Privacy policy and consent to data use on www.allegra.academy of Allegra International AG
1. WHAT IS THIS PRIVACY POLICY ABOUT?
Allegra International AG (hereinafter also referred to as "we" or "us") collects and processes personal data relating to you or other persons (so-called "third parties"). We use the term "data" here synonymously with "personal data".
In this privacy policy, we describe what we do with your data when you use www.vengo.ch, our other websites, or our apps (hereinafter collectively referred to as the "Website"), purchase our services or products, otherwise interact with us under a contract, communicate with us, or otherwise have dealings with us. Where applicable, we will inform you in writing about additional processing activities not mentioned in this privacy policy. We may also inform you separately about the processing of your data, for example, in consent forms, terms and conditions, additional privacy notices, forms, and other notices.
If you provide us with data about other people, such as family members, colleagues, etc., we assume that you are authorized to do so and that this data is correct. By providing data about third parties, you confirm this. Please also ensure that these third parties have been informed about this privacy policy.
This privacy policy is designed to comply with the requirements of the EU General Data Protection Regulation («GDPR»), the Swiss Federal Act on Data Protection («FADP»), and the Swiss Federal Act on Data Protection («FADP»). However, the applicability of these laws depends on the specific circumstances.
2. WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA?
For the data processing described in this privacy policy of www.allegra.academy, Allegra International AG in Pontresina is responsible under data protection law, unless otherwise communicated in individual cases, e.g. in further privacy policies, on forms or in contracts.
You can contact our data protection officer regarding your data protection concerns and the exercise of your rights under section 11 as follows:
Data Protection Officer pursuant to Art. 37 et seq. GDPR, Art. 10 revDSG, EU pursuant to Art. 27 GDPR, Switzerland pursuant to Art. 14 revDSG, United Kingdom (UK) pursuant to Art. 27 UK GDPR:
Allegra International Ltd
Data Protection Officer
Via da Mulin 10
7504 Pontresina
info@allegra.academy
3. WHAT DATA DO WE PROCESS?
We process various categories of data about you. The most important categories are:
Technical data
When you use our website or other electronic services, we collect technical data from your device to ensure the functionality and security of these services. This data includes logs that record the use of our systems. We generally retain technical data for [1-14] months. To ensure the functionality of these services, we may also assign you or your device a unique code (e.g., in the form of a cookie; see section 12). Technical data alone does not generally allow us to identify you. However, within the context of user accounts, registrations, access controls, or contract processing, it may be linked to other data categories (and thus potentially to you personally).
REGISTRATION DATA
Certain offers, such as competitions and services (e.g., login areas of our website, newsletter subscriptions, free Wi-Fi access, etc.), can generally only be used with a user account or registration, which can be done directly with us or via our external login service providers. In doing so, you must provide us with certain data, and we collect data about your use of the offer or service. We generally retain registration data for 1-14 months after the end of your use of the service or the termination of your user account. This period may be longer if required for evidentiary purposes, to comply with legal or contractual obligations, or for technical reasons. This data is generally retained for at least 10 years.
COMMUNICATION DATA
When you contact us via the contact form, email, telephone, chat, letter, or other means of communication, we collect the data exchanged between you and us, including your contact details and metadata of the communication. If we record or monitor telephone calls or video conferences, for example, for training and quality assurance purposes, we will specifically inform you. Such recordings may only be made and used in accordance with our internal guidelines. You will be informed if and when such recordings take place, for example, by a notification during the video conference. If you do not wish to be recorded, please inform us or end your participation. If you only do not want your image recorded, please switch off your camera. If we want or need to verify your identity, for example, in response to a request for information, a media access request, etc., we collect data to identify you (e.g., a copy of an ID). We generally retain this data for 1-14 months from the last communication with you. This period may be longer if required for evidentiary purposes, to comply with legal or contractual obligations, or for technical reasons. Emails in personal mailboxes and written correspondence are generally kept for at least 10 years.
Master data
Master data refers to the basic information we need, in addition to contract data (see below), to process our contractual and other business relationships or for marketing and advertising purposes. This includes your name, contact details, and information about your role and function, bank details, date of birth, customer history, powers of attorney, signing authority, and declarations of consent. We process your master data if you are a customer or other business contact, or if you work for one (e.g., as a contact person for a business partner), or because we want to contact you for our own purposes or the purposes of a contractual partner (e.g., for marketing and advertising, invitations to events, vouchers, newsletters, etc.). We receive master data from you directly (e.g., during a purchase or registration), from organizations you work for, or from third parties such as our contractual partners, associations, and address brokers, as well as from publicly accessible sources such as public registers or the internet (websites, social media, etc.). We may also process health data and information about third parties as part of our master data. We may also collect master data from our shareholders and investors. We generally retain this data for [10] years from the last exchange with you, but at least from the end of the contract. This period may be longer if required for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons. For purely marketing and advertising contacts, the period is normally much shorter, usually no more than [2] years from the last contact.
CONTRACT DATA
This is data that arises in connection with the conclusion or execution of a contract, e.g., information about contracts and the services to be provided or already provided, as well as data from the period prior to the conclusion of a contract, the information required or used for processing, and information about reactions (e.g., complaints or satisfaction ratings, etc.). We generally collect this data from you, from contractual partners, and from third parties involved in the execution of the contract, but also from third-party sources (e.g., credit providers) and from publicly accessible sources. We generally retain this data for 10 years from the last contractual activity, but at least from the end of the contract. This period may be longer if required for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons.
BEHAVIORAL AND PREFERENCE DATA
Depending on our relationship with you, we try to get to know you better and tailor our products, services, and offers to your needs. To do this, we collect and use data about your behavior and preferences. We do this by analyzing information about your activity on our platform, and we may also supplement this information with data from third parties – including publicly available sources. Based on this, we can, for example, calculate the likelihood that you will use certain services or behave in a particular way. Some of the data processed is already known to us (e.g., if you use our services), while other data is obtained by recording your behavior (e.g., how you navigate our website or use our social media platforms). We anonymize or delete this data when it is no longer relevant for the purposes for which it was collected, which, depending on the type of data, can take between 2-3 weeks and 24 months (for product and service preferences). This period may be longer if required for evidentiary purposes, to comply with legal or contractual obligations, or for technical reasons. We describe how tracking works on our website in section 12.
