429 Too Many Requests

429 Too Many Requests


nginx

Addendum Privacy Policy

Addendum Privacy Policy

 

More information about:

  • Social Media and Applications
  • Rights of the Data Subject

 

Extended text for Social Media and Other (digital) applications

 

On Our Website we have integrated several applications (and services, components, and tools) of Third Parties. We do permit these Third Parties to collect Personal Data as described in our Privacy Policy for the business purposes described hereinafter.

Hereinafter you will find the data protection provisions about these applications and use of it. We separate it into 2 sections: 1) Social Media; 2) Other (digital) applications.

Our Website has buttons of the following social media providers. We advise you to carefully read their privacy information.

 

Name of processor / Third Party

Privacy information

This was valid on:

1

Facebook, Inc.

https://www.facebook.com/policy.php

01 Jul 21

2

Instagram, Inc.

https://help.instagram.com/519522125107875

01 Jul 21

3

LinkedIn Corporation

https://www.linkedin.com/legal/privacy-policy

01 Jul 21

4

Twitter, Inc

https://www.twitter.com/privacy

01 Jul 21

5   

YouTube, LLC

https://www.youtube.com/howyoutubeworks/user-settings/privacy/

01 Jul 21

 

Privacy Information of other applications that we may use on our Website:

 

Name of processor / Third Party

Privacy information

This was valid on:

6

Cloudflare, Inc

https://www.cloudflare.com/en-gb/privacypolicy/

01 Jul 21

7

Cookiebot (Cybot A/S)

https://www.cookiebot.com/en/privacy-policy/

01 Jul 21

8

Google Ireland Ltd

https://policies.google.com/privacy

01 Jul 21

9

HotJar Limited

https://www.hotjar.com/legal/policies/privacy/

01 Jul 21

10

HubSpot Inc.

https://legal.hubspot.com/privacy-policy

01 Jul 21

11

Magento

https://magento.com/gdpr

01 Jul 21

12

Matomo Innocraft

https://matomo.org/privacy-policy/

01 Jul 21

13

Oracle America, Inc. (AddThis)

https://www.oracle.com/legal/privacy/addthis-privacy-policy.html

01 Jul 21

14

Zoom Video Communications Inc.

https://zoom.us/privacy

01 Jul 21

 

1. Facebook, Inc

 

Who

Facebook is a web-based social network. A social network is a place for social meetings on the Internet, an online community, which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for the exchange of opinions and experiences or enable the Internet community to provide personal or business-related information. Facebook allows social network users to include the creation of private profiles, upload photos, and network through friend requests.

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives within the European economic area, the Controller is the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

 

How

With each call-up to one of the individual pages of our Website, and into which a Facebook component (Facebook plug-ins) was integrated, the Browser is automatically prompted to download display of the corresponding Facebook component from Facebook through the Facebook component. During this technical procedure, Facebook is made aware of what specific sub-site of Our Website was visited by the user.

If the user is logged in at the same time on Facebook, Facebook detects with every call-up to Our Website by the user—and for the entire duration of their stay on our Website—which specific sub-site of our page was visited by him or her. This information is collected through the Facebook component and associated with the respective Facebook account of the user. If he or she clicks on one of the Facebook buttons integrated into Our Website, e.g., the "Like" button, or if he or she submits a comment, then Facebook matches this information with the personal Facebook user account of the user and stores the Personal Data.

Facebook always receives, through the Facebook component, information about a visit to Our Website by the user, whenever he or she is logged in at the same time on Facebook during the time of the call-up to Our Website. This occurs regardless of whether the user clicks on the Facebook component or not. If such a transmission of information to Facebook is not desirable for the user, then he or she may prevent this by logging off from their Facebook account before a call-up to Our Website is made.

The HTTP cookie “fr” is used by Facebook for real-time bidding of external advertisers and is stored for 3 months on the Browser of the website visitor. The pixel tracker “tr” is used by Facebook for real-time bidding of external advertisers and is used per session.

 

Why

Facebook is used by us for the data subject to server them their social network opportunities and for us for marketing purposes.

 

Stored

The data protection guideline published by Facebook on their website, provides information about the collection, Processing, storage, and use of Personal Data by Facebook. In addition, it is explained there what setting options Facebook offers to protect the privacy of the data subject. In addition, different configuration options are made available to allow the elimination of data transmission to Facebook. These applications may be used by the user to eliminate a data transmission to Facebook.

