Data protection

You are here: Blog / Data protection

1. General information

In this section of the privacy policy you will find information on the scope, the person responsible for data processing, the data protection officer and data security. We also explain in advance the meaning of important terms used in the privacy policy.

1.1. Important terms

Browser : computer program for displaying web pages (eg Chrome, Firefox, Safari)

Cookies : text files that the called web server places on the user’s computer using the browser used. The stored cookie information may contain both an identifier (cookie ID) used for recognition, as well as content information such as login status or information about visited web pages. The browser sends the cookie information back to the web server with each new request on later, new visits to this page. Most browsers accept cookies automatically. You can manage cookies using the browser features (usually under “Options” or “Preferences”). This can disable he storage of cookies, be made dependent on your approval in individual cases or otherwise restricted. You can also delete cookies at any time.

Third countries : countries outside the European Union (EU)

DSGVO : Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of data and repealing Directive 95/46 / EC (General Data Protection Regulation, GDPR)

Personal Data : Any information relating to an identified or identifiable natural person. A natural person is considered as identifiable, if he/she can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, that are the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

Profiling : Any type of automated processing of personal data that involves the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or residence transfers of this natural person

Services : our offers subject to this Privacy Policy (see scope).

Tracking : the collection of data and their evaluation regarding the behavior of visitors to our services

Tracking technologies : Tracking can be done both via the log files stored on our web servers and by collecting data from your device via pixels, cookies and similar tracking technologies.

Processing:   Any process or series of operations performed with or without the aid of automated procedures, such as collecting, collecting, organizing, organizing, storing, adapting or modifying, reading, querying, using, disclosing by transmission, dissemination or other form of provision, matching or linking, restriction, erasure or destruction.

Pixels : pixels are also called counting pixels, tracking pixels, web beacons or web bugs. These are small, invisible graphics in HTML emails or on web pages. When a document is opened, this small image is downloaded from a server on the Internet, where the download is registered there. This allows the operator of the server to see if and when an e-mail has been opened or a website has been visited. Usually this function is realized by calling a small program (Javascript). This will allow certain types of information to be detected and shared on your computer system, such as the content of cookies, the time and date of the page view, and a description of the page on which the pixel is located.

1.2. Scope

This Privacy Policy applies to our online offering, available at www.meopin.com, www.info.meopin.com, and the Meopin Apps, and anytime, when referred to in this Privacy Policy in one of our offers (such as websites, subdomains, mobile applications, web services or affiliations in third parties websites), regardless of the way you access or use it

All of these offers are collectively referred to as “Services”.

1.3. Responsible

Data Controller – the one who decides on the purposes and means of processing personal data – in connection with the Services is:

Meopin-OP UG (limited liability)

Hohenstaufenring 62

D-50674 Cologne (Germany)

Telephone: +49 221 26 01 62 96

E-mail: compliance@meopin.com

1.4. Data Protection Officer

You can contact our data protection officer via the contact data mentioned under 1.3., to the attention of Data Protection Department, or by email compliance@meopin.com.

 

 

2. Data processing in detail

In this section of the privacy policy we will inform you in detail about the processing of personal data in the context of our services. For better clarity, we divide this information into certain functionalities of our services. During the normal use of the services, different functionalities and thus also different processing operations can come into play successively or simultaneously.   In particular, we point out that the transmission of access data to external content providers is inevitable due to the technical functioning of information transmission on the Internet. The third party providers themselves are responsible for the privacy-compliant operation of the IT systems they use. The decision on the storage duration of the data is up to the service providers.

2.1. General information about the data processing

For all processing operations described below, unless otherwise stated:

a) No obligation to provide & consequences of non-provisioning

The provision of personal information is not required by law or contract and you are not required to provide data. We inform you as part of the entry process, if the provision of personal data for the respective service is required (eg by the indication as a “mandatory field”). In the case of required data, non-provisioning means that the service concerned can not be provided. Otherwise, non-provisioning may mean that we can not provide our services in the same form and quality.

The basic data contained in the profiles of the health professionals are made available to us by third parties, or we collect them ourselves.

b)Consent

In some cases you may also give us your consent to further processing in connection with the processing described below (possibly for some of the data). In this case, we will inform you separately in connection with the submission of the respective declaration of consent of all modalities and the scope of the consent and the purposes that we pursue with these processing operations. The processing operations based on your consent are therefore not listed here again (Article 13 (4) GDPR).

c) Transfer of personal data to third countries

If we transmit data to third countries, ie countries outside the European Union, the transmission will take place only in compliance with the legal eligibility requirements.

If the transmission of the data to a third country does not serve the purpose of fulfilling our contract with you, we do not have your consent, the transmission is not required for asserting, exercising or defending legal claims and otherwise no exemption according to Art. 49 GDPR is communicated, your data will only be transmitted to a third country, if there is an adequacy decision under Art. 45 GDPR or suitable guarantees according to Art. 46 GDPR.

One of these adequacy decisions is the EU Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the so-called “US-US Privacy Shield” for the USA. For transfers to companies that are certified according to the EU-US Privacy Shield, the data protection level is generally considered appropriate in terms of Art. 45 GDPR.

