Focus topics
– Ad – Das Redaktions-Team

Welcome to the China.Table. The Professional Briefing from Beijing, Berlin and Brussels. Every morning. By and for experts in commerce, science, state, NGO. Be our guest now.

Data Privacy

Thank you for your interest in our website. Your data is of utmost importance to us, and we make sure to safeguard your privacy. Please take the following information into consideration, so we know that you are aware of the collection and use of your personal data while using our website table.media and the services offered here (hereinafter: “transformer services”). 

I. Contact details of the responsible person and data protection officer.  

Personal data in this context are all data with which you can be personally identified. The responsible party for data processing within the meaning of the General Data Protection Regulation (DSGVO) is.  

Trafo MediaTech GmbH
Wöhlertstraße 12 – 13
D-10115 Berlin
Phone: +49 30 284448 – 0
E-mail: hello@trafo.com

(hereinafter: “we” or “us”)  

You can reach the data protection officer at datenschutz@trafo.com  

II. General Information on Data Processing  

1. Scope of Processing of Personal Data  

In the case of Trafo services, personal data is collected if you provide it to us voluntarily (e.g., for ordering a briefing). We use this data exclusively for the purposes specified in each case, as listed below.  

Our services are reserved for visitors of legal age.  

We contractually bind external service providers, also known as order processors, who process personal data for us in accordance with Art. 28 DSGVO. The processors have been carefully selected by us, specifically commissioned, and are bound by our instructions. The GDPR designates countries outside the European Union/European Economic Area as third countries and regulates the transfer of data to these countries separately in accordance with Articles 44 to 49 of the GDPR. In some cases, we use processors from third countries. The cooperation with these processors is based on standard data protection clauses pursuant to Art. 46 (2) (c) of the GDPR.   

We update technical measures at regular intervals to ensure the protection of personal data. These are modified in accordance with the latest technology in each case. 

2. Legal Basis for the Processing of Personal Data 

Insofar as we receive consent of the data subject for processing operations involving personal data, Art. 6 (1) a) DSGVO serves as the legal basis for the processing of personal data.   

While processing personal data that is necessary for the performance of a contract, to which the data subject is a party, Art. 6 (1) (b) DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.  

The processing of personal data is also lawful pursuant to Art. 6 (1) (f) DSGVO if it is necessary for the purposes of protecting the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedom of the data subject, which require the protection of personal data, particularly where the data subject is a child. 

3. Deletion of Data and Storage Period  

The personal data of the party concerned will be deleted or blocked as soon as the purpose of storage ends. In addition, storage may take place, if this has been allowed by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Blocking or deletion of data also takes place when a storage period prescribed by the above-stated standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract. 

III. Concrete Data Processing   

1. Visit on our Website   

a) Description and Scope of Data Processing  

We collect the following data when you visit our website, which is technically essential for us to display the website to you (hereinafter also referred to as “user”):   

  • Website specifically visited   
  • Date and time at the time of access   
  • Amount of data sent in bytes   
  • Source/reference from where you came to the website   
  • Browser used   
  • Operating system used   
  • The IP address used in anonymized form   

b) Purpose and Legal Basis of Data Processing   

The processing is carried out in accordance with Art. 6 para. 1 lit. f) DSGVO based on our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if concrete indications of illegal use are found.    

c) Duration of Storage   

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is 14 days for the access and activity logs (“server logs”) and the error logs (“error logs”).  

d) Possibility of Objection and Elimination   

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on your part.  

2. Contacting Us   

a) Description and Scope of Data Processing   

Your personal data is collected when you contact us (e.g., via contact form or e-mail). What data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you, and the associated technical administration.  

b) Purpose and Legal Basis of Data Processing   

The legal basis for the processing of data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f) DSGVO. If your contact to us seeks the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) DSGVO.   

c) Duration of Storage   

In the case where it can be inferred from the circumstances that the matter concerned has been conclusively clarified, and if there are no legal storage obligations to the contrary, your data will be deleted after the final processing of your request.  

d) Possibility of Objection and Removal.   