OTHER DATA
We also collect your data in other situations. For example, data (such as files, evidence, etc.) is generated in connection with official or legal proceedings, and this data may also relate to you. We may also collect data for health and safety reasons (e.g., within the framework of safety protocols). We may receive or create photos, videos, and audio recordings in which you may be identifiable (e.g., at events, via security cameras, etc.). We may also collect data about who enters certain buildings and when, or who has corresponding access rights (including access controls based on registration data or visitor lists, etc.), who participates in events or activities (e.g., competitions), and when, or who uses our infrastructure and systems. Finally, we collect and process data about our shareholders and other investors; in addition to basic personal data, this includes information for the relevant registers, regarding the exercise of their rights, and the conduct of events (e.g., general meetings). The retention period for this data depends on the purpose and is limited to what is necessary. This ranges from a few days for many of the security cameras and usually a few weeks for contact tracing data via visitor data, which is usually kept for [3] months, to event reports with pictures that may be kept for several years or longer.
You provide us with much of the data mentioned in this section 3 yourself (e.g., via forms, during communication with us, in connection with contracts, when using the website, etc.). You are not obligated to do so, except in individual cases, e.g., within the framework of binding data protection concepts (legal obligations). If you wish to conclude contracts with us or use our services, you must also provide us with data as part of your contractual obligations under the relevant contract, in particular master data, contract data, and registration data. The processing of technical data is unavoidable when using our website. If you wish to gain access to certain systems or buildings, you must provide us with registration data.
Unless prohibited, we also obtain data from publicly accessible sources (e.g., debt enforcement registers, land registers, commercial registers, media or the internet including social media) or receive data from other companies within our group, from authorities and from other third parties (such as credit agencies, address brokers, associations, contractual partners, internet analytics services, etc.).
4. FOR WHAT PURPOSES DO WE PROCESS YOUR DATA?
We process your data for the purposes explained below. Further information regarding online processing can be found in sections 12 and 13. These purposes and their underlying objectives constitute legitimate interests of ours and, where applicable, of third parties. Further details on the legal basis for our processing can be found in section 5.
We process your data for purposes related to communication with you, in particular to answer inquiries and assert your rights (section 11) and to contact you with follow-up questions. For this purpose, we primarily use communication data and master data, and, in connection with offers and services you use, also registration data. We retain this data to document our communication with you, for training purposes, quality assurance, and for follow-up inquiries. We process data for the establishment, management, and execution of contractual relationships.
We process data for marketing purposes and relationship management, for example, to send our customers and other contractual partners personalized advertising for products and services from us and from third parties (e.g., advertising partners). This may take the form of newsletters and other regular contacts (electronically, by mail, by telephone), via other channels for which we have your contact information, but also within the framework of individual marketing campaigns (e.g., events, competitions, etc.) and may also include free services (e.g., invitations, vouchers, etc.). You can object to such contacts at any time (see the end of this section 4) or refuse or withdraw your consent to be contacted for advertising purposes. With your consent, we can target our online advertising on the internet more effectively to you (see section 12). We also process your data for market research, to improve our services and operations, and for product development. We may also process your data for security purposes and access control. We process personal data to comply with laws, directives and recommendations from authorities, and internal regulations ("compliance"). We also process data for our risk management purposes and as part of prudent corporate governance, including operational organization and corporate development.
5. ON WHAT BASIS DO WE PROCESS YOUR DATA?
Where we request your consent for specific processing activities, we will inform you separately about the corresponding purposes of the processing. You can revoke your consent at any time with effect for the future by sending us a written notification (by post) or, unless otherwise stated or agreed, by email; our contact details can be found in section 2. For information on revoking your consent for online tracking, please see section 12. Where you have a user account, revocation or contacting us may also be possible via the relevant website or other service. Once we have received notification of the revocation of your consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. The revocation of your consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to its revocation.
Where we do not request your consent for processing, we base the processing of your personal data on the fact that the processing is necessary for initiating or fulfilling a contract with you (or the entity you represent), or that we or third parties have a legitimate interest in doing so, in particular to pursue the purposes and related objectives described above in section 4 and to be able to implement appropriate measures. Our legitimate interests also include compliance with legal regulations, insofar as these are not already recognized as a legal basis under the applicable data protection law (e.g., under the GDPR, the law in the EEA and Switzerland).
When we receive sensitive data, we may also process your data based on other legal grounds, for example, in the event of disputes, due to the necessity of processing for potential legal proceedings or the enforcement or defense of legal claims. In individual cases, other legal bases may apply, which we will communicate to you separately if necessary.
6. WHAT APPLIES TO PROFILING AND AUTOMATED INDIVIDUAL DECISION-MAKING?
We may automatically evaluate certain of your personal characteristics for the purposes mentioned in section 4 using your data (section 3) ("profiling") if we want to determine preference data, but also to identify misuse and security risks, to carry out statistical analyses, or for operational planning purposes. For the same purposes, we may also create profiles, i.e., we may combine behavioral and preference data, as well as master and contract data and technical data associated with you, to better understand you as an individual with your various interests and other characteristics.
If you are one of our customers, we can use profiling to determine which other products you are likely to be interested in, based on your purchases. We can also use this data to check your creditworthiness before offering you the option to pay by invoice. Automated data analysis can also protect you by assessing the likelihood of a fraudulent transaction. This allows us to stop the transaction for investigation. This is distinct from "profiles," which refer to the linking of various data points to gain insights into key aspects of your personality (e.g., your preferences or how you behave in certain situations). Profiles can be used for marketing and security purposes.
We use anonymous movement profiles in a non-personal way, for example, to provide our contractual partners with recommendations on avoiding peak times. For personalized movement profiles, we use personal data to, for example, inform you about interesting offers and products in your area, to infer your interests from location data (dwell time), and to tell you which products and services other contractual partners with similar interests have used.
In both cases, we ensure the proportionality and reliability of the results and take measures against the misuse of these profiles or profiling. If these could have legal consequences or significant disadvantages for you, we generally conduct a manual review.
7. WHO DO WE DISCLOSE YOUR DATA TO?
In connection with our contracts, the website, our services and products, our legal obligations, or otherwise to protect our legitimate interests and the other purposes listed in section 4, we also transfer your personal data to third parties, in particular to the following categories of recipients:
SERVICE PROVIDER
We work with service providers both domestically and internationally who process data about you on our behalf or jointly with us, or who receive data about you from us under their own responsibility.