 

Note: The cookie of Google Tag Manager “_fbp” is also used by Facebook, for several advertisement products, such a real-time bidding of external advertisers.

 

Transfer

Facebook complies with the EU-US and Swiss-US Privacy Shield principles. If you have a Privacy Shield-related complaint, you must contact TRUSTe.

 

2. Instagram, Inc

 

Who

Instagram is an American photo and video and stories sharing social networking service owned by Facebook.

The operating company of Instagram, Inc. is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives within the European economic area, the Controller is the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

 

How

Instagram uses the cookies of Facebook on our Website.

 

Why

Instagram is used by us for the data subject to server them their social network opportunities and for us for marketing purposes.

 

Stored

See the information of Facebook.

 

3. LinkedIn Corporation

 

Who

LinkedIn is a web-based social network that enables users with existing business contacts to connect and to make new business contacts. Over 400 million registered people in more than 200 countries use LinkedIn. Thus, LinkedIn is currently the largest platform for business contacts and one of the most visited websites in the world.

The operating company of LinkedIn is LinkedIn Corporation, Legal Department – Privacy, 1000 W. Maude Ave., Sunnyvale, California 94085, United States. Responsible for privacy matters outside of the United States is LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

 

How

With each call-up to one of the individual pages of our Website on which a LinkedIn component (LinkedIn plug-in) was integrated, the Browser is automatically prompted to the download of a display of the corresponding LinkedIn component of LinkedIn. During this technical procedure, LinkedIn gains knowledge of what specific sub-page of Our Website was visited by the user.

If the user is logged in at the same time on LinkedIn, LinkedIn detects with every call-up to Our Website by the user—and for the entire duration of their stay on our Website—which specific sub-page of our Website was visited by the user. This information is collected through the LinkedIn component and associated with the respective LinkedIn account of the user. If the he or she clicks on one of the LinkedIn buttons integrated on Our Website, then LinkedIn assigns this information to the personal LinkedIn user account of the user and stores the Personal Data.

LinkedIn receives information via the LinkedIn component that the user has visited Our Website, provided that the user is logged in at LinkedIn at the time of the call-up to Our Website. This occurs regardless of whether the person clicks on the LinkedIn button or not. If such a transmission of information to LinkedIn is not desirable for the data subject, then he or she may prevent this by logging off from their LinkedIn account before a call-up to Our Website is made.

 

Why

LinkedIn is used by us for the data subject to server them their social network opportunities and for us for marketing purposes.

 

Stored

LinkedIn provides the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads, as well as the ability to manage ad settings (see the website under “guest-controls”). LinkedIn also uses affiliates such as Eire, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame. The setting of such cookies may be denied.

 

Transfer

LinkedIn Corporation complies with the EU-US and Swiss-US Privacy Shield principles. LinkedIn uses Standard Contractual Clauses (also known as EU Model Clauses) for the transfer of personal data out of the EU.

 

4. Twitter, Inc

 

Who

Twitter is a multilingual, publicly accessible microblogging service on which users may publish and spread so-called ‘tweets,’ e.g., short messages, which are limited to 140 characters. These short messages are available for everyone, including those who are not logged on to Twitter. The tweets are also displayed to so-called followers of the respective user. Followers are other Twitter users who follow a user's tweets. Furthermore, Twitter allows us to address a wide audience via hashtags, links, or retweets.

The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States.

 

How

With each call-up to one of the individual pages of Our Website, on which a Twitter component (Twitter button) was integrated, the Browser is automatically prompted to download a display of the corresponding Twitter component of Twitter. During this technical procedure, Twitter gains knowledge of what specific sub-page of Our Website was visited by the user.

If user is logged in at the same time on Twitter, Twitter detects with every call-up to Our Website by the data subject and for the entire duration of their stay on our Website which specific sub-page of our Website was visited by the data subject. This information is collected through the Twitter component and associated with the respective Twitter account of the data subject. If the data subject clicks on one of the Twitter buttons integrated on Our Website, then Twitter assigns this information to the personal Twitter user account of the user and stores the Personal Data.

