Data protection regulations of Hornetsecurity Ltd.
Last Update: April 2023
I. Contact Information
II. General information on data processing
The basis of effective data protection is comprehensive information about the collection, processing and use of your data (“data processing”). Therefore we would like to inform you,
- when or for which actions we process data,
- which data we process for which reasons,
- who receives data,
- which rights you have because of the data processing through us.
The transmission of information to or from these websites is secured with TLS encryption.
You can download this data protection declaration permanently and at any time at the address https://www.hornetsecurity.com/en/privacy-policy, print it out or download it.
1. Scope of the processing of personal data
The provision of the websites requires the processing of various information. In addition, the scope of data processing depends on your use of the functionalities of the websites, for example if you communicate with us via the contact form or consent to the processing of data.
You are not obliged to provide us with personal data. However, if the provision of this data is technically mandatory when you access our site, refusal will result in your being unable to access and use our websites.
As a visitor to our websites, you are not subject to any automated decision-making within the meaning of Art. 22 GDPR.
2. Legal basis for the processing of personal data
Reason for processing Legal basis in the GDPR Explanation
|Performance of contract or performancepre-contractual measures
|Art. 6 Para. 1 b)
|Processing shall only take place to the extent necessary for the exercise and fulfilment of the rights and obligations arising from the contract. Unless expressly stated otherwise, data will only be processed by us to this extent.
|Art. 6 Para. 1 f)
|Processing takes place insofar as we have a legitimate interest and no conflicting overriding interests of the data subject are apparent. The specific interest is explained in this data protection declaration within the framework of the processing description.
|Art. 6 Para. 1 a)
|The data will be processed if you have expressly consented to the type and scope of data processing. You can revoke your consent at any time with effect for the future. However, this does not affect processing up to this point in time.
|Art. 6 Para. 1 c)
|They are processed insofar as this is necessary to fulfil German or European legal obligations.
3. Data erasure and storage time
We will delete your personal data as soon as the legal basis for their processing ceases to exist. In some cases, however, legal bases can also exist in parallel or, in the absence of a legal basis, can intervene in a new one, such as the obligation to store certain data in order to fulfil a legal obligation to store data.
III. Data processing for providing the website
In order for us to display the websites to you, it is necessary to process certain information. This is already done when you visit our website. In addition, we offer various functionalities on our websites which require further data processing.
1. Log Files
When you use our services or visit our websites, various information is passed on to our servers. We need these to establish and maintain the connection. Among the data is also your IP address, which we treat as personal data. In addition, the following data is collected:
- your IP address
- the page you visit on our site
- date and time of your visit
- browser version
- operating system
We store this data in so-called server log files. This data is not combined with any other data about you. The storage of log files including your IP address serves the legitimate interest of providing our websites and preventing its misuse. Stored log files will be deleted after 10 weeks at the latest, unless longer storage is required, for example to prevent or clarify an attack on our websites.
The use of technically conditioned cookies and the associated data processing takes place due to our legitimate interest in a technically flawless and comfortable use of our websites. Technically conditioned cookies are usually deleted automatically when you close your browser (session cookies), in other cases only after some time (persistent cookies). The duration of storage of persistent cookies is determined by the provider and can be viewed by you in your browser, for example.
3. Contact Forms
At various points on our websites you will find contact forms via which you can send us an enquiry or, for example, request a quotation for one of our services. For general inquiries, the following information is requested: recipient at Hornetsecurity, company, name, e-mail address, telephone and your message. When you request a quotation for our services, you must provide the following information: Company, title, last name, e-mail address, telephone number, desired service as well as the number of planned users. The information is marked as mandatory fields. All other data that you transmit to us within the scope of the inquiry, also via the free text field, are voluntary.
We use this data exclusively for answering your inquiry and the associated communication. The legal basis for processing this information and all data stored in Hornetsecurity’s services is the necessity to fulfil the existing contractual relationship. In principle, our legitimate interest in providing the contact functionality and responding to your enquiry transmitted via it applies here. If your request is aimed at concluding a contract with us, the processing will take place within the framework of this pre-contractual obligation.
Your data will be deleted as soon as your request has been processed. In case of a contract conclusion we process the data if necessary for the fulfilment of the contract.