Alternatively or additionally, the conclusion of the EU standard data protection clauses adopted by the European Commission will provide the receiving body with appropriate guarantees under Article 46 (2) (c) GDPR and an adequate level of data protection. Copies of EU standard privacy clauses are available on the European Commission’s website.

d) Hosting at external service providers

Our data processing takes place to a large extent with the involvement of so-called hosting service providers who provide us with storage space and processing capacities in their data centers and process personal data on our behalf in accordance with our instructions. All of the functionalities listed below may transfer personal data to hosting service providers. These service providers process data either exclusively in the EU or we have ensured an adequate level of data protection using the EU standard data protection clauses (see c.).

e) Transmission to state authorities

We provide personal information to governmental authorities (including law enforcement agencies) when required to fulfill a legal obligation to which we are subject (legal basis: Art. 6 (1) (c) GDPR) or to assert, exercise or defend legal claims (legal basis Art. 6 (1) f) GDPR).

f) Storage time

Under “Storage duration” is indicated in each case, how long we use the data for the respective processing purpose. At the end of this period, the data will no longer be processed by us but will be deleted at regular intervals, unless continuing processing and storage is required by law (in particular because it is necessary to fulfill a legal obligation or to assert, exercise or defend legal claims ) or you give us further consent.

g) Names of data categories

The following sections use the following summary category names for specific types of data:

Account data: login / user ID and password

Address data: street, house number, possibly additions to addressees, zip code, city, country

Credentials: information about the service you have signed up for; dates and technical information on registration, confirmation and deregistration; data you specified at registration

References: ordered products / service, prices, payment information

Treatment evidence: everything with which one can prove a treatment with the doctor (prescription, sick report, bonus booklets, medical certificates, correspondence)

Application documents: curriculum vitae, certificates, evidence, work samples, certificates, pictures

Rating data: free text information that can contain all sorts of data

Calendar items: appointment, free text, reason for treatment, type of insurance

Contact details: telephone number(s), fax number(s), e-mail address(es)

Usage data Press distribution list: salutation, name, e-mail address, if necessary first name and medium

User Profile Data Newsletter: opening the newsletter (date and time), contents, selected links, as well as the following information of the accessing computer system: used Internet Protocol address (IP address), browser type and version, device type, operating system and similar technical information.

Persons master data: title, salutation / gender, first name, last name, date of birth

Profile data: title, salutation / gender, first name, surname, discipline (s), year of birth, address, date of establishment

Payment data: account information

Access data: date and time of visit of our service; the page from which the accessing system came to our site; pages accessed during use; session identification data; and the following information of the accessing computer system: used Internet Protocol address (IP address), browser type and version, device type, operating system and similar technical information.

2.2. Listing of the basic data of doctors and health professionals and institutions

We only publish business related data from general practitioners and health care professionals and institutions, collectively referred to as profile data. These profile data are also freely accessible to the public from other sources and were transmitted to us by a third party company or determined by us. The businesslike collection, storage, listing and use of publicly available, personal data is, governed by Art. 6 (1) (f) GDPR, allowed. The general public has an interest in making data about doctors, therapists and health professionals quickly and completely accessible.This was confirmed again by the German Federal Court of Justice (Bundesgerichtshof) in September 2014 (ref. VI ZR 358/13) and in February 2018 (ref. VI ZR 30/17). The data is made available to users via the platform. The storage takes place until the business or professional activity is temporarily or definitely stopped.

2.3.   Business-related processing

We process contract data (eg, subject, duration, customer category) and payment data (eg, bank details, payment history) of our customers, prospects and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.

2.4. Order processing in the online shop and customer account

We process the data of our customers as part of the ordering process in our online shop to allow them to select and order the selected products and services, as well as their payment and delivery, or execution.

The processed data includes inventory data, communication data, contract data, payment data and those affected by the processing belong to our customers, prospects and other business partners. Processing is for the purpose of providing contractual services in the context of operating an online shop, billing, delivery and customer service. Here we use session cookies for the storage of the shopping cart contents and permanent cookies for the storage of the login status.

he processing takes place for the fulfillment of our achievements and execution of contractual measures (eg execution of order processes) and as far as it is prescribed by law (eg, legally required archiving of business transactions for trade and tax purposes). The information marked as required for the establishment and fulfillment of the contract is required. We disclose the data to third parties only in the context of extradition, payment or legal permissions and obligations, as well as if this is based on our legitimate interests, which we inform you in the context of this privacy policy (eg, to legal and tax consultants, financial institutions, freight companies and public authorities).

Users can optionally create a user account, in particular by being able to view their orders. As part of the registration, the required mandatory information will be communicated to the users. The user accounts are not public and can not be indexed by search engines. If users have terminated their user account, their data will be deleted with respect to the user account, subject to their retention is necessary for commercial or tax reasons.Information in the customer’s account remains until its deletion with subsequent archiving in the case of a legal obligation or our legitimate interests (eg, in the case of litigation). It is the responsibility of the users to secure their data upon termination prior to the end of the contract.

As part of the registration and re-registration and use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. A transfer of these data to third parties does not take place, unless it is necessary for the pursuit of our legal claims as a legitimate interest or there is a legal obligation to do so.

The deletion takes place after expiry of legal warranty and other contractual rights or obligations (eg, payment entitlements or performance obligations from contracts with customers), whereby the necessity of keeping the data is checked every three years; in the case of storage due to legal archiving obligations, the deletion takes place after its expiration.

2.5. Agency services

We process our clients’ data as part of our contractual services that include conceptual and strategic consulting, campaign planning, software and design development / consulting or maintenance, campaign / process / handling implementation, server administration, data analysis / consulting services, and training services.

Here we process stock data (eg, customer master data, such as names or addresses), contact data (eg, e-mail, telephone numbers), content data (eg, text input, photographs, videos), contract data (eg, subject matter, term), payment data (eg, Bank details, payment history), usage and metadata (eg as part of the evaluation and success measurement of marketing measures). In principle, we do not process special categories of personal data, unless these are components of a commissioned processing. Those affected include our customers, prospects and their customers, users, website visitors or employees as well as third parties. The purpose of the processing is the provision of contract services, billing and our customer service.The legal basis for processing results from Art. 6 (1) (b) GDPR (contractual services), Art. 6 (1) (f) GDPR (analysis, statistics, optimization, security measures). We process data necessary for the establishment and performance of the contractual services and indicate the necessity of their information. Disclosure to external parties will only be made if required by an order. In the processing of the data provided to us within the framework of an order, we act in accordance with the instructions of the client as well as the legal requirements of a order processing according to Art. 28 GDPR and process the data for no other purpose than the order.

We delete the data after expiration of legal warranty and comparable obligations. Tthe necessity of keeping the data is checked every three years; in the case of legal archiving obligations, the deletion takes place after its expiry (6 years, pursuant to § 257 (1) HGB, 10 yers, in accordance with § 147 (1) AO). In the case of data disclosed to us in the context of an order by the client, we delete the data according to the specifications of the order, in principle after the end of the order.

