Secure a free spot in our Migration Program to transition from Viva Goals to Workpath before the Viva Goals shutdown in 2025 - Find out more.
Thank you for your interest in our website. The protection of your personal data is very important to us. Below you will find information about how we handle your data collected through your use of our website. Your data will be processed in accordance with the statutory data protection regulations.
If you have any questions regarding the processing of your personal data, you can contact our external data protection officer directly, whose team is also available in the event of requests for information, applications or complaints:
Data protection officer of Workpath GmbH
PROLIANCE GmbH
www.datenschutzexperte.de
Leopoldstr. 2180802 Munich
datenschutzbeauftragter@datenschutzexperte.de
When contacting the data protection officer, please name the company to which your request relates. Please refrain from including sensitive information such as: B. attach a copy of your ID.
The responsible body within the meaning of data protection laws is:
Workpath GmbH
Ridlerstraße 39
80339 Munich
Germany
Managing Director: Johannes Müller
Company headquarters: Munich, registration court: Munich District Court, HRB 230902
When you access our website, it is technically necessary that data is transmitted to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:
We collect the data listed in order to ensure a smooth connection to the website and a technically error-free provision of our services. The processing of this data is strictly necessary to provide you with the website. The log files are used to evaluate system security and stability as well as for administrative purposes. The legal basis for processing the data is our legitimate interest in the protection and functionality of our website in accordance with Article 6 (1) (f) GDPR.For reasons of technical security, in particular to prevent attempts to attack our web server, we store this data for a short time. After at the latest XX days The data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a connection to the individual user.
This website is hosted by an external service provider (hoster). This website is hosted in the U.S. Personal data collected on this website is stored on the host's servers. This can be v. a. These include IP addresses, contact requests, meta and communication data, website access and other data generated via a website. We collect the data listed in order to ensure a smooth connection to the website and a technically error-free provision of our services. The processing of this data is strictly necessary to provide you with the website. The legal basis for processing the data is our legitimate interest in the correct presentation and functionality of our website in accordance with Article 6 (1) (f) GDPR.We have concluded an order processing agreement with the provider in accordance with the requirements of Art. 28 GDPR, in which we oblige them to protect our customers' data and not to pass them on to third parties.
Your personal data will not be transferred to third parties, unless
- if we have explicitly pointed this out in the description of the respective data processing,
- if you have given your express consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR,
- the disclosure in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
- in the event that there is a legal obligation for the transfer in accordance with Article 6 Paragraph 1 Sentence 1 Letter c GDPR and
- insofar as this is necessary for the processing of contractual relationships with you in accordance with Article 6 Paragraph 1 Sentence 1 Letter b of the GDPR.
To process our services, we also use external service providers who we have carefully selected, commissioned in writing and, if necessary, with whom we have concluded order processing contracts in accordance with Art. 28 GDPR. These are bound to our instructions and are checked by us regularly. These include service providers for hosting, sending e-mails as well as maintenance and upkeep of our IT systems, etc. The service providers will not pass this data on to third parties.
The provision of personal data for the decision to conclude a contract, to fulfill the contract or to carry out pre-contractual measures is voluntary. However, we can only make the decision within the framework of contractual measures if you provide such personal data that is necessary for the conclusion of the contract, the fulfillment of the contract or pre-contractual measures.
We take appropriate technical measures in accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons and organizational measures to ensure a level of protection appropriate to the risk. To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.
The duration of storage of personal data is based on the relevant statutory retention periods (e.g. from commercial law and tax law). After the respective deadline has expired, the relevant data will be routinely deleted. If data is required to fulfill or initiate a contract or we have a legitimate interest in continuing to store it, the data will be deleted if it is no longer required for these purposes or if you have exercised your right of revocation or objection.
Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred to your hard drive by a website server. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically solves them. This means we automatically receive certain data such as: B. IP address, browser used, operating system on your computer and your connection to the Internet.The processing of data through the use of absolutely necessary cookies is based on a legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR in the technically error-free provision of our services. For details on the processing purposes and legitimate interests, please see the information on specific data processing.The processing of personal data through the use of other cookies is based on consent in accordance with Article 6 (1) (a) GDPR. The consent can be revoked at any time in the future. If such cookies are used for analysis and optimization purposes, we will inform you about this separately as part of this data protection declaration and obtain consent in accordance with Art. 6 Para. 1 lit. a GDPR.
Cookies cannot be used to start programs or transmit viruses to a computer. Using the information contained in cookies, we can make navigation easier for you and enable our website to be displayed correctly.
Cookies have various functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or language settings). Other cookies are used to evaluate user behavior or display advertising. You can set your browser so that you
- be informed about the setting of cookies,
- Only allow cookies in individual cases,
- exclude the acceptance of cookies for certain cases or in general,
- Enable the automatic deletion of cookies when closing the browser.
Cookie settings can be managed using the following links for each browser:
- Google Chrome
- Mozilla Firefox
- Edge (Microsoft)
- Safari
- Opera
You can also individually manage cookies from many companies and functions used for advertising. To do this, use the appropriate user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.
Most browsers also offer a so-called “do-not-track” function. When this feature is enabled, your browser tells advertising networks, websites, and applications that you do not want to be “tracked” for behavioral advertising and similar purposes.
Depending on your browser provider, you can find information and instructions on how to edit this function using the following links:
- Google Chrome
- Mozilla Firefox
- Edge (Microsoft)
- Safari
- Opera
In addition, you can prevent so-called scripts from loading by default. “NoScript” allows JavaScript, Java and other plug-ins to be executed only on trusted domains of your choice. Information and instructions on how to edit this function can be obtained from your browser provider (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).
Please note that if you deactivate cookies, the functionality of our website may be restricted.
