Data Protection
table of contents
- Introduction and overview
- scope of application
- Legal bases
- Contact details of the person responsible
- Storage period
- Rights according to the General Data Protection Regulation
- Data processing security
- communication
- cookies
- Web hosting
- Blogs and publication media
- Facebook privacy policy
- Instagram privacy policy
- Twitter Privacy Policy
- XING data protection declaration
- Google reCAPTCHA privacy policy
Introduction and overview
We have written this data protection declaration (version 20.10.2021-311856839) to provide you with information in accordance with the requirements of General Data Protection Regulation (EU) 2016/679 and applicable national laws to explain which personal data (data for short) we as the controller – and the processors commissioned by us (e.g. providers) – process and will process in the future and which are legitimate options They have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about the data that we process about you.
Data protection declarations usually sound very technical and use legal technical terms. However, this data protection declaration is intended to describe the most important things to you as simply and transparently as possible. As far as transparency is beneficial, technical terms are explained in a reader-friendly manner, links to further information are provided and graphics are used. We are thus informing in clear and simple language that we only process personal data in the context of our business activities if there is a corresponding legal basis. This is certainly not possible if you make as brief, unclear and legal-technical statements as possible, as they are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and maybe there is one or the other piece of information that you were not familiar with.
If you still have questions, we would like to ask you to contact the responsible body named below or in the legal notice, to follow the existing links and to look at further information on third-party websites. You can of course also find our contact details in the imprint.
scope of application
This data protection declaration applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (contract processors). By personal data we mean information within the meaning of Art. 4 No. 1 GDPR, such as the name, email address and postal address of a person. The processing of personal data ensures that we can offer and invoice our services and products, be it online or offline. The scope of this data protection declaration includes:
- all online presences (websites, online shops) that we operate
- Social media appearances and email communication
- mobile apps for smartphones and other devices
In short: The data protection declaration applies to all areas in which personal data is processed in a structured manner in the company via the channels mentioned. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.
Legal bases
In the following data protection declaration, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course read this EU General Data Protection Regulation online on EUR-Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679 .
We only process your data if at least one of the following conditions applies:
- Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of the data you entered in a contact form.
- Contract (Article 6 Paragraph 1 lit.b GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a sales contract with you, we need personal information in advance.
- Legal obligation (Article 6 Paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we will process your data. For example, we are legally required to keep invoices for bookkeeping. These usually contain personal data.
- Legitimate interests (Article 6 Paragraph 1 lit.f GDPR): In the case of legitimate interests that do not restrict your basic rights, we reserve the right to process personal data. For example, we have to process certain data in order to be able to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.
Further conditions such as the taking of recordings in the public interest and the exercise of official authority as well as the protection of vital interests do not usually arise with us. If such a legal basis should be relevant, it will be shown at the appropriate point.
In addition to the EU regulation, national laws also apply:
- In Austria this is the federal law for the protection of natural persons when processing personal data ( data protection law ), DSG for short.
- In Germany , the Federal Data Protection Act , or BDSG for short, applies.
If other regional or national laws apply, we will inform you about them in the following sections.
Contact details of the person responsible
If you have any questions about data protection, you will find the contact details of the responsible person or office below:
Katherine Starks
Herzbergstrasse 21
61449 Steinbach
Authorized to represent: Katherine Starks
Email: hello@katherinestarks.com
Telephone: +49 1709336495
Imprint: https://www.katherinestarks.com/impressum/
Storage period
The fact that we only store personal data for as long as is absolutely necessary for the provision of our services and products is a general criterion for us. This means that we delete personal data as soon as the reason for the data processing no longer exists. In some cases we are legally obliged to store certain data even after the original purpose no longer exists, for example for accounting purposes.
If you want your data to be deleted or if you revoke your consent to data processing, the data will be deleted as soon as possible and unless there is an obligation to store it.
We will inform you below about the specific duration of the respective data processing, provided we have further information.
Rights according to the General Data Protection Regulation
According to Article 13 GDPR, you have the following rights to ensure that data is processed fairly and transparently:
- According to Article 15 GDPR, you have a right to information as to whether we are processing your data. If so, you have the right to receive a copy of the data and the following information:
- for what purpose we carry out the processing;
- the categories, i.e. the types of data that are processed;
- who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
- how long the data will be stored;
- the existence of the right to correction, deletion or restriction of processing and the right to object to processing;
- that you can complain to a supervisory authority (links to these authorities can be found below);
- the origin of the data, if we have not collected it from you;
- whether profiling is carried out, i.e. whether data is automatically evaluated in order to arrive at a personal profile of you.
- According to Article 16 GDPR, you have the right to correct your data, which means that we have to correct the data if you find errors.
- According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which specifically means that you can request the erasure of your data.
- According to Article 18 GDPR, you have the right to restriction of processing, which means that we are only allowed to save the data but no longer use it.
- According to Article 19 GDPR, you have the right to data portability, which means that we will provide you with your data in a common format on request.
- According to Article 21 GDPR, you have a right of objection, which will result in a change in processing after enforcement.
- If the processing of your data is based on Article 6 Para. 1 lit. e (public interest, exercise of official authority) or Article 6 para. 1 lit. f (legitimate interest), you can object to the processing. We will then check as soon as possible whether we can legally comply with this contradiction.
- If data is used to operate direct mail, you can object to this type of data processing at any time. We are then no longer allowed to use your data for direct marketing.
- If data is used to carry out profiling, you can object to this type of data processing at any time. We are then no longer allowed to use your data for profiling.
- According to Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g. profiling).
In short: you have rights – do not hesitate to contact the person in charge listed above!
If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can complain to the supervisory authority. This is the data protection authority for Austria, whose website you can find at https://www.dsb.gv.at/ . In Germany there is a data protection officer for each federal state. For more information, please contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) . The following local data protection authority is responsible for our company:
Hesse data protection authority
State Commissioner for Data Protection: Prof. Dr. Alexander Rossnagel
Address: PO Box 31 63, 65021 Wiesbaden
Telephone number: 06 11/140 80
Email address: poststelle@datenschutz.hessen.de
Website: https://datenschutz.hessen.de/
Data processing security
We have implemented both technical and organizational measures to protect personal data. Wherever possible, we encrypt or pseudonymize personal data. As a result, we make it as difficult as possible, as far as possible, for third parties to infer personal information from our data.
Art. 25 GDPR speaks of “data protection through technology design and data protection-friendly default settings” and means that both software (e.g. forms) and hardware (e.g. access to the server room) always think of security and appropriate security Measures. If necessary, we will go into specific measures below.
TLS encryption with https
TLS, encryption and https sound and are very technical. We use HTTPS (the Hypertext Transfer Protocol Secure stands for “secure hypertext transfer protocol”) to transfer data securely on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured – no one can “overhear”.
