Data protection regulations of Hornetsecurity GmbH

Last Update: July 2021

1. Scope of the processing of personal data

The provision of the websites requires the processing of various information. In addition, the scope of data processing depends on your use of the functionalities of the websites, for example if you communicate with us via the contact form or consent to the processing of data.

You are not obliged to provide us with personal data. However, if the provision of this data is technically mandatory when you access our site, refusal will result in your being unable to access and use our websites.

As a visitor to our websites, you are not subject to any automated decision-making within the meaning of Art. 22 GDPR.

2. Legal basis for the processing of personal data

Reason for processing Legal basis in the GDPR Explanation

3. Data erasure and storage time

We will delete your personal data as soon as the legal basis for their processing ceases to exist. In some cases, however, legal bases can also exist in parallel or, in the absence of a legal basis, can intervene in a new one, such as the obligation to store certain data in order to fulfil a legal obligation to store data.

In order for us to display the websites to you, it is necessary to process certain information. This is already done when you visit our website. In addition, we offer various functionalities on our websites which require further data processing.

1. Log Files

When you use our services or visit our websites, various information is passed on to our servers. We need these to establish and maintain the connection. Among the data is also your IP address, which we treat as personal data. In addition, the following data is collected:

• batch record version
• Website requested by the client
• Possible error code(s) from Squid / Detailed error description
• HTTP status code of the requested server
• HTTP status code forwarded to client
• browser version
• operating system

We store this data in so-called server log files. This data is not combined with any other data about you. The storage of log files including your IP address serves the legitimate interest of providing our websites and preventing its misuse. Stored log files will be deleted after 14 months at the latest, unless longer storage is required, for example to prevent or clarify an attack on our websites.

2. Cookies

We use cookies to establish and maintain the connection. A cookie is a small text file containing information transmitted by your browser and stored on your computer. You can also control the use of cookies in your browser and delete cookies yourself at any time. Cookies may be required to establish a connection or to improve the use of the website.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

The use of technically conditioned cookies and the associated data processing takes place due to our legitimate interest in a technically flawless and comfortable use of our websites. Technically conditioned cookies are usually deleted automatically when you close your browser (session cookies), in other cases only after some time (persistent cookies). The duration of storage of persistent cookies is determined by the provider and can be viewed by you in your browser, for example.

You can find more detailed information in our cookie policy.

3. Contact Forms

At various points on our websites you will find contact forms via which you can send us an enquiry or, for example, request a quotation for one of our services. For general inquiries, the following information is requested: recipient at Hornetsecurity, company, name, e-mail address, telephone and your message. When you request a quotation for our services, you must provide the following information: Company, title, last name, e-mail address, telephone number, desired service as well as the number of planned users. The information is marked as mandatory fields. All other data that you transmit to us within the scope of the inquiry, also via the free text field, are voluntary.

We use this data exclusively for answering your inquiry and the associated communication. The legal basis for processing this information and all data stored in Hornetsecurity’s services is the necessity to fulfil the existing contractual relationship. In principle, our legitimate interest in providing the contact functionality and responding to your enquiry transmitted via it applies here. If your request is aimed at concluding a contract with us, the processing will take place within the framework of this pre-contractual obligation.

Your data will be deleted as soon as your request has been processed. In case of a contract conclusion we process the data if necessary for the fulfilment of the contract.

4. Comment function in the blog

You can comment on the contributions in our Hornetsecurity Blog and take part in the discussion. No registration is required. To add a comment, you can fill in the form at the end of each blog post. We absolutely need the following information from you: Your e-mail address, the name under which you would like to publish the comment as well as your comment. You do not necessarily have to use your clear name. Your email address will not be published.

The legal basis of the processing is our legitimate interest in offering the commentary function to our contributions, thus enabling us to exchange opinions between our website visitors and ourselves. When you leave a comment on the blog, your IP address and name will be stored. This is for our safety, if someone writes illegal content in comments (insults, forbidden political propaganda, etc.). In this case we could be prosecuted for the comment ourselves and are therefore interested in the identity of the author of the comment. Your information will be stored until you object to its storage or until our legitimate interest ceases to exist for any other reason.

5. Partner-Portal

If you are interested in distributing our services as a Hornetsecurity partner, you can register via our websites in our partner program. To do this, you must fill out the online partner application in the course of which you must provide various information about your company and your contact persons. The mandatory information is marked in each case. All other information is provided voluntarily.

