Pri­va­cy policy

Intro­duc­tion

With the fol­low­ing data pro­tec­tion dec­la­ra­tion we would like to inform you about what types of your per­son­al data (here­inafter also referred to briefly as “data”) we process for what pur­pos­es and to what extent. The data pro­tec­tion dec­la­ra­tion applies to all pro­cess­ing of per­son­al data car­ried out by us, both in the con­text of the pro­vi­sion of our ser­vices and in par­tic­u­lar on our web­sites, in mobile appli­ca­tions and with­in exter­nal online pres­ences, such as .B our social media pro­files (col­lec­tive­ly referred to as “Online Offer”).

The terms used are not gen­der specific.

As of Decem­ber 1, 2020

Index

Respon­si­ble

Stiftung Solaren­ergie. Sendea gGmbH
Am Schön­berg 8b
79280 Au

Per­sons enti­tled to rep­re­sent: Dr. Har­ald Schützeichel

E‑mail address: hs@startup-energy.org

Imprint: https://startup-energy.org/impressum/

Overview of pro­cess­ing operations

The fol­low­ing overview sum­maris­es the types of data processed and the pur­pos­es of their pro­cess­ing and refers to the data subjects.

Types of data processed

  • Event data (Face­book) (“Event Data” is data.B that may be trans­mit­ted by us to Face­book via Face­book pix­els (via apps or oth­er ways) and relate to per­sons or their actions; Data includes, for example.B infor­ma­tion about vis­its to web­sites, inter­ac­tions with con­tent, fea­tures, instal­la­tion of apps, pur­chas­es of prod­ucts, etc.; the event data is processed for the pur­pose of cre­at­ing tar­get groups for con­tent and adver­tis­ing infor­ma­tion (Cus­tom Audi­ences); Event data does not include the actu­al con­tent (such as comments.B. writ­ten), login infor­ma­tion and no con­tact infor­ma­tion (i.e. no names, email address­es and phone num­bers). Event data is delet­ed by Face­book after a max­i­mum of two years, the tar­get groups formed from them with the dele­tion of our Face­book account).
  • inven­to­ry data (e.g. names, addresses).
  • con­tent data (e.g. entries in online forms).
  • Con­tact details (e.g. e‑mail, tele­phone numbers).
  • Meta/communication data (e.g. device infor­ma­tion, IP addresses).
  • Usage data (e.g. web­sites vis­it­ed, inter­est in con­tent, access times).
  • Loca­tion data (infor­ma­tion about the geo­graph­ic loca­tion of a device or person).
  • Con­tract data (e.g. sub­ject mat­ter of the con­tract, term, cus­tomer category).
  • Pay­ment data (e.g. bank details, invoic­es, pay­ment history).

Cat­e­gories of affect­ed persons

  • busi­ness and con­trac­tu­al partners.
  • Com­mu­ni­ca­tion.
  • Mem­bers.
  • users (e.g. web­site vis­i­tors, users of online services).

Pur­pos­es of processing

  • Pro­vi­sion of our online offer and user-friendliness.
  • Cross-device track­ing (cross-device pro­cess­ing of user data for mar­ket­ing purposes).
  • Direct mar­ket­ing (e.g. by e‑mail or postal).
  • Inter­est-based and behav­ioral marketing.
  • Con­tact requests and communication.
  • Pro­fil­ing.
  • Remar­ket­ing.
  • Range mea­sure­ment (e.g. access sta­tis­tics, detec­tion of return­ing visitors).
  • Secu­ri­ty.
  • Track­ing (e.g. interest/behavioural pro­fil­ing, use of cookies).
  • pro­vi­sion of con­trac­tu­al ser­vices and cus­tomer service.
  • Man­age and respond to requests.
  • Tar­get group inge­si­ty (deter­mi­na­tion of tar­get groups rel­e­vant for mar­ket­ing pur­pos­es or oth­er con­tent output).

Rel­e­vant legal bases

In the fol­low­ing, we pro­vide the legal bases of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR), on the basis of which we process the per­son­al data. Please note that in addi­tion to the pro­vi­sions of the GDPR, the nation­al data pro­tec­tion require­ments may apply in your or our coun­try of res­i­dence and res­i­dence. Should more spe­cif­ic legal bases be rel­e­vant in indi­vid­ual cas­es, we will inform you of them in the data pro­tec­tion declaration.

  • Con­sent (Art. 6 sec. 1 p. 1 lit. a. GDPR) — The data sub­ject has giv­en his con­sent to the pro­cess­ing of the per­son­al data con­cern­ing him for a spe­cif­ic pur­pose or sev­er­al spe­cif­ic purposes.
  • Per­for­mance of the con­tract and pre-con­trac­tu­al enquiries (Art. 6 sec. 1 p. 1 lit. b. GDPR) — The pro­cess­ing is nec­es­sary for the per­for­mance of a con­tract to which the data sub­ject is a par­ty or for the imple­men­ta­tion of pre-con­trac­tu­al mea­sures, which take place at the request of the data subject.
  • Eli­gi­ble inter­ests (Art. 6 sec. 1 p. 1 lit. f. GDPR) — The pro­cess­ing is nec­es­sary to safe­guard the legit­i­mate inter­ests of the con­troller or a third par­ty, unless the inter­ests or fun­da­men­tal rights and free­doms of the data sub­ject, which require the pro­tec­tion of per­son­al data, prevail.

Nation­al data pro­tec­tion reg­u­la­tions in Ger­many: In addi­tion to the data pro­tec­tion reg­u­la­tions of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion , nation­al reg­u­la­tions on data pro­tec­tion apply in Ger­many. This includes in par­tic­u­lar the Act on the Pro­tec­tion against Mis­use of Per­son­al Data in Data Pro­cess­ing (Fed­er­al Data Pro­tec­tion Act – BDSG). In par­tic­u­lar, the BDSG con­tains spe­cial pro­vi­sions on the right to infor­ma­tion, the right to era­sure, the right to object, the pro­cess­ing of spe­cial cat­e­gories of per­son­al data, pro­cess­ing for oth­er pur­pos­es and trans­mis­sion, as well as auto­mat­ed deci­sion-mak­ing in indi­vid­ual cas­es, includ­ing pro­fil­ing. It also reg­u­lates data pro­cess­ing for the pur­pos­es of the employ­ment rela­tion­ship (Sec­tion 26 of the BDSG), in par­tic­u­lar with regard to the estab­lish­ment, imple­men­ta­tion or ter­mi­na­tion of employ­ment rela­tion­ships as well as the con­sent of employ­ees. In addi­tion, state data pro­tec­tion laws of the indi­vid­ual fed­er­al states can be applied.

Secu­ri­ty

We shall take appro­pri­ate tech­ni­cal and organ­i­sa­tion­al mea­sures to ensure a lev­el of pro­tec­tion com­men­su­rate with the risk, tak­ing into account the state of the art, the cost of imple­men­ta­tion and the nature, the scope of the pro­cess­ing, as well as the dif­fer­ent prob­a­bil­i­ty of occur­rence and the extent of the threat to the rights and free­doms of nat­ur­al persons.

