Privacy Policy intelliCard Solutions AG
Privacy Policy intelliCard Solutions AG
Table of Contents
1. Controller and Content of this Privacy Policy 2
2. Contact Person for Data Protection 2
3. Scope and Purpose of the Collection, Processing, and Use of Personal Data 2
3.1 Data Processing when contacting us 2
3.2 Data Processing when using customer service 3
3.3 Data Processing related to Email Marketing 3
3.4 Data Processing in Job Applications 5
4. Central Data Storage and Analysis in the CRM system 5
5. Disclosure and Cross-Border Transfer 6
5.1 Disclosure to our Affiliates 6
5.2 Disclosure to Third Parties and Third-Party Access 6
5.3 Transfer of Personal Data to Third Countries 7
5.4 Information on Data Transfers to the USA 7
6. Background Data Processing on our Website 8
6.1 Data Processing when Visiting our Website (Log File Data) 8
6.2 Cookies 9
6.3 Google reCAPTCHA 10
6.4 Google Webfonts 11
6.5 Tracking and Web Analytics Tools 11
6.6 Social Media 12
6.7 Online Advertising and Targeting 14
7. Retention Periods 15
8. Data Security 15
9. Your rights 16
1. Controller and Content of this Privacy Policy
We, intelliCard Solutions AG, Untere Bahnhofstrasse 2, 8640 Rapperswil, Switzerland (Company) are the operator of the website <a href="www. id-security. com">www. id-security. com</a> (Website) and are, unless otherwise stated in this privacy policy, responsible for the data processing described in this privacy policy.
Please take note of the information below to know what personal data we collect from you and for what purposes we use it. When it comes to data protection, we primarily adhere to the legal requirements of Swiss data protection law, in particular the Federal Act on Data Protection (FADP), as well as the EU General Data Protection Regulation (GDPR), which may be applicable in individual cases.
Please note that the following information may be reviewed and amended from time to time. Therefore, we recommend regularly checking this privacy policy for any updates. you view this privacy policy regularly. Furthermore, for individual data processing listed below, other companies are responsible under data protection law or jointly responsible with us, so that in these cases, the information provided by those companies is also relevant.
2. Contact Person for Data Protection
If you have any questions regarding data protection or wish to exercise your rights, please contact our data protection contact person by sending an email to the following address: privacy@id-security. com
You can reach our EU data protection representative at:
intelliCard Labs GmbH, Turmstrasse 5, 78467 Konstanz, Germany
[privacy@intellicard. de]
3. Scope and Purpose of the Collection, Processing, and Use of Personal Data
3.1 Data Processing when contacting us
If you contact us through our contact addresses and channels (e. g. , by e-mail, phone, or contact form), your personal data is processed. We process the data you provide us with, such as your name, email address, phone number, and your request. Additionally, the time of receipt of the request will be documented. Mandatory fields are marked in contact forms with an asterisk (*). We process this data to address your request (e. g. , providing information about our products and services, assisting with contract processing, incorporating your feedback into the improvement of our products and services, etc. ).
For handling contact requests through a contact form, we use a software application provid-ed by Hubspot, 1 Sir John Rogerson's Quay, Dublin 2, Ireland (Hubspot). Therefore, your data may be stored in a database of Hubspot, which may allow Hubspot to access your da-ta if this is necessary for providing the software and supporting its use. Your personal data may be transferred to Hubspot's headquarters in the United States. Information about data processing by third parties and any transfers abroad can be found in Section 5 of this Priva-cy Policy.
The legal basis for this data processing is our legitimate interest under Article 6(1)(f) of the GDPR in addressing your request or, if your request is aimed at the conclusion or perfor-mance of a contract, in the implementation of the necessary measures within the meaning of Article 6(1)(b) of the GDPR.
It may be that Hubspot wishes to use some of this data for its own purposes (e. g. , delivering marketing emails or conducting statistical analysis). For these data processing operations, Hubspot is the controller and must ensure compliance with data protection laws in connec-tion with these data processing operations. Information about data processing by Hubspot can be found at <a href="https: //legal. hubspot. com/privacy-policy">https: //legal. hubspot. com/privacy-policy</a>.
