Política de privacidad del sitio web

Introducción

A continuación, proporcionamos información sobre la recopilación de datos personales al utilizar

  • nuestro sitio web sonoro.com

  • Nuestros perfiles en las redes sociales.

Los datos personales son cualquier dato que pueda relacionarse con una persona física específica, como su nombre o su dirección IP.

Datos de contacto

El responsable del tratamiento en el sentido del artículo 4, apartado 7, del Reglamento General de Protección de Datos (RGPD) de la UE es sonoro audio GmbH, Hammer Landstraße 45, Neuss, Alemania, correo electrónico: info@sonoro.com. Nuestra representación legal recae en Marcell Faller.

Puede ponerse en contacto con nuestro delegado de protección de datos a través de heyData GmbH, Schützenstraße 5, 10117 Berlín, www.heydata.eu, correo electrónico: datenschutz@heydata.eu.

Ámbito del tratamiento de datos, fines del tratamiento y bases jurídicas

A continuación detallamos el alcance del tratamiento de datos, los fines del tratamiento y las bases legales. En principio, se tienen en cuenta los siguientes aspectos como base legal para el tratamiento de datos:

  • El artículo 6, apartado 1, letra a) del RGPD constituye nuestra base jurídica para las operaciones de tratamiento para las que obtenemos el consentimiento.

  • El artículo 6, apartado 1, letra b) del RGPD constituye la base jurídica en la medida en que el tratamiento de datos personales es necesario para la ejecución de un contrato, por ejemplo, si un visitante del sitio web nos compra un producto o le prestamos un servicio. Esta base jurídica también se aplica al tratamiento necesario para la adopción de medidas precontractuales, como en el caso de consultas sobre nuestros productos o servicios.

  • El artículo 6, apartado 1, letra c), del RGPD se aplica si cumplimos una obligación legal mediante el tratamiento de datos personales, como puede ser el caso, por ejemplo, en la legislación fiscal.

  • El artículo 6, apartado 1, letra f) del RGPD sirve de base jurídica cuando podemos basarnos en intereses legítimos para tratar datos personales, por ejemplo, en el caso de las cookies que son necesarias para el funcionamiento técnico de nuestro sitio web.

Tratamiento de datos fuera del EEE

En la medida en que transferimos datos a proveedores de servicios u otros terceros fuera del EEE, la seguridad de los datos durante la transferencia está garantizada por las decisiones de adecuación de la Comisión Europea, en la medida en que existan (por ejemplo, para Gran Bretaña, Canadá e Israel) (art. 45, apartado 3, del RGPD).

En el caso de la transferencia de datos a proveedores de servicios en EE. UU., la base jurídica para la transferencia de datos es una decisión de adecuación de la Comisión Europea si el proveedor de servicios también se ha certificado en virtud del Marco de Protección de Datos UE-EE. UU.

En otros casos (por ejemplo, si no existe una decisión de adecuación), la base jurídica para la transferencia de datos suele ser, salvo que se indique lo contrario, las cláusulas contractuales tipo. Se trata de un conjunto de normas adoptadas por la Comisión Europea y que forman parte del contrato con el tercero correspondiente. De conformidad con el artículo 46, apartado 2, letra b), del RGPD, garantizan la seguridad de la transferencia de datos. Muchos de los proveedores han ofrecido garantías contractuales que van más allá de las cláusulas contractuales tipo para proteger los datos. Entre ellas se incluyen, por ejemplo, garantías relativas al cifrado de los datos o a la obligación por parte del tercero de notificar a los interesados si las fuerzas del orden desean acceder a los datos correspondientes.

Duración del almacenamiento

Salvo que se indique expresamente en esta política de privacidad, los datos almacenados por nosotros se eliminarán tan pronto como dejen de ser necesarios para los fines previstos y no existan obligaciones legales de conservación de datos que se opongan a su eliminación. Si los datos no se eliminan porque son necesarios para otros fines legalmente permitidos, su tratamiento se restringe, es decir, los datos se bloquean y no se tratan para otros fines. Esto se aplica, por ejemplo, a los datos que deben conservarse por motivos comerciales o fiscales.

