Skip to main content
Home
Home

Opening hours

Monday to Thursday:
09:00-12:30 and 13:30-17:00

Friday: 
09:00 – 12:30

Alert the right people in seconds | For any emergency, any organization.

Privacy Policy

Privacy Policy for www.safeREACH.com (Version: November 2024)

 

 

1 General information

1.1 Objectives and responsibilities

  1. This privacy policy informs you about the type, scope and purpose of the processing of personal data in relation to our online offering https://safereach.com/ and the associated websites, functions and content (hereinafter jointly referred to as ‘online offering’ or ‘website’). Details of these processing activities can be found in Section 2.
  2. Data processing of the safeREACH product is not part of this privacy policy. The data processing activities are described separately.
  3. Details on data processing for the purpose of carrying out our business processes are described in section 3.
  4. The provider of the online offering and responsible under data protection law is safeREACH GmbH (Getreidemarkt 11/10, 1060 Vienna, Austria) - hereinafter referred to as ‘we’ or ‘us’.
  5. The term ‘user’ includes all customers and visitors to the online offering.

1.2 Legal basis

In principle, we collect and process personal data based on the following legal bases:

  1. Consent in accordance with Article 6 (1) (a) of the General Data Protection Regulation (GDPR). Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
  2. Necessity for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 (1) (b) GDPR, i.e. the data is necessary for us to fulfil our contractual obligations towards you or we need the data in order to prepare the conclusion of a contract with you.
  3. Processing to fulfil a legal obligation pursuant to Article 6 (1) (c) GDPR, i.e. processing of the data is required, for example, by law or other regulations.
  4. Processing for the purposes of legitimate interests in accordance with Article 6 (1) (f) GDPR, i.e. processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.

The specific legal bases for the individual processing operations are listed in the following sections.

1.3 Rights of data subjects

You have the following rights with regard to data processing by us:

  1. Right to lodge a complaint with a supervisory authority pursuant to Article 13 (2) (d) GDPR and Article 14 (2) (e) GDPR
  2. Right of access pursuant to Article 15 GDPR
  3. Right to rectification pursuant to Article 16 GDPR
  4. Right to erasure (‘right to be forgotten’) pursuant to Article 17 GDPR
  5. Right to restriction of processing pursuant to Article 18 GDPR
  6. Right to data portability in accordance with Article 20 GDPR
  7. Right to object in accordance with Article 21 GDPR
    Note: Users can object to the processing of their personal data in accordance with the legal requirements at any time with effect for the future. The objection can be made in particular against processing for direct marketing purposes.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

1.4 Data erasure and storage duration

The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

1.5 Security of processing

  1. We have implemented appropriate and state-of-the-art technical and organisational security measures (TOMs). This protects the data processed by us against accidental or intentional manipulation, loss, destruction and unauthorised access.
  2. The security measures include, in particular, the encrypted transmission of data between your browser and our server.
    1. Data transfer to third parties, subcontractors and third-party providers

1.6 Data transfer to third parties, subcontractors and third-party providers

  1. Personal data is only transferred to third parties in accordance with legal requirements. We only pass on user data to third parties if this is necessary, e.g. for billing purposes or for other purposes if the transfer is necessary to fulfil contractual obligations to users.
  2. If we use subcontractors for our online services, we have taken suitable contractual precautions and appropriate technical and organisational measures with these companies.
  3. If we use content, tools or other means from other companies (hereinafter jointly referred to as ‘third-party providers’) and their registered office is located in a third country, it can be assumed that data will be transferred to the countries in which the third-party providers are based. We will only transfer personal data to third countries if there is an adequate level of data protection, user consent or other legal authorisation.

2 Processing within the scope of our online services

2.1 Web hosting

  1. The website runs on the infrastructure of Google Cloud Platform (GCP). The provider of GCP is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘Google’).
  2. When you visit our website, personal data is processed on Google's servers. The location of the cloud server is Germany. Google ensures that no data leaves the European area.
  3. Notes on data protection:
    https://cloud.google.com/product-terms?hl=en#google-cloud-platform
  4. Further information can be found in Google's privacy policy
    https://policies.google.com/privacy

2.2 Collection of information on the use of the online offer

  1. When using the online offer, information is automatically transmitted to us by the user's browser; this includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
  2. This information is processed on the basis of legitimate interests in accordance with Article 6 (1) (f) GDPR (e.g. optimisation of the online offering) and to ensure the security of processing in accordance with Article 5 (1) (f) GDPR (e.g. to defend against and investigate cyber attacks).
  3. The information is automatically deleted no later than 30 days after the end of the connection - i.e. use of the online offer - provided that there are no other retention periods to the contrary.
  4. The collection of data and the storage of data in log files is absolutely necessary for the provision of the online service. The user therefore has no right to erasure, objection or rectification.