In this respect, the legal basis of the processing is the execution of pre-contractual measures or, upon conclusion of the partner contract, the necessity for the performance of the contract. The storage period is measured accordingly in principle on the duration of the contractual relationship. However, alternative legal bases, such as legal storage periods, can intervene after their end.

6. Login to Control Panel and Webmail

If you are already a Hornetsecurity customer, you can register via our websites in the Control Panel, from which you can use and manage your services. As a customer of Webmail you can register via a separate link in your mailbox. You will need your user name, e-mail address and password to register. The legal basis for processing this information and all data stored in Hornetsecurity’s services in order to fulfil the existing contractual relationship. The storage period is measured accordingly in principle on the duration of the contractual relationship. However, alternative legal bases, such as legal storage periods, can intervene after their end.

7. Test-Onboarding

To test our services Spamfilter Service, the Archiving Service or the Hornetsecurity Continuity Service, you can register directly via our websites. For this we need various information about you personally, the domain, server and user for which the service is desired as well as the desired service. The mandatory fields are marked accordingly. All other information is voluntary.

In this respect, the legal basis of the processing is the execution of pre-contractual measures or the necessity for the performance of the contract. The storage period is measured accordingly in principle on the duration of the contractual relationship. However, alternative legal bases, such as legal storage periods, can intervene after their end.

8. Online application

You can also apply to us at any time using our online application form. Personal data is transmitted to us as part of the application via our websites. This can be done directly via the input fields or indirectly via application documents to be uploaded, such as your CV. The information marked as mandatory in the registration form is mandatory. All other information, even if included in the uploaded application documents, is voluntary. We process your data only to the extent necessary to carry out the application procedure.

By submitting your information on our Careers page or by registering for the Talent Pool, you also agree that we may contact and inform you in writing and by telephone as part of our recruitment marketing or talent retention programs. Should you no longer wish to do so at a later date, you can have your data deleted at any time without giving any reasons. All you need to do is send a short message to job@hornetsecurity.com?subject=Data privacy – Request for deletion of my personal applicant data.

The legal basis of the processing is the necessity for the initiation of an employment relationship. Your data will be stored for a period of 90 days after the end of the application process, unless you have given us your consent to further storage.

This process is supported by an HR tool which Hornetsecurity GmbH uses for candidate management and personnel administration.

Further information is available under the following link: https://www.hornetsecurity.com/en/privacy-policy-personio.

9. Google Maps

On our websites we use the map service Google Maps (API) from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) to show our location.

When you enter the page on which the Google Maps map is integrated, our websites send various information including your IP address to Google in the USA, where it is stored on its servers. If you have a Google account and are logged in at the time you visit our sites, the information will be associated directly with your account. But even without a user account, Google will create a user profile about you. This is regardless of whether Google provides a user account that you are logged in with or whether no user account exists.

Our transmission of the data to Google is based on our legitimate interest in offering you the map function of Google Maps on our websites.

You can prevent the allocation of the data we transmit to your user account by logging out of Google before you visit our websites. To stop the data transfer to Google completely, you have to switch off the JavaScript application in your browser. The map display can then no longer be used.

More information about Google and the use of Google Maps can be found here:

• • Google Terms of Use: https://policies.google.com/terms?hl=en
  • Terms of use for Google Maps: https://www.google.com/intl/en_US/help/terms_maps.html
  • Privacy Policy of Google (Google Privacy Policy): https://policies.google.com/privacy?hl=en&gl=ZZ

10. Google Fonts

We use so-called web fonts from Google to display fonts. When you call up a page, your browser loads the required web fonts into your browser to display texts and fonts correctly. To do this, your browser connects to Google, which tells Google that our websites have been accessed via your IP address. The use of Google Fonts is based on the legal basis of our legitimate interest in a consistent and appealing presentation of our websites. If your browser does not support Google Fonts or Web Fonts, your device uses a default font.

For more information about Google Fonts and Google’s privacy policy, please visit the following Web sites:

https://policies.google.com/privacy?hl=en

11. Social-Media Plugins

If you like contributions from our websites, you can share them directly via buttons in various social media networks and microblogging services. For this purpose, appropriate social media plug-ins are integrated on our websites.

