Data protection notices

We would like to take this opportunity to inform you which of your personal data we collect when you visit our website and for what purposes it is used.

This privacy policy applies to the Ninox Software GmbH website, which can be reached under the domain ninox.com and the various subdomains (“our website”).

‍

Who is responsible and how can I contact you?

person responsible

for the processing of personal data in accordance with the EU General Data Protection Regulation (GDPR)

Ninox Software GmbH
Monbijouplatz 5
10178 Berlin

email: support@ninox.de

Further information can be found in our imprint.

Data Protection Officer

DataSolution LUD GmbH
Isarstraße 13
14974 Ludwigsfelde

Berit Schubert
email: dpo@ninox.com

‍

What is it about?

This privacy policy meets the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or user behavior when visiting a website. Information that we are unable to identify you personally (or only with disproportionate effort), e.g. through anonymization, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of processing has been achieved and there are no legitimate reasons for continuing to store the data. In the individual processing processes, we will inform you about the specific storage periods and criteria for storage. Irrespective of this, we store your personal data in individual cases to assert, exercise or defend legal claims and if there are legal storage obligations.

‍

Who receives my data?

We only pass on your personal data, which we process on our website, to third parties if this is necessary to fulfill the purposes and, in individual cases, is covered by the legal basis (e.g. consent or protection of legitimate interests). In addition, we share personal data with third parties in individual cases if this serves to assert, exercise or defend legal claims. Possible recipients may then include law enforcement agencies, lawyers, auditors, courts, etc.

Insofar as we use service providers to operate our website who process personal data in accordance with Article 28 GDPR as part of order processing on our behalf, these may be recipients of your personal data. For more information on the use of order processors and web services, see the overview of the individual processing processes.

‍

Do you use cookies?

Cookies are small text files that are sent by us to the browser of your device as part of your visit to our website and stored there. As an alternative to using cookies, information can also be stored in your browser's local storage. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to perform various analyses so that, for example, we are able to recognize the browser you are using when you visit our website again and to transmit various information to us (unnecessary cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example, by tracking your use of our website and determining your preferred settings (such as country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs and do not contain viruses.

We provide information about the respective services for which we use cookies in the individual processing processes. Detailed information about the cookies used can be found in the cookie settings or in the consent manager of this website.

‍

What rights do I have?

Under the requirements of the legal provisions of the General Data Protection Regulation (GDPR), you have the following rights as a data subject:

• information in accordance with Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing and a copy of your data;
• rectification in accordance with Art. 16 GDPR, from incorrect or incomplete data stored by us;
• erasure in accordance with Article 17 GDPR, the data stored by us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
• constraint processing in accordance with Article 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to processing in accordance with Article 21 GDPR.
• data portability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data as part of a consent in accordance with Art. 6 para. 1 lit. a DSGVO or on the basis of a contract in accordance with Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another person responsible, as far as this is technically feasible.
• contradiction In accordance with Article 21 GDPR, against the processing of your personal data, insofar as this is based on Article 6 (1) (e, f) GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct marketing. The right to object does not exist if overriding, compelling legitimate reasons for processing are proven or if processing is carried out to assert, exercise or defend legal claims. Insofar as the right to object to individual processing operations does not exist, this is stated there.
• revocation In accordance with Art. 7 (3) GDPR, your consent has been given with effect for the future.
• complaint in accordance with Art. 77 GDPR with a supervisory authority, if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.

‍

How is my data processed in detail?

Below, we will inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Provision of the website

Nature and scope of processing

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

• IP address of the requesting computer
• date and time of access
• Name and URL of the retrieved file
• Website from which access is made (referrer URL)
• Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

We host our website with Webflow. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter: Webflow). When you visit our website, Webflow collects various log files, including your IP addresses.

Webflow is a tool for building and hosting websites. Webflow stores cookies or other recognition technologies that are necessary to display the page, to provide certain website functions and to ensure security (necessary cookies).

For details, see Webflow's privacy policy: EU & Swiss Privacy Policy | Webflow 22.

Purpose and legal basis

The processing is carried out to protect our overriding legitimate interest in viewing our website and ensuring security and stability on the basis of Art. 6 para. lit. f DSGVO. The collection of data and storage in log files is absolutely necessary for the operation of the website. There is no right to object to processing due to the exception under Article 21 (1) GDPR. Insofar as further storage of log files is required by law, processing is carried out on the basis of Art. 6 para. 1 lit. c DSGVO. There is no legal or contractual obligation to provide the data, but it is not technically possible to access our website without providing the data.

Storage period

The above data is stored for the duration of viewing the website and, for technical reasons, for a maximum of 7 days.