To ensure we can efficiently provide our products and services and focus on our core competencies, we outsource numerous services to third parties. These services include, for example, IT services, information distribution, marketing, sales, communication, and printing services, building management, security and cleaning, event and reception organization and execution, debt collection, credit reporting agencies, address verification services (e.g., for updating address databases when residents move), fraud prevention measures, and services from consulting firms, lawyers, banks, insurers, and telecommunications companies. We disclose to these service providers the data necessary for their services, which may also relate to you. These service providers may also use such data for their own purposes, such as providing information about outstanding receivables and your payment history to credit agencies, or anonymized data to improve their services. Furthermore, we enter into contracts with these service providers that include data protection provisions, unless such protection is already mandated by law. Our service providers may process data on how their services are used, as well as other data generated during the use of their services, potentially as independent controllers for their own legitimate interests (e.g., for statistical analysis or billing). Service providers provide information about their independent data processing activities in their own privacy policies.
CONTRACT PARTNERS INCLUDING CUSTOMERS
This refers primarily to our customers (e.g., service recipients) and other contractual partners, as this data transfer arises from these contracts. They receive, for example, registration data for issued and redeemed vouchers, invitations, etc. If you yourself work for such a contractual partner, we may also transfer data about you to them in this context.
AUTHORITIES
We may disclose personal data to government agencies, courts, and other authorities in Germany and abroad if we are legally obligated or entitled to do so, or if it appears necessary to protect our interests. These authorities process the data they receive from us under their own responsibility.
OTHER PEOPLE
This refers to other cases where the involvement of third parties results from the purposes set out in point 4.
All these categories of recipients may in turn involve third parties, meaning your data may also become accessible to them. We can restrict processing by certain third parties (e.g., IT providers), but not by others (e.g., authorities, banks, etc.).
8. DOES YOUR PERSONAL DATA ALSO GET ABROAD?
As explained in section 7, we also disclose data to other bodies. These are not only located in Switzerland. Your data may therefore be processed in Europe; in exceptional cases, however, in any country in the world.
If a recipient is located in a country without adequate legal data protection, we contractually obligate the recipient to comply with applicable data protection regulations (for this purpose, we use the revised Standard Contractual Clauses of the European Commission, which are available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is already subject to a legally recognized framework for ensuring data protection and we cannot rely on an exception. An exception may apply, in particular, in legal proceedings abroad, but also in cases of overriding public interest, or if contract performance requires such disclosure, if you have given your consent, or if the data in question is publicly available and you have not objected to its processing.
Please also note that data exchanged via the internet is often routed through third countries. Therefore, your data may be transferred abroad even if the sender and recipient are located in the same country.
9. HOW LONG DO WE PROCESS YOUR DATA?
We process your data for as long as required by our processing purposes, statutory retention periods, and our legitimate interests in processing for documentation and evidentiary purposes, or as long as storage is technically necessary. Further information on the respective storage and processing periods can be found in section 3 for each data category and in section 12 for the cookie categories. Unless legal or contractual obligations prevent us from doing so, we will delete or anonymize your data after the storage or processing period has expired, in accordance with our standard procedures.
Documentation and evidentiary purposes encompass our interest in documenting processes, interactions, and other facts in the event of legal claims, disputes, for IT and infrastructure security purposes, and to demonstrate good corporate governance and compliance. Technically necessary retention may also be required if certain data cannot be separated from other data and we therefore need to store it together (e.g., in the case of backups or document management systems).
10. HOW DO WE PROTECT YOUR DATA?
We take appropriate security measures to maintain the confidentiality, integrity and availability of your personal data, to protect it against unauthorized or unlawful processing and to counteract the risks of loss, accidental alteration, unwanted disclosure or unauthorized access.
Technical and organizational security measures can include, for example, encryption (e.g., SSL, TLS) and pseudonymization of data, logging, access restrictions, the storage of backups, instructions to our employees, confidentiality agreements, and controls. We protect your data transmitted via our website during transmission using appropriate encryption mechanisms. However, we can only secure areas that we control. We also require our data processors to implement appropriate security measures. Security risks, however, cannot generally be completely eliminated; residual risks are unavoidable.
11. WHAT RIGHTS DO YOU HAVE?
Under certain circumstances, applicable data protection law grants you the right to object to the processing of your data, in particular for direct marketing purposes, profiling for direct advertising and other legitimate interests in processing.
To make it easier for you to control the processing of your personal data, you also have the following rights in connection with our data processing, depending on the applicable data protection law:
- The right to request information from us about whether and what data we process about you;
- the right to have data corrected if it is inaccurate;
- the right to request the deletion of data;
- the right to request from us the release of certain personal data in a commonly used electronic format or its transfer to another controller;
- the right to withdraw consent, insofar as our processing is based on your consent;
- the right to request further information necessary for exercising these rights;
- the right, in the case of automated individual decisions (point 6), to express your point of view and to request that the decision be reviewed by a natural person.
If you wish to exercise the aforementioned rights against us, please contact us in writing, in person at our premises, or, unless otherwise stated or agreed, by email; our contact details can be found in section 2. In order to prevent misuse, we need to identify you (e.g., with a copy of your ID card, if this is not possible otherwise).
Please note that these rights are subject to conditions, exceptions, or limitations under applicable data protection law (e.g., to protect third parties or trade secrets). We will inform you accordingly, if necessary.
If you disagree with how we handle your rights or data protection, please inform us or our Data Protection Officer (section 2). In particular, if you are located in the EEA, the United Kingdom, or Switzerland, you also have the right to lodge a complaint with the data protection supervisory authority in your country.
12. DO WE USE ONLINE TRACKING AND ONLINE ADVERTISING TECHNOLOGIES?
On our website, we use various technologies that allow us and third parties we engage to recognize you during your visits and potentially track you across multiple visits. This section provides information about these technologies.
Essentially, this is about distinguishing your access (via your system) from access by other users, so that we can ensure the website's functionality and perform analyses and personalization. We do not intend to infer your identity, even though we could if we or third parties acting on our behalf could identify you by combining this information with registration data. Even without registration data, the technologies used are designed so that you are recognized as an individual visitor on each page request, for example, by our server (or the servers of third parties) assigning you or your browser a specific identification number (a so-called "cookie").
Cookies are unique codes (e.g., a serial number) that our server, or a server of our service providers or advertising partners, transmits to your system when you connect to our website. Your system (browser, mobile device) receives these codes and stores them until their programmed expiration date. With each subsequent access, your system transmits these codes back to our server or the third-party server. This allows you to be recognized, even if your identity is unknown.
Other techniques may also be used to recognize you with a greater or lesser probability (i.e., to distinguish you from other users), such as "fingerprinting." Fingerprinting combines the browser you use, your screen resolution, language preference, and other information that your system transmits to every server, resulting in a more or less unique fingerprint. This eliminates the need for cookies.
Whenever you access a server (e.g., when using a website or app, or because an image is visibly or invisibly embedded in an email), your visits can be tracked. If we integrate offers from an advertising partner or analytics provider into our website, they can track you in the same way, even if you cannot be identified in individual cases.
