Responsible Authority
We are happy about you visiting our website. We would like to introduce you to the responsible authority in terms of data protection law as applicable:
OpenForests UG (haftungsbeschränkt)
represented by the Manager
Dr. Patrick Ribeiro
Stefan Haas
Alexander Watson
Moerser Straße 171
47803 Krefeld
Phone: +49 2151 987 9656
E-mail: contact@openforests.com
Privacy legacy officer
Contact OpenForests UG for Data Privacy
E-mail: contact@openforests.com
Phone: +49 2151 987 9656
General Information
Pursuant to our statutory obligations, we would like to inform you about the collection and use of your personal data.
When you use our website, personal data about you will be collected. This may happen by you entering the data yourself, for example your e-mail address. But our system also collects your data automatically, for example whenever you visit our website. This happens irrespective of the device or the software that you use to visit our website.
All data that you enter in our app is provided voluntarily; there are no disadvantages to you if you do not provide data. But without certain data, we are unable to provide services or to conclude contracts. Whenever such information is necessary, we will point it out to you.
On this website, the user’s personal data is only collected within the framework of the existing data-protection law, in particular the General Data Protection Regulation (GDPR). The legal terms used in the text are defined in Art. 4 of the GDPR.
The GDPR allows data processing in three cases in particular:
- in accordance with Art. 6 para. 1 (a) and 7 GDPR, when you have consented to us processing your data; in this Privacy Policy and in the cases of consent pursuant to Art. 4 no. 11 GDPR, we will inform you in detail and each time for what purposes and under what circumstances your data will be processed by us;
- in accordance with Art. 6 para. 1 (b) GDPR, when processing your personal data is necessary for negotiating, concluding or performing a contract;
- in accordance with Art. 6 para. 1 (f) GDPR, if the balancing of interests leads to the conclusion that the processing is necessary to protect our legitimate interests; this means in particular our interests to analyse, optimise and secure the offers on our website – meaning primarily the analysis of user behaviour, setting up profiles for advertisement purposes and storage of access data as well as the use of third-party providers.
Inventory Data
We collect inventory data as far as it is necessary to establish, negotiate or amend a contract (including one without remuneration) between us and the user. This can be: customer data (for example name, address), contact data (for example e-mail address, phone number), service data (for example services ordered, duration, payment). Upon establishing the user relationship, we will ask you for this data (for example name, address and e-mail address) and will also tell you which of the information is required to establish the user relationship.
Usage Data
We also collect usage data to allow users to use the services on our website. These may consist of: usage information (for example visited websites or parts, duration of visit, interest in services), content data (for example data, text, images, sounds, videos entered or uploaded by you), meta data (for example identity of your device, location, IP address).
We will only combine usage data if and insofar as it is necessary for billing purposes. Otherwise, we will only put together usage data pseudonymously and only insofar as you have not objected. You may send this objection to the address indicated in the “About Us” section or the responsible authority indicated in this Privacy Policy at any time.
The legal basis for this data processing are our legitimate interests pursuant to Art. 6 para. 1 (f) GDPR in analysing the website and your use, possibly also the statutory permission to store data as part of the negotiation of a contract pursuant to Art. 6 para. 1 (b) GDPR.
Hoster
Raidboxes
Our Website is presented in the Internet by a service provider. We use the service of Raidboxes GmbH, Hafenstraße 32, 48153 Münster, Germany. We have concluded a data processing agreement with our provider. With this contract, our provider is obliged to process the data according to our instructions. You can find more information on data processing at our provider in his privacy policy at https://raidboxes.io/datenschutzerklaerung/. The legal basis for this data processing is on the one hand our legitimate interest in a technologically perfect online offering and its design and optimization in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, and, on the other hand, our contractual or pre-contractual legal relationship in accordance with Art. 6 para. 1 (b) GDPR.
Furthermore, our provider stores information, the so-called server log files, each time the website is used; this is information which is automatically transferred by your browser. In detail, this data consists of:
- your IP address
- type and version of your browser
- host name
- time of visit
- the page from which you came to our page
- name of the page opened
- exact time of usage as well as
- the amount of data transferred
This data will only be used for statistical purposes and do not allow us to identify you as a user.“
Scalingo SAS
Our Website is presented in the Internet by a service provider. We use the service Scalingo SAS , 13 rue Jacques Peirotes 67000 Strasbourg France. We have concluded a data processing agreement with our provider. With this contract, our provider is obliged to process the data according to our instructions. You can find more information on data processing at our provider in his privacy policy at https://scalingo.com/data-processing-agreement. The legal basis for this data processing is on the one hand our legitimate interest in a technologically perfect online offering and its design and optimization in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, and, on the other hand, our contractual or pre-contractual legal relationship in accordance with Art. 6 para. 1 (b) GDPR.
Furthermore, our provider stores information, the so-called server log files, each time the website is used; this is information which is automatically transferred by your browser. In detail, this data consists of:
- your IP address
- type and version of your browser
- host name
- time of visit
- the page from which you came to our page
- name of the page opened
- exact time of usage as well as
- the amount of data transferred
This data will only be used for statistical purposes and do not allow us to identify you as a user.
Advertisements
Before sending you advertisements, we will ask for your explicit consent pursuant to Art. 4 no. 11 GDPR, except in cases of advertisements for similar products to the one you already acquired. This will happen in particular when you grant us consent to mail our newsletter or when you fill out a contact form. You may withdraw your consent at any time in accordance with the subsequent section “Consent”.
