Data protection declaration

Privacy Notice

Preamble

This Privacy Notice describes the collection and use of your personal data in the context of your usage of our websites according to the legal requirements.

Please note that the usage of particular web content on our websites may involve further processing of your personal data which will be described in complementary Privacy Notices that have to be considered additionally.

  1.  Controller

Controller pursuant to Art. 4 paragraph 7 General Data Protection Regulation (‚GDPR‘) is

EMPAUA GmbH

Urbanstraße 71

10967 Berlin

Germany

Phone: + 49 3088789635

E-Mail: info(at)empaua.com

  1. Contact details of our Data Protection Officer

You can reach our Data Protection Officer

via E-Mail at:

dataprotection@empaua.com

via postal Mail at:

EMPAUA GmbH

– Data Protection Officer –

Urbanstraße 71

10967 Berlin

Germany

  1. Collection of personal data when you visit our website(s)

When visiting our website(s) without personally providing information to us, personal data is collected by our webserver collecting the data transmitted in connection with your access.

The data transmitted includes:

  • IP-Address
  • Name of access provider
  • Browser type, version of browser software and language of browser
  • Operating system
  • Date and time of access
  • Content of access
  • Amount of data transferred
  • Access status (successful transmission/error)
  • Website(s) the access was forwarded to
  • Website(s) accessed

In addition to the aforementioned data collection, our website(s) collect data in connection with the usage of cookies (see Section 4. of this Privacy Notice).

  1. Cookies

We use cookies on our website(s). Cookies are text files that are stored on a user’s computer system. If a user accesses our website(s) a cookie file can be saved on the local operating system. A cookie contains information that enables the identification of a user returning to our website(s).

Session cookies process information in so called Session-IDs which serve towards identifying a person during continuous access to our website(s). Session-IDs are deleted automatically when closing the browser.

Persistent cookies will remain in the cookie files of your browser after the browser has been closed. Persistent cookies are deleted after a certain period of time has elapsed. The length of this period vary amongst the different cookies used.

The use of cookies can be disabled by changing the security settings on your browser. Further adjustments with regard to the cookie usage can be made in the security settings of your browser to block certain cookies (e.g. cookies of third parties) or disable cookies altogether.

Detailed information concerning third party cookies can be found in Section 5. of this Privacy Notice.

  1. Inclusion of third-party services and cookies

5.1 Google Analytics

Our website(s) may use Google Analytics (‚GA‘), a web analysis service of Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“).

GA enables us to analyze the usage of our website(s) by cookie storage. On our behalf GA creates reports concerning the activities on our website(s) and provides us with the respective information for statistical purposes and in order to optimize our website.

Anonymized data only (e.g. anonymized IP addresses, the date and time the page was viewed, the length of your stay or the page from which you came to our website) is stored and used on our server using Google Analytics technology. This information does not enable identification of visitors to this website. IP addresses are anonymized before they are stored. This means that Google will anonymize your IP address while the data is still within member states of the European Union or other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and anonymized there. The IP address which is transmitted by your browser will not be brought into contact with other data stored by Google.

You can deactivate GA with the following browser-plugin provided by Google: http://tools.google.com/dlpage/gaoptout?hl=de

5.2 Google-Tag Manager

Our website(s) use the Google Tag Manager (‘GTM’) in order to administrate and browse our website(s) and to implement website trackers. The form and extend of data collection in this context is determined by Google. According to Google no personal data of website visitors is processed by the usage of GTM itself. Further information about GTM is available at https://www.google.com/intl/de/tagmanager/faq.html.

5.3. Pardot

Our website(s) use Pardot, a marketing automation tool of salesforce.com inc. The Landmark @ One Market Suite 300. San Francisco, CA 94105, USA. Pardot tracks website visitors by setting cookies on the browser of a visitor to remember preferences when a visitor returns to the website (e.g. form field values) and cookies for logged-in users to maintain sessions and remember table filters. Pardot cookies store a unique identifier collecting browser information, cookie data, date/time, page views, IP address and location based data.

Further information about user tracking with regard to Pardot can be found at: https://help.salesforce.com/articleView?id=pardot_basics_cookies.htm&type=5

5.4 Hotjar

Our website(s) use Hotjar, a tracking tool of Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta.

Hotjar analyzes the user behavior of website visitors (i.e. mouseclicks, movements on the website, keyboard input) and creates reports for the purpose of optimizing our websites. The data collected includes information about the visitors operating system, the internet browser and incoming/outgoing links the user has clicked on. The collected informations are saved in a pseudonymized user profile which will not be connected with other information about the webpage visitor.

