Privacy statement

Effective date: April 3, 2023

1. Responsible body for processing in accordance with the GDPR

Responsible person within the meaning of the General Data Protection Regulation and others in
Data protection laws applicable to Member States of the European Union and others
Provisions related to data protection law are:
‍
evenito AG
Hafnerstrasse 24
8005 Zurich
https://evenito.com
info@keyed.de

2. Introduction to the privacy policy

We welcome you to our website and appreciate your interest. Protecting your personal data is important to us. We therefore conduct our activities in accordance with applicable legislation on the protection of personal data and data security. We would like to inform you below which data from your visit is used for which purposes. If you have any further questions, please contact our data protection officer and EU representative:
‍
Nils Möllers
Keyed GmbH
Siemensstrasse 12
48341 Altenberge
n.moellers@keyed.de
+49 2505639797
https://keyed.de

3. What is personal data?

The term personal data is defined in the Federal Data Protection Act and in the EU GDPR. According to this, this is individual information about the personal or factual circumstances of a specific or identifiable natural person. This includes, for example, your real name, address, telephone number or date of birth.

4. Scope of anonymous data collection and processing

Unless otherwise stated in the following sections, no personal data is collected, processed or used when using our websites. However, through the use of analysis and tracking tools, we learn certain technical information based on the data transmitted by your browser (such as browser type/version, operating system used, websites visited by us, including length of stay, previously visited website). We only evaluate this information for statistical purposes.

5. Legal basis for processing personal data

Insofar as we obtain consent from the data subject for processing personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for processing personal data. When processing personal data that is necessary to fulfill a contract to which the data subject is a party, Article 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis. For the
If the vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis. If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6 (1) (f) GDPR serves as the legal basis for processing.

6. Use of cookies

The Internet pages of evenito AG use cookies. Cookies are data that are stored by the Internet browser on the user's computer system. The cookies can be sent to a page when a page is accessed and thus enable the user to be identified. Cookies help to make it easier for users to use websites.

It is possible to object to the setting of cookies at any time by changing the settings in the Internet browser accordingly. Cookies that have been set can be deleted. It should be noted that if cookies are deactivated, it may not be possible to use all functions of our website to their full extent. The user data collected in this way is pseudonymized through technical measures. It is therefore no longer possible to assign the data to the calling user. The data is not combined with other personal data from
User saved. When visiting our website, users are informed by an information banner about the use of cookies for analysis purposes and referred to this privacy policy. In this context, there is also an indication of how to prevent the storage of cookies in the browser settings. The legal basis for processing personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The legal basis for processing personal data using cookies for analysis purposes is, with the relevant consent of
Users Art. 6 para. 1 lit. a GDPR. Please see our cookie banner and our information in this privacy policy to find out whether and to what extent cookies are used on our website.

7. Creating log files

Each time the website is accessed, evenito AG collects data and information through an automated system. These are stored in the server's log files. The data is also stored in our system's log files. This data is not stored together with other personal data of the user.
The following data may be collected here:
‍
- Information about the browser type and version used
- The user's operating system
- The user's Internet service provider
- The user's IP address
- date and time of access
- Websites from which the user's system accesses our website
(referrer)
- Websites that are accessed by the user's system via our website

8. Duration of storage of personal data

Personal data is stored for the duration of the respective legal retention period. After expiry of the period, the data will be routinely deleted, unless there is a need to initiate a contract or fulfill the contract.

9. Ways to get in touch

The https://evenito.com website has a contact form that can be used to contact us electronically. Alternatively, you can contact us via the email address provided. If the data subject contacts the controller via one of these channels, the personal data provided by the data subject will be automatically stored. The storage is for the sole purpose of processing or contacting the data subject. The data will not be passed on to third parties. If the user has given his consent, the legal basis for processing the data is Art. 6 para. 1 lit. a DS-GVO. The legal basis for processing data transmitted in the course of sending an email is Article 6 (1) (f) GDPR. If the email contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data from the contact form input mask and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the person concerned has finally been clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