The general information applies, read the end of this privacy policy.   

3. Usage of Cookies   

Our website uses so-called cookies. They serve to make our offer more user-friendly and effective. Cookies are small text files that are stored on your computer and saved by your browser. Some of the cookies we use are so-called “session cookies”, which are automatically deleted when you close the browser. In addition, there are some long-lasting cookies through which we recognize you as a visitor. The exact storage period can be found below in the respective description; otherwise, a validity period of up to two years can be assumed. 

Cookies do not harm your computer and do not contain viruses. If you do not wish to have cookies installed, you can deactivate the acceptance of cookies in your browser. However, we would like to indicate, with deactivated cookies you may not be able to use our website to its full extent. 

The user data collected in this way is pseudonymized by technical precautions. Therefore, an allocation of the data to the calling user as a person is not possible. The data is not stored together with other personal data of the users, unless otherwise described below.  

When first accessing our website, users are informed by info banners about the use of cookies, also referring to this privacy policy. Users can adjust the settings immediately or later.  

Cookies are not already set while you visit the website. 

(1) Web Analytics Cookies:  

(a) Description and Scope of Data Processing   

(i) Cookie banner Borlabs, a software by Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg. It is used to allow users to control cookies and stores these settings. This cookie stays for 1 year or until you change the information by resetting or deleting it in the browser. Further information: https://de.borlabs.io/borlabs-cookie/  

(ii) Google Tag Manager and Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland (“Google”). Google Analytics uses cookies that allow and help to analyze the use of the website by users. IP addresses are anonymized or masked as soon as the data is received by Google Analytics and before it is stored or processed. Pursuant to order processing, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for us and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Information that Google receives as part of interest-based advertising and from third-party providers (e.g. demographic characteristics and gender, as well as interests) may be recorded in the cookie information. This information is stored for 2 years. 

Cookies for ads may be read and written. The full-page URL, including ad click information, is collected. Access to third-party cookies previously set on google.com and doubleclick.net, as well as own conversion cookies (measurement of ad success) is possible. 

We use the web analysis and optimization service Google Optimize to increase the attractiveness, content, and functionality of our website by playing out new features and content to a percentage of our users and statistically evaluating the change in usage. Google Optimize is a sub-service of Google Analytics. 

Further information and modification options: https://policies.google.com/privacy?hl=de#infochoices 

(iii) Piio, a load time optimization service from Piio, Inc, San Francisco, USA. An algorithm for image compression and delivery is set up, referred to as Content Delivery Network (“CDN”). When you call up a web page, your browser loads the required images into your browser cache. For this purpose, the browser you use must connect to Piio’s servers. Piio thereby obtains knowledge that our website was called up via your IP address. Further information: https://app.piio.co/privacy 

b) Purpose and Legal Basis of Data Processing.   

The purpose of the cookie banner is to provide privacy-safe options for the user. According to Art. 6 para. 1 lit. b) DSGVO, the CDN serves the stabilized use of the websites. 

When processing the cookies for Google Tag Manager and Google Analytics, our legitimate interest lies in the processing of personal data according to Art. 6 (1) lit. f) DSGVO: The analysis cookies are used for the betterment of the quality of our website and its content. Through the analysis cookies, we learn how the website is accessed and can therefore constantly optimize our offer. We recognize which advertising measures caused visitors to our website (so-called conversion tracking). In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. In this way, we pursue the interest of showing you content that interests you, making our website more appealing and easier for you to use, and achieving a fair calculation of advertising costs.  

c) Duration of Storage   

Cookies are stored on the user’s computer and transferred by the user to our website. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time.   

d) Possibility of Objection and Removal  

Ihre Cookie-Einstellungen können Sie jederzeit hier anpassen

You can additionally disable or restrict the processing of cookies by the service providers we operate with using the links above.  

