Privacy Policy

Data Privacy Policy UNMTCHD

We take the protection of your personal data very seriously. Therefore, we treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

When you use this website, personal data is collected and processed. This privacy policy explains what kind of data we collect, how we use it, and the purposes for which it is collected and/or processed. It also explains how and for what purpose this is done, and what rights you have.

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us. You can recognize an encrypted connection by the change in the browser’s address line from “http://” to “https://” and by the lock symbol in your browser’s address bar. When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Due to the nature of the internet, data transmissions, including emails, can have security vulnerabilities, making complete protection against unauthorized access by third parties impossible.

 

  1. DATA CONTROLLER

The responsible entity for data processing on this website is:

Oana Leonte

An den Hausäckern 15

91469 Hagenbüchach

E-mail: contact@theunmtched.com

Phone: +49 (0) 1732199406

The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

 

  1. GENERAL INFORMATION ON DATA PROCESSING ON UNMTCHED

Definition of “Personal Data”

Personal data refers to any and all information that can be used to personally identify you. For detailed information on data protection please consult our privacy policy below.

Processing of Your Data When Visiting Our Website

We process personal data when you visit our website when you share it with us, e.g. data you enter in our contact forms. The processing of personal data from our users generally takes place only with the user’s consent. An exception applies in cases where obtaining prior consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.

Other personal data is collected automatically by our IT systems or with your consent when you visit the website. This primarily includes technical data (e.g., IP address, type and version of internet browser, operating system and platform, URL, or the time of the site access). 

Purposes for processing your data

We process personal data of users of our website to provide a functional website, our content and services. Other data is processed to analyze your user activity and patterns.

Analytics tools and other third-party tools

We use analytics tools and other tools provided by third parties. These tools may analyze your browsing patterns statistically when your visit this website. For detailed information about these analytics tools please consult our Data Privacy Policy below. 

Recipients of Data and transfer to the U.S. 

We use third party service providers, and in some cases personal data is disclosed to these third parties, if needed for contract fulfillment, if we are legally obligated to do so (e.g., disclosure to tax authorities), if we have a legitimate interest pursuant to Art. 6 (1)(f) GDPR, or if another legal basis permits the disclosure of this data. When using processors, we only disclose personal data based on a data processing agreement, or where we are jointly responsible with a third party, based on a joint processing agreement. 

We use tools from companies in third-party countries that do not meet EU data protection standards, including US companies that aren’t certified under the EU-US Data Privacy Framework (DPF). This means your personal data may be transferred and processed in these countries, where data protection may not be equivalent to EU standards. Data can only be shared with external parties for contract fulfillment, legal obligations, or legitimate interests, based on valid agreements for data processing. More details on data recipients can be found in this Privacy Policy.

Legal Basis for Processing

If you have consented to data processing, we process your personal data based on the legal basis of Art. 6(1)(a) of the GDPR. If the processing of your personal data is necessary for the fulfillment of a contract with you or for pre-contractual measures, the legal basis for the processing is Art. 6(1)(b) GDPR. In cases where the processing of personal data is necessary to fulfill a legal obligation to which we are subject, the legal basis for processing is Art. 6(1)(c) GDPR. For the protection of a legitimate interest of our company or a third party, and if the interests, fundamental rights, and freedoms of the data subject do not override the first-mentioned interest, we process data based on Art. 6(1)(f) GDPR.

Retention Period and Data Deletion

Unless otherwise specified in this privacy policy, your personal data will be deleted once the purpose for processing has been fulfilled. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we are legally permitted to retain your personal data for other reasons (e.g., tax or commercial retention periods); in such cases, deletion will occur once these reasons no longer apply.

Your Rights

If your personal data is processed, you have the following rights under the GDPR:

  • Right to Access, Rectification, and Erasure: You have the right to request free information about your stored personal data, its origin, recipients, and the purpose of processing. You also have the right to request rectification or erasure of your data.
  • Right to Restrict Processing: You have the right to request the restriction of processing under certain conditions: 

– When you dispute the accuracy of your data, you have the right to restrict processing while we verify it.

– If the processing is unlawful, you can request a restriction instead of erasure.

If we no longer need your data but you need it to assert legal claims, you can demand restrictions.