You can revoke or change your cookie settings at any time. To do this, access the cookie settings again via this link https://www.workpath.com/en/privacy-policy#cookie-declaration
Social networks X, Instagram, Facebook, LinkedIn are only included on our website as a link to the relevant services. After clicking on the embedded text/image link, you will be redirected to the respective provider's website. Only after forwarding is user information transferred to the respective provider. For information on how your personal data is handled when using these websites, please refer to the respective data protection regulations of the providers you use. e.g. Linked In, Meta Services Inc. …Data protection (x.com)Meta Privacy Policy – How Meta Collects and Uses User Data | Privacy Center | Manage your privacy on Facebook, Instagram and Messenger | Facebook PrivacyInstagram Data Policy: A Simple Guide | Instagram Blog
By using the OKR Generator service on workpath.com
you agree to this,
a) that your data subject to this service will be processed by Workpath GmbH (Germany) and Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA and their subsidiaries;
b) that you comply with the General Terms and Conditions and the Additional Terms and Conditions available here: https://azure.microsoft.com/en-us/support/legal/
https://azure.microsoft.com/en-us/support/legal/preview-supplemental-terms/
and c) that you will not submit any personal or confidential information to this service.
Our website uses the services of Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107 USA for secure encrypted data transmission over the Internet (SSL), to improve global website performance through the Cloudflare Content Delivery Network (CDN) and to improve the Security and protection against hacker attacks through the Cloudflare Web Application Firewall (WAF). Cloudflare may use its own cookies to provide these services. Cloudflare generally only forwards data that is controlled by website operators. The content is therefore not determined by Cloudflare, but always by the website operator itself. In addition, Cloudflare may collect certain information about the use of our website and process data that is sent by us or for which Cloudflare has received corresponding instructions. In most cases, Cloudflare receives data such as contact information, IP addresses, security fingerprints, DNS log data, and website performance data derived from browser activity. For example, log data helps Cloudflare detect new threats. This allows Cloudflare to ensure a high level of security protection for our website. The processing of personal data in connection with the use of Cloudflare is based on our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR to increase the security and delivery speed of our websiteFor security reasons and to optimally display our website, Cloudflare uses cookies. Generally, Cloudflare stores user-level data for Free, Pro, and Business domains for less than 24 hours. Cloudflare only retains data logs for as long as necessary and in most cases this data is deleted within 24 hours. Cloudflare also does not store any personal data, such as your IP address. However, there is information that Cloudflare stores indefinitely as part of its persistent logs to improve the overall performance of Cloudflare Resolver and detect any security risks. You can see exactly which permanent logs are saved https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/ read up. All data that Cloudflare collects (temporary or permanent) is cleaned of all personal data and therefore anonymized.You can also completely prevent all collection and processing of your data by Cloudflare by deactivating the execution of script code in your browser or by integrating a script blocker into your browser.Since personal data is transferred to Cloudflare Inc. in the USA, further protection mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Cloudflare Inc. is certified under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: Participant Search (dataprivacyframework.gov). For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe. We have concluded an order processing contract with Cloudflare.You can find more detailed information about data protection and Cloudflare at: https://www.cloudflare.com/de-de/gdpr/introduction/ and https://www.cloudflare.com/privacypolicy/.
This website uses Google Analytics,an internet analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called “cookies”. i.e. text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored thereGoogle will use this information on behalf of the operator of this website to evaluate your use of the website and to create reports on website activity. Google will also use this information to provide the website operator with other services related to the use of the website and the Internet. The IP address sent by your browser as part of Google Analytics is not combined with other data from Google. The processing takes place in accordance with Article 6 Paragraph 1 Letter a GDPR on the basis of the consent you have given.We only use Google Analytics with IP anonymization activated. This means that your IP address will only be processed by Google in a shortened form.We have concluded an order processing agreement with the service provider in which we oblige them to protect our customers' data and not to pass them on to third parties. Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Google LLC is registered under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.The Google Analytics terms of use and data protection information can be accessed via the following links: http://www.google.com/analytics/terms/de.html https://www.google.de/intl/de/policies/
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. A deletion of user and event-level data associated with cookies, user identifiers (e.g. User ID) and advertising IDs (e.g. DoubleClick cookies, Android advertising ID, IDFA [Apple identifier for advertisers]) are linked no later than 14 months after they were collected.You can prevent the storage of cookies by setting your browser software accordingly; However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: Browser add-on to deactivate Google Analytics.
In addition to or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by: click this link. An opt-out cookie is installed on your device. This will prevent Google Analytics from collecting data for this website and this browser in the future as long as the cookie remains installed in your browser
We use “Google Ads”, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”) on our website. We use Google Ads for marketing and optimization purposes, in particular to show ads that are relevant and interesting to you.If you have given us your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, we can use Google Ads to draw attention to our attractive offers using advertising materials on external websites. This allows us to determine how successful individual advertising measures are.These advertising materials are delivered by Google via so-called “AdServers”. For this purpose, we use so-called ad server cookies, through which certain parameters can be measured to measure success, such as display of ads or clicks by users. If you reach our website via a Google ad, Google Ads will store a cookie on your PC. These cookies usually expire after 30 days. They are not intended to identify you personally. The following information is usually stored for this cookie as analysis values: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wants to be addressed). These cookies enable Google to recognize your web browser. If a user visits certain pages of an Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. Each Ads customer is assigned a different cookie. Cookies cannot therefore be tracked via the websites of Ads customers. We ourselves do not collect or process any personal data in the advertising measures mentioned. We only receive statistical evaluations from Google. Based on these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of advertising materials; in particular, we cannot identify users based on this information. Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. As far as we know, Google receives the information that you have accessed the relevant part of our website or clicked on an advertisement from us. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out and store your IP address.Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Google LLC is registered under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.Further information about Google's use of data, settings and objection options, and data protection can be found on the following Google websites:Data protection: https://policies.google.com/privacy?hl=de&gl=de Google Website Statistics: https://services.google.com/sitestats/de.html You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to fully use all functions of our website. It is also possible to prevent the storage of cookies by setting your web browser so that cookies from the domain “www.googleadservices.com“ be blocked (https://www.google.de/settings/ads). Please note that this setting will be deleted if you delete your cookies. You can also view interest-based ads via the link http://optout.aboutads.info deactivate. We would like to point out that this setting will also be deleted if you delete your cookies
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).The purpose of reCAPTCHA is to check whether data is entered on our website (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information, e.g.