INSOFAR AS WE USE YOUR PERSONAL DATA FOR DIRECT MARKETING, YOU MAY ALSO OBJECT TO THE USE OF YOUR DATA FOR THAT PURPOSE AT ANY TIME. THIS MAY BE DONE THROUGH ANY OF OUR MEANS OF CONTACT, PARTICULARLY BY E-MAIL TO THE E-MAIL ADDRESS LISTED IN THE “LEGAL NOTICE” SECTION WITHOUT ANY FORMAL REQUIREMENTS. WE WILL THEN NO LONGER USE YOUR DATA FOR DIRECT MARKETING.
First Contact through Electronic Request
If you contact us in electronic form (for example by mail, fax, phone, messenger, etc.), we store and process the data which you have given us (for example name, contact information, content of the request). This is based on our legitimate interest in an effective communication with customers in accordance with Article 6 para. 1 (a) GDPR and, as far as it concerns a request to enter into or to perform a contract, also with Article 6 para. 1 (b) GDPR.
We will only pass on this data to third parties as far as required for the performance of the contract (in accordance with Article 6 para. 1 (b) GDPR), by the overwhelming interest in effective services (in accordance with Article 6 para. 1 (f) GDPR) or based on your consent (in accordance with Article 6 para. 1 (a) GDPR) or if there is another legal permission or obligation.
You may ask us at any time and without any cost to provide information about the purpose of the processing, the origin and the recipient, if any, of your data. You may also request that we correct, delete or limit the processing of your personal data. You may object against the (further) processing of your data at any time and you have a right for the data to be made transferable as well as the right to file a complaint with the competent supervisory agency.
In general, your data will only remain stored as long as required by the purpose of the respective data processing. A longer storage is an option, in particular when required in order to pursue our rights, for other legitimate interests of ours or when there is a statutory duty to keep the data longer (for example record-keeping under tax law, statute of limitations).
Consent
Whenever we ask you for your consent for the processing of your data, we will inform you in clear language and in an easily accessible way about the cases for which you will be granting your consent. Any consent that we ask you for is voluntary. Any advantage that you wish to gain by granting consent is also available without consent; simply ask us.
Regarding any consent, you have the right to revoke any consent given to us for the processing of your personal data at any time. You just need to contact us without any particular formal requirement, for example through our contact form, an e-mail to the e-mail address indicated in the “About Us” section or a link to unsubscribe (if offered by us). Your withdrawal has no effect on the legality of the data processing carried out up to that point.
Storage Period
Generally, your data will only remain stored as long as required by the purpose of the respective data processing. Storage beyond that is possible in particular if it is still required for pursuing our rights or for other legitimate interests of ours.
For your inventory data which were necessary to perform a contract (including one without remuneration), this means that we store this data until the complete performance or termination of the contractual relationship plus the limitation period (which is generally 2 or 3 years) plus an adequate extra time for potential interruptions of the limitation period.
For your usage data which was collected in the course of your use of the website, this means that we will store it only for the time still required for the proper functionality of our website and as long as we still have a legitimate interest. Statistical information will be primarily stored by us in pseudonymous form.
Beyond that, we still store your data for as long as we are required to do so by law. This concerns in particular the tax-law requirements to keep records, usually for 6 or even 10 years.
Cookies
More then essential Cookies
Upon opening the website, we have asked you to consent to the storing of certain cookies which will be placed while you visit our website. Based on your consent pursuant to Art 6 para. 1 (a) GDPR, our website thus uses cookies, so that our offer can be used in a better, more effective and more secure way.
A cookie is a record of information that is stored on your terminal device (computer, tablet, smartphone, etc.). These can be “session cookies”, which are automatically deleted when you leave our website. Other cookies are stored on your computer permanently until you delete them. That allows us to recognize your browser when you visit our website again and to provide you with features or offers according to your previous usage.
Your browser allows you to prevent the use of cookies in general or in specific cases. Please check the instructions for your browser to find out more about this. You can also delete cookies following these instructions which we have listed for you:
for Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en
for Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
for Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
for Edge: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
for Internet Explorer: https://support.microsoft.com/en-gb/help/278835/how-to-delete-cookie-files-in-internet-explorer
Blocking cookies may limit the functionality of our website and of other websites visited by you.
More information on this topic, in particular how you can administer, limit or completely disable third-party cookies and technologies with a similar purpose, can be found at:
https://www.aboutads.info/choices
https://www.youronlinechoices.eu
https://www.networkadvertising.org/choices
In order to obtain your consent to store certain cookies on your device and to document this in line with data protection law, and in line with our legal obligations under Art. 6 para. 1 sentence 1 (c) GDPR and our legitimate interest in accordance with Art. 6 para. 1 (f) GDPR, we use the Cookie Consent Manager “Real Cookie Banner“ provided by devowl.io GmbH https://devowl.io/, Tannet 12, 94539 Grafling (im Folgenden „Real Cookie Banner“).
The provider only places cookies that are technologically necessary. When you open our website, the following data will be sent to the provider: your consent or the withdrawal of your consent for placing cookies, a cookie placed on your browser by the provider, the duration and version of the cookie, domain and path of the WordPress website and the UID. The UID is a randomly generated ID and no personal information.
Real Cookie Banner processes no personal data. If you want to withdraw the consent to place certain cookies, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked for your consent to place cookies again.
You can find detailed information about the privacy policy of the provider at: https://devowl.io/de/datenschutzerklaerung/.
Transfer of data
Transfer to Third Parties
We dislike spam as much as you do. We will therefore not transfer your data to third parties, unless permitted by law.
Transfer of customer data may either
- be required for the performance of a contract and in that case be permitted according to Art. 6 para. 1 (b) GDPR, or
- be permitted based on our legitimate interest in an effective service structure pursuant to Art. 6 para. 1 (f) GDPR, or
- covered by your consent pursuant to Art. 6 para. 1 (a) GDPR, or
- become necessary if we will be legitimately asked by a government or an agency to hand over your data pursuant to Art. 6 para. 1 (c) GDPR.