If you enter a subpage on which the social media plug-ins are embedded, your browser establishes a direct connection to the servers of the respective operators. When the connection is established, various information including your IP address is sent to the operators and stored by them. Since most of the operators are based in the USA, the data is also stored there. This tells the operators that your browser has called up the relevant subpage of our websites. This also applies if you do not have a user account with the social media network or microblogging service or are not logged in at the time you visit our website.

If you are simultaneously logged in to your account there, the operator assigns your visit to our websites and any further interaction with the plugin (activation of the respective consent buttons, comments) directly to your account and saves this information. These actions may also be visible to other users of the network. You can prevent this data processing by not pressing the buttons. You can also log out of your social media network before visiting our site. You can also use add-ons such as the “NoScript” script blocker (http://noscript.net) for your browser to generally prevent social media plug-ins from being executed.

The legal basis for data processing is our legitimate interest in offering you an easy way to share information on our websites on social media networks and microblogging services and thus increase our visibility.

For further information on data processing, in particular its scope and legal basis and rights in this respect, please refer to the data protection information and terms of use of the respective networks.

Our websites use the following social media plugins:

Facebook

Our websites contain a social plugin of the social media network Facebook. The corresponding button can be recognized by the Facebook logo.

You can find Facebook’s privacy policy here: http://www.facebook.com/policy.php.

Google+

Our websites contain a social plugin of the social media network Google+ by Google. The corresponding button can be recognized by the “G+” logo.

You can find Google’s privacy policy here: https://www.google.com/intl/en/policies/privacy/.

Twitter

Our websites contain a social plugin of the microblogging service Twitter of Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). The corresponding button can be recognized by the Twitter bird.

You can find Twitter’s privacy policy here: https://twitter.com/privacy.

LinkedIn

Our websites contain a social plugin of the social media network LinkedIn of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, (“LinkedIn”) represented in Europe by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. The corresponding button can be recognized by the “in” logo.

You can find LinkedIn’s privacy policy here:

https://www.linkedin.com/legal/privacy-policy.

Instagram

Our websites contain a social plugin of the Instagram Inc. 1601 Willow Road, Menlo Park, CA, 94025, USA (“Instagram”) microblogging service. The corresponding button can be recognized by the Instagram camera logo.

By setting up your Instagram account you have the possibility of direct influence (objection). You can find out more about this under the following link:

https://help.instagram.com/116024195217477/?helpref=hc_fnav&bc[0]=368390626577968&bc[1]=285881641526716.

You can find Instagram’s privacy policy here:

http://instagram.com/about/legal/privacy/.

12. Livezilla

The controller has integrated the LiveZilla component into these websites. LiveZilla is a Live-Support-Helpdesk-Software, which enables a direct communication in real time (so called Live-Chat) with visitors of your own website.

The developer of the LiveZilla component is LiveZilla GmbH, Byk-Gulden-Straße 18, 78224 Singen, Germany.

Each time you visit our websites, which are equipped with a LiveZilla component, this component collects data for the purpose of operating the live chat system and analyzing the operation of the system. More information about LiveZilla can be found at http://www.livezilla.net/home/en/.

The LiveZilla component sets a cookie on the person’s information technology system. What cookies are has already been explained above. Pseudonymised user profiles can be created via the LiveZilla cookie. Such pseudonymised usage profiles may be used by the data controller to analyse visitor behaviour and to analyse and maintain the proper operation of the live chat system. The analysis also serves to improve our offer. The data collected via the LiveZilla component will not be used to identify the data subject without the prior express consent of the data subject. This data is not combined with personal data or with other data containing the same pseudonym.

The person concerned can prevent the setting of cookies by our websites at any time, as already described above, by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent the LiveZilla component from placing a cookie on the information technology system of the person concerned. In addition, a cookie already set by the LiveZilla component can be deleted at any time via the Internet browser or other software programs.

The current data protection regulations of LiveZilla GmbH can be found at https://www.livezilla.net/disclaimer/en/

13. Information on the newsletter and consents

With the following information we will inform you about our newsletters as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter you agree to the receipt and the described procedures. We will only send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter “newsletters”) with the consent of the recipients or a legal permission. If the contents of a newsletter are specifically described within the scope of a registration, they are decisive for the consent of the users.

a) Double-Opt-In and logging

Subscription to our newsletter (more precisely referred to on the websites as “Hornetsecurity News”) takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can log in with other e-mail addresses. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the login and confirmation time, as well as the IP address.

b) Statistical surveys and analyses

The newsletters contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the Pardot server when the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined using the IP address) or access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention, nor that of Pardot, to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.

c) Termination/revocation

You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. Your consent to its dispatch via Pardot and the statistical analyses will thus expire at the same time. A separate cancellation of the dispatch via Pardot or the statistical evaluation is unfortunately not possible.