- IP Address
- Length of stay of the website visitor on the website
- Mouse movements made by the user
The data collected during the analysis is forwarded to Google.The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place. Data processing is carried out on the basis of Article 6 Paragraph 1 Letter f GDPR. We have a legitimate interest in protecting our website from abusive automated spying and unwanted, automated mailings (spam).Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Google LLC is registered under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.We do not store any personal data from the use of reCAPTCHA. In general, the personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies.Further information about Google reCAPTCHA and Google's privacy policy can be found under the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/v3beta.html
This website uses the remarketing function of Google Inc. If you have given us your consent, this function makes it possible to link the advertising target groups created with Google Ads Remarketing with the cross-device functions of Google Ads and Google Marketing Platform. The legal basis is your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, Section 25 Paragraph 1 TTDSG. In this way, interest-based, personalized advertising messages that have been adapted to you on one device (e.g. cell phone) depending on your previous usage and surfing behavior can also be displayed on another of your devices (e.g. tablet or PC).The function is used to present interest-based advertisements to website visitors within the Google advertising network. A so-called “cookie” is stored in the website visitor’s browser, which makes it possible to recognize the visitor when they visit websites that belong to the Google advertising network. To link advertising audiences created by Google Ads Remarketing with the cross-device functions of Google Ads and Google Marketing Platform. The legal basis is your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, Section 25 Paragraph 1 TTDSG. In this way, interest-based, personalized advertising messages that have been adapted to you on one device (e.g. cell phone) depending on your previous usage and surfing behavior can also be displayed on another of your devices (e.g. tablet or PC).If you have given your consent, Google will link your web and app browser history to your Google account for this purpose. This means that the same personalized advertising messages can be displayed on every device on which you log in with your Google account.To support this feature, Google Analytics collects authenticated user IDs, which are temporarily linked to our Google Analytics data to define and create audiences for cross-device advertising.You can permanently opt out of cross-device remarketing/targeting by deactivating personalized advertising in your Google Account; follow this link: https://adssettings.google.com/.Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Google LLC is registered under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search.For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.Further information and the data protection regulations can be found in Google's data protection declaration at: https://www.google.com/policies/technologies/ads/.If you do not want Google's remarketing function, you can generally deactivate it by using the relevant settings under http://www.google.com/settings/ads make. Alternatively, you can opt out of the use of cookies for interest-based advertising through the Advertising Network Initiative by following the instructions below http://www.networkadvertising.org/managing/opt_out.asp consequences.
This website uses the Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. This means: No cookies are used and only the user's IP address is transmitted to Google to establish the connection. The Google Tag Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data If a deactivation has been made at the domain or cookie level, it remains in effect for all tracking tags if they are implemented with the Google Tag Manager.We use Google Tag Manager based on your consent in accordance with Article 6 (1) (a) GDPR. Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Google LLC is registered under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.
We use “Google Fonts”, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: “Google”) on our website. Google Fonts allows us to use external fonts. When you access our website, the required Google Fonts are loaded into your browser cache from our web server. This is necessary so that your browser can display a visually improved representation of our texts. If your browser does not support this function, a standard font from your computer will be used for display.The fonts are hosted by us and therefore not downloaded from an external provider. This requires the processing of your IP address. We use Google Fonts for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. The legal basis for data processing is our legitimate interest in this regard in accordance with Article 6 (1) (f) GDPR.
This website uses “Google Photos”, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: “Google”). Google Photos allows us to integrate and display image galleries on our website. The images are loaded via a server call, usually a Google server in the USA. This sends information to the server about which page of our website you have visited. The IP address of the browser of the visitor's device is also stored by Google.We use Google Photos for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. The processing takes place in accordance with Article 6 Paragraph 1 Letter a GDPR on the basis of the consent you have given. This consent can be revoked at any time with future effect.Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Google LLC is registered under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.Further information on data protection can be found in Google's privacy policy: http://www.google.de/intl/de/policies/privacy
On our website we include videos from “YouTube”, a social media platform of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”). The legal basis for the processing of your personal data in this context is your consent in accordance with Article 6 Para. 1 lit. a GDPR. If the playback of embedded YouTube videos is started with your consent, a server call is made, usually to a Google server the USA. This transmits to the server which page you have accessed and the IP address of the browser of the visitor's device is transmitted to Google and stored by Google.In addition, if you give your consent, the provider “YouTube” uses cookies to collect information about user behavior. According to information from “YouTube”, these serve, among other things, to record video statistics, improve user-friendliness and prevent abusive behavior. Additionally, if you are logged in to Google, your information may be associated with your account when you click on a video. If you do not want it to be associated with your YouTube profile, you must log out before activating the button. Google stores this data as usage profiles and uses them for advertising, market research and/or needs-based design of its websites. Such an evaluation is carried out in particular (also for users who are not logged in) to display tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. Please contact Google directly.Since it is possible for Google to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Google LLC is registered under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.Further information on data protection and data use by Google can be found on the following Google website: https://policies.google.com/privacy?hl=de&gl=de
This website uses the “Custom Audiences” remarketing featureThe Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor Dublin 2, Ireland (hereinafter referred to as “Facebook”).This function is used to present interest-based advertisements (“Facebook Ads”) to visitors to this website when they visit the social network Facebook. For this purpose, the Facebook remarketing tag was implemented on this website. This tag is used to establish a direct connection to the Facebook servers when you visit the website. It is transmitted to the Facebook server that you have visited this website and Facebook assigns this information to your personal Facebook user account. We use Facebook Custom Audiences for marketing and optimization purposes, in particular to show ads that are relevant and interesting to you and thus improve our offering and make it more interesting for you as a user. The legal basis for Facebook Custom Audiences and the Facebook Pixel is Article 6 Paragraph 1 Sentence 1 Letter a GDPR (consent).We have concluded an order processing agreement with our service provider Facebook, in which we oblige them to protect our customers' data and not to pass them on to third parties.Since it is possible for Facebook to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Facebook or Meta Platforms, Inc. is registered under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search.For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.Further information on the collection and use of data by Facebook as well as your rights in this regard and options for protecting your privacy can be found in Facebook's data protection information at https://www.facebook.com/about/privacy/. Alternatively, you can use the “Custom Audiences” remarketing feature at https://www.facebook.com/settings/?tab=ads#_=_ deactivate. To do this you must be logged in to Facebook.In addition, you can deactivate cookies that are used to measure reach and for advertising purposes via the following websites:
http://optout.networkadvertising.org/
http://www.aboutads.info/choices
http://www.youronlinechoices.com/uk/your-ad-choices/We would like to point out that this setting will also be deleted if you delete your cookies.