If your data are transferred to third parties, this is mentioned in this privacy policy.
Transfer to other countries, particularly USA
Our website uses external providers located outside of the EU for different features. In particular, the use of cookies, active Java scripts and other technology can lead to processing and storage of your data outside of the EU. But we will not transfer your data to a third country, unless the EU Commission has determined that there is a similar level of data protection as in the EU or unless you have provided us with your informed consent or we have agreed on the standard contractual clauses for the protection of your data with the provider.
Users‘ Rights
You may request us anytime to provide information about the personal data stored about you free of charge. To avoid misuse, this will require personal identification.
Deletion, Correction, Limitation
You may at any time demand from us that we correct (or complete) incorrect data as well as a limitation of the processing of data or deletion of your data. This applies in particular if the reason for processing the data is no longer valid, if a required consent has been revoked and there is no other legal basis or if our data processing is unlawful. We will then correct, block or even delete your personal data without delay as far as permitted by law.
Objection
The right to object to advertisement is governed by our text regarding consent:
Regarding any consent, you have the right to revoke any consent given to us for the processing of your personal data at any time. You just need to contact us without any particular formal requirement, for example through our contact form, an e-mail to the e-mail address indicated in the “About Us” section or a link to unsubscribe (if offered by us). Your withdrawal has no effect on the legality of the data processing carried out up to that point.
Data Transfer
You may request us to transfer the data stored about you in machine-readable form.
Complaint
If you feel that our data processing has violated any of your rights, you may file a complaint with the competent regulatory agency (here you find a list of the agencies).
Changes to the Privacy Policy
If and when factual or legal reasons will compel us to amend the Privacy Policy, we will update this page accordingly. This will not change the consent provided by the user.
Data Entry
Encryption of Data Entry
When you enter data on our website, whether in a contact form, during the registration process, when you log in or for payment purposes, the website, where you enter the data, is encrypted. Thus, third parties can not read what you enter. You will recognise the encryption by the lock symbol in your browser and by the URL beginning with “https“ instead of “http“.
Contact Forms
General contact form
When you fill out a contact form or when you send us an e-mail or another electronic message, your information will be stored for the processing of the request, for possible follow-up questions or for other related questions and will only be used to follow up with the request.
Your data will be transferred in an encrypted manner, preventing third parties from reading your data while it is being entered.
Basis for this storage is the safeguarding of our legitimate interests in regard to communication with interested users pursuant to Art. 6 para. 1 (f) GDPR and in the case of inquiries prior to entering into a contract also the performance of a contract pursuant to Art. 6 para (b) GDPR.
Your data remains stored for as long as the processing of the request requires, in particular as long as the storage is still necessary to perform the contract, to pursue our rights or for our other legitimate interests or we are compelled by law to keep your data stored (for example based on tax-law requirements to maintain files).
Newsletter
Mail Chimp
If you subscribe to the newsletter offered on our website, we will inform you in detail about the information you will receive, which of your data will be stored and what it will be used for. We will not pass on your data to third parties and we will only use it to mail the newsletter.
We will only mail you the newsletter if you have given us your prior permission. To that purpose, you will receive an e-mail from us with a link and further instructions and our request for your consent. By clicking on this link, you declare your consent to receiving the newsletter and our advertising.
Because we are legally obligated to record your permission as part of the so-called double opt-in, your order of the newsletter, the mailing of our e-mail of consent and your consent by clicking on the link will be recorded and saved with location and time as well as with your IP address.
The basis for the storage is your consent pursuant to Art. 6 para. 1 (a) GDPR, which you grant to us by registering for the newsletter. You may revoke this consent at any time, you just need to contact us without any particular formal requirement (for example through the contact form or an e-mail or the unsubscribe button in each e-mail). This withdrawal has no effect on the legality of the data processing that has occurred until that point.
For mailing the newsletter, we use (based on our legitimate interest in a technologically perfect processing of our customer information and analysis) the provider MailChimp (Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA) from the USA.
This means, your data will be exportet to the USA. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.
In our newsletter, we will also explicitly ask you to provide your consent to transferring data to MailChimp and to the USA. You will declare that consent by clicking on the link, but you may revoke it at any time. For the handling of your data at MailChimp, we refer you to the Privacy Policy of MailChimp at: https://mailchimp.com/legal/privacy/.
MailChimp will only use your data for mailing the newsletter and for evaluating that mailing on our behalf. In addition to that, MailChimp will only use your data to improve their own service. But MailChimp will not use the data to contact you directly or to pass on your data to third parties.
The mails used by MailChimp contains a “web beacon“, which will inform MailChimp about the opening of the newsletter and/or the clicking on a link contained therein by you. As part of that process, information regarding your browser, your location and your IP address will be transmitted to MailChimp. This information will be used to optimise our communication with you.
Our newsletter provider will also use this data for purposes of analysis and optimisation of their own service, but only in pseudonymised form (meaning that your identification is not possible). But your data will not be used by the provider to contact you directly.
Your data will remain stored for as long as you are stored in our mailing list, the storage is required to enforce our rights or it is necessary for our legitimate interest or we are required by law to keep your data.
MailGun
If you subscribe to the newsletter offered on our page, we will inform you in detail about the information we will send you, which of your data will be stored and for what it will be used. We will not pass on your data to third parties and we will only use it for mailing the newsletter.
We will only mail you the newsletter if you have provided us with prior consent. To that purpose, you will receive an e-mail from us with a link and further details and we will ask for your consent. By confirming that link, you declare your consent to receive the newsletter and advertisement from us.
Because we are legally required to record your consent as part of the double opt-in, your subscription to the newsletter, the mailing of our consent e-mail and your consent by clicking on the link will be recorded and stored with location and time as well as with your IP address.