Twitter receives information via the Twitter component that the user has visited Our Website, provided that the data subject is logged in on Twitter at the time of the call-up to Our Website. This occurs regardless of whether the person clicks on the Twitter component or not. If such a transmission of information to Twitter is not desirable for the user, then he or she may prevent this by logging off from their Twitter account before a call-up to Our Website is made. When the user uses Twitter, even just by looking at Tweets, Twitter receives some personal information from the user like the type of device and IP address. User can choose to share additional information with Twitter like email address, phone number, address book contacts, and a public profile.

 

Why        

Twitter uses this information for things like keeping users’ account secure and showing more relevant Tweets, people to follow, events, and ads. The purpose of the integration of the Twitter component is a retransmission of the contents of Our Website to allow our users to introduce this page to the digital world and increase our visitor numbers.

 

Stored

According to the data protection provisions of Twitter they keep Log Data for a maximum of 18 months.

 

Transfer

Twitter, Inc. complies with the EU-US and Swiss-US Privacy Shield principles. If you have a Privacy Shield-related complaint, you must contact Twitter.

 

5. YouTube, LLC

 

Who

YouTube is an Internet video portal that enables video publishers to set video clips and other users free of charge, which also provides free viewing, review and commenting on them.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, United States. The YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

YouTube is a part of Google and adheres to Google’s privacy policies and principles.

 

How

With each call-up to one of the individual pages of Our Website on which a YouTube component (YouTube video) was integrated, the Browser is automatically prompted to download a display of the corresponding YouTube component. During this technical procedure, YouTube, and Google gain knowledge of what specific sub-page of Our Website was visited by the data subject.

If the user is logged in on YouTube, YouTube recognizes with each call-up to a sub-page that contains a YouTube video, which specific sub-page of our Website was visited by the user. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.

 

Why

YouTube allows us to publish all kinds of videos, so the user can access both full movies and TV broadcasts, as well as music videos, trailers, and videos made by users via the Internet portal. YouTube and Google will receive information through the YouTube component that the data subject has visited Our Website, if the user at the time of the call to Our Website is logged in on YouTube; this occurs regardless of whether the person clicks on a YouTube video or not. If such a transmission of this information to YouTube and Google is not desirable for the user, the delivery may be prevented if he or she logs off from their own YouTube account before a call-up to Our Website is made.

On our Website are several cookies of YouTube, for statistical and marketing purposes.

 

Stored

See the privacy information of Facebook.

 

Transfer

YouTube LLC complies with the EU-US and Swiss-US Privacy Shield principles.

 

6. Cloudflare, Inc

 

Who

Cloudflare, Inc is an American web infrastructure and website security company, providing content delivery network services, DDoS mitigation, Internet security, and distributed domain name server services. Cloudflare's services sit between a website's visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites. Cloudflare's headquarters are in the United States, 101 Townsend St., San Francisco, CA 94107.

 

How

The HTTP cookie __cfduid is used by the content network, Cloudflare, to identify trusted web traffic. The HTTP cookie __cfruid is part of the services offered by Cloudflare - including load balancing, delivery of website content and providing a DNS connection for website operators.

These cookies may be set by Cloudflare or by their third parties with whom they have partnered to assist in marketing efforts.

 

Why

We use these cookies for the safety of our Website and our website visitors.

 

Stored

The HTTP cookie __cfduid is stored for 29 days on the Browser of the website visitor. The HTTP cookie __cfruid is only available per session. Cloudflare collects limited DNS query data that is sent to their 1.1.1.1 resolver, which does not log personal data, and the bulk of the limited non-personally identifiable query data is only stored for 25 hours. Cloudflare processes on our behalf, which may include but is not limited to IP addresses, system configuration information, and other information about traffic to and from our Website, devices, applications, and/or networks (collectively, “Log Data”).

 

Transfer

Cloudflare: we no longer rely on the EU-U.S. and Swiss-U.S. Privacy Shields as a basis under the EU General Data Protection Regulation (GDPR) for the transfer of personal data from the EU, UK, and Switzerland to the United States. Whenever Cloudflare shares personal information originating in the EEA, the UK, or Switzerland with a Cloudflare entity outside the EEA, the UK, or Switzerland, we will do so on the basis of the EU standard contractual clauses (adjusted to address transfers from the UK).

