Imprint & Privacy
Imprint
My address
Thomas Gerstmann
Data-Driven UX Optimization
digitalHUB Aachen
Jülicher Straße 72a
52070 Aachen
Germany
Phone: +49 241 89439009
E-mail: mail@thomasgerstmann.de
Tax number
201/5130/6784
Sales tax identification number
DE311614888
Responsible for the content
Thomas Gerstmann
Professional liability insurance
Exali IT Liability:
For more information, please visit:
http://www.exali.de/siegel/Thomas-Gerstmann-Datadriven-UX-Optimization
EU Dispute Resolution
The European Commission provides a platform for online dispute resolution (ODR): https://ec.europa.eu/consumers/odr.
You can find our e-mail address in the imprint above.
Consumer dispute resolution/universal arbitration board
We are not willing or obliged to participate in dispute resolution proceedings before a consumer arbitration board.
Liability
Liability for contents
The contents of this website were created with the greatest possible care. However, we can not guarantee the completeness of the content provided, its timeliness and accuracy. Gem. According to §§ 8 – 10 TMG, we as a service provider have no obligation to monitor third-party information that has been transmitted or stored, or to investigate evidence and circumstances that indicate the illegality of activities and information.
An obligation on our part to block the use of content within the framework of general laws always remains unaffected by this. However, this liability only comes into question at the moment of becoming aware of a concrete violation of rights. Should we become aware of any infringements, we shall remove the corresponding content immediately.
Our liability for our own content, as a service provider, is governed by the general laws.
Liability for links
This website contains links to third-party websites – so-called external links. The contents of these external links are beyond our control, so that we do not assume any liability for such contents.
The responsibility always lies with the respective operator of the external pages. At the time of linking the external links, no legal violations were apparent. The permanent monitoring of external content for legal violations without concrete evidence is not reasonable for us.
Should we become aware of any legal violations, we will remove the corresponding external links immediately.
Copyright/performance protection law
German copyright and ancillary copyright law applies to the content of this site. Insofar as the duplication, processing, distribution or any other form of exploitation is outside the scope of German copyright and ancillary copyright law, the written consent of the creator is required. Unauthorized copying or downloading of these pages is permitted for private use only, but not for commercial use. Unless we as the operator also act as the creator of the content, the copyrights of third parties are respected. We always endeavor to identify such content as third-party content. We ask you in the event that you notice a copyright infringement despite careful work on our part, to notify us accordingly, so that the removal of this content can be arranged immediately.
Trademark
All trademarks, trade names and/or utility brands mentioned on this website and possibly protected by third parties are subject without restriction to the provisions of the applicable trademark law and the ownership rights of the respective registered owners. The mere mention of a trademark does not imply that it is not protected by the rights of third parties.
Legal validity of this disclaimer
This disclaimer is to be regarded as part of the internet publication which you were referred from. If sections or individual terms of this statement are not legal or correct, the content or validity of the other parts remain uninfluenced by this fact.
Infringement of property rights
If you suspect that one of your property rights has been infringed by this website, please inform the operator immediately by electronic mail so that we can react accordingly.
Privacy
Introduction
This data protection declaration informs you about the nature, scope and purpose of the processing of personal data (hereinafter referred to as “data”) in the context of the provision of our services and within our online offer and the websites, functions and content associated with it as well as external online presences, such as our social media profiles (hereinafter collectively referred to as “online offer”). With regard to the terms used, such as “processing” or “controller”, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR)
Company contact details
Thomas Gerstmann
Data-Driven UX Optimization
digitalHUB Aachen
Jülicher Straße 72a
52070 Aachen
Germany
Phone: +49 241 89439009
E-mail: mail@thomasgerstmann.de
Privacy policy
As a user of our website, you will receive all necessary information in this data protection declaration about how, to what extent and for what purpose we or third-party providers collect data from you and use it. The collection and use of your data is strictly in accordance with the provisions of the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG). We are particularly committed to the confidentiality of your personal data and therefore work strictly within the limits set by the law. The collection of this personal data takes place on a voluntary basis, if this is possible for us. We also only pass this data on to third parties with your express consent. We ensure a high level of security for particularly confidential data, such as in payment transactions or with regard to your inquiries to us, by using SSL encryption. However, we would like to take this opportunity to point out the general dangers of Internet use over which we have no control. Especially in e-mail traffic, your data is not secure without further precautions and can possibly be captured by third parties.