‍

Contact form/ Contact

Nature and scope of processing

When you contact us by e-mail, telephone or via a contact form, the data you provide (e.g. e-mail address, name, telephone number or even the content of the request) will be processed by us in order to answer your questions and/or process your request.

For the form on our website, we use the Hubspot service from HubSpot Inc, 25 First Street, 2nd Floor, MA 02141 Cambridge, USA. In order to be able to display the form, cookies are set by the service provider. In addition, your data is stored in Hubspot as our CRM system when you communicate with us via the form, by email or by telephone. This is a service provider from a third country. The standard contractual clauses have been concluded with the service provider and Hubspot is certified in the Data Privacy Framework. Hubspot's privacy policy can be found here: https://legal.hubspot.com/privacy-policy

To use the contact form in the forum, we use the service provided by Forumbee LLC, 1 Harbor Dr Ste 300, Sausalito, USA. We would like to point out that the provider is a US company.

Forumbee's privacy policy can be found here: https://forumbee.com/privacy

Purpose and legal basis

Your data is processed for the purpose of communicating and processing your request on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. Insofar as your request relates to an existing contractual relationship with us, processing is carried out for the purpose of fulfilling the contract on the basis of Art. 6 para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information.

Storage period

We store the data collected for each request for a period of three years, starting with the processing of your request or until you withdraw your consent.

If you use the contact form as part of a contractual relationship, we store the data collected for each request for a period of three years from the end of the contractual relationship.

‍

newsletters

Nature and scope of processing

We only send emails and other electronic notifications with promotional information (hereinafter “newsletter”) with your consent or legal permission. The newsletters contain information about our products, offers, promotions and our company. By subscribing to our newsletter, you agree to receive it.

To send the newsletter, we use Hubspot, a service provided by HubSpot Inc., 25 First Street, 2nd Floor, MA 02141 Cambridge, USA. This is a service provider from a third country. The standard contractual clauses have been concluded with the service provider and Hubspot is certified in the Data Privacy Framework. Hubspot's privacy policy can be found here: https://legal.hubspot.com/privacy-policy

Purpose and legal basis

We process your data for the purpose of sending you the newsletter on the basis of your consent in accordance with Art. 6 para. 1 lit. a DSGVO. The use of a shipping service provider, the carrying out of statistical surveys and analyses and the recording of the registration process are based on our legitimate interests in accordance with Article 6 (1) (f) GDPR. We are interested in using a user-friendly and secure newsletter system that serves both our business interests and meets your expectations.

By unsubscribing from the newsletter, you can declare your withdrawal at any time with effect for the future in accordance with Article 7 (3) GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to send the newsletter without providing your data.

Storage period

After signing up for the newsletter, we store the data for a maximum of 24 hours until confirmation of the subscription. After successful confirmation, we will store your data until you withdraw your consent (unsubscribe from the newsletter) and for technical reasons for a maximum of 7 days.

‍

Registering a customer account

Nature and scope of processing

As part of order processing, we collect your personal data to register a customer account. When you register your user account, we also collect a password set by you yourself. In addition, you can voluntarily provide additional information that, in your opinion, is necessary to process the order.

The registration data is stored in the MongoDB Atlas system, Building 2 Number OneBallsBridge, Shelbourne Rd, Dublin, Ireland. Appropriate agreements have been concluded with the service provider for order processing. For more information, see MongoDB's privacy policy.

In the business customer area, information about the company is also requested, which is necessary for further contract processing. If you register as a business customer, we store your data in our CRM system. We use the CRM system of HubSpot Inc., 25 First Street, 2ndFloor, MA 02141 Cambridge, USA to process your data in connection with the implementation of contractual services and marketing activities. Corresponding order processing agreements have been concluded with the service provider. HubSpot is committed to handling the data you provide in accordance with data protection regulations. The service provider uses organizational and technical security measures to protect your data. We would like to point out that the provider is a US company. The standard contractual clauses have been concluded with the service provider and Hubspot is certified in the Data Privacy Framework.

Hubspot's privacy policy can be found here: https://legal.hubspot.com/privacy-policy

Purpose and legal basis

We process your personal data for the purpose of registering a customer account to fulfill a contract with you in accordance with Art. 6 para. 1 lit. b GDPR. There is a contractual obligation to provide your data insofar as it relates to the mandatory fields, as this information is necessary for us to fulfill the contract. There is no legal obligation to provide the data. Without providing this information, registration and thus the conclusion of a contract is not possible. There is no obligation to provide the additional information provided voluntarily.