The basis for the storage is your consent pursuant to Art. 6 para. 1 (a) GDPR, which you grant us when you register for the newsletter. You may withdraw that consent at any time, for which any notice to us, without any formal requirement, is sufficient (for example through the contact form or by e-mail or by using the link to unsubscribe, which is included in each e-mail). This withdrawal has no effect on the legality of the data processing carried out up to that point.
When mailing the newsletter, we use (as part of our legitimate interest in a technologically perfect processing of our customer data and analysis) the provider
San Antonio HQ
112 E Pecan St, #1135
San Antonio, TX, 78205
Homepage: https://www.mailgun.com/
Privacy Declaration: https://www.mailgun.com/legal/privacy-policy/.
The provider is storing your data in the EC. We have also concluded a data processing agreement, according to which the provider processes the data in accordance with our instructions.
Regarding the handling of your data by our newsletter provider, we refer you to the privacy policy https://www.mailgun.com/legal/privacy-policy/ of our newsletter provider. Our newsletter provider will only use your data for mailing the newsletter, and it will use the analysis of that mailing on our behalf. In addition to that, our newsletter provider will only use your data to improve its own service. Our newsletter provider will not use the data to contact you directly or to pass on your data to third parties.
The mails used by our newsletter provider includes a "web beacon", which will inform our newsletter provider about the opening of the newsletter and/or the clicking on a link contained therein by you. As part of that process, information regarding your browser, your location and your IP address will be transmitted to our newsletter provider. This information will be used to optimise our communication with you.
Our newsletter provider will also use this data for purposes of analysis and optimisation of their own service, but only in pseudonymised form (meaning that your identification is not possible). But your data will not be used by the provider to contact you directly.
Your data remain stored for as long as they are part of our mailing list, as long as the storing is necessary to protect our rights or for other legitimate interests or if we are bound by law to keep your data longer.
Social Media
Social Media Links
General Information
We refer with links to our social media presences. When you follow any such link to the social media site, your data will be broadcasted to that site. The social media site will normally store a cookie in your browser and to your account information there, especially, if you are logged into your social media account on the site. The social media site can analyse your use of the platform and your browsing habits and will use these for targeting advertisements based on your interests. That can lead to ads being shown to you when browsing in- and outside of the social media site. Please inform yourself about the use of your data on these sites and use them only, when you agree to that use of your data, that happens on that social media site, in particular, when you are not using that social media site for the first time. We have added links to all the privacy policies of the social media site for your information.
Our page uses links to our presence on the social network LinkedIn, provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, as a subsidiary of LinkedIn Corporation, 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043, USA.
It is just a normal link, which means that upon opening our page, LinkedIn won't learn anything of your visit to our website. But when you click on the link, you will be taken to LinkedIn, and then LinkedIn will also learn that you visited our page.
Thus, your data may be forwarded to the USA.
We have neither knowledge of, nor any influence on the possible collection and processing of your data by LinkedIn after clicking on the link. Further information can be found in LinkedIn's privacy policy at https://www.LinkedIn.com/legal/privacy-policy?_l=de_DE.
YouTube
Our website uses links to our presence in the social network of YouTube by YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. It is just a normal link. Thus, when you open our site, YouTube will not learn of your visit to our website. But once you click on the link, you will be led to YouTube, allowing YouTube to learn that you have visited out site.
The data collected by Google may be transferred by Google to countries outside of the EU, in particular to the USA.
However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
You may find further information in YouTube’s privacy policy at
https://www.google.de/intl/de/policies/privacy/.
Social Media Share
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use plugins of the social network LinkedIn, provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, as a subsidiary of LinkedIn Corporation, 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043, USA. With the Shariff method, LinkedIn will only learn of your IP address and your visit to our website once you have clicked on the button. If you confirm the plugin while being logged into LinkedIn, LinkedIn may attribute your use to your user account.
Thus, your data may be forwarded to the USA.
However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.
Further information can be found in LinkedIn's privacy policy at: https://www.LinkedIn.com/legal/privacy-policy?_l=de_DE. For the general approach to cookies and their deactivation as well as regarding the passing of data to third parties, particularly to the USA, we refer you to our general information in this Privacy Policy.
Social Media Videos
Youtube (Two Click)
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR we use YouTube, a service provided by YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland in order to embed videos.
To protect your data, we have installed a two-click solution. That way, Google won't learn about your visit once you access our website, but only once you actually click the button. If you confirm the plugin while being logged in at YouTube, Google may attribute your use to your user account.
The data collected by Google may be transferred by Google to countries outside of the EU, in particular to the USA.
However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.
You may find further information in YouTube’s privacy policy at
https://www.google.de/intl/de/policies/privacy/.
Regarding the general approach to cookies and their deactivation, we refer you to our general information in this Privacy Policy.
Google Analytics 4
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the Google Analytics tool provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
This helps to analyse the use of websites. In that process, the data can be turned into pseudonymous user profiles. Google uses different technologies for that purpose, which are based on algorithms, also it is possible, that Cookies are used. Google uses a pseudonymous number for each user of our website. Pseudonym means that neither name nor e-mail address nor other data that clearly identifies the user are used. The number is then used to analyse how the individual user uses our online offering. The date and time of use as well as page views, scrolls to the end of the page, clicks on external links, website searches, viewing of an embedded YouTube video and file downloads are also analysed.
Google may transfer the collected data to countries outside of the EU, in particular to the USA. We have concluded a data-processing agreement with Google, according to which Google will only process your information in accordance with our instructions. This data-processing agreement also states that Google may only transfer the data to the USA within the framework of the standard contractual clauses, see the Google Ads Data Processing Terms for further information. The Google Ads Data Processing Terms are available here: https://business.safety.google/adsprocessorterms/.
Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
Google will automatically anonymize your IP address, which means that information won't be stored on their hard disk. To ensure an adequate protection of your data, we have also concluded a data-processing agreement with Google, according to which Google will not combine your information with other data collected by Google with the goal of determining your identity.
If you don't find this sufficient, you can also use the link http://tools.google.com/dlpage/gaoptout?hl=de to download and install Google's browser plugin to block Google Analytics, which will prevent Google from collecting and passing on your personal data.
You can also prevent being analysed by Google Analytics by using the following link: Deactivate Google Analytics to place an opt-out cookie, which will also prevent the data from being collected.
If you want to read about Google's privacy policy, please use the following link https://www.google.de/intl/de/policies/privacy/.
Google Tag Manager
With the Google Tag Manager, marketers can use an interface to administer website tags. The Tag Manager itself, which places the tags, works without cookies and collects no personal data. The Tag Manager only activates other tags, which may in turn collect data. About these third-party providers, you will find the respective declarations in this Privacy Policy. The Google Tag Manager does not use this data. If you have deactivated cookies, it will be respected for all tracking tags that were placed with the Google Tag Manager, so the tool does not change your cookie preferences.
Google may ask you for permission to pass on some product data (e.g. your contact information) to other google products in order to activate certain features, e.g. adding new conversion-tracking tags to simplify AdWords. Google's developers will also check the information about the usage of the product from time to time, in order to further improve the product. But Google will never pass on such data to other Google products without your consent.
When using this provider, it may happen that your data is transferred to the USA. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions see the Google Ads Data Processing Terms for further information. The Google Ads Data Processing Terms are available here: https://business.safety.google/adsprocessorterms/.
Further information can be found in the user guidelines of Google and the privacy policy of Google for this product.
Google Ads
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use Google Ads, an online advertisement network provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
With this system we can advertise in the Google ads network, which will be displayed on other websites, search results or other places on the internet. With Google Ads our ads will be primarily shown to users, who are most likely interested in them. This allows us, to market more specific. Google uses a Cookie to display the ads based on the interests of the user. The Cookie will be read by “web beacons” on the Website of the Google ads network.
The Cookies contain data about technical specifications of your system, the websites visited, the interests shown and which ads were clicked.
At the same time we have a „Conversion Cookie“. With it Google shows us anonymize statstics without personal data. It is just about how often our ads were clicked.
Also Google will use all data out of these Cookies just in a pseudonymized way, without being able, to follow your actions individually. The data is just analysed concerning the cookie itself, otherwise only, if you have given Google your specific consent to use the data with respect to you individually.
The data collected by Google may be transferred by Google to countries outside of the EU, in particular to the USA. We have concluded a data processing agreement with Google, according to which Google only processes your data according to our instructions. This agreement ensures, that your data will be transferred to the US solely on the base of the standard contractual clauses, see the Google Ads Data Processing Terms for further information. The Google Ads Data Processing Terms are available here: https://business.safety.google/adsprocessorterms/.
As we have already explained about cookies in general in our Privacy Policy, you can prevent the saving of cookies through the relevant preferences in your browser, but this may limit the functionality of our website.
Alternatively, you can use your browser to deactivate only interest-targeted ads on Google as well as interest-targeted Google ads on the web. To do this, you have to go to http://www.google.de/settings/ads and activate the “Off” button or use the deactivation at https://myaccount.google.com/privacycheckup?. Further information about your preference options regarding this issue and the data protection of Google can be found at https://www.google.de/intl/en/policies/privacy/?fg=1.
For the general approach to cookies and their deactivation as well as regarding the passing of data to third parties, particularly to the USA, we refer you to our general information in this Privacy Policy. This provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
You will find more information about Google’s precautions regarding data protection at the following link: https://www.google.de/intl/en/policies/privacy/.
Google Ads Conversion Tracking
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we additionally to Google Ads we use the Google Ads Conversion Tracking, to track the result of our ads and to allow us to display ads based on the interest of the user.
If you perform certain actions on our Website – as ordering something, send a contact form or order out Newsletter – will this Conversion send to Google. Google can therewith measure the numbers of conversions. Additionally Google will be able to identify the cookie saved by Google on your Computer by Google before and can see, on which ads you have clicked before.
If you do not wish to be tracked, you can use the Google Ad Manager https://www.google.com/settings/u/0/ads/authenticated to modify your settings or even deactivate your Google Ads entirely. Additionally we refer for further settings and deactivation-measures to our general information in this Privacy Policy and especially for Google Ads.
Google remarketing and similar target groups
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use remarketing and other target-group services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, on our website.
This technology applied through cookies allows Google to present you targeted ads based on previously visited websites. Thus, we can better approach users of our website with ads. When you visit our page, a cookie will be placed in your browser, unless you have objected to the use of cookies when you opened our page.
The cookie is a small file with a number code, with which your visit of the website and anonymised data about your use of the website are collected. When it is transmitted to Google, your IP address will be shortened and thus anonymised. Your personal data will neither be stored, nor connected with other data by Google.
The anonymized data may be forwarded to the USA and stored by Google. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.
If you visit other websites after ours and these other websites are also part of the Google Display network, you will probably be shown interest-targeted ads on the basis of the websites previously visited by you.
You can perpetually prevent the saving of cookies by Google in your browser by downloading and installing the plugin linked to hereinafter.
https://www.google.com/settings/ads/plugin?hl=de
You can also prevent the use of cookies by third-party providers by declaring your opt-out on the deactivation page of the Network Advertising Initiative, following the instructions there: http://www.networkadvertising.org/choices/
Further information about Google's remarketing service and Google's privacy policy can be found at http://www.google.com/privacy/ads/.
For the general approach to cookies and their deactivation as well as regarding the passing of data to third parties, particularly to the USA, we refer you to our general information in this Privacy Policy.