Derechos de los interesados

Los interesados tienen los siguientes derechos frente a nosotros en relación con sus datos personales:

  • Derecho de acceso,

  • Derecho de rectificación o supresión,

  • Derecho a limitar el tratamiento,

  • Derecho a oponerse al tratamiento ,

  • Derecho a la portabilidad de los datos,

  • Derecho a revocar un consentimiento otorgado en cualquier momento.

Los interesados también tienen derecho a presentar una reclamación ante una autoridad de control de protección de datos en relación con el tratamiento de sus datos personales. Los datos de contacto de las autoridades de control de protección de datos están disponibles en https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.

Obligación de proporcionar datos

En el marco de la relación comercial o de otro tipo, los clientes, los clientes potenciales o terceros deben proporcionarnos los datos personales necesarios para el establecimiento, la ejecución y la terminación de una relación comercial o de otro tipo, o que estamos legalmente obligados a recopilar. Sin estos datos, por lo general tendremos que negarnos a celebrar el contrato o a prestar un servicio, o ya no podremos ejecutar un contrato existente u otra relación.

Los datos obligatorios están marcados como tales.

No se tomarán decisiones automáticas en casos individuales.

Por principio, no utilizamos un proceso de toma de decisiones totalmente automatizado de conformidad con el artículo 22 del RGPD para establecer y aplicar la relación comercial o de otro tipo. Si utilizamos estos procedimientos en casos individuales, lo comunicaremos por separado si así lo exige la ley.

Establecer contacto

Cuando se pone en contacto con nosotros, por ejemplo, por correo electrónico o por teléfono, los datos que nos facilita (por ejemplo, nombres y direcciones de correo electrónico) serán almacenados por nosotros con el fin de responder a sus preguntas. La base legal para el tratamiento es nuestro interés legítimo (art. 6, apartado 1, frase 1, letra f del RGPD) en responder a las consultas que se nos dirigen. Eliminamos los datos recopilados en este contexto cuando ya no es necesario almacenarlos o restringimos el tratamiento si existen obligaciones legales de conservación.

Competiciones

Ocasionalmente, ofrecemos concursos a través de nuestro sitio web o por otros medios. Procesamos los datos solicitados en estos concursos con el fin de determinar y notificar a los ganadores. Posteriormente, eliminamos los datos. También es posible que solo ofrezcamos concursos para clientes existentes. En este caso, solo procesamos el nombre para determinar los ganadores y los datos de contacto para notificarles. Es nuestro interés legítimo ofrecer concursos para atraer clientes o interactuar con nuestros clientes actuales. La base legal para el procesamiento de datos es el art. 6, párr. 1, s. 1, lit. f del RGPD.

Encuestas a clientes

De vez en cuando, realizamos encuestas a nuestros clientes para conocerlos mejor y saber cuáles son sus deseos. Para ello, recopilamos los datos solicitados en cada caso. Es nuestro interés legítimo conocer mejor a nuestros clientes y sus deseos, por lo que la base jurídica para el tratamiento de datos asociado es el artículo 6, apartado 1, frase 1, letra f) del RGPD. Eliminamos los datos una vez evaluados los resultados de las encuestas.

Boletín

Nos reservamos el derecho de informar a los clientes que ya hayan utilizado nuestros servicios o comprado nuestros productos de vez en cuando por correo electrónico u otros medios sobre nuestras ofertas, si no se han opuesto a ello. La base jurídica para este tratamiento de datos es el artículo 6, apartado 1, frase 1, letra f) del RGPD. Nuestro interés legítimo es realizar publicidad directa (considerando 47 del RGPD). Los clientes pueden oponerse al uso de su dirección de correo electrónico con fines publicitarios en cualquier momento sin incurrir en gastos adicionales, por ejemplo, a través del enlace que aparece al final de cada correo electrónico o enviando un correo electrónico a nuestra dirección de correo electrónico mencionada anteriormente.