Processing purposes
- Provision of the online offer, its functions and contents
- Processing and publication of comments from users
- Responding to contact requests and communicating with users
- Security measures
- Reach measurement/marketing
Contact form
If a user uses the option of a contact form on this website, the data entered in the input mask is transmitted to us and stored. The following data is also stored at the time the message is sent:
- The IP address of the user
- Date and time of registration
For the processing of the data, your consent is obtained during the submission process and reference is made to this privacy policy. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The data will be used exclusively for the processing of the conversation. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the submission process are used to prevent misuse of the contact form and to ensure the security of our information technology systems.
Comments
When visitors post comments on the site, we collect the data displayed in the comment form, as well as the visitor’s IP address and the user agent string (this identifies the browser) to help detect spam.
An anonymized string can be created from your email address (also called a hash) and passed to the Gravatar service to check if you are using it. The privacy policy of the Gravatar service can be found here: https://automattic.com/privacy/. After your comment is approved, your profile picture will be publicly visible in the context of your comment.
Newsletter
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remain unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO). The storage in the blacklist is not limited in time.
You can object to the storage if your interests outweigh our legitimate interest.
Media
If you are a registered user and upload photos to this website, you should avoid uploading photos with an EXIF GPS location. Visitors to this website could download photos stored on this website and extract their location information.
Embedded content from other websites
Posts on this website may contain embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.
These websites may collect information about you, use cookies, embed additional third party tracking services, and record your interaction with that embedded content, including your interaction with the embedded content if you have an account and are logged into that website.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
The basis for the data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data for the performance of a contract or pre-contractual measures.
Cooperation with processors, joint controllers and third parties
If, in the course of our processing, we disclose data to other persons and companies (order processors, jointly responsible persons or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract), users have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
If we disclose or transfer data to other companies in our group of companies or otherwise grant them access, this is done in particular for administrative purposes as a legitimate interest and, in addition, on a basis that complies with the legal requirements.
Rights of the data subjects
You have the right to request confirmation as to whether data in question is being processed and to information about this data, as well as further information and a copy of the data in accordance with the legal requirements.
You have accordingly. the legal requirements, the right to request that the data concerning you be completed or that the inaccurate data concerning you be corrected.
In accordance with the statutory provisions, you have the right to demand that the data concerned be deleted without delay or, alternatively, to demand restriction of the processing of the data in accordance with the statutory provisions.
You have the right to request that the data concerning you that you have provided to us be received in accordance with the law and to request that it be transferred to other data controllers.
You also have the right to file a complaint with the competent supervisory authority in accordance with the law.
Right of withdrawal
You have the right to revoke given consents with effect for the future.
Right of objection
You may object to the future processing of data relating to you at any time in accordance with the statutory provisions. The objection can be made in particular against the processing for purposes of direct advertising.
Objection to advertising e-mails
The use of contact data published within the scope of the imprint obligation for the transmission of not expressly requested advertising and information materials is hereby contradicted. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
Information, deletion, blocking
You can obtain information free of charge at any time about the personal data we have stored about you and about the origin, recipient and purpose of data collection and data processing. You also have the right to request the correction, blocking or deletion of your data. Excluded from this is data that is retained due to legal regulations or is required for proper business processing. To ensure that a data block can be implemented at any time, data is kept in a blocking file for control purposes. If data is not covered by a legal archiving obligation, we will delete your data at your request. If the archiving obligation takes effect, we will block your data. For all questions and concerns regarding the correction, blocking or deletion of personal data, please contact our data protection officer using the contact details in this privacy policy or at the address given in the imprint.
Changes and updates to the privacy policy
We ask you to regularly inform yourself about the content of our privacy policy. We will adapt the privacy policy as soon as the changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification.