4. Comment function in the blog
You can comment on the contributions in our Hornetsecurity Blog and take part in the discussion. No registration is required. To add a comment, you can fill in the form at the end of each blog post. We absolutely need the following information from you: Your e-mail address, the name under which you would like to publish the comment as well as your comment. You do not necessarily have to use your clear name. Your email address will not be published.
The legal basis of the processing is our legitimate interest in offering the commentary function to our contributions, thus enabling us to exchange opinions between our website visitors and ourselves. When you leave a comment on the blog, your IP address and name will be stored. This is for our safety, if someone writes illegal content in comments (insults, forbidden political propaganda, etc.). In this case we could be prosecuted for the comment ourselves and are therefore interested in the identity of the author of the comment. Your information will be stored until you object to its storage or until our legitimate interest ceases to exist for any other reason.
If you are interested in distributing our services as a Hornetsecurity partner, you can register via our websites in our partner program. To do this, you must fill out the online partner application in the course of which you must provide various information about your company and your contact persons. The mandatory information is marked in each case. All other information is provided voluntarily.
In this respect, the legal basis of the processing is the execution of pre-contractual measures or, upon conclusion of the partner contract, the necessity for the performance of the contract. The storage period is measured accordingly in principle on the duration of the contractual relationship. However, alternative legal bases, such as legal storage periods, can intervene after their end.
6. Login to Control Panel and Webmail
If you are already a Hornetsecurity customer, you can register via our websites in the Control Panel, from which you can use and manage your services. As a customer of Webmail you can register via a separate link in your mailbox. You will need your user name, e-mail address and password to register. The legal basis for processing this information and all data stored in Hornetsecurity’s services in order to fulfil the existing contractual relationship. The storage period is measured accordingly in principle on the duration of the contractual relationship. However, alternative legal bases, such as legal storage periods, can intervene after their end.
To test our services Spamfilter Service, the Archiving Service or the Hornetsecurity Continuity Service, you can register directly via our websites. For this we need various information about you personally, the domain, server and user for which the service is desired as well as the desired service. The mandatory fields are marked accordingly. All other information is voluntary.
In this respect, the legal basis of the processing is the execution of pre-contractual measures or the necessity for the performance of the contract. The storage period is measured accordingly in principle on the duration of the contractual relationship. However, alternative legal bases, such as legal storage periods, can intervene after their end.
8. Online application
You can also apply to us at any time using our online application form. Personal data is transmitted to us as part of the application via our websites. This can be done directly via the input fields or indirectly via application documents to be uploaded, such as your CV. The information marked as mandatory in the registration form is mandatory. All other information, even if included in the uploaded application documents, is voluntary. We process your data only to the extent necessary to carry out the application procedure.
By submitting your information on our Careers page or by registering for the Talent Pool, you also agree that we may contact and inform you in writing and by telephone as part of our recruitment marketing or talent retention programs. Should you no longer wish to do so at a later date, you can have your data deleted at any time without giving any reasons. All you need to do is send a short message to firstname.lastname@example.org?subject=Dataprivacy – Request for deletion of my personal applicant data.
The legal basis of the processing is the necessity for the initiation of an employment relationship. Your data will be stored for a period of 90 days after the end of the application process, unless you have given us your consent to further storage.
This process is supported by an HR tool which Hornetsecurity GmbH uses for candidate management and personnel administration.
Further information is available under the following link: https://www.hornetsecurity.com/en/privacy-policy-personio.
9. Google Maps
On our websites we use the map service Google Maps (API) from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) to show our location.
When you enter the page on which the Google Maps map is integrated, our websites send various information including your IP address to Google in the USA, where it is stored on its servers. If you have a Google account and are logged in at the time you visit our sites, the information will be associated directly with your account. But even without a user account, Google will create a user profile about you. This is regardless of whether Google provides a user account that you are logged in with or whether no user account exists.
Our transmission of the data to Google is based on our legitimate interest in offering you the map function of Google Maps on our websites.
More information about Google and the use of Google Maps can be found here:
Hornetsecurity has integrated the LiveChat component on this website. LiveChat is a live support helpdesk software that enables the establishment of direct communication in real time (so-called live chat) with visitors to its own website. The developer of the LiveChat component is LiveChat, Inc, One International Place, Suite 1400, Boston, MA 02110-2619, United States of America.
