- Responsibility for data processing (controller)
a) We inform you in the following about the processing of personal data when visiting our website. Personal data is all information that can be related to you personally, e.g. name, address, e-mail address, your applicant data, the information that you would like to make an appointment with us, user behavior or IP address.
b) Responsible according to Art. 4 para. 7 GDPR is Seven Senders GmbH, Schwedter Str. 36 A, 10435 Berlin, e-mail address: firstname.lastname@example.org.
- Data protection officer
You can reach our data protection officer at our postal address with the addition: “To the data protection officer”, as well as by e-mail at email@example.com.
- Informational use of our website and contacting us
a) Browser data
When you visit our website for information purposes, we automatically collect the following data and information that your browser transfers to us:
- IP address,
- Date and time of the request,
- Content of the request specific page),
- Access status/http/status code,
- Website from which the request originated,
- operating system,
- Language and version of the browser software (browser description text)
This data processing by our system is intended to enable the website to be delivered to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session. Your IP address will be deleted after four weeks. We save it for four weeks so that we can react in the event of data security deficiencies or problems with user intervention. The IP addresses are deleted immediately after the end of the four-week retention period. In addition, the data in our system is deleted when the respective session is finished. The collection of data for the purpose of providing the website is mandatory for the operation of the website. The legal basis for this is Art. 6 Para. 1 S. 1 lit. f GDPR.
In addition to the aforementioned data, cookies are placed on your computer when you use our website. Cookies are small text files that are saved on your hard drive and assigned to the browser you are using. This allows certain information to flow to the location that sets the cookie.
In the following, the most common types of cookies are explained for your understanding:
- Session cookies: While you are active on a website, a session cookie is temporarily stored in the database of your computer, in which a session identifier is stored, e.g. to prevent you from having to log in again each time you change pages. Session cookies are deleted when you log out or expire when your session automatically expires. We use a similar procedure for function cookies: While you are active on the website, certain functions, such as language options, are controlled and stored via cookies.
- Permanent or Log-Cookies: A permanent or log cookie saves a file on your computer for the period of time specified in the expiration date. These cookies enable websites to remember your information and settings on your next visit. This results in faster and more convenient access, as you do not have to change your language settings again, for example. When the expiration date is passed, the cookie is automatically deleted when you visit the website that generated it.
- Third-party cookies: Third-party cookies come from providers other than the website operator. For example, they can be used to collect information for advertising, custom content, and web statistics.
Some elements of our website require that the requesting server can be identified even after the page has changed. The cookies are deleted when the browser is closed. The legal basis for the processing of personal data using these technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The cookies justify our interest in enabling the use and provision of our website. Cookies are technically necessary for the use of the website.
c) Use of Google Analytics
The information is generally transferred to and stored by Google on servers in the USA. However, due to the activation of the IP anonymisation “_anonymizeIp()”, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before. Google has submitted to the EU-US Privacy Shield, see here.
Google uses the information to evaluate your use of the website, to compile reports on website activities and to provide us with further services related to website and internet use. We can use the information obtained to improve our offer and make it more interesting for you as a user. Google also uses your personal data for its own purposes and links these, for example, to existing Google accounts, your search history or usage data from other devices. The legal basis for the use of Google Analytics is your informed and voluntary consent pursuant to Art. 6 Para. 1 S. 1 lit. a GDPR. You can withdraw your consent at any time by email to firstname.lastname@example.org.
d) Google Adwords
This website uses the online advertising program Google AdWords of Google LLC (“Google”). As part of Google AdWords, we use conversion tracking to track user activity. When you click on an ad placed by Google, a conversion tracking cookie is set. These cookies lose their validity after 30 days and do not serve to personally identify the user. If the user visits certain pages on this site and the cookie has not expired, Google and we may recognize that the user clicked on the ad and was directed to that page.
Each Google AdWords customer receives a different cookie. Cookies cannot be tracked through AdWords customer websites. The information collected through the Conversion cookie is used to generate conversion statistics for AdWords customers who have opted for Conversion Tracking. AdWords customers learn the total number of users who clicked on their ad and were directed to a page tagged with a conversion tracking tag. However, they will not receive any information that personally identifies them. The storage of conversion cookies and the use of this tracking tool are based on your informed and freely given consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.
By incorporating DoubleClick, Google receives information that you have visited the relevant part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your Ac-count. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out and store your IP address. Legal basis for the processing of your data is the informed and freely given consent according to Art. 6 Para. 1 S. 1 lit. a GDPR.
For analysis purposes, we use technologies from Hubspot, Inc., http://www.hubspot.com, to automatically collect and store data like
- IP address,
- Date and time of the request,
- Session duration,
- Visited page,
- operating system
on this website and from which user profiles are created by using pseudonyms. This is used for the optimized presentation of our website. Cookies can be used for this purpose. The data processing is based on the freely given and informed consent according to Art. 6 Para. 1 S. 1 lit. a GDPR. You can withdraw your consent at any time by sending an e-mail to email@example.com. Your data will then be deleted immediately.