3.2 Data Processing when using customer service
You can avail yourself of various customer services where the processing of personal data may be required. Examples of these services include technical support, customer account management, consulting services and training. In such cases, we collect the following data, with mandatory fields marked with an asterisk (*) in forms:
Salutation
First name
Surname
Billing and delivery address
Email address
Date of birth
Company, company address, and VAT number for corporate customers
Phone number
We use this data to verify your identity. Your email address is required for communication necessary to provide the customer service. We store this data together with the details, tim-ing, and content of the requested service in our CRM database (see Section 4) to ensure proper processing of the requested service. If necessary for contract fulfilment, we may also disclose the required information to any third-party service providers (e. g. , cloud hosting pro-viders, software providers, payment processors) or other relevant parties (e. g. , IT infrastruc-ture providers).
The legal basis for this data processing is our legitimate interest under Article 6(1)(f) of the GDPR in addressing your concerns or, if your request is aimed at performance of a contract, the necessity of taking pre-contractual measures pursuant to Article 6(1)(b) of the GDPR.
3.3 Data Processing related to Email Marketing
If you register for our marketing emails (e. g. during your visit to our website), the following data is collected. Mandatory fields are marked with an asterisk (*):
Email address
Salutation
First and last name
To prevent misuse and ensure that the owner of an email address has genuinely given con-sent to receive marketing emails, we use the so-called double-opt-in during registration. After submitting your registration, you will receive an email from us containing a confirmation link. To finalise your registration for marketing emails, you must click on this link. If you do not confirm your email address by clicking on the confirmation link within the specified timeframe, your data will be deleted, and no marketing emails will be sent to that address.
By registering, you consent to the processing of this data in order to receive marketing emails from us about our products and services. These marketing emails may also include invitations to participate in contests, to provide feedback, or to rate our products and ser-vices. The collection of the salutation, first and last name allows us to associate the registra-tion with any existing customer account and personalise the content of the marketing emails accordingly. Linking it to a customer account allows us to make the offers and content con-tained in the marketing emails more relevant to you and better tailored to your potential needs. Moreover, we will store and process your personal data in our CRM system (see Sec-tion 4).
We will use your data to send marketing emails until you withdraw your consent. You can withdraw your consent at any time, in particular by using the unsubscribe link included in all marketing emails.
Our marketing emails may contain a web beacon, 1x1 pixel (tracking pixel), or similar tech-nical tools. A web beacon is an invisible graphic that is linked to the user ID of the respective subscriber. For each marketing email sent, we receive information about which email ad-dresses it was successfully delivered to, which email addresses have not yet received the marketing email, and which email addresses the delivery has failed for. It is also shown which email addresses have opened the marketing email and for how long, as well as which links have been clicked. Finally, we also receive information about subscribers who have un-subscribed from the mailing list. We use this data for statistical purposes and to optimise the frequency and timing of email delivery, as well as the structure and content of the marketing emails. This allows us to better tailor the information and offers in our marketing emails to the individual interests of the recipients.
The web beacon is deleted when you delete the marketing email. You can prevent the use of web beacons in our marketing emails by adjusting the settings of your email program so that HTML is not displayed in messages. You can find information on how to configure this setting in the help documentation of your email software application, e. g. here for Microsoft Outlook.
By subscribing to the marketing emails, you also consent to the statistical analysis of user behaviour for the purpose of optimising and customising the marketing emails.
For sending marketing emails, we use a software application provided by Hubspot, 1 Sir John Rogerson's Quay, Dublin 2, Ireland (Hubspot). Therefore, your data may be stored in a database of Hubspot, which may allow Hubspot] to access your data if this is necessary for providing the software and supporting its use. Your personal data may be transferred to Hubspot's headquarters in the United States. Information about data processing by third parties and any transfers abroad can be found in Section 5 of this Privacy Policy.
The legal basis for this data processing is your consent within the meaning of Article 6(1)(a) of the GDPR. You can withdraw your consent at any time.
It may be that Hubspot wishes to use some of this data for its own purposes (e. g. , delivering marketing emails or conducting statistical analysis). For these data processing operations, Hubspot is the controller and must ensure compliance with data protection laws in connec-tion with these data processing operations. Information about data processing by Hubspot can be found at <a href="https: //legal. hubspot. com/privacy-policy">https: //legal. hubspot. com/privacy-policy</a>.
3.4 Data Processing in Job Applications
You can apply for a position in our company either spontaneously or in response to a specif-ic job advertisement. In both cases, we will process the personal data you provide us with.