(2) Marketing-related Cookies:  

We use the following third party providers to address the user with advertising and to retarget the user (remarketing): 

(i) Google Ads:   

Google uses cookies to offer you with advertisements that are relevant to you. Google assigns a pseudonymous identification number (ID) to your browser for this purpose. This is used to check the kind of ads that were displayed in your browser and the kinds that were called up. The Google Ads cookies enable Google and its partner websites to display ads based on previous visits to our website or other websites on the Internet. No personal data is stored in the cookies. 

The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user does not want to be addressed) are usually stored as analysis values for this cookie. These cookies enable Google to recognize your browser. We as the operator of the website do not receive any personal data. 

With remarketing from Google, we address users who have already visited our websites again through interest-based advertising on the pages of the Google Partner Network. When visiting the website, with the help of cookies, interests can be analyzed and then used for relevant product advertising. Where users have consented to have their web and app browsing history linked by Google to their Google Account and information from our Google Account used to personalize ads they see on third-party websites, Google uses data from these logged-in users together with Google Analytics data to create and define target group lists for cross-device remarketing. To support this feature, Google Analytics collects Google-authenticated IDs of these users. This personal data from Google is temporarily linked with our Google Analytics data to form target groups.   

You can avoid the collection of the data generated by the cookies and related to your use of the website to Google, as well as the processing of this data by Google, by making the appropriate settings under the following link http://www.google.com/settings/ads . For more information, please visit: https://policies.google.com/privacy?hl=de

(ii) Facebook Ads:  

This website uses “Facebook Pixel” provided by Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour Dublin 2, Ireland (“Facebook”). This serves the purpose of presenting interest-based adverts to visitors to our website as part of their visit to the social network Facebook. For this purpose, a pixel from Facebook has been implemented on our website. Via this pixel, a direct connection to the Facebook servers is established when visiting our website. In the process, it is transmitted to the Facebook server that you have visited our website and Facebook assigns this information to your personal Facebook user account.   

“Website Custom Audiences” is implemented as a pixel to advertise on the social network. Facebook operates in the appropriate level of data protection. When you visit our website, a direct connection between your browser and the Facebook server is established via the pixel. If you are a Facebook user and do not delete the cookies before logging in there, Facebook can thereby assign the visit to our website to your user account. We can only select to which segments of Facebook users (such as age, interests) our advertising should be displayed. In this process, no personal data records, in particular no e-mail addresses of our users – neither encrypted nor unencrypted – are transmitted to Facebook. Facebook may be informed about browser and device types, cookie ID, number and amount of orders. For more information, please see Facebook’s privacy policy at https://www.facebook.com/about/privacy. Please click here if you as a Facebook user do not wish to have any data collected via Custom Audiences: https://www.facebook.com/settings?tab=ads 

(iii) LinkedIn Ads  

We use the conversion tracking technology and the retargeting function of LinkedIn Corporation LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA (“LinkedIn”) on our website.  

With the help of this technology, visitors to this website can be shown personalized advertisements on LinkedIn. Furthermore, it is also possible to create anonymous reports on the performance of the advertisements as well as information on website interaction. For this purpose, the LinkedIn Insight tag is embedded on this website, which establishes a connection to the LinkedIn server, if you visit this website and are logged into your LinkedIn account at the same time. 

Please read LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy  for more information on data collection and use, as well as the options and rights to protect your privacy. If you are logged in to LinkedIn, you can deactivate the data collection at any time under the following link: https://www.linkedin.com/psettings/enhanced-advertising . 

(iv) Bing Ads  

“Bing” advertising network owned by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, (“Microsoft”). This service operates as a joint data processor with us and in the appropriate level of data protection. Here, a cookie is set by Microsoft, if the user accessed the web pages via a Microsoft Bing ad. In this way, Microsoft Bing and we can recognize that someone has clicked on an ad, been redirected to our website, and reached a previously determined target page (conversion page). Also, the same conditions apply as for the aforementioned conversion tracking of Google accordingly. Further information on data protection at Microsoft and the cookies used can be found at https://www.microsoft.com/privacystatement/de-de/core/default.aspx . Customers can also for the future object to tracking by Microsoft by opting out for the same at http://choice.microsoft.com/de-de/opt-out . 

