In the following, we inform about the collection of personal data when using our website. Personal data are all data that are personally identifiable to you, e.g. name, address, e-mail addresses, user behavior. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.
1 Responsible for data processing
Responsible according to Art. 4 para. 7 EU Data Protection Basic Regulation (DSGVO) is INFORM Institut für Operations Research und Management GmbH, Pascalstraße 35, 52076 Aachen, info[at]inform-software.com (see our imprint/legal).
2 Contact option of the data protection officer
You can contact our data protection officer at email@example.com or at our postal address with the addition “the data protection officer”.
3 Your rights
You have the following rights towards us with regard to personal data concerning you:
3.1 General rights
You have a right of access, rectification, cancellation, restriction of processing, objection to processing and data transferability. If processing is based on your consent, you have the right to revoke this consent with effect for the future.
3.2 Rights in data processing according to legitimate interest
Pursuant to Art. 21 para.1 DSGVO, you have the right to object at any time to the processing of personal data concerning you on the basis of Art. 6 para.1 e DSGVO (data processing in the public interest) or Article 6 para.1 f DSGVO (data processing to safeguard a legitimate interest) for reasons arising from your particular situation; this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
3.3 Rights in direct advertising
If we process your personal data for direct marketing purposes, you have the right pursuant to Art. 21 para. 2 DSGVO to object at any time to the processing of personal data concerning you for the purpose of such advertising, this also applies to profiling insofar as it is associated with such direct marketing.
In the event of your objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
3.4 Right of appeal to a supervisory authority
You also have the right to complain to a competent data protection supervisory authority about our processing of your personal data.
4 Collection of personal data when you visit our website
When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:
IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transmitted in each case, website from which the request comes, browser, operating system, and its interface, language and version of the browser software.
The legal basis for this is Art. 6 para. 1 f DSGVO.
5 Contact via e-mail or contact form
When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, if applicable your name and your telephone number) will be stored by us in order to answer your questions. If we use our contact form to request information that is not required to establish contact, we have always marked it as optional. These details serve us to concretize your inquiry and to improve the processing of your request. This information is provided expressly on a voluntary basis and with your consent, Art. 6 Para.1 a DSGVO. If this involves information on communication channels (e.g. e-mail address, telephone number), you also agree that we may contact you via this communication channel in order to respond to your request. You can of course revoke this consent at any time in the future.
We delete the data arising in this context after the storage is no longer necessary, or limit the processing if statutory retention obligations exist.
6 Comment function in the blog on the website
We offer users the opportunity to leave individual comments on individual blog posts on blogs that are located on our website. A blog is a portal on a website, usually open to the public, in which one or more people who are called bloggers or web bloggers can post articles or write down thoughts in so-called blog posts. The blog posts can usually be commented by third parties.
If a person leaves a comment in the blog published on this website, not only the comments left by the person concerned, but also information about the time of entering the comment and the user name (pseudonym) chosen by the person concerned will be stored and published. Furthermore, the IP address assigned to the person concerned by the Internet service provider (ISP) is logged. This data is stored for security reasons and in the event that the person concerned violates the rights of third parties or posts illegal content by submitting a comment. This personal data is stored in accordance with Art. 6 Para. 1 f DSGVO, so that the latter could exculpate itself in the event of a violation of the law. The personal data collected will not be disclosed to third parties, unless such disclosure is required by law or serves the legal defense of the data controller.
7 Subscription to comments in the blog on the website
Comments posted on our blogs can be subscribed to by third parties. In particular, it is possible for a commentator to subscribe to the comments that follow his comment on a particular blog post.
If a data subject chooses to subscribe to comments, the controller sends an automatic confirmation email to double opt-in to verify that the owner of the specified email address has actually chosen this option. The option to subscribe to comments can be cancelled at any time.
8 Blog Email Subscription
8.1 General Information
With your consent according to art. 6 para. 1 a DSGVO you can subscribe to our blog, with which we inform you about our new posts.
For the registration to our new blog posts we use the so-called double opt-in procedure. This means that after your registration we will send you an e-mail to the specified e-mail address in which we ask you to confirm that you would like the newsletter to be sent. If you do not confirm your registration, your information will be blocked and deleted.
In addition, we store your IP addresses and the time of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
After your confirmation we will save your e-mail address for the purpose of sending you the new post updates. The legal basis is Art. 6 para. 1 a DSGVO.
