ilert ("us", "we", or "our") operates https://www.ilert.com (this "Site"), our Software-as-a-Service Information Technology alerting and on-call management services (“Services“) https://*.ilert.com and any mobile application or add-on that we operate and which includes a link to this policy (“Apps“). Our Website, Services and Apps are collectively referred to in this Privacy Policy as our “Services“.
This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of our Services.
Information collection and use
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your ("Personal Information"):
name
email address
organization
location
currency
third party cookies
We use your Personal Information only for providing and improving our Services. By using our Services, you agree to the collection and use of information in accordance with this policy.
Log data
Like many services, we collect information that your browser sends whenever you use our Services ("Log Data").
This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages and other statistics.
Tracking
In addition, we may use third party services such as Google Analytics, Segment or Hubspot that collect, monitor and analyze this type of information in order to increase our Service's functionality. These third party service providers have their own privacy policies addressing how they use such information. We have linked these third-parties, their policies and the cookies that they are using on our Cookie Policy.
In addition we offer an opt-out of data collection through tracking on our site, you can find it here.
Mobile apps
We want to ensure our mobile apps for iOS (ilert) and Android (ilert) provide an excellent user experience. Therefore we may use Google Firebase and Segment mobile event tracking to detect problems like app crashes or service disruptions. You can opt-out of this tracking in the settings of the mobile apps.
Cookies
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive.
Like many services, we use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services.
You can find out more about our usage of cookies on our Cookie Policy.
Legal bases for processing
The legal bases on which we process your personal information as described in this Privacy Policy will depend on the type of personal information and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your personal information, contact us at [email protected].
Service delivery and Site operation
Processing is necessary to perform the contract governing our operation of the Site or the provision of the Services, or to take steps that you request prior to engaging our Services. Where we cannot process your personal data as required to operate the Site or Services on the grounds of contractual necessity, we process your personal information for this purpose based on our legitimate interest in providing you with the Services you access and request.
Marketing
Processing is based on your consent where that consent is required by applicable law. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the Service. Where such consent is not required by applicable law, we process your personal information for these purposes based on our legitimate interests in promoting our business.
Research & Development
Processing is based on our legitimate interests in performing research and development to improve our services and develop new services.
Compliance and Protection
Processing is necessary to comply with our legal obligations or based on our legitimate interests in protecting our or others’ rights, privacy, safety or property.
Other purposes with your consent
Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated when you consent or in the Service.
Your rights
You may:
Opt-out
Stop sending you direct marketing communications. You may continue to receive Service-related and other non-marketing communications.
Access
Provide you with information about our processing of your personal information and give you access to your personal information.
Correct
Update or correct inaccuracies in your personal information.
Delete
Delete your personal information.
Transfer
Transfer a machine-readable copy of your personal information to you or a third party of your choice.
Restrict
Restrict the processing of your personal information.
Object
Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You can submit these requests by email to [email protected] or our postal address provided below.
Your choices
Access, update, correct or delete your information.
By logging in to your account or emailing us at [email protected]
Access to data controlled by our customers.
We have no direct relationship with the individuals whose personal information is contained within the Customer Data processed by the Service. An individual who seeks to access, correct or delete this information should direct their request the Customer.
Marketing communications
You may opt out of marketing-related emails by logging in and changing your account settings or by following the opt-out prompt in the email. You may continue to receive Service-related and other non-marketing emails.
Testimonials
If you gave us consent to post a testimonial to our site, but wish to update or delete it, please contact us via [email protected]
Cookies
See the Cookies section above, you might opt-out.
Advertising choices
You may prevent advertising by changing your browser settings (ad-blocker) or opting-out of the platforms e.g. Google, Facebook or Linkedin advertising programms.
Marketing
Direct marketing.
If you request information from us, use the Service or participate in our surveys, promotions or events, we may send you ilert-related marketing communications as permitted by law but will provide you with the ability to opt out.
Interest-based advertising
We may contract with third-party advertising and social media companies to display ads on our Service and other sites. These companies may use cookies and similar technologies to collect information about you (including the device data and online activity data described above) over time across our Service and other sites and services or your interaction with our emails, and use that information to serve ads that they think will interest you. These ads are known as “interest-based advertisements.”