(v) Twitter Ads  

We use “Twitter Ads” on our website, a service provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland (“Twitter”). With the help of the Twitter pixel, we can specifically track users’ actions after they have seen or clicked on a Twitter ad. This procedure is used to evaluate the effectiveness of Twitter ads for statistical and market research purposes and can help to optimize future advertising measures. Statistical, pseudonymous data is transferred to Twitter so it provides us with corresponding statistics on this basis and to be able to show you interest-specific offers. This data is stored in a cookie. 

The data collected is anonymous for us, so that we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Twitter so that a connection to the respective user profile is possible and Twitter can use the data for its own advertising purposes in accordance with the Twitter privacy policy: https://twitter.com/privacy

We have no influence on the scope and further use of data collected by Twitter by using Twitter Pixel. 

You can disagree to the above-mentioned collection by Twitter Pixel as well as the use of your data for the display of Twitter Ads. 

Settings related to the types of advertisements that are displayed to you within Twitter can be customized on the following Twitter website: https://twitter.com/personalization

You can adjust your Twitter privacy settings and consents in your account settings at: https://twitter.com/account/settings and https://help.twitter.com/de/safety-and-security/privacy-controls-for-tailored-ads

b) Purpose and Legal Basis of Data Processing   

As far as our use of cookies means processing of personal data, the legal basis is Art. 6 para. 1 lit. b, lit. f DSGVO. 

The advertising of our service on third-party websites is essential for the acquisition of new customers and thus the economic operation of the website. Retargeting is done to re-address previous users of our websites on third-party websites and motivate them to interact. Users receive advertising content on third-party websites that is related to their interests instead of just general. 

c) Duration of Storage  

Cookies are stored on the user’s computer and transported by the user to our website. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. 

d) Possibility of Objection and Removal.  

You can disable or restrict the processing of cookies by the service providers we use by using the links above. Furthermore, you can use the preference management of the voluntary commitment “yourchoices” for interest-based advertising: http://www.youronlinechoices.com/de/praferenzmanagement/ 

The objection is valid as long as the associated OptOut cookie is not deleted. This cookie is set for the domain, per browser and user of a computer. If you access our website from multiple end devices and browsers, you must therefore refute to the data collection separately and again on each of these devices and in each browser.  

You can change your cookie settings at any time here (Link) 

4. Briefings (Newsletter) and other News as well as Login.  

a) Description and Scope of Data Processing   

On our website, it is possible to subscribe to briefings, i.e., free newsletters and newsletters subject to licensing. When you register for the briefing, the following data is transmitted to us:   

  • Salutation, first and last name, e-mail address  
  • Company name and telephone number (optional)   
  • IP address of the calling computer   
  • Date and time of registration  

For the processing of data, your consent is obtained during the registration, and reference is made to these data protection provisions. You will first receive an e-mail requesting confirmation of your registration (so-called double-opt-in procedure).   

In addition, for briefings requiring a license, we store the status of the license usage and payment details for this.  

If you are already registered with us, we will create messages for you via electronic communication channels as individually as possible, considering your previous interests. We request you to participate in surveys for your feedback by e-mail (see below).  

If you book our services and provide your e-mail address, this may subsequently be used by us to send a message. In such a case, only direct advertising for our own similar goods or services will be sent via messages. You will be informed about this regulation during registration or booking.  

We would like to mention that we measure the use of the briefings. For the evaluation, the sent emails contain so-called web beacons or tracking pixels, which are single-pixel image files that are stored on our website. For the evaluation, we link the data and the web beacons with your e-mail address and an individual ID. Links included in the briefing are also provided with ID. With the data obtained in this way, we create a user profile to tailor the briefing to your individual interests. In doing so, we record when you read our briefing, which links you click on in it, and infer your personal interests from this. We link this data to your actions on our website.  