We use such techniques on our website and allow certain third parties to do so as well.
You can program your browser to block, deceive, or delete existing cookies or alternative technologies. You can also extend your browser with software that blocks tracking by certain third parties. Further information can be found in your browser's help pages (usually under the heading "Privacy") or on the websites of the third parties listed below.
The following types of cookies are distinguished (techniques with similar functionalities to fingerprinting are included here):
NECESSARY COOKIES
Some cookies are necessary for the website to function properly or for certain features to work. For example, they ensure that you can navigate between pages without losing information entered in a form. They also ensure that you remain logged in. These cookies are only temporary ("session cookies"). If you block them, the website may not function correctly. Other cookies are necessary so that the server can store your choices or entries beyond a single session (i.e., a single visit to the website) if you use this feature (e.g., language preference, consent given, automatic login, etc.). These cookies have an expiration date of up to 24 months.
PERFORMANCE COOKIES
To optimize our website and related offers and better tailor them to user needs, we use cookies to record and analyze website usage, potentially even beyond the current session. We do this through the use of third-party analytics services, which are listed below. Performance cookies also have an expiration date of up to 24 months. Details can be found on the third-party websites.
MARKETING COOKIES
We and our advertising partners have a vested interest in targeting advertising precisely, meaning we want to display ads only to those we intend to reach. Our advertising partners are listed below. For this purpose, we and our advertising partners also use cookies to track the content accessed or contracts concluded. This allows us and our advertising partners to display ads that we believe will be of interest to you, not only on our website but also on other websites that display ads from us or our advertising partners. These cookies have an expiration period ranging from a few days to 12 months, depending on the situation.
In addition to marketing cookies, we use other techniques to control online advertising on other websites and thereby reduce wasted ad spend. For example, we may transmit the email addresses of our users, customers, and other individuals to whom we want to show ads to operators of advertising platforms (e.g., social media). If these individuals are registered there with the same email address (which the advertising platforms determine through matching), the operators will display the ads we have placed to these individuals in a targeted manner. The operators do not receive personally identifiable email addresses of individuals not already known to us. However, with known email addresses, they learn that these individuals are connected to us and which content they have accessed.
We may also integrate additional third-party services on our website, particularly from social media providers. If you have an account with the social media provider, they can associate this information with you and thus track your use of their online services. These social media providers process this data under their own responsibility.
We currently use services from the following service providers and advertising partners:
GOOGLE ANALYTICS
Google Ireland (based in Ireland) is the provider of the service and acts as our data processor. Google Ireland relies on Google LLC (based in the USA) as its data processor (both referred to as "Google"). You can find information about data protection here [https://policies.google.com/].
GOOGLE ADS
Google Ireland (based in Ireland) is the provider of the service and acts as our data processor. Google Ireland relies on Google LLC (based in the USA) as its data processor (both referred to as "Google"). You can find information about data protection here [https://policies.google.com/].
GOOGLE FONTS
Google Ireland (based in Ireland) is the provider of the service and acts as our data processor. Google Ireland relies on Google LLC (based in the USA) as its data processor (both referred to as "Google"). You can find information about data protection here [https://policies.google.com/].
GOOGLE RECAPTCHA
Google Ireland (based in Ireland) is the provider of the service and acts as our data processor. Google Ireland relies on Google LLC (based in the USA) as its data processor (both referred to as "Google"). You can find information about data protection here [https://policies.google.com/].
GOOGLE MAPS
Google Ireland (based in Ireland) is the provider of the service and acts as our data processor. Google Ireland relies on Google LLC (based in the USA) as its data processor (both referred to as "Google"). You can find information about data protection here [https://policies.google.com/].
GOOGLE TAG MANAGER
Google Ireland (based in Ireland) is the provider of the service and acts as our data processor. Google Ireland relies on Google LLC (based in the USA) as its data processor (both referred to as "Google"). You can find information about data protection here [https://policies.google.com/].
GOOGLE YOUTUBE
Google Ireland (based in Ireland) is the provider of the service and acts as our data processor. Google Ireland relies on Google LLC (based in the USA) as its data processor (both referred to as "Google"). You can find information about data protection here [https://policies.google.com/].
13. WHAT DATA DO WE PROCESS ON OUR SOCIAL NETWORK PAGES?
We may operate pages and other online presences ("fan pages," "channels," "profiles," etc.) on social networks and other platforms operated by third parties and collect the data about you described in section 3 and below. We receive this data from you and the platforms when you contact us via our online presence (e.g., when you communicate with us, comment on our content, or visit our page). At the same time, the platforms analyze your use of our online presences and link this data with other data about you that the platforms already have (e.g., about your behavior and preferences). They also process this data for their own purposes under their own responsibility, in particular for marketing and market research purposes (e.g., to personalize advertising) and to control their platforms (e.g., which content they display to you).
We process this data for the purposes described in section 4, in particular for communication, marketing purposes (including advertising on these platforms, see section 12), and market research. Information on the relevant legal bases can be found in section 5. We may also redistribute content you publish yourself (e.g., comments on an announcement) (e.g., in our advertising on the platform or elsewhere). We or the platform operators may also delete or restrict content from or about you in accordance with the terms of use (e.g., inappropriate comments).
For further information on how the platform operators process your data, please refer to the platforms' privacy policies. There you will also find information on which countries they process your data in, what rights you have to access, delete, and other data subject rights, and how you can exercise these rights or obtain further information.
We operate this site here. LinkedIn profile. The entity responsible for operating the platform for users in Europe is LinkedIn Ireland Unlimited Company, Ireland. Their privacy policy can be found at https://www.linkedin.com/legal/privacy-policy/.
META (FACEBOOK & INSTAGRAM)
Here we operate the pages Facebook profile as well as Instagram profile.
The entity responsible for the operation of the platforms for users from Europe is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Joint responsibility: We would like to point out that we are jointly responsible with Meta for the operation of our pages (in accordance with Article 26 GDPR). We have entered into a corresponding agreement with Meta for this purpose (the so-called "Page Insights Supplement regarding the controller").
Page Insights: Meta uses data to provide us with anonymized statistics (insights) so we can better understand interactions on our pages. We do not have access to the underlying personal data of individual users through this feature.
Meta's full privacy policy, as well as information about your rights and opt-out options, can be found here:
Meta's privacy policy: https://www.facebook.com/about/privacy/
Information about Page Insights: https://www.facebook.com/legal/terms/page_controller_addendum
Instagram Privacy Policy: https://help.instagram.com/519522125107875
14. CAN THIS PRIVACY POLICY BE CHANGED?
This privacy policy is not part of any contract with you. We may amend this privacy policy at any time. The version published on this website is the most current version.