We use “Meta Pixel”, a service on our website Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour Dublin 2, Irland (hereinafter referred to as: “Meta/Facebook”). If you have given us your consent in accordance with Article 6 Para. 1 lit. a GDPR, we use Meta Pixel for marketing and optimization purposes, in particular to place relevant and interesting ads on Facebook and thus improve our offering. to make it more interesting for you as a user and to avoid annoying ads. Meta Pixel enables Meta to show our advertisements on Facebook, so-called “Facebook Ads”, only to those Facebook users who were visitors to our website, in particular who have shown interest in our online offering. In this case, Meta Pixel also makes it possible to check whether a user was redirected to our website after clicking on our Facebook ads. Meta Pixel uses, among other things, cookies, i.e. small text files that are stored locally in the cache of your web browser on your device. If you are logged into your Facebook user account, your visit to our online offering will be noted in your user account. The data collected about you is anonymous to us, so it does not allow us to draw any conclusions about the identity of the user. However, this data can be linked by Facebook to your user account there. If you have a Facebook user account and are registered, Facebook can assign the visit to your user account.Since it is possible for personal data to be transferred by Meta to affiliated companies and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Meta Platforms, Inc. is certified under the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search.For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.Further information from the third-party provider on data protection can be found on the following Facebook website: https://www.facebook.com/about/privacy. You can find information about Meta Pixel on the following Facebook website: https://www.facebook.com/business/help/651294705016616.You can make the settings regarding which types of advertisements are displayed to you within Facebook on the following Facebook website: https://www.facebook.com/settings?tab=ads.Please note that this setting will be deleted if you delete your cookies. In addition, you can deactivate cookies that are used to measure reach and for advertising purposes via the following websites:
http://optout.networkadvertising.org/, http://www.aboutads.info/choices
http://www.youronlinechoices.com/uk/your-ad-choices/
We would like to point out that this setting will also be deleted if you delete your cookies.
On our website we use the conversion tracking technology and the retargeting function of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This enables us to show visitors to our website personalized advertisements on LinkedIn. For this purpose, a cookie, a LinkedIn Insight tag, is set in your browser with a validity of 120 days, which enables LinkedIn to recognize you if you visit this website and are logged into your LinkedIn account at the same time. LinkedIn uses this data to create anonymous reports on ad performance and information on website interaction. The information generated by the cookie is usually transferred to a server in the USA and stored thereThe legal basis for processing is your consent in accordance with Article 6 (1) (a) GDPR.Since personal data is transferred to the USA, further protective mechanisms are required to ensure the data protection level of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavor to obtain additional regulations and commitments from the recipient in the USA. You can deactivate LinkedIn Insight conversion tracking and interest-based personalized advertising by opting out using the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Further information on data protection at LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy.
We also receive aggregated and anonymous reports of ad activity and information about how you interact with our website from LinkedIn. Further information about data protection at LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy#choices-oblig.
You can object to LinkedIn analyzing your usage behavior and displaying interest-based recommendations (“opt-out”); To do this, click on the “Reject on LinkedIn” (for LinkedIn members) or “Reject” (for other users) field under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
On our websites we use the consent management platform “Cookiebot” from the provider Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark.We use the service to manage your consent to the use of cookies and similar technologies.If we use technically necessary cookies and similar technologies as part of the integration of the service, this is done in accordance with Section 25 Paragraph 2 of the Telecommunications Telemedia Data Protection Act (TTDSG). Subsequent data processing by Cookiebot is based on a purpose in accordance with Art .If you give your consent via our consent banner, Cybot processes the following data:
- the IP address of the requesting computer,
- the description of the web browser and operating system used,
- the address of the website from which your consent was sent
- the date and time of consent,
- a pseudonymous, random and encrypted consent key (consent ID).
- Your consent status, which serves as proof of your consent.
This data is logged on Cybot's servers. Your IP address is shortened by removing the last three digits so that a personal reference can no longer be established.In this way, our websites are able to check your consent status on all subsequent and future page visits and, depending on your decision to use cookies and other technologies, activate or deactivate them when you visit the page again.The check is carried out by comparing the consent key and the consent status from the “CookieConsent” cookie with the values transmitted to Cybot when you gave your consent to ensure that the status of your original consent has not changed.We transmit your data to
Cybot A/S, Havnegade 39, 1058 Kopenhagen, Denmark,
Further information on how Cybot handles personal data can be found at https://www.cookiebot.com/de/privacy-policy/.Your consent ID and your consent status are also stored both in the browser of your device in the “CookieConsent” cookie and on Cybot’s servers for a period of 12 months [GM1].
We use HubSpot for our online marketing activities. HubSpot is a software company from the USA with a branch HubSpot Ireland Limited at 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. This is an integrated software solution with which we cover various aspects of our online marketing. This includes, among other things, email marketing, which regulates the sending of newsletters and automated mailings, social media publishing and reporting, contact management such as user segmentation and CRM, landing pages and contact forms. HubSpot uses cookies, small text files that are stored locally in the cache of your web browser on your device and enable us to analyze your use of the website.
The information collected includes, among other things:
1. Email marketing (newsletters and automated mailings, for example to provide downloads)
2. Social Media Publishing & Reporting
3. Reporting (e.g. traffic sources, access, etc. ...)
4. Contact management (e.g. user segmentation & CRM)
5. Landing pages and contact forms
HubSpot evaluates on our behalf so that we can generate reports about the visit and the pages visited. Information collected using HubSpot and the content of our website are stored on servers operated by HubSpot's service providers. If you have given your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a of the GDPR, processing will take place on this website for the purpose of website analysis.Our registration service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic information. This information and the content of our website are stored on the servers of our software partner HubSpot. They can be used by us to contact visitors to our website and to determine which company services are of interest to them. All information we collect is subject to this Privacy Policy. We use all information collected exclusively to optimize our marketing measures. Since personal data is transferred to the USA, further protective mechanisms are required to ensure the data protection level of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR.These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavor to obtain additional regulations and commitments from the recipient in the USA.The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. The data will be deleted no later than 13 months after it was collected.You can permanently object to the collection of data by HubSpot and the setting of cookies by preventing the storage of cookies through your browser settings. You can object to the processing of your personal data at any time with future effect by sending an email HubSpot - Privacy sectionFurther information can be found in the provider's privacy policy: https://legal.hubspot.com/dpa
If you generally do not want Hubspot to collect data, you can prevent the storage of cookies at any time using your browser settings.