How we share your information
Service Providers
We may employ companies and individuals to help provide the Site or Service on our behalf or help us operate our business.
Payment processors
Any payment card information you use to make a purchase on the Service is collected and processed directly by our payment processor, Stripe, and we never physically receive or store your full payment card information. Stripe commits to complying with the Payment Card Industry Data Security Standard (PCI-DSS) and using industry standard security. Stripe may use your Payment Information in accordance with its own Privacy Policy here: https://stripe.com/privacy.
Advertising partners
We work with third party advertising companies that collect information about your activity on the Site and other online services to help us advertise our services (including, through interest-based advertising), and/or use hashed customer lists that we share with them to deliver ads to them and similar users on their platforms.
Customers
When you have an organization-administered account your organization can access your information as described in the Organization-Administered Accounts section below.
ilert does not and will never sell data collected by your usage of the Service to third parties.
Data location and handling
Web application (*.ilert.com):
Data collected and required to provide the Service are only stored on servers in Germany. This data is strictly handled in compliancy with the European General Data Protection Regulation – GDPR.
Websites (www.ilert.com, de.ilert.com, docs.ilert.com, engineering.ilert.com):
Data collected when visiting the websites may be shared with third parties and processed outside of Germany, however always in accordance with this Privacy Policy and the GDPR.
Retention
We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Organization administered accounts
Where the Service is provided to you through your employer or another organization, please note that your organization’s administrator may be able to:
reset or change your password and email address
restrict, suspend or terminate your access to the Service
access and retain information in and about your account
access or retain information stored as part of your account
change your information, including profile information
restrict your ability to edit, restrict, modify or delete information
Please contact your organization or refer to your administrator’s organizational policies for more information.
Sensitive personal information
We ask that you not share with us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Service or otherwise. If you do anyway, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy.
Third party sites
The Service may contain links to other websites and services operated by third parties, such as social media platforms, advertising services and other websites and applications. These links are not an endorsement of, or representation that we are affiliated with, any third party. We do not control third party websites, applications or services, and are not responsible for their actions. Other websites and services follow different rules regarding their collection, use and disclosure of your personal information. We encourage you to read their privacy policies to learn more.
Children
The Service is not directed at, and ilert does not knowingly acquire or receive personal information from, children under the age of 16. If we learn that any user of the Service is under the age of 16, we will take appropriate steps to delete that individual’s personal information and restrict that individual from future access to the Service.
Security
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. We strive to use commercially acceptable means to protect your Personal Information.
Changes to this privacy policy
This Privacy Policy is effective as of September 22, 2017 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.
If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.
Data protection officer
Responsible for the data processing on this website within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union and other provisions with a data protection character is:
iLert GmbH
Data Protection Officer
Friesenplatz 4
50672 Cologne, Germany
[email protected]
Contact us
If you have any questions or complaints about this Privacy Policy, please contact us at [email protected]
Introduction
Thank you for your interest in ilert GmbH (hereinafter "We", "Us") and for visiting our website.
With the information presented below, we provide you with an overview of the processing of your personal data on our website https://www.ilert.com (hereinafter "website"). In addition, the privacy policy also applies to our presences in the social and professional networks, our newsletter and the application process.
We also want to inform you about your rights under data protection laws. The processing of your personal data by us is always in accordance with the General Data Protection Regulation (hereinafter "GDPR"), the Telecommunications and Telemedia Data Protection Act (hereinafter "TTDSG") and all applicable country-specific data protection regulations.
1 Controller
Controller in the sense of the GDPR is
ilert GmbH
Bayenstraße 65
50678 Cologne
Email: [email protected]
2 Data Protection Officer
You can reach our data protection officer as follows:
Niklas Hanitsch
secjur GmbH
Steinhöft 9
20459 Hamburg
Phone: +49 40 228 599 520
E-mail: [email protected]
You can contact our data protection officer directly at any time with all questions and suggestions regarding data protection and to exercise your rights granted under GDPR.
3 Definition
This data protection declaration is based on the terminology of the GDPR. For your convenience, we would like to explain some important terms in this context in more detail:
- Personal data: Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Data subject: The data subject is any identified or identifiable natural person whose personal data are processed by the controller.
