The following provides information on the processing of personal data when using our websites www.elo.com/de-de, www.elo.com/en-de, pages.elo.com and partner.elo.com (all referred to in the following as "website") and our platform services, which incorporate this Privacy Policy by reference. Personal data is all information referring to an identified or identifiable natural person (see Art. 4 No. 1 General Data Protection Regulation, "GDPR" in the following). This includes information such as your name, e-mail address, usage behavior, or postal address. Information that cannot be directly linked to your identity, such as the number of users of a website, is not considered personal information.
a) The controller as per Art. 4 Sec. 7 GDPR is:
ELO Digital Office GmbH
Tuebinger Str. 43
70178 Stuttgart
Germany
Tel.: +49 711 806089 - 0
dsb[at]elo.com
www.elo.com
b) Name and address of the data protection officer
Our data protection officer has been appointed for the head office in Stuttgart (ELO Digital Office GmbH) and is the person to contact for matters relating to the collection of personal data that are processed directly by ELO Digital Office GmbH, Tübinger Str. 43, 70178 Stuttgart, Germany. ELO Digital Office GmbH head office in Stuttgart is also responsible for the www.elo.com website in German, English, Spanish, Portuguese, and Dutch.
If you have any queries in this regard, please contact the data protection officer at dsb[at]elo.com. If the query relates to data that is not collected in Stuttgart, please contact the address above.
a) Scope of processing of personal data
We process your personal data only to the extent necessary to provide a functional website and for our content and services, and only data that are needed to carry out the stated purpose (principle of data minimization). Your personal data will only be processed if it constitutes a justified interest pursuant to Art. 6 GDPR or it is expressly allowed by law.
b) Data deletion and storage periods
Your personal data will be deleted or blocked as soon as the purpose for which it was collected and saved and the reason for the storage no longer applies, or if you request us to delete or block it. For more information, refer to the section on the rights of data subjects.
a) Processing personal data when visiting our website
When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information by entering data, we only collect the personal data your browser automatically transmits to our server via log files. The log files contain IP addresses or other data that enable a user to be identified. If you want to view our website, we collect the following personal data with the server log files:
b) Legal basis for data processing
The legal basis for temporary storage of data and log files is Art. 6 Sec. 1 f GDPR.
c) Purpose of data processing
Temporary storage of the IP address by the system is necessary in order to provide the website to your computer. The IP address has to remain stored over the duration of the session. It is stored in log files in order to ensure the functionality of the website. In addition, the data helps us optimize the website and ensure the security of our IT systems. In this context, the data is not analyzed for marketing purposes.
d) Retention period
The data are stored in log files for seven days. Data can also be stored beyond this period. In this case, user IP addresses are deleted or disguised so that it is no longer possible to associate them with the respective client.
e) Right to object and right to erasure
We are required to collect and store specific data in log files for the purpose of delivering the website and to ensure it works properly. While the user does not have the right to object to this, you will find other rights of data subjects at the end of this page.
We use cookies to store information that allows us to customize our site according to your individual interests and make our website more user-friendly. A cookie is a small piece of data that stores configuration information (e.g. language setting, logon credentials) on your end device.
The cookies used on the website may be broadly classified into strictly necessary cookies and optional cookies. The legal basis for collecting strictly necessary cookies (functional cookies) is Art. 6 (1) lit. f GDPR. We will not set optional cookies (e.g. tracking cookies) unless we have an active indication of your consent (via the cookie consent banner) in accordance with Art. 6 (1) lit. a GDPR.
For more information about the types of cookies, what they are used for, how long they are stored, and how you can block or delete them, click here.
a) Description and scope of processing
On our website or as part of prize draws or questionnaires, you have the option to subscribe to a free newsletter.
We also offer you the option to download different white papers and webinar recordings. Before you can download white papers, you need to register with us and sign up for the newsletter.
b) Legal basis for processing data
c) Tracking consent
Your explicit consent to tracking is required for the purpose of delivering newsletters tailored to your interests. With this consent, you agree to the creation of a personal user profile based on your data in order to better adapt the website and newsletter to products, services and market trends. Furthermore, you agree that your personal usage behavior on websites may be recorded through the use of cookies and tracking technology. You can revoke your consent to the creation of a personal user profile at any time by sending an e-mail to info[at]elo.com. You also have the option to revoke tracking consent by using the tracking unsubscribe link in each newsletter.
d) Purpose of processing data
e) Duration of storage
f) Right to object and right to erasure
You can revoke your consent to receive the newsletter at any time (by clicking on the link provided in each e-mail or writing to info[at]elo.com) and unsubscribe from the newsletter.