Mea­sures include, in par­tic­u­lar, ensur­ing the con­fi­den­tial­i­ty, integri­ty and avail­abil­i­ty of data by con­trol­ling phys­i­cal and elec­tron­ic access to the data, as well as access to, entry, dis­clo­sure, secur­ing avail­abil­i­ty and sep­a­ra­tion. In addi­tion, we have estab­lished pro­ce­dures that ensure the exer­cise of data sub­jects’ rights, the era­sure of data and reac­tions to the risk of the data. Fur­ther­more, we take into account the pro­tec­tion of per­son­al data already in the devel­op­ment or selec­tion of hard­ware, soft­ware and pro­ce­dures in accor­dance with the prin­ci­ple of data pro­tec­tion, through tech­ni­cal design and through data pro­tec­tion-friend­ly presets.

SSL encryp­tion (https): In order to pro­tect your data trans­mit­ted via our online offer, we use SSL encryp­tion. You can detect encrypt­ed con­nec­tions by the pre­fix https:// in the address bar of your browser.

Data pro­cess­ing in third countries

If we process data in a third coun­try (i.e., out­side the Euro­pean Union (EU), the Euro­pean Eco­nom­ic Area (EEA)) or if the pro­cess­ing takes place in the con­text of the use of third-par­ty ser­vices or the dis­clo­sure or trans­fer of data to oth­er per­sons, enti­ties or com­pa­nies, this is only in accor­dance with the legal requirements.

Sub­ject to express con­sent or con­trac­tu­al or legal­ly required trans­mis­sion, we process or have the data processed only in third coun­tries with a recog­nised lev­el of data pro­tec­tion, con­trac­tu­al oblig­a­tion by so-called stan­dard safe­guard claus­es of the EU Com­mis­sion, in the pres­ence of cer­ti­fi­ca­tions or bind­ing inter­nal data pro­tec­tion reg­u­la­tions (Art. 44 to 49 GDPR, infor­ma­tion page of the Euro­pean Com­mis­sion: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).

Use of cookies

Cook­ies are text files that con­tain data from web­sites or domains vis­it­ed and are stored by a brows­er on the user’s com­put­er. A cook­ie is pri­mar­i­ly used to store the infor­ma­tion about a user dur­ing or after his vis­it with­in an online offer. The stored infor­ma­tion may include, for exam­ple, the lan­guage set­tings on a web­site, the login sta­tus, a shop­ping cart or the loca­tion where a video was viewed. The term cook­ies also includes oth­er tech­nolo­gies that per­form the same func­tions as cook­ies (e.g. when user infor­ma­tion is stored on the basis of pseu­do­ny­mous online iden­ti­fiers, also known as “user IDs”)

The fol­low­ing types of cook­ies and func­tions are distinguished:

  • Tem­po­rary cook­ies (also: ses­sion or ses­sion cook­ies): Tem­po­rary cook­ies are delet­ed at the lat­est after a user has left an online offer and closed his browser.
  • Per­ma­nent cook­ies: Per­ma­nent cook­ies remain stored even after clos­ing the brows­er. For exam­ple, the login sta­tus can be saved or pre­ferred con­tent can be dis­played direct­ly when the user vis­its a web­site again. Sim­i­lar­ly, the inter­ests of users used for range mea­sure­ment or mar­ket­ing pur­pos­es may be stored in such a cookie.
  • First-par­ty cook­ies: First-par­ty cook­ies are set by us.
  • Third-par­ty cook­ies (also: third-par­ty cook­ies): Third-par­ty cook­ies are main­ly used by adver­tis­ers (so-called third par­ties) to process user information.
  • Nec­es­sary (also: essen­tial or absolute­ly nec­es­sary) cook­ies: On the one hand, cook­ies may be strict­ly nec­es­sary for the oper­a­tion of a web­site (e.g. to store logins or oth­er user entries or for rea­sons of security).
  • Sta­tis­tics, mar­ket­ing and per­son­al­iza­tion cook­ies: In addi­tion, cook­ies are usu­al­ly also used in the con­text of range mea­sure­ment and when the inter­ests of a user or his behav­iour (e.g. view­ing cer­tain con­tent, ben­e­fits of func­tions, etc.) are stored on indi­vid­ual web­sites in a user pro­file. Such pro­files are used to dis­play to users, for exam­ple, con­tent that cor­re­sponds to their poten­tial inter­ests. This pro­ce­dure is also referred to as “track­ing”, i.e. track­ing the poten­tial inter­ests of users. Inso­far as we use cook­ies or “track­ing” tech­nolo­gies, we will inform you sep­a­rate­ly in our pri­va­cy pol­i­cy or in the con­text of obtain­ing consent.

Notes on legal bases: The legal basis on which we process your per­son­al data using cook­ies depends on whether we ask you for your con­sent. If this is the case and you con­sent to the use of cook­ies, the legal basis for the pro­cess­ing of your data is the declared con­sent. Oth­er­wise, the data processed by cook­ies will be processed on the basis of our legit­i­mate inter­ests (e.g. in the busi­ness oper­a­tion of our online offer and its improve­ment) or, if the use of cook­ies is nec­es­sary, in order to ful­fil our con­trac­tu­al obligations.

Stor­age time: Unless we pro­vide you with explic­it infor­ma­tion about the stor­age peri­od of per­ma­nent cook­ies (e.g. as part of a so-called cook­ie opt-in), please assume that the stor­age peri­od can be up to two years.

Gen­er­al notes on revo­ca­tion and oppo­si­tion (opt-out): Depend­ing on whether the pro­cess­ing is based on con­sent or legal per­mis­sion, you have the option at any time to revoke your con­sent or to object to the pro­cess­ing of your data by cook­ie tech­nolo­gies (col­lec­tive­ly, “opt-out”). You can first declare your objec­tion by means of the set­tings of your brows­er, e.g. by dis­abling the use of cook­ies (where­by the func­tion­al­i­ty of our online offer may also be lim­it­ed). An objec­tion to the use of cook­ies for online mar­ket­ing pur­pos­es can also be explained by means of a vari­ety of ser­vices, espe­cial­ly in the case of track­ing, through the web­sites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addi­tion, you can receive fur­ther notices of objec­tion with­in the scope of the infor­ma­tion on the ser­vice providers and cook­ies used.

Pro­cess­ing of cook­ie data on the basis of con­sent: We use a cook­ie con­sent man­age­ment pro­ce­dure in which the con­sents of users can be obtained in the use of cook­ies, or the process­es and providers men­tioned in the con­text of the cook­ie con­sent man­age­ment pro­ce­dure, as well as man­aged and revoked by the users. In this case, the dec­la­ra­tion of con­sent is stored in order not to have to repeat its query and to be able to prove the con­sent in accor­dance with the legal oblig­a­tion. The stor­age can be car­ried out on the serv­er side and/or in a cook­ie (so-called opt-in cook­ie, or with the help of com­pa­ra­ble tech­nolo­gies) in order to be able to assign the con­sent to a user or his device. Sub­ject to indi­vid­ual infor­ma­tion about the providers of cook­ie man­age­ment ser­vices, the fol­low­ing instruc­tions apply: The dura­tion of the stor­age of con­sent can be up to two years. Here, a pseu­do­ny­mous user iden­ti­fi­er is formed and stored with the time of con­sent, infor­ma­tion on the scope of con­sent (e.B. which cat­e­gories of cook­ies and/or ser­vice providers) as well as the brows­er, sys­tem and used ter­mi­nal device.