– If you have raised an objection to processing, you can demand restrictions until your interests and ours are assessed.

If your data processing has been restricted, it may only be processed with your consent or for legal claims, protecting others’ rights, or for significant public interest reasons.

  • Right to Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format, and to transfer it to another controller if technically feasible. This right 
  • Right to Object: If data processing is based on Art. 6(1)(e) or (f) GDPR, i.e. on legitimate interests or for direct marketing purposes, you can object at any time due to your unique situation, including profiling. We will cease processing unless we can demonstrate compelling legitimate grounds. For direct marketing, you may object to such processing, and we will stop using your data for that purpose.
  • Right to Revoke Consent: You may revoke your consent to data processing at any time with effect for the future, however without affecting the legality of prior processing.
  • Right to Lodge a Complaint: You have the right to file a complaint with a supervisory authority if you believe your data protection rights have been violated.

 

  1. HOSTING 

This website is hosted externally by GoDaddy Web Hosting, a hosting service provided by GoDaddy.com LLC, 2155 E. GoDaddy Way, Tempe, AZ 85284, USA (“GoDaddy”)

Personal data collected on our website is stored on the servers of GoDaddy in the United States. This may include, but is not limited to, IP-address, metadata, communications, contract information, contact information and requests, names, data related to site access, and other data provided on or generated through the website. 

The use of GoDaddy serves the purpose to fulfill the contracts with our existing and potential customers (Art. 6 (1)(b) GDPR) and based on our legitimate interest in providing a reliable, efficient, secure and fast website, in accordance with Art. 6(1)(f) GDPR.
If your consent has been obtained, the processing of your personal data is exclusively based on Art. 6(1)(a) GDPR and § 25(1) TTDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TTDDG. Such consent can be revoked at any time. 

GoDaddy is certified under the “EU-US Data Privacy Framework” (DPF), an agreement between the European Union and the USA designed to ensure compliance with European data protection standards during data processing in the USA. Companies certified under this framework must adhere to these standards. For further information on GoDaddy’s DPF certification, please visit: https://www.dataprivacyframework.gov/participant/4957.

For details, please refer to GoDaddy’s privacy policy: GoDaddy Privacy Policy

Data Processing Agreement

We have concluded a data processing agreement (DPA) with GoDaddy for the use of the aforementioned service. The DPA is a contract required under data protection laws, ensuring that the hosting provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the legal requirements of the GDPR.

 

  1. CONTENT DELIVERY NETWORKS (CDN)

This website uses Cloudflare content delivery network, provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (“Cloudflare”).

Cloudflare’s content delivery network (CDN) with DNS operates globally. This means that any data exchanged between your browser and our website is routed through Cloudflare’s network. This setup allows Cloudflare to analyze the data traffic between your browser and our website and act as a protective layer, filtering out potentially harmful internet traffic before it reaches our servers.

In doing so, Cloudflare may use cookies or other technologies to identify internet users, but only for the purpose outlined here.

Our use of Cloudflare is based on our legitimate interest in ensuring that our website operates securely and error-free (Art. 6(1)(f) GDPR). Data transfers to the United States are carried out under the European Commission’s Standard Contractual Clauses (SCC). For more information on Cloudflare’s security practices and data protection measures, please refer to their privacy policy: https://www.cloudflare.com/privacypolicy/.

Cloudflare is certified under the “EU-US Data Privacy Framework” (DPF), an agreement between the European Union and the USA designed to ensure compliance with European data protection standards during data processing in the USA. Companies certified under this framework must adhere to these standards. For further information on Cloudflare’s DPF certification, please visit: https://www.dataprivacyframework.gov/participant/5666.

Data Processing Agreement 

We have entered into a Data Processing Agreement (DPA) with Cloudflare. This contract, required by data privacy laws, ensures that Cloudflare processes personal data from our website visitors only according to our instructions and in full compliance with GDPR.

 

  1. PROCESSING ON THIS WEBSITE

Cookies

Our website uses cookies. Cookies are small text files that are either temporarily stored for the duration of a session (session cookies) or stored permanently on your device (persistent cookies). Session cookies are automatically deleted at the end of your visit while persistent cookies remain on your device until you delete them or they are automatically removed by your web browser.