Las partes interesadas tienen la opción de suscribirse a un boletín informativo gratuito. Procesamos los datos proporcionados durante el registro exclusivamente para enviar el boletín informativo. La suscripción se realiza seleccionando el campo correspondiente en nuestro sitio web, marcando el campo correspondiente en un documento en papel o mediante otra acción clara, por la que las partes interesadas declaran su consentimiento para el procesamiento de sus datos, de modo que la base legal es el art. 6, apartado 1, letra a) del RGPD. El consentimiento puede revocarse en cualquier momento, por ejemplo, haciendo clic en el enlace correspondiente del boletín informativo o notificándolo a nuestra dirección de correo electrónico indicada anteriormente. El tratamiento de los datos hasta la revocación sigue siendo lícito incluso en caso de revocación.

Basándonos en el consentimiento de los destinatarios (art. 6, apartado 1, frase 1, letra a del RGPD), también medimos la tasa de apertura y de clics de nuestros boletines informativos para comprender qué es relevante para nuestro público.

  • Enviamos boletines informativos con la herramienta Omnisend del proveedor UAB Omnisend, Verkių g. 25C-1, LT-08223 Vilna, Lituania. El proveedor procesa contenidos, datos de uso, metadatos/datos de comunicación y datos de contacto en la UE. Para más información, consulte la política de privacidad del proveedor en https://www.omnisend.com/privacy/.
Tratamiento de datos en nuestro sitio web
Aviso para los visitantes del sitio web desde Alemania

Nuestro sitio web almacena información en los equipos terminales de los visitantes del sitio web (por ejemplo, cookies) o accede a información que ya está almacenada en los equipos terminales (por ejemplo, direcciones IP). En las siguientes secciones se detalla qué información es esta.

Este almacenamiento y acceso se basa en las siguientes disposiciones:

  • En la medida en que este almacenamiento o acceso sea absolutamente necesario para que podamos prestar el servicio de nuestro sitio web solicitado expresamente por los visitantes del mismo (por ejemplo, para llevar a cabo un chatbot utilizado por el visitante del sitio web o para garantizar la seguridad informática de nuestro sitio web), se lleva a cabo sobre la base del artículo 25, apartado 2, n.º 2, de la Ley alemana de protección de datos de servicios digitales de telecomunicaciones (Telekommunikation-Digitale-Dienste-Datenschutzgesetz, «TDDDG»).

  • De lo contrario, este almacenamiento o acceso se realiza sobre la base del consentimiento del visitante del sitio web (artículo 25, apartado 1, de la TDDDG).

El tratamiento posterior de los datos se lleva a cabo de conformidad con las siguientes secciones y sobre la base de las disposiciones del RGPD.

Uso informativo de nuestro sitio web

Durante el uso informativo del sitio web, es decir, cuando los visitantes del sitio no nos transmiten información por separado, recopilamos los datos personales que el navegador transmite a nuestro servidor con el fin de garantizar la estabilidad y la seguridad de nuestro sitio web. Este es nuestro interés legítimo, por lo que la base jurídica es el artículo 6, apartado 1, frase 1, letra f) del RGPD.

Estos datos son:

  • Dirección IP

  • Fecha y hora de la solicitud

  • Diferencia horaria con respecto al meridiano de Greenwich (GMT)

  • Contenido de la solicitud (página específica)

  • Estado de acceso/código de estado HTTP

  • Cantidad de datos transferidos en cada caso

  • Sitio web desde el que se realiza la solicitud

  • Navegador

  • Sistema operativo y su interfaz

  • Idioma y versión del software del navegador.

Estos datos también se almacenan en archivos de registro. Se eliminan cuando ya no es necesario conservarlos, a más tardar tras 14 días.

Alojamiento web y provisión del sitio web

Nuestro sitio web está alojado en DigitalOcean. El proveedor es Digitalocean LLC, 101 Avenue of the Americas 10th Floor, Nueva York, NY 10013, EE. UU. Al hacerlo, el proveedor procesa los datos personales transmitidos a través del sitio web, por ejemplo, contenidos, uso, metadatos/datos de comunicación o datos de contacto, en la UE. Para más información, consulte la política de privacidad del proveedor en https://www.digitalocean.com/legal/privacy-policy.

Es nuestro interés legítimo proporcionar un sitio web, por lo que la base jurídica del tratamiento de datos descrito es el artículo 6, apartado 1, frase 1, letra f) del RGPD.