2.6. Contractual services

We process the data of our contractual partners and interested parties as well as other clients, customers, clients, clients or contractual partners (uniformly referred to as “contractual partners”) in accordance with Art. 6 (1) (b) GDPR in order to provide you with our contractual or pre-contractual services. The data processed, the nature, scope and purpose and necessity of their processing are determined by the underlying contractual relationship.

The processed data includes the master data of our contractual partners (eg, names and addresses), contact data (eg e-mail addresses and telephone numbers) as well as contract data (eg, services used, contract contents, contractual communication, names of contact persons) and payment data (eg, Bank details, payment history).

In principle, we do not process special categories of personal data, unless they are part of a commissioned or contractual processing.

We process data that are necessary for the establishment and fulfillment of the contractual services and point out the necessity of their information, if this is not evident for the contractual partners. Disclosure to external persons or companies will only be made if required by a contract. When processing the data provided to us within the scope of an order, we act in accordance with the instructions of the client and the legal requirements.

As part of the use of our online services, we may save the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the interests of the user in the protection against misuse and other unauthorized use. A transfer of this data to third parties is not, unless it is to pursue our claims acc. Art. 6 (1) (f) GDPR required or there is a legal obligation acc. Art. 6 (1) (c) GDPR.

The data is deleted if the data is no longer required for the fulfillment of contractual or legal duties of care and for handling any warranty and comparable obligations, whereby the necessity of keeping the data is reviewed every three years; otherwise the statutory storage obligations apply.

2.7. External payment service providers

We use external payment service providers whose platforms allow users and us to make payment transactions. These payment service providers may include, in each case with a link to the privacy policy: Paypal (https://www.paypal.com/web/sapps/mpp/ua/privacy-full), Klarna (https://www.klarna.com/de / privacy /), Skrill (https://www.skrill.com/en/foot- line/privacy-policy/), Giropay (https://www.giropay.de/rechtliches/datenschutz-agb/), Visa (https://www.visa.de/datenschutz), Mastercard (https://www.mastercard.de/de-de/datenschutz.html), American Express (https://www.americanexpress.com/en/content/privacy- policy-statement.html), Stripe (https://stripe.com/en/privacy).

We use payment providers as part of the fulfillment of contracts on the basis of Art. 6 (1) l(b) GDPR. Incidentally, we use external  Payment service provider based on our legitimate interests acc. Art. 6 (1) (f) GDPR in order to offer our users effective and secure payment options.

Data processed by PSPs includes inventory data, such as name and address, bank details, such as bank account numbers or credit card numbers, passwords, TANs and checksums, and contract, summary and recipient-related information. The information is required to complete the transactions. However, the data entered will only be processed and stored by the payment service providers. This means we do not receive any account or credit card-related information, only information with confirmation or negative disclosure of the payment. The data may be transmitted by the payment service providers to credit reporting agencies. This transmission aims at the identity and credit check. For this we refer to the terms and conditions and privacy policy of the payment service providers.

For the payment transactions, the terms and conditions and the privacy notices of the respective payment service providers, which are available within the respective websites, or transactional applications apply. We also refer to these for further information and assertion of rights of revocation, information and other data subjects.

2.8. Administration, financial accounting, office organization, contact management

We process data in the context of administrative tasks and organization of our company, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the course of rendering our contractual services. The processing bases are Art. 6 (1) (c) GDPR, Art. 6 (1) (f) GDPR. The processing affects customers, prospects, business partners and website visitors. The purpose and interest in processing lies in the administration, financial accounting, office organization, archiving of data, ie tasks that serve the maintenance of our business activities, performance of our duties and performance of our services. The deletion of the data corresponds to the information given in these processing activities.

We disclose or transmit data to the tax administration, consultants, such as tax consultants or auditors, as well as other fee centers and payment service providers.

On the basis of our business interests, we also store information about suppliers, organizers and other business partners, eg for the purpose of contacting them later. In principle, we store this majority of company-related data permanently.

2.9. Google Cloud Services

We leverage Google’s cloud and cloud software services (called Software as a Service, such as Google Suite) for the following purposes: document storage and management, calendaring, e-mailing, spreadsheets and presentations, sharing documents, content and information with particular recipients or publication of web pages, forms or other content and information as well as chats and participation in audio and video conferencing.

For that the personal data of the users are processed, as far as these are an element of the described documents and content or are part of communication processes. This may include, for example, master data and contact data of users, data on transactions, contracts, other processes and their contents. Google also processes usage data and metadata used by Google for security and service optimization purposes.

In the context of using publicly accessible documents, websites or other content, Google may store cookies on users’ computers for the purposes of web analytics or to remember users’ preferences.

We use Google Cloud services based on our legitimate interests according to Art. 6 (1) (f) GDPR on efficient and secure administrative and cooperation processes. Further, processing is based on a contract processing contract with Google (https://cloud.google.com/terms/data-processing-terms).

For more information, see the Google Privacy Policy (https://www.google.com/policies/privacy) and the Google Cloud Services Security Advisory (https://cloud.google.com/security/privacy/). You may object to the processing of your data in the Google Cloud in writing to us in accordance with legal requirements. Moreover, the deletion of the data within Google’s cloud services is determined by the other processes in which the data is processed (eg, deletion of data that is no longer required for purposes of the contract or required for taxation purposes).

The Google Cloud Services are offered by Google Ireland Limited. To the extent that a transfer to the US occurs, we refer to the Google US certification under the Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000000001L5AAI&status=Active) and Standard Protection Terms (https://cloud.google.com / terms / data-processing-terms).

2.10. Microsoft cloud services

We use Microsoft’s cloud and cloud software services (called software as a service, such as Microsoft Office) for the following purposes: document storage and management, calendar management, e-mailing, spreadsheets and presentations, document exchange, content and information with particular recipients or publication of web pages, forms or other content and information as well as chats and participation in audio and video conferencing.