Cookies may originate from us (first-party cookies) or from third-party providers offering services integrated into our website (third-party cookies).

 

Cookies serve different functions. The use of technically necessary cookies simplifies the usage of our website since they enable certain functionalities that would not be available without cookies, e.g. the display of videos. 

Other cookies have the purpose to analyze user behavior or are used for promotional purposes.

During your visit to our website, the following data may be collected:

  • Pages you visit and your ‘click path’
  • Your user behavior (e.g., clicks, time spent on site, bounce rates)
  • Achievement of ‘website goals’ (conversions)
  • Your approximate location (region)
  • Your IP address (in truncated form)
  • Technical information about your browser and devices (e.g., language settings, screen resolution)
  • Your internet service provider
  • The referrer URL (the website or advertisement through which you arrived at our website)

Cookies which are necessary for the performance of electronic communication transactions, the provision of certain functions for our users, and the optimization of our website are stored based on Article 6(1)(f) GDPR, unless another legal basis for the storage is explicitly provided. We have a legitimate interest storing of necessary cookies to ensure the technically error-free  and optimized provision of our website and services. 

If your consent has been requested for the storage of cookies and similar recognition technologies, processing is based solely on this consent (Article 6(1)(a) GDPR and Section 25(1) TDDDG). Consent can be revoked at any time.

In order to control the use of cookies, you can adjust your internet browser settings and disable or restrict the transmission of cookies. This allows you to be informed when cookies are being set, allow cookies on a case-by-case basis, or exclude the acceptance of cookies for specific cases or entirely. You can also set your browser to delete cookies automatically each time you close it. Cookies that are already stored can be deleted at any time, either manually or automatically.
If you deactivate cookies on our website, you may not be able to use the website or its functionalities fully.

The cookies we use can be found in this privacy policy.

 

Consent with Usercentrics 

Our website uses Usercentrics’ cookie consent technology  to obtain your consent for the storage of certain cookies on your device and for the use of certain technologies, and to document this consent in compliance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 München, Germany (“Usercentrics”). 

When you visit our website, the following personal data will be transmitted to Usercentrics:

  • Your consent declaration(s) or any revocation(s) of consent
  • Your IP address
  • Your geolocation
  • Information about your browser
  • Information about your device
  • date and time of your visit

Usercentrics also stores a cookie in your browser to link your consent declaration(s) or revocation(s). This data will be retained until you request its deletion, delete the Usercentrics cookie, or the purpose for retaining the data no longer applies. Mandatory legal retention periods remain unaffected.

Usercentrics uses cookies to capture consent declarations as required by law. The legal basis for the use of this technology is Article 6(1)(c) GDPR.

Data Processing Agreement 

We have entered into a Data Processing Agreement (DPA) with Usercentrics. This contract, required by data privacy laws, ensures that Usercentrics processes personal data from our website visitors only according to our instructions and in full compliance with GDPR.

 

Server Log Files
The website provider automatically collects and stores information in server log files, which your browser transmits to us. This information includes:

  • The browser type and version
  • The operating system used
  • The referrer URL
  • The hostname of the accessing device
  • The time of the server request
  • The IP address

This data is not combined with other data sources. The collection of this data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in ensuring the technical functionality and optimization of the website. To achieve this, the recording of server log files is essential.

Contact Form

When you contact us using the contact form, the data you provide, including your contact details and any personal data resulting from your inquiry, will be stored and processed by us for the purpose of handling your request and for follow-up inquiries. This data will not be shared with third parties without your consent.

We process your personal data obtained in connection with the contact form based on  Article 6(1)(b) GDPR, provided your inquiry is related to the performance of a contract or is necessary for pre-contractual measures.
In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if requested; consent can be revoked at any time.

The data you provide in a contact form will be retained until you request its deletion, revoke your consent for storage, or the purpose for which it was collected no longer applies (i.e., after your inquiry has been resolved). Mandatory legal provisions, particularly retention periods, remain unaffected.

Inquiries by telephone or e-mail

When you contact us by email or phone, we will store and process your inquiry along with any personal data provided (e.g., name, contact details, request to address your inquiry and any follow-up questions. This data will not be shared with third parties without your consent.