If your personal data is processed for our direct advertising efforts, you have the right to object to this at any time (e.g. by clicking the link provided in every e-mail or writing to info[at]elo.com); this also applies to profiling provided directly related to such direct advertising. Your rights as a data subject pursuant to Art. 12 GDPR, which you will find at the bottom of the page, also apply.
g) Use of Evalanche
We use Evalanche to send our newsletter. Evalanche will not pass on the data designated here to third parties. Evalanche is an analysis service of SC-Networks GmbH, Würmstraße 4, 82319 Starnberg. Evalanche uses cookies, which are text files placed on your computer to help the website analyze how you use the newsletter. The information generated by cookies about your use of the newsletter (including your IP address) is read and transmitted to a server in Germany.
a) Description and scope of processing data
On our website, we offer you the option to register for different events (webinars, trade fairs, conferences, the ELO Digital EXPO, etc.) by specifying your personal data. The personal data that you are required to provide for this purpose is entered to a form, transferred to us, and stored.
The following data may be collected for registration/subscription:
As part of the registration process, we request your consent to process this data.
b) Legal basis for data processing
Registration serves to fulfil a contract or to carry out pre-contractual duties that you are bound to by contract. The legal basis for processing data is Art. 6 para. 1 lit. b GDPR. Furthermore, we are entitled to process your personal data if you have given your consent in accordance with Art. 6 para. 1 lit. a GDPR.
c) Purpose of data processing
Your registration is mandatory to fulfil a contract or to carry out pre-contractual duties. The data collected is also required for planning, carrying out, and following up on the respective event as well as for optimizing our event offering, and sending information in this regard.
d) Retention period
The personal data will be processed as long as necessary to fulfill the purpose of the contract, and therefore as long as the contractual relationship exists (Art. 6 (1) GDPR). If the personal data is processed based on your consent, it will continue to be processed until you withdraw your consent. As soon as the purpose for which the personal data is collected no longer applies, it will be deleted.
When the contractual relationship is terminated, the data you have provided may be saved and thus processed in line with statutory retention obligations (Art. 6 (1) GDPR) or based on legitimate interest (Art. 6 (1) GDPR). Legitimate interest can result in particular if we have to defend ourselves against legal claims, assert our own legal claim, or would like to be in the position to verify the existence, contents, and scope as well as the enforceability of any claims (in such cases, the retention period is based on the maximum limitation period for the respective claims). After expiration of the statutory retention periods and/or if the legitimate interest is no longer valid, the transmitted data will be deleted.
e) Right to object and right to erasure
You have the right to object to processing at any time, to exercise your right to restrict the processing of personal data, or have it deleted. The processing of your personal data carried out up to that point remains unaffected. If data is required to fulfill a contract or carry out pre-contractual duties, it is only possible to delete data prematurely provided no contractual or legal obligations would disallow deletion. Your rights as a data subject pursuant to Art. 12 GDPR, which you will find at the bottom of the page, apply.
f) Transfer of data to third parties
When registering for some events, you can specify which ELO Business Partner has invited you to attend. However, this is not the case for every event. Accordingly, the following only applies if you have named the corresponding partner:
We transfer the data you enter in the corresponding form to the specified partner. The data is collected and transmitted for the purpose of helping the ELO Business Partner plan, carry out, and follow up on the respective event, specifically contract performance. The legal basis for processing data is Art. 6 para. 1 lit. f GDPR, i.e. the legitimate interest for the aforementioned reasons. The data is deleted once it is no longer required for the purpose it was collected or if you request its deletion in accordance with your rights as a data subject (for more details, see "Rights of data subjects" in this declaration).
When visiting digital expositions offered by ELO, ELO can transfer the contact data of the visitor to ELO Business Partners (exhibitors) or the local branch if appropriate, provided ELO complies with GDPR. "Appropriate" means the purpose is to best serve the visitor's interest to obtain information and to contact the visitor. The legal basis for processing personal data (transmission) is Art. 6 (1) lit. f GDPR (legitimate interest).