The additional processing of your password to register the user account is carried out for the purpose of providing a customer account. By deleting your customer account, you can declare your withdrawal at any time with effect for the future in accordance with Article 7 (3) GDPR.

Storage period

When registering a permanent customer account, we store the purchase-related data beyond the end of the contract until you withdraw your consent (deletion of the customer account). In both cases, your data will only be stored if there are legal storage obligations (such as tax and commercial law).

‍

Using the Ninox platform

Nature and scope of processing

When using our product, personal data is sometimes entered and stored by the customer himself in the database applications created by the customer. We have no knowledge of the type of data that is processed in the applications. This is the customer's responsibility. In case of support, support staff can, with the consent of the customer, obtain knowledge of the stored data.

Your personal data will only be passed on to third parties and contract processors in accordance with Article 28 GDPR insofar as this is necessary for the provision of services.
‍

The following service providers are used to host the platform:

Public cloud:

Host Europe: https://www.hosteurope.de/AGB/Datenschutzerklaerung/

Amazon AWS: https://aws.amazon.com/de/compliance/germany-data-protection/

Redis: https://redis.com/legal/privacy-policy/

‍

Private cloud:

Amazon AWS: https://aws.amazon.com/de/compliance/germany-data-protection/

Hetzner: https://www.hetzner.com/de/privacy-policy-notice

‍

Purpose and legal basis

We process your personal data for the purpose of hosting the platform, registrations and cancellations and backup, i.e. to fulfill the contract with you in accordance with Art. 6 para. 1 lit. b GDPR.

The additional processing of your password to register the user account is carried out for the purpose of providing a customer account. As part of the product information, we also send emails with notes and product updates based on legitimate interest in accordance with Art. 6 para. 1 lit f GDPR.

Storage period

You can delete the applications created on the platform yourself, including personal data. When registering a permanent customer account, we store the purchase-related data beyond the end of the contract until you withdraw your consent (deletion of the customer account). In both cases, your data will only be stored if there are legal storage obligations (such as tax and commercial law).

‍

Comment function/Forum

Nature and scope of processing

If you use the comment function in the forum on our website, we collect your user name (s) and comment/message and store this data together with the IP address and date. If you post comments as a logged-in user, we will also associate them with your user account.

To use the comment function in the forum, we use the service provided by Forumbee LLC, 1 Harbor Dr Ste 300, Sausalito, USA. The standard contractual clauses were concluded with the service provider.

Forumbee's privacy policy can be found here: https://forumbee.com/privacy

Purpose and legal basis

Your personal data is processed for the purpose of commenting on the content of our website on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. By sending an informal message [deleting your comments], you can declare your withdrawal at any time with effect for the future in accordance with Art. 7 (3) GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to use the comment function without disclosing your data.

Storage period

We store your personal data until you withdraw your consent and for technical reasons for a maximum of 7 days.

‍

Ninox documentation

Nature and scope of processing

For Ninox documentation, see: https://docs.ninox.com/de We use the Gitbook service from GitBook Inc, 340 S Lemon Ave #7171, Walnut, USA. The standard contractual clauses have been concluded with the service provider.

Gitbook's privacy policy can be found here: https://policies.gitbook.com/privacy

Purpose and legal basis

Your personal data is processed for the purpose of providing documentation for Ninox products on the basis of our legitimate interest in accordance with Art. 6 (1) lit. f GDPR.

Storage period

For technical reasons, we store your personal data for a maximum of 7 days.

‍

Registration and participation in webinars

Nature and scope of processing

On our website and in our LinkedIn ads, you have the option to sign up for and participate in webinars. To register and conduct the webinars, we use the Zoom service provided by Zoom Video Communications, Inc, 55 Almaden Boulevard, 6th Floor, San Jose, USA. We would like to point out that the provider is a US company. The usual contract clauses were concluded with the service provider.

Zoom's privacy policy can be found here: https://explore.zoom.us/de/privacy/

We also use HubSpot Inc, 25 First Street, 2nd Floor, MA02141 Cambridge, USA, for organization and invitations. Your personal data is processed on our behalf in accordance with Art. 28 GDPR. We would like to point out that the provider is a US company. The standard contractual clauses have been concluded with the service provider and Hubspot is certified in the Data Privacy Framework.

Hubspot's privacy policy can be found here: https://legal.hubspot.com/privacy-policy

Purpose and legal basis

The processing of your data for the purpose of registering, conducting and following up webinars is based on your consent in accordance with Art. 6 (1) lit. a GDPR. There is no legal or contractual obligation to provide your data, but participation in the webinars is not possible without providing the data.