With the help of Hubspot, Inc. applications, we can optimise the presentation of our website, process your requests in the best possible way and place advertising appropriately. We have concluded an agreement with the company in accordance with Art. 28 Para. 3 GDPR on the processing of data. We remain responsible for data processing. The data collected in this context will be deleted after the end of the use of Hubspot, Inc. by us. Hubspot, Inc. has its headquarters in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here.
g) Facebook Pixel
Within our website we use the so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Using the Facebook pixel, Face-book is able to identify visitors to our website as a target group for displaying ads (so-called “Facebook ads”). For this purpose, the IP address and visited websites of the users are collected. We use Facebook pixels to display Facebook ads placed by us only to Facebook users who have shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products that are determined on the basis of the websites visited) that we transfer to Facebook (so-called “custom audiences”).
The Facebook pixel is directly integrated by Facebook when you visit our websites and can store a cookie on your device. If you then log in to Facebook or visit Facebook when logged in, the visit to our online service is noted in your profile. The data collected about you does not allow us to draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and can be used by Facebook as well as for its own market research and advertising purposes. If we transmit data to Facebook for comparison purposes, this data is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of matching the same data encrypted by Facebook. The processing of your personal data is based on a freely given and informed consent in accordance with Art. 6 Para. 1 S. 1 lit a GDPR. Facebook is certified under the Privacy Shield Agreement.
h) LinkedIn Insight tag
The LinkedIn Insight tag creates a unique LinkedIn browser cookie in a visitor’s browser and enables the collection of the following data for that cookie: metadata (such as IP address, timestamp, page events such as page views) and demographic link information if an active LinkedIn.com member cookie is present. The collected data is encrypted, anonymized within seven days, and the anonymized data is deleted within 90 days. LinkedIn does not share any personally identifiable information with us, but only provides aggregated reports about the website’s target audience and display performance. LinkedIn also provides retargeting for Web site visitors so that we can use this information to target advertisements outside our Web site without identifying the member.
If you have subscribed to our newsletter, we process your e-mail address in order to send you our newsletter by e-mail. The legal basis is Art. 6 Para. 1 S. 1 lit. a GDPR. You can withdraw your consent to receive our newsletter at any time by clicking on a link provided for this purpose in each newsletter. Newsletters are sent and managed with the help of Hubspot.
The newsletter of our company can only be received by the person concerned if (1) the person concerned has a valid e-mail address and (2) the person concerned registers to receive it. A confirmation email will be sent to the email address first entered by the person concerned for the purpose of sending the newsletter. This serves to check whether the owner of the e-mail address as the person concerned has authorised receipt of the newsletter.
When registering for the newsletter, we also store the IP address of the computer system used by the person concerned at the time of registration, as well as the date and time of registration, assigned by the Internet Service Provider (ISP). The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a person concerned at a later point in time.
- contact via the contact form
In case of requests via our contact form or via the e-mail address provided to you, we process the personal data voluntarily provided by you exclusively for the purpose of processing your request, answering it or contacting you. To verify the e-mail address you entered, we will send you an e-mail containing a confirmation link. The data collected in this context will be deleted after final answering, if there are no legal or other storage obligations. The legal basis for this processing of your personal data is Art. 6 Para. 1 S. 1 lit. b GDPR.
We use CRM systems provided by Hubspot and Pipedrive to manage our contact and customer information. We have also concluded an agreement on the processing of data, Art. 28 para. 3 GDPR, with Pipedrive OÜ, Mustamäe tee 3a, 10615 Tallinn, Estonia, the European branch of the American company. We remain responsible for data processing.
With explicit and freely given consent to this, we will also store your personal data in our CRM system in order to remain in contact with you in the longer term. Legal basis is art. 6 Para. 1 S. lit. a GDPR. You can withdraw your consent at any time by sending an e-mail to firstname.lastname@example.org. Your data will then be deleted immediately.
- appointment agreement via our service provider Calendly LLC
On our website we offer our visitors the opportunity to arrange appointments with our sales staff. For this purpose we have activated the service provider Calendly LLC, with whom we have concluded a data processing contract. We remain responsible for the data processing. We collect the following personal data to make an appointment:
- Name, first name,
- E-mail address,
- Appointment information (concrete occasion or event/date and time),
- Company name and function, if applicable,
- telephone number
The data will be deleted after the agreed date. Legal basis is art. 6 Para. 1 S. lit. b GDPR.
- Data security
The security of your personal data is of great importance to us. We have concluded extensive data protection agreements with the service providers used for the website. For security reasons and to protect the transmission of confidential content, such as our contact form, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you disclose to us cannot be read by third parties.
- Disclosure to third parties
Personal data is treated confidentially by us. We do not make your personal data available to third parties, unless you have given your consent or we are legally obliged to disclose the data.
- Deletion of your data
We will delete your IP address after four weeks. We store it for four weeks so that we can pursue legal violations in the event of data security deficiencies or problems with user intervention. The IP addresses are deleted immediately after the end of the four-week retention period.
- No liability for websites of third parties
Certain services of third parties are accessible through links on our site. We refer you to the privacy statements and policies posted on these websites. We do not assume any liability or responsibility for these statements and policies that are not related to our website.
- Exercise of the rights of data subjects
According to the GDPR, you have the following rights with regard to your personal data:
- Right to information,
- Right to rectification,
- Right to erasure of personal data,
- Right to restrict the processing,
- Right to object to the processing,
- Right to data portability,
- Right to withdraw consent.
You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data.