We have thus introduced an additional security layer and comply with data protection through technology design (Article 25 (1) GDPR ). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this data transmission protection by the small lock symbol top left in the browser, to the left of the Internet address (e.g. examplepage.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you want to know more about encryption, we recommend doing a Google search for “Hypertext Transfer Protocol Secure wiki” for good links to further information.
communication
Communication summary 👥 Affected: Anyone who communicates with us by phone, email or online form 📓 Processed data: e.g. B. Telephone number, name, email address, entered form data. You can find more details on this under the type of contact used 🤝 Purpose: handling communication with customers, business partners, etc. 📅 Storage duration: duration of the business case and the statutory provisions ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. b GDPR (contract), Art. 6 Para. 1 lit. f GDPR (legitimate interests) |
If you contact us and communicate by phone, email or online form, personal data may be processed.
The data will be processed for the handling and processing of your question and the related business transaction. The data is stored for the same length of time or for as long as required by law.
Affected people
The above-mentioned processes affect everyone who contacts us via the communication channels we have provided.
phone
When you call us, the call data is stored in pseudonymized form on the respective device and by the telecommunications provider used. In addition, data such as name and telephone number can then be sent by e-mail and saved for answering inquiries. The data will be deleted as soon as the business case has ended and legal requirements allow.
If you communicate with us by e-mail, data may be stored on the respective end device (computer, laptop, smartphone, …) and data is saved on the e-mail server. The data will be deleted as soon as the business case has ended and legal requirements allow.
Online forms
If you communicate with us using an online form, data will be stored on our web server and, if necessary, forwarded to an email address from us. The data will be deleted as soon as the business case has ended and legal requirements allow.
Legal bases
The processing of the data is based on the following legal bases:
- Art. 6 para. 1 lit. a GDPR (consent): You give us your consent to save your data and continue to use it for the purposes of the business case;
- Art. 6 para. 1 lit. b GDPR (contract): There is a need to fulfill a contract with you or a processor such as B. the telephone provider or we have to provide the data for pre-contractual activities, such as B. the preparation of an offer, process;
- Art. 6 para. 1 lit. f GDPR (Legitimate Interests): We want to conduct customer inquiries and business communication in a professional manner. For this purpose, certain technical facilities such. B. e-mail programs, Exchange servers and mobile network operators are necessary to be able to operate communication efficiently.
cookies
Cookies summary 👥 Affected: visitors to the website 🤝 Purpose: depending on the respective cookie. You can find more details on this below or from the manufacturer of the software that sets the cookie. 📓 Processed data: Depending on the cookie used. You can find more details on this below or from the manufacturer of the software that sets the cookie. 📅 Storage duration: depending on the respective cookie, can vary from hours to years ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 Para. 1 letter f GDPR (legitimate interests) |
What are cookies?
Our website uses HTTP cookies to save user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
Whenever you surf the Internet, you are using a browser. Well-known browsers are, for example, Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites save small text files in your browser. These files are called cookies.
One thing cannot be dismissed out of hand: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are also other cookies for other areas of application. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, which is the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you call up our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings that you are used to. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
The following graphic shows a possible interaction between a web browser such as B. Chrome and the web server. The web browser requests a website and receives a cookie back from the server, which the browser uses again as soon as another page is requested.
There are both first-party cookies and third-party cookies. First-party cookies are created directly from our side, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “pests”. Cookies cannot access information on your PC either.
For example, cookie data can look like this:
Name: _ga
Value: GA1.2.1326744211.152311856839-9
Purpose: Differentiation of website visitors
Expiry date: after 2 years
A browser should be able to support these minimum sizes:
- At least 4096 bytes per cookie
- At least 50 cookies per domain
- At least 3000 cookies in total
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.
There are 4 types of cookies:
Essential cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues surfing on other pages and only goes to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.
Appropriate cookies
These cookies collect information about user behavior and whether the user receives any error messages. These cookies are also used to measure the loading time and the behavior of the website with different browsers.
Goal-oriented cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are saved.
Advertising cookies
These cookies are also called targeting cookies. They serve to deliver customized advertising to the user. That can be very practical, but also very annoying.
Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also saved in a cookie.
If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265 , the Request for Comments of the Internet Engineering Task Force (IETF) called “HTTP State Management Mechanism”.
Purpose of processing via cookies
The purpose ultimately depends on the respective cookie. More details can be found below or from the manufacturer of the software that sets the cookie.
Which data are processed?
Cookies are little helpers for a wide variety of tasks. Unfortunately, it is not possible to generalize which data is stored in cookies, but we will inform you about the processed or stored data in the context of the following data protection declaration.
Storage duration of cookies
The storage duration depends on the respective cookie and is further specified under. Some cookies are deleted after less than an hour, others can remain on a computer for several years.
You also have an influence on the storage duration yourself. You can manually delete all cookies at any time using your browser (see also “Right to object” below). Furthermore, cookies based on consent will be deleted at the latest after you withdraw your consent, whereby the legality of storage remains unaffected until then.
Right of objection – how can I delete cookies?
You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies originate from, you always have the option of deleting, deactivating or only partially accepting cookies. For example, you can block third-party cookies but allow all other cookies.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. For each individual cookie, you can decide whether or not to allow the cookie. The procedure differs depending on the browser. It is best to search for the instructions in Google with the search term “delete cookies Chrome” or “deactivate cookies Chrome” in the case of a Chrome browser.
Legal basis
The so-called “cookie guidelines” have existed since 2009. It states that the storage of cookies requires your consent (Article 6 (1) (a) GDPR). Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this guideline was implemented in Section 96 Para. 3 of the Telecommunications Act (TKG). In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).
For absolutely necessary cookies, even if you have not given your consent. there are legitimate interests (Article 6 (1) (f) GDPR), which in most cases are of an economic nature. We want to provide visitors to the website with a pleasant user experience and for this certain cookies are often absolutely necessary.
Unless absolutely necessary cookies are used, this will only be done with your consent. The legal basis is Art. 6 Para. 1 lit. a GDPR.
In the following sections you will be informed in more detail about the use of cookies, provided that the software used uses cookies.
Web hosting
Web hosting summary 👥 Affected: visitors to the website 🤝 Purpose: professional website hosting and operation security 📓 Processed data: IP address, time of website visit, browser used and other data. You can find more details on this below or at the respective web hosting provider used. 📅 Duration of storage: depends on the respective provider, but usually 2 weeks ⚖️ Legal basis: Art. 6 para. 1 letter f GDPR (legitimate interests) |
What is web hosting?
When you visit websites these days, certain information – including personal data – is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By the way, by website we mean the entirety of all websites on a domain, ie everything from the start page (homepage) to the very last subpage (like this one). By domain we mean example.de or musterbeispiel.com.
When you want to view a website on one screen, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.
This web browser has to connect to another computer where the website’s code is stored: the web server. The operation of a web server is a complicated and time-consuming task, which is why this is usually done by professional providers, the providers. These offer web hosting and thus ensure reliable and error-free storage of website data.
When the browser on your computer (desktop, laptop, smartphone) connects and while data is being transferred to and from the web server, personal data may be processed. On the one hand, your computer stores data, on the other hand, the web server must also store data for a period of time in order to ensure proper operation.
As an illustration:
Why do we process personal data?