Use of the data by exhibitors
During the event, the following exhibitors will also be able to see which visitors have visited their virtual stand or attended a presentation as well as the data stored on these visitors (see a)), if the visitor has agreed to this data being passed on to the exhibitors or if this is appropriate. "Appropriate" means the purpose is to best serve the visitor's interest to obtain information. The legal basis for processing personal data (transmission) is Art. 6 (1) lit. f GDPR (legitimate interest). The named exhibitors shall only process data in accordance with the provisions of German and European data protection law. The regulations set forth in this declaration apply accordingly.
By registering, I agree to receive information about current products and services of the following exhibitors at the specified e-mail address. For this purpose, I consent to the contact data I provided as part of the registration process being passed on to these companies. Data is sent in accordance with our Privacy Policy. I can revoke my consent at any time by sending an e-mail to [info[at]elo.com], the contact address provided, or the named respective exhibitors.
Use of the data by processors or other responsible persons
In addition, we use hosting providers as well as IT and telecommunications providers to provide our services. We have a data processing relationship with these providers in accordance with Art. 28 GDPR.
Participants sign up for the webinar using the "GoToWebinar" service. To carry out this service, ELO sends your data to the operator LogMeIn, which ELO has commissioned to process data in line with GDPR. The legal basis for processing personal data is Art. 6 (1) lit. b GDPR (contract performance) in conjunction with Art. 6 (1) lit. f GDPR (legitimate interest). In addition, we use EXPO-IP GmbH as a service provider/processor for our Digital Expo and our other digital trade fairs. This company collects and processes data in order to plan, carry out, and follow up on the event (e.g. the Digital Expo). The data is deleted by ELO once it has been processed or whenever statutory requirements require it to be stored for a longer period.
Provided you exercise your rights as a data subject (see "Your rights as a data subject") under GDPR, we will forward your request to our processor as well. If you believe that your rights as a data subject have been violated by one of the other persons responsible, please contact them directly.
a) Description and scope of processing data
Our website contains a contact form that can be used to contact us. If you make use of this option, the data you enter to the form will be transmitted to us and, if applicable, sent to data processors commissioned by us and subsequently processed (for more details, see "Data processors"). The following data is collected:
i. Mandatory data: Company, first and last name, country, e-mail address, your request, and your message including the data provided with it
ii. Voluntary information: Postal address, town or city, postal code, telephone number
The following data are also stored at the time the message is sent: Your IP address, date and time of registration, website that the request originates from.
During the sending process, you will be asked for your consent to process this data and reference will be made to this Privacy Policy. Alternatively, you can contact us via the e-mail address provided. In this case, the personal data transferred with your e-mail address is stored. The data is only used to process the correspondence.
b) Legal basis for data processing
The legal basis for processing data is your agreement as per Art. 6 Sec. 1 a GDPR. The legal basis for processing data collected in the context of e-mail delivery is Art. 6 Sec. 1 f GDPR. If e-mail contact is made with the objective of concluding a contract, the legal basis for processing is Art. 6 Sec. 1 b GDPR.
c) Purpose of processing data
We process personal data from the form solely to process your reason for contacting us. Other data processed during delivery serve to prevent misuse of the contact form and ensure the security of our IT systems.
d) Retention period
The personal data entered to the contact form and sent by e-mail are deleted when the correspondence with the user has ended. The correspondence is considered ended when it can be assumed from the circumstances that the relevant matter has been resolved fully. The additional personal data collected as part of the delivery process is deleted within seven days.
e) Right to object and right to erasure
The user can revoke their consent to processing of personal data at any time, as well as assert their other rights as data subjects, which can be found at the end of this declaration.
The partner contact form:
On our website, you will find a contact form that you can use to contact an ELO Partner directly. If you use this function, the data you enter in the form, including your request, is transmitted to the ELO Partner via e-mail and stored. The selected ELO Partner is contacted via this form, meaning your data is sent to this partner. ELO receives a copy of this data, which is temporarily saved in our database. The legal basis for temporary storage of data is Art. 6 para. 1 lit. f GDPR. This data is processed for technical purposes, which serves to send a relevant e-mail to the partner. The data is deleted once it is no longer necessary to achieve the purpose for which it was collected, within seven days at the latest. Data may not be stored beyond this period. You will find your rights as a data subject at the bottom of the page.