We process your data in accordance with Article 6(1)(b) GDPR when your inquiry relates to contract performance or is necessary for pre-contractual measures.
For other inquiries, we process your data based on our legitimate interest in the effectively managing inquiries (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) when applicable; consent can be revoked at any time.

The data you provide in an inquiry will be retained until you request its deletion, revoke your consent for storage, or the purpose for which it was collected no longer applies (i.e., after your inquiry has been resolved). Mandatory legal provisions, particularly retention periods, remain unaffected.

Gravatar

Our website uses Gravatar, provided by Automattic Inc., located at 60 29th Street #343, San Francisco, CA 94110, USA (“Gravatar”).

Gravatar is a service that lets users associate personal images (avatars) with their profiles. These avatars appear whenever users interact with the platform, such as in forums or chats, based on the choices linked to their email addresses. This feature personalizes the online experience and streamlines user identification

When you comment or interact on our website with Gravatar enabled, the hash of your email address (used as an ID) is processed by Gravatar.

Our use of Gravatar is based on our legitimate interest in presenting an appealing and engaging experience, in line with Article 6(1)(f) GDPR. If corresponding consent has been obtained, the processing is carried out exclusively under Article 6(1)(a) GDPR and § 25(1) TDDG. This consent may be revoked at any time.

For more information, please refer to Gravatar’s privacy policy: https://automattic.com/privacy/

Gravatar is certified under the “EU-US Data Privacy Framework” (DPF), an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the US. All companies certified under the DPF are required to adhere to these standards. For further details, please visit: https://www.dataprivacyframework.gov/participant/4709

Data Processing Agreement 

We have entered into a Data Processing Agreement (DPA) with Gravatar. This contract, required by data privacy laws, ensures that Usercentrics processes personal data from our website visitors only according to our instructions and in full compliance with GDPR.

 

Registration function 

You have the option to register on this website to access additional features and services. 

We process data submitted during registration exclusively for the purpose of providing the specific features and services for which you have registered. Note that complete and accurate submission of all mandatory registration fields is a prerequisite for successful registration and we retain the right to reject registrations which don’t fulfil these requirements. 

We will utilize the email address provided during registration to communicate material changes to our service offerings and technical updates.

The processing of registration data is based on your consent in accordance with Article 6(1)(a) GDPR.

We retain your registration data for the duration of your active account on this website. Upon account termination, your data will be deleted, subject to any statutory retention requirements mandated by applicable law

 

  1. PLUG-INS

Google Fonts (Local Hosting)
We utilize Google Fonts on our website to ensure a uniform display of fonts. These fonts are provided by Google but are installed locally, which means that no connection to Google servers is required when accessing our website.
For further information about Google Fonts, please refer to the Google Fonts FAQ and to Google’s privacy policy: https://policies.google.com/privacy?hl=en.

data processing in the USA will take place on the basis of the standard data protection clauses pursuant to Art. 46 (2) lit. c GDPR. 

 

Spotify

Our website incorporates features from the Spotify music platform, provided by Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden. Spotify plug-ins can be recognized by the green logo. 

When you visit a page on our website with a Spotify plug-in, a direct connection to Spotify’s servers is established, allowing Spotify to receive information, including your IP address and indicating that you have visited our website. If you are logged into your Spotify account and interact with the plug-in (e.g., by clicking the Spotify button), you can link content from our website to your Spotify profile and your visit can be linked to your Spotify account.

Please note, Spotify may use Google Analytics cookies during your interaction with the platform, and your data may be shared with Google. We have no control over this data processing by Spotify.

Data processing related to Spotify is based on our legitimate interest in providing content and enhancing the acoustic experience on our site (Art. 6(1)(f) GDPR). If you have provided consent, the processing is exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDDG for the storage of cookies or access to device information (e.g., device fingerprinting). Consent can be revoked at any time.

For further details, please refer to Spotify’s Privacy Policy: https://www.spotify.com/us/legal/privacy-policy/.

If you wish to prevent Spotify from linking your visit to our site with your Spotify account, please log out of your Spotify account before interacting with our website.

