Privacy Policy of Bitly Europe GmbH

As of June 2022

I. Identity and contact details of the data controller

The data controller responsible in accordance with the purposes of the General Data Protection Regulation (GDPR) of the European Union and other data protection regulations is:

Bitly Europe GmbH

Am Lenkwerk 13

33609 Bielefeld

Germany

privacy@egoditor.com

II. Contact details of the data protection officer

The designated data protection officer is:

DataCo GmbH

Dachauer Str. 65

80335 Munich

Germany

+49 89 7400 45840

www.dataguard.de

III. Scope of this Privacy Policy

This Privacy Policy describes the processing of personal data in the context of providing our services and on the following websites:

qrcode-generator.de

qr-code-generator.com

egoditor.com

IV. Provision of website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and relevant information from the computer system of the calling device.

The following data is collected:

Browser type and version used
The user's operating system
The user’s internet service provider
The IP address of the user
Date and time of access
Web pages from which the user’s system accessed our website
Web pages accessed by the user’s system through our website

This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Purpose of data processing

The temporary storage of the IP address by the system is necessary for the delivery of the website to the computer of the user. For this purpose, the user’s IP address must be kept for the duration of the session.

The storage in logfiles is done to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of our IT systems. An analysis of this data for marketing purposes does not take place.

For the aforementioned purposes, our legitimate interest lies in the processing of data in compliance with Art. 6 (1)(1)(f) GDPR.

3. Legal basis for data processing

The legal basis for the temporary storage of data and logfiles is Art. 6 (1)(1)(f) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The session is complete when the collection of data for the provision of the website is accomplished.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users or visitors are deleted or alienated so that an assignment of the calling client is not possible.

5. Objection and removal

The collection of data for the provision of the website as well as the storage of data in log files are essential for the operation of the website. Therefore, the user may not object to the aforementioned processes.

V. Use of cookies or similar technologies

We use so-called cookies and similar technologies to make your visit to our website comfortable and to enable the use of certain functions. Cookies are small text files that are used as identifiers. We transfer them to the hard drive of your computer via your web browser and can read them during your visit. When cookies or similar technologies are used to process personal data, information about your end device (laptop, tablet, smartphone or similar) is stored on it, when you visit our website. This does not mean, however, that we gain direct knowledge of your identity. Please note that certain cookies are already stored as soon as you enter our website.

We use cookies and similar technologies for the following purposes: Technically necessary; Comfort; Statistics; Marketing.

When we use cookies and/ or similar techniques for processing personal data, the types of personal data processed may vary, depending on the categories of cookies or similar techniques.

You have the option of preventing cookies from being stored on your computer via the appropriate settings in your browser. However, this may limit the functionality of our website or prevent you from accessing it.

You will find further information regarding the cookies we use in this Privacy Policy and in our Consent Banner.

For further information on the our use of cookies and similar technologies please contact privacy@egoditor.com.

VI. Hosting

The website is hosted on AWS. Third parties do not have access to server log files.

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The stored information is:

Browser type and version
Used operating system
Referrer URL
Hostname of the accessing computer
Time and date of the server request
IP address of the user's device

This data will not be merged with other data sources. The data is collected on the basis of Art. 6 (1)(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - and server log files are therefore recorded.

The server of the website is geographically located in Ireland.

VII. Online Marketing Measures

1. Description and scope of data processing

On our websites, we use different kinds of online marketing technologies. Therefore we collect data from users who visit our website. Cookies, pixels and code are used that connect our website to other third-party platforms of our online marketing partners. This enables us to track the success of our online marketing activities, link a page visit, signup or decision for a paid plan to an affiliate marketing activity and personalize the advertising displayed on other third-party platforms. To be able to determine the commission for our affiliate partners, it is necessary for us to learn whether you have taken advantage of the offers of an affiliate link.

In this context, the following types of data may be processed: IP address, device information, referrer URL, websites visited, access time, clicks, metadata.

In order to track online marketing success, the required information can be supplemented by certain values that comprise a component of the link or that can be stored elsewhere, e.g. in a cookie. These values may include, in particular, the source website (referrer), the time, an online identifier of the operator of the website where the affiliate link was located, an online identifier of the respective offer, the type of link used, the type of offer and an online identifier of the user.

2. Purpose of data processing

The purpose of this processing is to determine commissions for our online marketing partners, learning about efficiency of online marketing measures, lead generation, optimize our online reach, track online marketing campagnes and personalized advertising.

3. Legal basis for data processing

If you have given us your consent to use a third-party provider, the legal basis for the data processing is art. 6 (1)(1)(a) GDPR.

However, the use of a third-party provider may also form part of our (pre)contractual services, in which case the legal basis for the data processing is Art. 6 (1)(1)(b) GDPR. Otherwise, your data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services) and the legal basis for the data processing is Art. 6 (1)(1)(f) GDPR.

Our online marketing partners

We implemented tracking for the following online marketing partners:

