Skip to main content

Privacy policy

We explain how we handle your personal data in this privacy policy. The applicable data protection law, in particular the General Data Protection Regulation (GDPR), shall apply. With the exception of the service providers and third-party vendors we name in this privacy policy, we do not share any data with third parties. If you have any questions, please feel free to contact us.

Responsible

Responsible for data processing is
DIGIaccess GmbH
Annagraben 83
53111 Bonn

General information

Provision of data

For a use of our website is usually neither legally nor contractually required to provide personal data. Insofar as the provision of data is necessary for the conclusion of a contract or the user is obligated to provide personal data, we will inform the user of this circumstance and the consequences of not providing the data in this privacy policy.

Data transfer to third countries

We may use service providers and third parties located in countries outside the European Union and the European Economic Area. The transfer of personal data to such third countries is based on an adequacy decision of the European Commission (Art. 45 GDPR) or we have provided appropriate safeguards to ensure data protection (Art. 46 GDPR). Insofar as an adequacy decision of the European Commission exists for the transfer of data to a third country, we refer to this in this privacy policy. In all other respects, users may obtain a copy of the appropriate safeguards, if not already included in the privacy statements of the service providers or third parties, from us.

Automated decision making

If we use automated decision-making including profiling, we will inform you in this privacy statement about this circumstance, about the logic involved and the scope and intended effects of such processing. Otherwise, automated decision-making does not take place.

Processing for other purposes

As a matter of principle, data is only processed for the purposes for which it was collected. If, exceptionally, they are to be further processed for other purposes, we will inform about these other purposes prior to such further processing and provide all other relevant information (Art. 13 (3) DSGVO).

Data processing when accessing the website

Each time our website is called up, the user’s browser transmits various data. For the duration of the visit to the website, the following data is processed and stored in log files even after the end of the connection:

  • Browser type and version used
  • Operating system
  • Retrieved pages and files
  • Amount of data transferred
  • Date and time of retrieval
  • Provider of the user
  • IP address
  • Referrer URL

The processing of this data is necessary to deliver the website to the user and to optimize it for his terminal device. The storage in log files serves to improve the security of our website (e.g. protection against DDOS attacks).

The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to provide the website and improve website security. Log files are automatically deleted after 30 days.

Cookies, tracking pixels and mobile identifiers

On our website, we use technologies to recognize the end device used. These can be cookies, tracking pixels and/or mobile identifiers.

The recognition of a terminal device can basically be done for different purposes. It may be necessary to provide functions of our website, for example to provide a shopping cart. In addition, the aforementioned technologies may be used to track the behavior of users on the site, for example for advertising purposes. We describe separately in this privacy policy which technologies we use in detail and for which purposes.

For a better understanding, we explain below in general how cookies, tracking pixels and mobile identifiers work:

  • Cookies are small text files that contain certain information and are stored on the user’s terminal device. In most cases, this is an identification number that is assigned to an end device (cookie ID).
  • A tracking pixel is a transparent graphic file that is embedded on a page and enables log file analysis.
  • A mobile identifier is a unique number (mobile ID) that is stored on a mobile device and can be read by a website.

Cookies may be necessary for our website to function properly. The legal basis for the use of such cookies is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to provide the functions of our website.

We use cookies that are not required for the operation of our website in order to make our offer more user-friendly or to be able to track the use of our website. The legal basis here depends on whether the user’s consent must be obtained or we can invoke a legitimate interest. The user can revoke a given consent at any time, among other things, through the settings in his browser.

The user can prevent and object to the processing of data using cookies by making the appropriate settings in his browser. In case of objection, not all functions of our website may be available. We provide separate information on other options for objecting to the processing of personal data by cookies in this privacy policy. Where appropriate, we will provide links that can be used to object. These are labeled “Opt-Out”.

Contact

In the event of contact, we process the user’s details, date and time for the purpose of processing the inquiry, including any queries.

For the management of customer relationships we use the CRM system Zoho CRM. Provider: Zoho Corporation B.V., Hoogoorddreef 15, 1101 BA, Amsterdam, The Netherlands.

Zoho CRM Privacy Policy

The legal basis for data processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to respond to the requests of our users. Additional legal basis is Art. 6 para. 1 UAbs. 1 letter b) DSGVO, if the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.

The data will be deleted as soon as the request, including any queries, has been answered. We check at regular intervals, but at least every two years, whether any data accrued in connection with contacts is to be deleted.

Newsletter

Users have the option to sign up for newsletters on our site. In doing so, we process the data entered during registration in order to be able to send a confirmation email to the user’s email address. After confirmation, we process the data to be able to send newsletters. For the purpose of personalization, we may also process the user’s name if the user has provided it.

With the registration date and time as well as the IP address of the user are stored to be able to prove an entry. We continue to process this data for verification purposes after deregistration and delete it after three years at the end of the year.

To improve our content, we measure how successful our newsletters are, for example, how often users open them and which links are clicked. For this purpose, e-mails contain a tracking pixel. We do not track the activities of individual users.