  • Types of data processed: Usage data (e.g. web­sites vis­it­ed, inter­est in con­tent, access times), meta/communication data (e.g. device infor­ma­tion, IP addresses).
  • Per­sons affect­ed: users (e.g. web­site vis­i­tors, users of online services).
  • Legal bases: Con­sent (Art. 6 sec. 1 p. 1 lit. a. GDPR), legit­i­mate inter­ests (Art. 6 sec. 1 p. 1 lit. f. GDPR).

Exe­cu­tion of tasks in accor­dance with the Statutes or Rules of Procedure

We process the data of our mem­bers, sup­port­ers, inter­est­ed par­ties, busi­ness part­ners or oth­er per­sons (col­lec­tive­ly ‚affect­ed) if we are in a mem­ber­ship or oth­er busi­ness rela­tion­ship with them and per­form our duties and are recip­i­ents of ben­e­fits and ben­e­fits. In addi­tion, we process the data of data sub­jects on the basis of our legit­i­mate inter­ests, e.B. in the case of admin­is­tra­tive tasks or pub­lic relations.

The data processed here, the nature, scope and pur­pose and the neces­si­ty of their pro­cess­ing are deter­mined by the under­ly­ing mem­ber­ship or con­trac­tu­al rela­tion­ship, which also deter­mines the neces­si­ty of any data data (in addi­tion, we point out required data).

We delete data that is no longer nec­es­sary for the pro­vi­sion of our statu­to­ry and busi­ness pur­pos­es. This is deter­mined accord­ing to the respec­tive tasks and con­trac­tu­al rela­tions. We retain the data for as long as they may be rel­e­vant for the exe­cu­tion of busi­ness, as well as with regard to any war­ran­ty or lia­bil­i­ty oblig­a­tions based on our legit­i­mate inter­est in reg­u­lat­ing it. The need for data reten­tion is reg­u­lar­ly reviewed; the statu­to­ry reten­tion oblig­a­tions shall apply.

  • Types of data processed: Inven­to­ry data (e.B. names, address­es), pay­ment data (e.B. bank details, invoic­es, pay­ment his­to­ry), con­tact details (e..B e‑mail, tele­phone num­bers), con­tract data (e..B. sub­ject mat­ter of the con­tract, term, cus­tomer category).
  • Per­sons affect­ed: Users (e.B. web­site vis­i­tors, users of online ser­vices), mem­bers, busi­ness and con­trac­tu­al partners.
  • Pur­pos­es of pro­cess­ing: Pro­vid­ing con­trac­tu­al ser­vices and cus­tomer ser­vice, con­tact requests and com­mu­ni­ca­tion, man­age­ment and response of enquiries.
  • Legal bases: Per­for­mance of con­tracts and pre-con­trac­tu­al enquiries (Art. 6 sec. 1 p. 1 lit. b. GDPR), Legit­i­mate inter­ests (Art. 6 sec. 1 p. 1 lit. f. GDPR).

Pro­vi­sion of the online offer and web hosting

In order to be able to pro­vide our online offer secure­ly and effi­cient­ly, we use the ser­vices of one or more web host­ing providers, from whose servers (or servers man­aged by them) the online offer can be accessed. For these pur­pos­es, we may use infra­struc­ture and plat­form ser­vices, com­put­ing capac­i­ty, stor­age space and data­base ser­vices, as well as secu­ri­ty and tech­ni­cal maintenance.

The data processed in the con­text of the pro­vi­sion of the host­ing offer may include all infor­ma­tion con­cern­ing the users of our online offer that is incurred in the con­text of use and com­mu­ni­ca­tion. This reg­u­lar­ly includes the IP address nec­es­sary to deliv­er the con­tents of online offers to browsers and all entries made with­in our online offer or from websites.

E‑mail ingesice and host­ing: The web host­ing ser­vices we use also include send­ing, receiv­ing and stor­ing e‑mails. For these pur­pos­es, the address­es of the recip­i­ents as well as senders as well as oth­er infor­ma­tion con­cern­ing the send­ing of e‑mails (e.g. the par­tic­i­pat­ing providers) as well as the con­tents of the respec­tive e‑mails are processed. The afore­men­tioned data may also be processed for the pur­pose of detect­ing SPAM. Please note that e‑mails are not sent encrypt­ed on the Inter­net. As a rule, e‑mails are encrypt­ed by trans­port, but (unless an end-to-end encryp­tion method is used) are not encrypt­ed on the servers from which they are sent and received. We there­fore can­not accept any respon­si­bil­i­ty for the trans­mis­sion of the e‑mails between the sender and the receipt on our server.

Col­lec­tion of access data and log files: We our­selves (or our web host­ing provider) col­lect data for every access to the serv­er (so-called serv­er log files). The serv­er log files may include the address and name of the retrieved web­sites and files, the date and time of the retrieval, the amount of data trans­ferred, the noti­fi­ca­tion of suc­cess­ful retrieval, the brows­er type and ver­sion, the user’s oper­at­ing sys­tem, refer­rer URL (the pre­vi­ous­ly vis­it­ed page) and, as a rule, IP address­es and the request­ing provider.

The serv­er log files can be used for secu­ri­ty pur­pos­es, e.g. to avoid over­load­ing the servers (espe­cial­ly in the case of abu­sive attacks, so-called DDoS attacks) and, on the oth­er hand, to ensure the uti­liza­tion of the servers and their stability.

  • Types of data processed: Con­tent data (e.g. entries in online forms), usage data (e.g. web­sites vis­it­ed, inter­est in con­tent, access times), meta/communication data (e.g. device infor­ma­tion, IP addresses).
  • Per­sons affect­ed: users (e.g. web­site vis­i­tors, users of online services).
  • Legal bases: Eli­gi­ble inter­ests (Art. 6 sec. 1 p. 1 lit. f. GDPR).

Con­tact

When con­tact­ing us (e.g. via con­tact form, e‑mail, tele­phone or via social media), the infor­ma­tion of the request­ing per­sons will be processed, inso­far as this is nec­es­sary to answer the con­tact requests and any nec­es­sary mea­sures requested.

The answer to con­tact requests in the con­text of con­trac­tu­al or pre-con­trac­tu­al rela­tion­ships is to ful­fil our con­trac­tu­al oblig­a­tions or to answer (pre)contractual enquiries and, in addi­tion, on the basis of the legit­i­mate inter­ests in answer­ing the enquiries.