You can revoke your consent to receive the new post updates at any time and unsubscribe from the blog. You can declare your revocation by clicking on the link provided in every new post e-mail or by sending a contact request to the data protection officer specified above.
9 Participation in sweepstakes
When you participate in sweepstakes, we collect the data necessary to conduct the sweepstake. These are usually an individual competition entry (e.g. a comment or a photo), as well as name and contact details. We may pass on your data to our competition partners, e.g. to send you the prize. The processing and transfer of data may vary depending on the competition and is therefore described in detail in the respective conditions of participation. Participation in the competition and the related data collection is of course voluntary. The legal basis for data processing is your consent in accordance with Art. 6 Para. 1 a DSGVO. Your data will be deleted after the end of the competition.
We use YouTube for the integration of videos. YouTube is operated by YouTube LLC, headquartered at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc. based at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
On some of our websites we use plugins from YouTube. When you access the websites on our website that are provided with such a plugin – for example our media library – a connection to the YouTube servers is established and the plugin is displayed. This transmits to the YouTube server which of our Internet pages you have visited. If you are logged in as a YouTube member, YouTube assigns this information to your personal user account. When using the plugin, e.g. clicking the start button of a video, this information is also assigned to your user account.
You can prevent this assignment by logging out of your YouTube account and other user accounts of YouTube LLC and Google Inc. and deleting the corresponding cookies of the companies before using our website.
Further information on data processing and privacy protection by YouTube (Google) can be found at www.google.de/intl/de/policies/privacy/.
When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard disk in the browser you use and through which certain information flows to the place that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.
This website uses the following types of cookies, the scope and functionality of which are explained below:
11.1 Transient cookies
These cookies are automatically deleted when you close your browser. This includes in particular the session cookies. These store a so-called session ID, with which different requests of your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.
11.2 Persistent Cookies
These cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
11.3 Flash Cookies
The Flash cookies used are not recorded by your browser, but by your Flash plug-in. We also use HTML5 storage objects that are stored on your mobile device. These objects store the required data independently of your browser and do not have an automatic expiry date. If you do not wish the Flash cookies to be processed, you must install an appropriate add-on, e.g. “Better Privacy” for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using private mode in your browser. We also recommend that you regularly delete your cookies and your browser history manually.
11.4 Prevention of cookies
You can configure your browser settings according to your wishes and refuse the acceptance of third party cookies or all cookies, for example. Please note that you may not be able to use all functions of this website.
11.5 Legal bases and storage period
The legal bases for possible processing of personal data and their storage duration vary and are described in the following sections.
12 Website analysis
12.1 General Information
For the purpose of analyzing and optimizing our websites we use various services, which are described below. For example, we can analyze how many users visit our site, which information is most in demand or how users find the offer. Among other things, we collect data about the website from which a person has accessed a website (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. This helps us to design and improve our offers in a user-friendly way. The data collected is not used to personally identify individual users. Anonymous or at most pseudonymous data is collected. The legal basis for this is Art. 6 para. 1 f DSGVO.
12.2 Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The use includes the Universal Analytics mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyze a user’s activities across devices.
13 Google Maps
Detailed instructions for managing your own data in connection with Google products can be found here.
The legal basis for the use of this service is Art. 6 para. 1 f DSGVO.
For the integration of videos we use the provider Vimeo. Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, New York, New York 10011.
On some of our websites we use plugins from the provider Vimeo. When you access the websites of our website provided with such a plugin, a connection to the Vimeo servers is established and the plugin is displayed. This will transmit to the Vimeo server which of our web pages you have visited. If you are logged in as a member of Vimeo, Vimeo will assign this information to your personal user account. When using the plugin, e.g. clicking the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo account and deleting the corresponding Vimeo cookies before using our website.
The legal basis for the use of this service is Art. 6 para. 1 f DSGVO.
15 Retrieval of profile pictures from Gravatar
We use the service Gravatar of Automattic Inc. 60 29th Street #343, San Francisco, CA 94110, USA, within our online offer and especially in our blog.
Gravatar is a service where users can log in and store profile pictures and their e-mail addresses. If users leave contributions or comments with the respective e-mail address on other online presences (above all in blogs), their profile pictures can be displayed next to the contributions or comments. For this purpose, the e-mail address provided by the users is transmitted to Gravatar in encrypted form for the purpose of checking whether a profile has been saved for it. The e-mail address will not be used for other purposes and will be deleted afterwards.