Auf unserer Internetseite finden Sie ein Kontaktformular, welches für die elektronische Kontaktaufnahme zu einem ELO Partner genutzt werden kann. Nehmen Sie diese Möglichkeit wahr, so werden die in der Eingabemaske eingegeben Daten inkl. Anfrage an diesen ELO Partner per E-Mail übermittelt und gespeichert. Über dieses Kontaktformular wird der ausgewählte ELO Partner kontaktiert, sodass die Daten diesem Partner zugehen. Wir erhalten eine Kopie dieser Daten. Diese werden vorübergehend in unserer Datenbank gespeichert. Rechtsgrundlage für die vorübergehende Speicherung der Daten ist Art. 6 Abs. 1 lit. f DSGVO. Zweck der Datenverarbeitung ist technisch bedingt und dient dazu, die entsprechende E-Mail an den Partner auszulösen. Die Daten werden gelöscht, sobald sie für die Erreichung des Zweckes ihrer Erhebung nicht mehr erforderlich sind, spätestens jedoch nach 7 Tagen. Eine darüberhinausgehende Speicherung ist nicht möglich. Ihre Betroffenenrechte finden Sie am Ende dieser Erklärung.
Processor within the EU
In some cases, we employ external service providers (data processors) from the EU to process your data. These have been carefully selected by us, amongst other things to ensure that they meet the requirements for compliance with GDPR. This may be the case, for example, when you register for events, sign up for the newsletter, take part in promotions, competitions or otherwise contact us or submit support requests. To ensure that your personal data is processed correctly as per GDPR, we enter into corresponding data processing agreements with these providers, who guarantee that they implement appropriate technical organizational measures to ensure that your data is handled securely. Recipients of your data are mainly providers of e-mail, hosting, analysis tool, and platform services (http://account.elo.com) as well as the head office (technical support) and business partners.
If any of these data processors are located in another EU country, we have checked that they meet the requirements of Art. 28 and Art. 44 et seq. GDPR. In each case, we conclude a written contract with these data processors.
(1) Provided you would like to use our PartnerPortal (reserved for ELO sales partners and customers of the ELO ECM Suite products), you must register by specifying your e-mail address, a custom password, and a user name of your choice. Use of a real name is mandatory; anonymous accounts are not permitted. The data named above is mandatory; you can provide all other information on a voluntary basis while using our portal.
(2) If you use our portal, we save your data required to fulfill the contract until you delete your account permanently. Furthermore, we store the data you have provided voluntarily for as long as you use the portal, unless you delete it first. You can manage and change all information in the protected customer area. The legal basis is Art. 6 para. 1 sentence 1 lit. b and Art. 6 para. 1 lit. a GDPR.
(3) Your entire profile (exception: user name, position, company) is not visible to members of the portal. If you make content available to your personal contacts without sending it in a private message, this content can also be seen by other parties. If you upload posts to public groups, these can be viewed by all portal members who are logged on.
(4) To prevent third parties from gaining unauthorized access to your personal data, the connection is encrypted by means of TLS technology.
(1) We do not use social media plug-ins. Instead, we have integrated icons that link to the third-party provider of the respective social media platforms when clicked. ELO currently maintains a profile on the following social media platforms: Twitter, Xing, LinkedIn, YouTube, and Facebook. When you visit our website, no personal data is transferred to the third-party provider. If you click the icon, you will be redirected to the provider's website and the privacy provisions of the respective provider shall apply.
(2) To this extent, we have an influence on the data collected and processing of such data by using the services of the aforementioned providers and have a responsibility in that by integrating the icon, the user is able to find the ELO website on the respective social media platform, enabling the service provider to obtain data in this way. This limits our responsibility as ultimately you make an active decision to provide your consent to transmit the data via the link. The only information available to us about the scope of data collection, the purposes and form of processing as well as the retention periods is the official information of the provider that is accessible to everyone. We inform you about this in the following.
(3) The third-party provider can store the data collected on you as user profiles, and uses these for the purposes of advertising, market research, and/or to optimize the content of its website. This type of analysis is carried out in order to deliver individual advertisements and to notify other users of the social network of your activities on our website (including for users that are not logged on). Since you are the data subject as per GDPR, you have the right to object to the creation of these user profiles or storage of data as per GDPR. To exercise these rights, you must contact the respective third-party provider, as they have direct access to these data. You can access privacy notices regarding the use of our websites and the ELO Digital Office privacy policy via the links on our websites. These do not apply to your activities on the websites of social media networks. You can read the data protection regulations of these providers on their respective websites.