For that the personal data of the users are processed, as far as these are an element of the described documents and content or are part of communication processes. This may include, for example, master data and contact data of users, data on transactions, contracts, other processes and their contents. Microsoft also processes usage data and metadata used by Microsoft for security and service optimization purposes.

When using publicly available documents, web pages or other content, Microsoft may save cookies on users’ computers for the purposes of web analysis or to remember users’ settings.

We use Microsoft cloud services based on our legitimate interests according to Art. 6 (1) (f) GDPR on efficient and secure administrative and cooperation processes. Further, processing is based on a contract processing contract with Microsoft.

For more information, see the Microsoft Privacy Policy (https://privacy.microsoft.com/en-us/privacystatement) and the Microsoft Cloud Services Security Advisory (https://www.microsoft.com/en-us/trustcenter ). You may object to the processing of your data in the Microsoft Cloud in wirting to us according to the legal requirements. In addition, the deletion of the data within Microsoft’s cloud services is determined by the remainder of the processes in which the data is processed (eg, deletion of data that is no longer required for purposes of the contract or required for taxation purposes).

The Microsoft Cloud Services are offered by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA. As far as processing of data into the US takes place, we refer to Microsoft’s certification under the Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).

2.11. Job application process

We process the job applicant data only for the purpose and in the context of the application process in accordance with the legal requirements. The processing of the applicant data takes place in order to fulfill our (pre-) contractual obligations in the context of the application process within the meaning of Art. 6 (1) (b) GDPR, Art. 6 (1) (f) GDPR insofar as the processing of data is necessary for us eg in the context of legal procedures (in Germany § 26 BDSG applies additionally).

The application process requires applicants to provide us with the applicant data. The necessary applicant data are, as far as we offer an online form, marked, otherwise result from the job descriptions and basically include the information on the person, postal and contact addresses and the documents belonging to the application, such as cover letter, CV and certificates. In addition, applicants may voluntarily provide us with additional information.

By submitting the application to us, the applicants agree to the processing of their data for the purposes of the application process in accordance with the nature and scope set forth in this Privacy Policy.

Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR are voluntarily communicated within the framework of the application procedure, their processing is additionally carried out in accordance with Art. 9 (2) (b) GDPR (eg health data, such as disability or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR are requested from applicants in the context of the application process, their processing is additionally carried out in accordance with Art. 9 (2) (a) GDPR (eg health data, if necessary for the profession).

If provided, applicants may submit their applications via our online form on our website. The data will be encrypted and transmitted to us according to the state of the art. Furthermore, applicants may send us their applications via e-mail. However, please note that e-mails are generally not sent encrypted and that applicants themselves must provide encryption. We can therefore take no responsibility for the transmission of the application between the sender and the reception on our server and therefore recommend rather to use an online form or the postal delivery. Because instead of applying via the online form and e-mail, applicants still have the opportunity to send us the application by post.

We may further process the data provided by the applicants in the event of a successful application for employment purposes. Otherwise, if the application for a job offer is not successful, the applicants’ data will be deleted. Applicants’ data will also be deleted if an application is withdrawn, which the applicants are entitled to do at any time.

The cancellation is subject to a legitimate withdrawal of the candidates, after the expiration of a period of six months, so that we can answer any follow-up questions to the application and meet our proof obligations under the Equal Treatment Act. Invoices for any reimbursement of travel expenses are archived in accordance with tax regulations.

Within the framework of the application, we offer applicants the opportunity to invest in our “Talent Pool” for a period of two years on the basis of a consent in accordance with Art. 6 (1) (a) and Art. 7 DPR.

The application documents in the Talent Pool are processed solely as part of future job advertisements and job search and will be destroyed at the latest after the deadline. Applicants are informed that their consent to be included in the Talent Pool is voluntary, has no influence on the current application process, and that they may revoke this consent at any time in the future and declare an objection within the meaning of Art. 21 GDPR.

2.12. Recording function

Users may create a user account. As part of the registration, the required mandatory information is communicated to the users and, based on Art. 6 (1) (b) GDPR, processed for purposes of providing the user account. The processed data include in particular the login information (name, password and an e-mail address). The data entered during registration will be used for the purpose of using the user account and its purpose.

Users may be informed by e-mail about information relevant to their user account, such as technical changes. If users have terminated their user account, their data will be deleted with respect to the user account, subject to a legal retention requirement. It is the responsibility of the users to secure their data upon termination prior to the end of the contract. We are entitled to irretrievably delete all user data stored during the term of the contract.

In the context of the use of our registration and registration functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. A transfer of this data to third parties does not take place, unless it is necessary for the pursuit of our claims or there is a legal obligation in accordance with. Art. 6 (1) (c) GDPR. The IP addresses will be anonymized or deleted after 7 days at the latest.

2.13. Comments and posts

If users leave comments or other contributions, their IP addresses will be stored for 7 days based on our legitimate interests within the meaning of Art. 6 (1) (f) GDPR. This is for our own safety, if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we may be sued for the comment or post and are therefore interested in the identity of the author.

Furthermore, we reserve the right, in accordance with our legitimate interests, according to Art. 6 (1) (f) GDPR, to process the information of users for the purpose of spam detection.

On the same legal basis, we reserve the right, in the case of surveys, to store the IP addresses of users for the duration of their use and to use cookies to avoid multiple votes.

The information provided in the comments and contributions to the person, any contact and website information as well as the content information, are stored by us until the opposition of the users permanently.

2.14. Akismet anti-spam check

Our online offering uses the “Akismet” service offered by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. The use is based on our legitimate interests within the meaning of Art. 6 (1) (f) GDPR. With the help of this service, comments of real people are distinguished from spam comments. All comment information is sent to a server in the US, where it is analyzed and stored for four days for comparison. If a comment has been classified as spam, the data will be stored beyond that time. This information includes the name entered, the email address, the IP address, the comment content, the referrer, details of the browser used, the computer system and the time of the entry.

For more information about the collection and use of data by Akismet, see the Automattic Privacy Notice: https://automattic.com/privacy/.