Last updated: May 2026
Newsletter Privacy Policy
If you subscribe to our newsletter, you submit the above personal data and give us the right to contact you by email. We use the data stored when registering for the newsletter exclusively for our newsletter and do not pass it on.
If you unsubscribe from the newsletter - you will find the link for this at the bottom of every newsletter - then we will delete all data that was saved with the registration for the newsletter.
privacy
We have written this data protection declaration in order to provide you with information in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 to explain what information we collect, how we use data and what choices you have as a visitor to this website.
Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them.
cookies
Our website uses HTTPS cookies to store user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
What exactly are cookies?
Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTPS cookies, as there are other cookies for other areas of application. HTTPS cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is basically the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you the settings you are used to. In some browsers each cookie has its own file, in others such as Firefox all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, since each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies also cannot access information on your PC.
For example, cookie data can look like this:
Surname: _ga
Value: GA1.2.1326744211.152221116522-6
Purpose of use: Differentiation of website visitors
Expiry Date: after 2 years
A browser should be able to support these minimum sizes:
- At least 4096 bytes per cookie
- At least 50 cookies per domain
- At least 3000 cookies in total
What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly explain the different types of HTTPS cookies.
There are 4 types of cookies:
Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed if a user puts a product in the shopping cart, then continues surfing on other pages and only goes to the checkout later. These cookies do not delete the shopping cart, even if the user closes their browser window.
Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers.
Targeting cookies
These cookies ensure a better user experience. For example, entered locations, font sizes or form data are saved.
advertising cookies
These cookies are also called targeting cookies. They are used to provide the user with individually tailored advertising. This can be very useful, but also very annoying.
Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie.
How can I delete cookies?
You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting or deactivating cookies or only partially allowing them. For example, you can block third-party cookies but allow all other cookies.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Clear cookies to remove data websites have placed on your computer
Microsoft Edge: Deleting and managing cookies
If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow the cookie or not. The procedure differs depending on the browser. It is best to search for the instructions in Google with the search term “Delete cookies Chrome” or “Deactivate cookies Chrome” in the case of a Chrome browser.
What about my data protection?
The so-called “Cookie Guidelines” have been in place since 2009. It states that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these directives. In Austria, however, this directive was implemented in Section 96 (3) of the Telecommunications Act (TKG).
If you want to know more about cookies and don't shy away from technical documentation, we recommend dem Request for Comments from the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".
storage of personal data
Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information when submitting a form or comments on the blog, will be stored by us together with the time and the IP Address used only for the purpose stated, kept safe and not passed on to third parties.
We therefore only use your personal data to communicate with those visitors who expressly request contact and to process the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.
If you send us personal data by e-mail - thus outside of this website - we cannot guarantee a secure transmission and the protection of your data. We recommend that you never send confidential data unencrypted by e-mail.
Google Analytics Privacy Policy
We use the analysis tracking tool Google Analytics (GA) from the American company Google LLC (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is stored in a cookie and sent to Google Analytics. The reports we receive from Google Analytics allow us to better tailor our website and service to your needs. In the following we will go into more detail about the tracking tool and, above all, inform you about which data is stored and how you can prevent this.
What is Google Analytics?
Google Analytics is a tracking tool used to analyze traffic on our website. In order for Google Analytics to work, a tracking code is built into the code of our website. When you visit our website, this code records various actions that you take on our website. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there.
Google processes the data and we receive reports on your user behavior. These reports may include the following:
- Target group reports: With target group reports, we get to know our users better and know more precisely who is interested in our service.
- Ad reports: Ad reports make it easier for us to analyze and improve our online advertising.
- Acquisition Reports: Acquisition reports provide us with helpful information on how to attract more people to our service.
- Behavior Reports: Here we learn how you interact with our website. We can understand which path you take on our site and which links you click on.
- Conversion reports: Conversion is a process in which you perform a desired action based on a marketing message. For example, when you go from being a mere website visitor to a buyer or newsletter subscriber. With the help of these reports, we learn more about how our marketing measures are resonating with you. This is how we want to increase our conversion rate.
- Real-time reports: Here we always know immediately what is happening on our website. For example, we can see how many users are currently reading this text.
Why do we use Google Analytics on our website?
Our goal with this website is clear: We want to offer you the best possible service. The statistics and data from Google Analytics help us to achieve this goal.
The statistically evaluated data give us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimize our site so that interested people can find it more easily on Google. On the other hand, the data helps us to better understand you as a visitor. We therefore know exactly what we need to improve on our website in order to offer you the best possible service. We also use the data to carry out our advertising and marketing measures more individually and more cost-effectively. After all, it only makes sense to show our products and services to people who are interested in them.
What data is stored by Google Analytics?
Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a "returning" user. All collected data is stored together with this user ID. This makes it possible to evaluate pseudonymous user profiles in the first place.
Identifiers such as cookies and app instance IDs are used to measure your interactions on our website. Interactions are any type of action you take on our website. If you also use other Google systems (such as a Google account), data generated via Google Analytics can be linked to third-party cookies. Google does not pass on Google Analytics data unless we as the website operator approve it. There may be exceptions if required by law.
The following cookies are used by Google Analytics:
Surname: _ga
Value:2.1326744211.152221116522-5
Purpose of use: By default, analytics.js uses the _ga cookie to store the user ID. Basically, it serves to differentiate between website visitors.
Expiry Date: after 2 years
Surname: _gid
Value:2.1687193234.152221116522-1
Purpose of use: The cookie is also used to distinguish between website visitors
Expiry Date: after 24 hours
Surname: _gat_gtag_UA_
Value: 1
Purpose of use: Used to lower the request rate. If Google Analytics is provided via Google Tag Manager, this cookie is given the name _dc_gtm_ .
Expiry Date: after 1 minute
Surname: AMP_TOKEN
Value: not specified
Purpose of use: The cookie has a token that can be used to retrieve a User ID from the AMP Client ID service. Other possible values indicate an opt-out, a request, or an error.
Expiry Date: after 30 seconds up to a year
Surname: __utma
Value:1564498958.1564498958.1564498958.1
Purpose of use: This cookie makes it possible to track your behavior on the website and measure its performance. The cookie is updated each time information is sent to Google Analytics.
Expiry Date: after 2 years
Surname: __utmt
Value: 1
Purpose of use: Like _gat_gtag_UA_, the cookie is used to throttle the request rate.
Expiry Date: after 10 minutes
Surname: __utmb
Value:3.10.1564498958
Purpose of use: This cookie is used to determine new sessions. It is updated every time new data or information is sent to Google Analytics.
