We are very pleased about your interest in our company. Data protection is of particular importance to the management of uNaice. The use of the internet pages of uNaice is possible without any indication of personal data. However, if a data subject wishes to use special services of our company via our website, processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, shall always be carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations. By means of this data protection declaration, our company wishes to inform the public about the nature, scope and purpose of the personal data we collect, use and process. In addition, data subjects are informed about their rights by means of this data protection declaration.
As the controller, uNaice has implemented numerous technical and organisational measures to ensure the most complete protection of the personal data processed via this website. However, Internet-based data transfers can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, each data subject is free to transmit personal data to us in alternative ways, such as by telephone.
a) personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter ‘data subject’). Identifiable is a natural person who, directly or indirectly, directly or indirectly, by means of an identifier such as a name, identification number, location data, an online identifier or one or more special characteristics, which are of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
the data subjectis any identified or identifiable natural person whose personal data is processed by the controller.
Processing is any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data such as the collection, collection, organisation, ordering, storage, adaptation or modification, the reading, querying, use, disclosure by transmission, distribution or any other form of provision, reconciliation or linking, restriction, deletion or destruction.
of the processingrestriction of the processing is the marking ofstored personal data with the aim of restricting their future processing.
Profiling is any type of automated processing of personal data consisting in the use of such personal data to assess certain personal aspects relating to a natural person, in particular to address aspects of the to analyse or predict this natural person’s work performance, economic situation, health, personal preferences, interests, reliability, behaviour, whereabouts or relocation.
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that such additional data data is information is kept separately and subject to technical and organisational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.
g) Responsible or controller
The person responsible or controller for the processing is the natural or legal person, authority, body or other body that decides alone or jointly with others on the purposes and means of the processing of personal data. Where the purposes and means of such processing are specified by Union law or the law of the Member States, the controller or the specific criteria for his designation may be laid down in accordance with Union law or the law of the Member States. to become.
is a natural or legal person, authority, body or other body that processes personal data on behalf of the controller.
The recipient is a natural or legal person, authority, body or other body to which personal data are disclosed, whether or not it is a third party. However, authorities which may receive personal data under a particular investigation under Union or Member State law shall not be deemed to be recipients.
a thirdparty is a natural or legal person, authority, body or other body other than the data subject, the controller, the processor and the persons who are under the direct responsibility of the controller or processor is authorised to process the personal data.
Consentis any expression of will voluntarily made by the data subject in an informed and unequivocal manner in the form ofa declaration or other unambiguous affirmative Act by which the data subject indicates that he/she agrees to the processing of personal data concerning him or her.
2. Name and address of the controller
The person responsible for the General Data Protection Regulation, other data protection laws in force in the Member States of the European Union and other provisions of a data protection law nature is:
Tel.: +49 5203 99 88 010
Some of the websites use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies are used to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser.
Most of the cookies we use are so-called “session cookies”. They will be deleted automatically at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.
You can set your browser to inform you about the setting of cookies and to allow cookies only on a case-by-case basis, to exclude the acceptance of cookies for certain cases or in general, and to automatically delete cookies when you close the browser. to activate. When disabling cookies, the functionality of this website may be limited.
Please make a selection. For more information about the impact of your selection, see Help.
Your selection has been saved!
To continue, you must make a cookie selection. Below is an explanation of the different options and their meaning.
- Allow all cookies:
Any cookie, such as for tracking and analysis
- Only allow first-party cookies:
Only cookies from this website.
- Do not allow cookies:
No cookies are set unless they are technically necessary cookies.
You can change your cookie setting at any time here: Privacy .
4. Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type/ browser version
- operating system used
- Referrer URL
- Host name of the accessing machine
- Time of server request
This data cannot be allocated to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.
5. Sending newsletters by mailchimp
The newsletters are sent by the external service provider “MailChimp”, a newsletter delivery platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
In order to receive the newsletter, each user must register using the so-called double-opt-in procedure.
The e-mail addresses of our newsletter recipients, as well as their other data described in the context of these notices, are stored on the servers of MailChimp in the USA. MailChimp uses this information for sending and evaluating the newsletters on our behalf. Furthermore, according to its own information, MailChimp may use this data to optimize or improve its own services, for example for the technical optimization of the dispatch and presentation of the newsletters or for economic purposes, in order to determine from which countries the recipients come from. However, MailChimp does not use the data of our newsletter recipients to write it down or pass the data on to third parties.