The use of Gravatar is based on our legitimate interests within the meaning of Art. 6 para. 1 f DSGVO.
If users do not want an image associated with their email address to appear in Gravatar’s comments, you should use a non-Gravatar email address for commenting. We would also like to point out that it is also possible to use an anonymous or no e-mail address if users do not wish their own e-mail address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our comment system.
16 Retrieval of emojis and smilies
Within our WordPress blog, graphical emojis (or smilies), i.e. small graphical files that express feelings, are used that are obtained from external servers. The providers of the servers collect the IP addresses of the users. This is necessary so that the emoji files can be transmitted to the users’ browsers.
The legal basis for the use of this service is Art. 6 para. 1 f DSGVO.
17.1 Google AdWords
In order to draw attention to our services, we place Google Adwords ads and use Google Conversion Tracking for the purpose of personalized, interest- and location-related online advertising. The option to anonymize IP addresses is controlled by the Google Tag Manager via an internal setting that is not visible in the source of this page. This internal setting is set so that the anonymization of the IP addresses required by the Federal Data Protection Act is achieved.
Ads appear after searches on Google Network web pages. We have the possibility to combine our ads with certain search terms. Cookies enable us to serve ads based on a user’s previous visits to our website.
When you click on an ad, Google sets a cookie on your computer. Further information on the cookie technology used can also be found in Google’s notes on website statistics and in the data protection regulations.
With the help of this technology, Google and we as customers receive information that a user has clicked on an ad and has been redirected to our websites. The information obtained in this way is used exclusively for statistical evaluation for ad optimization. We do not receive any information that personally identifies visitors. The statistics provided to us by Google include the total number of users who clicked on one of our ads and, if applicable, whether they were forwarded to a page of our website with a conversion tag. On the basis of these statistics we can trace the search terms for which our advertisement was clicked particularly often and which advertisements lead to contact by the user via the contact form.
If you do not wish to do so, you can prevent the storage of the cookies required for these technologies, for example via the settings of your browser. In this case, your visit is not included in the user statistics.
However, we and Google continue to receive statistical information on how many users visited this page and when. If you do not want to be included in these statistics either, you can prevent this by using additional programs for your browser (for example, the Ghostery add-on).
18 Data transmission
A transfer of your data to third parties does not take place, unless we are legally obliged to do so, or the transfer of data is necessary for the execution of the contractual relationship, or you have previously expressly consented to the transfer of your data.
External service providers and partner companies such as online payment providers or the shipping company commissioned with the delivery will only receive your data if this is necessary to process your order. In these cases, however, the scope of the transmitted data is limited to the required minimum. As far as our service providers come into contact with your personal data, we ensure within the scope of the order processing according to Art. 28 DSGVO that these comply with the regulations of the data protection laws in the same way. Please also note the respective data protection information of the providers. The respective service provider is responsible for the content of external services, whereby we check the compliance of the services with the legal requirements within the scope of reasonableness.
It is important to us to process your data within the EU/EEA. However, we may use service providers who process data outside the EU/EEA. In these cases, we ensure that an appropriate level of data protection is established at the recipient prior to the transfer of your personal data. This means that a data protection level comparable to the standards within the EU is achieved via EU standard contracts or an adequacy decision, such as the EU Privacy Shield.
19 Data security
We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.
19.1 Limit Login Attempts
To defend against brute force attacks, we use the WordPress plugin “Limit Login Attempts”. To protect against brute force attacks, IP addresses are stored in our WordPress database. Responsible for WordPress is Automattic Inc, 60 29th Street No. 343, San Fancisco, CA 94110, USA.
The data is stored on the basis of Art. 6 Para. 1f DSGVO.
Further information on data processing and data protection by WordPress can be found at https://automattic.com/privacy/.
The Shariff plugin is integrated on this website. The Shariff plugin provides social media buttons that comply with data protection regulations. Shariff was developed for the German computer magazine c’t and is published by GitHub, Inc.
Developer of the component is GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, CA 94107, USA.
Usually, the button solutions provided by social networks already transfer personal data to the respective social network when a user visits a website into which a social media button has been integrated. By using the Shariff component, personal data is only transmitted to social networks when the visitor to a website actively presses one of the social media buttons. The purpose of using the Shariff component is to protect the personal data of visitors to our website and at the same time to enable us to integrate a button solution for social networks on this website.