With each individual visit to our website that is equipped with a LiveChat component, data is collected by this component for the purpose of operating the LiveChat system and analysing the operation of the system. Further information on LiveChat can be found at https://www.livechatinc.com/legal/privacy-policy/#main and https://www.livechatinc.com/legal/gdpr-faq/#main. The chat component sets a cookie on the computer, tablet or smartphone of the data subject. What cookies are has already been explained above.
Pseudonymised usage profiles can be created via the LiveChat cookie. In the process, the following information is recorded from each person and kept until the agent closes the chat system, this usually happens after 4-10 hours: Pages visited, duration of pages visited, in some cases the referrer, device, browser, user agent.
Such pseudonymised usage profiles may be used by the controller to carry out an analysis of visitor behaviour and also to analyse and maintain the proper operation of the live chat system. The analysis also serves to improve our offer. The data collected via the LiveChat component is only assigned to the data subject when he or she starts the chat and provides his or her personal data (name & e-mail). If the request can already be clarified in the chat, the information is deleted as soon as the agent closes the chat system.
11. Information on the newsletter and consents
With the following information we will inform you about our newsletters as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter you agree to the receipt and the described procedures. We will only send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter “newsletters”) with the consent of the recipients or a legal permission. If the contents of a newsletter are specifically described within the scope of a registration, they are decisive for the consent of the users.
a) Double-Opt-In and logging
Subscription to our newsletter (more precisely referred to on the websites as “Hornetsecurity News”) takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can log in with other e-mail addresses. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the login and confirmation time, as well as the IP address.
b) Statistical surveys and analyses
The newsletters contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the ActiveCampaign server when the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined using the IP address) or access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention, nor that of ActiveCampaign, to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.
You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. Your consent to its dispatch via ActiveCampaign and the statistical analyses will thus expire at the same time. A separate cancellation of the dispatch via ActiveCampaign or the statistical evaluation is unfortunately not possible.
This website uses a plugin from GoToWebinar (GoTo Technologies Ireland Unlimited Company, The Reflector at 10 Hanover Quay in Dublin) to offer webinars to end users and business partners. Forms from GoToWebinar are integrated on our website, which visitors to the site use to register. The following data is collected: First and last name, email address, country, telephone number, company and how the user found out about the webinar. You can find out more about GoTo’s data protection here: https://www.goto.com/company/trust/privacy
13. Other personal data
We would like to point out once again that on these websites Google Analytics has been extended by the code “_anonymizeIp();” in order to guarantee anonymous collection of IP addresses (so-called IP masking). Hornetsecurity GmbH therefore does not store any personal data of a website visitor.
Clearly personal data is only collected if you provide it voluntarily, e.g. in the case of individual inquiries/as part of an application/talent loyalty programme or in the case of a service or support inquiry via a contact form, by e-mail, online or in writing. We may forward your personal data to the department responsible for the processing of your inquiry/application. Your personal data is processed and stored via the marketing automation tool ActiveCampaign, the ticket system OTRS and our servers. Furthermore, the data will not be passed on to third parties or used for purposes other than those stated in each case. Personal data transmitted to us (e.g. name, address, telephone number, fax number or e-mail address) will only be used to answer your inquiry or to process your request or application. With explicit consent (double opt-in procedure) your personal data will also be used for advertising purposes. They are only stored by us for as long as this is necessary for the aforementioned purposes or as we are legally obliged to store them. You have the possibility to withdraw your consent at any time. Please contact our data protection officer (see above). We would like to point out that messages via e-mail in unencrypted form are not an absolutely secure means of communication against access by third parties and in particular also become accessible to the e-mail provider.
Here you can customize your cookie settings:
1. Google (Universal) Analytics
These websites use Google Analytics, a web analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google collects information about your use of these websites (including your IP address) in the USA via a cookie, and stores the information. However, we only use Google Analytics with an anonymisation function in which the IP address is reduced before it is transmitted by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to Google in the USA and only shortened there. Google analyses the information collected and sends us reports on the usage activities on our websites and provides us with additional services for this purpose. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
In addition to blocking all cookies by your browser, you can prevent Google from processing your data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
As an alternative to the browser plug-in or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent future collection by Google Analytics within these websites (this opt-out cookie only works in this browser and only for this domain, if you delete your cookies in this browser, you must click this link again): Disable Google Analytics at http://tools.google.com/dlpage/gaoptout?hl=en.