Storage period

We store the collected registration data for the webinars for a period of one year, starting with registration or until you withdraw your consent.

‍

applications

It is possible to apply for advertised jobs via Internet portals such as LinkedIn or directly. If you, as an applicant, take advantage of this option, the data submitted to us will be processed electronically. This data includes:

• First name, last name
• contact details (email address, telephone number)
• cover letter
• File attachments with the detailed application

We use Personio, a service provided by Persiono GmbH, Munich, to process your application. Further correspondence regarding your application will be sent via this service. An agreement has been concluded with the service provider in accordance with Art. 28 GDPR.

Purpose and legal basis for data processing

The data submitted to us will only be used for processing the application by the specialist department and for communication. The legal basis for processing the data is the contract initiation relationship or the conclusion of a contract in accordance with Art. 6 para. 1 lit b GDPR.

Storage period

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected, at the latest 6 months after rejection. In the case of a contractual relationship, we will delete the data received as soon as national, commercial, statutory or contractual storage requirements are met.

Objection option

You have the option to object to the processing of your data at any time. To do this, please send an e-mail to the place where you sent the application (posting office).

‍

Presences on social media platforms

We maintain so-called fan pages or accounts or channels on the networks listed below in order to also provide you with information and offers within social networks and to offer you further ways to contact us and find out about our offers. In the following, we will inform you which data we or the respective social network process about you in connection with accessing and using our fan pages/accounts.

Data that we process from you

If you would like to contact us via messenger or via direct message via the respective social network, we usually process your user name, which you use to contact us and may store further data provided by you to the extent necessary to process/answer your request.

The legal basis is Article 6 (1) sentence 1 f) GDPR (processing is necessary to protect the legitimate interests of the person responsible).

(Static) usage data that we receive from social networks

Insights functionalities provide us with automated statistics about our accounts. The statistics include the total number of page views, likes, page activity and post interactions, reach, video views/views, and the proportion of men/women among our fans/followers.

The statistics only contain aggregated data that cannot be related to individual persons. This does not identify you to us.

What data do social networks process about you

In order to be able to view the content of our fan pages or accounts, you do not have to be a member of the respective social network and therefore no user account is required for the respective social network.

Please note, however, that when you access the respective social network, the social networks also collect and store data from website visitors without a user account (e.g. technical data so that they can display the website to you) and use cookies and similar technologies over which we have no influence. Details can be found in the privacy policy of the respective social network (see the corresponding links above)

If you want to interact with the content on our fan pages/accounts, e.g. comment on, share or like our postings/contributions and/or contact us via messenger functions, prior registration with the respective social network and the provision of personal data is required.

We have no influence on data processing by social networks as part of your use. To the best of our knowledge, your data is stored and processed in particular in connection with the provision of the services of the respective social network, and also to analyze usage behavior (using cookies, pixel/web beacons and similar technologies) on the basis of which advertising based on your interests is displayed both within and outside the respective social network. It cannot be ruled out that social networks may also store your data outside the EU/EEA and share it with third parties.

Information on, among other things, the exact scope and purposes of processing your personal data, the storage period/deletion and guidelines on the use of cookies and similar technologies in the context of registration and use of social networks can be found in the privacy policy/cookie policies of the social networks. There you will also find information about your rights and objection options.

Facebook page

When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more information about this under the following link: https://facebook.com/help/pages/insights.

Using the statistical information provided, it is not possible for us to draw conclusions about individual users. We only use these to be able to respond to the interests of our users and to continuously improve our online presence and ensure the quality of it.

We only collect your data via our fan page to make it possible to communicate and interact with us. This collection usually includes your name, message content, comment content and the profile information you provide “publicly”.

Your personal data is processed for our purposes mentioned above on the basis of our legitimate business and communication interest in offering an information and communication channel in accordance with Art. 6 para. 1 f) GDPR. Should you, as a user, have given the respective social network provider consent to data processing, the legal basis for processing extends to Art. 6 para. 1 a), Art. 7 GDPR.

Due to the fact that the actual data processing is carried out by the social network provider, our access options to your data are limited. Only the provider of the social network is authorized to have full access to your data. As a result, only the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). Appropriate rights are therefore most effectively asserted directly against the respective provider.

Together with Facebook, we are responsible for the personal content of the fan page. Data subject rights can be claimed with Facebook Ireland and with us.

According to the GDPR, Facebook has primary responsibility for processing insights data and Facebook fulfills all obligations under the GDPR with regard to the processing of insights data; Facebook Ireland makes the essence of the page insights supplement available to data subjects.

