Privacy Policy

Privacy Policy

Prelude

With the following privacy policy, we would like to inform you about which types of personal data (hereinafter referred to as "data") we process for which purposes and to what extent. This privacy policy applies to all processing of personal data carried out by us, including within the scope of our services, on our websites, mobile applications, and external online presences such as our social media profiles (hereinafter referred to collectively as "online services").

The terms used are non-gender-specific.

As of: December 8, 2023

Table of Contents

  • Prelude
  • Responsible Party
  • Overview of Processing
  • Relevant Legal Bases
  • Security Measures
  • Transmission of Personal Data
  • Data Deletion
  • Rights of Data Subjects
  • Use of Cookies
  • Provision of Online Services and Web Hosting
  • Contact and Inquiry Management
  • Communication via Messenger
  • Videoconferences, Online Meetings, Webinars, and Screen Sharing
  • Audio Content
  • Cloud Services
  • Newsletter and Electronic Notifications
  • Advertising Communication via Email, Post, Fax, or Telephone
  • Web Analytics, Monitoring, and Optimization
  • Online Marketing
  • Presences in Social Networks (Social Media)
  • Plugins and Embedded Functions and Content
  • Management, Organization, and Tools
  • Changes and Updates to the Privacy Policy
  • Definitions

Responsible Party

Commercial Register: HRB 90362
20 Fenchurch Street
London, EC3M 3BY, UK
Safefin Partners GmbH

Email Address:
[email protected]

Overview of Processing

The following overview summarizes the types of data processed and the purposes for which they are processed and refers to the affected persons.

Types of Processed Data

  • Master Data
  • Location Data
  • Contact Data
  • Content Data
  • Usage Data
  • Meta, Communication, and Process Data
  • Image and/or Video Recordings
  • Contact Information (Facebook)
  • Event Data (Facebook)

Categories of Data Subjects

  • Customers
  • Employees
  • Prospects
  • Communication Partners
  • Users
  • Depicted Persons

Purposes of Processing

  • Provision of contractual services and fulfillment of contractual obligations
  • Contact inquiries and communication
  • Direct marketing
  • Reach measurement
  • Tracking
  • Office and organizational procedures
  • Remarketing
  • Conversion measurement
  • Audience segmentation
  • Management and response to inquiries
  • Content Delivery Network (CDN)
  • Feedback
  • Marketing
  • Profiles with user-related information
  • Provision of our online services and user-friendliness
  • Information technology infrastructure

Relevant Legal Bases

[Please insert the relevant legal bases here.]

Security Measures

We take suitable technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying probabilities of occurrence and severity of threats to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

These measures include in particular ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to data as well as access to, entry into, sharing, ensuring availability, and their separation. Furthermore, we have procedures in place that ensure the exercise of data subject rights, the deletion of data, and responses to data breaches. Moreover, we take privacy into account when developing or selecting hardware, software, and procedures in accordance with the principle of data protection by design and by default.

TLS/SSL Encryption (https): To protect users' data transmitted via our online services, we use TLS/SSL encryption. Secure Sockets Layer (SSL) is the standard technology for securing internet connections by encrypting data transmitted between a website or app and a browser (or between two servers). Transport Layer Security (TLS) is a more secure, updated version of SSL. Hyper Text Transfer Protocol Secure (HTTPS) is displayed in the URL when a website is secured by an SSL/TLS certificate.

Transmission of Personal Data

In the course of processing personal data, we may transmit data to other entities, companies, legally independent organizational units, or individuals, or disclose it to them. These recipients of the data may include, for example, service providers assigned with IT tasks or providers of services and content embedded into a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements to ensure the protection of your data with the recipients of your data.

Data Transmission Within the Organization

We may transmit personal data to other entities within our organization or grant them access to this data. If such a transfer occurs for administrative purposes, it is based on our legitimate business and operational interests or if it is required to fulfill our contractual obligations or if the data subject has given consent or if legal permission exists.