14. Other personal data

We would like to point out once again that on these websites Google Analytics has been extended by the code “_anonymizeIp();” in order to guarantee anonymous collection of IP addresses (so-called IP masking). Hornetsecurity GmbH therefore does not store any personal data of a website visitor.

Clearly personal data is only collected if you provide it voluntarily, e.g. in the case of individual inquiries/as part of an application/talent loyalty programme or in the case of a service or support inquiry via a contact form, by e-mail, online or in writing. We may forward your personal data to the department responsible for the processing of your inquiry/application. Your personal data is processed and stored via the marketing automation tool Salesforce Pardot, the ticket system OTRS and our servers. Furthermore, the data will not be passed on to third parties or used for purposes other than those stated in each case. Personal data transmitted to us (e.g. name, address, telephone number, fax number or e-mail address) will only be used to answer your inquiry or to process your request or application. With explicit consent (double opt-in procedure) your personal data will also be used for advertising purposes. They are only stored by us for as long as this is necessary for the aforementioned purposes or as we are legally obliged to store them. You have the possibility to withdraw your consent at any time. Please contact our data protection officer (see above). We would like to point out that messages via e-mail in unencrypted form are not an absolutely secure means of communication against access by third parties and in particular also become accessible to the e-mail provider.

We would like to further improve the usability of these websites as well as the attractiveness of its services. For this reason, when you visit our websites, we also collect data on usage behaviour, which we evaluate for this purpose. For this reason, the following tracking and analysis cookies are used on our websites. A cookie is a small text file containing information that is transmitted by your browser and stored on your computer. These cookies contain no personal data. You can also control the use of cookies in your browser and delete cookies yourself at any time. Cookies may be necessary for establishing a connection or improving the use of the websites. You can prevent the storage of cookies by adjusting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of these websites to their full extent.

Here you can customize your cookie settings:

Customize Cookie Preferences

1. Google (Universal) Analytics

These websites use Google Analytics, a web analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google collects information about your use of these websites (including your IP address) in the USA via a cookie, and stores the information. However, we only use Google Analytics with an anonymisation function in which the IP address is reduced before it is transmitted by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to Google in the USA and only shortened there. Google analyses the information collected and sends us reports on the usage activities on our websites and provides us with additional services for this purpose. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.

In addition to blocking all cookies by your browser, you can prevent Google from processing your data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

As an alternative to the browser plug-in or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent future collection by Google Analytics within these websites (this opt-out cookie only works in this browser and only for this domain, if you delete your cookies in this browser, you must click this link again): Disable Google Analytics at http://tools.google.com/dlpage/gaoptout?hl=en.

Further information on Google Analytics can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en

2. Google AdWords

Our websites use the advertising tool “Google AdWords” from Google including its conversion tracking. We use this tool to determine how successful advertising for our services on websites other than our own is. For this purpose, a conversion cookie is set when you click on one of our advertisements. This cookie enables us to recognize that you have accessed our websites via this ad. We use such usage statistics to compile statistics for evaluating the conversion of our advertisements. We do not receive any information about you personally. The conversion cookie set in your browser is individual and cannot be used by other Google AdWords customers for their statistics.

You can prevent tracking by disabling the conversion tracking cookie in your browser settings.

3. Doubleclick

We also use Google’s Doubleclick service. A cookie is set and a pseudonymous identification number (ID) is assigned to your browser. The cookie determines whether and which advertisements were displayed and clicked in your browser. This enables us to tailor your advertising even better to your interests. Since we have activated Google’s IP anonymisation on these websites, your IP address is also shortened within the scope of Doubleclick before being transmitted by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area and only in exceptional cases the full IP address is transmitted to Google in the USA and only shortened there. Google analyses the information collected and sends us reports on the usage activities on our websites and provides us with additional services for this purpose. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.

In addition to the general options mentioned above for preventing cookies, you can also specifically prevent Google from saving the Doubleclick cookie by downloading an appropriate browser plug-in. You can find it here.