The purposes of data processing are:
- Professional hosting of the website and security of operation
- to maintain operational and IT security
- Anonymous evaluation of the access behavior to improve our offer and, if necessary, to prosecute or prosecute claims
Which data are processed?
Even while you are visiting our website, our web server, that is the computer on which this website is saved, usually automatically saves data such as
- the complete Internet address (URL) of the website called up (e.g. B. https://www.beispielwebsite.de/beispielunterseite.html?tid=311856839)
- Browser and browser version (e.g. Chrome 87)
- the operating system used (e.g. Windows 10)
- the address (URL) of the previously visited page (referrer URL) (e.g. B. https://www.beispielquellsite.de/vondabinichkommen.html/)
- the host name and the IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
- Date and Time
- in files, the so-called web server log files
How long will data be stored?
As a rule, the above data is stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed by the authorities in the event of illegal behavior.
In short: your visit will be logged by our provider (company that runs our website on special computers (servers)), but we will not pass on your data without your consent!
Legal basis
The lawfulness of the processing of personal data in the context of web hosting results from Art. 6 Para. 1 lit. f GDPR (safeguarding legitimate interests), because the use of professional hosting with a provider is necessary in order to present the company on the Internet in a safe and user-friendly manner and to be able to pursue attacks and claims from this, if necessary.
There is usually a contract between us and the hosting provider for order processing in accordance with Art. 28 f. GDPR, which guarantees compliance with data protection and data security.
Blogs and publication media
Blogs and Publication Media Privacy Statement Summary 👥 Affected: visitors to the website 🤝 Purpose: Presentation and optimization of our service as well as communication between website visitors, security measures and administration 📓 Data processed: Data such as contact details, IP address and published content. More details can be found under the tools used. 📅 Storage duration: depends on the tools used ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (Legitimate Interests), Art. 6 Para. 1 p. 1 lit. b. GDPR (contract) |
What are blogs and publication media?
We use blogs or other means of communication on our website with which we can communicate with you on the one hand and you can also communicate with us on the other. Your data can also be stored and processed by us. This may be necessary so that we can display content appropriately, communication works and security is increased. In our data protection text we go into general information about which of your data can be processed. Exact information on data processing always depends on the tools and functions used. You will find detailed information about data processing in the data protection notices of the individual providers.
Why do we use blogs and publication media?
Our greatest concern with our website is to offer you interesting and exciting content, and at the same time your opinions and content are important to us. That’s why we want to create a good interactive exchange between us and you. With various blogs and publication options, we can achieve exactly that. For example, you can post comments about our content, comment on others’ comments or, in some cases, post posts yourself.
Which data are processed?
Exactly which data is processed always depends on the communication functions we use. Very often IP address, username and the published content are saved. This is done primarily to ensure security protection, to prevent spam and to be able to take action against illegal content. Cookies can also be used for data storage. These are small text files that are stored with information in your browser. You can find more information about the collected and stored data in our individual sections and in the data protection declaration of the respective provider.
Duration of the data processing
We will inform you below about the duration of the data processing if we have further information. For example, post and comment functions store data until you revoke data storage. In general, personal data is only stored for as long as is absolutely necessary for the provision of our services.
Right to object
You also have the right and the option to revoke your consent to the use of cookies or third-party communication tools at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.
Since cookies can also be used in publication media, we also recommend our general data protection declaration on cookies. To find out which of your data is stored and processed, you should read the data protection declarations of the respective tools.
Legal basis
We use the means of communication mainly on the basis of our legitimate interests (Art. 6 Para. 1 lit. f GDPR) in fast and good communication with you or other customers, business partners and visitors. Insofar as the use serves to process contractual relationships or to initiate them, the legal basis is also Art. 6 para. 1 p. 1 lit. b. GDPR.
Certain types of processing, in particular the use of cookies and the use of comment or message functions, require your consent. If and to the extent that you have consented to data being processed and stored by integrated publication media, this consent is the legal basis for data processing (Article 6 (1) (a) GDPR). Most of the communication features we use set cookies on your browser to store data. We therefore recommend that you read our data protection text about cookies carefully and take a look at the data protection declaration or the cookie policy of the respective service provider.
You can find information on special tools – if available – in the following sections.
Blog posts and comment functions Privacy Policy
There are various online communication tools that we can use on our website. For example, we use blog posts and comment functions. This gives you the option of commenting on content or writing articles. If you use this function, your IP address can be saved for security reasons. This is how we protect ourselves from illegal content such as insults, illegal advertising or prohibited political propaganda. In order to recognize whether comments are spam, we can also store and process user information on the basis of our legitimate interest. If we start a survey, we also save your IP address for the duration of the survey so that we can be sure that everyone involved really only votes once. Cookies can also be used for storage purposes. All data that we store about you (e.g. content or information about you) remains stored until you object.
Media Privacy Policy
We also use the Medium hosting platform on our website. Service provider is the American company Medium Corporation, PO Box 602, San Francisco, CA 94104-0602, USA.
Medium also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks to the legality and security of the data processing.
Medium uses standard contractual clauses approved by the EU Commission (= Art. 46. Para. 2 and 3 GDPR). These clauses oblige Medium to comply with EU data protection standards when processing relevant data outside of the EU. These clauses are based on an implementation decision by the EU Commission. You can find the decision and the clauses here: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de .
You can find out more about the data processed through the use of Medium in the Privacy Policy at https://policy.medium.com/medium-privacy-policy-f03bf92035c9 .
WordPress emojis privacy policy
We also use so-called emojis and smileys in our blog. What emojis are exactly, we probably don’t need to explain in more detail here. You know those laughing, angry, or sad faces. They are graphic elements or files that we make available and are loaded from another server. The service provider for retrieving WordPress emojis and smilies is Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. This third party stores your IP address in order to be able to send the emoji files to your browser.
Automattic also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks to the legality and security of the data processing.
Automattic uses standard contractual clauses approved by the EU Commission (= Art. 46. Para. 2 and 3 GDPR). These clauses oblige Automattic to comply with the EU data protection level when processing relevant data outside of the EU. These clauses are based on an implementation decision by the EU Commission. You can find the decision and the clauses here: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de .
You can find out more about the data processed by using Automattic in the privacy policy at https://automattic.com/privacy/ .
Facebook privacy policy
Facebook Privacy Policy Summary 👥 Affected: visitors to the website 🤝 Purpose: to optimize our service 📓 Data processed: data such as customer data, user behavior data, information about your device and your IP address. More details can be found below in the privacy policy. 📅 Storage period: until the data is no longer useful for Facebook’s purposes ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests) |
What are Facebook tools?
We use selected Facebook tools on our website. Facebook is a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. These tools allow us to offer you and people who are interested in our products and services the best possible offer.
If data is collected and forwarded from you via our embedded Facebook elements or via our Facebook page (fan page), both we and Facebook Ireland Ltd. responsible for. Facebook is solely responsible for the further processing of this data. Our shared commitments have also been enshrined in a publicly available agreement at https://www.facebook.com/legal/controller_addendum . It states, for example, that we must clearly inform you about the use of Facebook tools on our site. Furthermore, we are also responsible for ensuring that the tools are securely integrated into our website in accordance with data protection law. Facebook, on the other hand, is responsible for the data security of Facebook products, for example. If you have any questions about data collection and data processing by Facebook, you can contact the company directly. If you address the question to us, we are obliged to forward it to Facebook.