(4) We have our own social media pages on the third-party sites that can be accessed via links from this website. The links take you to the respective websites of the third-party providers (e.g. Facebook, Twitter, Xing, LinkedIn), and you can also share content that we publish. No data is transferred when you access our website. As soon as you access the third-party provider's website, the privacy policy of that provider and other declarations on the use of data shall also apply. We have no influence on this, but we recommend that you log out of the respective third-party provider's website before using a link. This ensures that no data are transferred that the third-party provider could use to create user profiles. To protect your data, we have deliberately only used links and have refrained from using additional third-party plug-ins.
Addresses of the respective plug-in providers and URLs to their privacy policies:
Data that we receive as a result of visits to our fan page on Facebook ("Page Insights Addendum")
a) Subject
Facebook provides ELO with Page Insights for the company website (referred to as "fan page"). Page Insights are aggregated data that can help ELO understand how users are engaging with the fan page.
Page Insights may be based on personal data collected in connection with a visit or interaction of users with the fan page and its content. The Court of Justice of the European Union (CJEU) has ruled that in such a case Facebook Ireland Limited ("Facebook Ireland") and the fan page operator (ELO) are jointly responsible (pursuant to Art. 26 GDPR) for the Insights Data.
This Page Insights Addendum sets out the main elements of the agreement on shared responsibility and related data processing. For more information, refer to https://www.facebook.com/legal/terms/information_about_page_insights_data
b) Responsibilities
Facebook Ireland takes primary responsibility pursuant to GDPR for processing Insights Data and agrees to comply with all obligations under GDPR with respect to processing Insights Data (including Art. 12 and 13, Art. 15 to 22, and Art. 32 to 34 GDPR). In addition, Facebook Ireland shall make the main elements of this Page Insights Addendum available to data subjects (you as a user) (see link above).
Responsibility for processing the data from the fan page itself lies with the controller named at the beginning of this declaration.
c) Legal basis
The legal basis for processing Insights data pursuant to GDPR is Art. 6 (1) lit. a GDPR. You can opt-out at any time in the settings for your ad preferences. To do so, use the following links: https://www.facebook.com/help/109378269482053 and http://www.youronlinechoices.com.
As a data subject within the meaning of GDPR, you also have other rights, which you will find at the bottom of this declaration. You can exercise these rights by contacting Facebook Ireland or ELO.
d) Processing activity and supervision
Facebook Ireland is solely responsible for taking and implementing decisions about processing Insights Data. Facebook Ireland decides in its sole discretion how to comply with its obligations under this Page Insights Addendum. ELO must agree that Facebook Ireland is the main establishment in the EU for processing Insights Data for all data controllers and acknowledges that the lead supervisory authority for this processing is the Irish Data Protection Commission.
Furthermore, Facebook Ireland remains solely responsible for processing personal data in connection with Page Insights other than that covered by the scope of this Page Insights Addendum. This Page Insights Addendum does not grant ELO any right to request the disclosure of personal data of Facebook users that is processed in connection with Facebook Products, including for Page Insights that are provided to ELO.
e) Contact
If ELO is contacted by data subjects or a supervisory authority under the GDPR with regard to processing Insights Data and the obligations assumed by Facebook Ireland under this Page Insights Addendum (“Requests”), ELO is required to forward all relevant information to Facebook Ireland. Facebook Ireland will answer Requests in accordance with its obligations. ELO is not authorized to act or answer on Facebook Ireland’s behalf.
Any claim, cause of action or dispute ELO has against Facebook Ireland that arises out of or relates to this Page Insights Addendum must be resolved exclusively in the courts of Ireland. This Page Insights Addendum, which was drawn up by Facebook Ireland, is also governed by Irish law.
f) Changes and validity of the version
Facebook Ireland may need to update the Page Insights Addendum from time to time. ELO has no influence on this and is accordingly required to comply with updates to the Page Insights Addendum.
If ELO finds any part of this Page Insights Addendum to be unenforceable, the remaining part will remain in full force and effect. If Facebook Ireland fails to enforce any part of this Page Insights Addendum, it will not be considered a waiver. Any amendment to the Page Insights Addendum or waiver must be submitted in writing by ELO and will not be effective until signed by Facebook Ireland in accordance with its Terms.