We use the data you provide us with to assess your application and suitability for employ-ment. Application documents from unsuccessful applicants will be deleted at the end of the application process, unless you explicitly agree to a longer retention period or we are legally obliged to retain them for a longer period.
For the processing of applications, we use a software application provided by Hubspot, 1 Sir John Rogerson's Quay, Dublin 2, Ireland (Hubspot). Therefore, your data may be stored in a database of Hubspot, which may allow Hubspot] to access your data if this is necessary for providing the software and supporting its use. Your personal data may be transferred to Hubspot's headquarters in the United States. Information about data processing by third parties and any transfers abroad can be found in Section 5 of this Privacy Policy.
The legal basis for the data processing for this purpose is the execution of a contract (pre-contractual phase) within the meaning of Article 6(1)(b) of the GDPR.
4. Central Data Storage and Analysis in the CRM system
If a clear identification of your person is possible, we will store and link the data described in this Privacy Policy, i. e. your personal information, contact details, contract data, and your browsing behaviour on our website in a central database. This allows for efficient manage-ment of customer data, enables us to adequately process your requests, and facilitates the efficient provision of the services you requested, as well as the performance of the related contracts.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in the efficient management of user data.
We also analyse this data to further develop our products and services based on your needs and to provide you with the most relevant information and offers. We also use meth-ods that predict possible interests and future orders based on your use of our website.
For the central storage and analysis of data in the CRM system, we use a software applica-tion provided by Hubspot, 1 Sir John Rogerson's Quay, Dublin 2, Ireland (Hubspot). There-fore, your data may be stored in a database of Hubspot, which may allow Hubspot] to ac-cess your data if this is necessary for providing the software and supporting its use. Your personal data may be transferred to Hubspot's headquarters in the United States. Infor-mation about data processing by third parties and any transfers abroad can be found in Section 5 of this Privacy Policy. Further information about data processing by Hubspot can be found at <a href="https: //legal. hubspot. com/privacy-policy">https: //legal. hubspot. com/privacy-policy</a>.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in carrying out marketing activities.
5. Disclosure and Cross-Border Transfer
5.1 Disclosure to our Affiliates
We may share your personal data with our current and future subsidiaries, affiliates or other related entities to fulfil the purposes outlined in this Privacy Policy, such as improving our services, processing your requests, fulfilling contracts, or conducting internal administrative functions. In particular, we may share your personal data with our affiliate, intelliCard Labs GmbH, Turmstrasse 5, 78467 Konstanz, Germany (intelliCard Labs) for the purposes out-lined in this Privacy Policy.
The legal basis for this processing is the performance of a contract pursuant to Art. 6(1)(b) GDPR where necessary, and our legitimate interest pursuant to Art. 6(1)(f) GDPR, specifically our interest in ensuring the efficient operation of our business and improving our services.
All data sharing is conducted in compliance with applicable data protection laws, and ap-propriate safeguards are in place to ensure your data is handled securely and only for the intended purposes.
5.2 Disclosure to Third Parties and Third-Party Access
Without the support of other companies, we would not be able to provide our products and services in the desired form. To use the services of these companies, it is necessary to share your personal data with these companies to a certain extent. A disclosure of data is limited to selected third-party service providers and only to the extent necessary for the op-timal provision of our services.
Various third-party service providers are explicitly mentioned in this Privacy Policy. They in-clude the following service providers:
Hubspot, 1 Sir John Rogerson's Quay, Dublin 2, Ireland (Hubspot). For more infor-mation about data processing in connection with Hubspot, see at <a href="https: //legal. hubspot. com/privacy-policy">https: //legal. hubspot. com/privacy-policy</a>.
Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) (Google). For more information about data processing in connection with Google, see <a href="https: //policies. google. com/privacy">https: //policies. google. com/privacy</a>.
Webflow, Inc. , 398 11th Street, Floor 2, San Francisco, CA 94103, United States (Web-flow). For more information about data processing in connection with Webflow, see <a href="https: //webflow. com/legal/eu-privacy-policy">https: //webflow. com/legal/eu-privacy-policy</a>.
The legal basis for this data processing is the performance of a contract within the meaning of Article 6(1)(b) of the GDPR.