  • Types of data processed: Inven­to­ry data (e.g. names, address­es), con­tact data (e.g. e‑mail, tele­phone num­bers), con­tent data (e.g. entries in online forms), usage data (e.g. web­sites vis­it­ed, inter­est in con­tent, access times), meta/communication data (e.g. device infor­ma­tion, IP addresses).
  • Per­sons affect­ed: Communication.
  • Pur­pos­es of pro­cess­ing: Con­tact requests and communication.
  • Legal bases: Per­for­mance of con­tracts and pre-con­trac­tu­al enquiries (Art. 6 sec. 1 p. 1 lit. b. GDPR), Legit­i­mate inter­ests (Art. 6 sec. 1 p. 1 lit. f. GDPR).

Newslet­ters and elec­tron­ic notifications

We only send newslet­ters, e‑mails and oth­er elec­tron­ic noti­fi­ca­tions (here­inafter “Newslet­ter”) with the con­sent of the recip­i­ents or a legal per­mis­sion. If the con­tents of the newslet­ter are specif­i­cal­ly described in the con­text of a reg­is­tra­tion, they are deci­sive for the con­sent of the users. For the rest, our newslet­ters con­tain infor­ma­tion about our ser­vices and us.

In order to sub­scribe to our newslet­ters, it is always suf­fi­cient if you pro­vide your e‑mail address. How­ev­er, we may ask you to pro­vide a name for per­son­al address in the newslet­ter, or oth­er infor­ma­tion if required for the pur­pos­es of the newsletter.

Dou­ble opt-in pro­ce­dure: The reg­is­tra­tion for our newslet­ter is basi­cal­ly done in a so-called dou­ble opt-in pro­ce­dure. This means that you will receive an e‑mail after reg­is­tra­tion ask­ing you to con­firm your reg­is­tra­tion. This con­fir­ma­tion is nec­es­sary so that no one can log in with for­eign e‑mail address­es. The reg­is­tra­tions for the newslet­ter are logged in order to be able to prove the reg­is­tra­tion process accord­ing to the legal require­ments. This includes stor­ing the login and con­fir­ma­tion time as well as the IP address. The changes to your data stored by the ship­ping ser­vice provider will also be logged.

Dele­tion and restric­tion of pro­cess­ing: We may store the e‑mail address­es for up to three years on the basis of our legit­i­mate inter­ests before delet­ing them in order to be able to prove a pre­vi­ous­ly giv­en con­sent. The pro­cess­ing of this data is lim­it­ed to the pur­pose of a pos­si­ble defense of claims. An indi­vid­ual request for can­cel­la­tion is pos­si­ble at any time, pro­vid­ed that the for­mer exis­tence of a con­sent is con­firmed at the same time. In the case of oblig­a­tions to per­ma­nent­ly observe con­tra­dic­tions, we reserve the right to store the e‑mail address sole­ly for this pur­pose in a block list (so-called “block list”).

The reg­is­tra­tion pro­ce­dure is logged on the basis of our legit­i­mate inter­ests for the pur­pose of prov­ing its prop­er con­duct. Inso­far as we com­mis­sion a ser­vice provider to send e‑mails, this is based on our legit­i­mate inter­ests in an effi­cient and secure ship­ping system.

Notes on legal bases: The newslet­ters are sent on the basis of the con­sent of the recip­i­ents or, if con­sent is not required, on the basis of our legit­i­mate inter­ests in direct mar­ket­ing, if and to the extent that this is per­mit­ted by law, e.g. in the case of exist­ing cus­tomer adver­tis­ing. Inso­far as we com­mis­sion a ser­vice provider to send e‑mails, this is done on the basis of our legit­i­mate inter­ests. The reg­is­tra­tion process is record­ed on the basis of our legit­i­mate inter­ests to prove that it was con­duct­ed in accor­dance with the law.

Con­tents: Infor­ma­tion about us, our events, pro­mo­tions and offers.

Analy­sis and suc­cess mea­sure­ment: The newslet­ters con­tain a so-called “web-bea­con”, i.e. a pix­el-sized file that is retrieved from our serv­er when open­ing the newslet­ter from our serv­er or, if we use a ship­ping ser­vice provider, from its serv­er. As part of this retrieval, tech­ni­cal infor­ma­tion such as infor­ma­tion about the brows­er and your sys­tem, as well as your IP address and the time of retrieval, are col­lect­ed first.

This infor­ma­tion is used to improve the tech­ni­cal aspects of our newslet­ter on the basis of the tech­ni­cal data or the tar­get groups and their read­ing behav­iour on the basis of their polling loca­tions (which can be deter­mined by means of the IP address) or the access times. This analy­sis also includes deter­min­ing whether the newslet­ters are opened, when they are opened and which links are clicked. For tech­ni­cal rea­sons, this infor­ma­tion can be assigned to the indi­vid­ual newslet­ter recip­i­ents. How­ev­er, it is nei­ther our inten­tion nor, if used, that of the ship­ping ser­vice provider to observe indi­vid­ual users. Rather, the eval­u­a­tions serve us to rec­og­nize the read­ing habits of our users and to adapt our con­tent to them or to send dif­fer­ent con­tent accord­ing to the inter­ests of our users.

The eval­u­a­tion of the newslet­ter and the mea­sure­ment of suc­cess are car­ried out, sub­ject to the express con­sent of the users, on the basis of our legit­i­mate inter­ests for the pur­pos­es of the use of a user-friend­ly and secure newslet­ter sys­tem, which serves both our busi­ness inter­ests and meets the expec­ta­tions of the users.

A sep­a­rate revo­ca­tion of the suc­cess mea­sure­ment is unfor­tu­nate­ly not pos­si­ble, in this case the entire newslet­ter sub­scrip­tion must be can­celled or must be contradicted.

Send­ing via SMS: The elec­tron­ic noti­fi­ca­tions can also be sent as SMS text mes­sages (or are sent exclu­sive­ly via SMS, if the ship­ping autho­riza­tion, e..B con­sent, includes only the send­ing via SMS).

  • Types of data processed: Inven­to­ry data (e.g. names, address­es), con­tact details (e.g. e‑mail, tele­phone num­bers), meta/communication data (e.g. device infor­ma­tion, IP address­es), usage data (e.g. web­sites vis­it­ed, inter­est in con­tent, access times).
  • Per­sons affect­ed: Communication.
  • Pur­pos­es of pro­cess­ing: Direct mar­ket­ing (e.g. by e‑mail or postal).
  • Legal bases: Con­sent (Art. 6 sec. 1 p. 1 lit. a. GDPR), legit­i­mate inter­ests (Art. 6 sec. 1 p. 1 lit. f. GDPR).
  • Pos­si­bil­i­ty of oppo­si­tion (opt-out): You can can­cel the receipt of our newslet­ter at any time, i.e. revoke your con­sents or object to fur­ther receipt. You can either find a link to can­cel the newslet­ter at the end of each newslet­ter or oth­er­wise use one of the above-men­tioned con­tact options, prefer­ably e‑mail.