SSL encryption
Our website uses SSL encryption when transmitting confidential or personal content from our users. This encryption is activated, for example, during the processing of payment transactions as well as for inquiries that you send to us via our website. Please make sure that SSL encryption is enabled for corresponding activities on your side. The use of encryption is easy to recognize: The display in your browser bar changes from “http://” to “https://”. Data encrypted via SSL cannot be read by third parties. Only transmit your confidential information when SSL encryption is activated and contact us in case of doubt.
How long we store your data
If you write a comment, it will be stored including metadata for an unlimited time. This way, we can automatically detect and approve follow-up comments instead of holding them in a moderation queue.
For users who register on our website, we additionally store the personal information they provide in their user profiles. All users can view, modify or delete their personal information at any time (the username cannot be changed). Administrators of the website can also view and modify this information.
What rights you have to your data
If you have posted comments, you may request an export of your personal information from us, including any information you have shared with us. In addition, you can request the deletion of all personal data that we have stored about you. This does not include data that we are required to retain due to administrative, legal or security needs.
Where we send your data
Visitor comments could be examined by an automated service for spam detection.
Legal basis for data processing
The legal basis for the processing of the data, if the user has given his consent, is Art. 6 para. 1 lit. a GDPR.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
Conclusion of a data processing agreement
We have concluded a so-called “Data Processing Agreement” with ActiveCampaign, in which we oblige ActiveCampaign to protect our customers’ data and not to pass it on to third parties. This contract can be viewed here.
Services used
Active Campaign – Email & Marketing Automation
This website uses ActiveCampaign to send newsletters. The provider is ActiveCampaign, Inc, 1 N Dearborn, 5th Floor Chicago, Illinois 60602, USA.
ActiveCampaign is a service that can be used, among other things, to organize and analyze the sending of newsletters. The data you enter for the purpose of receiving the newsletter is stored on ActiveCampaign’s servers in Germany.
If you do not want any analysis by ActiveCampaign, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also unsubscribe from the newsletter directly on the website.
Data analysis through ActiveCampaign
With the help of ActiveCampaign, we are able to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. In this way, we can determine, among other things, which links have been clicked on particularly often.
In addition, we can see whether certain pre-defined actions were performed after opening / clicking (conversion rate). We can thus recognize, for example, whether you have made a purchase after clicking on the newsletter.
ActiveCampaign also allows us to divide (“cluster”) newsletter recipients based on different categories. The newsletter recipients can be subdivided according to age, gender or place of residence, for example. In this way, newsletters can be better adapted to the respective target groups.
For detailed information on ActiveCampaign features, please refer to the following link: https://www.activecampaign.com/email-marketing.
ActiveCampaign’s privacy policy can be found at: https://www.activecampaign.com/privacy-policy.
EU Standard Contractual Clauses
ActiveCampaign regulates the data exchange to the USA based on EU standard contract clauses. For more details, please visit: https://www.activecampaign.com/gdpr-updates/.
Legal basis
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
Storage duration
The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remain unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
Conclusion of a contract for order processing
We have concluded an order processing contract with ActiveCampaign and fully implement the strict requirements of the German data protection authorities when using ActiveCampaign.
Freebusy – Book appointments online
You have the possibility to book an appointment on my website. I use the online calendar “Freebusy.io” to request and select an appointment. “Freebusy” is a service provided by FreeBusy, Inc, 340 S Lemon Ave Suite 2890 ,Walnut CA 91789, United States.
When you go to the appropriate appointment booking page, you will automatically be connected to my appointment account at Freebusy. After choosing your appointment, confirming it and entering your contact details and concerns, you will receive an email from Freebusy confirming your appointment.
Your information from the Freebusy form, including the data you provide there, will be stored by me for the purpose of processing the request and in case of follow-up questions. This data remains with me until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. appointment made). Mandatory legal provisions – in particular retention periods – remain unaffected.
Furthermore, I have concluded a “Data Processing Addendum” with Freebusy. This is a contract in which Freebusy undertakes to protect the data of my users, to process it on my behalf in accordance with its data protection provisions and, in particular, not to pass it on to third parties.