Quora, Inc. (https://www.quora.com/about/privacy)
Reddit, Inc. (https://advertising.reddithelp.com/en/categories/policy-guidelines/advertiser-measurement-program-terms)
Centro, Inc. (https://www.centro.net/privacy-policy/?nhnf=true)
Pinterest, Inc. (https://policy.pinterest.com/en-gb/privacy-policy)
Twitter, Inc. (https://twitter.com/en/privacy)
Meta Platforms, Inc. (Facebook Ads) (https://www.facebook.com/legal/terms/dataprocessing; https://www.facebook.com/business/gdpr)
Google LLC (Google Ads) (https://business.safety.google/adsprocessorterms/)
Bidtheatre AB (https://www.bidtheatre.com/privacy-policy/#sources; https://www.bidtheatre.com/privacy-policy/#personalData)
Aktyvus sektorius UAB (Eskimi) (https://manual.eskimi.com/books/eskimi-gdpr-compliance-key-questions-answered/page/gdpr-compliance)
Yahoo (https://legal.yahoo.com/us/en/yahoo/privacy/index.html)
AWIN Ltd (https://www.awin.com/gb/privacy#section_awin-consumers)
FlexOffers.com, LLC (https://www.flexoffers.com/privacy-policy/)
Outbrain Inc (https://www.outbrain.com/privacy/)
Taboola (https://www.taboola.com/policies/privacy-policy; https://www.taboola.com/policies/media-privacy-addendum)
MGID, Inc. (https://www.mgid.com/services/privacy-policy)
LinkedIn Corporation (https://www.linkedin.com/legal/l/dpa; https://www.linkedin.com/legal/privacy-policy)
Microsoft Advertising (https://about.ads.microsoft.com/en-us/resources/policies/microsoft-advertising-privacy-policy; https://about.ads.microsoft.com/en-us/resources/policies/privacy-and-data-protection-policies)
Tradedoubler (https://www.tradedoubler.com/de/privacy-policy/)

You can find further information regarding the processing of data by our online marketing partners under the respective link.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

5. Objection and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent until the revocation. In addition, you can object to processing on the basis of legitimate interest. To do so, please send an email to privacy@egoditor.com.

Voluum

1. Description and scope of data processing

We use the affiliate tracking software Voluum, a service provided by CentralNic Poland sp. z o.o., with a registered office at ul. Lubicz 17G, 31-503 Kraków, Poland (“Voluum”), to reduce the processing of personal data for the purposes of learning about affiliate marketing success.

For this purpose we implement a cookie based pixel (Conversion cookie). This cookie allows us to track events such as signup or purchase and link them to our specific affiliate partners. This processing of data includes the IP address, user agent, http request header, http request parameters, device ID, request time, and the unique identifier.

Voluum creates a so-called click ID. This pseudonymous identifier is passed to our affiliate partners to determine the commission for our affiliate partners without providing them with information that allows our affiliate partners to identify you.

2. Purpose of data processing

The purpose of this processing is to learn about online marketing success and to determine the commission for our online marketing partners.

3. Legal basis for data processing

If you have given us your consent to use a third-party provider, the legal basis for the data processing is art. 6 (1)(1)(a) GDPR. However, the use of a third-party provider may also form part of our (pre)contractual services, in which case the legal basis for the data processing is Art. 6 (1)(1)(b) GDPR. Otherwise, your data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services) and the legal basis for the data processing is Art. 6 (1)(1)(f) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

5. Objection and removal

VIII. Contact via Email

1. Description and scope of data processing

You can contact us via the email address provided on our website. In this case the personal data of the user transmitted with the email will be stored.

The data will be used exclusively for the processing of the conversation.

2. Purpose of data processing

We process your personal data for the purpose of communication, responding to inquiries, offering support and contract negotiations.

3. Legal basis for data processing

The legal basis for the processing of data transmitted while sending an email is Art. 6 (1)(1)(f) GDPR. If the purpose of the email contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1)(1)(b) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

5. Objection and removal

If you user contact us by email, you can object to the storage of your personal data at any time. In this case, all personal data stored while establishing contact will be deleted to the extent permitted or required by law. To do so, please send an email to privacy@egoditor.com.

IX. Use of Zendesk

We use the “Zendesk” customer relationship management (CRM) service. The service provider is Zendesk Inc, 989 Market Street #300, San Francisco, CA 94102, USA.

1. Description and scope of data processing

We use Zendesk for communication and to provide you with customer support. To use Zendesk, you must provide at least one valid email address. This data processing can include the following data: Name, email address, contract information, customer ID, payment information, communication data.

2. Purpose of data processing

Purposes of the processing are to offer customer support, communication with interested persons, responding to inquiries and customer relationship management.

3. Legal basis for data processing

The legal basis for the processing of data is Art. 6 (1)(1)(f) GDPR. If the purpose of the contact is to conclude a contract or if you already have an account, the additional legal basis for the processing is Art. 6 (1)(1)(b) GDPR.

To protect your personal data, we have concluded so-called standard contractual clauses (“SCCs”). SCCs are data protection regulations issued by the European Commission, the conclusion of which imposes legal obligations on the data importer and the implementation of which guarantees compliance with European data protection standards.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

5. Objection and removal

You can object to the storage of your personal data at any time. In this case, all personal data stored while establishing contact will be deleted to the extent permitted by law or no opposing legitimate interest prevails. To do so, please send an email to privacy@egoditor.com.

6. Joint controllers

With regard to data processing through Zendesk, Bitly Europe GmbH Bitly Inc. and Bitly Europe GmbH and Bitly Inc., DPT 5006, 601 W. 26th Street, Suite 357 (3rd Floor) New York, NY 10001 (“Bitly Inc.”), are joint controllers according to Art. 26 GDPR. Bitly Inc. and Bitly Europe GmbH have concluded a joint controller agreement in accordance with the GDPR, in which we have made arrangements about our joint responsibilities with regards to the processing of your personal data. We have agreed to merge our support to provide more effective support together. Your inquiries can be answered by both Bitly Europe and Bitly Inc. employees and collaborators. You can assert your data subject rights with Bitly Inc. as well as with us. The primary responsibility under GDPR for the processing of data lies with the entity which you are contacting or which is communicating with you. This entity fulfills all obligations under the GDPR with regard to the processing of data. To protect your personal data, we have concluded so-called standard contractual clauses (“SCCs”). SCCs are data protection regulations issued by the European Commission, the conclusion of which imposes legal obligations on the data importer and the implementation of which guarantees compliance with European data protection standards.