- Processing: Processing means any operation or set of operations which is performed upon personal data, whether by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- Recipient: a recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
- Third party: a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor.
- Consent: Consent means any freely given and informed indication of the data subject's wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
4 Origin of the personal data
We may obtain personal data in the following ways:
4.1 Information provided by you
You have the opportunity to provide information (e.g. contact details) about yourself on our website.
4.2 Automatically collected and generated data
By using our website, data is automatically collected and generated.
4.3 Data collected by third parties
To the extent that we maintain presences on social and professional networks, we may receive data from you through them (e.g. if you contact us through a social or professional network or respond to any of our content shared there).
5 Scope, purpose, legal basis, storage period and, if applicable, recipients and third country transfer of the respective processing of personal data
5.1 General information
In the following, we provide you with an overview of the personal data we process. We will explain to what extent, for what purposes and on what legal basis we process personal data.
We will not disclose your personal data to third parties without your consent, unless this is permitted by law (e.g. because it is necessary for the performance of the contract).
The processing of your personal data may be based in particular on the following legal bases:
- Art. 6 (1), lit. a) GDPR serves as our legal basis for processing operations in which we obtain consent for a specific processing.
- If the processing of personal data is necessary for the performance of a contract to which you are a party, the processing is based on Art. 6 (1) lit. b) GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures.
- If we are subject to a legal obligation by which the processing of personal data becomes necessary, the processing is based on Art. 6 (1) lit. c) GDPR.
- Furthermore, processing operations may be based on Article 6 (1) lit. f) GDPR. Processing operations are based on this legal basis if the processing is necessary to protect a legitimate interest of ours, provided that the interests, fundamental rights and freedoms of the data subject are not overridden.
5.2 Data transfers to third countries
Among other things, we use the services of companies that are based in third countries (e.g. in the USA). If these services are active, it is possible that data will be transferred to a third country and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. US companies, for example, are obliged to hand over data to authorities or similar institutions, without you as a data subject being able to take effective legal action against this according to our legal understanding. We have no influence on such data disclosure.
5.3 Data deletion
Insofar as no specific storage period is specified within this data protection notice, the data processed by us will be deleted in accordance with the legal requirements as soon as their consents permitted for processing are revoked or other permissions cease to apply (e.g. if the purpose of processing this data has ceased to apply or it is not required for the purpose). If the data are not deleted because they are required for other and legally permissible purposes, their processing is limited to these purposes, i.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise, or defence of legal claims or for the protection of the rights of another natural or legal person.
5.4 Security measures
We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects' rights, the deletion of data and responses to data compromise. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
5.5 Transmission of personal data
In the course of our processing of personal data, the data may be transferred to or disclosed to other bodies, companies, legally independent organisational units or persons. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude corresponding contracts or agreements that serve to protect your data with the recipients of your data.
5.6 Website in general
5.6.1 Provision of the website, server log files
5.6.1.1 Scope of the processing
To provide our website, we use storage space, computing capacity and software that we rent from a corresponding server provider (web host). These services also include the sending, receiving and storing of e-mails. In addition, when you visit our website, data is automatically processed that your browser transmits to our server. This general data and information is stored in the server's log files (in so-called "server log files"). The following data can be collected:
- Browser type and version
- Operating system used
- Referrer URL (previously visited website)
- Host name of the accessing computer
- Date and time of the server request
- IP address
5.6.1.2 Purpose of the processing
When using this data and information, we do not draw any conclusions about your person. The purposes we pursue include in particular:
- Provision of our website
- Provision of our online offer and user friendliness
- Operation and provision of information systems
- Content Delivery Network (CDN)
- Provision of contractual services
- Customer service
- Provision of e-mail communication
- Ensuring a smooth connection of the website
- Clarification of acts of abuse or fraud,
- Problem analyses in the network
- Evaluation of system security and stability.
5.6.1.3 Legal basis
The legal basis for data processing is our legitimate interest within the meaning of Art. 6 (1) lit. f) GDPR. We have a legitimate interest in being able to provide our website in a technically flawless manner.