10th newsletter

If you subscribe to our company's newsletter, the data in the respective input mask will be sent to the person responsible for processing. Registration for our newsletter takes place in a so-called double opt-in process. This means that after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no one can register with foreign email addresses. When signing up for the newsletter, the user's IP address and the date and time of registration are stored. This is to prevent misuse of the services or email address of the person concerned. The data will not be passed on to third parties. There is an exception if there is a legal obligation to transfer data. The data is used exclusively for
used to send the newsletter. The subscription to the newsletter can be cancelled by the data subject at any time. Consent to the storage of personal data can also be withdrawn at any time. For this purpose, there is a corresponding link in every newsletter. The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given his consent. The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 Paragraph 3 UWG.

11. Mailchimp

Description and purpose
To send the newsletter, we use the Mailchimp newsletter service from the provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. Among other things, Mailchimp organizes and analyses the sending of newsletters. When you sign up for our newsletter, we process your personal data in the form of your IP address, email address, date and time, action type, metadata, object and profile reference. This data, including the change in permission, is processed for you to use the newsletter. For
Verification purposes for your consent or revocation process your IP address, online identifiers and date and time. With the help of the Mailchimp service, we measure the success and reach of our newsletter campaigns. In this context, it is also evaluated, for example, whether you open a newsletter or how you otherwise handle the newsletter. For this purpose, Mailchimp uses and stores cookies and web beacons, for example, to enable statistical collection and to create interest profiles. In this way, we find out whether and how you interact with newsletters from us.

legal basis
The legal basis for processing is Art. 6 para. 1 lit. a) GDPR. Article 6 (1) (f) GDPR may also be the legal basis for processing data for verification purposes of consent and, if applicable, a revocation, as we have an overriding interest in verifying consent or revocation due to the legal documentation requirements under the GDPR.

transceivers
The recipient is Rocket Science Group LLC from the USA.
‍
Transfer to third countries
Your data for the purpose of subscribing to our newsletter is stored on MailChimp's servers in the USA.
‍
Storage period
Registration data will therefore only be processed as long as the newsletter subscription is active.

Contractual or legal obligation to provide personal data
The provision of personal data is neither required by law nor by contract and is also not required to conclude a contract. They are also otherwise
not required to provide personal data. However, failure to provide it would mean that we would not be able to offer you a newsletter and would therefore not be able to send it to you.
‍
Withdrawal and objection option
You have the right to withdraw your consent at any time with effect for the future. You can send or notify us of your withdrawal of consent at any time. In the case of processing personal data for verification purposes of your consent or withdrawal, you have the right to object in accordance with Article 21 GDPR. You can send or notify us of your objection at any time (e.g. via e-mail. Your personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.

Further data protection notices
Further information on data protection can be found at:
https://mailchimp.com/legal/privacy/

12. Registration on our website

If the data subject makes use of the opportunity to register on the controller's website by providing personal data, the data in the respective input form will be transmitted to the controller. The data is stored exclusively for internal use by the person responsible for processing. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
When registering, the user's IP address and the date and time of registration are stored. This is to prevent misuse of the services. The data will not be passed on to third parties. There is an exception if there is a legal obligation to transfer data.
Registration of data is required to provide content or services. Registered persons have the option of having the stored data deleted or amended at any time. The data subject receives information about their stored personal data at any time.

13. Routine deletion and blocking of personal data

The person responsible for processing processes and stores personal data of the data subject only for as long as is necessary to achieve the storage purpose. Storage may also take place insofar as this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible for processing is subject. As soon as the storage purpose no longer applies or a storage period prescribed by the above regulations expires, the personal data is routinely blocked or deleted.

14. Rights of the person concerned

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:

15. Right to information

You can request confirmation from the person responsible as to whether personal data concerning you is being processed by us. If there is such processing, you can request the following information from the person responsible:

the purposes for which the personal data are processed;
the categories of personal data that are processed;
the recipients or categories of recipients to whom your personal data has been or will be disclosed;
the planned period of storage of your personal data or, if specific information is not possible, criteria for determining the storage period;
the existence of a right to correct or delete your personal data, a right to restrict processing by the person responsible or a right to object to this processing;
the existence of a right to lodge a complaint with a supervisory authority;
all available information about the origin of the data if the personal data is not collected from the data subject;
the existence of automated decision-making, including profiling, in accordance with Article 22 (1) and (4) GDPR and — at least in these cases — meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information as to whether your personal data is being transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate guarantees in accordance with Article 46 of the GDPR in connection with the transfer.