For more information about Freebusy and data protection and IT security at Freebusy, please see the following links:
Privy – Overlays
Within this online offer, functions and contents of the service Privy, offered by Privy Inc, 125 Kingston St, 6th Floor, Boston, MA 02111, USA, are integrated. This may include, for example, input masks via which the e-mail address for receiving our newsletter is recorded. To Privy’s privacy policy: https://privy.com/privacy-policy/.
Segment.io – Customer Data Platform
This website uses Segment.io, a service provided by Segment.io, Inc, 101 15th St, San Francisco, CA 94103, USA (“Segment”) for data analysis. The service helps us to collect and analyze the access data generated when using our website.
The data is analyzed with the help of the other third-party tools described in this statement for usage analysis and used for website optimization. The collected usage data is only processed pseudonymously, IP addresses are shortened accordingly after their collection and the data is not used to merge usage profiles with your personal data.
The information about the use of our website is usually transferred to a Segment server in the USA and stored there. Segment expressly assures us by contract that it will comply with the European data protection requirements.
You can object to the collection of data for these purposes by preventing the storage of cookies via your browser settings.
(Segment is only used temporarily and can therefore be completely deactivated at times).
Google Tag Manager – Tag Management
Google Tag Manager is a solution that allows us to manage so-called website tags via an interface (and thus, for example, integrate Google Analytics and other Google marketing services into our online offering). The Tag Manager itself (which implements the tags) does not process any personal data of the users. With regard to the processing of users’ personal data, reference is made to the following information on Google services. Usage Guidelines: https://www.google.com/intl/de/tagmanager/use-policy.html.
Matomo Analytics
This website uses Matomo, an open source, self-hosted software to collect anonymous usage data for this website.
The data on visitors’ behavior is collected to find out possible problems such as pages not found, search engine problems or unpopular pages. Once the data (number of visitors who see error pages or only one page, etc.) is processed, Matomo generates reports for website owners to act on. (layout changes, new content, etc.)
Basis of Legitimate Interest: Data processing is based on the principle of legitimate interest.
Processing the data helps us find out what works and what doesn’t on our site. For example, we use it to find out whether the content is well received or how we can improve the structure of the website. Our team benefits from this and can respond to it. Due to the data processing, you thus benefit from a website that is constantly improving. Without the data we could not provide the service. Your data will only be used to improve the use of the website.
Details on transfer to third countries: The data on this website and Matomo are hosted in Germany. The data never leaves the EU.
Data subjects’ rights: Since Matomo collects data based on legitimate interest, you may exercise the following rights:
– Right of access and data portability: You can request all your data at any time.
– Right to erasure and rectification: You can request at any time that we completely erase all your data.
– Right to object and restrict processing: You can object to data collection at any time by selecting “DoNotTrack” in your browser or by logging out here:
The right to file a complaint with the data protection authority: If you think that the way we process your data with Matomo violates the law, you have the right to file a complaint with the data protection authority.
Piwik PRO & Piwik Pro Tag Manager
Our website uses the analysis platform Piwik Pro, a service of “Piwik PRO GmbH”, a company located at Kurfürstendamm 21, 10719 Berlin. This software is used to collect data for the needs-based design of our website and for the statistical evaluation of visitor flows for marketing and optimization purposes. In the process, pseudonymous usage profiles are also created. For this purpose, cookies are used which are stored on your computer and which enable a pseudonymous analysis of your use of our website. The IP address is shortened immediately after collection and before storage. The collected data is transferred to Piwik Pro servers located in the EU and stored. With Piwik Pro, no data is transmitted to servers that are outside of our control.
We store the analysis data only as long as the purpose of the data processing requires, but for a maximum of 25 months. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. If you do not agree with the storage and evaluation of your usage data from your visit to our website, you can revoke the processing at any time with effect for the future.
Information on data protection by the service provider can be found here: https://piwikpro.de/datenschutz.
The legal basis for the use of Piwik Pro is your consent, Art. 6 para. 1 p. 1 lit. a) GDPR.
Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC (“Google”), on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 (1) lit. f. DSGVO) Google Analytics, a web analytics service provided by Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there.
Google processes the data on the basis of EU standard contractual clauses, which are supplemented by a Data Processing Addedum (DPA).
Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. In doing so, pseudonymous usage profiles of the users can be created from the processed data.
We use Google Analytics only with IP anonymization enabled. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
The IP address transmitted by the user’s browser is not merged with other data from Google. Users may prevent the storage of cookies by selecting the appropriate settings on their browser software; users may also prevent the collection of data generated by the cookie and related to their use of the online service by Google, as well as the processing of such data by Google, by selecting
- download and install the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de
- set an opt-out cookie that prevents the collection of your data during future visits to this website. By clicking on the following link, the opt-out cookie will be set: Disable Google Analytics
For more information about Google’s use of data, settings and opt-out options, please refer to Google’s privacy policy (https://policies.google.com/privacy) and the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).
Users’ personal data is deleted or anonymized after 14 months.
Google Doubleclick
We use the services of Google LLC, 1600 Amphitheatre Park Park Mountain View, CA 9.0.2008 (“Google”) on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO). DSGVO) the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).
The data exchange with Google is regulated based on EU standard contractual clauses.
We use the online marketing method Google “Doubleclick” to place ads in the Google advertising network (e.g., in search results, in videos, on web pages, etc.). Double Click is characterized by displaying ads in real time based on users’ presumed interests. This allows us to display ads for and within our online offering in a more targeted manner in order to only present users with ads that potentially match their interests. If, for example, a user is shown ads for products he or she was interested in on other online offers, this is referred to as “remarketing”. For these purposes, when our website and other websites on which the Google advertising network is active are called up, a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also referred to as “web beacons”) are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies can also be used instead of cookies). This file records which web pages the user has visited, which content the user is interested in and which offers the user has clicked on, as well as technical information about the browser and operating system, referring web pages, time of visit and other information about the use of the online offer.
The IP address of the user is also recorded, whereby this is truncated within member states of the European Union or in other contracting states to the Agreement on the European Economic Area and only in exceptional cases is transferred in full to a Google server in the USA and truncated there. The above information may also be combined by Google with such information from other sources. When the user subsequently visits other websites, he or she can be shown ads tailored to his or her presumed interests based on his or her user profile.
User data is processed pseudonymously within the Google advertising network. I.e. Google does not store and process e.g. the name or email address of the users, but processes the relevant data cookie-related within pseudonymous user profiles. I.e. from Google’s point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected by Google marketing services about users is transmitted to Google and stored on Google’s servers in the USA.
For more information about Google’s use of data, settings and opt-out options, please see Google’s privacy policy (https://policies.google.com/technologies/ads) and the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).
Google Ads and conversion measurement
We use the online marketing method “Google Ads” to place ads in the Google advertising network (e.g., in search results, in videos, on web pages, etc.) so that they are displayed to users who have a presumed interest in the ads. Furthermore, we measure the conversion of the ads. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page tagged with a so-called “conversion tracking tag”. However, we ourselves do not receive any information with which users can be identified. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https: //marketingplatform.google.com; privacy policy: https: //policies.google.com/privacy; EU standard contractual clauses (guaranteeing level of data protection when processing data in the USA).
Google Ad Manager
We use the “Google Marketing Platform” (and services such as “Google Ad Manager”) to place ads on the Google advertising network (e.g., in search results, in videos, on web pages, etc.). The Google Marketing Platform is characterized by the fact that ads are displayed in real time based on presumed user interests. This allows us to display ads for and within our online offering in a more targeted manner in order to only present users with ads that potentially match their interests. If, for example, a user is shown ads for products he or she was interested in on other online offers, this is referred to as “remarketing”. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https: //marketingplatform.google.com; privacy policy: https: //policies.google.com/privacy; EU standard contractual clauses (guaranteeing level of data protection when processing data in the USA).
(Google Ads and the Google Ads Conversion Tags are only used temporarily and can therefore also be completely deactivated at times).