Expiry Date: after 30 minutes
Surname: __utmc
Value: 167421564
Purpose of use: This cookie is used to set new sessions for returning visitors. This is a session cookie and is only stored until you close the browser.
Expiry Date: After closing the browser
Surname: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose of use: The cookie is used to identify the source of traffic to our website. This means that the cookie stores where you came from on our website. That could have been another page or an advertisement.
Expiry Date: after 6 months
Surname: __utmv
Value: not specified
Purpose of use: The cookie is used to store custom user data. It is always updated when information is sent to Google Analytics.
Expiry Date: after 2 years
Annotation: This list cannot claim to be complete, since Google is constantly changing the choice of its cookies.
Here we show you an overview of the most important data that is collected with Google Analytics:
Heat maps: Google creates so-called heat maps. Heatmaps show exactly those areas that you click on. This is how we get information about where you are on our site.
Session duration: Google describes the session duration as the time you spend on our site without leaving the site. If you have been inactive for 20 minutes, the session ends automatically.
bounce rate (Bounce rate): A bounce is when you only view one page on our website and then leave our website again.
Account creation: If you create an account or place an order on our website, Google Analytics collects this data.
IP address: The IP address is only shown in abbreviated form so that no clear assignment is possible.
Location: The country and your approximate location can be determined via the IP address. This process is also referred to as IP location determination.
Technical information: The technical information includes, among other things, your browser type, your Internet provider or your screen resolution.
Source of origin: Of course, Google Analytics or us are also interested in which website or which advertisement you came to our site from.
Other data are contact details, any ratings, playing media (e.g. if you play a video on our site), sharing content via social media or adding it to your favorites. The list does not claim to be complete and only serves as a general guide to data storage by Google Analytics.
How long and where is the data stored?
Google has distributed their servers all over the world. Most of the servers are located in America and consequently your data is mostly stored on American servers. Here you can read exactly where the Google data centers are located: Google data centers
Your data is distributed across different physical media. This has the advantage that the data can be called up more quickly and is better protected against manipulation. Every Google data center has emergency programs for your data. For example, if Google's hardware fails or natural disasters paralyze servers, the risk of a service interruption at Google remains low.
A standard storage period for your user data of 26 months is set for Google Analytics. Then your user data will be deleted. However, we have the option of choosing the retention period for user data ourselves. We have five options available for this:
- Deletion after 14 months
- Deletion after 26 months
- Deletion after 38 months
- Deletion after 50 months
- No automatic deletion
When the specified period has expired, the data will be deleted once a month. This retention period applies to your data associated with cookies, user recognition and advertising IDs (e.g. cookies from the DoubleClick domain). Report results are based on aggregated data and are stored independently of user data. Aggregated data is a merging of individual data into a larger unit.
How can I delete my data or prevent data storage?
Under European Union data protection law, you have the right to access, update, delete or restrict your data. You can prevent Google Analytics from using your data by using the browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js). You can download the browser add-on at GoogleTools download and install. Please note that this add-on only disables data collection by Google Analytics.
If you generally want to deactivate, delete or manage cookies (regardless of Google Analytics), there are separate instructions for each browser:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Clear cookies to remove data websites have placed on your computer
Microsoft Edge: Deleting and managing cookies
Google Analytics is an active participant in the EU-US Privacy Shield Framework, which regulates the correct and secure data transfer of personal data. You can find more information on this at Privacyshield.gov. We hope we were able to provide you with the most important information about data processing by Google Analytics. If you want to learn more about the tracking service, we recommend these two links: Google Analytics and Google Analytics support
Facebook Privacy Policy
We use selected Facebook tools from Facebook on our website. Facebook is a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. These tools allow us to offer you and people who are interested in our products and services the best possible offer. Below we provide an overview of the various Facebook tools, what data is sent to Facebook and how you can delete this data.
What are Facebook tools?
In addition to many other products, Facebook also offers the so-called "Facebook Business Tools". This is the official name of Facebook. But since the term is hardly known, we decided to just call them Facebook tools. These include, among others:
- Facebook pixel
- social plug-ins (such as the "Like" or "Share" button)
- Facebook login
- Account Kit
- APIs (programming interface)
- SDKs (collection of programming tools)
- Platform Integrations
- plugins
- codes
- specifications
- documentations
- Technologies and Services
With these tools, Facebook expands its services and has the opportunity to obtain information about user activities outside of Facebook.
Why do we use Facebook tools on our website?
We only want to show our services and products to people who are really interested in them. With the help of advertisements (Facebook ads) we can reach exactly these people. In order to be able to show users appropriate advertising, however, Facebook needs information about people's wishes and needs. Information about user behavior (and contact details) is made available to the company on our website. As a result, Facebook collects better user data and can show interested people appropriate advertising about our products or services. The tools thus enable tailor-made advertising campaigns on Facebook.
Facebook calls data about your behavior on our website “event data”. These are also used for measurement and analysis services. Facebook can thus create "campaign reports" on our behalf about the effect of our advertising campaigns. Furthermore, through analyzes we get a better insight into how you use our services, website or products. As a result, we use some of these tools to optimize your user experience on our website. For example, you can use the social plug-ins to share content on our site directly on Facebook.
What data is stored by Facebook tools?
By using individual Facebook tools, personal data (customer data) can be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address can be sent.
Facebook uses this information to match the data with their own data that it has about you (if you are a Facebook member). Before customer data is transmitted to Facebook, so-called "hashing" takes place. This means that a data set of any size is transformed into a character string. This is also used to encrypt data.
In addition to the contact data, "event data" is also transmitted. "Event data" means the information that we receive about you on our website. For example, which subpages you visit or which products you buy from us. Facebook does not share the information it receives with third parties (such as advertisers) unless the company has explicit permission or is legally required to do so. "Event data" may also be linked to contact information. This allows Facebook to offer better personalized advertising. After the matching process already mentioned, Facebook deletes the contact data again.
In order to be able to deliver advertisements in an optimized manner, Facebook only uses the event data if it has been combined with other data (which was collected by Facebook in a different way). Facebook also uses this event data for security, protection, development and research purposes. Much of this data is transmitted to Facebook via cookies. Cookies are small text files that are used to store data or information in browsers. Depending on the tools used and whether you are a Facebook member, a different number of cookies will be created in your browser. In the descriptions of the individual Facebook tools, we go into more detail about individual Facebook cookies. You can also find general information about the use of Facebook cookies at Facebook Policies.
How long and where is the data stored?