16. Right to rectification

You have the right to correct and/or complete the data controller if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.

17. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you believe that the processing of your personal data infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 of the GDPR.

18. Right to data portability

You have the right to receive your personal data, which you have provided to the person responsible, in a structured, commonly used and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided

processing is based on consent in accordance with Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR or on a contract in accordance with Article 6 (1) (b) GDPR, and
processing is carried out using automated procedures.

In exercising this right, you also have the right to have your personal data transferred directly from one person responsible to another person responsible, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected as a result. The right to data portability does not apply to processing of personal data that is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible.

19. Right to restrict processing

You can request that the processing of your personal data be restricted under the following conditions:

if you dispute the accuracy of your personal data for a period of time that enables the person responsible to verify the accuracy of the personal data;
the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
the person responsible no longer needs the personal data for processing purposes, but you need them to assert, exercise or defend legal claims, or
if you have filed an objection to processing in accordance with Article 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the person responsible outweigh your reasons.

If the processing of your personal data has been restricted, this data — apart from storage — may only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the person responsible before the restriction is lifted.

20. Right to deletion

(1) You can request that the person responsible delete your personal data immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:

The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
You withdraw your consent on which processing was based in accordance with Article 6 (1) (a) or Article 9 (2) (a) GDPR and there is no other legal basis for processing.
You object to processing in accordance with Article 21 (1) GDPR and there are no overriding legitimate reasons for processing, or you object to processing in accordance with Article 21 (2) GDPR.
The personal data concerning you was processed unlawfully.
The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
The personal data concerning you was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.

(2) If the person responsible has made your personal data public and is obliged to delete it in accordance with Article 17 (1) GDPR, he shall take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform data controllers who process the personal data that you, as a data subject, have deleted all links to this personal data or copies or replications of this personal data from them asked for.

(3) The right to deletion does not exist insofar as processing is necessary

to exercise the right to freedom of expression and information;
to fulfill a legal obligation which requires processing under Union or Member State law to which the controller is subject, or to perform a task which is in the public interest or in the exercise of official authority vested in the controller;
for reasons of public interest in the area of public health in accordance with Article 9 (2) (h) and (i) and Article 9 (3) GDPR;
for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) GDPR, insofar as the right referred to in paragraph 1 is likely to make impossible or seriously impair the achievement of the objectives of this processing, or
to assert, exercise or defend legal claims.

21. Right to be informed

If you have asserted the right to correct, delete or restrict processing against the person responsible, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves disproportionate effort. You have the right vis-à-vis the person responsible to be informed about these recipients.

22. Right to withdraw the declaration of consent under data protection law

You have the right to withdraw your data protection consent at any time. Withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the withdrawal.

23. Automated decision in individual cases, including profiling

You have the right not to be subject to a decision based exclusively on automated processing — including profiling — which has legal effect on it or significantly affects it in a similar way. This does not apply if the decision

is necessary for the conclusion or performance of a contract between you and the person responsible,
is permitted by Union or Member State legislation to which the person responsible is subject and that legislation contains appropriate measures to protect your rights and freedoms and your legitimate interests, or
is done with your express consent.

However, these decisions may not be based on special categories of personal data under Article 9 (1) GDPR, unless Article 9 (2) lit. a or g applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.

With regard to the cases referred to in a. and c., the controller takes appropriate measures to protect the rights and freedoms and your legitimate interests, which include at least the right to obtain the intervention of a person on the part of the person responsible, to state his own position and to challenge the decision.

24. Integration of other services and content from third parties

Description and purpose

It may happen that third-party content, such as videos, fonts or graphics from other websites, is included within this online offer. This always requires that the providers of this content (hereinafter referred to as “third-party providers”) are aware of the users' IP addresses. Because without the IP address, they would not be able to send the content to the respective user's browser. The IP address is therefore required to display this content.