2. Google AdWords
Our websites use the advertising tool “Google AdWords” from Google including its conversion tracking. We use this tool to determine how successful advertising for our services on websites other than our own is. For this purpose, a conversion cookie is set when you click on one of our advertisements. This cookie enables us to recognize that you have accessed our websites via this ad. We use such usage statistics to compile statistics for evaluating the conversion of our advertisements. We do not receive any information about you personally. The conversion cookie set in your browser is individual and cannot be used by other Google AdWords customers for their statistics.
You can prevent tracking by disabling the conversion tracking cookie in your browser settings.
We also use Google’s Doubleclick service. A cookie is set and a pseudonymous identification number (ID) is assigned to your browser. The cookie determines whether and which advertisements were displayed and clicked in your browser. This enables us to tailor your advertising even better to your interests. Since we have activated Google’s IP anonymisation on these websites, your IP address is also shortened within the scope of Doubleclick before being transmitted by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area and only in exceptional cases the full IP address is transmitted to Google in the USA and only shortened there. Google analyses the information collected and sends us reports on the usage activities on our websites and provides us with additional services for this purpose. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
In addition to the general options mentioned above for preventing cookies, you can also specifically prevent Google from saving the Doubleclick cookie by downloading an appropriate browser plug-in. You can find it here.
4. Facebook-Custom Audience
We use so-called Facebook pixels on our websites. This is the function of a web analysis service of Facebook. Facebook pixels are invisible graphic files built into our websites. When you visit our websites, information from the pixel is stored in your browser. This enables us to track which of our sub-pages you have visited. We share this information with Facebook to better match our ads there to your real interests and to analyze the effectiveness of our ads on Facebook. Depending on your use of our websites, Facebook assigns you to certain groups of interested parties known as custom audiences. The information generated by the cookie is usually transferred to a Facebook server in the USA and stored there. For more information on how Facebook Trackingpixel collects data, visit here or here.
Irrespective of this, you can generally object to the use of such cookies via various third-party sites, e.g.:
- Network advertising initiative: http://optout.networkadvertising.org/
- aboutads: http://www.aboutads.info/choices
- Youronlinechoices: http://www.youronlinechoices.com/uk/your-ad-choices/
We use ActiveCampaign, a marketing automation system provided by ActiveCampaign, LLC, located at 1 N Dearborn St, Chicago, IL 60602, USA, as our email marketing tool. We also use the Salesforce connector to send information from ActiveCampaign to Salesforce.
ActiveCampaign allows us to send marketing emails to subscribers who have provided us with their email address and have given us their consent to receive such emails. We use ActiveCampaign to manage our email campaigns, including sending newsletters, promotional offers, and other marketing materials.
When you sign up for our email list, we will collect your email address and other information you provide, such as your name and location. We will use this information to send you marketing emails, which may include promotional offers, newsletters, or other marketing materials.
We may also use ActiveCampaign to track the performance of our email campaigns, such as open rates, click-through rates, and other metrics. This helps us to evaluate the effectiveness of our email campaigns and make improvements to our marketing efforts.
You can revoke your consent at any time with effect for the future. For this purpose, please contact the above-mentioned responsible body. In addition, you can deactivate the creation of pseudonymized user profiles at any time by configuring your Internet browser so that cookies from the “activecampaign.com” domain are not accepted. However, this can lead to certain limitations in the functions and user-friendliness of our offer.
We use the Salesforce connector to send information from ActiveCampaign to Salesforce, such as the email address and other information you provide when you sign up for our email list. This allows us to keep our Salesforce database up-to-date with the latest information about our customers and prospects.
We take your privacy seriously and will not share your personal information with any third parties without your consent. We will only use your personal information for the purposes of sending you marketing emails and tracking the performance of our email campaigns.
You can unsubscribe from our email list at any time by clicking the unsubscribe link at the bottom of any marketing email we send you. You can also contact us at any time to request that we delete your personal information from our email list and any other systems we use to manage our email campaigns.
6. LinkedIn Analytics
The legal basis of data processing for analysis purposes is our legitimate interest in a statistical evaluation of your user behaviour in order to be able to constantly optimise and better market our websites and our services.