X. User of Intercom

We use the “Intercom” customer relationship management (CRM) service. Intercom R&D Unlimited Company, an Irish company with offices at 2nd Floor, Stephen Court, 18-21 St. Stephen's Green, Dublin 2, Republic of Ireland.

1. Description and scope of data processing

We use Intercom for communication and to provide you with customer support. To use Intercom, you must provide at least one valid email address. This data processing can include the following data: Name, email address, contract information, customer ID, payment information, communication data.

2. Purpose of data processing

Purposes of the processing are to offer customer support, communication with interested persons, responding to inquiries and customer relationship management.

3. Legal basis for data processing

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

5. Objection and removal

XI. User Account

Registration

1. Description and scope of data processing

We offer users the opportunity to register by providing personal data. The registration is mandatory for the provision of our service. The data is entered into an input mask and transmitted to us and stored. The following data is collected as part of the registration process:

Name
Email address
IP address of the user's device
Date and time of registration
Login information
Employer
Phone number

If you decide for a paid plan, we we additionally process the following data:

Contract information
Payment information

The data processed may vary depending on whether you are a Trial User or Paid User. You find detailed information about which data is required in each case and is processed as a result in the respective registration process and in your account.

You have the opportunity to add sub-users to your account. If you create a sub-user, the following personal data of the sub-user will be processed: Name, email address, IP address of the user's device, date and time of sub-user creation, login information, employer, phone number.

2. Purpose of data processing

Registration of the user is required for the provision of the service of QR Code Generator. We process the personal data of our users and sub-users for the purpose of providing our service.

3. Legal basis for data processing

The legal basis for the processing of the data is Art. 6 (1)(1)(b) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage and processing is not permitted or required by law.

5. Forwarding registration data to Mandrill/MailChimp

We use the Mandrill add-on from MailChimp of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA (hereinafter referred to as: MailChimp) to send transactional emails. MailChimp is an email marketing provider and enables us to communicate directly with potential customers. When you register for our services, the data you enter during registration is transferred to MailChimp and stored there. This enables us to send you relevant emails, e.g. to confirm your registration or unsubscribe from our services. Further personal data may be stored and evaluated as a result, especially the user's activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular the IP address and operating system).

For this purpose, your data will also be stored by MailChimp. Your data will not be passed on to third parties for the purpose of sending mails within the scope of using our services, nor will MailChimp obtain the right to pass on your data. Furthermore, MailChimp offers various analysis options on how the emails sent are opened and used, e.g. to how many users an email was sent, whether emails were rejected and whether users unsubscribed from the list after receiving an email.

You can find more information about the processing of data by MailChimp here: https://MailChimp.com/legal/privacy/.

6. Objection and removal

As a user you have the possibility to cancel the registration at any time. You can request a change to the data stored about you at any time.

You can revoke your consent to the storage of data and its use for sending transactional emails by MailChimp at any time. You can exercise your revocation at any time by emailing MailChimp.

You can find further information on objection and removal options from MailChimp at: https://MailChimp.com/legal/privacy/.

Google OAuth (Single Sign-On)

1. Scope of the processing of personal data

We use Google OAuth, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as “Google”). This service enables Google users to log in to other online presences with their Google profile without having to create separate accounts there. To use Google OAuth, the user needs a Google account. This is always protected by a username and an individual password. If the user discovers the logo for Google OAuth on an online presence, he or she can start the login process by clicking on the button. They can now enter their Google login data. After successful authentication, a connection is established between the Google profile and the respective online presence via which data can be transferred. The user can now use the services of the online presence without having to store a separate profile with personal data.

The user has no possibility to prevent the transmission of this data as soon as he uses Google OAuth. When using Google OAuth, the name, e-mail and address in particular are shared with us. Further information on the processing of data by Google can be found here: https://policies.google.com/privacy.

2. Purpose of data processing

The purpose of this processing is the registration and authentication of the user in order to provide our services. In addition, the use of Google OAuth serves the user-friendliness of our site.

3. Legal basis for the processing of personal data

To the extent the processing of data is necessary to authenticate the user and to provide our services, the legal basis for the processing of users' personal data is Art. 6 (1)(1)(b) GDPR. In addition, the legal basis for this processing is Art. 6 (1)(1)(f) GDPR. We have a legitimate interest to improve the user-friendliness of our website and use of our services as well as in authentication of our users.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.

5. Revocation and removal options

You can object to the storage of your personal data at any time. In this case, all personal data stored will be deleted to the extent permitted by law or no opposing legitimate interest prevails and the processing is not based on Art. 6 (1)(1)(b) GDPR. To do so, please send an email to privacy@egoditor.com.

The user can specify in his or her Google settings which data may not be transferred. If the user already uses Google OAuth, he can delete his user account. There is always the alternative option of registering directly with us to avoid such data transfer.

Third Party Transfer

Your personal data may be transferred to third parties for tax and legal reasons. Possible recipients are professionals (e.g. lawyers, tax consultants and auditors). In addition, data may be transferred to authorities (e.g. tax authorities) for tax and legal reasons. Such data transfer only takes place to recipients who are legally bound to secrecy.

The data may include the email address, IP address of the user's device, date and time of registration, login information, address, contract information, payment information.

To the extent we are legally obliged to share this data, the legal basis for this data processing is Art. 6 (1)(1)(c) GDPR. In addition, we have a legitimate interest in sharing personal information with professional consultants and auditors for the purpose of appropriate tax and legal consultation. In this case, the legal basis for the data processing is Art. 6 (1)(1)(f) GDPR.

Stripe

1. Description and scope of data processing

For the transmission and verification of purchases, we use “Stripe”, a service provided by Stripe Payments Europe, Ltd., a private limited company organized under the laws of Ireland with company number 513174 and offices at The One Building, 1 Grand Canal, Street Lower, Dublin 2, Ireland (“Stripe”).