To improve the user experience on our website, we use the Hotjar software (http://www.hotjar.com, 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe). Using Hotjar we can measure and evaluate user behavior (mouse movements, clicks, scroll height, etc.) on our websites. The information generated by the “tracking code” and “cookie” about your visit to our website is transmitted to the Hotjar servers in Ireland and stored there. The tracking code collects the following information:
Device dependent data
1. IP address of your device (collected and stored in anonymized form)
2. Your email address including first and last name, if you have provided this to us via our website
3. Screen size of your device
4. Device type and browser information
5. Your location (country)
Log data
1. Referring domain
2. Pages visited
3. Geographical point of view (country only)
4. The preferred language to display our website
5. Date and time when the website was accessed
Hotjar will use this information to evaluate your use of our website. Hotjar also uses services from third-party companies, such as Google Analytics and Optimizely, to provide its services. Personal data can therefore also be transferred to third countries outside the EU and the EEA. In these cases, additional protective mechanisms must be put in place to ensure the level of data protection in accordance with the requirements of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient in the third country to process the data in accordance with the level of protection in the EU.These third-party companies may store information that your browser sends when you visit the website (e.g. cookies or IP requests). For more information on how Google Analytics and Optimizely store and use data, please see their respective privacy policies. If you continue to use this website, you agree to the processing of data by Hotjar and its third parties as explained above in accordance with their privacy policies.
Hotjar uses cookies with different durations. Hotjar offers every user the opportunity to prevent the use of the Hotjar tool using a “Do Not Track header” so that no data about the visit to the respective website is recorded. This is a setting that all common browsers support in current versions. To do this, your browser sends a request to Hotjar to deactivate the tracking of the respective user. If you use our websites with different browsers/computers, you must set up the “Do Not Track header” separately for each of these browsers/computers. You can prevent the use of Hotjar by going to the opt-out page https://www.hotjar.com/legal/compliance/opt-out go and click “Deactivate Hotjar”.You can prevent Hotjar from collecting data by clicking on the following link and following the instructions: https://www.hotjar.com/opt-out.
Our website uses Pingdom, a service provided by Pingdom AB, Kopparbergsvägen 8, 72213 Västeras, Sweden. Pingdom uses, among other things, cookies that are stored on your computer and enable analysis of the use of the website. As part of use, data, such as the IP address and activities of the user, can be transmitted to a Pingdom AB server and stored there. Personal data can therefore also be transferred to third countries outside the EU and the EEA. In these cases, additional protective mechanisms must be put in place to ensure the level of data protection in accordance with the requirements of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient in the third country to process the data in accordance with the level of protection in the EU. You can prevent the collection and forwarding of personal data (in particular your IP address) and the processing of this data by deactivating the execution of Java Script in your browser or installing a tool such as “NoScript”. Further information on data protection when using Pingdom can be found at the following link: https://www.pingdom.com/legal/privacy-policy.
Our website uses Piwik PRO Analytics, an internet analysis service provided by Piwik PRO GmbH, Knesebeckstraße 62/63, 10719 Berlin ("PIWIK"). Piwik PRO Analytics uses so-called “cookies” to record user behavior on the website and make it usable. Piwik PRO Analytics will use this information on behalf of the operator of this website to evaluate your use of the website and to create reports on website activity. PIWIK will also use this information to provide the website operator with other services related to the use of the website and the Internet. The IP address sent by your browser as part of Piwik PRO Analytics is not combined with other PIWIK data.The processing takes place in accordance with Article 6 Paragraph 1 Letter a GDPR on the basis of the consent you have given.We only use Piwik PRO Analytics with IP anonymization activated. This means that your IP address will only be processed in a shortened form by PIWIK.We have concluded an order processing agreement with the service provider in which we oblige them to protect our customers' data and not to pass them on to third parties. Depending on the website operator, hosting can be arranged on selected servers within the EU. There is no transfer of personal data by PIWIK to affiliated companies and sub-service providers in countries outside the EU and the EEA instead of. As part of web hosting, it is possible that data can be transferred abroad to countries outside the EU and the EEA. This requires further protective mechanisms that exceed the data protection level of the GDPR to ensure. For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to provide the data in accordance with the level of protection in Europe process.The Piwik PRO Analytics terms of use and data protection information can be accessed via the following links: Analytics for web & mobile - Piwik PROPIWIK PRO DATA PROCESSING AGREEMENT - Piwik PRO Data protection declaration of Piwik PRO GmbH - GDPR.The data storage periods are determined by the Piwik PRO Analytics Suite client and regulated by a separate order processing agreement (AVV).The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. A deletion of user and event-level data associated with cookies, user identifiers (e.g. User ID) and advertising IDs (e.g. DoubleClick cookies, Android Advertising ID, IDFA [Apple Advertiser Identifier ]) are linked no later than 14 months after their collection.You can prevent cookies from being stored by adjusting the settings of your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of this website without restrictions.