5.6.1.4 Recipients of personal data
Your data will be passed on to the necessary extent to service providers for hosting and content delivery network (CDN) within the framework of order processing.
Our website in the network of Webflow Inc, 398 11th St. Fl 2, San Francisco, California, 94103, USA (hereinafter Webflow). When you visit our website, Webflow collects the above-mentioned data. You can find more information about Webflow's data processing here: Data Processing Addendum (webflow.com)
5.6.2 Use of cookies
5.6.2.1 General information
We use cookies on our website. Cookies are text files that your browser automatically creates and that are stored on your IT system when you visit our site. Through cookies, certain information flows to the location setting the cookie. Through the use of cookies, it is not possible to execute programmes or transfer viruses to your end device.
If you do not wish to use cookies, you can switch them off under the settings.
When you visit our website or a sub-website for the first time and it contains cookies, you will be shown a "cookie banner". There you will be informed about the individual cookies that we use. You can find out about each individual cookie in terms of the name, the provider, the purpose of the processing and the storage period. In addition, you can allow us to use cookies that are not necessary and reverse this decision there.
In legal terms, a distinction must be made between necessary and non-necessary cookies.
5.6.2.2 Necessary cookies
We use necessary cookies. These are cookies that are technically necessary to provide all functions of our website. The legal basis for the data processing is our legitimate interest within the meaning of Art. 6 (1) lit. f) GDPR. We have an overriding legitimate interest in being able to offer our service in a technically flawless manner. The legal basis for the use of cookies vis-à-vis our contractual partners who make use of services contractually owed by us via our website is Art. 6 (1) lit. b) GDPR, the provision of our contractual services.
5.6.2.3 Non necessary cookies
We also use cookies that are not necessary (e.g. analysis and marketing cookies). These are cookies that are not technically necessary. We use them to understand your behaviour on our website and to improve our offer. The legal basis for the data processing is your consent according to Art. 6 (1) 1 lit. a) GDPR. The cookies are only set after you have given your consent via our "cookie banner".
5.6.2.4 Storage period
With regard to the storage period, the following types of cookies are distinguished:
- Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their end device (e.g. browser or mobile app).
- Permanent cookies: Permanent cookies remain stored even after the terminal device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, user data collected with the help of cookies can be used to measure reach. Unless we provide users with explicit information on the type and storage duration of cookies (e.g. when obtaining consent), users should assume that cookies are permanent and that they can be stored for up to two years.
5.6.3 Cookie banner
5.6.3.1 Scope of the processing
With our cookie banner, we inform you about the specific cookies we use. In addition, we give you the opportunity to decide whether you want to consent to the setting of cookies that are not necessary. Data that is processed:
- Usage data (e.g. websites visited, time of access)
- Meta and communication data (e.g. IP address)
5.6.3.2 Purpose of the processing
We process your personal data for the following purposes:
- Informing the user about the cookies we use
- Enabling you to consent to cookies that are not technically necessary
5.6.3.3 Legal basis of the processing
The legal basis for the use of the cookie banner is Art. 6 para. 1, p. 1 lit. f) GDPR. We have an overriding legitimate interest in using the cookie banner, which enables us to obtain the legally required consent for the use of cookies that are not necessary and to comply with our duty to provide information regarding cookies.
5.6.3.4 Storage period
The cookie banner stores the preferences until you reset or adjust them.
5.6.3.5 Recipients of personal data
Your data will not be passed on to any external recipients.
5.6.3.6 More information about cookies
The individual cookies, as well as information, can be found in our cookie banner in the form of the privacy settings, which you can access via the button on the website.
5.7 Use of the ilert platform
Through our website you have the possibility to use our ilert platform. Further information on the use of the ilert platform can be found here.
5.8 Newsletter
5.8.1 Scope of the processing
If you have provided us with your email address when purchasing one of our services, we will use this to inform you about our own similar goods or services via newsletter.
You can object to the sending of our newsletter at any time. You will find a corresponding "Unsubscribe" button in each of our newsletters. You can also inform us of your cancellation by e-mail or post using the contact details provided above.