We rely on MailChimp’s reliability and IT and data security. MailChimp is under the US-EU Data Protection Agreement “Privacy Shield“ and thus undertakes to comply with EU data protection requirements. Furthermore, with MailChimp we have a “Data Processing Agreement” completed. This is a contract in which MailChimp undertakes to protect the data of our users, to process their data protection provisions on our behalf and, in particular, not to pass them on to third parties. The data protection regulations of MailChimp can be found here can be viewed: https://mailchimp.com/legal/privacy/
6. Newsletter tracking
The newsletters of uNaice contain so-called tracking pixels. A tracking pixel is a thumbnail that is embedded in such emails, which are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns to be carried out. Using the embedded tracking pixel, the uNaice can detect if and when an email was opened by a data subject and which links in the e-mail were accessed by the data subject.
Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by the controller in order to optimize the sending of newsletters and to improve the content of future newsletters even better the interests of the data subject. This personal data will not be passed on to third parties. Affected persons are entitled at any time to revoke the relevant separate declaration of consent, which is given via the double opt-in procedure. After a revocation, this personal data will be deleted by the controller. The unsubscribe from receipt of the newsletter automatically means the uNaice as a revocation.
7. Possibility of contact via the website
Due to legal regulations, the website of uNaice contains information that enables a quick electronic contact to our company as well as direct communication with us, which is also a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller via e-mail or a contact form, the personal data transmitted by the data subject will be automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the controller shall be stored for the purpose of processing or contacting the data subject. This personal data will not be passed on to third parties.
8. Routine deletion and blocking of personal data
The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or if this is the case by the European legislator or another legislator has been provided for in laws or regulations to which the controller is subject.
If the purpose of the storage expires or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be processed routinely and in accordance with the legal requirements of the regulations are blocked or deleted.
9. Rights of the data subject
to confirmationEach data subject shall have the right granted by the European legislator to require the controller to confirm whether personal data concerning him/her are being processed. If a data subject wishes to avay themselves of this right of confirmation, he or she may at any time contact an employee of the controller.
b) Right to information
Any person concerned by the processing of personal data shall have the right granted by the European legislator to provide, at any time free of charge, information from the controller of the information stored about him/her personal data and a copy of this information. In addition, the European legislator has provided the data subject with information on the following information:
- The processing purposes
- the categories of personal data that are processed
- the recipients or categories of recipients to whom the personal data have been or are still being disclosed, in particular to recipients in third countries or to international organisations
- where possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration
- the existence of a right to rectification or erasure of personal data concerning them or to restriction of processing by the controller or a right of objection to such processing
- the existence of a right of appeal with a supervisory authority
- if the personal data are not collected from the data subject: all available information on the origin of the data
- the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended impact of a such processing for the data subject.
- In addition, the data subject has a right of access as to whether personal data have been transferred to a third country or to an international organisation. In so far as this is the case, the data subject is also entitled to obtain information on the appropriate guarantees in connection with the transmission.
- If a data subject wishes to avay themselves of this right of access, he or she may at any time contact an employee of the controller.
c) Right to rectification
- Any person concerned by the processing of personal data shall have the right granted by the European legislator to request the immediate rectification of inaccurate personal data concerning him or her. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.
- If a data subject wishes to avay themselves of this right of rectification, he or she may at any time contact an employee of the controller.
d) Right to erasure (right to be forgotten)
- Any person concerned by the processing of personal data shall have the right granted by the European legislator to require the controller to delete the personal data concerning him/her without delay, provided that: one of the following reasons and to the extent that processing is not necessary:
- The personal data have been collected for such purposes or processed in any other way for which they are no longer necessary.
- The data subject withdraws his consent, which is the subject of the processing in accordance with Article 6(4) of the 1 letter a GDPR or Article 9(3) 2 (a) GDPR and there is no other legal basis for processing.
- In accordance with Article 21(21) of the 1 GDPR objected to the processing and there are no primary legitimate grounds for processing, or the data subject submits in accordance with Article 21(4) of the 2 GDPR objection to processing.
- The personal data were processed unlawfully.
- The erasure of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.
- The personal data were collected in relation to information society services offered in accordance with Article 8(4) of the 1 GDPR.
- If one of the aforementioned reasons applies and a data subject wishes to request the deletion of personal data stored by uNaice, he or she may at any time contact an employee of the controller. The employee of uNaice will arrange for the deletion request to be complied with immediately.