We do not make any decisions regarding the processing of insights data and any other information resulting from Article 13 GDPR, including the legal basis, identity of the person responsible and storage period of cookies on user devices.

Further information can be found directly on Facebook (supplementary agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

LinkedIn page

LinkedIn is a social network owned by LinkedIn Inc., based in Sunnyvale, California, USA, which allows the creation of private and professional profiles. Users can maintain their existing contacts and make new ones. Companies can create profiles that upload photos and other business information. Other LinkedIn users have access to this information and can write their own articles and share this content with others.

The focus is on professional exchange on specialist topics with people who have the same professional interests. In addition, LinkedIn is often used by companies and other organizations to hire employees and present themselves as an interesting employer.

For more information about LinkedIn, visit: https://about.linkedin.com/

Further information on LinkedIn's privacy policy can be found at: https://www.linkedin.com/legal/privacy-policy

We do not collect or process any personal data via our LinkedIn company page.

X side

Together with X, we are responsible for the personal content of the fan page. Data subject rights can be asserted with X Inc., as well as with us.

The primary responsibility under the GDPR for the processing of insights data lies with X and X fulfills all obligations under the GDPR with regard to the processing of insights data, X Inc. makes the essence of the page insights supplement available to data subjects.

We do not make any decisions regarding the processing of insights data and any other information resulting from Article 13 GDPR, including legal basis, identity of the person responsible and storage period of cookies on user devices

You can find further information directly at X: privacy policy.

You can request the X usage concept on which the offer is based at our e-mail address above with the keyword “X usage concept”.

‍

AWS S3

Nature and scope of processing

We use AWS S3 to properly deliver the content on our website. AWS S3 is a service provided by Amazon Web Services, Inc., which acts as a content delivery network (CDN) on our website.

A CDN helps to make content from our online offering, in particular files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you connect to Amazon Web Services, Inc. servers, which transmits your IP address and, if applicable, browser data such as your user agent. This data is processed exclusively for the purposes set out above and to maintain the security and functionality of AWS S3.

Purpose and legal basis

The use of the content delivery network is based on our legitimate interests, i.e. interest in secure and efficient provision and optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Amazon Web Services, Inc. For more information, see the AWS S3 Privacy Statement: https://aws.amazon.com/de/privacy/.

‍

Bing Ads

Nature and scope of processing

We have integrated Bing Ads on our website. Bing Ads is a service provided by Microsoft Corporation to display targeted advertising to users. Bing Ads uses cookies and other browser technologies to evaluate user behavior and recognize users.

Bing Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Bing Ads also delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identification features, such as your user agent, are transmitted to the provider.

In this case, your data will be passed on to the operator of Bing Ads, Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States.

Purpose and legal basis

We process your data with the help of Bing Ads for the purpose of optimizing our website and for marketing purposes based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Microsoft Corporation. For more information, see the Bing Ads Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement.

‍

Bing Pixel

Nature and scope of processing

We use Bing Pixel from Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States, to create so-called custom audiences, i.e. to segment groups of visitors to our online offering, to determine conversion rates and then optimize them. This happens in particular when you interact with ads that we have placed with Microsoft Corporation.

Purpose and legal basis

We process your data using Bing Pixel for the purpose of optimizing our website and for marketing purposes on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Microsoft Corporation. For more information, see the Bing Pixel privacy policy: https://privacy.microsoft.com/en-us/privacystatement.

‍

Clarity

Nature and scope of processing

We have integrated Clarity on our website. Clarity is a service provided by Microsoft Corporation and provides optimization tools that analyze behavior and feedback from users of our website through analysis and feedback tools.

Clarity uses cookies and other browser technologies to evaluate user behavior and recognize users.

This information is used, among other things, to compile reports on website activity and to statistically evaluate visitor data. Clarity also records clicks, mouse movements, and scroll heights to create so-called heat maps and session replays.

In this case, your data will be passed on to the operator of Clarity, Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States.

Purpose and legal basis

We process your data with Clarity for the purpose of optimising our website and for marketing purposes on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Microsoft Corporation. You can find further information in the Clarity Privacy Policy: https://privacy.microsoft.com/en-us/privacystatement.

‍

Cookiebot

Nature and scope of processing

We have integrated Cookiebot on our website. Cookiebot is a consent solution from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, with which consent to the storage of cookies can be obtained and documented. Cookiebot uses cookies or other web technologies to recognize users and save the consent given or withdrawn.

Purpose and legal basis

The use of the service is based on the legally required consent to the use of cookies in accordance with Art. 6 para. 1 lit. c. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Cybot A/S. You can find further information in the privacy policy for Cookiebot: https://www.cookiebot.com/de/privacy-policy/.