We make every effort to use only content whose respective providers only use the IP address to deliver the content. However, we have no influence on whether the third-party providers store the IP address, e.g. for statistical purposes. As far as we are aware of this, we will inform users about it.

Through these integrations, we want to provide and improve our online offering.

legal bases

In all other cases, our legitimate interest in presenting our online presence accordingly and in providing user-friendly and economically efficient services on our part is the corresponding legal basis (Art. 6 para. 1 lit. f) GDPR).

For further information, please refer to the respective data protection information of the providers.

Contractual or legal obligation to provide personal data

The provision of personal data is neither required by law nor by contract and is also not required to conclude a contract. You are also not required to provide the personal data. However, failure to provide this function may mean that you cannot use this function or not be able to use it in full.

25. Data transfer to third countries

You have dThe person responsible may transfer personal data to a third country. In principle, the person responsible can ensure that an adequate level of protection is achieved for processing operations through various suitable guarantees. It is possible to transfer data transfers on the basis of an adequacy decision, internal data protection regulations, approved codes of conduct, standard data protection clauses or an approved certification mechanism in accordance with Art. 46 para. 2 lit. a) — f) GDPR.

If the person responsible makes a transfer to a third country on the legal basis of Article 49 (1) a) GDPR, you will be informed at this stage about the possible risks of data transmission to a third country.

There is a risk that the third country that receives your personal data will not be able to provide an equivalent level of protection compared to the protection of personal data in the European Union. This may be the case, for example, if the EU Commission has not adopted an adequacy decision for the respective third country or if certain agreements between the European Union and the respective third country are declared invalid. Specifically, there are risks in some third countries with regard to the effective protection of EU fundamental rights through the use of surveillance laws (for example the USA). In such a case, it is the responsibility of the controller and the recipient to assess whether the rights of data subjects in the third country enjoy an equivalent level of protection to that in the Union and can also be effectively enforced.

However, the General Data Protection Regulation should not undermine the level of protection guaranteed for natural persons across the Union when personal data is transferred from the Union to controllers, processors or other recipients in third countries or to international organisations, even if personal data from a third country or from an international organisation to controllers or processors in the same or another third country or to the same or another be forwarded to international organizations.

26. Google Analytics and Conversion Tracking

Purpose and description

This website uses the “Google Analytics” service, which is offered by Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA), to analyse website usage by users. The service uses “cookies” — text files that are stored on your device. The information collected by cookies is usually sent to a Google server in the USA and stored there.

Google Analytics on this website may include the code “gat. _anonymizeIp ();” extended used to ensure anonymized collection of IP addresses (so-called IP masking). Please also note the following information on the use of Google Analytics: The IP address of users is abbreviated within the member states of the EU and the European Economic Area. As a result of this abbreviation, your IP address is no longer identified as a person. As part of the order data agreement that the website operators have concluded with Google LLC, the latter uses the collected information to evaluate website usage and website activity and provides services related to Internet usage.

legal basis

The legal basis for use is the norm of Art. 6 para. 1 lit. a) GDPR in conjunction with Art. 49 para. 1 lit. a) GDPR, if anonymized data collection using the code “gat. _anonymizeIp” does not take place. Otherwise, particularly when using “gat. _anonymizeIp” is Art. 6 para. 1 lit. f) GDPR the legal basis.

transceivers

However, if IP anonymization is activated on this website, Google will abbreviate your IP address beforehand within member states of the European Union or in other states party to the Agreement on the European Economic Area. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and abbreviated there.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and Internet usage to the website operator. We also use Google Conversion Tracking in connection with Google Analytics. This enables us to record the behavior of our website visitors. For example, we are shown how many PDFs have been downloaded from our website or how often the contact form has been completed. We are also shown how many clicks on advertisements from external sources (AdWords, LinkedIn, Xing, Facebook, Pinterest, Instagram, etc.) have led to our website.