2.3 Craft CMS

  1. We use Craft CMS from the provider Pixel & Tonic Inc (20832 SE Humber Bend, OR 97702 USA) - hereinafter referred to as P&T, to manage the content of our website.
  2. Craft CMS provides secure communication facilities between your browser and our server and uses cookies for basic internet applications. Cookies from P&T do not collect IP addresses or personal or sensitive information. The information stored by cookies is not transmitted to P&T or other third parties.
  3. P&T's standard cookies are used exclusively for communication with the Craft installation for the purpose of user authentication, form validation/security and basic web application functionality.
    -security and basic web application operations.
  4. The ‘CRAFT_CSRF_TOKEN’ cookie is set when you call up parts of the website with an integrated form and is stored for the duration of this call. The legal basis for this is a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. The cookie is technically necessary, so there are no cancellation options.
  5. We have concluded a data protection agreement with P&T in accordance with Art. 28 GDPR.
  6. Further information about data protection at P&T can be found at https://craftcms.com/privacy, at https://craftcms.com/terms-of-service and at https://craftcms.com/legal.

2.4 DoubleClick

  1. Doubleclick by Google is a service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘Google’).
  2. Doubleclick by Google uses cookies to present you with adverts that are relevant to you. A pseudonymous identification number (ID) is assigned to your browser in order to check which adverts have been displayed in your browser and which adverts have been viewed. The cookies do not contain any personal information. The use of DoubleClick cookies only enables Google and its partner websites to display adverts based on previous visits to our or other websites on the Internet. The information generated by the cookies is transmitted by Google to a server in the USA for analysis and stored there. Under no circumstances will Google combine your data with other data collected by Google.
  3. The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You consent to the processing of the data collected about you by Google in the manner and for the purposes described above.
  4. You can prevent the storage of cookies by selecting the appropriate settings in your browser software. You can also prevent Google from collecting the data generated by the cookies and relating to your use of the websites and from processing this data by Google by downloading and installing the browser plug-in available under the following link under the item ‘Extension for DoubleClick deactivation’.
  5. You can find more information about DoubleClick by Google and data protection here: https://policies.google.com/technologies/ads?hl=de

2.5 Consent management

  1. Our website uses the cookie consent technology ‘Klaro!’ to obtain your consent for cookies and cookie-based applications that require consent and to document these in compliance with data protection regulations. The provider of this technology is KIProtect GmbH, Bismarckstr. 10-12, 10625 Berlin, Germany. (hereinafter referred to as Klaro).
  2. When you enter our website, a banner is displayed by integrating a corresponding JavaScript code, which you can use to give your consent for certain cookies and cookie-based applications. As long as you do not give your consent, the aforementioned cookie consent tool blocks the setting of cookies requiring consent. The aforementioned cookie consent tool collects certain user information, including the IP address, when our website is accessed so that page views can be assigned to individual users and, on the other hand, the consent settings made by the user can be individually recorded, logged and stored for the duration of a session. This data is not passed on to Klaro.
  3. The collected data is stored until you ask us to delete it or delete the Klaro cookie yourself or until the purpose for data storage no longer applies. Mandatory statutory retention periods remain unaffected.
  4. Klaro technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
  5. Further information on the use of data by Klaro can be found at https://klaro.org/de/ressourcen/datenschutz. 

2.6 Information on Google services

  1. We use various services of Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland on our website.

    You can find more detailed information on the individual specific Google services that we use on this website in the following privacy policy.

  2. By integrating Google services, Google may collect and process information (including personal data). It cannot be ruled out that Google may also transmit the information to a server in a third country.

    The transfer to the USA depends on the function in which personal data is transferred. As the controller, we may ourselves transfer data to Google in the USA for further use.

    There is currently an adequacy decision pursuant to Art. 45 GDPR (Data Privacy Framework). However, the transfer can be based on standard contractual clauses. Google has undertaken to comply with the standard contractual clauses for the transfer of personal data to third countries (Standard Contractual Clauses - SCC).