The data processed include bank account details, billing/shipping address, card expiration date, customer name, CVC code, date/time/amount of transaction, device ID, email address, IP address/location, customer ID, payment card details, tax ID/status, unique customer identifier.

2. Purpose of data processing

We process this data for the purpose of processing and verifying payments.

3. Legal basis for data processing

The legal basis for the processing is Art. 6 (1)(1)(b) GDPR and Art. 6 (1)(1)(f) GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage and processing is not permitted or required by law.

5. Objection and removal

You can object to this processing by sending an email to privacy@egoditor.com.

XII. Neverbounce

1. Description and scope of data processing

We use NeverBounce, a email verification service provided by NeverBounce, LLC, 805 Broadway St Suite 900 Vancouver, Washington 98660 (“NeverBounce”).

By this, the email address of a user is processed for the purpose of verification and to filter invalid and spam email addresses/domains.

2. Purpose of data processing

The purpose of this processing is the verification of email addresses.

3. Legal basis for data processing

The legal basis for this processing is Art. 6 (1)(1)(f) GDPR. We have a legitimate interest to verify the email addresses of our users.

4. Duration of storage

All email addresses which are provided to NeverBounce by us are automatically deleted by NeverBounce after the verification process.

5. Objection and removal

You can object to this processing by sending an email to privacy@egoditor.com.

XIII. QR Code Generator - PRO

The Content of the QR Code Generator PRO:

All information that you put into the QR Codes/Landing Pages can generally be viewed by other internet users. Therefore, we naturally encourage you to be careful and responsible with any personal information and confidential data you publish on your QR Codes. Please keep in mind that password-protected areas do not offer absolute protection against unauthorized access: the same applies to any files that are uploaded to password-protected websites as they can still be accessed via direct links. We are storing your IP address for 7 days in order to process information like location and unique user tracking, furthermore the IP address is stored in the logfiles of our servers.

Administrative Access to your QR Code Generator PRO and QR Codes:

Please be aware that Bitly Europe team members are also authorized in specific situations to access your QR Code Generator PRO account when fulfilling customer service requests and tracking errors. This necessarily grants them the possibility to view all parts of your account, including all password-protected areas, QR Codes and settings. All members of our team are regularly trained in privacy and data protection sensibility and confidentiality in accordance with Article 5 of the German Federal Data Protection Act.

XIV. Use of Salesforce Sales Cloud

1. Scope of the processing of personal data

We use functionalities of the CRM plugin Salesforce Sales Cloud of Salesforce.com, Inc, 415 Mission Street, CA 94105, San Francisco, United States (and its representative in the Union salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636, Munich, Bavaria, Germany) (hereinafter referred to as “Salesforce”).

The plugin serves as a CRM tool for managing customers and potential customers.

The following personal data is thereby processed by Salesforce:

Name
Job title
Company name
Address
Telephone number
E-mail address
IP address
Browser information

In the process, data is transferred to Salesforce servers in the US. Salesforce has adopted Binding Corporate Rules (BCR, binding internal data protection rules) to allow the transfer of personal data from the EU and EEA to Salesforce locations outside the EU and EEA. You can find Salesforce's Binding Corporate Rules at https://compliance.salesforce.com/en/salesforce-bcrs or obtain them by sending an informal email to info-de@salesforce.com.

Other recipients of the data are:

Contracted service providers who process personal data on behalf of us for IT and system administration and hosting, credit card processing, research and analytics, marketing, customer support, and data enrichment;

Affiliates within the Salesforce group of companies that process personal data for customer support, marketing purposes, technical operations, and account management;

Sponsors of events, webinars, and contests for which you have registered;

Third-party social media providers and advertising networks that typically act as independent data controllers to allow Salesforce to advertise on their platforms;

Specifically, our AppExchange site with Salesforce third-party partners who may contact you about their products and services;

On a case-by-case basis, to professional advisors who provide consulting, banking, legal, insurance and accounting services, or if Salesforce is involved in a merger, reorganization, asset sale or business combination;

Public and governmental bodies, to the extent Salesforce is required to disclose personal data in order to comply with its legal obligations

For more information about Salesforce's processing of data, please click here:

https://www.salesforce.com/de/company/privacy/

2. Purpose of data processing

We use Salesforce Sales Cloud for contact management, opportunity management, lead management, marketing automation, sales forecasting and sales territory management.

3. Legal basis for the processing of personal data

The legal basis for the processing of users' personal data is basically the user's consent pursuant to Art. 6 (1)(1)(a) GDPR. In addition, the processing may be necessary for the initiation or realization of contractual relationships according to Art. 6 (1)(1)(b) GDPR. Otherwise, your data will be processed on the basis of our legitimate interests (i.e. interest in efficient and economical customer management) and the legal basis for the data processing is Art. 6 (1)(1)(f) GDPR.

4 Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Revocation and elimination options

For more information on opt-out and removal options from Salesforce, please visit:

https://www.salesforce.com/de/company/privacy/

XV. Optimizely

1. Scope of the processing of personal data

We use Optimizely, a service of Optimizely, Inc., 119 5th Ave 7th floor, New York, NY 10003, USA (“Optimizely”).

Optimizely is used to evaluate the flow of visitors to our online offerings and may include behavior, interests or demographic information about visitors as pseudonymous values. With the help of these analyses, we can recognize, for example, which online offer, content or functions of our products are most frequently used or invite re-use. Likewise, we can understand which areas need optimization.In addition to web analytics, we may also use testing procedures, for example, to test and optimize different versions of our online offering or its components.

This processing includes IP address, random unique identifiers, experiment and event data associated with these identifiers (such as device type,variation and experiment IDs, browser and OS version and elements of the site being tested).