Your data may be disclosed to third parties to the extent necessary for the fulfilment of the contractual relationship, e. g. , to IT service and IT security providers or providers of other services. We also use various tools to ensure the functionality and security of our website. To enable these tools, it may be necessary for the service providers that operate these tools to access your personal data. The legal basis for these disclosures is the necessity for the performance of a contract within the meaning of Article 6(1)(b) of the GDPR. For these data processing activities, the third-party service providers are considered data controllers under the data protection laws, and not us. It is the responsibility of these third-party service pro-viders to inform you about their own data processing, which may extend beyond the mere sharing of data for the provision of services, and to comply with data protection laws.
Furthermore, your data may be disclosed, especially to authorities, legal advisors, or debt collection agencies, if we are legally obliged to do so or if it is necessary to protect our rights, in particular to enforce claims arising from our relationship with you. Data may also be disclosed if another company intends to acquire our company or parts thereof, and such disclosure is necessary to conduct a due diligence or to complete the transaction.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in protecting our rights and fulfilling our obligations, as well as in the sale of our company or parts thereof.
5.3 Transfer of Personal Data to Third Countries
We have the right to transfer your personal data to third parties located abroad if it is neces-sary to carry out the data processing described in this Privacy Policy. Specific data transfers have been mentioned in Section 3. When making such transfers, we will ensure compliance with the applicable legal requirements for disclosing personal data to third parties. The legal provisions governing the disclosure of personal data to third parties are duly observed. The countries to which data is transmitted include those that, according to the decision of the Federal Council and the European Commission, have an adequate level of data protection (such as the member states of the EEA or, from the EU's perspective, Switzerland), as well as those countries (such as the USA) whose level of data protection is not considered ade-quate (see Annex 1 of the Data Protection Ordinance (DPO) and the website of the Euro-pean Commission). If the country in question does not provide an adequate level of data protection, we ensure that your data is adequately protected by these companies by means of appropriate safeguards, unless an exception is specified on a case-by-case basis for the individual data processing (see Article 49 of the GDPR). Unless otherwise specified, these safeguards may be provided for by standard contractual clauses as referred to in Article 46(2)(c) of the GDPR, which can be found on the websites of the Federal Data Protection and Information Commissioner (FDPIC) and the EU Commission. If you have any questions regarding the implemented measures, please reach out to our data protection contact per-son (see Section 2).
5.4 Information on Data Transfers to the USA
Some of the third-party service providers mentioned in this Privacy Policy are based in the USA. For the sake of completeness, we would like to inform users residing or based in Swit-zerland or the EU that certain third-party service providers mentioned in this privacy state-ment are located in the USA. It is important to note that there are surveillance measures by US authorities in place that generally allow for the storage of all personal data of individuals whose data has been transmitted from Switzerland or the EU to the United States. This oc-curs without differentiation, limitation, or exception based on the purpose for which the data is being collected and without an objective criterion that would restrict US authorities' access to the data and its subsequent use to specific, strictly limited purposes that can justify the in-terference associated with accessing and using the data. Furthermore, we would like to point out that affected individuals from Switzerland or the EU do not have legal remedies or effective judicial protection against general access rights of US authorities, which would al-low them to access the data concerning them and to rectify or delete it. We explicitly high-light this legal and factual situation to enable you to make an informed decision regarding your consent to the use of your data.
We would also like to point out to users residing in Switzerland or a member state of the EU that the USA does not have an adequate level of data protection from the perspective of the European Union and Switzerland, partly due to the explanations given in this section. Insofar as we have explained in this data protection declaration that recipients of data (such as Google) are based in the USA, we will ensure that your data is adequately protected by our third-party service providers by choosing companies that are certified under the Privacy Framework Agreement, or by contractual arrangements with these companies, as well as any additional appropriate safeguards that may be required.
The following of our US-based service providers are certified under the EU-U. S. and Swiss-U. S. Privacy Framework (find more information here):
- Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google)
- Webflow, Inc. , 398 11th Street, Floor 2, San Francisco, CA 94103, United States (Webflow)
- HubSpot, Inc. , Two Canal Park, Cambridge, MA 02141 USA (Hubspot)
6. Background Data Processing on our Website
6.1 Data Processing when Visiting our Website (Log File Data)
When you visit our Website, the servers of our hosting provider Webflow, Inc. , 398 11th Street, Floor 2, San Francisco, CA 94103, United States (Webflow), temporarily store every access in a log file. The following data is collected without your intervention and stored by us until automatically deleted:
IP address of the requesting computer;
date and time of access;
name and URL of the accessed file;
website from which the access was made, if applicable, with the search word used;
operating system of your computer and the browser you are using (including type, version, and language setting);
device type in case of access from mobile phones;
city or region from which the access was made; and
name of your internet service provider.