VT Media GmbH:
Thiedestraße 30, 38122 Braunschweig, Germany.

Data Deletion

The data we process will be deleted in accordance with legal requirements as soon as the consent to process them is revoked or other permissions expire (e.g., when the purpose of processing the data no longer applies or if the data is no longer needed for that purpose). If the data is not deleted because it is required for other lawful purposes, its processing will be restricted to those purposes. For example, this applies to data that must be retained for commercial or tax reasons, or data required for the assertion, exercise, or defense of legal claims or to protect the rights of another natural or legal person. We may inform users about deletion and retention of data specifically for the respective processing processes within the scope of our privacy notices.

Rights of Data Subjects

Rights of data subjects under the GDPR: You have various rights as a data subject under the GDPR, particularly from Articles 15 to 21 of the GDPR:

  • Right to Object: You have the right to object at any time to the processing of personal data concerning you, based on your particular situation, which is carried out under Article 6 (1) (e) or (f) of the GDPR; this also applies to profiling based on these provisions. If personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data for such marketing, which includes profiling to the extent it is related to such direct marketing.
  • Right to Withdraw Consent: You have the right to withdraw any consent you have given at any time.
  • Right to Access: You have the right to obtain confirmation as to whether personal data concerning you is being processed, and to access that data along with further information and a copy of the data in accordance with legal requirements.
  • Right to Rectification: You have the right to request the completion of incomplete data or the correction of inaccurate data concerning you in accordance with legal requirements.
  • Right to Erasure and Restriction of Processing: You have the right to request the immediate deletion of personal data concerning you, or alternatively, to request the restriction of processing of the data in accordance with legal requirements.
  • Right to Data Portability: You have the right to receive personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, or to request its transmission to another controller, in accordance with legal requirements.
  • Right to Lodge a Complaint with a Supervisory Authority: In accordance with legal requirements, and without prejudice to any other administrative or judicial remedy, you also have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State where you normally reside, your place of work, or the place of the alleged infringement, if you believe that the processing of personal data concerning you infringes the GDPR.

Use of Cookies

Cookies are small text files or other storage tokens that store information on end devices and retrieve information from the end devices. For example, to store login status in a user account, shopping cart contents in an e-commerce store, accessed content, or features used on an online service. Cookies can also be used for various purposes, such as functionality, security, and convenience of online services, and to create analytics of visitor flows.

Consent Notice

We use cookies in accordance with legal requirements. Therefore, we obtain prior consent from users unless it is not required by law. A consent is particularly not necessary when the storing and reading of information, including cookies, is strictly necessary to provide the users with a telemedia service they have explicitly requested (i.e. our online service). The necessary cookies usually include those needed to display and operate the online services, load balancing, security, storage of user preferences and choices, or similar purposes that are essential for providing the main and secondary functions of the online service requested by users.

Legal Bases for Processing

Legitimate Interests (Article 6(1) Sentence 1 (f) GDPR). Consent (Article 6(1) Sentence 1 (a) GDPR).

Further Information on Processing Procedures, Techniques, and Services:

Processing of Cookie Data Based on Consent: We use a cookie consent management procedure to obtain, manage, and withdraw user consent for the use of cookies, as well as for processing and providing data processing information. This procedure stores the consent declaration to avoid re-querying consent and to comply with legal obligations.

Cookiebot: Cookie Consent Management; Service Provider: Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark; Website: https://www.cookiebot.com/en; Privacy Policy: https://www.cookiebot.com/en/privacy-policy/.

Provision of Online Services and Web Hosting

We process the users' data to provide them with our online services. For this purpose, we process the user's IP address, which is required to deliver the content and functionalities of our online services to the users' browsers or devices.