Plausible Analytics
This website uses the open source web analysis service Plausible. Plausible uses technologies that make it possible to recognize the user across multiple pages with the aim of analyzing the user patterns (e.g. device fingerprinting). The information recorded by Plausible about the use of this website will be stored on their server. Prior to archiving, the IP address will first be anonymized.
Through Plausible, we are able to collect and analyze data on the use of our website by website visitors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we collect various log files (e.g. referrer, browser, and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.
(Plausible Analytics is only used temporarily and can therefore also be completely deactivated at times).
Visitor Analytics
1. visitor analytics
Visitor Analytics is a simple website analytics service which measures the traffic on our website and website visitors’ general details. We collect statistics like which pages visitors visit and when, where they are approximately located, where they land first or if they are coming from a specific referral, to make our website visitors’ experience better.
As a website operator using Visitor Analytics, we processinformation about our visitors’ device type and screen size/resolution, approximate location, browser, OS, IPs, page visits, bounce rate, conversions, conversion funnels, average sessions per visitor, average pages per session, average session duration, time spent on the website and preferably visited content on the website. All this data is pseudonymized and Visitor Analytics will not use the collected data to identify individual users or to match the data with additional information on an individual user.
We do not use cookies to collect this data. Instead, we use the so-called fingerprinting technology that does not require placing any cookies, files or technology on your device. Fingerprinting relies on your device’s technical attributes and combines them to identify your device as a unique device and allow for reliable analytics.
2. visitor recordings
Visitor Recordings is an additional feature to Visitor Analytics (described above) in the form of a simple website replay tool that records in statistics where our website visitors scrolled to and what they clicked on our website. We can see this information in playbacks and so called “heatmaps”. Collecting these statistics helps us to make our website more user-friendly as well as to reproduce and fix technical errors.
Basically, as a website operator using Visitor Recordings, we are using a snippet of tracking code to collect data about our visitors’ journey on our websites, which subpages they visit, what they clicked on, where they moved their mouse cursor to and where they scrolled. All this data is pseudonymized and Visitor Analytics will not use the collected data to identify individual users or to match it with additional information on an individual user.
(Visitor Analytics is only used temporarily and can therefore also be completely deactivated at times).
LinkedIn Insights Tag
We process personal data for online marketing purposes, which include, in particular, the display of promotional and other content (collectively, “Content”) based on potential user interests and measuring its effectiveness.
For these purposes, so-called user profiles are created and stored in a file (so-called “cookie”) or similar procedures are used, by means of which the user data relevant to the presentation of the aforementioned content is stored. This information may include, for example, content viewed, web pages visited, online networks used, but also communication partners and technical information such as the browser used, the computer system used, and information on usage times. If users have consented to the collection of their location data, this can also be processed.
The IP addresses of the users are also stored. However, we use IP masking procedures (i.e., pseudonymization by shortening the IP address) to protect users. In general, no clear user data (such as e-mail addresses or names) is stored as part of the online marketing process, but pseudonyms are. This means that we, as well as the providers of the online marketing methods, do not know the actual identity of the users, but only the information stored in their profiles.
The information in the profiles is usually stored in the cookies or by means of similar procedures. These cookies can later generally be read on other websites that use the same online marketing method and analyzed for the purpose of displaying content as well as supplemented with further data and stored on the server of the online marketing method provider.
Exceptionally, clear data can be assigned to profiles. This is the case, for example, if the users are members of a social network whose online marketing methods we use and the network links the profiles of the users in the aforementioned data. We ask you to note that users can make additional agreements with the providers, e.g. by giving their consent as part of the registration process.
We generally only receive access to aggregate information about the success of our advertisements. However, in the context of so-called conversion measurements, we can check which of our online marketing processes have led to a so-called conversion, i.e., for example, to a contract being concluded with us. Conversion measurement is used solely to analyze the success of our marketing efforts.
Notes on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to refer you to the information on the use of cookies in this privacy policy.