Users are welcome to use pseudonyms, or to refrain from entering the name or email address. You can completely prevent the transfer of data by not using our commenting system. That would be a shame, but unfortunately we see no other alternatives that work equally effectively.

2.15. Get profile pictures from Gravatar

We use the Gravatar service of Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA, within our online offering and specifically on the blog.

Gravatar is a service that allows users to log in and submit profile pictures and their email addresses. If users with the respective e-mail address on other online sites (especially in blogs) leave posts or comments, their profile pictures can be displayed next to the posts or comments. For this purpose, the e-mail address communicated by the users to Gravatar is transmitted in encrypted form in order to check whether a profile has been stored for it. This is the sole purpose of sending the e-mail address and it will not be used for other purposes, but will be deleted afterwards.

The use of Gravatar is based on our legitimate interests within the meaning of Art. 6 (1) (f) GDPR, because with the help of Gravatar we offer the post and comment writers the opportunity to personalize their posts with a profile picture.

By displaying the images, Gravatar has learned the IP address of the users, as this is necessary for communication between a browser and an online service. For more information about Gravatar’s collection and use of data, see the Automattic Privacy Notice: https://automattic.com/privacy/.

If users do not want a user picture linked to their email address on Gravatar to appear in the comments, you should use an email address that is not registered with Gravatar to comment. We also point out that it is also possible to use an anonymous or even no e-mail address if the users do not want their own e-mail address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our commenting system.

2.16. Newsletter

With the following information we inform you about the content of our newsletter as well as the registration, shipping and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.

Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter “newsletter”) only with the consent of the recipient or a legal permission. Insofar as the content of a newsletter is concretely described in the context of an application for the newsletter, it is decisive for the consent of the user. Incidentally, our newsletters contain information about our services and us.

Double opt-in and logging: Registration for our newsletter is done in a so-called double opt-in procedure. That means you will receive an e-mail after logging in to ask for confirmation of your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the logon and the confirmation time, as well as the IP address. Likewise, changes to your data stored with the shipping service provider will be logged.

Credentials: To subscribe to the newsletter, it is sufficient to provide your e-mail address. Optionally, we ask you to give a name in the newsletter for personal address.

The dispatch of the newsletter and the related performance measurement are based on the consent of the recipient acc. Art. 6 (1) (a),  Art. 7 GDPR in connection with § 7 (2) Nr. 3 UWG or if a consent is not required, based on our legitimate interests in direct marketing acc. Art. 6 (1) (f) GDPR in conjunction with § 7 (3) UWG.

The logging of the registration process is based on our legitimate interests in accordance with. Art. 6 (1) (f) GDPR. We are interested in using a user-friendly and secure newsletter system that serves our business interests as well as meeting the expectations of users and allows us to provide consent.

Termination / Revocation – You may cancel the receipt of our newsletter at any time, ie revoke your consent. A link to cancel the newsletter may be found at the end of each newsletter. We may save the submitted email addresses for up to three years based on our legitimate interests before we delete them to provide prior consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided that at the same time the former existence of a consent is confirmed.

The newsletters are distributed using MailChimp, a mailing service platform owned by Rocket Science Group, LLC, 675 Ponce De Leon Ave # 5000, Atlanta, GA 30308, USA. The privacy policy of the shipping service provider can be viewed here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection standards (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The shipping service provider is based on our legitimate interests gem. Art. 6 (1) (f) GDPR and a contract processing agreement acc. Art. 28 (3) sentence 1 GDPR.

The shipping service provider may use the data of the recipient in a pseudonymous form, ie without assignment to a user, to optimize or improve their own services, eg for the technical optimization of shipping and the presentation of newsletters or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to address them themselves or to pass the data on to third parties.

The newsletters contain a so-called “web beacon”, ie a pixel-sized file that is retrieved from the server when the newsletter is opened by our server or, if we use a shipping service provider. As part of this call, technical information, such as information about the browser and your system, as well as your IP address and time of the call are collected.

This information is used to improve the technical performance of services based on their specifications or audience and their reading habits, based on their locations (which can be determined using the IP address) or access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention nor, if used, that of the shipping service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

A separate revocation of the performance measurement is unfortunately not possible, in this case, the entire newsletter subscription must be terminated.

2.17. Hosting and e-mailing

The hosting services we use are designed to provide the following services: infrastructure and platform services, computing capacity, storage and database services, e-mail delivery, security and technical maintenance services we use to operate this online service.

Here we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer acc. Art. 6 (1) (f) GDPR in conjunction with Art. 28 GDPR (conclusion of contract processing contract).

2.18. Collection of access data and log files

We, or our hosting provider, collect on the basis of our legitimate interests within the meaning of Art. 6 (1) (f)  GDPR, data on every access to the server on which this service is located (so-called server log files). The access data includes the name of the retrieved web page, file, date and time of retrieval, amount of data transferred, notification of successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Logfile information is stored for security reasons (eg to investigate abusive or fraudulent activities) for a maximum of 7 days and then deleted. Data whose further retention is required for evidential purposes are excluded from the erasure until the final clarification of the incident.

2.19. Google Tag Manager

Google Tag Manager is a solution that allows us to manage so-called website tags through a single interface (including integrating Google Analytics and other Google marketing services into our online offering). The tag manager itself (which implements the tags) does not process users’ personal data. With regard to the processing of users’ personal data, reference is made to the following information about the Google services. Usage Policy: https://www.google.com/intl/en/tagmanager/use-policy.html.

2.20. Google Analytics

Based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) (f) GDPR, we use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street , Dublin 4, Ireland (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the users are usually transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offering and to provide us with further services related to the use of this online offer and the internet usage. In this case, pseudonymous user profiles of the processed data can be created.

We only use Google Analytics with activated IP anonymization. This means that the IP address of the users is shortened by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.