2. Purpose of data processing

The purpose of this processing is improving our online offerings, services and products.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user's given consent in accordance with Art. 6 (1)(1)(a) GDPR. Otherwise, your data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services and the improvement of our service) and the legal basis for the data processing is Art. 6 (1)(1)(f) GDPR.

4. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

5. Revocation and objection options

You have the option to revoke your consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent until the revocation. In addition, you can object to processing on the basis of legitimate interest. To do so, please send an email to privacy@egoditor.com.

XVI. Hotjar

1. Description and scope of data processing

We use Hotjar, a service provided by Hotjar Ltd., 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta.

Hotjar is a software for analyzing and optimizing online offerings based on feedback functions and pseudonymously performed measurements and analyses of user behavior. This includes the processing of the following data: device’s IP address, device screen resolution, device type (unique device identifiers), operating system, browser type, geographic location (country only), preferred language, mouse events (movements, location and clicks), referring URL and domain, pages visited, date and time when website pages were accessed.

2. Purpose of data processing

The purpose of this processing is to understand the user’s interaction with our service in order to continuously improve our service and to detect and eliminate malfunctions.

3. Legal basis for data processing

The legal basis for the processing of users' personal data is basically the user's consent pursuant to Art. 6 (1)(1)(a) GDPR. In addition, the legal basis for this processing is Art. 6 (1)(1)(f) GDPR. We have a legitimate interest to improve our service and to detect and eliminate malfunctions.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law. The cookies that Hotjar uses have different "lifetimes"; some remain valid for up to 365 days, some only during the current visit; You can find more information about this here: https://www.hotjar.com/legal/policies/cookie-information.

5. Objection and removal

You have the option to revoke your consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent until the revocation. In addition, you can object to processing on the basis of legitimate interest. You can find more information about this here: https://www.hotjar.com/legal/compliance/opt-out

XVII. MixPanel

1. Description and scope of data processing

We use MixPanel on our websites, a service provided by MixPanel, Inc., One Front Street, 28th floor, San Francisco, CA 94111, USA (“MixPanel”) to analyze the use of our websites and service. MixPanel generates statistical and other information about how our websites are used.

On our behalf, MixPanel processes the following data: City; Region; Country; Time zone; Browser; Browser Version Device; Current URL Initial ReferrerInitial Referring Domain; Operating System; Mixpanel Library Referrer; Referring Domain; Screen Height; Screen Width; Search Engine Search Keyword; UTM Parameters (ie. any UTM tags associated with the link a customer clicked to arrive at the domain); Last Seen (the last time a property was set or updated).

2. Purpose of data processing

The purpose of this processing is to understand the user’s interaction with our service in order to continuously improve our online presence and service and to detect and eliminate malfunctions.

3. Legal basis for data processing

4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, to the extent further storage is not permitted or required by law.

5. Objection and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation. In addition, you can object to processing on the basis of legitimate interest. To do so, please send an email to privacy@egoditor.com.
You can also opt-out of MixPanel at https://mixpanel.com/optout/. To track opt-outs, MixPanel will place a persistent opt-out cookie on your computer. If you get a new computer, install a new browser, erase or otherwise alter your browser’s cookie file (including upgrading certain browsers), you might also clear the MixPanel opt-out cookie.

XVIII. Application via Email and application form

1. Scope of processing personal data

There is a form on our website which can be used for questions regarding job applications uploaded via the respective tool. If an applicant makes use of this possibility, the data entered in the input mask will be transmitted to us and stored. The data will be processed in order to answer your question properly and to negotiate a potential employment.

2. Purpose of data processing

The processing of personal data from the application form serves us solely to process your application. If you contact us by email, this also constitutes the necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the application form and to ensure the security of our information technology systems.

3. Legal basis for data processing

The legal basis for the processing of the data is the completion of the contractual relationship with you, Art. 6 (1)(1)(b) Alt. 1 GDPR and § 26 (1)(1) BDSG (Federal Act of Data Protection).

4. Duration of storage

After completion of the application procedure, the data will be stored for up to six months. Your data will be deleted after six months at the latest. In the event of a legal obligation, the data will be stored within the framework of the applicable provisions.

5. Objection and removal

The applicant has the possibility to object to the processing of personal data at any time. If the applicant contacts us by email, he can object to the storage of his personal data at any time. In such a case, your application will no longer be considered. To do so, please send an email to jobs@egoditor.com.

All personal data stored during electronic job applications will be deleted in this case.

XIX. Corporate web profiles on social networks

Use of corporate profiles on social networks

Twitter:

Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland

On our company profile we provide information and offer Twitter users the possibility of communication. If you carry out an action on our Twitter company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by Twitter, we cannot make any binding statements regarding the purpose and scope of the processing of your data.

Our corporate profile in social networks is used for communication and information exchange with (potential) customers.

Publications on the company profile can contain the following content:

Information about products
Information about services
Sweepstakes
Advertisement
Customer contact

Every user is free to publish personal data.

The legal basis for data processing is Art. 6 (1)(1)(a) GDPR.

In order to ensure appropriate safeguards to protect the transfer and processing of personal data outside the EU, the transfer of data to and processing of data by Twitter is based on appropriate safeguards pursuant to Art. 46 et seq. GDPR, in particular by concluding so-called standard data protection clauses pursuant to Art. 46 para. 2 lit. c GDPR.

The data generated on the company profile are not stored in our own systems.

You can object at any time to the processing of your personal data that we collect within the framework of your use of our Twitter corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to privacy@egoditor.com. For further information on the processing of your personal data by Twitter and the corresponding objection options, please click here:

Twitter: https://twitter.com/de/privacy

YouTube:

YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, United States

On our company profile we provide information and offer YouTube users the possibility of communication. If you carry out an action on our YouTube company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by YouTube, we cannot make any binding statements regarding the purpose and scope of the processing of your data.

