Privacy Policy

1. An overview of data protection

General information

The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you. This privacy notice concerning online services helps users of our online services understand what personal data and other information Damovo collects in its online services, and how we process this data.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this website is processed by the operator of the website, whose contact information is available under section “Information about the responsible party (referred to as the “controller” in the GDPR)” in this Privacy Policy.

How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form.

Other data shall be recorded by our IT systems automatically or after you consent to its recording during your website visit. This data comprises primarily technical information (e.g., web browser, operating system, or time the site was accessed). This information is recorded automatically when you access this website. More information about the service providers we use and the data we collect, see the information starting om the Section 4.

What are the purposes we use your data for?

A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyze your user patterns.

What rights do you have as far as your information is concerned?

You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. If you have consented to data processing, you have the option to revoke this consent at any time, which shall affect all future data processing.

Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to log a complaint with the competent supervising agency.

Please do not hesitate to contact us at any time if you have questions about this or any other data protection related issues.

Analysis tools and tools provided by third parties

There is a possibility that your browsing patterns will be statistically analyzed when your visit this website. Such analyses are performed primarily with what we refer to as analysis programs. For detailed information about these analysis programs please consult our Data Protection Declaration below.

2. Hosting and Content Delivery Networks (CDN)

We are hosting the content of our website at the following provider:

Raidboxes

Our website is hosted by RAIDBOXES GmbH, Hafenstr. 32, 48151 Münster, Germany (hereinafter “RAIDBOXES”). When you visit our website, RAIDBOXES collects various log files, including your IP address.

Details on Data Collection

For detailed information on the data collected by RAIDBOXES, please refer to their privacy policy: https://raidboxes.io/en/legal/privacy/. We use RAIDBOXES services based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in ensuring the most reliable presentation of our website. If you have provided your consent, the processing of your data is based solely on Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal device (e.g., for device fingerprinting) within the meaning of the TTDSG. You can withdraw your consent at any time.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Cloudflare

We use the ‘Cloudflare’ service. The service is provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (hereinafter ‘Cloudflare’).

Cloudflare offers a globally distributed content delivery network with DNS. This technically routes the information transfer between your browser and our website over the Cloudflare network. This enables Cloudflare to analyse the data traffic between your browser and our website and to act as a filter between our servers and potentially malicious data traffic from the internet. Cloudflare may also use cookies or other technologies to recognise internet users, but these are used solely for the purpose described here.

The use of Cloudflare is based on our legitimate interest in providing our website in the most error-free and secure way possible (Art. 6 para. 1 lit. f GDPR).

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.cloudflare.com/privacypolicy

Further information on security and data protection at Cloudflare can be found here: (https://www.cloudflare.com/privacypolicy/).

Contract data processing

We have concluded a contract for contract data processing for the use of the above-mentioned service. This is a contract that is required under data protection law and ensures that the personal data of our website visitors is processed only in accordance with our instructions and in compliance with the GDPR.

3. General information and mandatory information

Data protection

The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.

Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.

We herewith advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be prone to security gaps.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data processing controller on this website is:

Damovo Deutschland GmbH & Co. KG
Fritz-Vomfelde-Straße 26
40547 Düsseldorf
Deutschland
Phone: + 49 211 8755 40
E-mail: dialog.germany@damovo.com

The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).

Storage duration

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.

General information on the legal basis for the data processing on this website

If you have consented to data processing, we process your personal data on the basis of Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 (1)(a) GDPR. If your data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, if your data is required for the fulfillment of a legal obligation, we process it on the basis of Art. 6(1)(c) GDPR. Furthermore, the data processing may be carried out on the basis of our legitimate interest according to Art. 6(1)(f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.

Designation of a data protection officer

We have appointed a data protection officer.