 

7. Cybot A/S (Cookiebot)

 

Who

Cookiebot is an application of Cybot A/S, which is a European that provides transparency and control over all the cookies and similar tracking on websites. Cybot A/S is situated in Danmark, Havnegade 39, 1058 Copenhagen.

 

How

The HTTP cookie CookieConsent [x2] saves the cookie status of the website visitor for the used domain. The HTTP cookie CookieConsentBulkSetting-# saves cookie consent for one of more websites.

 

Why

We use these cookies to save the consent or preferences of the visitors of our Website.

 

Stored

The HTTP cookie “CookieConsent [x2]” is stored for 1 year on the Browser of the website visitor. The HTTP cookie “CookieConsentBulkSetting-#” is persistent.

 

8. Google Ireland Limited (Google, Google Analytics and Google Ads and Google Tag Manager, Google ReCaptcha)

 

Who

Google Ads (f.k.a. Google AdWords) is a service for Internet advertising that allows the advertiser to place ads in Google search engine results and the Google advertising network. Google Ads allows an advertiser to pre-define specific keywords with the help of which an ad on Google's search results only then displayed when the user utilizes the search engine to retrieve a keyword-relevant search result. In the Google Advertising Network, the ads are distributed on relevant pages using an automatic algorithm, considering the previously defined keywords.

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic, currently as a platform inside the Google Marketing Platform brand.

Google Tag Manager is a tag management system that allows you to create and monitor tags on a user interface, without writing new code each time you want to construct a tag.

Google Recaptcha works by tracking and analysing your user’s behaviour on our website. This includes looking at how the user navigates through the site with their mouse, how they click between content, the time they take to complete tasks like fill in forms and the device they are using to load the website. From this data, combined with whether the user is logged into a Google account already or not, the tool generates a score of how likely the user is to be a bot. (example: if a user loaded the homepage of a website first, then clicked through to a page about a product feature. And then clicked through to a get a quote form to type in their contact information over a few minutes. This would appear as a fairly genuine use of the website. However, if the user came direct to the page with the get a quote form, filled in the contact details within 1 second and then submitted the form, this would appear suspicious. It’s too fast for a human. Therefore it would be challenged, with a captcha pop up.) The concept makes sense. The more data you can collect, the better you can analyse whether a user is real or not. It’s effective and serves a genuine business purpose – e.g. reduces spam.

The operating company of Google for European customers is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, which is an affiliated company of Google LLC.

 

How

If a user reaches Our Website via a Google ad, the pixel tracker: “ads/ga-audiences” is filed by Google Ads on the Browser of the website visitor.

 

Why

The pixel tracker is used to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. If the cookie has not expired, the conversion cookie is used to check whether certain sub-pages, e.g., the shopping cart from an online shop system, were called up on Our Website. Through the tracker, both Google and the Controller can understand whether a person who reached an Ads ad on Our Website generated sales, that is, executed or cancelled a sale of goods. The purpose of Google Ads is the promotion of Our Website by the inclusion of relevant advertising on the websites of third parties and in the search engine results of the search engine Google and an insertion of third-party advertising on Our Website. The data and information collected using the conversion cookie is used by Google to create visit statistics for Our Website. These visit statistics are used to determine the total number of users who have been served through Ads ads to ascertain the success or failure of each Ads ad and to optimize our Ads ads in the future. Neither our company nor other Google Ads advertisers receive information from Google that could identify the website visitor.

Google Tag Manager lets us measure our advertising ROI as well as track your Flash, video, and social networking sites, and applications.

 

Store

The tracking pixel stores the Internet pages visited by the user, during the session. Each time one visits Our Website, the IP address of the Internet access used by the visitor (Personal Data), is transmitted to Google in the United States of America. These Personal Data are stored by Google in the United States. Google may pass these Personal Data collected through the technical procedure to third parties.

The user may, at any time, prevent the setting of cookies by Our Website, by means of a corresponding setting of the Browser used and thus permanently deny the setting of cookies. Such a setting of the Browser used would also prevent Google from placing a tracker on his or her browser. In addition, a cookie set by Google Ads may be deleted at any time via the Browser or other software programs.

The user has a possibility of objecting to the interest-based advertisement of Google. Therefore, he or she must access from each of the Browsers in use the website of Google and set the desired settings. Further information and the applicable data protection provisions of Google may be retrieved on google (dot) com.