Our newsletters contain so-called tracking pixels. This is a miniature graphic that is embedded in emails. This allows us to track, for example, whether and when an email was opened by you and which links in the email were called up by you. This enables us to statistically evaluate the success or failure of online marketing campaigns. The personal data collected by the tracking pixel is stored and analysed by us in order to optimise the newsletter dispatch and to better adapt the content of future newsletters to your interests.
Within the scope of the newsletter dispatch, we process the following personal data, among others:
- E-mail address
- First and last name
- Organisation
- Preferred language
- Metadata (e.g. device information, IP address, date and time of login)
- Interaction with the newsletter
5.8.2 Purpose of the processing
We process your personal data for the following purposes:
- Newsletter dispatch: implementation of marketing measures
- Newsletter tracking: measuring success
5.8.3 Legal basis
- The legal basis for sending our newsletter is your consent in accordance with Art. 6 (1) a). You can revoke your consent at any time with effect for the future.
- The legal basis for sending our newsletter is, in accordance with Art. 6 (1) lit. f GDPR in conjunction with § 7 Para. 3 UWG, our overriding legitimate interest in strengthening or maintaining customer relations with our existing customers by offering our own similar products by e-mail.
- The legal basis for newsletter tracking is, pursuant to Art. 6 (1) lit. f GDPR, our overriding legitimate interest in knowing whether our newsletter meets your interests and expectations.
5.8.4 Storage period
We delete your personal data as soon as they are no longer required to achieve the purpose for which they were collected. In the context of the newsletter dispatch, this is generally the case if you object to the processing.
5.8.5 Recipients of personal data
We use HubSpot for the purpose of sending newsletters and newsletter tracking.
5.9 Contact options
5.9.1 Scope of the processing
Through our website you have the possibility to contact us via e-mail or our chat.
- In the context of contacting you and answering your enquiry by e-mail, we process the following personal data from you:
- First and last name
- E-mail address
- Telephone number
- Address data
- Date and time of the request
- IP address
- Communication content
5.9.2 Purpose of processing
We process your data to respond to your enquiry and other matters arising from it.
5.9.3 Legal basis
If your request is based on pre-contractual measures or an existing contract with us, the legal basis is the fulfilment of the contract and the implementation of pre-contractual measures pursuant to Art. 6 (1) lit. b) GDPR. If your request is made independently of pre-contractual measures or contracts existing with us, our overriding legitimate interests pursuant to Art. 6 (1) lit. f) GDPR constitute the legal basis. We have an overriding legitimate interest in providing visitors to our website with a means by which they can contact us.
5.9.4 Storage period
We delete your personal data as soon as they are no longer required to achieve the purpose for which they were collected. In the context of contact enquiries, this is generally the case when the circumstances indicate that the specific matter has been conclusively processed.
5.9.5 Recipients of personal data
We use the provider Hubspot to answer and process your contact.
5.10 Application
5.10.1 General information
We also offer you the opportunity to apply for job vacancies and send us your application online or by post.
We process the following personal data as part of the application process:
- Master data (e.g. first and last name, address)
- Contact details (e.g. email address, telephone number)
- Application data (e.g. cover letter, CV, certificates and other supporting documents)
5.10.2 Purpose of the processing
The purpose of the processing is to carry out the application procedure.
5.10.3 Legal basis
The legal basis for the processing of personal data is the fulfilment of the contract and the implementation of pre-contractual measures according to Art. (1) lit. b) GDPR.
If we obtain your consent (e.g. for inclusion in our applicant pool), this constitutes the legal basis for data processing in accordance with Art. 6 (1) a) GDPR.
5.10.4 Storage period
If an employment relationship is established after completion of the application process, the personal data provided may be processed further. Otherwise, we generally retain the data for six months after the end of the application process. We then delete all personal data. Longer storage is possible if we include the personal data in our applicant pool after obtaining your consent.
5.10.5 Recipients of personal data
We use the service provider JOIN Solutions AG Landsgemeindeplatz 6 9043 Trogen to carry out the application process.
Further information on data protection can be found here: Privacy Policy | JOIN
5.11 Customer Relationship Management System
5.11.1 Scope and purpose of the processing
We use functions of a customer relationship management system ("CRM system") on this website. The CRM system enables us, among other things, to manage existing and potential customers as well as customer contacts and to organise sales and communication processes. The use of the CRM System also enables us to analyse and optimise our customer-related processes. Details on the functions of the CRM we use can be found here: https://www.hubspot.de.