We use the Sentry service (Sentry, 1501 Mariposa St #408, San Francisco, CA 94107, USA) to ensure and improve the technical stability of our service. Sentry allows us to detect errors in our application that caused a glitch or crash. Sentry uses cookies for this purpose, which in the event of an error transmit technical data such as browser data and the calling IP address to Sentry in an anonymous form. Sentry will use this information on our behalf to evaluate your usage and determine the source of the error, allowing us to correct the error and optimize our application. The legal basis is our legitimate interest in the technical stability of our website in accordance with Article 6 Paragraph 1 Sentence 1 Letter f GDPR. Sentry stores this data for as long as it is necessary for error evaluation, but for a maximum of 90 days. Since Sentry may transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protection mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Sentry.io is compliant with the EU-U.S. Data Privacy Framework certifies and therefore commits to compliance with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.For further information on the use of your data by the providers as well as your related rights and setting options, please see Sentry's data protection information: https://sentry.io/privacy/#what-information-do-we-collect
This website uses a plugin from the New Relic web analysis service. This service is provided by New Relic Inc., 188 Spear Street, Suite 1200 San Francisco, CA 94105, USA. This makes it possible to record statistical evaluations about the speed of the website. Through the plugin, New Relic receives the information that a user has accessed the corresponding page of the offer. If you are logged in to New Relic as a user, New Relic can assign the visit to your account there. If you are not a member of New Relic, it is still possible for New Relic to find out and store your IP address. Personal data can therefore also be transferred to third countries outside the EU and the EEA. In these cases, additional protective mechanisms must be put in place to ensure the level of data protection in accordance with the requirements of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient in the third country to process the data in accordance with the level of protection in the EU.The purpose and scope of data collection as well as information on the processing and use of the data by New Relic, as well as setting options to protect the privacy of users, can be found in New Relic's data protection information: https://newrelic.com/privacy. If you are a member of New Relic and do not want New Relic to collect information about you on our sites in order to associate it with your membership information stored with New Relic, you must log out of New Relic before visiting our sites.
Our website uses Rudderstack, a service provided by RudderStack Inc., 548 Market St Pmb 48141, San Francisco, Ca 94104-5401, USA. Rudderstack is an open source customer data pipeline based on the warehouse first principle. It collects and routes event stream (or clickstream) data and automatically builds your customer data base in your data warehouse. As part of this, Rudderstack processes personal data of website visitors. The processing takes place in accordance with Article 6 Paragraph 1 Letter a GDPR on the basis of the consent you have given.Rudderstack generally stores customer data in their infrastructure Customers. However, personal data may also be transferred to third countries outside the EU and the EEA. In these cases, additional protective mechanisms must be put in place to ensure the level of data protection in accordance with the requirements of the GDPR.To ensure this, we have agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient in the third country to provide the data in accordance with the level of protection in the EU process.Rudderstack's terms of use and privacy information can be accessed via the following links: Master Service Agreement | RudderStackPrivacy Policy for RudderStack, Inc
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected are. Complaints and the assertion of the rights of those affected are made via Contact Us | Contact Rudderstack Team
Sharethis is an analytics service provided by ShareThis, located at 3000 El Camino Real, Building 4, Suite 200, Palo Alto, CA 94306, USA. It allows the website owner to evaluate predictive behavioral data and use it as a basis for intelligent decisions. Sharthis collects and uses data related to the websites you visit to display personalized advertising, provide analytics and data modeling based on social sharing itself or through third parties. This personal information is pseudonymized in that it may not be used directly by ShareThis to identify an actual person. This data makes it possible to recognize your computer, device and/or browser over time. We have concluded an order processing agreement with the service provider in which we oblige them to protect our customers' data and not to pass them on to third parties.Since a transfer of personal data by Sharethis. to affiliated companies and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required that ensure the data protection level of the GDPR according to the order processing contract. For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.The terms of use and information on data protection can be accessed via the following links: ShareThis - Privacy NoticeShareThis-Privacy-Policy-6.9.23-DE.pdf
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected and no other legal regulations, especially retention and documentation obligations under Union law, apply opposeWe retain account information for as long as you have an active account with us. If you have not logged in to any of our Services using your username and password for a period of 14 consecutive months, we may consider your account inactive and delete your account information
The website uses online forms and surveys from the provider Typeform, which is based in Carrer Bac de Roda 163, Local 1 · 08018 Barcelona, Spanien hat. Typeform registers which server cluster serves the visitor. This is used in the context of load balancing to optimize the user experience.We have concluded an order processing agreement with the service provider in which we oblige them to protect our customers' data and not to pass them on to third parties. Typeform's terms, conditions & policies.Since Typeform can transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protective mechanisms are required that ensure the data protection level of the GDPR according to the order processing contract. For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.The terms of use and information on data protection can be accessed via the following links: Typeform's terms, conditions & policies
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected and no other legal regulations, especially retention and documentation obligations under Union law, apply oppose.
On our websites we integrate the “Microsoft Clarity” service from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
In the European Union (EU) and the European Economic Area (EEA), the service is offered by Microsoft Ireland Operations, Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
We use the service to better understand, analyze and evaluate the origin and type of our website visitors and their interaction with our websites.
The service provides statistical evaluations of certain individual values (e.g. pages visited per session, scroll depth, length of stay of visitors, origin, type of device used), heatmaps (graphic highlighting of user clicks on individual websites) and session recordings (playable recordings of the how individual users interact with our websites during a visit).
Cookies and similar technologies, especially JavaScript, are used to store and read data on your device.
We try based on the results obtained
1. to understand the origin of visitors to our websites,
2. to identify errors in the structure and design of the websites or insufficient compatibility with certain devices, browsers or operating systems,
3. To understand and understand obstacles that visitors face when using our websites
4. to recognize the effectiveness of online advertising campaigns.
In this way, we are able to understand how to adapt and optimize our websites to existing demand and manage our online advertising campaigns more effectively.
For these purposes, the service collects various information about visits to the websites, the devices used and a user's interactions with our websites based on a pseudonym. Clarity's settings are configured in such a way that data collection by Microsoft takes place in a pseudonymized form via so-called IP masking.