The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google. You can prevent cookies from being saved by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by clicking on the following link (https://tools.google.com/dlpage/gaoptout?hl=de) download and install the available browser plugin. You can prevent Google Analytics from collecting data by clicking on the following link.

Transfer to third countries

The data is transferred to a Google server in the USA and stored there. Personal data is transmitted on the basis of Art. 46 and/or Art. 49 para. 1 lit. a) GDPR.

Duration of data storage

The data sent by us and linked to cookies, user IDs (e.g. user ID) or advertising IDs is automatically deleted after 14 months. Data whose storage period has been reached is automatically deleted once a month.

Withdrawal and objection option

You can prevent cookies from being saved by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser add-on. Opt-out cookies prevent future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt out on all systems you use. If you click here, the opt-out cookie is set: Deactivate Google Analytics

Contractual or legal obligation

The provision of personal data is neither required by law nor by contract and is also not required to conclude a contract. You are also not required to provide the personal data. However, failure to provide it could mean that you are unable to use this function of our website or not be able to use it in full.

Further data protection information via link
Further information on terms of use and data protection can be found at:
https://policies.google.com/?hl=de&gl=del
https://policies.google.com/privacy?hl=de&gl=de

27. Google AdWords (Google Ads) and Conversion Tracking

Description and purpose

In order to draw attention to our current projects and developments, planned activities and services, we place Google AdWords ads and use Google Conversion Tracking as part of this. Google AdWords (Google Ads) is a service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland, Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). These ads are displayed after searches on Google's advertising network websites. We have the option of combining our ads with specific search terms. We also use AdWords remarketing lists for search ads. This allows us to customize search ad campaigns for users who have visited our website before. The services enable us to combine our ads with specific search terms or to place ads for previous visitors, for example advertising services that visitors have viewed on our website.

Interest-based offers require an analysis of online user behavior. Google uses cookies to carry out this analysis. When you click on an ad or visit our website, Google sets a cookie on the user's computer. This information is used to be able to specifically address the visitor during a later search query. Further information on the cookie technology used can also be found in Google's information on website statistics and in the privacy policy. With the help of this technology, Google and we as a customer receive information that a user has clicked on an ad and was redirected to our websites to contact us via the contact form.

Google and we as a customer also use Google forwarding numbers to obtain information that a user on the Internet clicked on one of our telephone numbers and contacted us by telephone. The information obtained in this way is used exclusively for statistical evaluation to optimize ads. We do not receive any information that personally identifies visitors. The statistics provided to us by Google include the total number of users who clicked on one of our ads and, if applicable, whether they were redirected to a page on our website with a conversion tag. Based on these statistics, we can understand which search terms have been clicked on our ad particularly often and which ads lead to the user contacting us via the contact form or over the telephone. With regard to telephone contact by prospects or customers, the statistics provided by Google include the start time, the end, the status (missed or received), the duration (seconds), the caller's area code, the telephone costs and the call types.

legal basis

The legal basis for use is the standard of Art. 6 para. 1 lit. a) GDPR in conjunction with Art. 49 para. 1 lit. a) GDPR.

transceivers

The recipient is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. We have concluded an order processing contract with Google for the use of Google Analytics (see Art. 28 GDPR). Google processes the data on our behalf to evaluate your use of the website, to compile reports on website activity for us and to provide us with other services related to website activity and Internet usage. Google may transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. By integrating Google Analytics, we pursue the purpose of analyzing user behavior on our website and being able to react to it. This enables us to continuously improve our offering. As part of order processing, Google is entitled to commission subcontractors. A list of these subcontractors can be found at https://privacy.google.com/businesses/subprocessors/ find.

Transfer to third countries

The data is stored on Google servers in the USA. A list of Google's subcontractors can be found at the following link:https://privacy.google.com/businesses/subprocessors/

Duration of processing

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In addition, the data will be deleted if you withdraw your consent or request the deletion of personal data.

Contractual or legal obligation and consequences

The provision of personal data is neither required by law nor by contract and is also not required to conclude a contract. You are also not required to provide the personal data. However, failure to provide it could mean that you are unable to use this function of our website or not be able to use it in full.