- If the personal data has been made public by uNaice and our company is the controller in accordance with Art. 1 GDPR obliged to erase the personal data, uNaice shall take appropriate measures, including technical measures, taking into account the available technology and implementation costs, in order to other data controllers who are responsible for data processing, process the published personal data, inform that the data subject is aware of the deletion of all links to such personal data or of copies or copies of the data. replication of this personal data, insofar as the processing is not required. The employee of uNaice will arrange the necessary measures in individual cases.
- Any person concerned by the processing of personal data shall have the right granted by the European legislator to require the controller to delete the personal data concerning him/her without delay, provided that: one of the following reasons and to the extent that processing is not necessary:
e) Right to restrict processing
Any person concerned by the processing of personal data shall have the right granted by the European legislator to require the controller to restrict the processing if one of the following conditions is met:
- The accuracy of the personal data is disputed by the data subject for a period of time which enables the controller to verify the accuracy of the personal data.
- The processing is unlawful, the data subject refuses to delete the personal data and instead demands the restriction of the use of the personal data.
- The controller no longer needs the personal data for the purposes of processing, but the data subject needs it to assert, exercise or defend legal claims.
- The data subject has objected to the processing in accordance with Art. 1 GDPR filed and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.
If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored by the uNaice, he or she may at any time contact an employee of the responsible. The employee of uNaice will arrange the restriction of processing.
f) Right to data portability
Any person concerned by the processing of personal data shall have the right granted by the European legislator, the personal data relating to him or her, which have been made available to a controller by the data subject, in a structured, common and machine-readable format. It also has the right to transfer such data to another controller without hindrance by the controller to whom the personal data have been provided, provided that the processing is subject to the consent given in accordance with Article 6(4) of the 1 letter a GDPR or Article 9(3) 2 Letter a GDPR or on a contract pursuant to Article 6(s) 1 letter b GDPR is based and the processing is carried out by means of automated procedures, provided that the processing is not necessary for the performance of a task which is in the public interest or in the exercise of official authority, which is transferred to the responsible persons.
In addition, in the exercise of his right to data portability in accordance with Article 20(20) of the case, the data subject must exercise the right to data portability. 1 GDPR has the right to obtain that the personal data be transferred directly from one controller to another controller, insofar as this is technically feasible and if this does not affect the rights and freedoms of other persons to become.
In order to assert the right to data portability, the data subject may at any time contact an employee of uNaice.
g) Right to object
Any person concerned by the processing of personal data shall have the right granted by the European legislator to, for reasons arising from his particular situation, at any time against the processing of personal data concerning him or her. Data resulting from Article 6(6) 1 letter e or f GDPR, to appeal. This also applies to profiling based on these provisions.
uNaice will no longer process the personal data in the event of an objection, unless we can prove compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing of the data subject serves to assert, exercise or defend legal claims.
If the uNaice processes personal data in order to conduct direct marketing, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling insofar as it is related to such direct marketing. If the data subject objects to uNaice’s processing for direct marketing purposes, the uNaice will no longer process the personal data for these purposes.
In addition, the data subject has the right, for reasons arising from his particular situation, to oppose the processing of personal data concerning him or her which is used by uNaice for scientific or historical research purposes or for statistical purposes. pursuant to Article 89(4) 1 GDPR shall be effected to object, unless such processing is necessary to perform a task in the public interest.
In order to exercise the right to object, the data subject may directly contact any employee of uNaice or any other employee. The data subject is also free to exercise his right of opposition in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures in which technical specifications are used.
h) Automated decisions on a case-by-case basis, including profiling
Any person concerned by the processing of personal data shall have the right granted by the European legislator, not a decision based solely on automated processing, including profiling. which has legal effect on it or which similarly significantly affects it, provided that the decision (1) does not apply to the conclusion or performance of a contract between the data subject and the controller. (2) is permitted by Union or Member State legislation to which the controller is subject, and that legislation is appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject or (3) with the express consent of the data subject.
If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) it is made with the express consent of the data subject, the uNaice shall take appropriate measures to ensure that the rights and freedoms and the legitimate interests of the data subject, including at least the right to the intervention of a person on the part of the controller, to express his or her point of view and to challenge the decision.