"The Friendly Captcha tool provided by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany, helps us prevent misuse of our forms and website campaigns by computer-generated bots or spam software, protecting both you and us. Accordingly, we have integrated the Friendly Captcha program code for contact forms and other uses. This allows your end device to establish a connection to the Friendly Captcha servers in order to create a task. Your end device solves the task, which takes up certain system resources, and sends the result to our web server. The server contacts the Friendly Captcha server via an interface and receives a response stating whether the end device solved the task correctly. Depending on the result, security rules can be applied to requests via our website so that they can be processed or rejected, for example.
Friendly Captcha uses cookies, which are text files placed or read out on your computer to help the website analyze how you use the newsletter. IP addresses are only stored as a hashed version (one-way encryption) and do not allow Friendly Captcha or us to draw conclusions about an individual person."
The legal basis for processing is our legitimate interest to protect our website against unauthorized access by bots, i.e. spam protection and protection against attacks (e.g. mass requests), Art. 6 (1) lit. f GDPR.
For more information on data protection when using Friendly Captcha, go to https://friendlycaptcha.com/legal/privacy-end-users/.
(1) This website uses the website analysis service "piwik". It is an open source program provided by sponsors for analysis of websites. "Piwik" uses cookies.
(2) "Piwik" delivers statistical analysis of user access to websites. These reports contain information about the search engines, search terms, and languages used, the location of visitors by country, the browsers and plug-ins used, the session duration, entry pages, exit pages, bounce rates, the IP address, etc.
(3) "Piwik" is a web analytics solution that does not store or share your data with third parties. In addition, ELO uses a plug-in that anonymizes your IP address.
(4) We host our solution on Microsoft Azure in Germany and the data is stored for 25 months.
(5) Purpose of processing data: Analytics and conversion tracking based on consent. Legal basis: Art. 6 (1)(a) GDPR.
This website uses the search technology service of the following provider: ELASTIC, 800 West El Camino Real, Suite 350, Mountain View, California 94040, USA.
The provider collects and stores certain user information (e.g. user/session ID) in anonymized form to deliver the search function for articles via the search field and for navigation and filters.
Any personal data processed in this context is done so pursuant to Art. 6 Para. 1 lit. f GDPR based on our legitimate interest to provide an error-tolerant search function and therefore to improve our offering.
In the event of data being transferred to the United States, the provider refers to the standard contractual clauses of the European Commission and its adequacy decisions on certain countries, which are intended to ensure compliance with data protection law at the European level.
Our website uses the Insight tag from LinkedIn Ireland Unlimited Company, Wilton Plaza, Dublin 2, Ireland (“LinkedIn”).
LinkedIn collects the following data from the cookie set in your web browser: IP address, Equipment and browser properties, Page events such as the time a page is opened or clicks.
LinkedIn uses this data to recognize if you have selected a link in LinkedIn that takes you to our website.
LinkedIn does not share any personal information with us, it only forwards anonymized or aggregated reports to us about website target groups, with information about professional key data (i.e. career level, company size, country, location, industry, and professional titles) and the display performance, among other things. You can find further details about the data LinkedIn processes in the LinkedIn Privacy Policy here www.linkedin.com/legal/privacy-policy.
Your data is only processed on our website with your consent, in accordance with Art. 6 Para. 1 a GDPR. You can withdraw your consent at any time. LinkedIn members can also adjust the use of their personal data for advertising purposes in their account settings in LinkedIn.
Data is collected and saved on our website using technology from Bing Ads. These are used to create user profiles using pseudonyms. This service is provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. It enables us to track the activities of users on our website if they have been directed to our website via advertisements from Bing Ads. If you access our website through such advertisements, a cookie is stored on your computer. A BING UET tag is integrated into our website. This is a code that is used in connection with the cookie to store some non-personal data about the use of our website. This includes the time spent on the website, the areas of the website that are visited, and the advertisement through which the user reaches the website. No information is recorded about your identity.
The information recorded is transferred to Microsoft servers in the USA and generally stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and relating to your use of the website as well as the processing of this data by deactivating cookies. This may limit the functionality of the website.
Microsoft may also track your usage behavior across several of your electronic devices using Cross Device Tracking, allowing it to show you personalized advertisements on Microsoft websites and apps. You can deactivate this under choice.microsoft.com/en-us/opt-out.