The legal basis for the processing is the consent of the user according to Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, the processing is carried out according to Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Legitimate interests on our part are the sending of newsletters, the personalized addressing of the user and the proof that the user has registered for the newsletter.

Registration for a user account

Users can register for our offer on our website. In this context, we process the data entered during registration. We have the e-mail address confirmed by sending a link (double opt-in) to prevent misuse of the registration function. Furthermore, we process the date and time and the IP address of the user for this purpose. For verification purposes, we also process the date, time and IP address of the user when the confirmation link is clicked.

The data will be deleted with the deletion of the user account after three years at the end of the year, unless there is a longer legal obligation to retain the data.

The legal basis for the processing is Art. 6 para. 1 UAbs. 1 lit. a) DSGVO, insofar as we obtain the consent of the user. If the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures, it is based on Art. 6 para. 1 UAbs. 1 lit. b) GDPR. The legal basis for the rest is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to enable users to access our offer requiring registration, to protect ourselves against misuse of the registration function and to be able to prove proper registration. After the deletion of the user account, our legitimate interest is furthermore the defense against possible claims.

Job applications

When users apply for a job, we process personal data for the purpose of the application process. In addition to the data submitted by the user, we process other data that is generated in the course of the application process (e.g., during an interview). Should we include data in an applicant pool, this will only be done on the basis of the user’s prior consent. In this case, the data will be processed beyond the conclusion of the application process so that contact can be made in the event of suitable job offers.

Applicant data is deleted three months after completion of the application process. In the case of inclusion in an applicant pool, the data is retained for a maximum of two years unless the consent given is revoked beforehand.

The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter b) DSGVO. In the case of consent given for inclusion in an applicant pool, the processing is based on Art. 6 para. 1 UAbs. 1 lit. a) GDPR. After termination of the application process, the processing is carried out on the basis of Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is the defense against possible claims under the General Equal Treatment Act.

Orders and payment processing

When an order is placed in our online store, we process the data provided when the order is placed, such as name, bank details or payment data, in order to process the order. We only pass on payment data to our payment service providers if this is necessary to process the payment.

The legal basis for the processing of order data is Art. 6 para. 1 UAbs. 1 letter b) DSGVO. If the user deposits his order data in a user account, Art. 6 para. 1 UAbs. 1 lit. a) DSGVO the legal basis. For the rest, the processing is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to process refunds and pursue claims.

Order and payment data will be deleted as soon as they are no longer required for the processing of the order including a reversal of the payment (e.g. due to a revocation or a withdrawal from the contract) and a processing of warranty cases and no legal storage obligations exist. In the event that the user has stored his order data in his user account for a repeat order, the data will be deleted together with the user account if they are not required for the processing of a specific order.

Other third party services

Zoho SalesIQ

When you visit our website, anonymized usage data is collected using the ZOHO service SalesIQ (https://zoho.eu/salesiq). SalesIQ uses so-called “cookies”, which enable an analysis of our website. You can prevent this “tracking” by making the appropriate settings in your browser.
We store this data exclusively for statistical purposes. The IP addresses are shortened by the last digits within the scope of the legislation in order to ensure anonymity.

Zoho Page Sense

When you visit our website, anonymized usage data is collected using the ZOHO service PageSense (https://zoho.eu/pagesense). Page Sense only records visits and clicks on our website completely anonymously. There is no inference to individual visitors. PageSense only allows us to check the general usage of our website in the form of a heat map and as a result display important content to you at the right place on each web page. No usage data or personal data is collected or stored.

Facebook Pixel

For online marketing purposes, we use Facebook Pixel. Provider: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

The Facebook Pixel allows us to play interest-based advertising based on the use of our website via Facebook. For this purpose, a cookie is set on the user’s terminal device, via which the use can be assigned to an identification number. In addition, other user data relevant to advertising, such as browser information, device information, the pages visited, the time of the visit and referring URLs are processed. We only receive summary results from Facebook that allow us to understand how successful our advertising efforts are. We use Facebook Pixel without advanced matching.

Users can object to the collection and use of information for interest-based advertising by Facebook on the following pages: http://www.aboutads.info/choices and http://www.youronlinechoices.eu

Insofar as we obtain the consent of the user, the processing of data is based on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to be able to show users advertising that is relevant to them.

When using Facebook Pixel, we and Facebook are joint controllers within the meaning of Art. 26 DSGVO. We have therefore reached an agreement with Facebook that specifies who fulfills which obligations under the GDPR. According to this, we are responsible for providing information on the joint processing of personal data in accordance with Art. 13 and 14 DSGVO. It is agreed between us and Facebook that Facebook is responsible for enabling the rights under Articles 15 to 20 of the GDPR with respect to personal data stored by Facebook after joint processing.

The shared responsibility agreement can be accessed here: https://www.facebook.com/legal/controller_addendum

Information on how Facebook processes personal data, the information pursuant to Art. 13 DSGVO, including the legal basis on which Facebook relies, as well as the user’s options for exercising his or her Facebook rights, can be found in Facebook’s privacy policy.

Privacy policy of Facebook Pixel without matching

jsDelivr

We use the content delivery network (CDN) jsDelivr. Provider: Prospect One.io, Krolewska 65a, Krakow, Malopolskie 30-081, Poland.