‍

Cookiebot CDN

Nature and scope of processing

We use Cookiebot CDN to properly deliver the content of our website. Cookiebot CDN is a service provided by Cybot A/S, which acts as a content delivery network (CDN) on our website to ensure the functionality of other Cybot A/S services. For these services, you can find a separate section in this privacy statement. This section is just about using the CDN.

A CDN helps to make content from our online offering, in particular files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you connect to servers of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, which transmits your IP address and, if applicable, browser data such as your user agent. This data is processed exclusively for the purposes set out above and to maintain the security and functionality of Cookiebot CDN.

Purpose and legal basis

The use of the content delivery network is based on our legitimate interests, i.e. interest in secure and efficient provision and optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Cybot A/S. For more information, please see the Cookiebot CDN privacy policy: https://www.cookiebot.com/de/privacy-policy/.

‍

Facebook Pixel

Nature and scope of processing

We use Facebook pixels from Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland to create so-called custom audiences, i.e. to segment groups of visitors to our online offering, to determine conversion rates and then optimize them. This happens in particular when you interact with advertisements that we have placed with Meta Platforms Ireland Limited.

Purpose and legal basis

We process your data using Facebook Pixel for the purpose of optimizing our website and for marketing purposes based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Meta Platforms Ireland Limited. You can find further information in the privacy policy for Facebook Pixel: https://www.facebook.com/privacy/explanation.

‍

Google Ads

Nature and scope of processing

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to evaluate user behavior and recognize users.

Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Google Ads also delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identification features such as your user agent are transmitted to the provider.

If you are registered with a Google Ireland Limited service, Google Ads can associate the visit with your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find out and store your IP address and other identification features.

In this case, your data will be passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis

We process your data using Google Ads for the purpose of optimizing our website and for marketing purposes on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the Google Ads privacy policy: https://policies.google.com/privacy.

‍

Google Analytics

Nature and scope of processing

Our website uses Google Analytics 4, a web analysis service provided by Google LLC. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building GordonHouse, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Google Analytics uses cookies, which enable you to analyze how you use our websites. The information collected using cookies about your use of this website is usually transmitted to a Google server in the USA and stored there.

We use the user ID function. Using the user ID, we can assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and analyze user behavior across devices.

We're still using Google Signals. This allows InGoogle Analytics to collect additional information about users who have activated personalized ads (interests and demographic data) and ads can be delivered to these users in cross-device remarketing campaigns.

Google Analytics 4 enables the anonymization of IP addresses by default. As a result of IP anonymization, your IP address is abbreviated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and abbreviated there. According to Google, the IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.

During your visit to the website, your user behavior is recorded in the form of “events.” Events can be:

• page views
• First time visit to the website
• Start the session
• Your “click path,” interaction with the website
• Scrolls (whenever a user scrolls to the bottom of the page (90%))
• Clicks on external links
• internal searches
• Interacting with videos
• file downloads
• viewed or clicked ads
• language setting
  ‍

It also records:

• Your approximate location (region)
• Your IP address (in abbreviated form)
• technical information about your browser and the devices you use (e.g. language setting, screen resolution)
• Your internet service provider
• the referrer URL (from which website/which advertising medium you came to this website)

Purpose and legal basis

We process data using Google Analytics for the purpose of optimizing our website, preparing reports, data analysis and marketing purposes based on your consent in accordance with Art. 6 (1) lit. a. GDPR.

You can withdraw your consent at any time with effect for the future by going to the cookie settings and changing your selection there. The lawfulness of the processing carried out on the basis of consent up to the withdrawal remains unaffected by this.

‍

You can also prevent cookies from being saved from the outset by setting your browser software accordingly. However, setting your browser to reject all cookies may result in functional restrictions on this and other websites. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by:

a. deny your consent to the setting of the cookie, or

b. the browser add-on to disable Google Analytics here download and install.

‍

Third country transfer

Insofar as data is processed outside the EU/EEA and there is no level of data protection that meets European standards, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. The transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not have any legal remedies against access by authorities.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is set by Google IrelandLimited. For more information about Google Analytics' terms of use and Google's privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/us/ and under https://policies.google.com/?hl=en.

‍

Google DoubleClick

Nature and scope of processing

We have integrated DoubleClick by Google components on our website. DoubleClick is a Google brand, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with every impression as well as with clicks or other activities.

Each of these data transfers triggers a cookie request to the data subject's browser. If the browser accepts this request, DoubleClick sets a cookie in your browser.

