and to create reports on advertising campaigns or to improve them. Furthermore, the cookie is used to avoid multiple displays of the same advertising. Each time you call up one of the individual pages of our website on which a DoubleClick component has been integrated, your browser is automatically prompted by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and the settlement of commissions. There is no legal or contractual obligation to provide your data. If you do not give us your consent, a visit to our website is possible without restriction, but not all functions may be fully available.

Retention period

The concrete retention period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google DoubleClick: https://policies.google.com/privacy.

Google Tag Manager

Nature and scope of the processing

We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through one interface and allows us to control the exact integration of services on our website. 

This allows us to flexibly integrate additional services to evaluate user access to our website.

Purpose and legal basis

The use of Google Tag Manager is based on our legitimate interests, i.e. interest in optimizing our services according to Art. 6 para. 1 lit. f. GDPR.

Retention period

The concrete retention period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

Google reCAPTCHA

Nature and scope of the processing

We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google Ireland Limited and enables us to distinguish whether a contact request originates from a natural person or is automated by means of a program. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. Furthermore, Google reCAPTCHA records the user's browsing time and mouse movements in order to distinguish automated requests from human ones. This data is processed exclusively for the purposes mentioned above and to maintain the security and functionality of Google reCAPTCHA.

Purpose and legal basis

The use of the service is based on our legitimate interests, i.e. for protection when submitting forms according to Art. 6 para. 1 lit. f. GDPR.

Retention period

The concrete retention period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google reCAPTCHA: https://policies.google.com/privacy?hl=en-US.

Leadfeeder

Nature and scope of the processing

We have integrated Leadfeeder on our website as a tool for customer intelligence. Leadfeeder is a service provided by Leadfeeder, Inc., 3 Warren Street, Suite 2, Glens Falls, NY 12801, United States, that identifies anonymous website visitors, enriches existing contact information where applicable, or provides complete contact information and offers insights into visit history.

Leadfeeder uses cookies and other browser technologies to evaluate user behavior and recognize users.

Among other things, Leadfeeder tells us which companies have visited our website, determines the history of your visit to this website, including all pages you have visited and viewed, and the length of your stay on this website.

Leadfeeder collects and processes data about companies such as company name, phone number, address, web address, industry, company profile, sales and key people.

Purpose and legal basis

We process your data with the help of Leadfeeder for the purpose of optimizing our website and for marketing purposes based on our legitimate interest pursuant to Art. 6 (1) lit. f. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by Leadfeeder, Inc. For further information, please refer to the Leadfeeder privacy policy: https://www.leadfeeder.com/privacy/.

LinkedIn Ads

Nature and scope of the processing

We have integrated LinkedIn Ads on our website. LinkedIn Ads is a service from LinkedIn Corporation that displays targeted advertising to users. LinkedIn Ads uses cookies and other browser technologies to evaluate user behavior and recognize users. LinkedIn Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Furthermore, LinkedIn Ads delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identifiers such as your user agent are transmitted to the provider. In this case, your data is passed on to the operator of LinkedIn Ads, LinkedIn Corporation, Sunnyvale, California, US.

Web tracking technologies are used to create pseudonymized user profiles. These profiles cannot be linked to you as a natural person, but are used, for example, for segmentation when displaying advertisements.

Purpose and legal basis

We process data with the help of LinkedIn Ads for the purpose of optimizing our advertising campaigns and for marketing purposes based on your consent pursuant to Art. 6 (1) lit. a. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Ads: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

LinkedIn Insight-Tag

Nature and scope of the processing

We use LinkedIn Insight-Tag from LinkedIn Corporation, Sunnyvale, California, US, to create target groups, segment visitor groups of our online offer, determine conversion rates and subsequently optimize them. This happens in particular when you interact with advertisements that we have placed with LinkedIn Corporation. For this purpose, LinkedIn Corporation offers retargeting for website visitors in order to display targeted advertising outside our website.

LinkedIn Insight tag collects data about visits to our website, including URL, referrer URL, IP address, device and browser properties (user agent), and timestamp. This data is used to present anonymized reports about website audience and ad performance.

Purpose and legal basis

We process your data with the help of LinkedIn Insight-Tag for the purpose of optimizing our website and for marketing purposes based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Insight Tag: https://www.linkedin.com/legal/privacy-policy.

Mixpanel

Nature and scope of the processing

We use the web analytics tool Mixpanel from Mixpanel Inc, One Front Street, Floor 28, San Francisco, CA 94111, USA on our website. ("Mixpanel"). Mixpanel enables us to perform quantitative product analyses in order to optimize the quality of our services. Only pseudonymous data is processed here; tracking of user activities that can be related to the user does not take place.

Purpose and legal basis

The legal basis for the processing of personal data is your voluntary consent pursuant to Art. 6 para. 1 lit. a) GDPR.

The recipient of the data is Mixpanel Inc, One Front Street, Floor 28, San Francisco, CA 94111, USA. In principle, the data processed by Mixpanel is stored in data centers within the European Union. Nevertheless, due to the corporate structure of Mixpanel Inc., it cannot be completely ruled out that personal data may be transferred to third countries, in particular the USA.  

Retention period

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Furthermore, the data will be deleted if you revoke your consent or request the deletion of the personal data.

You can object to the collection, processing and recording of the data generated by Mixpanel at any time.

Privacy policy of Mixpanel Inc. can be found at: https://mixpanel.com/legal/privacy-policy/.

Youtube

Nature and scope of the processing

We have integrated YouTube Video on our website. YouTube Video is a component of the video platform of YouTube, LLC, where users can upload content, share it over the Internet and receive detailed statistics.

YouTube Video allows us to integrate content from the platform into our website.

YouTube Video uses cookies and other browser technologies to analyze user behavior, recognize users, and create user profiles. This information is used, among other things, to analyze the activity of the content listened to and to generate reports. If a user is registered with YouTube, LLC, YouTube Video can associate the videos played with the profile.

When you access this content, you connect to servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4 Ireland, where your IP address and possibly browser data such as your user agent are transmitted.

Purpose and legal basis

The use of the service is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by YouTube, LLC. You can find further information in the privacy policy for YouTube Video: https://policies.google.com/privacy.

Hotjar

Nature and scope of the processing

We have integrated Hotjar Behavior Analytics on our website. Hotjar Behavior Analytics is a service of Hotjar Ltd. and provides optimization tools that analyze the behavior and feedback of users of our website through analytics and feedback tools.

Hotjar Behavior Analytics uses cookies and other browser technologies to analyze user behavior and recognize users.

This information is used, among other things, to compile reports on website activity and to statistically analyze visitor data. Furthermore, Hotjar Behavior Analytics records clicks, mouse movements and scroll heights to create so-called heatmaps and session replays.

In this case, your data will be passed on to the operator of Hotjar Behavior Analytics, Hotjar Ltd, Hotjar Ltd, Level 2, St Julians Business Centre 3 Elia Zammit Street St Julians STJ 3155 Malta.

Purpose and legal basis

We process your data with the help of Hotjar Behavior Analytics for the purpose of optimizing our website and for marketing purposes based on your consent pursuant to Art. 6 (1) lit. a. GDPR.

Retention period

The specific retention period of the processed data cannot be influenced by us, but is determined by Hotjar Ltd. Further information can be found in the privacy policy for Hotjar Behavior Analytics: https://www.hotjar.com/privacy/.