Online calendar
Calendly
Based on our legitimate interest in a technologically perfect online offering and its design and optimization in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the calendar of Calendly https://calendly.com/de, a service offered by Calendly LLC, 1315 Peachtree St NE, Atlanta, GA 30309, USA, to make appointments.
Thus, the data you enter while making an appointment will be passed to Calendly. Your data will be transmitted to the USA in that process.
You can find more information about the privacy policy of Calendly at https://calendly.com/legal/privacy-notice. We have entered into a contract on data processing with Calendly, according to which Calendly will only process your data according to our instructions. Additionally we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
In order to arrange an appointment, we ask for the data requested in the Calendly form and we collect your IP address at the time of entry. This data will not be passed to third parties by us or by Calendly and only serves statistical purposes and for arranging appointments. Data entry will be encrypted, preventing third parties from reading your data while you enter it. You will find more information about the data collected by Calendly and how they process your data in the privacy policy of Calendly .
Your data will remain stored as long as the reason for the appointment is still relevant, in particular as long as the storage is still necessary to perform the contract, to pursue our rights or for other legitimate interests of ours or as long as we are required by law to keep your data stored (for example by tax-law requirements on the keeping of records). If the appointment passes without any consequences, your data will be deleted.
Cloud Storagesolutions
Amazon Web Services
For our data processing, we use the cloud solution Amazon Webservices, a service of Amazon Web Services Inc. 410 Terry Avenue North, Seattle WA 98109, United States.
The legal bases for this data processing are
- our contractual or pre-contractual legal relationship with you pursuant to Art. 6 para. 1 lit. b GDPR as well as
- our legitimate interest in a technically proper online offer and its economically efficient design and optimization pursuant to Art.6 para. 1 lit.f GDPR.
Since we use this provider as a cloud solution, it is possible for this cloud provider to take note of our data. This is also data that can identify a person with manageable effort ("personal data"). This personal data is in principle all data that you share with us on the occasion of the use of the website and in connection with our general communication and which we then process or enter by means of this cloud provider.
This may include contact information (such as email address or phone number), billing information (name, billing address, payment method, and bank account information), information relating to related third party accounts (such as the email address or username for a related PayPal, Google, or Facebook account), scanned identification documents provided to us (such as ID, driver's license, passport, or official company registration documents), and any other personal information (if you have provided it to us). However, our cloud provider will not evaluate or use this data.
We have entered into an order processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.
When using this provider, it may happen that your data is transferred to the USA. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
For more information on data processing by this provider, you can read its privacy policy at https://aws.amazon.com/de/privacy/?nc1=f_pr.
CRM and Marketing
Pipedrive
Based on our legitimate interest in a flawlessly functioning online offer and its economic and efficient design and optimization according to Article 6 para. 1 (f) GDPR, we use the integrated hosting and marketing solution of Pipedrive OÜ, Mustamäe tee 3a, 10615 Tallinn, Estonia. More information about the data processing of Pipedrive can be found here https://www.pipedrive.com/en/privacy. A transparent listing of the offered features by Pipedrive can be found here https://www.pipedrive.com/de/features. We have also concluded a data processing contract with Pipedrive, according to which Pipedrive will only process your data on our behalf.
Pipedrive offers the following features:
- CMS (Content Management System for Websites and Blogs)
- Contact Forms
- Newsletter Software
- Tracking and Analysis
- CRM (Customer Relation Management)
Of these, we use the following features:
Pipedrive Hosting / CMS / CMR
We use Pipedrive for hosting our website. As any other hosting service, Pipedrive collects usage data. These are identified and non-identifiable data on the occasion of you accessing our website. These will either be made available to Pipedrive or automatically collected when you use Pipedrive services (“non-personal data”).
Non-personal data does not allow Pipedrive to find out the origin of the data. Non-personal data are technical information and usage information, for example the browsing and click stream behavior of visitors and users of services, session heat maps and scrolls as well as non-identifiable data about the user's or visitor's used device, operating system, browser, screen resolution, language and keyboard settings, internet provider, referral and exit pages, date/time stamp, etc.
As a hosting service, Pipedrive also collects data that can identify a person with manageable effort (“personal data”). This personal data generally consists of all data that you enter when using the website. These can be contact data (for example e-mail address or phone number), invoice data (name, billing address, payment method and bank connection), data regarding a browser or user session (IP address, geographic location and/or unique identification of the user's device), data regarding connected accounts of third parties (for example e-mail address or user name for a connected PayPal, Google or Facebook account), scanned identity papers sent to us (for example ID card, driving license, passport or company registration documents), and any other personal data.
Pipedrive also undertakes physical, electronic and procedural security measures to protect your personal data. Pipedrive has more information about this here.
Fonts
Google Fonts
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use Google Fonts, online font libraries provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google“), to display fonts on our website. External font libraries especially capable of an even, fast and secure presentation.
For the use of the online fonts, no cookies or other trackers are stored in your browser. The font files (CSS, fonts) are requested from the provider of the font libraries. But, as with any data transfer on the internet, your usage data like your IP address, the browser used, the website visited previously as well as your user behaviour will be transmitted to the provider of the fonts.
Google points out that all requests concerning the CSS and fonts are absolutely separated from all other Google services. They will not be attributed to your account and will only be stored by Google for a short time. Google uses the data only in pseudonymous form for statistical evaluations. You can find detailed information about Google Web Fonts at https://developers.google.com/fonts/faq.
By using Google Fonts, your data will be sent to Google servers in the USA and will be stored there. You can find more information about the use of your data by Google in the privacy policy of Google:
https://policies.google.com/privacy?hl=de&gl=de
Various
Zapier
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use Zapier, a service provided by Zapier Inc., 548 Market St #62411, San Francisco, California 94104, USA, in order to integrate different databases and tools. In the course of this, your customer information (but not your payment information) will be transmitted to Zapier.