 

Youtube with Enhanced Data Protection Integration

Our website features videos from YouTube, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 

When you access a page containing embedded YouTube content, a connection to YouTube’s servers is established, allowing YouTube to identify which of our pages you visited. If you are logged into your YouTube account, your browsing behavior may be linked directly to your profile. You can prevent this by logging out of your YouTube account.

We use YouTube in an enhanced data protection mode, which according to YouTube, does not personalize browsing or ads. This mode does not set cookies but may store local storage elements that can recognize users similarly to cookies. 

Activating a YouTube video may initiate additional data processing activities over which we have no control. 

Our use of YouTube is based on our legitimate interest in presenting our content attractively, as per Art. 6(1)(f) GDPR. If consent has been obtained, processing will occur solely under Art. 6(1)(a) GDPR and § 25(1) TDDDG, particularly if it includes cookie storage or access to device information. You may revoke your consent at any time.

For information on YouTube’s data handling practices, please refer to the YouTube Privacy Policy: https://policies.google.com/privacy?hl=en

Google is certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards for data processing in the U.S. More information can be found at https://www.dataprivacyframework.gov/participant/5780.

 

Ninja Firewall (Website Security)

Our website implements Ninja Firewall, provided by NinTechNet Limited, Unit 1603, 16th Floor, The L. Plaza 367 – 375 Queen‘s Road Central Sheung Wan, Hong Kong (“Ninja Firewall”) for cybersecurity purposes.

Ninja firewall processes technical data including IP addresses, HTTP requests, referrer information, and access timestamps to protect against unauthorized access and malicious attacks. All data processing occurs locally on our servers, with no transmission to the service provider or third parties.

Ninja Firewall is a security measure used based on our legitimate interest in maintaining optimal website security against cyber threats, pursuant to Article 6(1)(f) GDPR.

 

  1. SOCIAL MEDIA

Facebook

Our website includes features from the social network Facebook, provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. 

When you visit a page on our website containing a Facebook plug-in (e.g., the Like button), a direct connection between your device and Facebook’s servers is established. This allows Facebook to receive information about your visit, including your IP address. If you’re logged into your Facebook account and click the Facebook Like button, you can link content of this website to your Facebook profile, and Facebook can associate your visit to our website with your Facebook account. 

Facebook transfers data to the U.S. and other third countries and we do not receive details on the data Facebook collects or how it is used by Facebook. For more information about how Facebook handles data, please refer to Facebook’s Privacy Policy: https://www.facebook.com/privacy/explanation.

Data processing in this context is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDG, which you can revoke at any time.

For any personal data collected on our website by Facebook features which is shared with Facebook, we and Meta Platforms Ireland Limited are jointly responsible (so-called joint controllers) under Art. 26 GDPR. This joint responsibility is limited to the collection of data on this website and the forwarding of it to Facebook; any further processing by Facebook is beyond our control and not subject to joint-controllership. 

Our joint responsibilities are outlined in the agreement available here: Facebook Joint Controller Addendum. Under this agreement it is our responsibility to provide all necessary privacy information concerning the use of the Facebook feature on our website and ensuring their privacy-compliant implementation on our website. Facebook remains responsible for the data security of its products. 

You may exercise your data rights (e.g., access or deletion requests) directly with Facebook. If you contact us, we will forward your request to Facebook.

Data transfers to the U.S. are governed by the Standard Contractual Clauses (SCC) of the European Commission For details, please refer to:
https://www.facebook.com/legal/EU_data_transfer_addendum ,

https://de-de.facebook.com/help/566994660333381

https://www.facebook.com/policy.php.

Facebook is certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards for data processing in the U.S. More information can be found at https://www.dataprivacyframework.gov/participant/4452.

 

X

Our website uses features from the social media platform X (formerly Twitter), operated by X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. For users outside the United States, data processing is managed by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

When you visit a page on our website with an X plug-in, a direct connection is established between your device and X’s servers, allowing X to receive information about your visit. If you interact with features like the “Repost” or “Re-Tweet” function, your activity may be linked to your X account and shared with other users. We do not have access to the content or use of the data transferred to X. For further details on how X handles data, please refer to X’s Privacy Policy: https://x.com/en/privacy.

Data processing to this regard is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TDDG, which you can revoke at any time.