If the data subject wishes to exercise rights relating to automated decisions, he or she may at any time contact an employee of the controller.
i) Right to revoke consent under data protection law
Any person affected by the processing of personal data has the right granted by the European legislator to revoke consent to the processing of personal data at any time.
If the data subject wishes to exercise his right to withdraw consent, he or she may at any time contact an employee of the controller.
10. Sharing buttons
On the website we use privacy-proof “Shariff” buttons. “Shariff” was developed by specialists of the computer magazine c’t to provide more privacy on the net and to replace the usual “share” buttons of social networks. More information about the Shariff project can be found here: https://www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-c-t-Shariff-ist-im-Einsatz-2470103.html
(1) We currently use the following social media plug-ins: Facebook, Google+, Twitter, Xing, LinkedIn. We use a data protection-friendly implementation technique (2-click method OR Shariff). This means that when you visit our site, no personal data will initially be passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by marking it on the box by using its initial letter or logo. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the selected field and activate it, the plug-in provider receives the information that you have visited the corresponding website of our online offer. In addition, the data referred to in Section 5 of this declaration will be transmitted. In the case of Facebook and Xing, according to the respective providers in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, personal data from you is transmitted to the respective plug-in provider and stored there (with US providers in the USA). Since the plug-in provider collects data via cookies in particular, we recommend that you delete all cookies before clicking on the greybox via the security settings of your browser.
(2) We have no influence on the collected data and data processing operations, nor are we aware of the full scope of the data collection, the purposes of the processing, the storage periods. We also do not have any information on the deletion of the collected data by the plug-in provider.
(3) The plug-in provider stores the data collected about you as user profiles and uses them for the purposes of advertising, market research and/or customising its website. Such an evaluation is carried out in particular (also for unlogged users) for the presentation of demand-oriented advertising and in order to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider in order to exercise this. Through the plug-ins, we pursue our interest in offering you the opportunity to interact with social networks and other users so that we can improve our offering and make it more interesting and attractive for you as a user. The legal basis for the use of the plug-ins is Art. 1 p. 1 lit. f GDPR.
(4) The data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider. If you press the activated button and, for example, link to the page, the plug-in provider also stores this information in your user account and communicates it publicly to your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this way you can avoid assigning to your profile with the plug-in provider.
(5) Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the privacy statements of these providers in the following. There you will also receive further information about your rights in this regard and settings options to protect your privacy.
- a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; more information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
- b) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
- c) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
- d) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.
- e) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
The controller has integrated the component Google Analytics (with anonymization function) on this website. Google Analytics is a web analytics service. Web analysis is the collection, collection and analysis of data on the behaviour of visitors to websites. A web analysis service collects, among other things, data on which website a data subject has come to a website (so-called referrers), which subpages of the website have been accessed or how often and for which length of stay a data subject has been underside. A web analysis is mainly used for optimizing a website and for cost-benefit analysis of Internet advertising.
The operating company of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The controller uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. By means of this addendum, the IP address of the internet connection of the data subject is shortened by Google and anonymised if access to our Internet pages from a Member State of the European Union or from another Contracting State of the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyse visitor flows on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us, which show the activities on our website, and to further with the use of our website. website related services.
Google Analytics sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google will be able to analyse the use of our website. Each call-up to one of the individual pages of this website, which is operated by the controller and on which a Google Analytics component has been integrated, the Internet browser is displayed on the information technology system of the automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical procedure, Google becomes aware of personal data, such as the IP address of the data subject, which, among other things, serves To help Google understand the origin of the visitors and clicks and subsequently to pay commission sever to make possible.
The cookie is used to store personal information, such as the time of access, the place from which access was provided and the frequency of visits to our website by the data subject. Each time you visit our website, this personal data, including the IP address of the Internet connection used by the data subject, is transferred to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical procedure to third parties.
The data subject can at any time prevent the setting of cookies by our website, as already shown above, by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs.
12. Lead feeder
Simultaneously with the use of Google Analytics, this website uses the Leadfeeder service, which is operated by Liidio Oy, Mikonkatu 17, 0100 Helsinki, Finland. Leadfeeder accesses the list of IP addresses provided by Google Analytics in the evaluation of website visitors and links the list of IP addresses to information about the companies that can be found on the Internet under these IP addresses. Due to the reduction of the IP addresses of website visitors already carried out during the use of Google Analytics, a direct personal reference is not established. A personal reference may arise from the review of the linked company information on the basis of presumption.