LinkedIn Insights Tag / Conversion Measurement; Service Provider: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA; website : https://www.linkedin.com; security measures: IP masking (pseudonymization of the IP address); Privacy policy: https://www.linkedin.com/legal/privacy-policy, Cookie policy: https://www.linkedin.com/legal/cookie_policy; EU standard contractual clauses (guarantee level of data protection when processing data in the USA); Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
(The LinkedIn Insights tag is only used temporarily and can therefore be completely deactivated at times).
Mouseflow – Customer Experience Management
This website uses Mouseflow, a web analytics tool provided by Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark. Data processing serves the purpose of analyzing this website and its visitors. For this purpose, data is collected and stored for marketing and optimization purposes. From this data, usage profiles can be created under a pseudonym. Cookies can be used for this purpose. With the web analysis tool Mouseflow, randomly selected individual visits (only with anonymized IP address) are recorded. This creates a log of mouse movements and clicks with the intention of randomly replaying individual website visits and deriving potential improvements for the website. The data collected with Mouseflow will not be used to personally identify the visitor to this website without the separately granted consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym.
The processing is based on Art. 6 (1) f) DSGVO from the legitimate interest in direct customer communication and in the design of the website to meet the needs. You have the right to object at any time, on grounds relating to your particular situation, to this processing of personal data concerning you based on Art. 6 (1) f DSGVO. To do this, you can deactivate a recording on all websites that use Mouseflow globally for the browser you are currently using at the following link: https://mouseflow.de/opt-out/
(Mouseflow is only used temporarily and can therefore be completely deactivated at times).
Hotjar – Customer Experience Management
We use Hotjar to better understand the needs of our users and to optimize the offer on this website. Using Hotjar’s technology, we get a better understanding of our users’ experiences (e.g. how much time users spend on which pages, which links they click on, what they like and don’t like, etc.) and this helps us tailor our offering to our users’ feedback. Hotjar works with cookies and other technologies to collect information about the behavior of our users and about their terminal devices (in particular, IP address of the device (collected and stored only in anonymized form), screen size, device type (unique device identifiers), information about the browser used, location (country only), language preferred to view our website). Hotjar stores this information in a pseudonymized user profile. The information is not used by Hotjar or us to identify individual users or merged with other data about individual users. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR. For more information, please see Hotjar’s privacy policy: https://www.hotjar.com/legal/policies/privacy
You can object to Hotjar storing a user profile and information about your visit to our website and to Hotjar setting tracking cookies on other websites via this link: https://www.hotjar.com/legal/compliance/opt-out
(Hotjar is only used intermittently and may therefore be completely disabled at times).
Facebook Pixel
With the help of the Facebook pixel, it is possible for Facebook, on the one hand, to determine the visitors to our online offer as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel in order to display the Facebook ads placed by us only to such users on Facebook and within the services of the partners cooperating with Facebook (so-called “Audience Network”). https://www.facebook.com/audiencenetwork/ ) who have also shown an interest in our online offer or who have certain characteristics (e.g. interest in certain topics or products that are evident from the web pages visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. With the help of the Facebook pixel, we can further track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion measurement”).
(The Facebook pixel is only used temporarily and can therefore also be completely deactivated at times).
Presence in social networks
We maintain online presences within social networks in order to communicate with users active there or to offer information about us there.
We would like to point out that in the process, user data may be processed outside the area of the European Union. This may give rise to risks for users because, for example, it could make it more difficult to enforce users’ rights. With regard to U.S. providers that are based on EU standard contractual clauses or offer comparable guarantees of a secure level of data protection, we point out that they thereby commit themselves to comply with EU data protection standards.
Furthermore, user data within social networks is usually processed for market research and advertising purposes. For example, usage profiles can be created based on the usage behavior and resulting interests of the users. The usage profiles can in turn be used, for example, to display advertisements within and outside the networks that presumably correspond to the users’ interests. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data may also be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
For a detailed presentation of the respective forms of processing and the options to object (opt-out), we refer to the privacy statements and information provided by the operators of the respective networks.
Also in the case of requests for information and the assertion of data subject rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the users’ data in each case and can take appropriate measures and provide information directly. If you still need help, then you can contact us.
- Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g., website visitors, users of online services).