The collection and processing of this data is carried out for the purpose of enabling the use of our Website (establishing a connection), ensuring the long-term security and stability of the system, and enabling error and performance analysis and optimisation of our Website (see also Section 6.4 regarding the latter points).
In case of an attack on the network infrastructure of the Website or suspicion of other unau-thorised or improper use of the Website, the IP address and other data will be analysed for clarification and defence purposes; if necessary, they may be used in civil or criminal pro-ceedings for the identification of the respective user.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in the purposes described above.
Finally, when you visit our Website, we use cookies, as well as other applications and tools that rely on the use of cookies. In this context, the data described here may also be pro-cessed. For more information, please refer to the subsequent sections of this Privacy Policy, in particular to Section 6.2.
6.2 Cookies
Cookies are information files that your web browser stores on the hard drive or in the memory of your computer when you visit our Website. Cookies are assigned identification numbers that enable your browser to be identified, and allow the information contained in the cookie to be read.
Cookies are used to make your visit to our website easier, more enjoyable, and more mean-ingful. We use cookies for various purposes that are necessary for the desired use of the website, i. e. , "technically necessary. " For example, we use cookies to identify you as a regis-tered user after logging in, so you don't have to log in again when navigating to different subpages. The provision of ordering functions also relies on the use of cookies. Further-more, cookies perform other technical functions necessary for the operation of the website, such as load balancing, which distributes the workload of the site across various web serv-ers to relieve the servers. Cookies are also used for security purposes, such as preventing the unauthorised posting of content. Finally, we use cookies in the design and programming of our website, for example, to enable the uploading of scripts or codes.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in providing a user-friendly and up-to-date website.
Most internet browsers accept cookies automatically. However, when accessing our website, we ask for your consent to the use of non-essential cookies, especially for the use of cook-ies from third parties for marketing purposes. You can adjust your preferences for cookies by using the corresponding buttons in the cookie banner. Details regarding the services and data processing associated with each cookie can be found within the cookie banner and in the following sections of this Privacy Policy.
You may also be able to configure your browser to prevent cookies from being stored on your computer or receive a notification whenever a new cookie is being sent. On the follow-ing pages, you will find instructions on how to configure cookie settings for selected brows-ers.
Google Chrome for Desktop
Google Chrome for Mobile
Apple Safari
Microsoft Windows Internet Explorer
Microsoft Windows Internet Explorer Mobile
Mozilla Firefox
Disabling cookies may prevent you from using all the features of our Website.
6.3 Google reCAPTCHA
On our website, we use reCAPTCHA provided by Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Moun-tain View, CA 94043, USA) (Google). reCAPTCHA is a free CAPTCHA service from Google that protects websites from spam software and misuse by non-human visitors. In this con-text, pseudonymised user profiles are created, and cookies are used (please also refer to Section 6.2). The information generated by the cookie about your use of this website is generally transferred to a server of the service provider, where it is stored and processed, together with the log file data listed under Section 6.1. This may also result in a transfer to servers abroad, e. g. , the USA (see Section 5.2 and 5.3, particularly regarding the safe-guards in place).
In addition to the data mentioned in Section 6.1, we particularly process the following data:
- Browsing, mouse, and keyboard behaviour;
- Language settings;
- Screen resolution.
On our behalf, the provider will use this information to evaluate the use of the website, par-ticularly to determine whether actions on the website are carried out by humans and not by bots. In this automated evaluation of personal aspects, profiling may occur, with or without significant risks. The legal basis for this data processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR in providing a user-friendly and secure website.
It is possible that Google may use some of the data for its own purposes (e. g. , for statistical analyses or product optimisation). For such data processing, Google acts as the data con-troller and must ensure compliance with data protection laws in connection with these pro-cessing activities. You can find information about Google’s data processing here.