In particular, the following types of data are processed by the service:
1. Nutzerpseudonym (Clarity User ID).
2. Website visit data & IP address of the requesting device
3. Time of request
4. number of visits
5. Duration of stay
6. referring third-party websites
7. websites accessed
8. Country of origin of the user
9. Data on end devices
10. Type of device (PC, tablet, mobile device, other)
11. Screen resolution
12. operating system
13. Web browser
14. Interactions with the website
15. Mouse cursor movements
16. Click behavior
17. The scroll behavior
18. Entered text
19. Selected text
20. Clicked text
21. Recording of the entire website visit (session recording)
The legal basis for the integration and use of the service is your consent in accordance with Art. 6 Para. 1 a) GDPR. . The use of cookies and similar technologies is based on Section 25 Paragraph 1 TTDSG. The subsequent data processing is based on Art. 6 Para. 1 Sentence 1 lit a GDPR.Your consent is voluntary and can be freely revoked at any time with future effect. To exercise your revocation, please use the link “Cookie settings“ at the bottom of the website to access our consent management platform again and change your settings.Since it is possible for Microsoft to transfer personal data to affiliates and sub-service providers in countries outside the EU and the EEA, further protection mechanisms are required to ensure the data protection level of the GDPR. For the USA, there is an adequacy decision by the EU Commission in accordance with Article 45 (1) GDPR in relation to companies with certification according to the EU-U.S. Data Privacy Framework. Microsoft Corporation is certified under the EU-U.S. Data Privacy Framework certifies and therefore undertakes to comply with appropriate data protection standards, which can be viewed at the following link can: https://www.dataprivacyframework.gov/s/participant-search.For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Article 46 (2) (c) GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.In principle, we have no influence on further data processing by the third-party provider.Further information on how the service provider handles personal data can be found at https://privacy.microsoft.com/de-de/privacystatement.By integrating the service on our websites, data is transmitted to the above-mentioned recipients and stored there for a period of 13 months. Playable recordings of sessions are deleted after 30 days. There is no further storage of the data processed by the service and made available to us in our own systems.
On our website we use the “Spotify Player”, a service from Spotify AG, Regeringsgatan 19, 111 53 Stockholm, Sweden (“Spotify”) to play podcasts and audios. The legal basis is your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR.
If you use the Spotify player, Spotify sets cookies and processes personal data (your IP address and your interactions) in order to play you the audios or podcasts you want, record your interactions with the player and display advertisements related to your interactions to play out. If you have a Spotify account and are logged in, visiting our website and playing the desired content can be assigned to your account. In this case, the personal data linked to your Spotify account will also be processed. The legal basis for processing is Art. 6 Para. 1 lit. a) GDPR, your consent. You can revoke this at any time with future effect.
Further information on how Spotify processes your data can be found in the service provider's privacy policy at https://www.spotify.com/de/legal/privacy-policy/ as well as in the cookie policy below https://www.spotify.com/de/legal/cookies-policy/.
If you would like to receive the newsletter offered on the website with regular information about our offers and products, we require your email as mandatory information. Additional data may be provided in order to be able to address you personally in the newsletter and/or to identify you if you wish to exercise your rights as a data subject.We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you our newsletter by email if you have expressly confirmed to us that you consent to the sending of newsletters. In the first step, you will receive an email with a link through which you can confirm that you, as the owner of the corresponding email address, would like to receive newsletters in the future. By confirming this, you give us your consent in accordance with Art. 6 Para. 1 lit. a GDPR that we may use your personal data for the purpose of sending the desired newsletter.When you register for the newsletter, in addition to the email address required for sending, we store the IP address you used to register for the newsletter as well as the date and time of registration and confirmation in order to prevent possible misuse to be able to understand it at a later point in time. The legal basis for this is our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR.You can subscribe to the newsletter at any time using the link included in each newsletter or by sending an email to datenschutz@workpath.com unsubscribe from the person responsible named above. Once you have unsubscribed, your email address will be immediately deleted from our newsletter distribution list unless you have expressly consented to continued use of the data collected or continued processing is otherwise permitted by law.
If you send us inquiries via contact form or email, your details will be taken from the inquiry form or. Your email, including the personal data you provided there, will be stored by us to process your request and in case of follow-up questions. Providing your email address and telephone number is required to contact us; providing your first and last name is voluntary. Under no circumstances will we pass on this data without your consent. The legal basis for processing the data is our legitimate interest in answering your request in accordance with Article 6 Paragraph 1 Letter f of the GDPR and, if applicable, Article 6 Paragraph 1 Letter b of the GDPR, provided that your request is aimed at concluding a contract. Your data will be deleted after your request has been processed, provided there are no legal retention requirements. In the case of Art. 6 Para. 1 lit. f GDPR, you can object to the processing of your personal data at any time.
Below you will find information about which data subject rights the applicable data protection law grants you vis-à-vis the person responsible regarding the processing of your personal data:
a) The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a Right to complain, the origin of your data, if it was not collected by us, as well as the existence of automated decision-making including profiling and, if necessary, meaningful information about its details.
b) The right, in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or complete personal data stored by us.
c) The right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is carried out to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, Exercising or defending legal claims is necessary.
d) The right to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you dispute the accuracy of the data, the processing is unlawful but you refuse its deletion and we no longer need the data, but you do you need this to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
e) The right, in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible.
f) In addition, there is a right to lodge a complaint with a responsible data protection supervisory authority in accordance with Article 77 GDPR in conjunction with Section 19 BDSG). You can find a list of supervisory authorities (for non-public areas) with addresses at:https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
g) The right to revoke consent given in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke consent to the processing of data that has been given at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.
You can find our contact details under point 1.1. (Insert contact details, especially email address) So that a blocking of data can be taken into account at any time, this data must be kept in a blocking file for control purposes. You can also request the deletion of the data, provided there is no legal archiving obligation. If such an obligation exists, we will block your data upon request.You can make changes or revoke your consent with effect for the future by notifying us accordingly.
Right to object
If your personal data is processed by us on the basis of legitimate interests in accordance with Art. 6 Para. 1 Sentence 1 Letter f of the GDPR, you have the right to object to the processing of your personal data in accordance with Art reasons that arise from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct advertising, you have a general right to object without the need to specify a special situation.If you would like to exercise your right of withdrawal or objection, all you need to do is send an email an datenschutzbeauftragter@datenschutzexperte.de
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as required by the various storage periods provided by law. Once the respective purpose no longer applies or these deadlines have expired, the relevant data will be blocked or deleted routinely and in accordance with legal regulations. Information about Order processing relationship What security measures has Workpath implemented to protect my data? (TOM)
Workpath will protect your personal information well. We have implemented appropriate physical, administrative and technical safeguards to protect your personal information from unauthorized access, use and disclosure. Details on this can be found in our Workpath Security Addendum, which is available here: https://www.workpath.com/security-addendum
Personal data is always encrypted when transmitted over the Internet and stored in a database. Workpath's software can generally only be accessed via secure HTTPS access.