DoubleClick uses a cookie ID, which is required to complete the technical process. The cookie ID is required, for example, to display an ad in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid duplication. DoubleClick also allows DoubleClick to record conversions using the cookie ID. Conversions are recorded, for example, when a user has previously been shown a DoubleClick ad and then makes a purchase on the advertiser's website using the same Internet browser.

A DoubleClick cookie does not contain any personal data, but may contain additional campaign identifiers. A campaign ID is used to identify campaigns that you have already been in contact with on other websites. As part of this service, Google receives information that Google also uses to create commission statements. Among other things, Google can understand that you have clicked on certain links on our website. In this case, your data will be passed on to the operator of DoubleClick, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information and the applicable privacy policy of DoubleClick by Google can be found at https://policies.google.com/privacy.

Purpose and legal basis

We process your data using double-click cookies for the purpose of optimizing and displaying advertising based on your consent in accordance with Art. 6 para. 1 lit. a DSGVO. You give your consent by setting the use of cookies (Cookie Banner/Consent Manager), with which you can also declare your withdrawal at any time with effect for the future in accordance with Article 7 (3) GDPR. The cookie is used, among other things, to place and display user-relevant advertising and to create reports on advertising campaigns or improve them. The cookie is also used to prevent multiple displays of the same advertisement. Each time you visit one of the individual pages of our website on which a DoubleClick component has been integrated, your browser is automatically prompted by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and billing commissions. There is no legal or contractual obligation to provide your data. If you do not give us your consent, you can visit our website without restriction, but not all functions may be fully available.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the Google DoubleClick privacy policy: https://policies.google.com/privacy.

Legal basis and revocation

We process your data using Google Analytics 4 on the basis of your consent in accordance with Art. 6 Paragraph 1 lit a DSGVoI.v.m. § 25 TTDSG. your consent. You give your consent by setting the use of cookies (Cookie Banner/Consent Manager), with which you can also declare your withdrawal at any time with effect for the future in accordance with Art. 7 (3) GDPR.

You can also prevent cookies from being saved from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, functionalities on this and other websites may be restricted. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by (I) not giving your consent to the setting of the cookie or (II) the browser add-on to deactivate Google Analytics HERE download and install.

For more information, see Terms of use and in the Privacy statement for Google.

‍

Google Fonts

Nature and scope of processing

We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offering. To obtain these fonts, connect to Google Ireland Limited servers, which will transmit your IP address.

Purpose and legal basis

The use of Google Fonts is based on our legitimate interests, i.e. interest in uniform provision and optimization of our online offering in accordance with Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the privacy policy for Google Fonts: https://policies.google.com/privacy.

‍

Google Tag Manager

Nature and scope of processing

We use Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags via an interface and allows us to control the precise integration of services on our website

This allows us to flexibly integrate additional services to evaluate user access to our website.

Purpose and legal basis

The use of Google Tag Manager is based on our legitimate interests, i.e. interest in optimising our services in accordance with Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the Google Tag Manager privacy policy: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

‍

Google reCAPTCHA

Nature and scope of processing

We have integrated Google reCAPTCHA components on our website. Google reCAPTCHA is a service provided by Google Ireland Limited and allows us to distinguish whether a contact request comes from a natural person or is automated using a program. When you access this content, you connect to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, which transmits your IP address and, if applicable, browser data such as your user agent. Google reCAPTCHA also records the user's time spent and mouse movements in order to distinguish automated requests from human requests. This data is processed exclusively for the purposes mentioned above and to maintain the security and functionality of Google reCAPTCHA.

Purpose and legal basis

The service is used on the basis of our legitimate interests, i.e. to protect the transmission of forms in accordance with Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the Google reCAPTCHA privacy policy: https://policies.google.com/privacy?hl=en-US.

‍

Leadfeeder

Nature and scope of processing

We have integrated Leadfeeder on our website as a tool for customer intelligence. Leadfeeder is a service provided by Leadfeeder, Inc., 3 Warren Street, Suite 2, Glens Falls, NY 12801, United States, which identifies anonymous website visitors, enriches existing contact details, or provides complete contact details and provides insights into the course of visits.

Leadfeeder uses cookies and other browser technologies to evaluate user behavior and recognize users.

Among other things, Leadfeeder shows us which companies have visited our website, determines the history of your visit to this website, including all pages you have visited and viewed, and the length of your stay on this website.

Leadfeeder collects and processes data about companies such as company name, telephone number, address, web address, industry, company profile, turnover and key people.

Purpose and legal basis

We process your data with the help of Leadfeeder for the purpose of optimizing our website and for marketing purposes on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Leadfeeder, Inc. You can find further information in the Leadfeeder privacy policy: https://www.leadfeeder.com/privacy/.