  3. You can find more information on the standard contractual clauses at
    https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractuals-clauses-scc_de

    and at 
    https://policies.google.com/privacy/frameworks?hl=de

  4. We ourselves cannot influence which data Google actually collects and processes. However, Google states that the following information (including personal data) may be processed:
    - Log data (in particular the IP address)
    - Location-related information
    - Unique application numbers
    - Cookies and similar technologies
    Information on the types of cookies used by Google can be found at https://policies.google.com/technologies/types

    If you are logged into your Google account, Google may add the processed information to your account and treat it as personal data, depending on your account settings.

  5. Google states the following, among other things:
    ‘If you are not signed into a Google Account, we store the data we collect with unique identifiers associated with the browser, app or device you are using. This allows us to ensure, for example, that your language settings are retained for all browser sessions.

    If you are signed in to a Google Account, we also collect data that we store in your Google Account and consider to be personal data.’ (https://privacy.google.com/take-control.html)

  6. You can prevent this data from being added directly by logging out of your Google account or by making the appropriate account settings in your Google account. You can also change your cookie settings (e.g. delete cookies, block cookies, etc.).
  7. You can find more information in Google's privacy policy, which you can access here: https://www.google.com/policies/privacy/
  8. You can find information on Google's privacy settings at https://privacy.google.com/take-control.html

2.7 Google AdWords conversion tracking

  1. This website uses the ‘Google AdWords Conversion Tracking’ function of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (‘Google’).
  2. Google AdWords Conversion Tracking uses ‘cookies’, which are text files placed on your computer, to help the website analyse how users use the site when they click on a Google ad. The cookies are valid for a maximum of 90 days. Personal data is not stored. As long as the cookie is valid, Google and we as the website operator can recognise that you have clicked on an advertisement and have reached a specific target page (e.g. order confirmation page, newsletter registration). These cookies cannot be tracked across multiple websites by different AdWords participants. The cookie is used to create conversion statistics in ‘Google AdWords’. These statistics record the number of users who have clicked on one of our adverts. It also counts how many users have reached a target page that has been provided with a ‘conversion tag’. However, the statistics do not contain any data that can be used to identify you.
  3. You can prevent cookies from being stored on your hard drive by selecting ‘Do not accept cookies’ in your browser settings (in MS Internet Explorer under ‘Tools > Internet Options > Privacy > Settings’; in Firefox under ‘Tools > Settings > Privacy > Cookies’); however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
  4. The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
  5. You can find more information about how Google uses conversion data and Google's privacy policy at: https://support.google.com/adwords/answer/93148?ctx=tltp, http://www.google.de/policies/privacy/

2.8 LinkedIn Analytics and LinkedIn Ads

  1. We use the conversion tracking technology and the retargeting function of the LinkedIn Corporation on our website.
  2. With the help of this technology, visitors to this website can be shown personalised advertisements on LinkedIn. Furthermore, it is possible to create anonymous reports on the performance of the adverts and information on website interaction. For this purpose, the LinkedIn Insight tag is integrated on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged into your LinkedIn account at the same time.
  3. In LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy you will find further information on data collection and use as well as the options and rights to protect your privacy. If you are logged in to LinkedIn, you can deactivate data collection at any time by clicking on the following link: https://www.linkedin.com/psettings/enhanced-advertising.
  4. The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

2.9 Google Appspot

  1. We use the Google Appspot service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
  2. The use of the service may result in data being transferred to a third country (USA). The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.
  3. Further information can be found in the provider's data protection information at the following URL: https://policies.google.com/privacy.

2.10 Google Fonts

  1. In order to display our content correctly and graphically appealing across browsers, we use ‘Google Web Fonts’ from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter ‘Google’) to display fonts on this website.
  2. The privacy policy of the library operator Google can be found here: https://www.google.com/policies/privacy/
  3. Calling up script libraries or font libraries automatically triggers a connection to the library operator. It is theoretically possible - although it is currently unclear whether and for what purposes - that the operator collects Google data in this case. Google processes your data in the USA.
  4. We do not collect any personal data through the integration of Google web fonts.
  5. The provision of personal data is neither legally nor contractually required. However, it may not be possible to display the content of the website correctly using standard fonts.
  6. The programming language JavaScript is regularly used to display the content. You can therefore object to data processing by deactivating the execution of JavaScript in your browser or installing a JavaScript blocker. Please note that this may result in functional restrictions on the website.
  7. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 a GDPR.