Our corporate profile in social networks is used for communication and information exchange with (potential) customers.

Publications on the company profile can contain the following content:

Information about products
Information about services
Sweepstakes
Advertisement
Customer contact

Every user is free to publish personal data.

The legal basis for data processing is Art. 6 (1)(1)(a) GDPR.

In order to ensure appropriate safeguards to protect the transfer and processing of personal data outside the EU, the transfer of data to and processing of data by YouTube is based on appropriate safeguards pursuant to Art. 46 et seq. GDPR, in particular by concluding so-called standard data protection clauses pursuant to Art. 46 para. 2 lit. c GDPR.

The data generated on the company profile are not stored in our own systems.

You can object at any time to the processing of your personal data that we collect within the framework of your use of our YouTube corporate web profile and assert your rights as a data subject mentioned under IV. of this privacy policy. Please send us an informal email to test. For further information on the processing of your personal data by YouTube and the corresponding objection options, please click here:

YouTube: https://policies.google.com/privacy?gl=DE&hl=en

XX. Use of corporate profiles in professionally oriented networks

1. Scope of data processing

We use corporate profiles on professionally oriented networks. We maintain a corporate presence on the following professionally oriented networks:

LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland

XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany

On our site we provide information and offer users the possibility of communication.

The corporate profile is used for job applications, information, public relations, and active sourcing.

We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate profile.

If you carry out an action on our company profile (e.g. comments, contributions, likes etc.), you may make personal data (e.g. clear name or photo of your user profile) public.

Part of LinkedIn's terms of use are so-called EU standard contractual clauses (Art. 46 para. 2 lit. c GDPR). These are to be classified as an appropriate safeguard for the protection of the transfer and processing of personal data outside the EU.

2. Legal basis for data processing

The legal basis for the processing of your data in connection with the use of our corporate web profile is Art. 6 (1)(1)(f) GDPR.

The legal basis for the processing of your data in connection with the use of our corporate presence for the application process is Art. 6 (1)(1)(b) GDPR and § 26 (1)(1) BDSG.

3. Purpose of the data processing

Our corporate web profile serves to inform users about our services. Every user is free to publish personal data.

4. Duration of storage

We store your activities and personal data published via our corporate web profile until you withdraw your consent. In addition, we comply with the statutory retention periods.

5. Objection and removal

You can object at any time to the processing of your personal data which we collect within the scope of your use of our corporate web profile and assert your rights as a data subject mentioned under XIII. of this privacy policy. Please send us an informal email to the email address stated in this privacy policy.

XXI. Use of Facebook Products

Use of Facebook Comments

1. Scope of processing of personal data

We use functions of the social network Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA and their representatives in the Union Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal H , D2 Dublin, Ireland (Hereinafter: Facebook). We use this plugin to extend the functionality of our online presence. Users can use Facebook Comments to comment on content on our online presence using their Facebook account. Personal data can be stored and evaluated, especially the activity of the user (especially which pages have been visited and which elements have been clicked on) as well as device and browser information (especially the IP address and the operating system). We do not have any information about the exact scope of the collection of personal data.
For more information about Facebook's collection and storage of data, please visit:
https://de-de.facebook.com/policy.php

2. Purpose of data processing

The use of the Facebook Comment Plug-In serves the improvement of the user friendliness of our online presence. We use this plug-in to offer an embedded comment function directly on Facebook without users having to leave our online presence.

Use of Facebook Messenger Customer Chat

1. Scope of the processing of personal data

We use functionalities of the communication plugin Facebook Messenger Customer Chat of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA and its representative in the Union Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland (hereinafter: Facebook).

The plugin enables the integration of Facebook Messenger of Facebook Inc. into the website. Thus, users can communicate with our company at any time with all the functionalities of Facebook Messenger. Users can log into Messenger with their Facebook login or have a conversation as a guest user. The plugin automatically loads the last chat history between the user and our company and allows users logged into Facebook Messenger to continue the conversation from different accesses, even after leaving our website.

Cookies from Facebook are stored on your terminal device in the process.

The following personal data is processed by Facebook as a result:

Content provided by users during communication.
User data:
Unique identifiers, such as device ID, IP address.
Name, last name
Data of the Facebook account used

For more information on how Facebook processes data, click here:

https://www.facebook.com/legal/technology_terms

https://www.facebook.com/about/privacy

https://www.facebook.com/policies/cookies

2. Purpose of data processing

The use of Facebook Messenger Customer Chat serves us to communicate with our users and customers.

Use of Facebook Connect

1. Scope of processing of personal data

We use Facebook Connect, a service of Facebook Inc., 1601 Willow Road in 94024 Menlo Park, USA and their representatives in the Union Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal H , D2 Dublin, Ireland (Hereinafter: Facebook). This service enables Facebook social network users to log in to other online presences with their Facebook profile without having to create separate accounts there. In order to use Facebook Connect, the user needs a Facebook account. This is always protected by a user name and an individual password. If the user discovers the Facebook Connect logo on an online presence, he can start the login process by clicking on the button. In a pop-up or a new window he can now enter the Facebook login data. After successful authentication, a connection is established between the Facebook profile and the respective online presence via which data can be transferred. The user can now make use of the services of the online presence without having to deposit a separate profile with the personal data there.
The user has no way of preventing the transmission of this information when using Facebook Connect. The Facebook Connect login dialog basically shows which data is transmitted.
Further information on the collection and storage of data by Facebook can be found here:
https://en-gb.facebook.com/policy.php

2. Purpose of data processing

The use of Facebook Connect serves the user friendliness of our page.