Below we provide an overview of the various Facebook tools, what data is sent to Facebook and how you can delete this data.
In addition to many other products, Facebook also offers the so-called “Facebook Business Tools”. This is the official name of Facebook. But since the term is hardly known, we decided to just call them Facebook tools. These include, among others:
- Facebook pixel
- social plug-ins (such as the “Like” or “Share” button)
- Facebook login
- Account Kit
- APIs (programming interface)
- SDKs (collection of programming tools)
- Platform Integrations
- plugins
- codes
- Specifications
- documentations
- Technologies and Services
Through these tools, Facebook expands its services and has the ability to receive information about user activities outside of Facebook.
Why do we use Facebook tools on our website?
We only want to show our services and products to people who are really interested in them. With the help of advertisements (Facebook ads) we can reach exactly these people. In order to be able to show users appropriate advertising, however, Facebook needs information about people’s wishes and needs. Information about user behavior (and contact details) is made available to the company on our website. As a result, Facebook collects better user data and can show interested people appropriate advertising about our products or services. The tools thus enable tailor-made advertising campaigns on Facebook.
Facebook calls data about your behavior on our website “event data”. These are also used for measurement and analysis services. Facebook can thus create “campaign reports” on our behalf about the effect of our advertising campaigns. Furthermore, through analyzes we get a better insight into how you use our services, website or products. As a result, we use some of these tools to optimize your user experience on our website. For example, you can use the social plug-ins to share content on our site directly on Facebook.
What data is stored by Facebook tools?
By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address can be sent.
Facebook uses this information to match the data with the data it has from you (if you are a Facebook member). Before customer data is transmitted to Facebook, so-called “hashing” takes place. This means that a data set of any size is transformed into a character string. This is also used to encrypt data.
In addition to the contact data, “event data” is also transmitted. “Event data” means the information that we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally required to do so. “Event data” may also be associated with contact information. This allows Facebook to offer better personalized advertising. After the matching process already mentioned, Facebook deletes the contact data again.
In order to be able to deliver advertisements in an optimized manner, Facebook only uses the event data if it has been combined with other data (which was collected by Facebook in a different way). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transmitted to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, a different number of cookies will be created in your browser. In the descriptions of the individual Facebook tools, we go into more detail about individual Facebook cookies. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies .
How long and where will the data be stored?
In principle, Facebook stores data until it is no longer required for its own services and Facebook products. Facebook has servers all over the world where its data is stored. However, customer data will be deleted within 48 hours after it has been compared with your own user data.
How can I delete my data or prevent data storage?
In accordance with the General Data Protection Regulation, you have the right to information, correction, transferability and deletion of your data.
The data will only be completely deleted if you completely delete your Facebook account. And this is how deleting your Facebook account works:
1) Click Settings on the right side of Facebook.
2) Then click on “Your Facebook Information” in the left column.
3) Now click “Deactivation and Deletion”.
4) Now select “Delete Account” and then click “Next and Delete Account”
5) Now enter your password, click on “Next” and then on “Delete Account”
The data that Facebook receives via our site is stored, among other things, via cookies (e.g. in the case of social plugins). You can deactivate, delete or manage individual or all cookies in your browser. Depending on which browser you use, this works in different ways. The following instructions show how to manage cookies in your browser:
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether or not to allow it.
Legal basis
If you have agreed that your data can be processed and stored by integrated Facebook tools, this consent is the legal basis for data processing (Article 6 (1) (a) GDPR) . In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners. Nevertheless, we only use the tools if you have given your consent. Most social media platforms also set cookies on your browser to save data. We therefore recommend that you read our privacy statement on cookies carefully and consult Facebook’s privacy policy or cookie policy.
Facebook also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks to the legality and security of the data processing.
As a basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or data transfer there, Facebook uses standard contractual clauses approved by the EU Commission (= Art. 46, Paragraph 2 and 3 GDPR). These clauses oblige Facebook to comply with the EU level of data protection when processing relevant data outside the EU. These clauses are based on an implementation decision by the EU Commission. You can find the decision and the clauses here: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de .
We hope we have given you the most important information about the use and data processing by the Facebook tools. If you want to learn more about how Facebook uses your data, we recommend the data guidelines at https://www.facebook.com/about/privacy/update .
Facebook Social Plugins Privacy Policy
Our website uses so-called social plug-ins from Facebook Inc. built-in. You can recognize these buttons by the classic Facebook logo, such as the “Like” button (the hand with the thumb raised) or by a clear “Facebook plug-in” label. A social plugin is a small piece of Facebook that is integrated into our site. Each plugin has its own function. The most used features are the familiar “Like” and “Share” buttons.
The following social plug-ins are offered by Facebook:
- “Save” button
- Like button, share, send and quote
- Page Plugin
- Comments
- Messenger plugin
- Embedded posts and video player
- Groups plugin
Visit https://developers.facebook.com/docs/plugins for more information on how the individual plug-ins are used. On the one hand, we use the social plug-ins to offer you a better user experience on our site and, on the other hand, because Facebook can use them to optimize our advertisements.
If you have a Facebook account or have visited facebook.com before, Facebook has already set at least one cookie in your browser. In this case, your browser sends information to Facebook via this cookie as soon as you visit our site or interact with social plug-ins (e.g. the “Like” button).
The information received will be deleted or made anonymous within 90 days. According to Facebook, this data includes your IP address, which website you visited, the date, time and other information relating to your browser.
To prevent Facebook from collecting a lot of data during your visit to our website and connecting it to Facebook data, you must log out of Facebook while you are visiting the website (log out).
If you are not logged into Facebook or do not have a Facebook account, your browser will send less information to Facebook because you have fewer Facebook cookies. Nevertheless, data such as your IP address or which website you visit can be transmitted to Facebook. We would like to expressly point out that we do not know the exact content of the data. However, based on our current state of knowledge, we try to inform you as much as possible about data processing. You can also read about how Facebook uses the data in the company’s data guidelines at https://www.facebook.com/about/privacy/update .
At least the following cookies are set in your browser when you visit a website with social plug-ins from Facebook:
Name: dpr
Value: not specified
Purpose: This cookie is used to make the social plug-ins work on our website.
Expiration date: after the session ends
Name: fr
Value: 0jieyh4311856839c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose: The cookie is also necessary for the plug-ins to function properly.
Expiration date:: after 3 months
Note: These cookies were set after testing, even if you are not a Facebook member.
If you are logged in to Facebook, you can change your settings for advertisements yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen . If you are not a Facebook user, you can generally manage your usage-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/ . There you have the option of deactivating or activating providers.
If you want to find out more about Facebook’s data protection, we recommend the company’s own data guidelines at https://www.facebook.com/policy.php .