For what purposes is the personal data processed?
The processing of personal data by Workpath is necessary in order to be able to provide the services contractually agreed with your employer, in particular the provision of the software. In addition, Workpath processes personal data for its own purposes to improve the use of the software, provided you consent to thisWhat is the legal basis for this? processing?
The legal basis for order processing by Workpath in accordance with Art. 5 GDPR is the agreement with your employer about the use of the software. Your employer processes this data as part of your employment relationship or other contractual relationship between you and your employer. Workpath processes data for its own purposes based on your consent.Does Workpath use so-called “cookies”?
A cookie is text information that can be stored in the browser on the user's device (computer, laptop, smartphone, tablet, etc.) for each website visited. Workpath uses such cookies to be able to provide the services agreed with your employer (“functional cookie”) and to improve your experience using the software (“non-functional cookie”).
Overview of the cookies used by Workpath:
In addition, for technical reasons with a view to the security of the product, the following additional data processing takes place:
Access logs (“server logs”)
General log data, so-called server logs, are automatically recorded with every access and with essential activities within the software. These data are usually pseudonyms and therefore do not allow any conclusions to be drawn about a natural person. Without this data, it would sometimes not be technically possible to deliver and display the contents of the software. In addition, the processing of this data is absolutely necessary for security reasons, in particular for access, input, forwarding and storage control. In addition, the anonymous information can be used for statistical purposes and to optimize the offer and technology. In addition, the log files can be subsequently checked and evaluated if illegal use of the software is suspected. General data collected is the domain name of the website, the web browser and web browser version, the operating system, the IP address and the time stamp of access to the software. The scope of this logging does not exceed the usual scope of any other website on the Internet. The storage period for these access logs is up to 30 days.
Error logs
For the purpose of identifying and correcting errors, so-called error logs are created. This is absolutely necessary in order to be able to react to possible problems in the presentation and implementation of content as quickly as possible (legitimate interest). These data are usually pseudonyms and therefore do not allow any conclusions to be drawn about a natural person. When an error message occurs, general data such as the domain name of the website, the web browser and web browser version, the operating system, the IP address and the time stamp when the corresponding error message or specification occurs are recorded. The storage period for these error logs is up to 90 days.
Activity logs (“audit logs”)
To provide documentary evidence of security-relevant activities (in particular access, modification and deletion actions), log data, so-called audit logs, are automatically recorded. The processing of this data is absolutely necessary for security reasons, in particular for access, input, forwarding and storage control . In addition, the log files can be subsequently checked and evaluated if illegal use of the software is suspected. General data such as the type of activity, the identifier of the person executing it, the identifier of the object of the activity, the client, the IP address and the time stamp of the execution of the activity are recorded. The storage period for these activity logs is 360 days.
Storing data in local storage
In some cases, data within the software is also stored in so-called local storage, i.e. the storage capacity of your browser is used. Basically, this data is used to ensure security when visiting a website or software (“absolutely necessary”), to implement certain functionalities such as standard language settings (“functional”) or to improve the user experience or performance on the website (“performance”) ).Within the software, only absolutely necessary and functional data is stored in the local storage, in particular to identify the user and ensure security. The use of local storage is absolutely necessary for the provision of our services and therefore for the fulfillment of the contract with your employer. The storage period ends when the software session ends.
Who receives your personal data?
Workpath processes your data as part of providing the services agreed with your employer. At Workpath, only employees have access to your data to the extent that this is necessary in the context of their work. In order to be able to provide and continuously improve our services, Workpath uses third parties as service providers, so-called sub-processors, who are subject to the control and instructions of Workpath are subject to and with whom subcontracted processing agreements exist. We have selected these third parties carefully and in accordance with the provisions of the GDPR. You can view an overview of the current sub-processors, also known as “sub-processors”, agreed with your employer here: https://www.workpath.com/subprocessors. If your employer has agreed this with Workpath, we may a) use the sub-processor Pendo only with a so-called tokenization solution without using your email address, and/or b) not use the sub-processor Zendesk at all.
Will my data be transferred to a third country outside the EU?
No, all processing operations by Workpath and sub-processors take place in the EU instead of.
For how long will the personal data be processed?
The personal data will be processed at least for the duration of your employment relationship with your employer and will be deleted no later than 30 days after the termination of the contract between Workpath and your employer. Before that, your employer can delete or correct your personal data at any time.
What data protection rights can I assert as a data subject (e.g. rights to information)?
You can assert all rights under Article 15 ff of the GDPR against your employer or against Workpath, in particular your right to information, correction, deletion, etc. You can contact Workpath using the contact details provided above. Please note that to assert your data subject rights arising from processing for the purposes of the employment relationship, you should contact your employer directly; Workpath will also be happy to pass on incoming inquiries to your employer if necessary.
Which authority, if any, can I complain to?
The data protection supervisory authority responsible for Workpath is:
Bavarian State Office for Data Protection Supervision (“BayLDA”)
Promenade 1891522 Ansbach
Telephone: +49 (0) 981 180093-0
Fax: +49 (0) 981 180093-800
Email: poststelle@lda.bayern.de
Website: https://www.lda.bayern.de/
You can find out which data protection authority is responsible for your employer from your employer's data protection officer or you can find it here based on the federal state in which your employer is established:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
Workpath does not carry out automated decision-making or profiling in accordance with Article 22 of the GDPR.
Final Provisions
Workpath reserves the right to adapt this data protection declaration at any time so that it always complies with current legal requirements or to implement changes to the services provided to your employer in the data protection declaration, e.g. when introducing new services. If you access this software again, the new data protection declaration will apply, which you can access online here at any time.Workpath GmbHAs of: December 2022Workpath Legal Department
Changes to our privacy policy
We reserve the right to occasionally adapt this data protection declaration so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. B. when introducing new services. The new data protection declaration will then apply to your next visit.