 

Transfer

Google, Inc complies with the EU-US and Swiss-US Privacy Shield principles. The Google Ads Controller-Controller Data Protection Terms (October 2020) are applicable.

 

Note: The cookie of Google Tag Manager is also used by Facebook, for several advertisement products, such a real-time bidding of external advertisers.

 

9. HotJar Limited

 

Who

HotJar Limited is a European web analytics provider. The headquarter of Hotjar is: Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julian’s STJ 3155, Malta.

 

How

Hotjar is a set of analytics tools that help you to collect qualitative data. These tools include heatmaps, funnel tracking, user polls, surveys and more.

 

Why

Hotjar gives insight into the visitor behaviour on our Website.

 

Stored

Hotjar stores data until consent is withdrawn.

 

Note: We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.

For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.

 

10. HubSpot, Inc

 

Who

HubSpot Inc., is a US software supplier with a branch office in Ireland (HubSpot Inc., 2nd floor 30 North Wall Quay, Dublin 1, Ireland), by which we cover specific aspects of our online marketing, including

  • Content Management (e.g., the contents of the website)
  • Email Marketing (newsletters and automated mailings, for example, to provide information about updates)
  • Social Media Publishing & Reporting (e.g., LinkedIn)
  • Reporting (e.g., traffic sources, accesses etc.)
  • Contact Management (e.g., user segmentation & CRM)
  • Provision of landing pages and contact forms

 

How

Where this is required by law, we will ask the user, in advance and separately, for Consent to the collection, storage and Processing of data. With Consent of the user, HubSpot will use “Web Beacons” and cookies, which are stored on the computer and enable us to analyse the use of our Website. The collected information (e.g., the IP address, the geographic location, the Browser type, the duration of the visit and the pages viewed) is analysed by HubSpot on our behalf in to generate reports regarding the visit and the pages viewed by the user. If user does not wish a collection through cookies generally, he or she may at any time prevent the storage of cookies through his or her Browser settings.

The pixel tracker “embed/v3/counters.gif” collects information about user preferences and/or interaction with web campaign content. This is used on the CRM campaign platform that website owners use to promote events or products.

The HTTP cookie “hubspotutk” sets a unique ID for the session. This allows the website to obtain data on visitor behavior for statistical purposes.

 

Why

The data collected by us through HubSpot will be used by us exclusively to provide, and optimise, our marketing. The data can then be used by us to contact that visitor of Our Website, and to ascertain which of our services might be interesting for the visitor. If the user subscribes to our email news and download studies and other documents, we will also be able through HubSpot to analyse the visits of the user through its additional details (in particular, name/email address) and to inform the user about his or her preferred topics in a targeted manner. We also provide our registration service through HubSpot. The registration service enables the user, as a visitor of Our Website, to learn more about our enterprise, to download content, and to provide us with user’s contact details and additional information about himself or herself and his or her enterprise. If this is required by law, we will ask the user in advance and separately to grant their prior Consent to the collection, storage, and Processing of the data.

 

Stored

The data collected by us through HubSpot are stored on the servers of our contractor, HubSpot, in the United States. We have established the necessary requirements in order that this is in line with EU data protection law.

 

Transfer

HubSpot, Inc complies with the EU-US and Swiss-US Privacy Shield principles and uses Standard Contractual Clauses.

The user can inspect the complete privacy policy of HubSpot. HubSpot will also inform on their website in relation to the compliance with EU data protection law by HubSpot Inc. HubSpot provides on their website information regarding the cookies used by it.

 

11. Magento, Inc

 

Who        

Magento, Inc. is an American open source E-commerce software, which is useful for online business. It has a flexible modular architecture and is scalable with many control options that is helpful for users. Magento uses E-commerce platform which offers organizations ultimate E-commerce solutions and extensive support network. Magento is an Adobe Company. Magento shares personal information with other entities in the Adobe family of companies to enhance and improve Adobe products and services, as well as for other legitimate business purposes.

The headquarters of Magento is: X.commerce, Inc. dba Magento, Inc., Legal/Privacy Department, 345 Park Avenue, San Jose, CA 95110-2704 United States OR Magento Commerce International Limited, 21 Charlemont Place, Dublin D02 WV10, Ireland.

 

How

Magento is the platform (software) on which our Website is established.