When using this provider, it may happen that your data is transferred to the USA. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. This applies in particular since the US Presidential Decree of 07.10.2022.
For the handling of your data at Zapier, we refer you to the Privacy Policy of Zapier at https://zapier.com/privacy/.
Our Social Media Fan Page(s) - General Information
Beside our website, we also use fan page(s) on social media platforms. Above, we have already informed you about the data processing on our website and we have in particular made sure that the fact alone that you access our website is not yet forwarded to the social media platform. Following the ECJ ruling dated 5 June 2018 about social media presences, we want to inform you about the data processing during your visit to our social media fan page(s):
On the basis of our legitimate interest in a timely customer communication pursuant to Art. 6 para. 1 (f) GDPR as well as for advertising and public relations purposes, we present ourselves and our offers on social media fan page(s).
Our social media fan page(s) usually can be accessed online independently of you having a user account with the relevant platform or not. But in either case, your data will be processed by the social media platform.
Each time the social media platform is accessed, your IP address will be collected and stored. Usually, a cookie will also be placed on your page, which will save your visit and further data about your visit to the social media platform.
If you are logged in with the social media platform, your visit will also be spotted by a cookie or through other technological means and will be attributed to your user account. Thus, the social media platform is usually able to analyse your user behaviour. In this process, a user profile with your interests is generated, which the social media platform will use to provide you with a user experience tailored to your interests, in particular advertisement tailored to your interests within and outside of the social media platform – even across different devices, if applicable. Your data may also be used for market research. For the details, we refer you to the following privacy policies of the social media platform(s) used by us.
We can usually also use the data of the social media platform in order to allow you to use our fan page in accordance with your interests or to approach you with advertising.
When you interact with our fan page and if you are logged in with the relevant social media platform, according to the social media page's terms of use, we can usually also recognise your user profile and see your content.
If you do not want this, we point you to our explanations about cookies above, with general information about cookies and their deactivation. There, we have laid out in general terms how you can prevent or limit cookies being stored on your devices. Further information about the respective social media platform can be found hereinafter.
According to the aforementioned ECJ ruling dated 5 June 2018, we are always jointly responsible for our social media fan page(s) together with the relevant social media platform. This means that you may also exercise your general rights, which we have listed in detail above under the heading “Users' Rights”, against us. To that purpose, we refer you to our contact details at the beginning of this Privacy Policy. Please keep in mind, though, that we have no conclusive knowledge of the exact scope of the processing of your data by the social media platform and have even less influence on it. Therefore, we kindly ask you to contact the relevant social media platform in the first place regarding your rights.
We generally leave your data on the social media platform and do not import it onto our server. But if that should occur, our general information regarding the storage period will apply.
Further information about the processing of your data and the storage period on the social media platform can be found in the respective privacy policy of the social media platform, which we have listed hereinafter.
We present ourselves on the social media platform Facebook.
Joint Responsibility
Meta Platforms Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland
Contact
Contact Data Protection Officer
If you open our fan page on Facebook, your data will be forwarded to the USA.
Facebook has concluded an agreement with us https://www.facebook.com/legal/controller_addendum about our shared responsibility for processing the data, in which it recognises its primary responsibility and guarantees in particular that you can exercise your right to information, as described in the general part.
You may obtain more information from Facebook's privacy policy at: https://www.facebook.com/about/privacy. Your data will be forwarded by Facebook Ireland on the base of the standard contractual clauses to Facebook USA.
Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
Facebook also provides us with statistics as part of "Facebook Insights" for the purpose of targeted advertising. These are created without our participation and then provided to us. The data include information like interaction with our page, such as likes, page activities, video views, reach of our posts, comments, sharing of content, clicks on offers or further information on our fan page as well as statistical data about those interacting, such as gender, origin by country, city and language. The same applies to groups which we may manage.
When you are logged in, you can influence the processing of your data by Facebook considerably and in different ways.
Here you can make changes to your timeline, i.e. what can be seen about you and your page (while being logged in to facebook).
And you can change your advertisement preferences here.
We have a presence on the social media platform Instagram. Instagram is now owned by Facebook.
Jointly Responsible
Meta Platforms Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland.
Contact Data Protection Officer
Your data will be forwarded by Facebook Ireland on the base of the standard contractual clauses to Facebook USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
We have neither knowledge of, nor any influence on the possible collection and processing of your data by Facebook and Instagram. Further information can be found in Instagram's privacy policy at https://privacycenter.instagram.com/policy.
Instagram and Facebook also provide us with statistics as part of "Facebook Insights" for the purpose of targeted advertising. These are created without our participation and then provided to us. The data include information like interaction with our page, such as likes, page activities, video views, reach of our posts, comments, sharing of content, clicks on offers or further information on our fan page as well as statistical data about those interacting, such as gender, origin by country, city and language. The same applies to groups which we may manage.
When you are logged in, you can influence the processing of your data by Instagram considerably and in different ways.
Your content, i.e. what is visible of you and your profile, can be changed here: https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/.
We have a presence on the social media platform LinkedIn.
Jointly Responsible
LinkedIn Ireland Limited Company,
Wilton Place,
Dublin 2,
Ireland
Contact
If you open our profile on LinkedIn, your data may be forwarded to the USA.
However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.
Further information can be found in LinkedIn's privacy policy at
https://www.LinkedIn.com/legal/privacy-policy.
LinkedIn also provides us with statistics. These are created without our participation and then provided to us. The data will include interactions, for example, as well as statistical data.
When you are logged in, you can influence the processing of your data by LinkedIn considerably and in different ways.