Damovo Deutschland GmbH & Co. KG
Dr. Sabrina Seak
Fritz-Vomfelde-Str. 26
40547 Düsseldorf
Deutschland
Telefon: +49 211 8755 4541
E-Mail: DataProtection@damovo.com

Information on data transfer to the USA and other non-EU countries

Among other things, we use tools of companies domiciled in the United States or other from a data protection perspective non-secure non-EU countries. If these tools are active, your personal data may potentially be transferred to these non-EU countries and may be processed there. We must point out that in these countries, a data protection level that is comparable to that in the EU cannot be guaranteed. For instance, U.S. enterprises are under a mandate to release personal data to the security agencies and you as the data subject do not have any litigation options to defend yourself in court. Hence, it cannot be ruled out that U.S. agencies (e.g., the Secret Service) may process, analyze, and permanently archive your personal data for surveillance purposes. We have no control over these processing activities.

Data subject rights

Revocation of your consent to the processing of data

A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a complaint with the competent supervisory agency

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with the competent supervisory authority (State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia). The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.

Right to data portability

You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

Information about, rectification and eradication of data

Within the scope of the applicable statutory provisions, you have the right to at any time demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data. You may also have a right to have your data rectified or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time.

Right to demand processing restrictions

You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time. The right to demand restriction of processing applies in the following cases:

• • In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.

• • If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data.

• • If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.

• • If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.

SSL and/or TLS encryption

For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.

If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

4. Recording of data on this website

Cookies

Our websites use so-called “cookies.” Cookies are small data packages that do not cause any harm to your device. They are either temporarily stored for the duration of a session (session cookies) or permanently stored on your device (persistent cookies). Session cookies are automatically deleted after your visit ends. Persistent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

Sometimes cookies from third-party providers may also be stored on your device when you visit our site (third-party cookies). These enable us or you to use certain services of the third party (e.g., cookies for processing payment services).

Cookies have different functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or video display). Other cookies are used to analyze user behavior or display advertising.

Cookies that are necessary for the execution of electronic communication, for providing certain functions requested by you (e.g., for the shopping cart function), or for optimizing the website (e.g., cookies for measuring web traffic) (necessary cookies) are stored based on Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent has been obtained for the storage of cookies and comparable tracking technologies, processing is carried out exclusively based on this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); consent can be revoked at any time.

You can configure your browser to inform you about the setting of cookies and to allow cookies only on a case-by-case basis, to exclude acceptance of cookies for certain cases or in general, and to activate automatic deletion of cookies when closing the browser.
If you deactivate cookies, the functionality of this website may be limited.

If cookies from third parties or cookies for analytical purposes are used, we will inform you separately within the scope of this privacy policy and, if necessary, ask for your consent.

Consent with Real Cookie Banner

Our website uses the consent management platform Real Cookie Banner to obtain your consent for storing certain cookies on your device or for using specific technologies, and to document this in a data protection-compliant manner. The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling, Germany.

When you visit our website, a cookie from Real Cookie Banner is stored in your browser, in which your given consents or the withdrawal of these consents are recorded. These data are not shared with the provider of Real Cookie Banner.

The collected data is stored until you request deletion from us, delete the Real Cookie Banner cookie yourself, or the purpose of data storage no longer applies. Mandatory legal retention periods remain unaffected. Details on data processing by Real Cookie Banner can be found at:
https://devowl.io/de/datenschutzerklaerung/

The use of the Real Cookie Banner consent technology is intended to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

Further information and options for managing your choices can be found under “Cookie Settings” in the footer at the very bottom of the website.

Order processing

We have concluded an order processing agreement for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

Server log files

The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:

• • The type and version of browser used

• • The used operating system

• • Referrer URL

• • The hostname of the accessing computer

• • The time of the server inquiry

• • The IP address

This data is not merged with other data sources.

This data is recorded on the basis of Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.

Contact form

If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We also use this data to inform you about our products, services and offers and for other marketing activities. We will not share this information without your consent.

The processing of these data is based on Art. 6 (1) (b) GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures.In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us and on our legitimate interest in pursuing business development interests and carrying out marketing activities us (Art. 6 (1) (f) GDPR) or on your agreement (Art. 6 (1) (a) GDPR) if this has been requested; the consent can be revoked at any time.

The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data or if the purpose for which the information is being archived no longer exists (e.g., after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions, in particular retention periods.