Social media presences

We main­tain online pres­ences with­in social net­works and process users’ data in this con­text in order to com­mu­ni­cate with the users active there or to offer infor­ma­tion about us.

We would like to point out that users’ data can be processed out­side the Euro­pean Union. This can cre­ate risks for users, as this could, for exam­ple, make it more dif­fi­cult to enforce users’ rights.

Fur­ther­more, users’ data with­in social net­works are usu­al­ly processed for mar­ket research and adver­tis­ing pur­pos­es. For exam­ple, user pro­files can be cre­at­ed based on the user behav­iour and the result­ing inter­ests of the users. The user pro­files can in turn be used to dis­play adver­tise­ments inside and out­side the net­works, for exam­ple, which pre­sum­ably cor­re­spond to the inter­ests of the users. For these pur­pos­es, cook­ies are usu­al­ly stored on the users’ com­put­ers, in which the user’s usage behav­iour and the inter­ests of the users are stored. Fur­ther­more, data may also be stored in the user pro­files inde­pen­dent­ly of the devices used by the users (espe­cial­ly if the users are mem­bers of the respec­tive plat­forms and are logged in to them).

For a detailed descrip­tion of the respec­tive pro­cess­ing meth­ods and the opt-out, we refer to the data pro­tec­tion dec­la­ra­tions and infor­ma­tion of the oper­a­tors of the respec­tive networks.

We would also like to point out that these can be assert­ed most effec­tive­ly by the providers in the case of requests for infor­ma­tion and the asser­tion of data sub­jects’ rights. Only the providers have access to the data of the users and can take direct action and pro­vide infor­ma­tion. If you still need help, you can con­tact us.

Face­book: Togeth­er with Face­book Ire­land Ltd., we are respon­si­ble for the col­lec­tion (but not fur­ther pro­cess­ing) of data of vis­i­tors to our Face­book page (so-called “Fan­page”). This infor­ma­tion includes infor­ma­tion about the types of con­tent that users view or inter­act with, or the actions they per­form (see “Things done and pro­vid­ed by you and oth­ers” in the Face­book Data Pol­i­cy: https://www.facebook.com/policy), as well as infor­ma­tion about the devices used by the users (e. g. b. IP address­es, oper­at­ing sys­tem, brows­er type, lan­guage set­tings, cook­ie data; see “Device Infor­ma­tion” in the Face­book Data Pol­i­cy State­ment: https://www.facebook.com/policy). As explained in the Face­book Data Pol­i­cy under “How do we use this infor­ma­tion?”, Face­book also col­lects and uses infor­ma­tion to pro­vide ana­lyt­ics ser­vices, known as “page insights,” to site oper­a­tors to help them learn about how peo­ple inter­act with their pages and relat­ed con­tent. We have entered into a spe­cial agree­ment with Face­book (“Infor­ma­tion on Page Insights”, https://www.facebook.com/legal/terms/page_controller_addendum), which reg­u­lates in par­tic­u­lar which secu­ri­ty mea­sures Face­book must observe and in which Face­book has agreed to com­ply with the affect­ed rights (i.e. users can e.B.g. send infor­ma­tion or dele­tion requests direct­ly to Face­book). The rights of users (in par­tic­u­lar to infor­ma­tion, dele­tion, oppo­si­tion and com­plaint to the com­pe­tent super­vi­so­ry author­i­ty) are not restrict­ed by the agree­ments with Face­book. Fur­ther infor­ma­tion can be found in the “Infor­ma­tion on Page Insights” (https://www.facebook.com/legal/terms/information_about_page_insights_data).

  • Types of data processed: Inven­to­ry data (e.g. names, address­es), con­tact data (e.g. e‑mail, tele­phone num­bers), con­tent data (e.g. entries in online forms), usage data (e.g. web­sites vis­it­ed, inter­est in con­tent, access times), meta/communication data (e.g. device infor­ma­tion, IP addresses).
  • Per­sons affect­ed: users (e.g. web­site vis­i­tors, users of online services).
  • Pur­pos­es of pro­cess­ing: Con­tact requests and com­mu­ni­ca­tion, track­ing (e.g. interest/behavioural pro­fil­ing, use of cook­ies), remar­ket­ing, range mea­sure­ment (e.g. access sta­tis­tics, detec­tion of return­ing visitors).
  • Legal bases: Eli­gi­ble inter­ests (Art. 6 sec. 1 p. 1 lit. f. GDPR).

Ser­vices and ser­vice providers used:

Plu­g­ins and embed­ded func­tions as well as content

We incor­po­rate func­tion­al and con­tent ele­ments from the servers of their respec­tive providers (here­inafter referred to as “Third Par­ties”) in our online offer­ing. These may include graph­ics, videos, social media but­tons, and posts (here­inafter referred to as “Con­tent”).

The inte­gra­tion always pre­sup­pos­es that the third par­ties of this con­tent process the IP address of the users, since they could not send the con­tent to their brows­er with­out the IP address. The IP address is there­fore required for the pre­sen­ta­tion of this con­tent or func­tions. We make every effort to use only those con­tent whose respec­tive providers use the IP address only for the deliv­ery of the con­tent. Third par­ties may also use so-called pix­el tags (invis­i­ble graph­ics, also known as “web bea­cons”) for sta­tis­ti­cal or mar­ket­ing pur­pos­es. The “pix­el tags” can be used to eval­u­ate infor­ma­tion such as vis­i­tor traf­fic on the pages of this web­site. The pseu­do­ny­mous infor­ma­tion can also be stored in cook­ies on the user’s device and may include, among oth­er things, tech­ni­cal infor­ma­tion about the brows­er and oper­at­ing sys­tem, web­sites to be ref­er­enced, the time of vis­it as well as oth­er infor­ma­tion on the use of our online offer, as well as to be linked to such infor­ma­tion from oth­er sources.

Notes on legal bases: If we ask the users for their con­sent to the use of the third-par­ty providers, the legal basis for the pro­cess­ing of data is the con­sent. Oth­er­wise, the data of the users will be processed on the basis of our legit­i­mate inter­ests (i.e. inter­est in effi­cient, eco­nom­i­cal and recip­i­ent-friend­ly ser­vices). In this con­text, we would also like to draw your atten­tion to the infor­ma­tion on the use of cook­ies in this pri­va­cy policy.