There is no transfer of data to third parties for their own purposes in connection with the data processing for the dispatch of briefings.     

We use the MailChimp service for sending the briefing. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. MailChimp has committed to us as part of an order data processing. Further information: https://mailchimp.com/legal/terms/.  

You can log in to the website with the e-mail address with which you registered. For this purpose, you will receive a unique link by e-mail upon your request, which will allow you access without an additional password. A cookie is set to save the status of the active login. 

b) Purpose and Legal Basis of Data Processing   

The purpose of collecting the e-mail address is to deliver briefings. The legal basis for the processing of the data after registration for the briefing is Art. 6 para. 1 lit. a) DSGVO due to the existence of consent. 

The legal basis for sending the messages as a result of the sale of goods or services is Section 7 (3) UWG. Profiling based on past use of the briefing is done in our legitimate interest to send relevant messages to users. In addition, the opening rates are used to check compliance with the scope of the license. The legal basis for the surveys and usage measurement is Art. 6 para. 1 lit a), lit f) DSGVO.  

The cookie for recording the active login is required according to Art. 6 para. 1 lit. b) DSGVO to enable a visit to this area without repeated login. 

c). Duration of storage   

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Accordingly, the e-mail address is stored as long as the subscription to the briefing or the relevant license is active. After unsubscribing, we store the data purely statistically and anonymously.  

The cookie for active login is stored for 7 days. 

d) Possibility of Objection and Cancellation   

The subscription to the Briefing can be cancelled by the recipient at any time. For this purpose, a corresponding link is provided in each Briefing. This is regardless of the span of the license. You can also restrict the usage measurement by deactivating the display of images by default in your e-mail program. 

The active login cookie can be deleted by deleting it in the browser (as described above). 

5. Communication and Management of Customer Data  

a) Description and Scope of Data Processing   

Communication with our users (interested parties and customers) takes place via various channels.  The stored information can be used by us to contact visitors to our website and to determine which of our company’s services are of interest to them.   

We store contact information and data required for billing the licenses in our Customer Management System of HubSpot. HubSpot is a software company from the USA with a branch in Ireland (HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland). Hubspot has made a contractual commitment to us within the framework of commissioned data processing. Further information: https://legal.hubspot.com/de/privacy-policy   

Telephone service requests and the matching or forwarding of telephone numbers for this purpose are handled by the provider Aircall. The service provider Aircall.io, Inc. is based in the USA at 33 W 17th St, New York, NY 10011. Its European subsidiary is Aircall SAS, 42, rue du Faubourg Poissonnière, 75010, Paris, France. For more information: https://aircall.io/privacy/.  

For the integration of the different databases we use the services of PieSync NV, Notarisstraat 1, 9000 Ghent, Belgium as well as Zapier, Inc., 548 Market St. #62411, San Francisco, CA 94104-5401, USA. PieSync and Zapier have contractually committed to us in the context of commissioned data processing. Further information: https://www.piesync.com/legal/privacy-policy or https://zapier.com/privacy 

b) Purpose and Legal Basis of Data Processing.   

The legal basis for the processing of data is Art. 6 para. 1 lit. a and lit. b and lit. f DSGVO. It is our contractual obligation and our overriding economic interest to contact existing customers or to acquire new customers. The processing in databases is a necessary consequence of the communication with our customers.  

c). Duration of Storage   

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case for data collected during the registration process for the fulfillment of a contract or for the implementation of pre-contractual measures, when the data is no longer required for the implementation of the contract. Even after the conclusion of the contract, there may be a need to store personal data of the contractual partner in order to comply with contractual or legal obligations. If there is no activity in the customer account for a period of 6 years, the customer account will be deleted.   

d) Possibility of Objection and Cancellation   

As a user you have the possibility to cancel the registration at any time by sending an e-mail to us. You can always have the data stored for you changed at any time. For further information, please see “Rights of data subjects” below.   