In principle, Facebook stores data until it is no longer required for its own services and Facebook products. Facebook has servers all over the world where your data is stored. However, customer data will be deleted within 48 hours after it has been compared with your own user data.
How can I delete my data or prevent data storage?
In accordance with the General Data Protection Regulation, you have the right to information, correction, transferability and deletion of your data.
The data will only be completely deleted if you completely delete your Facebook account. And this is how deleting your Facebook account works:
1) Click Settings on the right side of Facebook.
2) Then click on "Your Facebook information" in the left column.
3) Now click "Deactivation and Deletion".
4) Now select “Delete Account” and then click “Next and Delete Account”
5) Now enter your password, click on "Next" and then on "Delete Account"
The data that Facebook receives via our site is stored, among other things, via cookies (e.g. in the case of social plugins). You can deactivate, delete or manage individual or all cookies in your browser. Depending on which browser you use, this works in different ways. The following instructions show how to manage cookies in your browser:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Clear cookies to remove data websites have placed on your computer
Microsoft Edge: Deleting and managing cookies
If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow it or not.
Facebook is an active participant in the EU-US Privacy Shield Framework, which regulates the correct and secure data transfer of personal data. You can find more information on this at Privacyshield.gov. We hope we have given you the most important information about the use and data processing by the Facebook tools. If you want to learn more about how Facebook uses your data, we recommend the data guidelines on Facebook Privacy.
Instagram Privacy Policy
We have integrated Instagram functions on our website. Instagram is a social media platform operated by Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Facebook Inc. since 2012 and is one of the Facebook products. Embedding Instagram content on our website is called embedding. This enables us to show you content such as buttons, photos or videos from Instagram directly on our website. If you call up web pages on our website that have an integrated Instagram function, data will be transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data will thus be processed across all Facebook companies.
In the following we would like to give you a more detailed insight into why Instagram collects data, what data it is and how you can largely control the data processing. Since Instagram belongs to Facebook Inc., we get our information from the Instagram guidelines on the one hand, but also from the Facebook data guidelines on the other.
What is Instagram?
Instagram is one of the most well-known social media networks worldwide. Instagram combines the advantages of a blog with the advantages of audiovisual platforms such as YouTube or Vimeo. You can upload photos and short videos to “Insta” (as many users casually call the platform), edit them with various filters and also share them on other social networks. And if you don't want to be active yourself, you can just follow other interesting users.
Why do we use Instagram on our website?
Instagram is the social media platform that has really taken off in recent years. And of course we also reacted to this boom. We want you to feel as comfortable as possible on our website. Therefore, a varied preparation of our content is a matter of course for us. The embedded Instagram functions allow us to enrich our content with helpful, funny or exciting content from the Instagram world. Since Instagram is a subsidiary of Facebook, the data collected can also be useful for personalized advertising on Facebook. In this way, our advertisements only get to people who are really interested in our products or services.
Instagram also uses the collected data for measurement and analysis purposes. We get summarized statistics and thus more insight into your wishes and interests. It is important to note that these reports do not personally identify you.
What data is stored by Instagram?
If you come across one of our pages that has Instagram functions (such as Instagram pictures or plug-ins) built in, your browser will automatically connect to Instagram's servers. Data is sent to Instagram, stored and processed. This is regardless of whether you have an Instagram account or not. This includes information about our website, about your computer, about purchases made, about advertisements that you see and how you use our offer. Furthermore, the date and time of your interaction with Instagram are also saved. If you have an Instagram account or are logged in, Instagram stores significantly more data about you.
Facebook distinguishes between customer data and event data. We assume that this is the case with Instagram as well. Customer data are, for example, name, address, telephone number and IP address. This customer data will only be transmitted to Instagram if it has been "hashed" beforehand. Hashing means converting a record into a string. This allows you to encrypt the contact data. In addition, the “event data” mentioned above are also transmitted. Facebook – and consequently also Instagram – understands “event data” to be data about your user behavior. It can also happen that contact data is combined with event data. The contact data collected will be compared with the data that Instagram already has from you.
The collected data is transmitted to Facebook via small text files (cookies), which are usually set in your browser. Depending on the Instagram functions used and whether you have an Instagram account yourself, different amounts of data are stored.
We assume that data processing works the same on Instagram as on Facebook. That means: if you have an Instagram account or www.instagram.com visited, Instagram has set at least one cookie. If this is the case, your browser sends information to Instagram via the cookie as soon as you come into contact with an Instagram function. This data will be deleted or made anonymous again after 90 days at the latest (after comparison). Although we have dealt intensively with Instagram's data processing, we cannot say exactly what data Instagram collects and stores.
In the following we show you cookies that are set in your browser at least when you click on an Instagram function (such as a button or an Insta image). In our test, we assume that you do not have an Instagram account. Of course, if you are logged in to Instagram, significantly more cookies will be set in your browser.
These cookies were used in our test:
Surname: csrftoken
Value: ""
Purpose of use: This cookie is set with high probability for security reasons to prevent falsification of requests. However, we could not find out more precisely.
Expiry Date: after a year
Surname: middle
Value: ""
Purpose of use: Instagram sets this cookie to optimize its own services and offers on and off Instagram. The cookie defines a unique user ID.
Expiry Date: after the end of the session
Surname: fbsr_221116522124024
Value: not specified
Purpose of use: This cookie stores the log-in request for users of the Instagram app. Expiry Date: after the end of the session
Surname: right
Value: ATN
Purpose of use: This is an Instagram cookie that ensures functionality on Instagram.
Expiry Date: after the end of the session
Surname: holidays
Value: "{"194.96.75.33″:1901}:1iEtYv:Y833k2_UjKvXgYe221116522"
Purpose of use: This cookie is used for Instagram marketing purposes.
Expiry Date: after the end of the session
Annotation: We cannot claim completeness here. Which cookies are set in the individual case depends on the embedded functions and your use of Instagram.
How long and where is the data stored?
Instagram shares the information it receives between the Facebook companies with external partners and with people you connect with around the world. Data processing is carried out in compliance with our own data policy. For security reasons, among other things, your data is distributed across the world on Facebook servers. Most of these servers are located in the USA.
How can I delete my data or prevent data storage?
Thanks to the General Data Protection Regulation, you have the right to information, transferability, correction and deletion of your data. You can manage your data in the Instagram settings. If you want to completely erase your data on Instagram, you need to permanently delete your Instagram account.
And this is how the Instagram account deletion works:
First, open the Instagram app. On your profile page, go down and click on "Help Center". You are now on the company's website. On the webpage, click "Manage Account" and then click "Delete Your Account".