Formulario de contacto

Cuando se pone en contacto con nosotros a través del formulario de contacto de nuestra página web, almacenamos los datos solicitados en él y el contenido del mensaje. La base legal para el tratamiento es nuestro interés legítimo en responder a las consultas que se nos dirigen. Por lo tanto, la base legal para el tratamiento es el artículo 6, apartado 1, frase 1, letra f) del RGPD. Eliminamos los datos acumulados en este contexto cuando ya no es necesario almacenarlos o restringimos su tratamiento si existen obligaciones legales de conservación.

Puestos vacantes

Publicamos las vacantes en nuestro sitio web, en páginas vinculadas al sitio web o en sitios web de terceros.

El tratamiento de los datos facilitados como parte de la solicitud se lleva a cabo con el fin de ejecutar el proceso de solicitud. En la medida en que sea necesario para nuestra decisión de establecer una relación laboral, la base jurídica es el artículo 88, apartado 2, del RGPD, en relación con el artículo 26, apartado 1, de la Ley federal alemana de protección de datos (Bundesdatenschutzgesetz). Hemos marcado los datos necesarios para llevar a cabo el proceso de solicitud o hacemos referencia a ellos. Si los solicitantes no proporcionan estos datos, no podemos tramitar la solicitud. El resto de datos son voluntarios y no son necesarios para la solicitud. Si los solicitantes proporcionan más información, la base es su consentimiento (art. 6, apartado 1, frase 1, letra a del RGPD).

Pedimos a los solicitantes que se abstengan de proporcionar información sobre opiniones políticas, creencias religiosas y datos sensibles similares en su CV y carta de presentación. No son necesarios para la solicitud. Si, no obstante, los solicitantes proporcionan dicha información, no podemos impedir su tratamiento como parte del procesamiento del currículum vitae o la carta de presentación. Su tratamiento se basa entonces también en el consentimiento de los solicitantes (art. 9, apartado 2, letra a) del RGPD).

Por último, tratamos los datos de los solicitantes para otros procedimientos de solicitud si nos han dado su consentimiento para ello. En este caso, la base jurídica es el artículo 6, apartado 1, frase 1, letra a) del RGPD.

Transmitimos los datos de los solicitantes a los empleados responsables del departamento de RR. HH., a nuestros encargados del tratamiento de datos en el ámbito de la contratación y a los empleados que participan de otro modo en el proceso de solicitud.

Si tras el proceso de selección establecemos una relación laboral con el solicitante, solo eliminaremos los datos una vez que haya finalizado dicha relación. De lo contrario, eliminaremos los datos a más tardar seis meses después de rechazar a un solicitante.

Si los solicitantes nos han dado su consentimiento para utilizar sus datos también para otros procedimientos de solicitud, no eliminaremos sus datos hasta un año después de recibir la solicitud.

Opiniones

Los visitantes del sitio web pueden dejar opiniones en nuestro sitio web sobre nuestros productos, servicios o, en general, sobre nuestra empresa. Para ello, procesamos metadatos o datos de comunicación, además de los datos introducidos. Tenemos un interés legítimo en recibir comentarios de los visitantes del sitio web sobre nuestras ofertas. Por lo tanto, la base legal para el tratamiento de datos es el artículo 6, apartado 1, frase 1, letra f) del RGPD. En la medida en que utilicemos una herramienta de terceros para el acuerdo, la información al respecto se encuentra en «Terceros».

Cuenta de cliente

Los visitantes del sitio web pueden abrir una cuenta de cliente en nuestro sitio web. Procesamos los datos solicitados en este contexto basándonos en el consentimiento del visitante del sitio web. Procesamos los datos solicitados en este contexto para cumplir con el contrato de usuario correspondiente celebrado para la cuenta, por lo que la base legal para el procesamiento es el art. 6, apartado 1, párrafo 1, letra b) del RGPD.

Oferta de productos

Ofrecemos productos a través de nuestro sitio web. Al hacerlo, procesamos los siguientes datos como parte del proceso de pedido:


  • Dirección de correo electrónico
    • Nombre
    • Dirección
    • Número de teléfono

El tratamiento de los datos se lleva a cabo para la ejecución del contrato celebrado con el visitante del sitio web correspondiente (art. 6, apartado 1, frase 1, letra b del RGPD).