Request by e-mail, telephone, or fax

If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

These data are processed on the basis of Art. 6 (1) (b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6 (1) (f) GDPR) or on the basis of your consent (Art. 6 (1) (a) GDPR) if it has been obtained; the consent can be revoked at any time.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Typeform

We have integrated Typeform on this website. The provider is TYPEFORM S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain (hereinafter “Typeform”).

Typeform enables us to create online forms and integrate them into our website. The data you enter in our Typeform forms is stored on Typeform’s servers until you ask us to delete it, revoke any consent you have given to store it, or the purpose for storing the data no longer applies (e.g., after we have finished processing your request). Mandatory legal provisions – in particular, retention periods – remain unaffected by this.

The use of Typeform is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in functioning online forms. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Calendly

You can make appointments with us on our website. We use the “Calendly” tool for booking appointments. The provider is Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA (hereinafter “Calendly”).

To book an appointment, enter the requested data and the desired date in the screen provided. The data entered will be used for planning, executing and, if necessary, for the follow-up of the appointment. The appointment data is stored for us on the servers of Calendly, whose privacy policy can be viewed here: https://calendly.com/legal/privacy-notice

The data you have entered will remain with us until you ask us to delete it, revoke your consent for storage or the purpose for which the data was stored ceases to apply. Mandatory legal provisions, in particular retention periods, remain unaffected.

The legal basis for data processing is Art. 6(1)(f) GDPR. The website operator has a justified interest in making appointments with interested parties and customers in as uncomplicated a manner as possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://calendly.com/pages/dpa.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Google Calendar

On our website, you have the option to set up appointments with our company. For planning purposes, we use Google Calendar. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).

To make reservations for an appointment, you will enter the requested data and your preferred meeting date into the dedicated screen. The data you enter will be used to plan, conduct, and possibly also follow up on the appointment. The appointment information will be stored on the servers of Google Calendar on our behalf. You may review the company’s data protection policy here: https://policies.google.com/privacy.

The data you have entered will remain in our possession until you ask us to delete them, revoke your consent to the archiving of the data or when the purpose of data archiving no longer applies. This shall be without prejudice to mandatory statutory provisions – in particular with regard to retention periods.

The legal basis for the processing of your data is Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in making the arrangement of appointments with prospects as well as customers as easy as possible. If we have requested your related consent, processing shall occur exclusively on the basis of Art. 6 Sect. 1 lit. a GDPR and § 25 Sect. 1 TTDSG, if such consent comprises the storage of cookies or access to information on your device (e.g., for device fingerprinting) as defined in the TTDSG. Such consent may be revoked at any time.

The transfer of data to the United States is based on the standard contract clauses of the EU commission. For details please visit: https://cloud.google.com/terms/data-processing-addendum/ and https://cloud.google.com/terms/sccs.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Salesforce Sales Cloud

We use Salesforce Sales Cloud to manage customer data. The provider is salesforce.com Deutschland GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany (hereinafter “Salesforce”).

Salesforce Sales Cloud is a CRM system and enables us, in particular, to manage existing and potential customers and customer contacts and to organize sales and communication processes. The use of the CRM system also enables us to analyze our customer-related processes. Customer data is stored on Salesforce servers. In the process, personal data may also be transferred to the parent company of salesforce.com Germany GmbH, salesforce.com inc., Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.

Details about Salesforce Sales Cloud’s features can be found here: https://www.salesforce.com/uk/.

The use of Salesforce Sales Cloud takes place on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest on the most efficient customer management and customer communication possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Salesforce has Binding Corporate Rules (BCR) approved by the French data protection authority. These are binding corporate rules that legitimize the transfer of data from companies to third countries outside the EU and EEA.

For details, see the Salesforce Privacy Policy: https://www.salesforce.com/uk/company/privacy/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

LinkedIn Insight Tag

Our website uses the Insight Tag from the social network LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

The LinkedIn Insight Tag is a JavaScript code snippet that is triggered by LinkedIn when you visit our website and stores a cookie on the device you are using. Such storage of information by the LinkedIn Insight tag, access to information that is already stored on your device and other processing of personal data in connection with the LinkedIn Insight tag will only take place with your consent. The legal basis for the collection and transmission of personal data by us to LinkedIn Ireland is therefore Art. 6 para. 1 lit. a GDPR.