Duration of storage at Facebook

Your personal information will be stored for as long as is necessary to fulfill the purposes of the use cases described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

Legal basis for the processing of personal data within products of Facebook

The legal basis for the processing of personal data within Facebook products is the user's given consent in accordance with Art. 6 (1)(1)(a) GDPR. If you contact us via Facebook, we process the data you insert in your message for the purpose of responding to you. Legal basis in this case is Art. 6 (1)(1)(f) GDPR.

Possibility of revocation of consent and removal from Facebook

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
The user can store settings in his Facebook which data may not be transferred. If the user already uses Facebook Connect, he can delete his user account. There is always the alternative possibility of registering directly with us in order to avoid such data transmission. You can prevent Facebook from collecting and processing your personal information by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" feature of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
For more information about how Facebook can opt out of and opt out of Facebook, visit:
https://en-gb.facebook.com/policy.php

XXII. Use of Google Products

Use of Google Maps

1. Scope of processing of personal data

We use the online map service Google Maps of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as “Google”). We use the Google Maps plugin to visually display geographical data and embed it on our online presence. Through the use of Google Maps on our online presence, information about the use of our online presence, your IP address and addresses entered with the route plan function are transmitted to a Google server and stored there.
Further information on the collection and storage of data by Google can be found here:
https://policies.google.com/privacy?hl=en-GB

2. Purpose of data processing

The use of the Google Maps plug-in serves to improve user friendliness and an appealing presentation of our online presence.

3. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law.

Use of Google Webfonts

1. Scope of processing of personal data

We use Google web fonts of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as Google). The web fonts are transferred to the browser's cache when the page is called up in order to be able to use them for the visually improved display of various information. If the browser does not support Google Web Fonts or does not allow access, the text will be displayed in a default font. When the page is accessed, no cookies are stored for the online presence visitor. Data transmitted in connection with the page view is sent to resource-specific domains such as https://fonts.googleapis.com or https://fonts.gstatic.com. It may be used to store and analyse personal data, in particular user activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular IP address and operating system).
The data will not be associated with any data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.
For more information about the collection and storage of data by Google, please visit:
https://policies.google.com/privacy?hl=en-GB

2. Purpose of data processing

The use of Google Webfonts serves an appealing representation of our texts. If your browser does not support this feature, a standard font will be used by your computer to display it.

3. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

Use of Google Tag Manager

1. Scope of processing of personal data

We use the Google Tag Manager (https://www.google.com/intl/de/tagmanager/) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and its representative in the Union Google Ireland Ltd., Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (Hereinafter referred to as Google). With Google Tag Manager, tags from Google and third-party services can be managed and bundled and embedded on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behavior, capture the impact of online advertising and social channels, use remarketing and targeting, and test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user's browser. It contains statements about which tags are to be triggered. Google Tag Manager triggers other tags that may themselves collect data. You will find information on this in the passages on the use of the corresponding services in this data protection declaration. Google Tag Manager does not access this data.
For more information about the Google Tag Manager, please visit https://www.google.com/intl/de/tagmanager/faq.html and see Google's privacy policy: https://policies.google.com/privacy?hl=en

2. Purpose of data processing

The purpose of the processing of personal data lies in the collected and clear administration as well as an efficient integration of the services of third parties.

3. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this Privacy Policy or as required by law. Advertising data in server logs is anonymized by Google's own statements to delete parts of the IP address and cookie information after 9 and 18 months respectively.

Use of Google Ads Conversion Tracking

1. Scope of the processing of personal data

We use functionalities of Google Ads Conversion Tracking of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google).

We use Google Ads Conversion Tracking to track how many visitors to our website came via Google Ads.

The following personal data is processed by Google as a result:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Date and time of the server request
IP address

However, since we generally or to a large extent have no influence on the processing of your personal data by Google, we cannot provide any binding information on the purpose and scope of the processing of your data.

Further information on the processing of data by Google can be found here:

https://policies.google.com/privacy

2. Purpose of data processing

The use of Google Ads Conversion Tracking serves us to track the origin of our website visitors.

3. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

Use of Google Enhanced Conversions

1. Scope of the processing of personal data

We use functionalities of Google Enhanced Conversion Tracking of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google).

We use Google Enhanced Conversion Tracking to improve the accuracy of your conversion measurement.

The following personal data is processed by Google as a result:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Date and time of the server request
IP address
E-mail address
Phone number
First name
Last name
Country of residence

This data is secured by using a one-way hashing algorithm called SHA256. Hashed data maps the original string of characters to data of a fixed length. An algorithm generates the hashed data, which protects the security of the original text. This data can only be linked to a user, if the User has a Google Account for which the same email address is used and the user agreed to personalized advertising in his Google account.

Further information on the processing of data by Google can be found here:

https://policies.google.com/privacy

2. Purpose of data processing

The use of Google Ads Conversion Tracking serves us to track the origin of our website visitors.

3. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

Use of Google Analytics

1. Scope of the processing of personal data

We use Google Analytics, an advertising analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses cookies, which are text files placed on your computer, to help the website analyze how users use the site (e.g., to measure reach). In connection with the use of Google Analytics, location data (information on the geographical position of a device or person) may be processed in addition to metadata and communication data (e.g. device information and IP addresses). Usage data (e.g. access to websites, clicks, access times), contact data (e.g. email, telephone numbers), content data (e.g. entries in online forms) or inventory data (e.g. names, addresses) may also be processed.

We would like to point out that on this website Google Analytics has been supplemented by the code "gat._anonymizeIp();" in order to ensure that IP addresses are collected anonymously (so-called IP masking).

2. Purpose of data processing

On our behalf, Google will use this information for the purposes of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and Internet usage.

3. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

4. Google Signals

We have activated Google Signals in Google Analytics. This special aspect of Google Analytics involves cross-device tracking. If you have permitted personalized ads in your Google account, your data can be analyzed across multiple devices. The data is collected and linked to the Google account. This helps us to understand the behavior of visitors and users and how you interact with our websites and products across multiple devices and sessions to improve our service and marketing measures.