Content is loaded from servers of the CDN. In order for a connection to be established, it is technically necessary to transmit the user’s IP address.

The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to improve the speed and availability of our website.

Privacy policy of jsDelivr

Facebook Social Plugins

We integrate content and buttons of the social network Facebook via a plugin on our website. Provider: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

In order to load content from Facebook, it is technically necessary to transfer the user’s IP address to the company. If the user is logged in to Facebook, the visit to a page can be assigned to the account.

Insofar as we obtain the consent of the user, the processing of data is based on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest for the integration of Facebook content and buttons is the user-friendly design of our website.

Facebook Social Plugins Privacy Policy

Leadinfo

We use the lead generation service of Leadinfo B.V., Rotterdam, Netherlands. This recognizes visits by companies to our website based on IP addresses and shows us publicly available information for this purpose, such as company names or addresses. In addition, Leadinfo sets two first-party cookies to evaluate user behavior on our website and processes domains from form submissions (e.g., “leadinfo.com”) to correlate IP addresses with companies and improve services. For more information, visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In case of opt-out, your data will no longer be collected by Leadinfo.”

YouTube

We embed videos from YouTube. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. We use the extended data protection mode so that YouTube does not track user behavior unless the user watches the video. In order to provide videos, it is technically necessary to transfer the user’s IP address to YouTube.

The use of YouTube takes place on the legal basis of Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to improve the user experience of our website and to present content that is of interest to our users.

You can object to personalized advertising by Google at any time by exercising the following opt-out.

Opt-Out

YouTube privacy policy

Google Tag Manager

We use Google Tag Manager to manage our website tags. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

The Tag Manager is a cookieless domain that triggers tags from various providers, which in turn collect data. Google Tag Manager does not access this data. In order to trigger tags, it is technically necessary to transmit the user’s IP address to Google.

The Google Tag Manager is used on the legal basis of Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to simplify the management of third-party services we use.

Google Tag Manager Privacy Policy

Google Maps

To be able to display geographical maps, we use Google Maps. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. In doing so, it is technically necessary to transfer the user’s IP address to Google. In addition, the company sets various cookies to identify the user and play out personalized advertising.

Insofar as we obtain the consent of the user, the processing of data is based on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is the user-friendly design of our website.

We have entered into a shared responsibility agreement with Google.

Opt-Out

Google Maps Privacy Policy

Google Fonts

On our website we use Google Fonts. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Fonts are loaded from the Google server. In order to establish a connection to the server, it is technically necessary to transmit the user’s IP address.

The legal basis of the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest lies in the reduction of loading times and a uniform presentation on different end devices.

Google Fonts Privacy Policy

Google Analytics

To analyze the use of our website, we use Google Analytics. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

In order to track the user’s activities on the website, a cookie is set on the end device. We use Google Analytics with the anonymize IP extension. The user’s IP address is automatically shortened before it is transmitted to servers in the USA. Among other things, the approximate geographic location, terminal device, screen resolution, browser, and pages visited, including the time spent on them, are evaluated.

Insofar as we obtain the consent of the user, the processing of data is based on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is the optimization of our website, the improvement of our offers and online marketing.

The data collected by Google Analytics is automatically deleted after 14 months.

Opt-Out

Privacy policy of Google Analytics

Profiles in social networks

We are present in one or more social networks. In detail, these are: LinkedIn, Xing, Facebook, Twitter or Instagram. When contacting us, we process personal data as described above under contact.

The providers of social networks process data in accordance with their privacy policies, which can be accessed here:

If a user is logged in with his account, the activities on our profile in the respective social network may be assigned to him. This can be done across devices and, if necessary, without a login, for example, using cookies or mobile identifiers. The providers of social networks use the collected data to create pseudonymized user profiles, which they can use in particular to play out personalized advertising.

Rights of data subjects

If personal data of the user is processed, he is a data subject in the sense of the GDPR. Data subjects are entitled to the following rights:

Right of access: The data subject has the right to obtain confirmation as to whether personal data concerning him or her are being processed. If personal data are processed, the data subject shall have the right to obtain free of charge information as well as a copy of the personal data that are the subject of the processing.

Right to rectification: The data subject has the right to request that inaccurate or incomplete personal data be corrected without undue delay.

Right to erasure: The data subject has the right to request immediate erasure of personal data concerning him or her in accordance with the law.

Right to restriction of processing: The data subject has the right to request restriction of the processing of personal data concerning him or her in accordance with the law.

Right to data portability: The data subject has the right to obtain the personal data concerning him or her in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.

Right to object: The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her which is carried out on the basis of Art. 6 para. 1 UAbs. 1 lit. e) or f) DSGVO; this also applies to profiling based on these provisions. If personal data are processed for the purposes of direct marketing, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing; this shall also apply to profiling insofar as it is related to such direct marketing.

Right of withdrawal: The data subject has the right to withdraw his or her given consent at any time.

Right to complain: The data subject has the right to complain to a supervisory authority.

Privacy policy status: November 17, 2020