The LinkedIn Insight tag enables the collection of data about visits to our website, including URL, referrer URL, IP address, device and browser characteristics, timestamps and page views. This data is encrypted, anonymised within seven days and the anonymised data is deleted within 180 days. LinkedIn does not share any personal data with us but provides summarised reports on the website audience and ad performance.

LinkedIn also offers the option of retargeting website visitors so that we can use this data to display targeted advertising outside our website without identifying the member. LinkedIn members can control the use of their personal data for advertising purposes in their account settings.

Data processing

The LinkedIn Insight tag is used to enable detailed campaign reports and to obtain the information described here about visitors to our website.  The Insight tag helps us to track when visitors perform certain actions on our website and to retarget our website visitors. We therefore use it to pursue our advertising and marketing interests.

Details on data collection (purpose, scope and information on further processing) as well as your rights and setting options can be found in LinkedIn’s privacy policy. LinkedIn provides this information at https://www.linkedin.com/legal/privacy-policy.

ZoomInfo / WebSights

We use the ZoomInfo WebSights service provided by ZoomInfo Technologies LLC, 805 Broadway St, Suite 900, Vancouver, WA 98660-3506, USA. Within the EU, ZoomInfo is represented by VeraSafe Ireland Ltd., Unit 3D North Point House, North Point Business Park, New Mallow Road, Cork T23AT2P, Ireland.

Purpose and scope of data processing:
ZoomInfo WebSights allows us to analyze whether a website visit can be attributed to a known organization based on the visitor’s IP address. This helps us determine if the visit was made by a company with which we already maintain a business relationship, or whether a potential new organization may be interested in our services.

ZoomInfo collects and combines data from various sources, including:

• publicly available online data (via web scraping),
• licensed data from third parties,
• information provided by users of ZoomInfo’s platform,
• its own market research, phone interviews, and internal investigations.

The information we receive from ZoomInfo includes aggregated, organization-level data such as industry, company size, revenue, and location. We do not receive individual user tracking data or analyze individual browsing behavior. The focus is entirely on organizational attribution, not on identifying individual visitors.

Cookies and consent:
ZoomInfo sets a cookie on our website to recognize corporate visits. This cookie is only activated after your explicit consent and may involve the processing of your IP address and device-related information. The legal basis for this processing is your consent pursuant to Art. 6 (1) lit. a GDPR in conjunction with § 25 (1) TTDSG. You may withdraw your consent at any time with future effect, e.g. via our cookie banner.

Data transfer and third country processing:
ZoomInfo Technologies LLC is certified under the EU-U.S. Data Privacy Framework (DPF), which ensures an adequate level of data protection in accordance with Art. 45 GDPR when transferring data to the United States. In addition, we have entered into a data processing agreement (DPA) with the provider pursuant to Art. 28 GDPR.

Further information:
For more details on how ZoomInfo processes personal data, including options to opt out or delete data, please visit: https://www.zoominfo.com/about-zoominfo/privacy-policy

5. Social media

Facebook

We have integrated elements of the social network Facebook on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

An overview of the Facebook social media elements is available under the following link: https://developers.facebook.com/docs/plugins/.

If the social media element has been activated, a direct connection between your device and the Facebook server will be established. As a result, Facebook will receive information confirming your visit to this website with your IP address. If you click on the Facebook Like button while you are logged into your Facebook account, you can link content of this website to your Facebook profile. Consequently, Facebook will be able to allocate your visit to this website to your user account. We have to emphasize that we as the provider of the website do not receive any information on the content of the transferred data and its use by Facebook. For more information, please consult the Data Privacy Policy of Facebook at: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6 Sect. 1 lit. a GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum?_rdr and https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

6. Analysis tools and advertising

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is assigned to the respective end device of the user. An assignment to a user-ID does not take place.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Browser plug-in

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics.