2.11 Google reCAPTCHA

  1. We use Google reCAPTCHA from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland on our website.
  2. reCAPTCHA is a service that can distinguish between a human visitor and a robot/spam visitor. This makes it possible to either not tick or tick only one box when submitting a form - without having to solve a puzzle or similar.
  3. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 a GDPR. There is also a legitimate interest (pursuant to Article 6(1)(f) GDPR) in protecting the website from bot and spam requests.
  4. When using the video portal, the following domains are accessed
    - Google Fonts (fonts.gstatic.com)
    - Google Photos (ggpht.com)

2.12 Google Tag Manager

  1. We use Google Tag Manager on our website. Google Tag Manager is a service provided by Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.
  2. Google Tag Manager allows us to integrate various codes and services on our website in an organised and simplified manner. The Google Tag Manager implements the tags or ‘triggers’ the integrated tags. When a tag is triggered, Google may process information (including personal data) and process it. It cannot be ruled out that Google may also transmit the information to a server in a third country.
  3. In particular, the following personal data is processed by the Google Tag Manager
    - Online identifiers (including cookie identifiers)
    - IP address
  4. You can also find more detailed information about the Google Tag Manager on the websites https://www.google.de/tagmanager/use-policy.html 
    and at
    https://www.google.com/intl/de/policies/privacy/index.html (section ‘Data we receive based on your use of our services’).
  5. Furthermore, we have concluded an order processing contract with Google for the use of the Google Tag Manager (Art. 28 GDPR). Google processes the data on our behalf in order to trigger the stored tags and display the services on our website. Google may transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google.
  6. If you have deactivated individual tracking services (e.g. by setting an opt-out cookie), the deactivation remains in place for all affected tracking tags that are integrated by the Google Tag Manager.
  7. By integrating the Google Tag Manager, we are pursuing the purpose of being able to integrate various services in a simplified and clear manner. In addition, the integration of the Google Tag Manager optimises the loading times of the various services
  8. The legal basis for the processing of personal data described here as part of the measurement process is your express consent in accordance with Art. 6 para. 1 lit. a GDPR.
  9. The legal basis for the processing of data that is processed in the context of obtaining consent is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in being able to prove that you have given your consent to the measurement procedure (Art. 7 para. 1 GDPR).

2.13 Hubspot

  1. We use Hubspot on this website. Hubspot is a company from the USA with a branch in Ireland.
  2. Hubspot enables visitors to our website to fill out forms for downloads and contact forms. The information entered is stored on Hubspot's servers.
  3. If you submit one of the contact, demo or free trial forms, we will use your data to send you the requested information, set up a safeREACH account and arrange an appointment with you. The following data is processed depending on the form:
    - Email address
    - First name
    - Surname
    - Job title
    - Telephone number
    - Test/demo form: Use case
    - Contact form: Questions / comments
  4. Processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR, concerning contractual or pre-contractual measures. Art. 6 para. 1 lit. a GDPR if consent is requested or Art. 6 para. 1 lit. f GDPR. There is a legitimate interest in providing you with information and support.
  5. We also use Hubspot's newsletter service. This allows us to analyse campaigns and, for example, openings, browser type and clicks. We use the service to inform interested parties and customers. The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR or a legitimate interest Art. 6 para. 1 lit. f GDPR to provide test account users and customers with information about the system.

  6. Interested parties can subscribe to a newsletter on our website. We store the e-mail address for sending further information. The data is transferred to our CRM.

    Depending on the form, the following data may be collected
    - e-mail address
    - First name
    - Surname
    - Job title
    -Company
    The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can refuse or withdraw your consent at any time.