If the data is required for the performance of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.  

6. Google Web Fonts   

a) Description and Scope of Data Processing   

The Google Web Fonts service is used on this website. The service is provided by Google Ireland Limited Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. With the help of Google Web Fonts, we can load and display external fonts, so-called Google Fonts, on our website. Google Web Fonts is integrated locally on our website. This means that the fonts are not loaded from Google servers.  

In the context of processing via Google Web Fonts, the IP address is processed.   

b) Purpose and Legal Basis of the Data Processing.   

The legal basis for this processing is Art. 6 (1) lit. f DSGVO. Our legitimate interest in processing is to present the website in an attractive and user-friendly manner. Local hosting ensures that no data is transmitted to Google, a corresponding data transfer does not take place.  

c). Duration of Storage   

The personal data will be kept as long as they are necessary to fulfill the purpose of the processing. 

d) Possibility of Objection and Elimination   

The data will be deleted as soon as they are no longer required to achieve the purpose.  

7. Surveys  

a) Description and Scope of Data Processing   

We may ask you to participate in surveys and feedback via forms by email or when visiting our website. Participation is always voluntary. We do not ask for any personal data in the forms. We therefore collect anonymous information unless you provide it yourself (e.g., enter your name). If we could assign the data directly to you, we would indicate this separately before completing the form. 

We use the service provider SurveyMonkey Europe UC, 2 Shelbourne Buildings, 2nd Floor, Shelbourne Road, Ballsbridge, Dublin 4, Ireland. The service provider has made a commitment to us in the context of commissioned data processing. Cookies are processed in its forms (see “Use of cookies” above and https://de.surveymonkey.com/mp/legal/survey-page-cookies/).   

Further information: https://www.surveymonkey.de/mp/legal/privacy/   

b) Purpose and Legal Basis of Data Processing.   

The legal basis for this processing is Art. 6 (1) lit. f) DSGVO.   

The request for surveys and ratings are also in our legitimate interest because they improve our offer and increase the reach through (positive) ratings.  

c). Duration of Storage   

The personal data will be kept for the time necessary to fulfill the purpose of the processing.  

d) Possibility of Objection and Deletion.   

The data will be deleted as soon as they are no longer necessary to achieve the purpose.  

8. Social Networks  

1. Description and Scope of Data Processing 

You can also find us on social networking sites. A social network is a social meeting place operated on the Internet, an online community that usually allows users to communicate and interact with each other in virtual space. A social network can serve as a platform for exchanging opinions and experiences or enables the internet community to provide personal or company-related information. In addition, we have also integrated individual functions of these networks into our online services as so-called plug-ins. However, you can only use functions if you are registered and logged in to the respective social networking website. Please note that the use of the respective social network is subject to the terms of use and privacy policy of that company, over which we have no control. However, we will be happy to explain to you how such networks process your personal data in this context: 

i) Facebook  

We have integrated Facebook components on this website. Each time one of the individual pages of this website operated by us and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the information technology system of the data subject is automatically caused by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. Within the scope of this technical procedure, Facebook receives knowledge of which specific sub-page of our website is visited by the data subject. If the data subject is logged in to Facebook at the same time, Facebook recognizes which specific sub-page of our website the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject activates one of the Facebook buttons integrated on our website, for example the “Like” button, or if the data subject posts a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data. Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is simultaneously logged into Facebook at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If such transmission of this information to Facebook is not desired by the data subject, he or she can prevent the transmission by logging out of his or her Facebook account before calling up our website. The data policy published by Facebook, which can be accessed at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook. 

(ii) Twitter   

On our website, plugins of the short message network of Twitter Inc. (Twitter) are integrated. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found under this link at Twitter: dev.twitter.com/web/tweet-button 

When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter “tweet button” while logged into your Twitter account, you can link the content of our pages on your Twitter profile. This allows Twitter to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. 