If you do not want your data to be transferred to Google, you must fully log out of Google and delete all Google cookies before visiting our website or using the reCAPTCHA software application. Further details on how to configure your browser so that no cookies are stored on your computer, or so that a notification always appears when you receive a new cookie, can be found in Section 6.2.
6.4 Google Webfonts
We use the Google Webfonts API provided by Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) or Google LLC (1600 Amphitheatre Parkway, Moun-tain View, CA 94043, USA) (Google) on our website. This allows us to access Google’s font library, providing a cost-effective way to design our website with appealing typography. Using the Google Webfonts API also helps ensure that our website displays correctly across all browsers and that any issues are continuously resolved.
The use of the Google Webfonts API results in your log file data, including specifically your IP address (see Section 6.2), being transmitted to Google’s servers as soon as you access our website. This may also involve the transfer of data to servers abroad, e. g. , in the USA (see Section 5.2 and 5.3, particularly regarding the safeguards in place). The legal basis for this data processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR in providing a modern and visually appealing website.
Furthermore, Google may link this information to your user account. If you do not wish Google to collect data about you via this website and link it to your member data stored with Google, you must log out of your Google account before visiting this website. For more in-formation on how Google collects and uses your data, please refer to Google’s privacy poli-cy: <a href="https: //policies. google. com/privacy">https: //policies. google. com/privacy</a>.
6.5 Tracking and Web Analytics Tools
6.5.1 General Information about Tracking
For the purpose of customising and continuously optimising our Website, we use the web analytics services listed below. In this context, pseudonymised usage profiles are created, and cookies are used (please also see Section 6.2). The information generated by the cookie regarding your use of our Website is usually transmitted to a server of the service provider, where it is stored and processed, together with the Log File Data mentioned in Section 6.1. This may also result in a transfer to servers abroad, e. g. , the USA (see Sections 5.2 and 5.3).
Through the data processing, we obtain, among others, the following information:
navigation path followed by a visitor on the site (including content viewed, products selected or purchased, or services booked);
time spent on the Website or specific page;
the specific page from which the Website is left;
the country, region, or city from where an access is made;
end device (type, version, colour depth, resolution, width, and height of the browser window); and
returning or new visitor.
The provider, on our behalf, will use this information to evaluate the use of the Website, in particular to compile Website activity reports and provide further services related to Website usage and internet usage for the purposes of market research and the customisation of the Website. For these processing activities, we and the providers may be considered joint con-trollers in terms of data protection to a certain extent.
The legal basis for this data processing with the following services is your consent within the meaning of Article 6(1)(a) of the GDPR. You can withdraw your consent or oppose to pro-cessing at any time by rejecting or deactivating the relevant cookies in the settings of your web browser (see Section 6.2) or by using the service-specific options described below.
Regarding the further processing of the data by the respective provider as the (sole) control-ler, including any potential disclosure of this information to third parties, such as authorities due to national legal regulations, please refer to the respective privacy policy of the provid-er.
6.5.2 Plausible Analytics
We use the web analytics service Plausible Analytics provided by Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia (Plausible). Plausible Analytics is a privacy-friendly web analytics tool that does not use cookies and does not track individual users. Instead, Plau-sible aggregates and anonymises data to analyse website usage without relying on person-al identifiers or creating user profiles.
While Plausible does not log or store IP addresses and does not use tracking technologies such as cookies, certain data points, such as anonymised IP addresses, referral sources, and browser information, may still qualify as personal data under applicable data protection laws. However, this data is processed in a way that does not allow us to identify individual users directly. All data is aggregated and stored on servers located within the European Un-ion, ensuring compliance with the General Data Protection Regulation (GDPR).
Plausible Analytics allows us to monitor and analyse website usage while minimising the col-lection of personal information. By design, no data is shared with third parties, and no infor-mation is transferred to countries without an adequate level of data protection.
Should you wish to limit or prevent any form of data collection, you can do so by using browser-level privacy tools or disabling JavaScript in your browser settings. For further infor-mation on Plausible’s approach to privacy and data processing, please refer to their data policy at the following link: <a href="https: //plausible. io/data-policy">https: //plausible. io/data-policy</a>.
6.6 Social Media
6.6.1 Social Media Profile
Our Website contains links to our profiles on the social networks of the following provider:
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, Privacy Policy.