 

Why

Magento Open-Source software delivers basic eCommerce capabilities that allows us to build a unique online store.

 

Stored

Personal information and files are stored on the servers of Magento / Adobe and the servers of companies they hire to provide services to them. At this moment we do not process personal data through Magento.

 

Transfer

Magento Inc. complies with the EU-US and Swiss-US Privacy Shield principles and uses European Commission approved standard contractual clauses.

 

12. Matomo

 

Who

Matomo Analytics is a European free and open-source web analytics application developed by a team of international developers as well as many other contributors around the globe. The application runs on a PHP/MySQL webserver. Web analysis is the collection, gathering and evaluation of data on the behaviour of visitors from Internet sites. A web analysis tool collects, inter alia, data on the website from which a data subject came to a website (so-called referrer), which pages of the website were accessed or how often and for which period a sub-page was viewed. A web analysis is mainly used for the optimization of a website and the cost-benefit analysis of Internet advertising. Matthieu Aubry is the legal representative of the Matomo project. Contact the privacy team at privacy@matomo.org. External Data Protection Officer ePrivacy GmbH represented by Prof. Dr. Christoph Bauer Große Bleichen 21, 20354 Hamburg Germany.

 

How

Matomo sets the opt-out cookie “piwik.php” (a pixel tracker) on the Browser of the data subject. With the setting of the cookie, an analysis of the use of Our Website is enabled. With each call-up to one of the individual pages of Our Website, the Browser is automatically through the Matomo component prompted to submit data for the purpose of online analysis to our server. During this technical procedure, we obtain knowledge about personal information, such as the IP address of the user, which serves to understand the origin of visitors and clicks.

 

Why

The purpose of the Matomo component is to analyse the behaviour of our visitors on our websites to improve the user experience. The Controller uses the obtained data and information, inter alia, to evaluate the use of Our Website to compile online reports, which show the activities on our Website. The software is operated on our server, the data protection-sensitive log files are stored exclusively on this server.

The user may, as stated above, prevent the setting of cookies through Our Website at any time by means of a corresponding adjustment of the Browser used and thus permanently deny the setting of cookies. Such an adjustment to the used Browser would also prevent Matomo from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Matomo may be deleted at any time via a Browser or other software programs.

In addition, the user has the possibility of objecting to a collection of data relating to a use of Our Website that are generated by Matomo as well as the Processing of these data by Matomo and the chance to preclude any such. For this, the user must set an opt-out cookie.

Matomo collects statistics about the user's visits to the website, such as the number of visits, the average time spent on the website, and which pages have been read.

 

Stored

The cookie is used to store personal information, such as the access time, the location from which access was made, and the frequency of visits to Our Website. With each visit of our Website, these Personal Data, including the IP address of the Internet access used by the user, are transferred to our server. These Personal Data will be stored by us on our servers (we do not use the cloud-based tool). We do not forward this Personal Data to Third Parties. The cookie stays for 1 day. If the cookie is deleted on the system of the data subject, then the data subject must call-up the link again and set a new opt-out cookie. With each setting of the opt-out cookie, however, there is the possibility that Our Website is no longer fully usable for the data subject.

 

13. Oracle America, Inc. (AddThis)

 

Who

Oracle provides a broad range of hosted, remote, and on-site computer-based services to their customers, including cloud services, consulting services and advanced customer support services, technical support services and training services. The headquarter of Oracle is Oracle America, Inc., 500 Oracle Parkway, Redwood Shores, California 94065, United States.

 

How

We use several cookies of the AddThis service of Oracle. The HTTP cookie “loc” generates a geolocation, which is used to help providers determine how users who share information are geographically located (status level). The HTTP cookie “xtc” records the sharing of content by the user via social media. The HTTP cookie “uvc” detects how often AddThis, the social media sharing service, encounters the same user.

Oracle holds and/or processes personal information of data subjects provided by the EEA, UK, or Swiss customer at the direction of their customers, which acts as a data controller.

 

Why

We use AddThis to allow our website visitors to share a page or article on social media. We may also add a button to print an article or page.

 

Stored

Each of the cookies are stored for 13 months on the Browser of the website visitor.

 

Transfer

Oracle: is a member of, and adheres to the regulatory principles of, several industry groups. Oracle is a global corporation with operations in over 80 countries and personal information is processed globally. If personal information is transferred to an Oracle recipient in a country that does not provide an adequate level of protection for personal information, Oracle will take measures designed to adequately protect information about you.