If you do not wish Twitter to be able to associate your visit to our pages, please log out of your Twitter user account.  

You can find more information on this in Twitter’s privacy policy, which you can view here: twitter.com/de/privacy   

(iii) YouTube   

We use services from YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA, a Google Inc. company, Amphitheatre Parkway, Mountain View, CA 94043, USA, on our website.  

If you are logged in to YouTube at this time, the information about the videos you watch will be assigned to your member account with YouTube. You can prevent this by logging out of your member account before visiting our website. 

Further information on YouTube privacy is provided by Google at the following link: https://www.google.de/intl/de/policies/privacy/ 

a) Purpose and Legal Basis for Data Processing  

Insofar as there is processing of personal data on the part of the social networks, the legal basis is Art. 6 para. 1 lit. b, lit. f DSGVO. In addition, there is consent vis-à-vis us and the social network pursuant to Art. 6 para. 1 lit. a DSGVO.  

In the case of processing, our legitimate interest lies in the processing of personal data pursuant to Art. 6 para. 1 lit. f DSGVO: The websites are enhanced with more attractive content and the users of the networks can interact directly with them. 

c) Duration of Storage  

The collection is carried out by the above-mentioned networks, where you as a member will receive information on the duration of storage.  

d) Possibility of Objection and Elimination  

If you do not want social networks to directly assign the data collected via our website to your respective account, you must log out of them before visiting our website. You can assert your rights as a member under the data protection provisions vis-à-vis the networks. You can also prevent the loading of the plugins with add-ons for your browser. 

9. Social Networks Audience  

a) Description and Scope of Data Processing  

We use the LinkedIn Matched Audiences service.  For this purpose, a customer list is hashed locally in the browser and then transmitted to LinkedIn. There, it is compared with the existing list of hashed IDs of LinkedIn users. Encryption, or hashing, converts the data into short “fingerprints” that cannot be converted back. This is done before the data is sent to LinkedIn. LinkedIn tags the data that have provided with hash values. The matches so known LinkedIn users are then added to the relevant group. LinkedIn does not collect any new personal data in the process.  The matching and non-matching hash values are deleted. 

b) Purpose and Legal Basis of the Data Processing  

The measure is carried out with the intension to deliver more suitable advertising on LinkedIn to users registered there. The legal basis for the processing of personal data when using LinkedIn Matched Audiences is Art. 6 para. 1 lit. a DSGVO (your consent to us and LinkedIn). 

c) Duration of Storage  

The collection is carried out by LinkedIn, where you as a member will receive information on the duration of storage.  

d) Possibility of Objection and Elimination  

LinkedIn members can customize settings individually: https://www.linkedin.com/psettings/messages 

IV. Rights of the Data Subjects  

The applicable data protection law grants you comprehensive data subject rights (rights of information and intervention) vis-à-vis the controller with regards to the processing of your personal data, which we inform you about below. You can always contact us for this purpose (see details at the beginning of these data protection provisions). 

1. Right to Information  

You may request confirmation from the controller as to whether personal data concerning you is being processed by us.   

If there is such processing, you can request information from the controller about the following: 

  • the purposes for which the personal data are processed; 
  • the categories of personal data which are processed;  
  • the recipients or categories of recipients to whom the personal data concerning you have been disclosing or will be disclosed; 
  • the planned duration of the storage of the personal data concerning you or, if concrete information on this is not possible, criteria for determining the storage duration; 
  • the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;  
  • the existence of a right to appeal to a supervisory authority; 
  • any available information on the origin of the data, if the personal data are not collected from the data subject; 
  • the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject. 
  • You have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 DSGVO in connection with the transfer. 

2. Right to Rectification   

You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is inaccurate or incomplete. The controller shall carry out the rectification without undue delay. 