Face­book plu­g­ins and con­tent: We are joint­ly respon­si­ble with Face­book Ire­land Ltd. for the col­lec­tion or receipt of “event data” col­lect­ed or obtained as part of a trans­fer (but not fur­ther pro­cess­ing) of “event data” that Face­book col­lects through the Face­book social plu­g­ins (and embed­ding func­tions for con­tent) that are exe­cut­ed on our online offer, or receives as part of a trans­mis­sion for the fol­low­ing pur­pos­es: (a) dis­play inges­ly tinged con­tent and adver­tis­ing infor­ma­tion that meets the pre­sumed inter­ests of users; b) deliv­ery of com­mer­cial and trans­ac­tion­al mes­sages (e.B. address­ing users via Face­book Mes­sen­ger); c) Improv­ing the deliv­ery of ads and per­son­al­i­sa­tion of func­tions and con­tent (e.B. improv­ing the recog­ni­tion of which con­tent or adver­tis­ing infor­ma­tion is pre­sumed to be in the inter­ests of users). We have entered into a spe­cial agree­ment with Face­book (“Addi­tion­al for Those Respon­si­ble”, https://www.facebook.com/legal/controller_addendum), which reg­u­lates in par­tic­u­lar which secu­ri­ty mea­sures Face­book must observe (https://www.facebook.com/legal/terms/data_security_terms) and in which Face­book has agreed to ful­fill the data sub­ject rights (i.e., users can, for exam­ple, pro­vide infor­ma­tion or make dele­tion requests direct­ly to Face­book). Note: If Face­book pro­vides us with met­rics, analy­ses and reports (which are aggre­gat­ed, i.e. do not receive infor­ma­tion about indi­vid­ual users and are anony­mous to us), then this pro­cess­ing does not take place with­in the scope of joint respon­si­bil­i­ty, but on the basis of a job pro­cess­ing con­tract (“Data Pro­cess­ing Con­di­tions”, https://www.facebook.com/legal/terms/dataprocessing) , the “Data secu­ri­ty con­di­tions” (https://www.facebook.com/legal/terms/data_security_terms) as well as with regard to pro­cess­ing in the U.S. based on stan­dard con­trac­tu­al claus­es (“Face­book EU Data Trans­fer Adden­dum, https://www.facebook.com/legal/EU_data_transfer_addendum). The rights of users (in par­tic­u­lar to infor­ma­tion, dele­tion, oppo­si­tion and com­plaint to the com­pe­tent super­vi­so­ry author­i­ty) are not restrict­ed by the agree­ments with Facebook.

Insta­gram plu­g­ins and con­tent: We are joint­ly respon­si­ble, togeth­er with Face­book Ire­land Ltd., for the col­lec­tion or receipt of “event data” in con­nec­tion with the trans­mis­sion (but not fur­ther pro­cess­ing) of “event data” that Face­book col­lects by means of Insta­gram func­tions (e.B. embed­ding func­tions for con­tent) that are car­ried out, exe­cut­ed on our online offer, or receives as part of a trans­mis­sion for the fol­low­ing pur­pos­es: (a) dis­play inges­ly tinged con­tent and adver­tis­ing infor­ma­tion that meets the pre­sumed inter­ests of users; b) deliv­ery of com­mer­cial and trans­ac­tion­al mes­sages (e.B. address­ing users via Face­book Mes­sen­ger); c) Improv­ing the deliv­ery of ads and per­son­al­i­sa­tion of func­tions and con­tent (e.B. improv­ing the recog­ni­tion of which con­tent or adver­tis­ing infor­ma­tion is pre­sumed to be in the inter­ests of users). We have entered into a spe­cial agree­ment with Face­book (“Addi­tion­al for Those Respon­si­ble”, https://www.facebook.com/legal/controller_addendum), which reg­u­lates in par­tic­u­lar which secu­ri­ty mea­sures Face­book must observe (https://www.facebook.com/legal/terms/data_security_terms) and in which Face­book has agreed to ful­fill the data sub­ject rights (i.e., users can, for exam­ple, pro­vide infor­ma­tion or make dele­tion requests direct­ly to Face­book). Note: If Face­book pro­vides us with met­rics, analy­ses and reports (which are aggre­gat­ed, i.e. do not receive infor­ma­tion about indi­vid­ual users and are anony­mous to us), then this pro­cess­ing does not take place with­in the scope of joint respon­si­bil­i­ty, but on the basis of a job pro­cess­ing con­tract (“Data Pro­cess­ing Con­di­tions”, https://www.facebook.com/legal/terms/dataprocessing) , the “Data secu­ri­ty con­di­tions” (https://www.facebook.com/legal/terms/data_security_terms) as well as with regard to pro­cess­ing in the U.S. based on stan­dard con­trac­tu­al claus­es (“Face­book EU Data Trans­fer Adden­dum, https://www.facebook.com/legal/EU_data_transfer_addendum). The rights of users (in par­tic­u­lar to infor­ma­tion, dele­tion, oppo­si­tion and com­plaint to the com­pe­tent super­vi­so­ry author­i­ty) are not restrict­ed by the agree­ments with Facebook.

  • Types of data processed: Usage data (e..B. web­sites vis­it­ed, inter­est in con­tent, access times), meta/communication data (e.B. device infor­ma­tion, IP address­es), event data (Face­book) (“Event data” are data that can be trans­mit­ted by us to Facebook.B via Face­book pix­els (via apps or oth­er means) and refer to per­sons or their actions; Data includes, for example.B infor­ma­tion about vis­its to web­sites, inter­ac­tions with con­tent, fea­tures, instal­la­tion of apps, pur­chas­es of prod­ucts, etc.; the event data is processed for the pur­pose of cre­at­ing tar­get groups for con­tent and adver­tis­ing infor­ma­tion (Cus­tom Audi­ences); Event data does not include the actu­al con­tent (such as comments.B. writ­ten), login infor­ma­tion and no con­tact infor­ma­tion (i.e. no names, email address­es and phone num­bers). Event data is delet­ed by Face­book after a max­i­mum of two years, the tar­get groups formed from them with the dele­tion of our Face­book account), con­tact details (e.B. e‑mail, tele­phone num­bers), con­tent data (e.B. entries in online forms), inven­to­ry data (e.B. names, addresses).
  • Per­sons affect­ed: Users (e.g. web­site vis­i­tors, users of online ser­vices), com­mu­ni­ca­tion partners.
  • Pur­pos­es of pro­cess­ing: Pro­vi­sion of our online offer and user-friend­li­ness, pro­vi­sion of con­trac­tu­al ser­vices and cus­tomer ser­vice, con­tact requests and com­mu­ni­ca­tion, direct mar­ket­ing (e.B. by e‑mail or postal), track­ing (e.B. interest/behavioural pro­fil­ing, use of cook­ies), inter­est-based and behav­ioral mar­ket­ing, pro­fil­ing (cre­at­ing user pro­files), secu­ri­ty mea­sures, man­age­ment and response of requests.
  • Legal bases: Eli­gi­ble inter­ests (Art. 6 sec. 1 p. 1 lit. f. GDPR), con­sent (Art. 6 abs. 1 p. 1 lit. a. GDPR), per­for­mance of the con­tract and pre-con­trac­tu­al enquiries (Art. 6 abs. 1 p. 1 lit. (b. GDPR).