 

14. Zoom Video Communications, Inc.

 

Who

Zoom Video Communications, Inc. develops a people-centric cloud service that transforms real-time collaboration experience.

Zoom Video Communications Inc. headquarter is located at 55 Almaden Blvd 6th Floor, San Jose, CA 95113, United States.

 

How

Zoom will receive information when signing up and attending webinars. Zoom will Process Personal Data for the purposes of providing their services in accordance with the service agreement we have with Zoom. Personal Data provided to Zoom via their services by (or at the direction of) us or the end users, including but not limited to the following: User Profile: First Name, Last Name, Phone (optional), Email, Password (if SSO is not used), Profile Picture (optional), Department (optional), Meeting Metadata, Cloud Recordings (optional), Text file of all in meeting, chats, Audio transcript file, IM Chat Logs, Telephony Usage Data (Optional).

 

Why

We use the Zoom application to give our webinars.

 

Stored

Zoom stores the Personal Data on their servers for as long as we use their services.

Zoom declares that is complies with all applicable privacy laws, rules, and regulations in the jurisdictions in which it operates, including the GDPR.

 

Transfer

Zoom: Where personal data of users in the EEA, Switzerland, or the UK is being transferred to a recipient located in a country outside the EEA, Switzerland, or the UK which has not been recognized as having an adequate level of data protection we ensure that the transfer is governed by the European Commission’s standard contractual clauses.

 

 

RIGHTS OF THE DATA SUBJECT

 

One of the key objectives of the GDPR is to ensure the privacy and protection of the Personal Data of Data Subjects. To help Data Subjects in being assured of the protection and privacy of their Personal Data, the GDPR empowers Data Subjects with certain rights. Through these rights, Data Subjects can make a specific request and be assured that Personal Data is not being misused for anything other than the legitimate purpose for which it was originally provided.

If a Data Subject wishes to avail himself of one of these 9 rights, he, or she (or his or her representative) may, at any time, contact the DPO of Kuraray Europe GmbH as the central contact. The DPO will respond to the request in accordance with the applicable law. To protect the privacy and security, we may ask the Data Subject to verify his or her identity.

If the Subsidiary of Kuraray Europe GmbH or another Processor receives such a request of a Data Subject, it must, to the extent legally permitted, promptly notify (the DPO of) Kuraray Europe GmbH of any Data Subject requests it received and reasonably cooperate with Kuraray Europe GmbH to fulfil its obligations under the GDPR in relation to such requests. Kuraray Europe GmbH shall be responsible for any reasonable costs arising from Processor’s helping Kuraray Europe GmbH to fulfil such obligations.

 

Every Data Subject shall have the following 9 rights granted by the European legislator:

 

a. Right of confirmation (Art. 15(1) GDPR)

The right to obtain from the controller the confirmation as to whether Personal Data concerning him or her are being processed.

If you wish to avail yourself of this right of confirmation, you may, at any time, contact our DPO.

 

b. Right of access (view) (Art. 15(1-4) GDPR)

The right to obtain from the controller free information about his or her Personal Data stored at any time and to obtain a copy of this information. Specifically, to obtain from the controller access to the following information:

  • the purposes of the processing.
  • the categories of Personal Data concerned.
  • the recipients or categories of recipients to whom the Personal Data have been or will be disclosed, in particular to recipients in third countries or to international organizations.
  • where possible, the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine that period.
  • the existence of the right to request from the controller rectification or erasure of Personal Data, or restriction of processing of Personal Data concerning the Data Subject, or to object to such processing.
  • the existence of the right to lodge a complaint with a supervisory authority.
  • where the Personal Data are not collected from the Data Subject, any available information as to their source.
  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the Data Subject.

Furthermore, the Data Subject shall have a right to obtain information as to whether Personal Data are transferred to a third country or to an international organization. Where this is the case, the Data Subject shall have the right to be informed of the appropriate safeguards relating to the transfer.

If you wish to avail yourself of this right of access, you may, at any time, contact our DPO.

 

c. Right of rectification (Art. 16 GDPR)

The right to obtain from the controller without undue delay the rectification of inaccurate Personal Data concerning him or her. Considering the purposes of the processing, the Data Subject shall have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.