  7. Further information can be found in Hubspot's privacy policy: https://legal.hubspot.com/de/privacy-policy
  8. When using Hubspot, the following domains are called up
    - Google Recaptcha (www.google.com/recaptcha)
    - Google Fonts (fonts.gstatic.com)
    - Google (google.com)
    - Hubspot Analytics (hs-scripts.com)
    - HubSpot Forms (hsforms.com)
    - Hubspot (hubspotusercontent10 .net)

2.14 Leadfeeder

  1. We use Leadfeeder on our website. Leadfeeder is a company headquartered in Finland, Keskuskatu 6 E, 00100 Helsinki.
  2. Leadfeeder makes it possible to analyse visitor data and identify the visitor's company based on this.
  3. With Leadfeeder it is also possible to import other data, e.g. into a CRM. This data is used in the CRM to contact companies if necessary.
  4. The legal basis is consent in accordance with Art. 6 para. 1 lit. a GDPR. You can refuse consent or revoke it at any time.
  5. Leadfeeder's privacy policy is available here: https://www.leadfeeder.com/privacy/

2.15 Typeform

  1. On our website (on the ‘Prices’ page) we use Typeform from Typeform, Bac de Roda 163, Barcelona, Spain.
  2. When you use the questionnaire, data is transmitted to Typeform. When using Typeform, you will be asked again whether you accept the setting of cookies. The legal basis is Art. 6 para. 1 lit. a GDPR (consent)
  3. For example, information on the time and duration of use and the selected details are transmitted. Further information can be found in Typeform's privacy policy: www.typeform.com/terms-service/ and https://www.typeform.com/help/a/what-happens-to-my-data-360029581691/.

2.16 Vimeo

  1. Vimeo is used on our website. This is a service provided by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA.
  2. Vimeo is used to embed videos on our website and to be able to present them to you as well as to present complex issues simply and to supplement written explanations.
  3. The legal basis is consent in accordance with Art. 6 para. 1 lit. a GDPR.
  4. Further information on the handling of user data can be found in Vimeo's privacy policy at: https://vimeo.com/privacy.

2.16 Youtube

  1. We use the video portal ‘YouTube’ of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: ‘Google’) on our website (videos) in order to achieve a smooth integration of the videos and an appealing design of our website. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 a GDPR.
  2. We use the ‘extended data protection mode’ option provided by Google.
  3. When you access a page that has an embedded video, a connection to the Google servers is established and the content is displayed on the website by notifying your browser.
  4. According to Google, in ‘extended data protection mode’ your data - in particular which of our websites you have visited and device-specific information including your IP address - is only transmitted to the YouTube server in the USA when you watch the video. By clicking on the video, you consent to this transmission.
  5. If you are logged in to Google at the same time, this information will be assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website.
  6. In some cases, information is transmitted to the parent company Google Inc. based in the USA, to other Google companies and to external partners of Google, each of which may be located outside the European Union. Google uses standard contractual clauses approved by the European Commission and relies on the adequacy decisions issued by the European Commission regarding certain countries.
  7. Further information on data protection in connection with YouTube can be found in Google's privacy policy.
  8. When using the video portal, the following domains are called up:
    - Google Fonts (fonts.gstatic.com)
    - DoubleClick (doubleclick.net)
    - Google APIs (googleapis.com)
    - Google (google.com)
    - Google Static (gstatic.com)
    - Youtube Images (ytimg.com)
    - Google Photos (ggpht.com)
    - Google Video (googlevideo.com)
    - Youtube NoCookie (youtube-nocookie.com)
    - Youtube images (ytimg.com)
    - Youtube (youtube.com)

2.18 Links to other websites

  1. While using some of our services, you will be automatically redirected to other websites.
  2. Please note that this privacy policy does not apply there. The privacy policy of the linked website may differ significantly from this one.
  3. During use, a connection to the website of our app developer (allaboutapps.at) is established. This connection is necessary for the display of content.

2.19 New Relic

  1. This website uses New Relic, a web analytics service provided by New Relic Inc (‘New Relic’). New Relic uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transferred to a New Relic server in the USA and stored there.
  2. New Relic will use this information on our behalf to analyse the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. Pseudonymised user profiles can be created from the processed data.
  3. We only use New Relic with activated IP anonymisation. This means that the IP address of users is truncated by New Relic within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a New Relic server in the USA and truncated there.
  4. The IP address transmitted by the user's end device is not merged with other New Relic data. The user's personal data is deleted or anonymised after 14 months.
  5. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.
  6. Further information on the use of data by New Relic, setting and objection options, can be found in New Relic's privacy policy (https://newrelic.com/termsandconditions/privacy) and at (https://newrelic.com/termsandconditions/cookie-policy).

2.20 Microsoft Clarity and Microsoft Advertising

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

2.21 captcha.eu

We use the service captcha.eu provided by Captcha GmbH, Muthgasse 2, 1190 Vienna, Austria on our website.

captcha.eu is used to protect our website against abusive and automated access (bots) and spam. For this purpose, the service analyses technical characteristics of user behaviour when the website is accessed in order to distinguish human users from automated programs. The analysis is carried out entirely in the background and does not require any active user interaction.