The IP address submitted by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly. Users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online offer as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http: // tools .google.com / dlpage / gaoptout? hl = en. For more information about Google’s data usage, hiring and disparaging options, please read Google’s Privacy Policy (https://policies.google.com/privacy) and Google’s Ads Ads Settings (https: // adssettings. google.com/authenticated). The personal data of users will be deleted or anonymized after 14 months.

We use Google Analytics as “universal analytics”. “Universal Analytics” means a process by Google Analytics, in which the user analysis is based on a pseudonymous user ID and thus a pseudonymous profile of the user is created with information from the use of different devices (so-called “cross-device tracking”) ,

We use Google Analytics to display the advertisements displayed within Google and its affiliate advertising services, only to those users who have shown an interest in our online offering or who have certain characteristics (eg, interest in specific topics or products that are defined by the accessed web pages) that we submit to Google (so-called “Remarketing” or “Google Analytics Audiences”). With Remarketing Audiences, we also want to make sure that our ads meet the potential interest of users.

2.21. Google Adwords and conversion measurement  

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, (“Google”) on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online service within the meaning of Art. 6 (1) (f) GDPR).

Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use Google’s online AdWords marketing tool “AdWords” to place ads on the Google advertising network (eg, in search results, in videos, on websites, etc.) to show them to people who have a suspected interest in the ads. This allows us to better target advertisements for and within our online offering so that we only present ads to users that potentially match their interests. For example, if a user sees ads for products he’s been looking for on other online offerings, that’s called remarketing. For these purposes, when we visit our and other websites where the Google Advertising Network is active, Google will immediately execute Google code and so-called (re) marketing tags (invisible graphics or code, also referred to as “web beacons”) will be incorporated into the website. With their help, the user’s device stores an individual cookie, ie a small file (instead of cookies, comparable technologies can also be used). In this file is noted which web pages the user visited, for what content he is interested and what offers the user has clicked, as well as technical information about the browser and operating system, referring web pages, visit time and other information on the use of the online offer.

Furthermore, we receive an individual “conversion cookie”. The information obtained through the cookie is used by Google to generate conversion statistics for us. However, we only get the anonymous total number of users who clicked on our ad and were redirected to a conversion tracking tag page. However, we do not receive information that personally identifies users.

The data of the users are pseudonymly processed in the context of the Google advertising network. For example, Google does not store and process users’ names or e-mail addresses, but processes the relevant data in a cookie-related manner within pseudonymous user profiles. From the perspective of Google, the ads are not managed and displayed to a specifically identified person, but to the cookie owner, regardless of who that cookie owner is. This does not apply if a user has explicitly allowed Google to process the data without this pseudonymization. The information collected about users is transmitted to Google and stored on Google’s servers in the United States.

For more information about Google’s data usage, hiring and opt-out options, please read Google’s Privacy Policy (https://policies.google.com/technologies/ads) and Google’s Ads Ads Settings (https: // adssettings.google.com/authenticated).

2.22. Google Doubleclick  

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online service within the meaning of Art. 6 (1) (f) GDPR.

Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use the online marketing method Google “DoubleClick” to place ads on the Google advertising network (eg, in search results, in videos, on websites, etc.). Double Click is characterized by displaying real-time ads based on the alleged interests of users. This allows us to better target advertisements for and within our online offering so that we only present ads to users that potentially match their interests. For example, if a user sees ads for products he’s been looking for on other online offerings, that’s called remarketing. For these purposes, upon access to our and other websites on which the Google Advertising Network is active, Google will immediately execute Google code and so-called (re) marketing tags (invisible graphics or code, also referred to as “web beacons”) will be incorporated into the website. With their help, the user’s device stores an individual cookie, ie a small file (instead of cookies, comparable technologies can also be used). In this file is noted which web pages the user visited, for what content he is interested and what offers the user has clicked, as well as technical information about the browser and operating system, referring web pages, visit time and other information on the use of the online offer.

The IP address of the users is also recorded, whereby this is shortened within Member States of the European Union or other parties to the Agreement on the European Economic Area and only in exceptional cases completely transferred to a Google server in the USA and shortened there. The above information may also be linked by Google with such information from other sources. If the user subsequently visits other websites, he/she may be shown advertisements tailored to his/her interests based on his/her alleged interests based on his/her user profile.

The data of the users are pseudonymly processed in the context of the Google advertising network. For example, Google does not store and process users’ names or e-mail addresses, but processes the relevant data in a cookie-related manner within pseudonymous user profiles. From the perspective of Google, the ads are not managed and displayed to a specifically identified person, but to the cookie owner, regardless of who that cookie owner is. This does not apply if a user has explicitly allowed Google to process the data without this pseudonymization. The information collected about users through Google Marketing Services is transmitted to Google and stored on Google’s servers in the United States.

For more information about Google’s data usage, hiring and opt-out options, please read Google’s Privacy Policy (https://policies.google.com/technologies/ads) and Google’s Ads Ads Settings (https: // adssettings.google.com/authenticated).

2.23. Jetpack (WordPress Stats)

On the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) (f) GDPR), we use the plugin Jetpack (here the subfunction “WordPress Stats”) that includes a visitor access statistical evaluation tool, and operated by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. Jetpack uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of your use of the website.

The information generated by the cookie about your use of this online offer is stored on a server in the United States. Here, user profiles of the users can be treated from the processed data, these being used only for analysis and not for advertising purposes. For more information, please refer to Automattic’s Privacy Policy: https://automattic.com/privacy/ and Jetpack Cookie Hints: https://jetpack.com/support/cookies/.

2.24. Facebook Pixels, Custom Audiences and Facebook Conversion

Within our online offer, due to our legitimate interests in the analysis, optimization and economic operation of our online offer and for these purposes, we use the so-called “Facebook pixel” of the social network Facebook, by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025 , USA, or if you are located in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland operated (“Facebook”).

Facebook is certified under the Privacy Shield Agreement, providing a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

With the help of the Facebook pixel, it is on the one hand possible for Facebook to determine the visitors to our online offer as a target group for the presentation of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook Pixel to display the Facebook Ads we have been sent only to those Facebook users who have also shown an interest in our online offer or who have certain features (eg interests in certain topics or products visited by them) Web pages determined), which we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to make sure that our Facebook ads are in line with the potential interest of users and are not annoying.With the help of the Facebook pixel, we can also understand the effectiveness of the Facebook ads for statistical and market research purposes, in which we see whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).