Pardot

This website also uses an analysis tool from Pardot of salesforce.com Inc. Two cookies are set by Pardot Services. These are a “Visitor Cookie” and a “Pardot App Session Cookie”. The “Visitor Cookie” generates an identification number that is used to recognize the browser of the website visitor. The identification number is a generated numerical code that has no meaning outside of Pardot Services. The “Pardot App Session Cookie” is only set when a customer logs into the Pardot App as a user. All cookies only receive the generated number code.

We use Pardot to analyze and regularly improve the use of our website. To this end, we analyze user or click behavior on our website in order to better tailor our communication to customer needs.

The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time via the settings in the cookie consent banner.

7. Plug-ins and Tools

YouTube with expanded data protection integration

Our website embeds videos of the website YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.

As soon as you start to play a YouTube video on this website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.

Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control.

The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.

Google Fonts (local embedding)

This website uses so-called Google Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

For more information on Google Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

6sense

On this website, we use the marketing and analytics platform 6sense provided by 6sense Insights Inc., 1400 Broadway, 21st Floor, New York, NY 10018, USA. 6sense helps us better identify potential customers, target marketing campaigns more precisely, and analyze the success of our efforts.

When you visit our website, 6sense may collect various data, including your IP address, visited pages, device information, and other interactions with our website. This information is stored and processed on 6sense’s servers. The data processing aims to show you relevant content and offers and to make marketing campaigns more efficient.

The legal basis for using 6sense is our legitimate interest pursuant to Art. 6(1)(f) GDPR, as we seek to optimize our marketing activities and improve the user experience on our website. Where consent for data processing for marketing purposes has been given, processing is carried out on the basis of Art. 6(1)(a) GDPR.

Further information about data protection at 6sense can be found in their privacy policy at: https://6sense.com/privacy-policy

Data Processing Agreement
We have concluded a data processing agreement with 6sense Insights Inc. and fully comply with the requirements of data protection authorities when using 6sense.

Wistia

This site uses components from Wistia to integrate videos.  The operating company of Wistia is Wistia, Inc., 17 Tudor Street, Cambridge, MA 02139, USA.  The integration requires that Wistia can perceive the IP address of the user. The IP address is required in order to send the content to the user’s browser. When you call up a single page of our website on which a Wistia component (video) is located, the component causes your internet browser to download a corresponding representation of the component. Thus, Wistia knows which specific sub-pages you have visited.

If you are logged in to Wistia at the same time, Wistia can track which of our sub-pages containing a video you have visited.

If you do not want information to be transmitted to Wistia, log out of Wistia before visiting our website.

Find more privacy information from Wistia at: https://wistia.com/privacy.

Weglot

This website incorporates features of the translation service Weglot. The provider is Weglot SAS, 138, rue Pierre Joigneaux in Bois-Colombes 92270, France.

Weglot is loaded when the website is accessed, allowing you to change the language via the language icon in the website header. As a result, a direct connection may be established between your browser and the Weglot server when visiting this website.

Weglot thereby receives information that your IP address has accessed this website. The storage and analysis of this data is based on Article 6(1)(f) of the GDPR. Corresponding consent is requested via the website’s cookie and privacy settings.

Processing then takes place solely on the basis of Article 6(1)(a) of the GDPR; consent can be withdrawn at any time via the privacy settings at the bottom of each subpage.

Further information can be found in Weglot’s privacy policy: https://weglot.com/privacy/.

LimeSurvey

For surveys, we use the open-source software provided by LimeSurvey GmbH, Papenreye 63, 22453 Hamburg. LimeSurvey enables the creation, publication, and execution of web-based surveys. Survey responses are stored in a database and can be evaluated or exported by the survey creators using internal functions.

Type and scope of processing
If personal data is collected within a survey form, we inform you on the survey’s start page in accordance with Article 13 GDPR about the type, scope, and purpose of data processing, the legal basis, and storage duration.

The following data may be collected during a survey:

• Email address (if collected)
• Name (if collected)
• Answers to survey questions
• Date and time stamps
• Time spent on each survey page
• Browser cookies (e.g., to prevent multiple participations)

In addition, LimeSurvey processes log data, which is not used for marketing purposes:

• IP address
• Date, time, and duration of the request
• URL of the accessed survey
• Access status/HTTP status code
• Data volume transferred
• Browser type and version
• Operating system

Voluntariness and evaluation
Participation in the survey is voluntary. The collected data may be statistically evaluated and used for marketing purposes, but no conclusions about individual persons are possible. Personal data is not shared with third parties.