According to the provider, no cookies are set and no personalised user data is stored.

In the course of using captcha.eu, the following data may be processed in particular:

  • IP address
  • technical information about the website visit
  • online-related usage data

Data processing takes place exclusively within the European Union. captcha.eu acts as a data processor on our behalf.

The legal basis for the processing is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR in protecting our website against misuse and automated attacks.

Further information on data processing by captcha.eu can be found at:
https://www.captcha.eu/dsgvo-user__de/
https://www.captcha.eu/dsgvo__de/

3 Processing for the purpose of carrying out our business processes

3.1 GoTo Webinar

  1. We use the ‘GoToWebinar’ tool from LogMeIn Inc. based in the USA.
  2. The tool is used to offer and conduct training courses, workshops, webinars or information events in online form. If necessary, video recordings are made to provide a recording. Only the presenters can be seen in the video recordings. GoToWebinar offers the function of exchanging data with other systems, e.g. the CRM. To transfer registrations to our CRM, GoToWebinar is connected to it.
  3. GoToWebinar is also used to send reminder emails to inform interested parties about the upcoming event so that they do not miss it.
  4. The legal basis is your consent in accordance with Art. 6 para. 1 lit. f GDPR. You can refuse your consent or withdraw it at any time.

3.2 Enquiry by e-mail or telephone

  1. If you contact us by e-mail or telephone, your enquiry, including all resulting personal data (name, enquiry), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent, unless it is necessary to pass it on to third parties in order to process your enquiry.
  2. This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.
  3. The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

3.3 Existing customer advertising

  1. If you have already used paid services from us, we may inform you from time to time by e-mail or letter about similar services from us (in particular new offers) if you have not objected to this.
  2. The legal basis for data processing is Art. 6 para. 1 subpara. 1 lit. f GDPR. Our legitimate interest lies in direct advertising (Recital 47 GDPR). You can object to the use of your e-mail address and postal address for advertising purposes at any time with effect for the future at no additional cost.

3.4 Staff application

For reasons of better readability, the simultaneous use of male and female and diverse language forms is avoided in the following explanations. All personal designations apply to all genders: m/f/d.

3.4.1 Direct applications

  1. We offer you the opportunity to apply to us (e.g. by e-mail or post). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that your data will be collected, processed and used in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.
  2. Scope and purpose of data collection
    If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) to the extent necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and - if you have given your consent - Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.
  3. If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of implementing the employment relationship.

  4. Retention period of the data
    If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents destroyed. The retention serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies.

    Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory retention obligations prevent deletion.

3.4.2 Inclusion in the applicant pool

  1. If we do not make you a job offer, you may have the opportunity to be included in our applicant pool. If you are accepted, all documents and details from your application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.
  2. Inclusion in the applicant pool is based exclusively on your express consent (Art. 6 para. 1 lit. a GDPR). Giving consent is voluntary and is not related to the current application process. The data subject can withdraw their consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, provided there are no legal grounds for retention.
  3. The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.

4. Cookie-Policy

4.1 General informationen

  1. Cookies are pieces of information that are transferred from our web server or third-party web servers to the user's web browser and stored there for later retrieval. Cookies can be small files or other types of information storage.
  2. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

4.2 Cookie overview, objection options

You can find an up-to-date overview of the cookies used on this website in the Consent Management Platform (CMP); see section 2.5 ‘Consent management’. In the CMP, you can view the cookies used and configure your preferences.

5 Changes to the privacy policy

  1. We reserve the right to amend this privacy policy with regard to data processing in order to adapt it to changes in the legal situation, changes to the online offering or data processing.
  2. As technology and procedures on the Internet are developing very quickly, the provisions in question and our terms of use will also change.
  3. We therefore reserve the right to send you notifications about the applicable provisions at certain intervals. Nevertheless, you should visit our website regularly and take note of any changes.
  4. Unless otherwise stated, the use of any information we hold about you and your user accounts is subject to these terms (as updated from time to time).
  5. We assure you that any significant changes to this provision that lead to a weaker protection of user data already obtained will only be made with your consent.
  6. If user consent is required or components of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.
  7. Users are requested to inform themselves regularly about the content of this privacy policy.