Transmitimos los datos anteriores a los siguientes proveedores de servicios, en la medida en que sea necesario en el contexto del pedido:

pfenning solutions GmbH, Walter-Gropius-Str. 19c, 50126, Bergheim, Alemania

La base jurídica del tratamiento es el artículo 6, apartado 1, frase 1, letra b) del RGPD, ya que es necesario para la ejecución del contrato.

Procesadores de pagos

Para el procesamiento de los pagos, utilizamos procesadores de pagos que son ellos mismos responsables del tratamiento de datos en el sentido del artículo 4, apartado 7, del RGPD. En la medida en que reciben datos y datos de pago introducidos por nosotros en el proceso de pedido, cumplimos así el contrato celebrado con nuestros clientes (artículo 6, apartado 1, frase 1, letra b) del RGPD).

Estos procesadores de pago son:

  • Amazon Payments Europe sca, Luxemburgo

  • American Express Europa SA

  • Apple Inc., EE. UU. (para Apple Pay)

  • Google Ireland Limited, Irlanda (para Google Pay)

  • Klarna Bank AB (publ), Suecia (para «Klarna contra factura»)

  • Klarna Bank AB (publ), Suecia (para «Klarna Sofort»)

  • Mollie BV, Países Bajos

  • PayPal (Europa) S.à rl et Cie, SCA, Luxemburgo

  • Visa Europe Services Inc., Gran Bretaña
  • Amazon Pay


 Technically necessary cookies

Our website sets cookies. Cookies are small text files that are stored in the web browser on the end device of a site visitor. Cookies help to make the offer more user-friendly, effective and secure. Insofar as these cookies are necessary for the operation of our website or its functions (hereinafter "Technically Necessary Cookies"), the legal basis for the associated data processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in providing customers and other site visitors with a functional website. Specifically, we set technically necessary cookies for the following purpose or purposes:


• Cookies, to save the shopping cart
• Cookies, to save login data
• Cookies, to remember search terms
• Cookies, to apply language settings
• Cookies, to enable payment providers to process payments and not to analyze user behavior

 Third parties

 Hotjar

 We use Hotjar for analytics. The provider is Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's, STJ 3141, Malta. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.hotjar.com/legal/policies/privacy/.

 Criteo

 We use Criteo for advertising. The provider is Criteo SA, 32 rue Blanche, 75009 Paris, France. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The data is stored for a maximum of 13 months from the date of collection. We are acting as joint controllers with the service provider to provide personalized ads. Further information is available in the provider's privacy policy at https://www.criteo.com/privacy/.

 Usercentrics

 We use Usercentrics to manage consents. The provider is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR . We have a legitimate interest in managing the consent of website visitors to cookies in a simple manner.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://usercentrics.com/privacy-policy/.

 Trustpilot

 We use Trustpilot for customer reviews. The provider is Trustpilot A/S, Pilestræde 58, 5th floor, 1112 Copenhagen K, Denmark. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR . We have a legitimate interest in receiving feedback on our services from our customers through reviews.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://uk.legal.trustpilot.com/for-businesses/business-privacy-policy.

 Weglot

 We use Weglot for translations. The provider is Weglot, 138, rue Pierre Joigneaux in BOIS-COLOMBES (92270), France. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://weglot.com/de/privacy/.

 Cookiebot

 We use Cookiebot to manage consents. The provider is Usercentrics A/S, Havnegade 39, DK-1058, Copenhagen. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR . We have a legitimate interest in managing the consent of website visitors to cookies in a simple manner.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.cookiebot.com/en/privacy-policy/.

 Zendesk

 We use Zendesk for a live chat. The provider is Zendesk, Inc., 1019 Market St., San Francisco, CA 94103, USA. The provider processes content data (e.g. entries in online forms), contact data (e.g. e-mail addresses, telephone numbers), meta/communication data (e.g. device information, IP addresses), master data (e.g. names, addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.zendesk.com/company/customers-partners/privacy-policy/.