Facebook Login Privacy Policy
We have integrated the practical Facebook login on our site. You can easily log in to us with your Facebook account without having to create another user account. If you decide to register via the Facebook login, you will be redirected to the social media network Facebook. There you can register using your Facebook user data. This login procedure saves data about you and your user behavior and transmits it to Facebook.
In order to save the data, Facebook uses various cookies. In the following we show you the most important cookies that are set in your browser or already exist when you log in to our site using the Facebook login:
Name: fr
Value: 0jieyh4c2GnlufEJ9..Bde09j…1.0.Bde09j
Purpose: This cookie is used to ensure that the social plugin works as well as possible on our website.
Expiry date: after 3 months
Name: datr
Value: 4Jh7XUA2311856839SEmPsSfzCOO4JFFl
Purpose : Facebook sets the “datr” cookie when a web browser accesses facebook.com and the cookie helps identify login activity and protect users.
Expiry date: after 2 years
Name: _js_datr
Value: deleted
Purpose: Facebook sets this session cookie for tracking purposes, even if you do not have a Facebook account or are logged out.
Expiration date: after the session ends
Note: The cookies listed are just a small selection of the cookies available to Facebook. Other cookies are, for example, _ fbp, sb or wd. A complete list is not possible because Facebook has a large number of cookies and uses them variably.
On the one hand, the Facebook login offers you a quick and easy registration process, on the other hand we have the opportunity to share data with Facebook. This allows us to better tailor our offering and our promotions to your interests and needs. Data that we receive from Facebook in this way is public data such as
- your facebook name
- your profile picture
- a registered email address
- friend lists
- Button information (e.g. “Like” button)
- birthday date
- language
- residence
In return, we provide Facebook with information about your activities on our website. This includes information about the device you are using, which subpages you visit or which products you have purchased from us.
By using Facebook Login, you agree to the data processing. You can revoke this agreement at any time. If you want to find out more information about data processing by Facebook, we recommend the Facebook data protection declaration at https://de-de.facebook.com/policy.php .
If you are logged in to Facebook, you can change your settings for advertisements yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen .
Instagram privacy policy
Instagram privacy policy summary 👥 Affected: visitors to the website 🤝 Purpose: to optimize our service 📓 Processed data: data such as data on user behavior, information about your device and your IP address. More details can be found below in the privacy policy. 📅 Storage period: until Instagram no longer needs the data for its purposes ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests) |
What is Instagram
We have built in Instagram functions on our website. Instagram is a social media platform operated by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Facebook Inc. since 2012. and belongs to the Facebook products. Embedding Instagram content on our website is called embedding. This enables us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit our website that has an integrated Instagram function, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data will thus be processed across all Facebook companies.
In the following, we want to give you a more detailed insight into why Instagram collects data, what data it is and how you can largely control the data processing. Since Instagram becomes Facebook Inc. heard, we obtain our information on the one hand from the Instagram guidelines, but on the other hand also from the Facebook data guidelines themselves.
Instagram is one of the most famous social media networks in the world. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to “Insta” (as many of the users casually call the platform), edit them with various filters and also distribute them on other social networks. And if you don’t want to be active yourself, you can just follow other interesting users.
Why do we use Instagram on our website?
Instagram is the social media platform that has really gone through the roof in recent years. And of course we have also reacted to this boom. We want you to feel as comfortable as possible on our website. That is why a varied preparation of our content is a matter of course for us. Thanks to the embedded Instagram functions, we can enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be used for personalized advertising on Facebook. Our advertisements are only given to people who are really interested in our products or services.
Instagram also uses the collected data for measurement and analysis purposes. We get summarized statistics and thus more insight into your wishes and interests. It is important to note that these reports do not personally identify you.
What data is stored by Instagram?
If you come across one of our pages that has Instagram functions (such as Instagram images or plug-ins) installed, your browser automatically connects to the Instagram servers. In doing so, data is sent to Instagram, stored and processed. Regardless of whether you have an Instagram account or not. This includes information about our website, about your computer, about purchases made, about advertisements that you see and how you use our offer. The date and time of your interaction with Instagram are also saved. If you have an Instagram account or are logged in, Instagram stores significantly more data about you.
Facebook differentiates between customer data and event data. We assume this is exactly the case with Instagram. Customer data are, for example, name, address, telephone number and IP address. This customer data will only be transmitted to Instagram if it has been “hashed” beforehand. Hashing means that a data record is converted into a character string. This allows you to encrypt the contact details. In addition, the above-mentioned “event data” are also transmitted. Facebook – and consequently Instagram – understands “event data” to mean data about your user behavior. It can also happen that contact data is combined with event data. The contact details collected are compared with the data Instagram already has about you.
The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored.
We assume that data processing on Instagram works in the same way as on Facebook. This means: if you have an Instagram account or have visited www.instagram.com , Instagram has set at least one cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data will be deleted or anonymized after 90 days at the latest (after comparison). Although we have dealt intensively with data processing by Instagram, we cannot say exactly which data Instagram collects and stores.
In the following we show you cookies that are set in your browser at least when you click on an Instagram function (such as a button or an Insta picture). Our test assumes that you do not have an Instagram account. If you are logged in to Instagram, significantly more cookies will of course be set in your browser.
These cookies were used in our test:
Name: csrftoken
Value: “”
Purpose: This cookie is set with a high degree of probability for security reasons in order to prevent falsification of inquiries. However, we could not find out more precisely.
Expiry date: after one year
Name: mid
Value: “”
Purpose: Instagram sets this cookie in order to optimize its own services and offers in and outside of Instagram. The cookie defines a unique user ID.
Expiration date: after the end of the session
Name: fbsr_311856839124024
Value: no information
Purpose: This cookie saves the log-in request for users of the Instagram app.
Expiration date: after the end of the session
Name: rur
Value: ATN
Purpose: This is an Instagram cookie that ensures functionality on Instagram.
Expiration date: after the end of the session
Name: urlgen
Value: “{”194.96.75.33”:1901}:1iEtYv:Y833k2_UjKvXgYe311856839”
Purpose: This cookie is used by Instagram for marketing purposes.
Expiration date: after the end of the session
Note: We cannot claim to be complete here. Which cookies are set in the individual case depends on the embedded functions and your use of Instagram.
How long and where will the data be stored?
Instagram shares the information received between the Facebook companies with external partners and with people with whom you connect worldwide. The data processing takes place in compliance with the own data guideline. For security reasons, among other things, your data is distributed on Facebook servers around the world. Most of these servers are in the USA.
How can I delete my data or prevent data storage?
Thanks to the General Data Protection Regulation, you have the right to information, portability, correction and deletion of your data. You can manage your data in the Instagram settings. If you want to completely erase your data on Instagram, you have to delete your Instagram account permanently.
And this is how the deletion of the Instagram account works:
First, open the Instagram app. On your profile page, go down and click on “Help Center”. You are now on the company’s website. On the website, click on “Manage Your Account” and then on “Delete Your Account”.
If you delete your account entirely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you does not belong to your account and therefore will not be deleted.
As already mentioned above, Instagram stores your data primarily via cookies. You can manage, deactivate or delete these cookies in your browser. Management always works a little differently depending on your browser. Here we show you the instructions for the most important browsers.