The controller has integrated Jetpack on this website. Jetpack is a WordPress plug-in that provides additional functionality to the operator of a website based on WordPress. Jetpack allows the website operator, among other things, an overview of the visitors to the site. It is also possible to increase the number of visitors by displaying related articles and publications or by being able to share content on the site. In addition, security features are integrated into Jetpack, making a Jetpack-using website better protected against brute force attacks. Jetpack also optimizes and accelerates the loading of images integrated on the website.
The operating company of the Jetpack plug-in for WordPress is Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. The operating company uses the tracking technology of Quantcast Inc., 201 Third Street, San Francisco, CA 94103, USA.
Jetpack sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. Each call-up to one of the individual pages of this website, operated by the controller and on which a Jetpack component has been integrated, will make the Internet browser available on the information technology system of the data subjects. automatically prompted by the respective Jetpack component to transmit data to Automattic for analysis purposes. As part of this technical procedure, Automattic becomes aware of data that is subsequently used to compile an overview of website visits. The data thus obtained are used to analyse the behaviour of the data subject, who has accessed the website of the controller and are evaluated with the aim of optimising the website. The data collected via the Jetpack component will not be used to identify the data subject without prior prior authorisation from the data subject. The data will also be available to Quantcast. Quantcast uses the data for the same purposes as Automattic.
The data subject can at any time prevent the setting of cookies by our website, as already shown above, by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Automattic/Quantcast from setting a cookie on the information technology system of the data subject. In addition, cookies already set by Automattic can be deleted at any time via the internet browser or other software programs.
Furthermore, the data subject has the possibility to object to the collection of the data generated by the Jetpack cookie relating to the use of this website and to the processing of this data by Automattic/Quantcast and to to prevent. To do this, the data subject must press the opt-out button under the link https://www.quantcast.com/opt-out/, which sets an opt-out cookie. The opt-out cookie set with the objection is stored on the information technology system used by the data subject. If the cookies on the data subject’s system are deleted after an objection, the data subject must revisit the link and set a new opt-out cookie.
With the setting of the opt-out cookie, however, there is a possibility that the websites of the controller will no longer be fully usable for the data subject.
14. Appointment via Calendly
This website uses the service provider Calendly.com for the online appointment booking we offer. Calendly.com offers a external platform for IT-Seal employees and business partners to manage joint appointments. The appointment booking service is embedded in the source code of our website. You automatically use Calendly.com’s service when you use scheduling. Data is transferred to IT-Seal for documentation purposes. The data collected includes the registered name, which IP address at the time of the booked appointment, the date and time. This data, which is used exclusively for the management of business appointments, will not be passed on to third parties. By using the appointment booking service, you agree to this. For more information, see https://calendly.com/pages/privacy.
15. Document provision via Minerics
uNaice uses the tool Minerics, Schellingstraße 18, 70794 Filderstadt, Germany to provide documents sent via links. Opening rates of documents and user behavior are tracked and stored. You automatically use the minerics.de service when you access our documents. Data is transferred to Minerics for documentation purposes. The data collected includes the registered name and e-mail address, the IP address at the time of the clicked link, the date and time. This data used exclusively for documentation will not be passed on to third parties. By using the documents, you agree to this. For more information, see https://minerics.de/impressum-datenschutz-2/ .
16. Use of hotjar
Our website uses hotjar’s hotjar web analytics service, Level 2, on some of our websites
St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe, +1 (855) 464-6788, email@example.com
This tool records movements on the observed web pages in so-called heat maps. This allows us to anonymously identify where visitors click and how far they scroll. This allows us to make our website better and more customer-friendly.
The protection of your personal data is very important to us when using this tool. All data is collected without us being able to assign it to specific users. We can only understand how the mouse moves, where clicked and how far scrolled. It also captures the screen size of the device, the device type, browser information, the country accessed by the device, and the preferred language. If personal data is displayed on a website, Hotjar automatically hides it. They are therefore incomprehensible to us.
A “Do Not Track header” can prevent the use of the hotjar tool. Then no data will be collected about the visit to our website. To do this, the browser must set accordingly. A guide to this can be found at: http://www.akademie.de/wissen/do-not-track-datenschutz. The hotjjar tool alone can also be used by using the opt-out switch under https://www.hotjar.com/opt-out disable.