Ser­vices and ser­vice providers used:

  • Face­book plu­g­ins and con­tent: Face­book Social Plu­g­ins and Con­tent — This may include, for exam­ple, con­tent such as images, videos or texts and but­tons with which users can share con­tent from this online offer with­in Face­book. The list and appear­ance of the Face­book social plu­g­ins can be viewed here: https://developers.facebook.com/docs/plugins/; Ser­vice provider: Face­book Ire­land Ltd, 4 Grand Canal Square, Grand Canal Har­bour, Dublin 2, Ire­land; par­ent com­pa­ny: Face­book, 1 Hack­er Way, Men­lo Park, CA 94025, USA; web­site: https://www.facebook.com; Pri­va­cy Pol­i­cy: https://www.facebook.com/about/privacy; Opt-out: Set­tings for adver­tise­ments: https://www.facebook.com/settings?tab=ads.
  • Google Fonts: We include the fonts (“Google Fonts”) of the provider Google, where­by the data of the users are used sole­ly for the pur­pose of dis­play­ing the fonts in the user’s brows­er. The inte­gra­tion is based on our legit­i­mate inter­ests in a tech­ni­cal­ly safe, main­te­nance-free and effi­cient use of fonts, their uni­form pre­sen­ta­tion and tak­ing into account pos­si­ble licens­ing restric­tions for their inte­gra­tion. Ser­vice providers: Google Ire­land Lim­it­ed, Gor­don House, Bar­row Street, Dublin 4, Ire­land, par­ent com­pa­ny: Google LLC, 1600 Amphithe­atre Park­way, Moun­tain View, CA 94043, USA; Web­site: https://fonts.google.com/; Pri­va­cy Pol­i­cy: https://policies.google.com/privacy.
  • Insta­gram plu­g­ins and con­tent: Insta­gram Plu­g­ins and Con­tent — This may include .B con­tent such as images, videos or texts and but­tons that allow users to share con­tent from this online offer­ing with­in Insta­gram. Ser­vice providers: https://www.instagram.com, Insta­gram Inc., 1601 Wil­low Road, Men­lo Park, CA, 94025, USA; Web­site: https://www.instagram.com; Pri­va­cy Pol­i­cy: https://instagram.com/about/legal/privacy.
  • LinkedIn plu­g­ins and con­tent: LinkedIn plu­g­ins and con­tent- This may include, for example.B con­tent such as images, videos or texts and but­tons that allow users to share con­tent from this online offer­ing with­in LinkedIn. Ser­vice providers: LinkedIn Ire­land Unlim­it­ed Com­pa­ny, Wilton Place, Dublin 2, Ire­land; Web­site: https://www.linkedin.com; Pri­va­cy Pol­i­cy: https://www.linkedin.com/legal/privacy-policy; Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
  • Twit­ter plu­g­ins and con­tent: Twit­ter plu­g­ins and but­tons — This may include, for example.B con­tent such as images, videos or texts and but­tons that allow users to share con­tent from this online offer­ing with­in Twit­ter. Ser­vice providers: Twit­ter Inter­na­tion­al Com­pa­ny, One Cum­ber­land Place, Fen­ian Street, Dublin 2 D02 AX07, Ire­land, par­ent com­pa­ny: Twit­ter Inc., 1355 Mar­ket Street, Suite 900, San Fran­cis­co, CA 94103, USA; Web­site: https://twitter.com/de; Pri­va­cy Pol­i­cy: https://twitter.com/de/privacy.
  • YouTube videos: video con­tent; Ser­vice providers: Google Ire­land Lim­it­ed, Gor­don House, Bar­row Street, Dublin 4, Ire­land, par­ent com­pa­ny: Google LLC, 1600 Amphithe­atre Park­way, Moun­tain View, CA 94043, USA; Web­site: https://www.youtube.com; Pri­va­cy Pol­i­cy: https://policies.google.com/privacy; Opt-out: Opt-out plu­g­in: https://tools.google.com/dlpage/gaoptout?hl=de, set­tings for dis­play­ing adver­tise­ments: https://adssettings.google.com/authenticated.

Dele­tion of data

The data processed by us will be delet­ed in accor­dance with the legal require­ments as soon as their con­sents per­mit­ted for pro­cess­ing are revoked or oth­er per­mis­sion is omit­ted (e.g. if the pur­pose of the pro­cess­ing of this data has ceased or they are not nec­es­sary for the purpose).

Unless the data is delet­ed because it is nec­es­sary for oth­er and legal­ly per­mis­si­ble pur­pos­es, their pro­cess­ing will be lim­it­ed to these pur­pos­es. This means that the data is blocked and not processed for oth­er pur­pos­es. This applies, for exam­ple, to data that must be retained for com­mer­cial or tax rea­sons or whose stor­age is nec­es­sary for the asser­tion, exer­cise or defence of legal claims or for the pro­tec­tion of the rights of anoth­er nat­ur­al or legal person.

Fur­ther infor­ma­tion on the dele­tion of per­son­al data can also be made with­in the frame­work of the indi­vid­ual data pro­tec­tion notices of this data pro­tec­tion declaration.

Rights of data subjects

As a data sub­ject, you are enti­tled to var­i­ous rights under the GDPR, which arise in par­tic­u­lar from Arti­cles 15 to 21 GDPR:

  • Right to object: For rea­sons aris­ing from your par­tic­u­lar sit­u­a­tion, you have the right to object at any time to the pro­cess­ing of per­son­al data con­cern­ing you, which is sub­ject to Arti­cle 6(4) of the Year. 1 lit. e or f GDPR to object; this also applies to pro­fil­ing based on these pro­vi­sions. If the per­son­al data con­cern­ing you is processed for direct mar­ket­ing pur­pos­es, you have the right to object at any time to the pro­cess­ing of per­son­al data con­cern­ing you for the pur­pose of such adver­tis­ing; this also applies to pro­fil­ing in so far as it is relat­ed to such direct marketing.
  • Right of with­draw­al in case of con­sent: You have the right to revoke con­sents giv­en at any time.
  • Right of access: You have the right to request con­fir­ma­tion as to whether the data in ques­tion is being processed and for infor­ma­tion about this data as well as for fur­ther infor­ma­tion and copy of the data in accor­dance with the legal requirements.
  • Right to cor­rec­tion: In accor­dance with the law, you have the right to request the com­ple­tion of the data con­cern­ing you or the cor­rec­tion of the inac­cu­rate data con­cern­ing you.
  • Right to era­sure and restric­tion of pro­cess­ing: In accor­dance with the statu­to­ry require­ments, you have the right to request that you delete data con­cern­ing you imme­di­ate­ly or, alter­na­tive­ly, to request a restric­tion on the pro­cess­ing of the data in accor­dance with the statu­to­ry requirements.
  • Right to data porta­bil­i­ty: You have the right to receive data con­cern­ing you that you have pro­vid­ed to us in a struc­tured, com­mon and machine-read­able for­mat in accor­dance with the legal require­ments or to request their trans­mis­sion to anoth­er controller.
  • Com­plaint to super­vi­so­ry author­i­ty: You also have the right, in accor­dance with the legal require­ments, to lodge a com­plaint with a super­vi­so­ry author­i­ty, in par­tic­u­lar in the Mem­ber State of your habit­u­al res­i­dence, work­place or place of alleged infringe­ment, if you believe that the pro­cess­ing of per­son­al data con­cern­ing you is in breach of the GDPR.