For your privacy settings with LinkedIn, LinkedIn refers you to several options that you can read about in their privacy policy.
The LinkedIn advertising cookie can be turned off here (opt-out):
https://www.LinkedIn.com/psettings/guest-controls/retargeting-opt-out
X (Twitter)
We have a presence on the social media platform Twitter.
Jointly Responsible
Twitter International Company
Attn: Data Protection Officer
One Cumberland Place, Fenian Street
Dublin 2, D02 AX07 Ireland
Contact
When using this provider, it may happen that your data is transferred to the USA. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions. Further information can be found in the privacy policy of Twitter at https://twitter.com/privacy?lang=en.
Twitter also provides us with statistics. These are created without our participation and then provided to us. The data will include interactions, for example, as well as statistical data.
When you are logged in, you can influence the processing of your data by Twitter considerably and in different ways.
Here you can change your privacy settings on Twitter.
We have a presence on the social media platform Xing.
Jointly Responsible
NEW WORK SE,
Am Strandkai 1,
20457 Hamburg,
Germany
Phone: +49 40 419 131-0,
Fax: +49 40 419 131-11,
E-mail: info@xing.com.
Data Protection Officer:
Felix Lasse,
Am Strandkai 1,
20457 Hamburg,
Germany,
E-mail: Data Protection Officer@xing.com
We have neither knowledge of, nor any influence on the possible collection and processing of your data by Xing. Further information can be found in Xing's privacy policy at
https://privacy.xing.com/de/datenschutzerklaerung.
Xing also provides us with statistics. These are created without our participation and then provided to us. The data will include interactions, for example, as well as statistical data.
For your privacy settings with Xing, Xing refers you to several options that you can read about in their privacy policy.
YouTube
We have a presence on the social media platform YouTube.
Together with us, this is the entity responsible for your data:
YouTube LLC ,
901 Cherry Avenue,
San Bruno,
CA 94066
United States,
represented by
Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Irland
Contact
When using this provider, it may happen that your data is transferred to the USA. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.
Further information can be found in YouTube's privacy policy at https://policies.google.com/privacy .
YouTube also provides us with statistics. These are created without our participation and then provided to us. The data will include interactions, for example, as well as statistical data.
When you are logged in, you can influence the processing of your data by YouTube considerably and in different ways.
You can change your general privacy settings here.
And you can change your advertisement preferences here.
Mapbox
Washington750 15th St NWUnited Stateshttps://www.mapbox.com/legal/privacy
Sentry
Functional Software, Inc.d/b/a Sentry45 Fremont Street, 8thFloor,San Francisco, CA 94105https://sentry.io/security/
Stripe
If you choose one of the payment options of our payment provider Stripe (Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland), the data entered by you when ordering will be sent to Stripe in order to carry out the contractual payment. When Stripe is processing in-person payments at checkout and online payments, as well as processing payouts Stripe acts as a service provider on behalf of OpenForests (also called a "data processor"), i.e. Stripe processes your personal data in accordance with the data processing agreement Stripe and OpenForests entered into and Stripe acts in accordance with the lawful instructions of OpenForests. In such cases Stripe refers to you as “End Customersu201d.Whereas when you use one of Stripeu2019s end user services for your personal use, for example when you sign up for the Stripe service „Link“, you are a direct end user of Stripe based on a contractual relationship between you and Stripe. In such case Stripe is acting as a data controller according to Stripeu2018s data privacy declaration. In such cases Stripe refers to you as “End Usersu201d.In the course of the payment, the purchase data as date, time and number of transaction, bought goods or services, amount and currency as well as your name, your IP address, your device ID, order ID, the billing address and the payment data entered by you – credit card number, owner, validity (month and year) and CVC of the credit card bank account – will be transmitted to Stripe. Stripe can also use tax ID/status, unique customer identifier, identity information including government issued documents (e.g., national IDs, driveru2019s licences and passports) including facial recognition data as pictures (selfie) for verification of your identiy. Stripe will retain your personal information for as long as Stripe provides the payment services to you or to us, or for a period of time that Stripe reasonably expects to continue to provide the services. Even after Stripe stops providing services to you or to us, and even after you close your Stripe account or complete a transaction with us, Stripe may continue to retain your personal data in order to comply with legal and regulatory obligations or to enable fraud monitoring, detection and loss prevention activities, or to fulfill Stripeu2019s tax, accounting and financial reporting obligations, including where such retention is required by Stripeu2019s contractual arrangements with their financial partners (and where the retention of data is required by the payment methods you use).If you choose one of the payment options of Stripe you must be aware that Stripe collects and processes personal data, including identifying information about the devices that connect to its services. Stripe uses this information to operate and improve the services it provides to its business customers, like us, including for fraud detection and prevention. If you choose one of the payment options of Stripe you must furthermore be aware that your personal data can be transferred to Stripe Inc. in the United States and to Stripeu2019s affiliates and sub-processors including payment method providers (e.g., Visa Inc., Klarna Bank AB) and payment method acquirers (authorized by the payment method providers for certain authorisation and clearing transactions) which could be in non-European jurisdictions. Stripe Inc. complies with the U.S. Data Privacy Framework (“EU-U.S. DPFu201d), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce.Stripe may use cookies and similar technologies or the data you provide to OpenForests (e.g., when you enter your email address on our website) to recognize you and help you use Link when you visit our website. For more information on the use of cookies and similar technologies, please refer to Stripe's Cookie Policy.Detailed information about this can be found in the privacy policy of Stripe: Stripe Privacy Policy and Consumer Terms of Service and Stripe Privacy Center and Stripe Data Privacy Framework Policy The legal basis for passing on your data to Stripe is primarily the processing of your contractual data according to Art. 6 para. 1 (b) GDPR as well as our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR.
This is our current valid privacy policy from 03.10.2024