Processed Data Types

  • Usage Data (e.g., visited websites, interest in content, access times)
  • Meta, Communication, and Process Data (e.g., IP addresses, time information, identification numbers, consent status)
  • Content Data (e.g., inputs in online forms)

Affected Persons

Users (e.g., website visitors, users of online services).

Purpose of Processing

  • Provision of our online services and user-friendliness
  • Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.))
  • Content Delivery Network (CDN)

Legal Bases

Legitimate Interests (Article 6(1) Sentence 1 (f) GDPR).

Further Information on Processing Procedures, Techniques, and Services:

Provision of Online Services on Rented Storage Space: To provide our online services, we use storage space, computing capacity, and software that we rent or obtain from an appropriate server provider (also referred to as a "web host"); Legal Bases: Legitimate Interests (Article 6(1) Sentence 1 (f) GDPR).

STRATO: Services in the field of information technology infrastructure and related services (e.g., storage space and/or computing capacity); Service Provider: STRATO AG, Pascalstraße 10, 10587 Berlin, Germany; Legal Bases: Legitimate Interests (Article 6(1) Sentence 1 (f) GDPR); Website: https://www.strato.de; Privacy Policy: https://www.strato.de/datenschutz.

Changes and Updates to the Privacy Policy

We ask you to regularly inform yourself about the contents of our privacy policy. We will update the privacy policy as soon as the changes in our data processing require it. We will inform you as soon as the changes necessitate your action (e.g., consent) or other individual notification.

If we provide addresses and contact information for companies and organizations in this privacy policy, please note that these addresses may change over time, and we kindly ask you to check the details before contacting.

Definitions

In this section, you will find an overview of the terminology used in this privacy policy. As far as the terms are legally defined, the legal definitions apply. The following explanations are primarily intended to assist with understanding.

Content Delivery Network (CDN)

A "Content Delivery Network" (CDN) is a service that helps deliver content from an online service, especially large media files, such as graphics or program scripts, more quickly and securely using regional distributed and internet-connected servers.

Conversion Measurement

Conversion measurement (also referred to as "visitor action analysis") is a process used to determine the effectiveness of marketing activities. This typically involves saving a cookie on the users' devices within the websites where marketing activities are carried out, and then retrieving it on the destination website. For example, we can track whether the ads we placed on other websites were successful.

Personal Data

"Personal Data" refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"); a natural person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., a cookie), or one or more specific attributes that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

Profiles with User-Related Information

The processing of "profiles with user-related information" or "profiles" refers to any automated processing of personal data where such data is used to analyze, evaluate, or predict certain personal aspects relating to a natural person (depending on the type of profiling, this may involve information such as demographics, behavior, and interests, e.g., interaction with websites and their contents).

Reach Measurement

Reach measurement (also referred to as web analytics) involves analyzing visitor flows on an online service and can include examining visitors' behavior or interests in particular information, such as content on websites. This helps website operators adjust content to better meet their visitors' needs.

Remarketing

"Remarketing" or "retargeting" refers to the practice of noting the products a user was interested in on a website and then reminding them of those products on other websites, e.g., through ads.

Location Data

Location data arises when a mobile device (or other device with the necessary location-determining technical features) connects to a cell tower, WLAN, or similar technical means of location determination. Location data helps identify the geographical position of the device on the earth.

Tracking

"Tracking" refers to the ability to track users' behavior across multiple online services. This typically involves storing behavioral and interest data in cookies or on the servers of the providers of tracking technologies (also known as profiling).

Responsible Party

The "Responsible Party" is the natural or legal person, authority, agency, or other body that determines the purposes and means of the processing of personal data, either alone or in cooperation with others.

Processing

"Processing" refers to any operation or series of operations performed with or without the aid of automated procedures concerning personal data. The term encompasses practically any handling of data, such as collecting, evaluating, storing, transmitting, or deleting.

Audience Segmentation

"Audience segmentation" (also known as "custom audiences") refers to determining target audiences for advertising purposes, e.g., showing ads to users interested in certain products or topics.