Use of Google Optimize

1. Scope of the processing of personal data

We use Google Optimize, a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google optimize is used to evaluate the flow of visitors to our online offerings and may include behavior, interests or demographic information about visitors as pseudonymous values. With the help of these analyses, we can recognize, for example, which online offer, content or functions of our products are most frequently used or invite re-use. Likewise, we can understand which areas need optimization.In addition to web analytics, we may also use testing procedures, for example, to test and optimize different versions of our online offering or its components.

This processing includes usage data (e.g. web pages visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses).

The IP addresses of the users are also stored. However, we use an IP masking procedure (i.e., pseudonymization by shortening the IP address) to protect users. Generally, in the context of web analysis, A/B testing and optimization, no clear data of the users (such as e-mail addresses or names) are stored, but pseudonyms. This means that we, as well as the providers of the software used, do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.

2. Purpose of data processing

The purposes of this processing are reach measurement (e.g. access statistics, recognition of returning visitors); tracking (e.g. interest/behavior-related profiling, use of cookies); provision of our online offering and user-friendliness.

3. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, e.g. for tax and accounting purposes.

Legal basis for the processing of personal data within products of Google

The legal basis for the processing of personal data within Google products is the user's given consent in accordance with Art. 6 (1)(1)(a) GDPR. However, the use of a Google product may also form part of our (pre)contractual services, in which case the legal basis for the data processing is Art. 6 (1)(1)(b) GDPR. Otherwise, your data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services and the improvement of our service) and the legal basis for the data processing is Art. 6 (1)(1)(f) GDPR.

Possibility of revocation of consent and removal from Google

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.
You may prevent the collection and processing of your personal data by Google by preventing the storage of cookies by third parties on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser. your IP address) to Google and to prevent the processing of this data by Google by downloading and installing the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=en
With the following link you can deactivate the use of your personal data by Google:
https://adssettings.google.de
Further information on objection and removal options against Google can be found at:
https ://policies.google.com/privacy?gl=EN&hl=en

For more information on terms of use and data protection in connection with Google Analytics, please visit www.google.com/analytics/terms/de.html or www.google.com/intl/de/analytics/privacyoverview.html.
In addition, you can object to processing on the basis of legitimate interest by sending an email to privacy@egoditor.com.

XXIII. Use of SnowPlow

1. Scope of processing of personal data

We use the web tracking solution of SnowPlow Analytics Limited, d 32-38 Scrutton Street, London, United Kingdom ("SnowPlow").

By using these methods, we do not obtain any personal data about you, but rather only statistical information about the use of our websites and product. In this way, we learn, for example, which our websites content is particularly popular, at what times our website is used particularly intensively, via which pages our users reach our site, from where the user has dialed into the Internet before visiting the site, and which browsers and operating systems our users generally use when surfing on our websites. We use this information to continuously improve the content and our site from a technical, design and editorial point of view and to make it more convenient for you. Based on the statistical findings on browser type and operating system, we can thus optimize our web design.

We place a cookie in your browser and use a tracking pixel to recognize a returning user as such. The SnowPlow cookie contains a date and a non-reversible random combination number (“hash”) as well as the number of the current session. The tracking cookie we use to collect this data is loaded from our tracking server if you have enabled it after accepting it via the consent banner. The collected data is stored in a so-called tracking session together with an anonymous user ID (unique hash from browser properties and the current time). The collected data can include the following data: …^[a]

Additionally the data collection and processing takes place at all times without personal reference.

2. Purpose of data processing

We use SnowPlow to continuously improve the content and our site from a technical, design and editorial point of view and to make it more convenient for you. Based on the statistical findings on browser type and operating system, we can thus optimize our web design.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user's given consent in accordance with Art. 6 (1)(1)(a) GDPR.

4. Duration of storage

Your personal information will be stored by SnowPlow for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes. \n\n

The personal information is stored on the users' device for up to 12 months.

5. Possibility of revocation of consent and removal

If you do not agree with the storage and use of usage data by Snowplow as described above, you can declare your objection to the data collection and use that takes place during this web analysis measure by not selecting the checkbox in Cookie Consent. For more information, please see Snowplow's privacy policy. You can delete the set cookie at any time via your browser. You can find instructions in the help function of your browser.

For more information on how to object and remove a complaint against Snowplow, please see:

https://snowplowanalytics.com/privacy-policy/

XXIV. Rights of the data subject

According to the GDPR you have the following rights:

If your personal data is being processed, you have the right to be informed by the data controller about all personal data that concerns you personally (Art. 15 GDPR).

If the personal data that is being processed is incorrect or inaccurate, you are entitled to demand for the data to be corrected (Art. 16 GDPR).

If the relevant legal requirements are fulfilled, you may demand for the deletion or limitation of the processing and have the right to object to the processing altogether (Art. 17, 18, and 21 GDPR).

If you have consented to data processing or a data-processing contract and the processing of data is carried out using automated procedures, you may be entitled to data transferability (Article 20 GDPR).

If you have officially consented to the processing of your data by the data controller, you may revoke your consent at any time. The legality of the data processing carried out on the basis of the consent that was obtained prior to the revocation will not be affected.

Furthermore, a right of appeal exists with a supervisory authority (Art. 77 GDPR).

Landesbeauftragte für Datenschutz und Informationsfreiheit

Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf
Tel.: 0211/38424-0
Fax: 0211/38424-10
E-Mail: poststelle@ldi.nrw.de

XXV. Updating of our privacy policy

We reserve the right to make changes to this Privacy Policy at any time. The Privacy Policy will be updated regularly and any changes will be automatically posted on our website.