You can deactivate hotjar user tracking under the following link:

https://www.hotjar.com/opt-out

Further information about hotjar can be found at:

https://www.hotjar.com/privacy/

5.5 LinkedIn Analytics

Our website(s) use Linkedin Analytics, a tracking tool provided by LinkedIn Inc., 2029 Stierlin Court, Mountain View, CA 94043, USA to track performance of LinkedIn activities. If a website visitor visits our website(s) a connection to the LinkedIn servers in the USA is established and LinkedIn is informed about the visit of our website(s) and the IP-address of the website visitor. If you press on the LinkedIn button and you are logged in your LinkedIn account, the visit of our LinkedIn page will be linked to your user account. Further information about privacy with LinkedIn can be found at: https://www.linkedin.com/legal/privacy-policy.

  1. Contact possibility via E-Mail/contact form/use of comment functions

If you make use of the possibility to contact us via E-Mail or a provided contact form, the provided information (your E-Mail address, possibly your name and telephone number) will be saved by us in order to process your request. The personal data collected in this context will be deleted if the storage is no longer necessary for this purpose. Alternatively we may restrict access to the stored data if legal retention periods apply.

If you contact us via E-Mail a secure transfer can only be guaranteed in case of encrypted communication. A transmission of confidential data shall be sent by postal mail.

The usage of comment functions on our website(s) includes the processing of the information provided by you and may include the processing of your IP address in this context.

  1. Social-Media-Plugins

Our website(s) may use social media plugins. We make usage of the so called two-click-solution, which means that initially no user data is transferred to the plugin providers when accessing our website(s). By clicking on the button of a social media plugin you are activating the plugin which may lead to a data transfer to the plugin provider and eventually the connection to an existing user profile. The plugin provider may be seated outside the European Union (e.g. USA) which may lead to a data transfer in a third country. To prevent/minimize data transfer in this context we advise you to delete cookies prior to activating the plugins. We do not determine the data collection in this context and advise you to take note of the applicable privacy notices of the respective plugin providers.

  1. Purpose and legal basis of processing your personal data

In addition to the particular purposes mentioned, the processing of your personal data is required to display our website(s), to provide stability and security of our webservers and to improve the usability of our website(s).

Legal basis for processing your personal data is Art. 6 paragraph 1 sentence 1 f) GDPR. If personal data is processed on the basis of a consent, the legal basis is Art. 6 paragraph 1 sentence 1 a) GDPR.

  1. Data transfer to third parties

In general data transfer to third parties is only conducted in the cases mentioned in this Privacy Notice. In addition data transfer to third parties may occur if:

  • we have received your explicit consent (Art. 6 paragraph 1 sentence 1 a) GDPR);
  • the processing is necessary in connection with legal claims except if the respective interests are not overridden by the interests or fundamental rights and freedoms of the data subject (Art. 6 paragraph 1 sentence 1 f) GDPR);
  • the processing is necessary for compliance with a legal obligation (Art. 6 paragraph 1 sentence 1 c) GDPR);
  • the processing is necessary for the performance of a contract with the data subject or the performance of steps at the request of the data subject prior to entering into a contract (Art. 6 paragraph 1 sentence 1 b) GDPR)
  1. Data deletion and data storage

Collected personal data will be deleted and/or the access to the data will be restricted if the purpose of the processing activity ceases to be relevant. Extended retention periods may apply in case of statutory legal provisions requiring further data retention.

  1. Rights of the data subject and the right to lodge a complaint with a supervisory authority

With regard to the personal data processed you have the following rights according to Art. 12 – 23 GDPR:

  • Right to information and access,
  • Right to rectification and erasure,
  • Right to restriction of processing
  • Right to objection
  • Right to data portability

In addition you have the right to lodge a complaint with the competent data protection authority with regard to the processing of your personal data by us.

  1. Data security

Personal data processed by us are protected against loss, falsification and unauthorized third-party access by adequate technical and organizational measures.

In order to provide a secure transmission of data between your browser and our systems, we generally use Secure Socket Layer (‘SSL’) encryption technology to encrypt communication between your browser and our webserver. URLs of websites using an SSL-encryption start with https://.

  1. Update of the Privacy Notice and contact to our Data Protection Officer

Our Privacy Notice may be updated according to changes of our website(s). You can find the current version of our Privacy Notice on our websites.

For further questions and suggestions in relation to data protection you may contact our Data Protection Officer via the contact details provided under Section 2. of this Privacy Notice.