You can adjust your privacy settings on X under your account settings at https://x.com/settings/account.

Data transfers to the U.S. are governed by the European Commission Standard Contractual Clauses (SCC). You can review the details here: https://gdpr.x.com/en/controller-to-controller-transfers.html.

X is certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards for data processing in the U.S. More information can be found at https://www.dataprivacyframework.gov/participant/2710.

 

Instagram

Our website uses features from the social media platform Instagram, operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

When the Instagram plug-in on our website is activated, a direct connection is established between your device and Instagram’s servers, enabling Instagram to receive information about your visit, including your IP address. If you are logged into your Instagram account and interact with the plug-in (e.g., by clicking the Instagram button), content from our website may be linked to your Instagram profile, allowing Instagram to associate your visit with your account. We have no control or knowledge of the specific data transmitted to Instagram or how it is used.

Data processing related to the use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDG, which you may revoke at any time.

When personal data is collected through the Instagram plug-in and forwarded to Instagram or Facebook, we share joint responsibility (joint controllers) with Meta Platforms Ireland Limited for data collection and transmission (Art. 26 GDPR). However, Meta (Facebook/Instagram) is solely responsible for data processing after transmission. You can review the joint processing agreement at: Facebook Joint Controller Agreement. Under this agreement it is our responsibility to provide all necessary privacy information concerning the use of the Instagram feature on our website and ensuring their privacy-compliant implementation on our website. Meta remains responsible for the data security of its products. 

For more information on how Instagram handles your data, please refer to Instagram’s Data Privacy Policy: https://privacycenter.instagram.com/policy/

Data transfers to the U.S. are governed by the European Commission Standard Contractual Clauses (SCC). You can review the details here: 

https://www.facebook.com/legal/EU_data_transfer_addendum ,

https://privacycenter.instagram.com/policy/  and

https://de-de.facebook.com/help/566994660333381 .

Instagram is certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards for data processing in the U.S. More information can be found at https://www.dataprivacyframework.gov/participant/4452 .

 

LinkedIn

Our website uses features of the LinkedIn network, operated by inkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”). LinkedIn transfers data outside the EU, including to the U.S. 

When you visit a page containing LinkedIn elements, a connection is established between your device and LinkedIn’s servers, enabling LinkedIn to receive information about your visit, including your IP address. If you’re logged into your LinkedIn account and interact with the “Recommend” button, LinkedIn can link your visit to your user account. We have no access to or control over the data transferred to LinkedIn or its usage.

For more information on how Instagram handles your data, please refer to LinkedIn’s Data Privacy Policy: https://www.linkedin.com/legal/privacy-policy.

Data processing related to the use of this service is based on your consent (Art. 6(1)(a) GDPR and § 25(1) TDDG), which you may revoke at any time.

Data transfers to the U.S. are governed by the European Commission Standard Contractual Clauses (SCC). You can review the details here: 

https://www.linkedin.com/help/linkedin/answer/a1343190/datenubertragung-aus-der-eu-dem-ewr-undder-schweiz?lang=de.

LinkedIn is certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards for data processing in the U.S. More information can be found at https://www.dataprivacyframework.gov/participant/5448 .

 

Pinterest

Our website uses features of the social network Pinterest, operated by operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (“Pinterest”). 

When you visit a page containing Pinterest elements, your browser will establish a direct connection with Pinterest’s servers. During this process, log data may be transmitted to Pinterest’s servers in the United States, which can include your IP address, other visited websites with Pinterest elements, browser type and settings, time and date of your request, how you interact with Pinterest, and cookies.

For more information about Pinterest handles your data and about your rights, please refer to Pinterest’s Privacy Policy: https://about.pinterest.com/en/privacy-policy.

Data processing related to the use of this service is based on your consent (Art. 6(1)(a) GDPR and § 25(1) TDDG), which you may revoke at any time.

 

  1. NEWSLETTER

We offer a newsletter through our website to keep you informed and engaged. To subscribe, we require your email address and confirmation that you own the provided email and consent to receiving the newsletter. No additional data is collected unless voluntarily provided. We use external newsletter service providers, which are detailed below, to manage the newsletter distribution.