4. Facebook-Custom Audience

We use so-called Facebook pixels on our websites. This is the function of a web analysis service of Facebook. Facebook pixels are invisible graphic files built into our websites. When you visit our websites, information from the pixel is stored in your browser. This enables us to track which of our sub-pages you have visited. We share this information with Facebook to better match our ads there to your real interests and to analyze the effectiveness of our ads on Facebook. Depending on your use of our websites, Facebook assigns you to certain groups of interested parties known as custom audiences. The information generated by the cookie is usually transferred to a Facebook server in the USA and stored there. For more information on how Facebook Trackingpixel collects data, visit here or here.

We have no control over Facebook’s data processing operations. Facebook uses the data for purposes of advertising, market research and optimization of offers. Facebook’s Privacy Policy applies in this regard. We would like to point out that the use of such a tracking procedure enables the identification of users via numerous websites. You can disable this feature in your Facebook account settings for all devices used: https://www.facebook.com/settings?tab=ads. For more information, please see Facebook’s Privacy Policy and Terms of Use.

Irrespective of this, you can generally object to the use of such cookies via various third-party sites, e.g.:

• • Network advertising initiative: http://optout.networkadvertising.org/
  • aboutads: http://www.aboutads.info/choices
  • Youronlinechoices: http://www.youronlinechoices.com/uk/your-ad-choices/

5. Pardot

We use the Pardot Marketing Automation System (“Pardot MAS”) from salesforce.com One Market Street, San Francisco, CA 94105, USA. Pardot is a special software for recording and evaluating the use of a website by website visitors. When you visit our websites, the Pardot records your click path and creates an individual user profile using a pseudonym. For this purpose, cookies are used that enable the recognition of your browser. By agreeing to the use of cookies the first time you use our websites by confirming the so-called cookie acceptance banner or by continuing to use our websites, you also agree to the use of cookies from Pardot.

You can revoke your consent at any time with effect for the future. For this purpose, please contact the above-mentioned responsible body. In addition, you can deactivate the creation of pseudonymized user profiles at any time by configuring your Internet browser so that cookies from the “salesforce.com” domain are not accepted. However, this can lead to certain limitations in the functions and user-friendliness of our offer.

Please refer to our Cookie Policy

6. ActiveCampaign

7. LinkedIn Analytics

Our websites also use tracking functions of the LinkedIn network. LinkedIn uses cookies when you visit our websites. Your IP address will be transmitted to LinkedIn in the USA together with information about your use of our websites and the devices used. Your use of our websites and other websites that you visit may be analysed and used as the basis for advertising. If you have a LinkedIn user account and are logged in, LinkedIn may associate your visit to our website with your account. We have no knowledge of the exact data flows between your browser and LinkedIn. Please refer to LinkedIn’s privacy policy and cookie policy for more information:

– Privacy Policy: https://www.linkedin.com/legal/privacy-policy

– Cookie policy: https://www.linkedin.com/legal/cookie-policy

The legal basis of data processing for analysis purposes is our legitimate interest in a statistical evaluation of your user behaviour in order to be able to constantly optimise and better market our websites and our services.

8. Bing Ads

On our websites we use the Bing Ads Conversion Tracking of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”).

Bing Ads places cookies on your computer if you have accessed our websites via a Microsoft Bing advertisement. This allows Microsoft Bing and us to determine that our ad has been clicked, as well as that the visitor has been redirected to one of our websites and has reached a predetermined target page (conversion page). We do not receive any personal information about you, only the total number of users who came to the conversion page via a Bing advertisement will be provided. This allows us to determine the effectiveness of our ads.

9. Push Notifications

If you activate push notifications for these websites using the “Signalize” service, a function of your Internet browser or mobile operating system will be used to provide the notifications for you. Only anonymous or pseudonymous data is transmitted for the purpose of sending messages. Depending on the configuration of the websites, this may be:

• Pseudonymous User ID: a randomly generated value (example: 108bf9a85547edb1108bf9a85547edb1) stored in a tracking cookie ID
• Pseudonymous digital fingerprints, pseudonymous mobile device codes and where required pseudonymous cross-device identifiers

This data is only processed to deliver the notifications you have subscribed to and to configure notification-related settings. We ask for your consent to store this data. In this case, the legal basis for data processing is Art. 6 Para. 1 lit. a GDPR. You can object to receiving notifications at any time via the settings of your browser or mobile device. Information about unsubscribing for push notifications can be found here.