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
You can also set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.
Legal basis
If you have consented that your data can be processed and stored through integrated social media elements, this consent is considered the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR) . In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners. We only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies on your browser to save data. We therefore recommend that you read our data protection text about cookies carefully and take a look at the data protection declaration or the cookie policy of the respective service provider.
Instagram and Facebook also process data in the USA, among others. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks to the legality and security of the data processing.
As a basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or data transfer there, Facebook uses standard contractual clauses approved by the EU Commission (= Art. 46, Paragraph 2 and 3 GDPR). These clauses oblige Facebook to comply with the EU level of data protection when processing relevant data outside the EU. These clauses are based on an implementation decision by the EU Commission. You can find the decision and the clauses here: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de .
We have tried to give you the most important information about data processing by Instagram. On https://help.instagram.com/519522125107875
you can take a closer look at Instagram’s data guidelines.
Twitter Privacy Policy
Twitter Privacy Policy Summary 👥 Affected: visitors to the website 🤝 Purpose: to optimize our service 📓 Processed data: data such as data on user behavior, information about your device and your IP address. More details can be found below in the privacy policy. 📅 Storage duration: Twitter deletes data collected from other websites after 30 days at the latest ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests) |
What is Twitter?
We have integrated functions from Twitter on our website. These are, for example, embedded tweets, timelines, buttons or hashtags. Twitter is a short message service and social media platform operated by Twitter Inc., One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.
To our knowledge, no personal data or data on your web activities are transferred to Twitter in the European Economic Area and in Switzerland simply by integrating the Twitter function. Data can only be sent to Twitter, stored and processed there if you interact with the Twitter functions, for example by clicking on a button. We have no influence on this data processing and bear no responsibility. As part of this data protection declaration, we want to give you an overview of what data Twitter stores, what Twitter does with this data and how you can largely protect yourself from data transmission.
For some, Twitter is a news service, for others a social media platform, and still others speak of a microblogging service. All of these terms have their place and mean more or less the same thing.
Both private individuals and companies use Twitter to communicate with interested people via short messages. Twitter only allows 280 characters per message. These messages are called “tweets”. Unlike Facebook, for example, the service does not focus on expanding a network for “friends”, but wants to be understood as a worldwide and open news platform. You can also have an anonymous account on Twitter and tweets can be deleted by the company on the one hand and by the users themselves on the other.
Why do we use Twitter on our website?
Like many other websites and companies, we try to offer our services and services through different channels and to communicate with our customers. Twitter, in particular, has become dear to us as a useful “small” news service. Again and again we tweet or retweet exciting, funny or interesting content. We realize that you cannot follow every channel separately. After all, you have other things to do as well. That is why we have also included Twitter functions on our website. You can experience our Twitter activity ‘on the spot’ or follow a direct link to our Twitter page. With the integration, we want to strengthen our service and user-friendliness on our website.
What data does Twitter store?
On some of our subpages you will find the built-in Twitter functions. If you interact with Twitter content, such as clicking a button, Twitter may collect and store data. Even if you don’t have a Twitter account yourself. Twitter calls this data “log data”. This includes demographic data, browser cookie IDs, your smartphone ID, hashed email addresses, and information about which pages you have visited on Twitter and what actions you have taken. Of course, Twitter stores more data if you have a Twitter account and are logged in. This storage is mostly done via cookies. Cookies are small text files that are usually set in your browser and transmit various information to Twitter.
We will now show you which cookies are set if you are not logged in to Twitter but visit a website with built-in Twitter functions. Please consider this list as an example. Under no circumstances can we guarantee completeness here, since the choice of cookies is always changing and depends on your individual actions with the Twitter content.
These cookies were used in our test:
Name: personalization_id
Value: “v1_cSJIsogU51SeE311856839”
Purpose: This cookie stores information about how you use the website and which advertisements may have brought you to Twitter.
Expiry date: after 2 years
Name: long
Value: de
Purpose: This cookie saves your default or preferred language.
Expiry date: after the end of the session
Name: guest_id
Value: 311856839v1%3A157132626
Purpose: This cookie is set to identify you as a guest.
Expiry date: after 2 years
Name: fm
Value: 0
Purpose: Unfortunately, we could not find out the purpose of this cookie.
Expiry date: after the end of the session
Name: external_referer
Value: 3118568392beTA0sf5lkMrlGt
Purpose: This cookie collects anonymous data, such as how often you visit Twitter and how long you visit Twitter.
Expiration Date: After 6 days
Name: eu_cn
Value: 1
Purpose: This cookie stores user activity and is used for various advertising purposes by Twitter.
Expiry date: After one year
Name: ct0
Value: c1179f07163a365d2ed7aad84c99d966
Purpose: Unfortunately, we did not find any information on this cookie.
Expiry date: after 6 hours
Name: _twitter_sess
Value: 53D%253D-dd0248311856839-
Purpose: With this cookie you can use functions within the Twitter website.
Expiry date: after the end of the session
Note: Twitter also works with third parties. That’s why we also recognized the three Google Analytics cookies _ga, _gat, _gid in our test.
On the one hand, Twitter uses the collected data to better understand user behavior and thus to improve its own services and advertising offers, on the other hand, the data is also used for internal security measures.
How long and where will the data be stored?
If Twitter collects data from other websites, it will be deleted, aggregated or otherwise hidden after a maximum of 30 days. The Twitter servers are located at various server centers in the United States. It can therefore be assumed that the data collected will be collected and stored in America. After our research, we were not able to determine for sure whether Twitter also has its own servers in Europe. In principle, Twitter can store the collected data until it is no longer useful for the company, you delete the data or there is a statutory deletion period.
How can I delete my data or prevent data storage?
In its data protection guidelines, Twitter repeatedly emphasizes that it does not store any data from external website visits if you or your browser are located in the European Economic Area or Switzerland. However, if you interact directly with Twitter, Twitter will of course also store your data.
If you have a Twitter account, you can manage your information by clicking “More” under the “Profile” button. Then click on “Settings and data protection”. Here you can manage the data processing individually.
If you do not have a Twitter account, you can go to twitter.com and then click “Personalization”. You can manage the data you have collected under the item “Individualization and data”.
As mentioned above, most data is stored via cookies and you can manage, deactivate or delete them in your browser. Please note that you only “edit” the cookies in the browser you have chosen. This means: if you use a different browser in the future, you will have to manage your cookies there again according to your wishes. Here are the instructions on how to manage cookies for the most popular browsers.
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
You can also manage your browser so that you are informed of each individual cookie. Then you can always decide individually whether you allow a cookie or not.
Twitter also uses the data for personalized advertising inside and outside of Twitter. You can switch off personalized advertising in the settings under “Individualization and data”. If you use Twitter on a browser, you can opt out of personalized advertising at http://optout.aboutads.info/?c=2&lang=EN .
Legal basis
If you have consented that your data can be processed and stored through integrated social media elements, this consent is considered the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR) . In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners. We only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies on your browser to save data. We therefore recommend that you read our data protection text about cookies carefully and take a look at the data protection declaration or the cookie policy of the respective service provider.