If you click on the icons of the social networks, you will be automatically redirected to our profile on the respective network. This establishes a direct connection between your browser and the server of the respective social network. As a result, the social network receives in-formation that you have visited our Website with your IP address and clicked on the link. This may also involve the transfer of data to servers abroad, e. g. , in the USA (see Sections 5.2 and 5.3).
If you click on a link to a social network while you are logged into your user account on that social network, the content of our website can be associated with your profile, allowing the social network to directly link your visit to our website to your account. If you want to prevent this, please log out of your account before clicking on the respective links. A connection be-tween your access to our website and your user account will always be established if you log in to the respective social network after clicking on the link. The data processing associ-ated with this is the responsibility of the respective provider in terms of data protection. Therefore, please refer to the privacy notices on the social network's website.
The legal basis for any data processing attributed to us is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in the use and promotion of our social media profiles.
6.6.2 Social Media Plugins
On our website, you can use social media plugins from the following providers:
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, Privacy Policy.
We use the social media plugins to make it easier for you to share content from our Website. The social media plugins help us to increase the visibility of our content on social networks, thereby contributing to better marketing.
The plugins are deactivated by default on our Website, and therefore, no data is sent to the social networks when you simply access our Website. To enhance data protection, we have integrated the plugins in such a way that a connection is not automatically established with the servers of the social networks. Only when you activate the plugins by clicking on them, and thus give your consent to the transmission and further processing of data by the pro-viders of the social networks, your browser establishes a direct connection to the servers of the respective social network.
The content of the plugin is transmitted directly from the social network to your browser and integrated into the Website. As a result, the respective provider receives information that your browser has accessed the corresponding page of our Website, even if you do not have an account with that social network or are not currently logged in to it. This information (in-cluding your IP address) is transmitted from your browser directly to a server of the provider (usually located in the USA) and stored there (see Sections 5.2 and 5.3). We have no influ-ence on the scope of data collected by the provider through the plugin, although from a da-ta protection perspective, we may be considered joint controllers with the providers up to a certain extent.
If you are logged into the social network, it can assign your visit to our Website directly to your user account. If you interact with the plugins, the corresponding information is also transmitted directly to a server of the provider and stored there. The information (e. g. , that you like a product or service from us) may also be published on the social network and dis-played to other users of the social network. The provider of the social network may use this information for the purpose of displaying advertisements and tailoring the respective offering to your needs. For this purpose, usage, interest, and relationship profiles may be created, e. g,. to evaluate your use of our Website with regard to the advertisements displayed to you on the social network, to inform other users about your activities on our Website, and to pro-vide other services associated with the use of the social network. The purpose and scope of the data collection, further processing and use of the data by the providers of the social networks, as well as your rights in this regard and options for protecting your privacy can be found directly in the privacy policies of the respective providers.
If you do not want the provider of the social network to associate the data collected through our Website with your user account, you must log out of the social network before activating the plugins. The legal basis for the described data processing is your consent within the meaning of Article 6(1)(a) of the GDPR. You can withdraw your consent at any time by notify-ing the plugin provider in accordance with the instructions provided in its privacy policy.
6.7 Online Advertising and Targeting
6.7.1 In general
We use services of various companies to provide you with interesting offers online. In the process of doing this, your user behaviour on our website and websites of other providers is analysed in order to subsequently be able to show you online advertising that is individually tailored to you.
Most technologies for tracking your user behaviour (Tracking) and displaying targeted ad-vertising (Targeting) utilise cookies (see also Section 6.2), which allow your browser to be recognised across different websites. Depending on the service provider, it may also be possible for you to be recognised online even when using different end devices (e. g. , laptop and smartphone). This may be the case, for example, if you have registered for a service that you use with several devices.
In addition to the data already mentioned, which is collected when visiting websites (Log File Data, see Section 6.1) and through the use of cookies (Section 6.2) and which may be transmitted to the companies involved in the advertising networks, the following data, in par-ticular, is used to select the advertising that is potentially most relevant to you:
information about you that you provided when registering or using a service from advertising partners (e. g. , your gender, age group); and
user behaviour (e. g. , search queries, interactions with advertisements, types of web-sites visited, products or services viewed and purchased, newsletters subscribed to).