In order to make the push notifications meaningful for you in terms of content, we use the preferences collected on the basis of a pseudonymous user profile by means of tracking pixels and, only with your consent, also by means of cookies, and we merge your notification ID with the user profile of the websites solely for the purpose of personalised message dispatch. The Tracking technology is also used for statistical evaluation of the notifications on our behalf. This allows us to determine whether a notification was delivered and whether it was clicked. The data generated in this way is processed and stored on our behalf by etracker GmbH solely in Germany and is thus subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and is entitled to bear the data privacy seal ePrivacyseal

The data processing for the statistical analysis of the notifications and in order to better adapt future notifications to the interests of the recipients is based on our legitimate interest in personalised direct advertising in accordance with Art. 6 Para. 1 letter f GDPR. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as the IP address, login or device IDs, are anonymised or pseudonymised as soon as possible. A direct personal reference is thereby excluded. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.

You can object to the data processing described above at any time.

10. Hotjar

We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our websites. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. We would like to further improve the usability of these websites as well as the attractiveness of its services. For this reason, when you visit our websites, we also collect data on usage behaviour, which we evaluate for this purpose. For this reason, the following tracking and analysis cookies are used on our websites. A cookie is a small text file containing information that is transmitted by your browser and stored on your computer. These cookies contain no personal data. You can also control the use of cookies in your browser and delete cookies yourself at any time. Cookies may be necessary for establishing a connection or improving the use of the websites. You can prevent the storage of cookies by adjusting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of these websites to their full extent.

You have a choice. You can refuse all or individual cookies. Please use the following cookie settings. You can also change the settings in your Internet browser to change the cookies of first and third party providers. The majority of Internet browsers accept cookies automatically. If you reject the use of cookies, you should actively delete them. By rejecting cookies, you can continue to use our websites at any time. However, it is possible that individual functions may only be available to you to a limited extent. You can find more information under the following link: www.allaboutcookies.org . By continuing to use our websites, you agree that cookies may be set, provided you have not deleted or blocked the cookies.

If the data processing is based on your consent or our legitimate interest, you have the right to object to the processing or to revoke your consent at any time. Your objection or revocation only has an effect for the future. If the analysis cookies used offer their own technical options for deactivation, this is shown there in each case. You may at any time exercise your right of objection or revocation by contacting info@hornetsecurity.com or privacy@hornetsecurity.com. If you object to processing on the basis of our legitimate interest, we may nevertheless continue processing if we can prove compelling reasons worthy of protection for the processing which outweigh your interests, rights and freedoms.

If personal data are processed, you are a data subject within the meaning of Art. 4 para. 1 GDPR. As the data subject, you have the following rights with regard to your personal data. To exercise these rights, please contact us using the contact details above.

Right to information according to Art. 15 GDPR

You have a right to information about your personal data processed by us. This includes the mandatory information set out in Art. 15 GDPR.

Right to correction under Article 16 GDPR

You have the right to correct incorrect personal data without delay and to complete incorrect personal data.

Right to cancellation in accordance with Art. 17 GDPR

You have the right to request the deletion of your personal data if one of the reasons mentioned in Art. 17 GDPR intervenes, in particular if there is no longer a legal basis for the processing.

Right to limitation of processing according to Art. 18 GDPR

You have the right to request the restriction of the processing of your personal data if one of the reasons mentioned in Art. 18 GDPR intervenes, in particular at your request instead of deleting the data.

Right to data transferability according to Art. 20 GDPR

You have the right to request all personal data stored by us about you in a structured, current and machine-readable format and to transmit this data to another person in charge without obstruction by the person responsible to whom the personal data was provided.

Right of appeal to the competent supervisory authority, Art. 77 GDPR

According to Art. 77 GDPR, you have the right to file a complaint with the supervisory authority responsible for you.

The personal data we collect from you through the websites will also be transferred to some extent to third countries outside the European Economic Area.

In the exceptional cases described above, when using Google tools, your IP address may be transmitted to Google LLC in full and only shortened there.

When using the analysis tool Pardot from salesforce and LinkedIn Analytics from LinkedIn, as well as in the context of the listed social media plugins, your IP address and other information is transmitted to the respective operators.

Google, Facebook (Instagram), LiveChat, Twitter and LinkedIn are each located in the USA and thus, according to Art. 44 DSGVO, in a so-called “third country”. All of these companies mentioned above secure or process your data on the basis of the respective standard contractual clauses. The current Binding Corporate Rules apply to Salesforce.