Twitter also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks to the legality and security of the data processing.
Twitter uses standard contractual clauses approved by the EU Commission (= Art. 46. Para. 2 and 3 GDPR). These clauses oblige Twitter to comply with EU data protection standards when processing relevant data outside of the EU. These clauses are based on an implementation decision by the EU Commission. You can find the decision and the clauses here: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de .
We hope we have given you a basic overview of data processing by Twitter. We do not receive any data from Twitter and are not responsible for what Twitter does with your data. If you have any further questions on this topic, we recommend the Twitter data protection declaration at https://twitter.com/de/privacy .
XING data protection declaration
Xing privacy policy summary 👥 Affected: visitors to the website 🤝 Purpose: to optimize our service 📓 Processed data: Your IP address, browser data, date and time of your page view can be stored More details can be found below in the privacy policy. 📅 Duration of storage: Data from Xing users is stored until deletion is requested ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests) |
What is Xing?
On our website we use social plugins from the social media network Xing, the company Xing SE, Dammtorstraße 30, 20354 Hamburg, Germany. With these functions, you can, for example, share content directly on Xing via our website, log in via Xing or follow interesting content. You can recognize the plug-ins by the company name or the Xing logo. If you call up a website that uses a Xing plug-in, data can be transmitted to the “Xing server”, stored and evaluated. In this data protection declaration, we want to inform you about what data is involved and how you can manage or prevent this data storage.
Xing is a social network headquartered in Hamburg. The company specializes in managing professional contacts. In other words, unlike other networks, Xing is primarily about professional networking. The platform is often used for job hunting or to find employees for your own company. In addition, Xing offers interesting content on various professional topics. The global counterpart to this is the American company LinkedIn.
Why do we use Xing on our website?
There is now a flood of social media channels and we are well aware that your time is very valuable. Not every social media channel of a company can be scrutinized closely. That’s why we want to make your life as easy as possible so that you can share or follow interesting content directly from our website on Xing. With such “social plug-ins” we expand our service on our website. In addition, the data collected by Xing helps us to carry out targeted advertising measures on the platform. This means that our service is only shown to people who are really interested in it.
Which data is stored by Xing?
Xing offers the share button, the follow button and the log-in button as plugins for websites. As soon as you open a page where a Xing social plug-in is installed, your browser connects to servers in a data center used by Xing. In the case of the share button – according to Xing – no data should be stored that could derive a direct reference to a person. In particular, Xing does not store any of your IP addresses. Furthermore, no cookies are set in connection with the share button. This means that there is no evaluation of your user behavior. You can find more information on this at https://dev.xing.com/plugins/share_button/privacy_policy
With the other Xing plug-ins, cookies are only set in your browser when you interact with the plug-in or click on it. Personal data such as your IP address, browser data, date and time of your page view on Xing can be stored here. If you have a XING account and are logged in, the data collected will be assigned to your personal account and the data stored in it.
The following cookies are set in your browser if you click on the follow or log-in button and are not yet logged in to Xing. Please keep in mind that this is an example list and we cannot claim to be complete:
Name: AMCVS_0894FF2554F733210A4C98C6%40AdobeOrg
Value: 1
Purpose: This cookie is used to create and store identifications of website visitors.
Expiration date: after the session ends
Name: c_
Value: 157c609dc9fe7d7ff56064c6de87b019311856839-8
Purpose: We were not able to find out any further information about this cookie.
Expiry date: after one day
Name: prevPage
Value: wbm %2FWelcome% 2Flogin
Purpose: This cookie stores the URL of the previous website you visited.
Expiry date: after 30 minutes
Name: s_cc
Value: true
Purpose: This Adobe Site Catalyst cookie determines whether cookies are generally activated in the browser.
Expiration date: after the session ends
Name: s_fid
Value: 6897CDCD1013221C-39DDACC982217CD1311856839-2
Purpose: This cookie is used to identify a unique visitor.
Expiry date: after 5 years
Name: visitor_id
Value: fe59fbe5-e9c6-4fca-8776-30d0c1a89c32
Purpose: The visitor cookie contains a unique visitor ID and the unique identifier for your account.
Expiry date: after 2 years
Name: _session_id
Value: 533a0a6641df82b46383da06ea0e84e7311856839-2
Purpose: This cookie creates a temporary session ID that is used as the in-session user ID. The cookie is absolutely necessary to provide the functions of Xing.
Expiration date: after the session ends
As soon as you are logged in to Xing or are a member, further personal data will definitely be collected, processed and stored. Xing also passes on personal data to third parties if this is necessary for the fulfillment of our own business purposes, if you have given your consent or if there is a legal obligation.
How long and where will the data be stored?
Xing stores the data on various servers in various data centers. The company stores this data until you delete the data or until a user account is deleted. Of course, this only applies to users who are already Xing members.
How can I delete my data or prevent data storage?
You have the right to access your personal data at any time and also to delete it. Even if you are not a Xing member, you can prevent possible data processing via your browser or manage it according to your wishes. Most data is stored via cookies. Depending on which browser you have, the administration works a little differently. The instructions for the most common browsers can be found here:
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
You can also basically set up your browser in such a way that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.
Legal basis
If you have consented that your data can be processed and stored through integrated social media elements, this consent is considered the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR) . In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in quick and good communication with you or other customers and business partners. We only use the integrated social media elements if you have given your consent. Most social media platforms also set cookies on your browser to save data. We therefore recommend that you read our data protection text about cookies carefully and take a look at the data protection declaration or the cookie policy of the respective service provider.
We have tried to give you the most important information about data processing by Xing. You can find out more about data processing by the social media network Xing at https://privacy.xing.com/de/datenschutzerklaerung .
Google reCAPTCHA privacy policy
Google reCAPTCHA privacy policy summary 👥 Affected: visitors to the website 🤝 Purpose: Optimization of our services and protection against cyber attacks 📓 Processed data: data such as IP address, browser information, your operating system, limited location and usage data You can find more details on this below in this data protection declaration. 📅 Storage duration: depending on the stored data ⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. f GDPR (legitimate interests) |
What is reCAPTCHA?
Our primary goal is to secure and protect our website for you and for us in the best possible way. To ensure this, we use Google reCAPTCHA from Google Inc. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services for the European region. With reCAPTCHA we can determine whether you are really a flesh and blood human and not a robot or other spam software. We understand spam as any unsolicited information that comes to us electronically. With the classic CAPTCHAS, you mostly had to solve text or picture puzzles to check. With reCAPTCHA from Google, we usually don’t have to bother you with such puzzles. In most cases, it is sufficient to simply tick the box and confirm that you are not a bot. With the new Invisible reCAPTCHA version you don’t even have to check the box anymore. How this works exactly and, above all, which data is used for it, you will find out in the course of this data protection declaration.
reCAPTCHA is a free captcha service from Google that protects websites from spam software and abuse by non-human visitors. The most common use of this service is when filling out forms on the Internet. A captcha service is a type of automatic Turing test that is designed to ensure that an action on the Internet is carried out by a human and not by a bot. In the classic Turing test (named after the computer scientist Alan Turing), a person determines the distinction between bot and human. With captchas, this is also done by the computer or a software program. Classic captchas work with small tasks that are easy for humans to solve, but are very difficult for machines. With reCAPTCHA you no longer have to actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. All you have to do here is tick the text field “I am not a robot” or, with Invisible reCAPTCHA, even this is no longer necessary. With reCAPTCHA, a JavaScript element is integrated into the source text and the tool then runs in the background and analyzes your user behavior. The software calculates a so-called captcha score from these user actions. Google uses this score to calculate the probability that you are human before entering the captcha. reCAPTCHA or captchas in general are always used when bots could manipulate or abuse certain actions (such as registrations, surveys, etc.).