 Mouseflow

 We use Mouseflow for analytics. The provider is Mouseflow, ApSFlaesketorvet 68, 1711 Copenhagen V, Denmark. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. e-mail addresses, telephone numbers) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://mouseflow.com/privacy/.

 Elfsight

 We use Elfsight to integrate widgets. The provider is Elfsight, LLC, 0015, Armenia, Yerevan, Paronyana str., 19/3, 201. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://elfsight.com/privacy-policy/.

 WP rocket

 We use WP rocket for the website performance. The provider is SAS WP MEDIA, 4 rue de la République, 69001 LYON, France. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR . We have a legitimate interest in reducing the loading time on our website.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://wp-rocket.me/de/impressum/.

 Zendesk

 We use Zendesk for quizzes and forms. The provider is Zendesk, Inc., 1019 Market St., San Francisco, CA 94103, USA. The provider processes content data (e.g. entries in online forms), meta/communication data (e.g. device information, IP addresses), contact data (e.g. e-mail addresses, telephone numbers) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR . We have a legitimate interest in creating forms in a simple way.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.zendesk.com/company/customers-partners/privacy-policy/#how-we-use-information-that-we-collect.

 Stape

 We use Stape for data analytics, for analytics. The provider is Stape Europe OÜ, Harju maakond, Tallinn, Lasnamäe linnaosa, Sepapaja tn 6, 15551, Estonia. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://stape.io/privacy-notice.

 Microsoft Dynamics 365

 We use Microsoft Dynamics 365 for customer relationship management. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. The provider processes contract data (e.g. subject matter of the contract, term), contact data (e.g. e-mail addresses, telephone numbers), master data (e.g. names, addresses), meta/communication data (e.g. device information, IP addresses) in the EU.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR . We have a legitimate interest in managing our customer data in a simple way.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://privacy.microsoft.com/en-gb/privacystatement.

 Google Analytics

 We use Google Analytics for analytics. The provider is Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://business.safety.google/privacy/.

 Google Tag Manager

 We use Google Tag Manager for advertising, for analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://business.safety.google/privacy/.

 Meta Pixel

 We use Meta Pixel for analytics. The provider is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.facebook.com/policy.php.

 Facebook Custom Audiences

 We use Facebook Custom Audiences for advertising. The provider is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://www.facebook.com/policy.php.

 YouTube Videos

 We use YouTube Videos for videos on the website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes meta/communication data (e.g. device information, IP addresses), usage data (e.g. web pages visited, interest in content, access times) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis consents.

 Further information is available in the provider's privacy policy at https://policies.google.com/privacy.

 Zapier

 We use Zapier to automate between applications. The provider is Zapier, Inc., 548 Market St. #62411, San Francisco, CA 94104-5401, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR . We have a legitimate interest in easily connecting the applications in our company to optimize the way we work.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://zapier.com/privacy.

 Google Maps

 We use Google Maps for maps on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://business.safety.google/privacy/.

 Outbrain

 We use Outbrain for advertising. The provider is Outbrain Inc., 222 Broadway 19th Floor, New York, NY 10038, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.outbrain.com/legal/privacy#privacy-policy.

 Google Conversion Tag

 We use Google Conversion Tag for conversion tracking. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://business.safety.google/privacy/.

 Facebook Conversion API

 We use Facebook Conversion API for analytics. The provider is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.facebook.com/policy.php.

 Microsoft Advertising (Bing Ads)

 We use Microsoft Advertising (Bing Ads) for conversion tracking, for analytics. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://privacy.microsoft.com/en-gb/privacystatement.

 VWO

 We use VWO for analytics. The provider is Wingify Software Private Limited, 1104, 11th Floor, KLJ Tower North B-5, Netaji Subhash Place, Pitampura, Delhi - 110034, India. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR . We have a legitimate interest in adequately monitoring the performance of our applications.

 The transfer of personal data to a country outside the EEA takes place on the legal basis standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://vwo.com/privacy-policy/#locale_lang.