You can find more information about Bing analysis services on the Bing Ads website ( help.bingads.microsoft.com ). You can read more about data protection at Microsoft and Bing in the Microsoft Privacy Statement ( privacy.microsoft.com/en-us/privacystatement ).
Our website uses the SalesViewer® technology from the company SalesViewer GmbH.
SalesViewer® records the following data:
A JavaScript-based code is used for this, which collects the company-related data and its associated use. Data collected using this technology is encrypted via a one-way function that cannot be back-calculated (hashtag). The data is immediately pseudonymized and cannot be used to personally identify visitors to the website. The data is collected and stored for marketing, market research, and optimization purposes, on the basis of the authorized interests of the website operator (article 6 para. 1. (f) GDPR). The data saved by SalesViewer is deleted as soon as it is no longer required for its intended purpose and provided its deletion does not conflict with any regulatory retention obligations. You can opt out of data collection and storage at any time with future effect via www.salesviewer.com/opt-out, to prevent SalesViewer from recording data in the future.
Provided your personal data is processed, you are considered the data subject as per GDPR and are entitled to the rights listed below with regard to the controller.
Right of access
You can demand a confirmation of whether personal data related to you is processed. Should this be the case, you can demand the following information:
(1) The purposes for which the personal data is processed;
(2) The categories of the personal data processed;
(3) The recipients/categories of recipients receiving the personal data related to you;
(4) The planned storage period for the personal data related to you or, if no concrete information is possible, criteria for determining the storage period;
(5) Existence of a right to rectification or erasure of the personal data related to you, a right to restrict processing by the controller, or a right to object to this processing;
(6) The existence of a right to appeal to the authorities.
(7) All available information on the origin of the data if the personal data is not collected from the associated individual;
(8) The existence of automated decision-making, including profiling, as per Art. 22 Sec. 1 and 4 GDPR and – at least in these cases – meaningful information on the logic involved as well as the reach and target effect of such processing for the individual concerned.
You have the right to be informed of whether the personal data related to you is transmitted to a third country or an international organization. In this context, you can request to be informed of appropriate safeguards as per Art. 46 GDPR in conjunction with the transmission of your data.
Right to rectification
You have the right to rectification and/or completion provided the processed personal data related to you is incorrect or incomplete. The controller must promptly rectify the issue.
Right to restrict processing
You can exercise your right to restrict processing of the personal data related to you provided the following conditions are met:
(1) If you dispute the accuracy of the personal data related to you for a period that enables the controller to verify the accuracy of the data;
(2) Processing is wrongful and you reject the deletion of your personal data, instead exercising your right to restrict the use of your personal data;
(3) The controller no longer requires the personal data for processing, but you need it to assert, exercise, or defend legal claims.
(4) If you have exercised your right to object to processing as per Art. 21 Sec. 1 GDPR and it has not been determined whether the legitimate interest of the controller outweighs your interest.
If processing of the personal data related to you has been restricted, this data may only be processed (besides storage) with your express consent or to assert, exercise, or defend legal claims, or to protect the rights of other natural or legal persons, or for reasons of an important public interest of the European Union or a member state.
If restriction of processing was lifted based on the requirements above, you will be notified by the controller before this restriction is lifted.
Right to erasure
a) Obligation of erasure
You can request that the controller delete any personal data related to you immediately. The controller is required to delete this data provided one of the following reasons applies:
(1) The personal data related to you is no longer needed for the purpose for which it was collected or processed in any other way.
(2) You withdraw your consent for processing based on Art. 6 Sec. 1 a or Art. 9 Sec. 2 a GDPR and there is no other legal basis for processing.
(3) As per Art. 21 Sec. 1 GDPR, you object to processing and there are no overriding legitimate grounds for processing; or, you object to processing as per Art. 21 Sec. 2 GDPR.
(4) The personal data related to you was processed unlawfully.
(5) Deletion of the personal data related to you is required to fulfil an obligation by EU law or law of member states to which the controller is subject.