As a result, we process the following data, among others:
- E-mail address
- First and last name
- Address
- IP address
- Telephone number
5.11.2 Legal basis
The use of the CRM is based on Art. 6 para. 1 lit. f) GDPR. We have a legitimate interest in the most efficient customer management and customer communication possible. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) lit. a) GDPR; the consent can be revoked at any time via our cookie banner.
5.11.3 Recipients of personal data
Your data will be passed on to the necessary extent to a service provider for CRM systems HubSpot within the framework of order processing. We use the CRM system HubSpot. HubSpot is a software company from the USA. Our contractual partner is HubSpot Germany GmbH (address: HubSpot Ireland Limited, HubSpot House, One Sir John Rogerson's Quay, Dublin 2, Ireland). Within the scope of processing via HubSpot, data may be transmitted to the USA (Hubspot Inc.). The security of the transmission is secured via standard contractual clauses.
5.12 Social media appearances
5.12.1 General information
We use third-party platforms to provide you with information about our company and our products and services. This involves processing interactions such as messages, likes and content on our social media channels.
In addition, we receive data from third-party platforms without personal reference, such as the total number of measures played out by the platform operator or preferred visiting and posting times. We have no influence on the creation and provision of this data. The legal basis for the processing is Art. 6 (1) lit. f) GDPR; our legitimate interest lies in the improvement of our marketing measures.
The associated personal data processing takes place exclusively in the area of responsibility of the platform operators. Further information on data processing can be found in the data protection declarations of the respective providers:
5.13 Integration of third-party services and content
5.13.1 General Information
We use content or service offers from third-party providers within our online offer in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").
This always assumes that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offering, as well as being linked to such information from other sources.
6 Your rights
In this section, we inform you about the rights you have regarding the processing of your data. The exact scope of the right mentioned in each case can be found in the corresponding article of the GDPR. If you wish to exercise any of your rights, please contact us via email ([email protected]).
6.1 Right to confirmation
You have the right to request confirmation from us as to whether personal data relating to you is being processed by us.
6.2 Access (Art. 15 GDPR)
You have the right to receive information from us at any time and free of charge about the personal data stored about you, as well as a copy of this data in accordance with the statutory provisions.
6.3 Rectification (Art. 16 GDPR)
You have the right to request the rectification of inaccurate personal data concerning you. You also have the right to request that incomplete personal data be completed, taking into account the purposes of the processing.
6.4 Erasure (Art. 17 GDPR)
You have the right to demand that personal data concerning you be deleted immediately if one of the reasons provided for by law applies and insofar as the processing or storage is not necessary.
6.5 Restriction of processing (Art. 18 GDPR)
You have the right to demand that we restrict processing if one of the legal requirements is met.
6.6 Data portability (Art. 20 GDPR)
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. Furthermore, you have the right to transfer this data to another controller without restriction from us, to whom the personal data was provided, given that the processing is based on consent pursuant to Art. 6 (1) lit. a) GDPR or Art. 9 (2) lit. a) GDPR or on a contract pursuant to Art. 6 (1) lit. b) GDPR and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task which is in the public interest or in the exercise of official authority vested in us.
In addition, when exercising your right to data portability pursuant to Art. 20 (1) GDPR, you have the right to have the personal data transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other individuals.
6.7 Objection (Art. 21 GDPR)
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of data processing in the public interest pursuant to Art. 6 (1) sentence 1 lit. e) GDPR or on the basis of our legitimate interest pursuant to Art. 6 (1) sentence 1 lit. f) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
6.8 Revocation of consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time with effect for the future.
6.9 Complaint to a supervisory authority
You have the right to complain about our processing of personal data to a supervisory authority responsible for data protection.
7 Validity and changes of the data protection notice
This privacy notice is currently valid and has the following status: May 2023.
If we continue to develop our website and our offers or if legal or regulatory requirements change, it may be necessary to amend this data protection notice. You can access the current data protection information at any time here.