Further data protection notices

You can find more detailed data protection information from Google at: www.google.com/policies/privacy/

Information about Google's privacy settings can be found at: https://privacy.google.com/take-control.html?categories_activeEl=sign-in

28. Google Tag Manager

Description and purpose

Google Tag Manager is used on this website. Google Tag Manager is a solution from Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) that allows companies to manage website tags via an interface. Google Tag Manager is a cookie-free domain that does not collect any personal data. Google Tag Manager triggers other tags, which in turn may collect data. We hereby point this out separately. Google Tag Manager does not access this data. If a deactivation has been carried out by the user at domain or cookie level, this will remain valid for all tracking tags that are implemented with Google Tag Manager.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and Internet usage to the website operator. Google uses pseudonyms for this purpose. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google. You can find more information about Google Tag Manager at:https://www.google.com/intl/tagmanager/

legal basis

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

transceivers

Websites are usually transferred to a Google server in the USA and stored there.

Transfer to third countries

Personal data is transmitted on the basis of Art. 46 and Art. 49 para. 1 lit. a) GDPR.

Duration of data storage

Contractual or legal obligation

The provision of personal data is neither required by law nor by contract and is also not required to conclude a contract. You are also not required to provide the personal data. However, failure to provide it could mean that you are unable to use our website or not be able to use it in full.

Further data protection information via link

Further information on terms of use and data protection can be found at:https://policies.google.com/?hl=de&gl=del https://policies.google.com/privacy?hl=de&gl=de

29. Google Maps

Description and purpose

This website uses Google Maps API from Google LLC (Google) to visually display geographical information. When using Google Maps, Google also collects, processes and uses data about the use of the Maps functions by visitors to the websites.

legal basis

The legal basis for processing personal data is legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR.

transceivers

The data is usually transferred to a Google server in the USA and stored there.

Transfer to third countries

Personal data is transmitted on the basis of Art. 46 and Art. 49 para. 1 lit. a) GDPR.

Duration of data storage

The data sent by us and linked to cookies, user IDs (e.g. user ID) or advertising IDs is stored for 26 months by default and then automatically deleted.

Objection option

Contractual or legal obligation

There is no contractual or legal obligation to provide the data.

Further data protection information via link

https://policies.google.com/privacy?hl=de&gl=del

30. LinkedIn Features & Analytics

Description and purpose

Our website uses features of the LinkedIn network, including the LinkedIn Analytics function. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you access one of our pages that contains LinkedIn features, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our websites using your IP address. If you click on LinkedIn's “Recommend” button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data and its use by LinkedIn. LinkedIn Analytics uses “cookies,” which are stored on your computer and allow an analysis of your use of the website. LinkedIn uses this information to evaluate your use of the website, to compile reports on website activity for website operators and to provide other services related to website activity and Internet usage.

legal basis

The legal basis for processing personal data is consent in accordance with Art. 6 para. 1 lit. a) GDPR.

transceivers

The recipient is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

Transfer to third countries

Data is transferred to the USA.

Duration of data storage

Objection option

You have the option to withdraw your consent to data processing at any time. A revocation has no effect on the effectiveness of past data processing processes.

Contractual or legal obligation

There is no contractual or legal obligation to provide the data.

Further data protection information via link

https://www.linkedin.com/legal/privacy-policy

31. Vimeo

Description and purpose

We use the provider Vimeo, among others, to integrate videos. Vimeo is operated by Vimeo LLC headquartered at 555 West 18th Street, New York, New York 10011. On some of our websites, we use plugins from the provider Vimeo. When you access the pages of our website equipped with such a plugin — such as our media library or e-learning — a connection to the Vimeo servers is established and the plugin is displayed. This transmits to the Vimeo server which of our websites you have visited. If you are logged in to Vimeo as a member, Vimeo assigns this information to your personal user account. When using the plugin, such as clicking on the start button of a video, this information is also assigned to your user account. You can prevent this association by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.

legal basis

The legal basis for processing personal data is consent in accordance with Art. 6 para. 1 lit. a) GDPR.

transceivers

The recipient is Vimeo LLC headquartered at 555 West 18th Street, New York, New York 10011.