7. Push Notifications
If you activate push notifications for these websites using the “Signalize” service, a function of your Internet browser or mobile operating system will be used to provide the notifications for you. Only anonymous or pseudonymous data is transmitted for the purpose of sending messages. Depending on the configuration of the websites, this may be:
- Pseudonymous User ID: a randomly generated value (example: 108bf9a85547edb1108bf9a85547edb1) stored in a tracking cookie ID
- Pseudonymous digital fingerprints, pseudonymous mobile device codes and where required pseudonymous cross-device identifiers
This data is only processed to deliver the notifications you have subscribed to and to configure notification-related settings. We ask for your consent to store this data. In this case, the legal basis for data processing is Art. 6 Para. 1 lit. a GDPR. You can object to receiving notifications at any time via the settings of your browser or mobile device. Information about unsubscribing for push notifications can be found here.
In order to make the push notifications meaningful for you in terms of content, we use the preferences collected on the basis of a pseudonymous user profile by means of tracking pixels and, only with your consent, also by means of cookies, and we merge your notification ID with the user profile of the websites solely for the purpose of personalised message dispatch. The Tracking technology is also used for statistical evaluation of the notifications on our behalf. This allows us to determine whether a notification was delivered and whether it was clicked. The data generated in this way is processed and stored on our behalf by etracker GmbH solely in Germany and is thus subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and is entitled to bear the data privacy seal: ePrivacyseal
The data processing for the statistical analysis of the notifications and in order to better adapt future notifications to the interests of the recipients is based on our legitimate interest in personalised direct advertising in accordance with Art. 6 Para. 1 letter f GDPR. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as the IP address, login or device IDs, are anonymised or pseudonymised as soon as possible. A direct personal reference is thereby excluded. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.
You can object to the data processing described above at any time.
Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. We would like to further improve the usability of these websites as well as the attractiveness of its services. For this reason, when you visit our websites, we also collect data on usage behaviour, which we evaluate for this purpose. For this reason, the following tracking and analysis cookies are used on our websites.
9. Content Delivery Network
We use the NitroPack content delivery network to improve the functionality and performance of our website. NitroPack receives your IP address. You can find out more about privacy with NitroPack here: https://nitropack.io/page/privacy
This website uses the “Clarity” service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Clarity enables an analysis of the use of our website. Mouse movements and clicks are logged in order to derive possible improvements for the website. The information collected is transmitted to Clarity and stored there. According to Microsoft, this information can also be used for advertising purposes.
11. Matomo Tracking
Our website uses Matomo, a cookieless web analytics service from InnoCraft, located in 7 Waterloo Quay PO625, 6140 Wellington in New Zealand, to help us improve your user experience. The data which is collected by us via Matomo will not be sent to or used by Matomo itself or other third parties. Read more about which data is collected by Matomo here.
Matomo does not track any personal information. Due to our configuration, users will be shown to us with an anonymous IP and personal details will be ignored, while we can see each ‘user’ with a personal identifier number.
V. Social Networks
We operate our own presences in the social networks Facebook, LinkedIn, Twitter, Youtube (Google Ireland Limited) and Xing. These networks process your personal data, for example, to create usage profiles corresponding to your interests. Cookies may be stored on your device for this purpose. You can find more detailed information on data processing by the individual networks in the respective data protection information and, if applicable, in the cookie policies of the networks:
This data protection information also contains information about the type and scope of data processing by the respective networks, as well as the options for asserting your data subject rights (right to information, confirmation, correction, deletion, restriction, data portability and complaint to the competent data protection supervisory authority).
We do not know which user data the social networks collect. We do not get full access to the collected user data or user profiles. We can only access public profile information. What information you choose to make public can be customized through your account settings.
If available, we use user data from the chat features to answer your questions. Customer data collected is used to contact the user to provide requested information and offers.
We may receive anonymous statistics from social networks based on legitimate interest in the use of our site such as.
- Followers: number of people who follow us – including growth and development over a defined period of time.
- Reach: number of people who see a particular post. Number of interactions on a post. For example, you can deduce which content is better than others in the community.
- Ad performance: how many people saw and interacted with an ad or article.
- Demographics: average age of visitors, gender, location, language, industry.
These statistics are used to constantly improve our online content and better respond to the interests of our users. We cannot link the statistical data to the profiles of our fans or individual users. You can use your account settings on social networks to decide in which way you want to display targeted ads.