17. CRM System Pipedrive
Your data will be deleted in our CRM tool Pipedrive if we have processed your request and the purpose of the storage has been omitted and there are no other conflicting legal exceptions. You can inform yourself at any time about the data stored about you.
The controller has integrated components from PayPal on this website. PayPal is an online payment service provider. Payments are processed through so-called PayPal accounts, which represent virtual private or business accounts. PayPal also allows you to process virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is maintained via an email address, so there is no classic account number. PayPal makes it possible to trigger online payments to third parties or to receive payments. PayPal also assumes fiduciary functions and offers buyer protection services.
The European operator of PayPal is PayPal (Europe) S.A.R.L. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If the data subject selects “PayPal” as a payment option during the ordering process in our online shop, data of the data subject will be automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transfer of personal data required for payment processing.
The personal data transmitted to PayPal is usually first name, last name, address, e-mail address, IP address, telephone number, mobile phone number or other data necessary for payment processing. In order to process the purchase contract, such personal data that are related to the respective order are also necessary.
The purpose of the transfer of data is to process payments and prevent fraud. The controller will transfer personal data to PayPal, in particular if there is a legitimate interest in the transmission. The personal data exchanged between PayPal and the controller may be transmitted by PayPal to business information agencies. The purpose of this transmission is to verify identity and creditworthiness.
PayPal may share the personal data with affiliated companies and service providers or subcontractors to the extent necessary to fulfil the contractual obligations or to process the data on behalf.
The data subject has the possibility to revoke the consent to the handling of personal data to PayPal at any time. A revocation does not affect personal data, which must be processed, used or transmitted for (contractual) payment processing.
The applicable data protection regulations of PayPal can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
19. Legal basis for processing
Article 6 I lit. a GDPR serves as the legal basis for our company for processing operations where we obtain consent for a specific processing purpose. Where the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, in the case of processing operations necessary for the supply of goods or the provision of any other performance or consideration, the processing is based on Article 6 I lit. b GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfilment of tax obligations, the processing is based on Article 6 I lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or any other natural person. This would be the case, for example, if a visitor to our company were injured and his name, age, health insurance data or other vital information were then passed on to a doctor, hospital or other third party. Should. The processing would then be based on Article 6 I lit. d GDPR. Ultimately, processing operations could be based on Article 6 I lit. f GDPR. This legal basis is the basis for processing operations which are not covered by any of the above legal bases where the processing is necessary to safeguard the legitimate interest of our company or a third party, provided that the interests of the fundamental rights and freedoms of the person concerned. We are allowed to process such processing operations in particular because they have been specifically mentioned by the European legislator. In that regard, it considered that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, second sentence, GDPR).
20. Legitimate interests in the processing pursued by the controller or a third party
Where the processing of personal data is based on Article 6 I lit. f GDPR is our legitimate interest in conducting our business for the benefit of all our employees and shareholders.
21. Duration for which the personal data will be stored
The criterion for the duration of the storage of personal data is the respective legal retention period. After the expiry of the period, the corresponding data is routinely deleted, provided that it is no longer necessary for the performance of the contract or the initiation of the contract.
22. Legal or contractual provisions for the provision of personal data
Required for the conclusion of the contract; obligation on the data subject to provide the personal data; possible consequences of non-provisioning
We clarify that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information about the contractual partner). Sometimes it may be necessary to conclude a contract that a data subject provides us with personal data, which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data when our company enters into a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before the data subject has provided personal data, the data subject must contact one of our employees. Our employee shall inform the data subject on a case-by-case basis whether the provision of personal data is required by law or contract or whether it is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data. data and the consequences of non-provision of personal data.
23. Existence of automated decision-making
As a responsible company, we do not require automatic decision-making or profiling.
Objection advertising emails
The use of contact data published within the scope of the imprint obligation for sending unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, e.g. by spam e-mails.
We shall only be liable for damages, no matter what, in the event of intent and gross negligence as well as in the event of a breach of an essential contractual obligation (cardinal obligation). We shall be liable, with the limitation of compensation for the foreseeable typical damage, for such damages, which are based on a slightly negligent breach of cardinal duties by us. We shall not be liable in the event of a slightly negligent breach of ancillary obligations that are not cardinal duties.
Information on online dispute resolution
The Eu Commission provides a platform for online dispute resolution on the Internet at the following link: http://ec.europa/consumers/odr
This platform serves as a point of contact for the out-of-court settlement of disputes arising from online purchases or online service contracts in which a consumer is involved.