- Purposes of processing: contact requests and communication, tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors).
- Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
Services used and service providers:
- Instagram : Social network; Service provider: Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA; website: https://www.instagram.com; privacy policy: http: //instagram.com/about/legal/privacy.
- Facebook: Social network; service provider: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com; Privacy policy: https://www.facebook.com/about/privacy; EU standard contractual clauses (guarantee level of data protection when processing data in the USA); Opt-out option: Settings for advertisements: https: //www.facebook.com/settings?tab=ads; Additional privacy notices: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/terms/page_controller_addendum, Privacy notices for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.
- LinkedIn: social network; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website: https://www.linkedin.com; privacy policy: https://www.linkedin.com/legal/privacy-policy; EU standard contractual clauses (guarantee level of data protection when processing data in the USA); opt-out: https: //www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
- Twitter: Social network; Service provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Privacy policy: https: //twitter.com/de/privacy,(settings) https://twitter.com/personalization; EU standard contractual clauses (guarantee level of data protection when processing data in the USA).
- YouTube: Social network; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; privacy policy: https://policies.google.com/privacy; EU standard contractual clauses (guarantee level of data protection when processing data in the USA); opt-out: https: //adssettings.google.com/authenticated.
- Xing: Social network; Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; website: https: //www.xing.de; privacy policy: https: //privacy.xing.com/de/datenschutzerklaerung.
Plugins and embedded functions and content
We incorporate into our online offering functional and content elements that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). This may include, for example, graphics, videos or social media buttons as well as posts (hereinafter uniformly referred to as “Content”).
The integration always requires that the third-party providers of this content process the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is thus required for the display of these contents or functions. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit, and other information about the use of our online offering, as well as being linked to such information from other sources.
Notes on legal bases: If we ask users for their consent to use the third-party providers, the legal basis for processing data is consent. Otherwise, user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to refer you to the information on the use of cookies in this privacy policy.
Integration of third-party software, scripts or frameworks (e.g. jQuery): We integrate software into our online offer that we retrieve from servers of other providers (e.g., function libraries that we use for the purpose of presentation or user-friendliness of our online offer). In doing so, the respective providers collect the IP address of the users and may process it for the purpose of transmitting the software to the users’ browser and for security purposes, as well as for the evaluation and optimization of their offer.
- Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), inventory data (e.g. names, addresses).
- Data subjects: Users (e.g. website visitors, users of online services), communication partners.
- Purposes of processing: provision of our online offer and user-friendliness, contractual performance and service, contact requests and communication, direct marketing (e.g. by e-mail or postal mail), tracking (e.g. interest/behavior-based profiling, use of cookies), interest-based and behavior-based marketing, profiling (creation of user profiles), security measures, administration and response to requests.
- Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO), consent (Art. 6 para. 1 p. 1 lit. a DSGVO), contract performance and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b. DSGVO).
Services used and service providers:
- Google Fonts: We integrate the fonts (“Google Fonts”) of the provider Google, whereby the user’s data is used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible licensing restrictions for their integration. Service Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://fonts.google.com/; privacy policy: https: //policies.google.com/privacy; EU standard contractual clauses (guaranteeing level of data protection when processing data in the USA).
- LinkedIn plugins and buttons: LinkedIn Plugins and Buttons – This may include, for example, content such as images, videos or text and buttons that allow users to share content from this online offering within LinkedIn. Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website: https://www.instagram.com; privacy policy: https://www.linkedin.com/legal/privacy-policy; EU standard contractual clauses (guarantee level of data protection when processing data in the USA); opt-out: https: //www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
- SlideShare Presentations: Integration of SlideShare presentations; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website: https://www.linkedin.com; privacy policy: https: //www.linkedin.com/legal/privacy-policy; EU standard contractual clauses (ensuring level of data protection when processing data in the USA): .
- YouTube: Videos; Service Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://www.youtube.com; Privacy Policy: https://policies.google.com/privacy; EU standard contractual clauses (guarantee level of data protection when processing data in the USA); Opt-out: Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, settings for the display of advertisements: https://adssettings.google.com/authenticated.