If you delete your account entirely, Instagram will delete posts such as your photos and status updates. Information that other people have shared about you is not part of your account and consequently will not be deleted.
As already mentioned above, Instagram stores your data primarily via cookies. You can manage, deactivate or delete these cookies in your browser. Management always works a bit differently depending on your browser. Here we show you the instructions for the most important browsers.
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Clear cookies to remove data websites have placed on your computer
Microsoft Edge: Deleting and managing cookies
You can also basically set up your browser so that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.
Instagram is a subsidiary of Facebook Inc. and Facebook is an active participant in the EU-US Privacy Shield Framework. This framework ensures correct data transmission between the USA and the European Union. Under Privacyshield.gov learn more about it. We have tried to give you the most important information about data processing by Instagram. on Instagram Help
you can learn more about Instagram's data policies.
LinkedIn Privacy Policy
On our website we use social plug-ins from the social media network LinkedIn, the company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The social plug-ins can be feeds, content sharing or linking to our LinkedIn page. The social plug-ins are clearly marked with the well-known LinkedIn logo and allow, for example, interesting content to be shared directly via our website. LinkedIn Ireland Unlimited Company Wilton Place in Dublin is responsible for data processing in the European Economic Area and Switzerland.
By embedding such plug-ins, data can be sent to LinkedIn, stored and processed there. In this data protection declaration, we want to inform you what data is involved, how the network uses this data and how you can manage or prevent data storage.
What is LinkedIn?
LinkedIn is the largest social network for business contacts. Unlike Facebook, for example, the company focuses exclusively on establishing business contacts. Companies can present services and products on the platform and establish business relationships. Many people also use LinkedIn to look for a job or to find suitable employees for their own company. In Germany alone, the network has over 11 million members. In Austria there are about 1.3 million.
Why do we use LinkedIn on our website?
We know how busy you are. You can't track all social media channels individually. Even if, as in our case, it would be worth it. Because we keep posting interesting news or reports that are worth spreading. That is why we have created the possibility on our website to share interesting content directly on LinkedIn or to refer directly to our LinkedIn page. We consider built-in social plug-ins as an extended service on our website. The data that LinkedIn collects also helps us to show possible advertising measures only to people who are interested in our offer.
What data does LinkedIn store?
LinkedIn does not store any personal data simply by integrating the social plug-ins. LinkedIn calls this data generated by plug-ins passive impressions. However, if you click on a social plug-in, for example to share our content, the platform saves personal data as so-called "active impressions". This is regardless of whether you have a LinkedIn account or not. If you are logged in, the data collected will be assigned to your account.
Your browser establishes a direct connection to the LinkedIn servers when you interact with our plug-ins. The company logs various usage data. In addition to your IP address, this can be, for example, registration data, device information or information about your Internet or mobile phone provider. If you call up LinkedIn services via your smartphone, your location can also be determined (after you have allowed this). LinkedIn may also share this data in "hashed" form with third-party advertisers. Hashing means converting a record into a string. This allows the data to be encrypted in such a way that people can no longer be identified.
Most data about your user behavior is stored in cookies. These are small text files that are usually placed in your browser. However, LinkedIn may also use web beacons, pixel tags, display tags and other device identifiers.
Various tests also show which cookies are set when a user interacts with a social plug-in. The data found cannot claim to be complete and is only used as an example. The following cookies were set without being logged in to LinkedIn:
Surname: cookie
Value: =2&34aab2aa-2ae1-4d2a-8baf-c2e2d7235c16221116522-
Purpose of use: The cookie is a so-called "browser ID cookie" and consequently stores your identification number (ID).
Expiry Date: After 2 years
Surname: long
Value: v=2&lang=de-de
Purpose of use: This cookie saves your default or preferred language.
Expiry Date: after the session ends
Surname: lidc
Value: 1818367:t=1571904767:s=AQF6KNnJ0G221116522…
Purpose of use: This cookie is used for routing. Routing records how you got to LinkedIn and how you navigate through the website there.
Expiry Date: after 24 hours
Surname: rtc
Value: kt0lrv3NF3x3t6xvDgGrZGDKkX
Purpose of use: No further information could be found about this cookie.
Expiry Date: after 2 minutes
Surname: JSESSIONID
Value: ajax:2211165222900777718326218137
Purpose of use: This is a session cookie that LinkedIn uses to maintain anonymous user sessions through the server.
Expiry Date: after the session ends
Surname: bscookie
Value: "v=1&201910230812...
Purpose of use: This cookie is a security cookie. LinkedIn describes it as a secure browser ID cookie.
Expiry Date: after 2 years
Surname: fid
Value: AQHj7Ii23ZBcqAAAA…
Purpose of use: No further information could be found for this cookie.
Expiry Date: after 7 days
Annotation: LinkedIn also works with third parties. That's why we also recognized the three Google Analytics cookies _ga and _gat in our test.
How long and where is the data stored?
In principle, LinkedIn retains your personal data for as long as the company deems necessary to offer its own services. However, LinkedIn will delete your personal data when you delete your account. In some exceptional cases, LinkedIn retains some data in aggregated and anonymous form even after you delete your account. Once you delete your account, other people will no longer be able to see your data within a day. LinkedIn generally deletes the data within 30 days. However, LinkedIn retains data if it is necessary for legal reasons. Data that can no longer be assigned to a person remains stored even after the account is closed. The data is stored on various servers in America and probably also in Europe.
How can I delete my data or prevent data storage?
You have the right to access and delete your personal data at any time. You can manage, change and delete your data in your LinkedIn account. You can also request a copy of your personal data from LinkedIn.
To access account information on your LinkedIn profile:
On LinkedIn, click on your profile icon and select the “Settings and Privacy” section. Now click on "Privacy" and then in the section "How LinkedIn uses your data" on "Change". In just a short time you can download selected data about your web activity and your account history.
You also have the option in your browser to prevent data processing by LinkedIn. As mentioned above, LinkedIn stores most of the data via cookies that are set in your browser. You can manage, disable or delete these cookies. Depending on which browser you have, the administration works a little differently. The instructions for the most common browsers can be found here:
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Clear cookies to remove data websites have placed on your computer
Microsoft Edge: Deleting and managing cookies
You can also basically set up your browser in such a way that you are always informed when a cookie is to be set. Then you can always decide individually whether you want to allow the cookie or not.
LinkedIn is an active participant in the EU-US Privacy Shield Framework. This framework ensures correct data transmission between the USA and the European Union. Under Privacyshield.gov learn more about it. We have tried to give you the most important information about data processing by LinkedIn. on LinkedIn Privacy Policy find out more about the data processing of the social media network LinkedIn.