The processing of the data by Facebook is part of Facebook’s data usage policy. Accordingly, general notes on how to display Facebook Ads, in Facebook’s Data Usage Policy: https://www.facebook.com/policy. For specific information and details about the Facebook Pixel and how it works, visit the help section of Facebook: https://www.facebook.com/business/help/651294705016616.

You may object to the capture by the Facebook Pixel and use of your data to display Facebook Ads. To set which types of ads you see within Facebook, you may go to the page set up by Facebook and follow the instructions for the usage-based advertising settings: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, ie they are adopted for all devices, such as desktop computers or mobile devices.

You may also use the cookies for distance measurement and promotional purposes via the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and in addition the US website (http://www.aboutads.info/ choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

2.25. Visual Website Optimizer

Within our online offer, based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) (f) GDPR, we use the service Visual Website Optimizer (an offer of Wingify Software Private Limited , 404, Gopal Heights, Netaji Subhash Place, Pitam Pura, Delhi 110034, India).

Visual Website Optimizer allows users to understand how various changes to a website (such as changes to the input fields, the design, etc.) can take place within the context of so-called “A/B-tests”, “clicktracking” and “heatmaps”. A/B tests are designed to improve the usability and performance of online offerings. For example, users are presented with different versions of a website or its elements, such as input forms, on which the placement of the content or labels of the navigation elements may differ. Subsequently, based on the behavior of the users, eg prolonged lingering on the website or more frequent interaction with the elements, it can be determined which of these websites or elements correspond more to the needs of the users.”Clicktracking” allows to survey the movements of the users within an entire online offer. Since the results of these tests are more accurate, if users ‘interaction can be tracked over a period of time (eg, if a user likes to return), cookies are usually stored on users’ computers for these purposes. “Heatmaps” are mouse movements of the users, which are combined into an overall picture, with the help of which, for example, it can be recognized which web page elements are preferentially accessed and which web page elements users prefer less.As a rule, cookies are stored on users’ computers for these test purposes. “Heatmaps” are mouse movements of the users, which are combined into an overall picture, with the help of which, for example, it can be recognized which web page elements are preferentially accessed and which web page elements users prefer less.As a rule, cookies are stored on users’ computers for these test purposes. “Heatmaps” are mouse movements of the users, which are combined into an overall picture, with the help of which, for example, it can be recognized which web page elements are preferentially accessed and which web page elements users prefer less.

Only for these purposes will cookies be stored on users’ devices. Only pseudonymous data of the users are processed. For more information, please refer to the Visual Website Optimizer privacy policy: https://vwo.com/privacy-policy/.

If you do not want the Visual Website Optimizer to track your usage behavior, you may object to data collection.

2.26. Online presence in social media  

We maintain online presence within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services.

We point out that data of the users outside the area of the European Union may be processed. This may result in risks for the users, because for example the enforcement of the rights of the users could be made more difficult. With respect to US providers certified under the Privacy Shield, we point out that they are committed to respecting EU privacy standards.

Furthermore, the data of the users are usually processed for market research and advertising purposes. For example, user profiles may be created from the user behavior and resulting user interests. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that are supposedly in line with the interests of the users. For these purposes, cookies are usually stored on the computers of the users, in which the user behavior and the interests of the users are stored. Furthermore, in the usage profiles, data can also be stored independently of the devices used by the users (in particular if the users are members of the respective platforms and logged in to them).

The processing of personal data of users is based on our legitimate interests in an effective information of users and communication with users in accordance with Art. 6 (1) (f) GDPR. If the users are asked by the respective providers of the platforms for a consent to the above-described data processing, the legal basis of the processing is Art. 6 (1) (a), Art. 7 GDPR.

For a detailed description of the respective processing and the possibilities of contradiction (opt-out), we refer to the following linked information of the provider.

Also in the case of requests for information and the assertion of user rights, we point out that these can be claimed most effectively from the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, then you can contact us.

– Facebook, Pages, Groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland), based on an agreement on joint processing of personal data – Privacy Policy: https://www.facebook.com / about / privacy /, especially for pages: https://www.facebook.com/legal/terms/information_about_page_insights_data, opt-out: https://www.facebook.com/settings?tab=ads            and  http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. – Google / YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) – Privacy Policy: https://policies.google.com/privacy, opt-out: https://adssettings.google.com/authenticated , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. – Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy Policy / Opt-Out: http://instagram.com/about/legal/privacy/. – Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Privacy Policy: https://twitter.com/privacy, opt-out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active. – Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Privacy Policy / Opt-Out: https://about.pinterest.com/en/privacy-policy. – LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – Privacy Policy https://www.linkedin.com/legal/privacy-policy , opt-out: https://www.linkedin.com/psettings/guest -controls / retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active. – Xing (XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany) – Privacy Policy / Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.
– Wakalet (Wakelet Limited, 76 Quay Street, Manchester, M3 4PR, United Kingdom) – Privacy Policy / Opt-Out: https://wakelet.com/privacy.html. – Soundcloud (SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany) – Privacy Policy / Opt-Out: https://soundcloud.com/pages/privacy.

2.27. Integration of services and contents of third parties  

Based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) (f) GDPR, we make use of content or services offered by third-party providers in order to integrate their content and services such as videos or fonts (collectively referred to as “content”).

This always presupposes that the third-party providers of this content perceive the IP address of the users, as they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavor to use only content whose respective providers use the IP address only for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information, such as visitor traffic, on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and, among other things, technical information about the browser and operating system, referencing websites, visiting hours and other information on the use of our online offer, as well as being linked to such information from other sources.

2.28. Vimeo

We may embed the videos of the Vimeo platform of Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy Policy: https://vimeo.com/privacy. Please note that Vimeo may use Google Analytics and refer to the Privacy Policy (https://policies.google.com/privacy) and opt-out options for Google Analytics (http://tools.google.com / dlpage / gaoptout? hl = DE) or Google’s data usage settings for marketing purposes (https://adssettings.google.com/).