Transfer to third countries

There is no transfer of data to the USA.

Duration of data storage

Objection option

You have the option to withdraw your consent to data processing at any time. A revocation has no effect on the effectiveness of past data processing processes.

Contractual or legal obligation

There is no contractual or legal obligation to provide the data.

Further data protection information via link

Further information on data processing and privacy policy by Vimeo can be found at https://vimeo.com/privacy.

32nd Hubspot

Description and purpose

On this website, we use HubSpot for our online marketing activities. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, phone: +353 1 5187500. This is an integrated software solution that covers various aspects of our online marketing. These include: email marketing (newsletters and automated mailings, e.g. to provide downloads), social media publishing & reporting, reporting (e.g. traffic sources, accesses, etc....), contact management (e.g. user segmentation & CRM), landing pages and contact forms.

Our registration service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic information. This information and the content of our website are stored on servers of our software partner HubSpot. They can be used by us to get in touch with visitors to our website and to determine which services offered by our company are of interest to them. All information we collect is subject to this privacy policy. We use all information collected exclusively to optimize our marketing measures.

To improve the user experience on our website, we also use HubSpot's live chat service “Messages” to send and receive messages on some sub-pages (round chat icon at the bottom right of the screen). If you agree to and use this function, the following data is transmitted to HubSpot's servers:

Content of all chat messages sent and received
Contextual information (e.g. page on which the chat was used)
Optional: User's email address (if provided by the user via chat function)

legal basis

The legal basis for using Hubspot (CRM) services is Art. 6 para. 1 lit. f) GDPR (legitimate interest). Our legitimate interest in using this service is to optimize our customer service and manage our contact details. For live chat, the newsletter and other performance measurements, consent is the legal basis in accordance with Art. 6 para. 1 lit. a) GDPR.

transceivers

The recipient is HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland.

Transfer to third countries

There is no transfer of data to a third country.

Duration of data storage

Objection option

You have the option to withdraw your consent to data processing at any time. A revocation has no effect on the effectiveness of past data processing processes.

Contractual or legal obligation

There is no contractual or legal obligation to provide the data.

Further data protection information via link

https://legal.hubspot.com/privacy-policy

33. Applications (training & job offers)

By submitting the application to us, applicants agree to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this privacy policy.

Insofar as special categories of personal data within the meaning of Article 9 (1) GDPR are voluntarily provided as part of the application process, their processing is also carried out in accordance with Article 9 (2) lit. b GDPR (e.g. health data, such as status of disabled persons or ethnic origin).

Insofar as special categories of personal data within the meaning of Article 9 (1) GDPR are requested from applicants as part of the application process, their processing is also carried out in accordance with Article 9 (2) lit. a GDPR (e.g. health data if this is necessary for the exercise of the profession).

If provided, applicants can submit their applications to us using an online form on our website. The data is transmitted to us in encrypted form in accordance with the state of the art.

Applicants can also send us their applications via email. However, please note that emails are generally not sent in encrypted form and applicants must ensure that they are encrypted themselves. We can therefore assume no responsibility for the transmission of the application between the sender and receipt on our server and therefore recommend using an online form or sending it by post.

Because instead of applying via the online form and e-mail, applicants still have the option of sending us their application by post.

In the event of a successful application, the data provided by applicants may be further processed by us for the purposes of the employment relationship.

Otherwise, if the application for a job offer is not successful, the applicants' data will be deleted.

Applicants' data will also be deleted if an application is withdrawn, which applicants are entitled to do at any time.

Subject to justified revocation by applicants, the deletion will take place after a period of six months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the Equal Treatment Act.

Invoices for any reimbursement of travel expenses are archived in accordance with tax requirements.

34. Safety

We have taken extensive technical and operational protective measures to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.

In addition, we ensure data protection on an ongoing basis, through continuous auditing and optimization of the data protection organization.

35th end

evenito AG reserves all rights to make changes and updates to this privacy policy.

This privacy policy was created by Keyed GmbH.