Def­i­n­i­tions

This sec­tion pro­vides an overview of the terms used in this Pri­va­cy Pol­i­cy. Many of the terms are tak­en from the law and are defined above all in Arti­cle 4 GDPR. The legal def­i­n­i­tions are bind­ing. The fol­low­ing expla­na­tions, on the oth­er hand, are pri­mar­i­ly intend­ed for under­stand­ing. The terms are sort­ed alphabetically.

  • Cross-Device Track­ing: Cross-device track­ing is a form of track­ing in which user behav­iour al-inter­est infor­ma­tion is col­lect­ed across devices in so-called pro­files by asso­cis­ing an online iden­ti­fi­er to users. This allows user infor­ma­tion to be ana­lyzed for mar­ket­ing pur­pos­es, regard­less of browsers or devices used (e.g. mobile phones or desk­top com­put­ers). For most providers, the online ID is not asso­ci­at­ed with clear data, such as names, postal address­es, or e‑mail addresses.
  • Inter­est-based and behav­ioral mar­ket­ing: Inter­est- and/or behav­ioral mar­ket­ing is referred to when poten­tial inter­ests of users in adver­tise­ments and oth­er con­tent are pre­de­ter­mined as pre­cise­ly as pos­si­ble. This is done on the basis of infor­ma­tion about their pre­vi­ous behav­iour (e.g. vis­it­ing cer­tain web­sites and stay­ing on them, buy­ing behav­iour or inter­ac­tion with oth­er users), which are stored in a so-called pro­file. Cook­ies are usu­al­ly used for these purposes.
  • Per­son­al data: “Per­son­al Data” means any infor­ma­tion relat­ing to an iden­ti­fied or iden­ti­fi­able nat­ur­al per­son (‘the data sub­ject’); Iden­ti­fi­able is a nat­ur­al per­son who can be iden­ti­fied direct­ly or indi­rect­ly, in par­tic­u­lar by asso­ci­a­tion with an iden­ti­fi­er such as a name, an iden­ti­fi­ca­tion num­ber, loca­tion data, an online iden­ti­fi­er (e.g. cook­ie) or one or more spe­cif­ic char­ac­ter­is­tics that are an expres­sion of the phys­i­cal, phys­i­o­log­i­cal, genet­ic, psy­cho­log­i­cal, eco­nom­ic, cul­tur­al or social iden­ti­ty of that nat­ur­al person.
  • Pro­fil­ing: ‘Pro­fil­ing’ means any type of auto­mat­ed pro­cess­ing of per­son­al data that con­sists in the use of such per­son­al data to analyse cer­tain per­son­al aspects relat­ing to a nat­ur­al per­son (depend­ing on the type of pro­fil­ing, this includes infor­ma­tion relat­ing to age, gen­der, loca­tion data and move­ment data, inter­ac­tion with web­sites and their con­tent, pur­chas­ing behav­iour, social inter­ac­tions with oth­er peo­ple). , or to pre­dict them (e.g. inter­ests in spe­cif­ic con­tent or prod­ucts, click-through behav­ior on a web­site or where you are). Cook­ies and web bea­cons are often used for pro­fil­ing purposes.
  • Range mea­sure­ment: The range mea­sure­ment (also referred to as web ana­lyt­ics) is used to eval­u­ate the vis­i­tor flows of an online offer and may include the behav­iour or inter­ests of vis­i­tors in cer­tain infor­ma­tion, such as the con­tent of web­sites. With the help of the range analy­sis, web­site own­ers can, for exam­ple, rec­og­nize the time at which vis­i­tors vis­it their web­site and what con­tent they are inter­est­ed in. This allows them, for exam­ple, to bet­ter adapt the con­tents of the web­site to the needs of their vis­i­tors. For the pur­pos­es of range analy­sis, pseu­do­ny­mous cook­ies and web bea­cons are often used to rec­og­nize return­ing vis­i­tors and thus obtain more accu­rate analy­ses of the use of an online offer.
  • Remar­ket­ing: “Remar­ket­ing” or “retar­get­ing” is referred to when, for exam­ple, for adver­tis­ing pur­pos­es, it is not­ed which prod­ucts a user has been inter­est­ed in on a web­site in order to remind the user of these prod­ucts on oth­er web­sites, e.g. in advertisements.
  • Loca­tion data: Loca­tion data aris­es when a mobile device (or oth­er device with the tech­ni­cal require­ments of a loca­tion deter­mi­na­tion) con­nects to a radio cell, a WLAN or sim­i­lar tech­ni­cal inter­me­di­aries and func­tions of loca­tion deter­mi­na­tion. Loca­tion data is used to indi­cate which geo­graph­i­cal­ly iden­ti­fi­able posi­tion of the earth the respec­tive device is locat­ed. Loca­tion data, for exam­ple, can be used to rep­re­sent map func­tions or oth­er loca­tion-depen­dent information.
  • Track­ing: “Track­ing” is called when the behav­iour of users can be tracked across mul­ti­ple online offers. As a rule, with regard to the online offers used, behav­iour­al and inter­est infor­ma­tion is stored in cook­ies or on servers of the providers of the track­ing tech­nolo­gies (so-called pro­fil­ing). This infor­ma­tion can then be used, for exam­ple, to dis­play adver­tise­ments to users that are like­ly to cor­re­spond to their interests.
  • Respon­si­ble: ‘Respon­si­ble per­son’ means the nat­ur­al or legal per­son, author­i­ty, body or oth­er body which decides, alone or joint­ly with oth­ers, on the pur­pos­es and means of the pro­cess­ing of per­son­al data.
  • Pro­cess­ing: “Pro­cess­ing” means any oper­a­tion or series of oper­a­tions car­ried out with or with­out the help of auto­mat­ed pro­ce­dures in con­nec­tion with per­son­al data. The term goes far and cov­ers vir­tu­al­ly every use of data, be it the col­lec­tion, the eval­u­at­ing, the sav­ing, the trans­mis­sion or the deletion.
  • Tar­get group for­ma­tion: Tar­get groups (or “Cus­tom Audi­ences”) are defined when tar­get groups are des­ig­nat­ed for adver­tis­ing pur­pos­es, e.g. dis­play­of adver­tise­ments. For exam­ple, based on a user’s inter­est in cer­tain prod­ucts or top­ics on the Inter­net, it can be con­clud­ed that that user is inter­est­ed in adver­tise­ments for sim­i­lar prod­ucts or the online shop in which he viewed the prod­ucts. “Looka­like Audi­ences” (or sim­i­lar audi­ences) are referred to when the con­tent deemed appro­pri­ate is dis­played to users whose pro­files or inter­ests are pre­sumed to cor­re­spond to the users to whom the pro­files were cre­at­ed. Cook­ies and web bea­cons are usu­al­ly used for the pur­pos­es of cre­at­ing Cus­tom Audi­ences and Looka­like Audiences.

Cre­at­ed with free Datenschutz-Generator.de by Dr. Thomas Schwenke