If you wish to exercise this right to rectification, you may, at any time, contact our DPO.

 

d. Right of erasure (deletion) / Right to be forgotten (Art. 17 GDPR)

The right to obtain from the controller the erasure of Personal Data concerning him or her without undue delay, and the controller shall have the obligation to erase Personal Data without undue delay where one of the following grounds applies, as long as the processing is not necessary:

  • The Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
  • The Data Subject withdraws consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
  • The Data Subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the Data Subject objects to the processing pursuant to Article 21(2) of the GDPR.
  • The Personal Data have been unlawfully processed.
  • The Personal Data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • The Personal Data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

If one of these reasons applies, and you wish to request the erasure of your Personal Data stored by us, you may at any time, contact our DPO. The DPO shall promptly ensure that the erasure request is complied with immediately.

However, deletion of data can only be done if the data is no longer relevant. We will weigh up our interest and your privacy interest upon a request for removal. In the event of a removal decision, we will inform you to what extent this will limit or prevent the use you make of our Service.

Where we have made Personal Data public and are obliged pursuant to Article 17(1) to erase the Personal Data, we, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the Personal Data that you have requested erasure by such controllers of any links to, or copy or replication of, those Personal Data, as far as processing is not required. Our DPO will arrange the necessary measures in individual cases.

 

e. Right of restriction of processing (Art. 18 GDPR)

The right to obtain from the controller restriction of processing where one of the following applies:

  • The accuracy of the Personal Data is contested by the Data Subject, for a period enabling the controller to verify the accuracy of the Personal Data.
  • The processing is unlawful, and the Data Subject opposes the erasure of the Personal Data and requests instead the restriction of their use instead.
  • The controller no longer needs the Personal Data for the purposes of the processing, but they are required by the Data Subject for the establishment, exercise, or defense of legal claims.
  • The Data Subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the Data Subject.

If one of these conditions is met, and you wish to request the restriction of the processing of your Personal Data stored by us, you may at any time contact our DPO. The DPO will arrange the restriction of the processing.

 

f. Right of data portability (Art. 20 GDPR)

To receive the Personal Data concerning him or her, which was provided to a controller, in a structured, commonly used, and machine-readable format.

He or she shall have the right to transmit those data to another controller without hindrance from the controller to which the Personal Data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the Data Subject shall have the right to have Personal Data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.

To assert the right to data portability, you may at any time contact our DPO.

 

g. Right to object (Art. 21 GDPR)

The right to object, on grounds relating to his or her situation, at any time, to processing of Personal Data concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.

In the event of the objection, we shall no longer process your Personal Data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the Data Subject, or for the establishment, exercise, or defense of legal claims.

If we process Personal Data for direct marketing purposes, you shall have the right to object at any time to processing of your Personal Data concerning for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If you object to us to process for direct marketing purposes, we will no longer process your Personal Data for these purposes.

In addition, you have the right, on grounds relating to your situation, to object to processing of your Personal Data concerning by us for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

To exercise the right to object, you may contact our DPO.

In addition, you are free in the context of the use of information society services, and notwithstanding the ePrivacy Directive (Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector), to use your right to object by automated means using technical specifications.

 

h. No automated individual decision-making, including profiling (Art. 22 GDPR)

The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, if the decision

(1) is not necessary for entering, or the performance of, a contract between the Data Subject and a data controller, or

(2) is not authorized by Union or Member State law to which the controller is subject, and which also lays down suitable measures to safeguard the Data Subject's rights and freedoms and legitimate interests, or

(3) is not based on the Data Subject's explicit consent.

If the decision (1) is necessary for entering, or the performance of, a contract between you and us, or (2) it is based on your explicit consent, we shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on our part, to express your point of view and contest the decision.

As a responsible company we do not use automatic decision making. For our digital marketing purposes, we may use any form of automated processing of Personal Data to evaluate certain personal aspects relating to a natural person, to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

If you wish to exercise the rights concerning automated individual decision-making, you may, at any time, contact our DPO.

 

i. Right to withdraw data protection consent (Art. 7(3) GDPR)

The right to withdraw his or her consent to processing of his or her Personal Data at any time

If you wish to exercise the right to withdraw the consent, you may, at any time, contact our DPO.