We and our service providers use this data to determine whether you belong to the target audience we address and take this into account when selecting advertisements. For exam-ple, after visiting our Website, you may see advertisements for the products or services you have viewed when you visit other sites (Re-targeting). Depending on the amount of data, a user profile may also be created, which is automatically analysed; the advertisements are then selected based on the information stored in the profile, such as belonging to certain demographic segments or potential interests or behaviours. These advertisements may be displayed to you on various channels, including our website or app (as part of on- and in-app marketing), as well as advertising placements provided through the online advertising networks we use, such as Google.
The data may then be analysed for the purpose of settlement with the service provider, as well as for evaluating the effectiveness of advertising measures in order to better under-stand the needs of our users and customers and to improve future campaigns. This may al-so include information that the performance of an action (e. g. , visiting certain sections of our Website or submitting information) can be attributed to a specific advertising. We also re-ceive from service providers aggregated reports of advertisement activity and information on how users interact with our Website and advertisements.
The legal basis for this data processing is your consent within the meaning of Article 6(1)(a) of the GDPR. You can withdraw your consent at any time by rejecting or deactivating the relevant cookies in the settings of your web browser (see Section 6.2). Further options for blocking advertising can also be found in the information provided by the respective service provider, such as Google.
6.7.2 Google Ads
As explained in Section 6.6.1, this website uses the services of Google LLC, 1600 Amphi-theatre Parkway, Mountain View, CA 94043, USA (Google) for online advertising. Google uses cookies (see the list here), which allow your browser to be recognised when you visit other websites. The information generated by the cookies about your visit to these websites (including your IP address) is transmitted to and stored by Google on servers in the United States (see Sections 5.2 and 5.3). Further information on data protection at Google can be found here.
The legal basis for this data processing is your consent within the meaning of Article 6(1)(a) of the GDPR. You can withdraw your consent at any time by rejecting or deactivating the relevant cookies in the settings of your web browser (see Section 6.2). Further options for blocking advertising can be found here.
7. Retention Periods
We only store personal data for as long as it is necessary to carry out the processing de-scribed in this privacy policy within the scope of our legitimate interests. For contractual data, the storage is stipulated by statutory retention obligations. Requirements that oblige us to retain data arise from the accounting and tax law regulations. According to these regula-tions, business communication, concluded contracts, and accounting documents must be retained for up to 10 years. If we no longer need this data to provide services for you, the data will be blocked. This means that the data may then only be used if this is necessary to fulfil the retention obligations or to defend and enforce our legal interests. The data will be deleted as soon as there is no longer any legal obligation to retain it and no legitimate in-terest in its retention exists.
8. Data Security
We use appropriate technical and organisational security measures to protect your personal data stored with us against loss and unlawful processing, in particular unauthorised access by third parties. Our employees and the service companies mandated by us are obliged to maintain confidentiality and uphold data protection. Furthermore, these persons are only granted access to personal data to the extent necessary for the performance of their tasks.
Our security measures are continuously adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communi-cation always involves certain security risks and we cannot, therefore, provide any absolute guarantee for the security of information transmitted in this way.
9. Your rights
If the legal requirements are met, as a data subject, you have the following rights with re-spect to data processing:
Right of access: You have the right to request access to your personal data stored by us at any time and free of charge if we process such data. This gives you the opportunity to check what personal data concerning you we process and whether we process it in accord-ance with applicable data protection regulations.
Right to rectification: You have the right to have inaccurate or incomplete personal data rectified and to be informed about the rectification. In this case, we will also inform the recip-ients of the data concerned about the adaptations we have made, unless this is impossible or involves disproportionate effort.
Right to erasure: You have the right to obtain the erasure of your personal data under cer-tain circumstances. In individual cases, particularly in the case of statutory retention obliga-tions, the right to erasure may be excluded. In this case, the erasure may be replaced by a blocking of the data if the requirements are met.
Right to restriction of processing: You have the right to request that the processing of your personal data be restricted.
Right to data portability: You have the right to receive from us, free of charge, the personal data you have provided to us in a readable format.
Right to object: You have the right to object at any time to data processing, especially with regard to data processing related to direct marketing (e. g. , marketing emails).
Right to withdraw consent: You have the right to withdraw your consent at any time. How-ever, processing activities based on your consent in the past will not become unlawful due to your withdrawal.
To exercise these rights, please send us an e-mail to the following address: datenschutz@intellicard. de.
Right of complaint: You have the right to lodge a complaint with a competent supervisory authority, e. g. , against the manner in which your personal data is processed.