For more information about data processing and LimeSurvey’s privacy practices, please visit: https://www.limesurvey.org/privacy-policy.

Purpose and legal basis
Processing is based on your consent according to Article 6 (1) (a) GDPR and § 25 (1) TTDSG.

Storage duration
Personal data is stored only as long as necessary to fulfill the above purposes. Connection and usage data (log files) are deleted after a maximum of three years. Browser cookies used for the survey are automatically deleted when logging out of LimeSurvey and closing the browser.

8. Applicant data protection

We work with the applicant portal softgarden e-Recruiting GmbH, Tauenzienstr.14, 10789 Berlin. softgarden e-Recruiting GmbH provides the software and IT infrastructure for processing applicant data. All web servers used for this purpose are located in data centres at locations in Germany.

Handling applicant data

We offer website visitors the opportunity to submit job applications to us (e.g., via e-mail, via postal services on by submitting the online job application form). Below, we will brief you on the scope, purpose and use of the personal data collected from you in conjunction with the application process. We assure you that the collection, processing, and use of your data will occur in compliance with the applicable data privacy rights and all other statutory provisions and that your data will always be treated as strictly confidential.

Scope and purpose of the collection of data

If you submit a job application to us, we will process any affiliated personal data (e.g., contact and communications data, application documents, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment or an employment relationship. The legal grounds for the aforementioned are § 26 BDSG according to German Law (Negotiation of an Employment Relationship), Art. 6(1)(b) GDPR (General Contract Negotiations) and – provided you have given us your consent – Art. 6(1)(a) GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your job application.

If your job application should result in your recruitment, the data you have submitted will be archived on the grounds of § 26 BDSG and Art. 6(1)(b) GDPR for the purpose of implementing the employment relationship in our data processing system.

Data Archiving Period

If we are unable to make you a job offer or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application). Afterwards the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the 6-month period (e.g., due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies.

Longer storage may also take place if you have given your agreement (Article 6(1)(a) GDPR) or if statutory data retention requirements preclude the deletion.

Admission to the applicant pool

If we do not make you a job offer, you may be able to join our applicant pool. In case of admission, all documents and information from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies.

Admission to the applicant pool is based exclusively on your express agreement (Art. 6(1)(a) GDPR). The submission agreement is voluntary and has no relation to the ongoing application procedure. The affected person can revoke his agreement at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no legal reasons for storage.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been granted.

9. Newsletter

When you sign up for our newsletter, we process the data you provide, usually your name and email address, for the purpose of sending our newsletter. We store your registration data, the time of registration, and the IP address in order to be able to prove the registration. The legal basis for processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by unsubscribing from the newsletter. A corresponding link can be found in every newsletter.

As an existing customer, we may send you information and offers about similar products or services that you have already purchased from us by email. For this purpose, we use the email address you provided to us when making the purchase. The legal basis for this is our legitimate interest in direct marketing pursuant to Art. 6 para. 1 lit. f GDPR in conjunction with § 7 para. 3 UWG. You have the right to object to this use of your email address at any time without incurring any costs other than the transmission costs according to the basic tariffs. A corresponding note can also be found in every email sent to you.

10. Events and Workshops

When you register for one of our events or workshops, we process the data you provide (such as name, contact details, position, company) for the organization and execution of the event. This includes managing registrations, communicating with you regarding the event, and, if applicable, creating participant lists and name badges. The legal basis for this is consent (Art. 6 para. 1 lit. a GDPR), the performance of pre-contractual measures (Art. 6 para. 1 lit. b GDPR), or our legitimate interests in developing our business and fostering customer relationships (Art. 6 para. 1 lit. f GDPR). It also serves the legitimate interests of those persons who wish to participate in our events.

In some cases, we may take photos or videos of the event and use them for documentation and advertising purposes. We will inform you separately about this and obtain your consent where required. After the event, we may use your data to inform you about similar future events unless you object.