(6) The personal data related to you was collected as per Art. 8 Sec. 1 GDPR with regard to the services offered by the information company.
b) Information to third parties
If the controller has published your personal data and is obligated to delete this data as per Art. 17 Sec. 1 GDPR, the controller shall take suitable measures taking into account the available technology and implementation costs, including those of a technical nature, to inform the party responsible for processing the personal data that you as data subject have requested the deletion of all links to this personal data or of copies or replications of this personal data.
c) Exceptions
The right to erasure does not apply if processing is required
(1) to exercise the right to free expression of opinion and information;
(2) to meet a legal obligation requiring processing in accordance with the law of the European Union or a member state to which the controller is subject, or to carry out a duty in the public interest or in exercising official authority assigned to the controller;
(3) for reasons of public interest in the area of public health as per Art. 9 Sec. 2 h as well as Art. 9 Sec. 3 GDPR;
(4) for archiving purposes in the public interest, economic or historical research purposes, or for statistical purposes as per Art. 89 Sec. 1 GDPR provided that the right named in a) is not expected to render attainment of the objectives of this agreement impossible or have a serious negative effect, or
(5) to assert, exercise, or defend legal claims.
Right to be informed
If you have exercised your right to rectification, erasure, or to restrict processing vis-à-vis the controller, the controller is obligated to notify all recipients to which your personal data was disclosed of rectification or deletion of the data, or restriction to its processing, unless this proves to be impossible or requires a disproportional amount of effort. You have the right to be informed of these recipients by the controller.
Right to data portability
You have the right to receive the personal data related to you that you have provided to the controller in a structured, commonly used, machine-readable format. In addition, you have the right to pass on this data to another controller without interference of the controller to which you have provided the personal data, provided
(1) processing is based on consent as per Art. 6 Sec. 1 a GDPR or Art. 9 Sec. 2 a GDPR, or on a contract as per Art. 6 Sec. 1 b GDPR and
(2) processing is carried out by automated processes.
In exercising this right, you also have the right to demand your personal data be transferred directly from one controller to another controller, provided this is technically feasible. This must not negatively affect the freedoms and rights of other individuals.
The right to data portability does not apply to processing of personal data required or to carry out a duty in the public interest or in exercising official authority assigned to the controller.
Right to object
You have the right to object to the processing of your personal data based on Art. 6 Sec. 1 e or f GDPR for reasons resulting from your particular situation at any time; this also applies to profiling based on these provisions.
The controller no longer processes your personal data unless the controller can provide compelling legitimate reasons that outweigh your interests, rights, and freedoms, or processing serves to assert, exercise, or defend legal claims.
If the personal data related to you is processed to carry out direct advertising, you have the right to object to the processing of your personal data for the purpose of such advertising at any time; this also applies to profiling provided directly related to such direct advertising.
If you object to processing for purposes of direct advertising, your personal data will no longer be processed for this purpose.
You have the option to exercise your right to object by means of an automated process which uses technical specifications in connection with the use of services provided by the information society, directive 2002/58/EC notwithstanding.
Right to withdraw consent to use of data
You have the right to withdraw your consent to the use of your data at any time. Withdrawing your consent does not affect the lawfulness of the processing taking place based on your consent up to withdrawal.
Automated decision including profiling in individual cases
You have the right to not be subjected to a decision based solely on automated processing, including profiling, that has a legal effect on you or affects you significantly in a similar manner. This does not apply if the decision
(1) is required to conclude or fulfil a contract between you and the controller,
(2) is permissible based on provisions of the European Union or a member state to which the controller is subject and these provisions contain suitable measures to protect your rights and freedoms as well as your legitimate interests, or
(3) is carried out with your express permission.
However, these decisions shall not be based on special categories of personal data as per Art. 9 Sec. 1 GDPR provided Art. 9 Sec. 2 a GDPR applies and suitable measures have been taken to protect your rights and freedoms as well as your legitimate interests.
With regard to the cases named in (1) and (3), the controller shall take appropriate measures to ensure your rights and freedoms as well as your legitimate interests, including at least the right to request an individual on the side of the controller to intervene, to present your own position, and to contest the decision.
Right to appeal to the authorities
Notwithstanding any other administrative or judicial decision, you have the right to appeal to the authorities, especially in the member state where you are located, of your workplace, or of the location of the alleged violation if you believe that the processing of your personal data is in violation of GDPR.
The authority receiving the appeal shall inform the appealing party of the status and result of the appeal, including the option for a legal decision as per Art. 78 GDPR.
We reserve the right to change the policy at any time subject to data privacy regulations.
If you have any questions, requests, or complaints related to data privacy, please contact us at the address named in item 2.
Version: July 2022