‍

LinkedIn Ads

Nature and scope of processing

We have integrated LinkedIn ads on our website. LinkedIn Ads is a service provided by LinkedIn Corporation that shows users targeted advertising. LinkedIn Ads uses cookies and other browser technologies to evaluate user behavior and recognize users. LinkedIn Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. LinkedIn Ads also delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identification features, such as your user agent, are transmitted to the provider. In this case, your data will be passed on to the operator of LinkedIn Ads, LinkedIn Corporation, Sunnyvale, California, US.

Web tracking technologies are used to create pseudonymized user profiles. These profiles cannot be combined with you as a natural person, but are used, for example, for segmentation when displaying advertisements.

Purpose and legal basis

We process data with the help of LinkedIn Ads for the purpose of optimising our advertising campaigns and for marketing purposes based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by LinkedIn Corporation. You can find further information in the LinkedIn Ads privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

‍

LinkedIn Insight Day

Nature and scope of processing

We use LinkedIn Insight Tag from LinkedIn Corporation, Sunnyvale, California, US to create target groups, segment groups of visitors to our online offering, determine conversion rates and then optimize them. This happens in particular when you interact with advertisements that we have placed with LinkedIn Corporation. To this end, LinkedIn Corporation offers retargeting for website visitors to display targeted advertising outside our website.

LinkedIn Insight Tag collects data about visits to our website, including URL, referrer URL, IP address, device and browser properties (user agent), and time stamps. This data is used to present anonymized reports on the website target group and ad performance.

Purpose and legal basis

We process your data using LinkedIn Insight Tag for the purpose of optimising our website and for marketing purposes on the basis of your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by LinkedIn Corporation. For more information, see the LinkedIn Insight Tag privacy policy: https://www.linkedin.com/legal/privacy-policy.

‍

Mixpanel

Nature and scope of processing

On our websites, we use the Mixpanel web analysis tool from Mixpanel Inc., One Front Street, Floor 28, San Francisco, CA 94111, USA. (“Mix Panel”). Mixpanel enables us to carry out quantitative product analyses to optimize the quality of our services. Only pseudonymous data is processed here; there is no tracking of user activity related to the user.

Purpose and legal basis

The legal basis for processing personal data is our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR.

The recipient of the data is Mixpanel Inc., One Front Street, Floor 28, San Francisco, CA 94111, USA. In principle, the data processed by Mixpanel is stored in data centers within the European Union. However, due to the corporate structure of Mixpanel Inc., it cannot be completely ruled out that personal data will be transferred to third countries, in particular the USA.

Storage period

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In addition, the data will be deleted if you withdraw your consent or request the deletion of personal data.
You can object to the collection, processing and recording of data generated by Mixpanel at any time. Mixpanel Inc.'s privacy policy can be found at https://mixpanel.com/legal/privacy-policy/.

‍

YouTube

Nature and scope of processing

We have integrated YouTube video on our website. YouTube Video is a component of YouTube, LLC's video platform, on which users can upload content, share it over the Internet, and obtain detailed statistics.

YouTube video allows us to integrate platform content into our website.

YouTube Video uses cookies and other browser technologies to evaluate user behavior, recognize users and create user profiles. This information is used, among other things, to analyze the activity of the content listened to and to create reports. If a user is registered with YouTube, LLC, YouTube Video can associate the videos played with the profile.

When you access this content, you connect to servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4 Ireland, which transmits your IP address and, if applicable, browser data such as your user agent.

Purpose and legal basis

The use of the service is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by YouTube, LLC. You can find further information in the YouTube Video privacy policy: https://policies.google.com/privacy.

‍

Hotjar

Nature and scope of processing

We have integrated Hotjar Behavior Analytics on our website. Hotjar Behavior Analytics is a service provided by Hotjar Ltd. and provides optimization tools that analyze the behavior and feedback from users of our website through analysis and feedback tools.

Hotjar Behavior Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users.

This information is used, among other things, to compile reports on website activity and to statistically evaluate visitor data. Hotjar Behavior Analytics also records clicks, mouse movements, and scroll heights to create so-called heat maps and session replays.

In this case, your data will be passed on to the operator of Hotjar Behavior Analytics, Hotjar Ltd, Level 2, St Julian's Business Centre 3 Elia Zammit Street St Julian's STJ 3155 Malta.

Purpose and legal basis

We process your data with the help of Hotjar Behavior Analytics for the purpose of optimizing our website and for marketing purposes based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Hotjar Ltd. For more information, see the Hotjar Behavior Analytics privacy policy: https://www.hotjar.com/privacy/.