Why do we use reCAPTCHA on our website?
We only want to welcome people of flesh and blood on our side. Bots or spam software of all kinds can safely stay at home. That is why we do all we can to protect ourselves and offer you the best possible user-friendliness. For this reason we use Google reCAPTCHA from Google. So we can be pretty sure that we will remain a “bot-free” website. By using reCAPTCHA, data is transmitted to Google in order to determine whether you are really human. reCAPTCHA therefore serves the security of our website and consequently also your security. For example, without reCAPTCHA, it could happen that a bot registers as many email addresses as possible in order to “spam” on forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
Which data is saved by reCAPTCHA?
reCAPTCHA collects personal data from users in order to determine whether the actions on our website actually originate from people. The IP address and other data that Google needs for the reCAPTCHA service can therefore be sent to Google. Within the member states of the EU or other signatory states to the Agreement on the European Economic Area, IP addresses are almost always shortened beforehand before the data ends up on a server in the USA. The IP address will not be combined with other Google data unless you are logged into your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed on your browser. ReCAPTCHA then sets an additional cookie in your browser and takes a snapshot of your browser window.
The following list of collected browser and user data does not claim to be exhaustive. Rather, they are examples of data that, to our knowledge, are processed by Google.
- Referrer URL (the address of the page from which the visitor comes)
- IP address (e.g. 256.123.123.1)
- Information about the operating system (the software that enables the operation of your computer. Known operating systems are Windows, Mac OS X or Linux)
- Cookies (small text files that save data in your browser)
- Mouse and keyboard behavior (every action you perform with the mouse or keyboard is saved)
- Date and language settings (which language or which date you have preset on your PC is saved)
- All Javascript objects (JavaScript is a programming language that enables websites to adapt to the user. JavaScript objects can collect all possible data under one name)
- Screen resolution (shows how many pixels the image display consists of)
It is undisputed that Google uses and analyzes this data even before you click on the tick “I am not a robot”. With the Invisible reCAPTCHA version, there is even no ticking and the entire recognition process runs in the background. How much and which data Google stores exactly cannot be found out in detail from Google.
The following cookies are used by reCAPTCHA: Here we refer to the reCAPTCHA demo version from Google at https://www.google.com/recaptcha/api2/demo . All of these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version:
Name: IDE
Value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-311856839-8
Purpose: This cookie is set by DoubleClick (also owned by Google) to register and report the actions of a user on the website when dealing with advertisements. In this way, the effectiveness of the advertising can be measured and appropriate optimization measures can be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiry date: after one year
Name: 1P_JAR
Value: 2019-5-14-12
Purpose: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to show relevant advertisements to users. The cookie can also be used to prevent a user from seeing the same ad more than once.
Expiry date: after one month
Name: ANID
Value: U7j1v3dZa3118568390xgZFmiqWppRWKOr
Purpose: We could not find out much information about this cookie. In Google’s data protection declaration, the cookie is used in connection with “advertising cookies” such as. B. “DSID”, “FLC”, “AID”, “TAID” mentioned. ANID is saved under the domain google.com.
Expiry date: after 9 months
Name: CONSENT
Value: YES + AT.de + 20150628-20-0
Purpose: The cookie stores the status of a user’s consent to use various Google services. CONSENT is also used for security in order to check users, to prevent fraudulent login information and to protect user data from unauthorized attacks.
Expiry date: after 19 years
Name: NID
Value: 0WmuWqy311856839zILzqV_nmt3sDXwPeM5Q
Purpose: NID is used by Google to adapt advertisements to your Google search. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with advertisements. So you always get tailor-made advertisements. The cookie contains a unique ID in order to collect personal settings of the user for advertising purposes.
Expiry date: after 6 months
Name: DV
Value: gEAABBCjJMXcI0dSAAAANbqc311856839-4
Purpose : As soon as you have ticked the “I am not a robot” checkbox, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in an anonymous form and is also used to distinguish between users.
Expiry date: after 10 minutes
Note: This list cannot claim to be complete, as experience has shown that Google changes the choice of their cookies again and again.
How long and where will the data be stored?
By inserting reCAPTCHA, your data will be transferred to the Google server. Where exactly this data is stored is not clearly indicated by Google, even after repeated inquiries. Without having received a confirmation from Google, it can be assumed that data such as mouse interaction, time spent on the website or language settings will be stored on the European or American Google servers. The IP address that your browser transmits to Google is generally not merged with other Google data from other Google services. However, if you are logged into your Google account while using the reCAPTCHA plug-in, the data will be merged. The different data protection provisions of Google apply for this.
How can I delete my data or prevent data storage?
If you do not want any data about you or your behavior to be transmitted to Google, you must completely log out of Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. In principle, the data is automatically transmitted to Google as soon as you visit our website. To delete this data again, you must contact Google Support at https://support.google.com/?hl=de&tid=311856839 .
So if you use our website, you agree that Google LLC and its representatives automatically collect, process and use data.
Please note that when you use this tool, your data can also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries may not simply be transferred, stored and processed there unless there are suitable guarantees (such as EU standard contractual clauses) between us and the non-European service provider.
Legal basis
If you have consented that Google reCAPTCHA may be used, the legal basis for the corresponding data processing is this consent. This consent puts out loud Art. 6 para. 1 lit. a GDPR (consent) the legal basis for the processing of personal data as it can occur when Google reCAPTCHA collects it.
We also have a legitimate interest in using Google reCAPTCHA to optimize our online service and make it more secure. The corresponding legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use Google reCAPTCHA if you have given your consent.
Google also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can be associated with various risks to the legality and security of the data processing.
Google uses standard contractual clauses approved by the EU Commission (= Art. 46. Para. 2 and 3 GDPR). These clauses oblige Google to comply with EU data protection standards when processing relevant data outside of the EU. These clauses are based on an implementation decision by the EU Commission. You can find the decision and the clauses here: https://ec.europa.eu/germany/news/20210604-datentransfers-eu_de .
You can find out a little more about reCAPTCHA on Google’s web developer page at https://developers.google.com/recaptcha/ . Google goes into the technical development of the reCAPTCHA in more detail here, but you will look in vain for precise information about data storage and data protection issues. A good overview of the basic use of data by Google can be found in the in-house data protection declaration at https://www.google.com/intl/de/policies/privacy/ .
All texts are copyrighted.
Source: Created with the data protection generator from AdSimple