 Pinterest Conversion Tag

 We use Pinterest Conversion Tag for conversion tracking. The provider is Pinterest Inc., 505 Brannan Street San Francisco, CA 94107, USA. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. e-mail addresses, telephone numbers) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses (Art. 46 para. 2 lit. c GDPR) adopted by the EU Commission in accordance with the examination procedure under Art. 93 para. 2 of the GDPR, which we have agreed to with the provider.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://policy.pinterest.com/en/privacy-policy.

 Google Merchant Center

 We use Google Merchant Center to maintain an online store. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://business.safety.google/privacy/.

 later

 We use later for marketing campaigns, in order to organise our social media platforms better. The provider is Victory Square Media Inc., Vancouver, British Columbia, Canada. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in Canada in Canada.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://later.com/privacy/.

 Google Ads

 We use Google Ads for advertising. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://business.safety.google/privacy/.

 Meta Ads

 We use Meta Ads for advertising. The provider is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The provider processes usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses) in the USA in the USA.

 The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR . The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

 The transfer of personal data to a country outside the EEA takes place on the legal basis adequacy decision. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed because the EU Commission has decided as part of an adequacy decision in accordance with Art. 45 para. 3 GDPR that the third country ensures an adequate level of protection.

 We delete the data when the purpose for which it was collected no longer applies. Further information is available in the provider's privacy policy at https://www.facebook.com/policy.php.

 heyData

 We have integrated a data protection seal on our website. The provider is heyData GmbH, Schützenstraße 5, 10117 Berlin, Germany. The provider processes meta/communication data (e.g. IP addresses) in the EU.

 The legal basis of the processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in providing website visitors with confirmation of our data privacy compliance. At the same time, the provider has a legitimate interest in ensuring that only customers with existing contracts use its seals, which is why a mere image copy of the certificate is not a viable alternative as confirmation.

 As the data is masked after collection, there is no possibility to identify website visitors. Further information is available in the privacy policy of the provider at https://heydata.eu/en/privacy-policy .

 Data processing on social media platforms

 We are represented in social media networks in order to present our organization and our services there. The operators of these networks regularly process their users' data for advertising purposes. Among other things, they create user profiles from their online behavior, which are used, for example, to show advertising on the pages of the networks and elsewhere on the Internet that corresponds to the interests of the users. To this end, the operators of the networks store information on user behavior in cookies on the users' computers. Furthermore, it cannot be ruled out that the operators merge this information with other data. Users can obtain further information and instructions on how to object to processing by the site operators in the data protection declarations of the respective operators listed below. It is also possible that the operators or their servers are located in non-EU countries, so that they process data there. This may result in risks for users, e.g. because it is more difficult to enforce their rights or because government agencies access the data.

 If users of the networks contact us via our profiles, we process the data provided to us in order to respond to the inquiries. This is our legitimate interest, so that the legal basis is Art. 6 para. 1 s. 1 lit. f GDPR.

 Facebook

 We maintain a profile on Facebook. The operator is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available here: https://www.facebook.com/policy.php. A possibility to object to data processing arises via settings for advertisements: https://www.facebook.com/settings?tab=ads.We are joint controllers for processing the data of visitors to our profile on the basis of an agreement within the meaning of Art. 26 GDPR with Facebook. Facebook explains exactly what data is processed at https://www.facebook.com/legal/terms/information_about_page_insights_data. Data subjects can exercise their rights both against us and against Facebook. However, according to our agreement with Facebook, we are obliged to forward requests to Facebook. Data subjects will therefore receive a faster response if they contact Facebook directly.

 Instagram

 We maintain a profile on Instagram. The operator is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available here: https://help.instagram.com/519522125107875.

 YouTube

 We maintain a profile on YouTube. The operator is Google Ireland Limited Gordon House, Barrow Street Dublin 4. Ireland. The privacy policy is available here: https://policies.google.com/privacy?hl=de.

 LinkedIn

 We maintain a profile on LinkedIn. The operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy is available here: https://https://www.linkedin.com/legal/privacy-policy?_l=de_DE. One way to object to data processing is via the settings for advertisements: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

 Changes to this privacy policy

 We reserve the right to change this privacy policy with effect for the future. A current version is always available here.

 Questions and comments

 If you have any questions or comments regarding this privacy policy, please feel free to contact us using the contact information provided above.