Special notes on Facebook
We are jointly responsible with Facebook for the operation of the Facebook fan page under data protection law. In Europe, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland is the responsible party. The joint responsibility is regulated in the Facebook Page Insights Supplement regarding the Facebook responsible party:
For more information on the processing of Page Insights data, please visit https://www.facebook.com/legal/terms/information_about_page_insights_data
Data processing outside of Europe by Facebook Inc, 1601 Willow Road, Menlo Park, CA 94025, USA is possible under certain circumstances.
VI. How can you refuse and delete cookies?
|We use the Google Analytics service to understand how our campaigns work and how you as a user interact with our websites. This enables us to continually improve usability for our visitors.
|Google’s tracking cookies enable us to track the extent to which you perform certain actions relative to our online presence immediately after you have seen one of our ads on Google and confirmed this with a click. Google uses these cookies to analyze what content you have viewed on our websites in order to display personalized ads at other Google partners.
|LinkedIn’s Insight tag allows us to analyze campaigns and collect information about website visitors who have accessed us through LinkedIn campaigns.
|Personio is an HR tool that supports us in applicant management and personnel administration. Cookies are used to process personal user data (e.g., form entries and uploaded applicant files).
|On our websites, we embed YouTube videos and link to them. Therefore, when you visit individual sub-pages of our websites, it is possible that embedded YouTube content will be displayed and forwarded to corresponding YouTube cookies.
|We use components of the LiveChat GmbH, Ekkehardstrasse 10, 78224 Singen. Each time our site is accessed, this component collects and stores data for web analysis and for the operation of the live chat system, from which user profiles can then be created by using cookies under a pseudonym. These user profiles can be used to analyze visitor behavior and operate the live chat system and can be evaluated to improve and customize our online offer
VII. Possibility of objection and elimination
If the data processing is based on your consent or our legitimate interest, you have the right to object to the processing or to revoke your consent at any time. Your objection or revocation only has an effect for the future. If the analysis cookies used offer their own technical options for deactivation, this is shown there in each case. You may at any time exercise your right of objection or revocation by contacting email@example.com. If you object to processing on the basis of our legitimate interest, we may nevertheless continue processing if we can prove compelling reasons worthy of protection for the processing which outweigh your interests, rights and freedoms.
VIII. Recipients of data
The processing of your personal data within the scope of our websites, is partly also carried out by order processors, in particular the hosting of our websites and the use of analysis tools. These are involved exclusively on the basis of an agreement to order agreement in accordance with Art. 28 (3) GDPR.
IX. Rights of the persons concerned
If personal data are processed, you are a data subject within the meaning of Art. 4 para. 1 GDPR. As the data subject, you have the following rights with regard to your personal data. To exercise these rights, please contact us using the contact details above.
Right to information according to Art. 15 GDPR
You have a right to information about your personal data processed by us. This includes the mandatory information set out in Art. 15 GDPR.
Right to correction under Article 16 GDPR
You have the right to correct incorrect personal data without delay and to complete incorrect personal data.
Right to cancellation in accordance with Art. 17 GDPR
You have the right to request the deletion of your personal data if one of the reasons mentioned in Art. 17 GDPR intervenes, in particular if there is no longer a legal basis for the processing.
Right to limitation of processing according to Art. 18 GDPR
You have the right to request the restriction of the processing of your personal data if one of the reasons mentioned in Art. 18 GDPR intervenes, in particular at your request instead of deleting the data.
Right to data transferability according to Art. 20 GDPR
You have the right to request all personal data stored by us about you in a structured, current and machine-readable format and to transmit this data to another person in charge without obstruction by the person responsible to whom the personal data was provided.
Right of appeal to the competent supervisory authority, Art. 77 GDPR
According to Art. 77 GDPR, you have the right to file a complaint with the supervisory authority responsible for you.
X. Data transfer to third countries
The personal data we collect from you through the websites will also be transferred to some extent to third countries outside the European Economic Area.
In the exceptional cases described above, when using Google tools, your IP address may be transmitted to Google LLC in full and only shortened there.
When using the analysis tool ActiveCampaign and LinkedIn Analytics from LinkedIn, as well as in the context of the listed social media plugins, your IP address and other information is transmitted to the respective operators.
Google, Facebook (Instagram), LiveChat, Twitter and LinkedIn are each located in the USA and thus, according to Art. 44 DSGVO, in a so-called “third country”. All of these companies mentioned above secure or process your data on the basis of the respective standard contractual clauses. The current Binding Corporate Rules apply to Salesforce.