2.29. Youtube

We embed videos from the YouTube platform of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy Policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

2.30. Google fonts

We embed the fonts (“Google Fonts”) of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. According to Google, users’ data is used solely for the purpose of displaying fonts in users’ browsers. The integration is based on our legitimate interests in a technically secure, maintenance-free and efficient use of fonts, their uniform representation and consideration of possible licensing restrictions for their integration. Privacy Policy: https://www.google.com/policies/privacy/.

2.31. Google ReCaptcha

We incorporate the bots detection feature, for example when entering into online forms (“ReCaptcha”) from Google Ireland Limited, Gordon House, BarrowStreet, Dublin 4, Ireland. Privacy Policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

2.32. Google Maps

We include maps from the Google Maps service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The processed data may include, in particular, users’ IP addresses and location data, but these are not collected without their consent (usually as part of the settings of their mobile devices). The data may be processed in the USA. Privacy Policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

2.33. Typekit fonts from Adobe

We use, on the basis of our legitimate interests (ie, interest in the analysis, optimization and cost-effective operation of our reserves within the meaning of Art. 6 (1) (f) GDPR) external “Typekit” fonts of the provider Adobe Systems Software Ireland Limited, 4 -6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland. Adobe is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active).

2.34. Use of Facebook social plugins

On the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) (f) GDPR), we use social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”).

This may include, for example, content such as images, videos or text and buttons that allow users to share content from this online offering within Facebook. The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement, providing a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user invokes a feature of this online offering that includes such a plugin, their device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the device of the user and incorporated by him into the online offer. In the process, user profiles of the processed data can be created. Therefore, we have no influence on the extent of the data that Facebook collects with the help of this plugin and therefore informs users according to our knowledge.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example, press the Like button or leave a comment, the information is transmitted from your device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save their IP address. According to Facebook, only an anonymous IP address is stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the related rights and settings options for protecting the privacy of users, can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/ ,

If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and link it to his member data stored on Facebook, he must log out of Facebook and delete his cookies before using our online offer. Other settings and disagreements on the use of data for promotional purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US-American site http://www.aboutads.info / choices / or the EU page http://www.youronlinechoices.com/. The settings are platform-independent, ie they are adopted for all devices, such as desktop computers or mobile devices.

2.35. Twitter

Within our online offering, features and content of the Twitter service offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, may be incorporated. This may include, for example, content such as pictures, videos or texts and buttons, with which users can share the contents of this online offer within Twitter.

If the users are members of the platform Twitter, Twitter can assign the call of the above mentioned contents and functions to the profiles of the users. Twitter is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy: https://twitter.com/privacy, opt-out: https://twitter.com/personalization.

2.36. Instagram

Within our online offering, features and content of the Instagram service offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, may be incorporated. This may include, for example, content such as images, videos or text and buttons that allow users to share content from this online offering within Instagram. If the users are members of the platform Instagram, Instagram can assign the call of the abovementioned contents and functions to the profiles of the users there. Instagram privacy policy: http://instagram.com/about/legal/privacy/.

2.37. LinkedIn

Within our online offering, features and content of the LinkedIn service offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, may be incorporated. This may include, for example, content such as images, videos or text and buttons that allow users to share content from this online offering within LinkedIn. If the users are members of the platform LinkedIn, LinkedIn can assign the call of the above contents and functions to the profiles of the users there. LinkedIn privacy statement: https://www.linkedin.com/legal/privacy-policy. LinkedIn is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant? id = a2zt0000000L0UZAA0 & status = Active). Privacy Policy: https://www.linkedin.com/legal/privacy-policy, opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

 

 

3. Rights of the concerned person

3.1. Right to object

If we process your personal data in order to operate direct mail, you have the right to object at any time, with future effect, to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is associated with such direct mail.

You also have the right, for reasons arising from your particular situation, at any time to object to the processing of personal data concerning you, in accordance with Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.

The right to object can be exercised free of charge. You may contact us via the contact details listed under 1.3 or alternatively by email to: compliance@meopin.com

3.2. Right to information

You have the right to request confirmation from us as to whether personal data relating to you are being processed and, if necessary, to provide information about such personal data and the other information listed in Art. 15 GDPR.

3.3. Right to rectification

You have the right to demand that we correct your incorrect personal data without delay (Art. 16 GDPR). Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary statement.

3.4. Right to deletion (right to be forgotten)

You have the right to demand that personal data relating to you be deleted without delay, provided that one of the reasons stated in Art. 17 (1) GDPR is met and the processing is not required for one of the purposes stipulated in Art. 17 (3) GDPR.

3.5. Right to restriction of processing

You are entitled to request a restriction on the processing of your personal data if one of the conditions regulated in Art. 18 (1) (a) to (d) GDPR is met.

3.6. Right to data portability

Under the conditions set out in Art. 20 (1) GDPR, you have the right to obtain the personal data that you have provided to us in a structured, common and machine-readable format, and the right to transfer this data to another person without any obstruction by us. In exercising the right to data portability, you have the right to obtain that the personal data are transmitted directly by us to another responsible party, as far as technically feasible.

3.7. Right to withdrawal in case of consent

If the processing is based on your consent, you have the right to revoke your consent at any time. The lawfulness of the processing on the basis of the consent until the revocation is not affected.

3.8. Right to complain

You have a right of appeal to the supervisory authority responsible for our company. The supervisory authority responsible for our company is:

Landesbeauftragte für Datenschutz und Informationsfreiheit
Nordrhein-Westfalen
PO Box 20 04 44
D-40102 Düsseldorf (Germany)

Tel .: +49 211 38424-0
Fax: +49 211 38424-10
E-mail:   poststelle@ldi.nrw.de

 

Updated: 30 January 2019

NB: For the compilation of this privacy policy we have, among other means, used the generator available at https://datenschutz-generator.de .