Flodesk

Our website uses Flodesk for sending newsletters, operated by Flodesk, 1301 5th St., Suite 1, Santa Monica, CA 90401, USA (“Flodesk”). 

Flodesk is a service used to manage and analyze our newsletter distribution. When you subscribe by providing your email address, this information is stored on Flodesk’s servers in the U.S. Flodesk allows us to assess newsletter performance; when you open an email, a web beacon connects to their servers, enabling tracking of opens and clicks, alongside technical details such as IP address, time of access, operating system and browser type. This data is used solely for statistical analysis to improve future newsletters and cannot be allocated to specific newsletter recipients. If you do not agree with this analysis by Flodesk, you may unsubscribe from the newsletter, e.g. via the unsubscribe link provided in every newsletter message.

Data processing related to the use of our newsletter service is based on your consent (Art. 6(1)(a) GDPR), which you may revoke at any time by unsubscribing. Your data is retained until you unsubscribe, at which point it will be deleted from our distribution list, while other stored data remains unaffected. Upon unsubscribing, your email may be kept in a blacklist to prevent future mailings, serving our mutual legal compliance (Art. 6(1)(f) GDPR). This blacklist data is used solely for this purpose and is not merged with other information. The blacklist storage is indefinite, and you may object to this if your interests outweigh our legitimate interests.

For more details, please refer to Flodesk’s privacy policy at: https://help.flodesk.com/en/articles/3390453-data-processing-addendum

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

 

  1. ANALYTICS TOOLS AND MARKETING

Google Tag Manager

Our Website uses Google Tag Manager, a service provided by Google Ireland Limited, located at Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Tag Manager allows us to seamlessly integrate various tracking and analysis tools into our website. It does not, by itself, create user profiles, store cookies, or perform any independent data analysis. Instead, its role is to manage and deploy the integrated tools. However, it does collect your IP address, which may be transferred to Google’s parent company in the U.S.

We process data with Google Tag Manager based on Art. 6(1)(f) GDPR, as it serves our legitimate interest in the efficient integration and management of third-party tools on our website. If your consent has been obtained for storing cookies or accessing your device’s information (e.g., device fingerprinting) under the TDDG, processing is exclusively done in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDG; consent may be revoked at any time.

Google is certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards for data processing in the U.S. More information can be found at: https://www.dataprivacyframework.gov/participant/5780.

 

Google Analytics

Our Website uses Google Analytics, a web analysis service provided by Google Ireland Limited, located at Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics is used to analyze how visitors interact with our website. It collects various data, including pages visited, time spent on the site, the user’s operating system, and their origin. This data is linked to a user-ID, which is associated with the visitor’s device. Google Analytics also tracks mouse movements, scroll activity, and clicks. It employs various modeling techniques to enrich collected data and leverages machine learning for enhanced analysis. Technologies such as cookies and device fingerprinting allow Google Analytics to recognize users and analyze behavior. Typically, this information is transferred to and stored on Google’s servers in the U.S.

Data processing related to the use of this service is based on your consent (Art. 6(1)(a) GDPR and § 25(1) TDDG), which you may revoke at any time.

We use Google Analytics based on your consent, as per Art. 6(1)(a) GDPR and § 25(1) TDDG. You may revoke this consent at any time.

Data transfers to the U.S. are governed by the European Commission Standard Contractual Clauses (SCC). You can review the details here: https://privacy.google.com/businesses/controllerterms/mccs/

Google is certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards for data processing in the U.S. More information can be found at: https://www.dataprivacyframework.gov/participant/5780.

IP Anonymization

Google Analytics uses IP anonymization on this website. This means your IP address is shortened within the European Union or other European Economic Area states before being transferred to the U.S. Only in rare cases will the full IP address be sent to a U.S.-based server and shortened there.

Google processes this data on our behalf to evaluate your use of our website, generate reports on website activity, and provide other internet-related services to us. The IP address transmitted by your browser through Google Analytics will not be combined with other Google data.

Browser Plug-in

You can prevent Google from recording and processing your data by installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout?hl=en.

For further information on how Google Analytics handles user data, please refer to Google’s Privacy Policy at: https://support.google.com/analytics/answer/6004245?hl=en.