3. Right to Restriction of Processing  

Under the following conditions, you may request the restriction of the processing of personal data concerning you: 

  • if you deny the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data; 
  • the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data; 
  • the controller no longer needs the personal data for the purposes of processing, but you need them for the assertion, exercise or defense of legal claims, or 
  • if you have objected to the processing pursuant to Art. 21 (1) DSGVO and it is not yet clear whether the legitimate grounds of the controller outweigh your grounds. 

Where the processing of personal data concerning you has been restricted, such data may be processed, with the exception of storage, only with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.  

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted. 

4. Right to Deletion  

a) Obligation to Delete  

You may request from the controller that the personal data concerning you be erased without undue delay, and the controller is obliged to erase such data without undue delay, provided that one of the following reasons applies: 

  • The personal data concerning you is no longer necessary for the purposes for which they were collected or otherwise processed. 
  • You revoke your consent on which the processing was based pursuant to Art. 6 (1) a) or Art. 9 (2) a) DSGVO and there is no other legal basis for the processing.  
  • You object to the processing pursuant to Art. 21 (1) DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) DSGVO.  
  • The personal data concerning you has been processed unlawfully.  
  • The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.   
  • The personal data concerning you has been collected in relation to information society services offered in accordance with Art. 8(1) DSGVO. 

b) Information to Third Parties  

If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) of the GDPR, it shall take reasonable measures, including technical measures, having regard to the available technology and the cost of implementation, to inform data controllers which process the personal data that you, as the data subject, have requested that they erase all links to or copies or replications of such personal data.  

c) Exceptions  

The right to erasure does not exist insofar as the processing is necessary  

  • for the exercise of the Right to Freedom of Expression and Information;  
  • for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (These are, for example, commercial and tax retention obligations.); 
  • for reasons of public interest in the area of public health pursuant to Art. 9 (2) (h) and (i) and Art. 9 (3) DSGVO;  
  • for archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) DSGVO, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or  
  • for the assertion, exercise or defense of legal claims. 

5. Right to Information  

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.  

You have the right against the controller to be informed about these recipients. 

6. Right to Data Portability  

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided, provided that 

  • the processing is based on consent pursuant to Art. 6 (1) a) DSGVO or Art. 9 (2) a) DSGVO or on a contract pursuant to Art. 6 (1) b) DSGVO and  
  • the processing is carried out with the help of automated procedures. 

In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.  

The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. 

7. Right to Objection  

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) DSGVO; this also applies to profiling based on these provisions.   

The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.  

If the personal data concerning you is processed for the purpose of direct marketing, you have the right pursuant to Article 21 (2), (3) DSGVO to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.  

If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.  

You have the possibility, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by means of automated procedures using technical specifications. 

8. Right to Revoke the Declaration of Consent under Data Protection Law.  

You have the right to revoke your declaration of consent under Data Protection Law at any time. The revocation of consent does not affect the lawfulness of the processing previously carried out on the basis of consent. 

9. Automated Decision in Individual Cases including Profiling.  

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects vis-à-vis you or similarly significantly affects you. This does not apply if the decision   

  • is necessary for the conclusion or performance of a contract between you and the controller,  
  • is permissible on the basis of legal provisions of the Union or the Member States to which the controller is subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests, or  
  • is carried out with your explicit consent. 

However, these decisions may not be based on special categories of personal data pursuant to Article 9(1) of the GDPR, unless Article 9(2)(a) or (g) applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.  

With regard to the cases mentioned in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms as well as your legitimate interests, which include, at a minimum, the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision. 

10. Right to Complain to a Supervisory Authority  

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your residence, workplace, or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.  

The supervisory authority to which the complaint has been filed will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.  

11. Validity of this Privacy Policy  

We reserve the right to amend this Privacy Policy from time to time. The current version is available from our website. If a change significantly restricts rights of registered users, we will notify them. Furthermore, the currently available privacy policy is valid for our website users.  

Status December 2020