Privacy Policy of the Proalpha Group

    We would like to inform you about the processing of personal data carried out by Proalpha Group (hereinafter “Proalpha”) in accordance with the EU General Data Protection Regulation. As we have outsourced certain aspects of our services within our group, data may in some cases also be transferred to other companies within our group. This takes place either within the framework of data processing on behalf of a controller in accordance with Article 28 of the GDPR or under joint controllership in accordance with Article 26 of the BDSG, and naturally only occurs where there is a legal basis for doing so.

    We have put internal procedures in place to ensure that the processing of your data complies with the provisions of the applicable data protection laws. If you have any questions or comments regarding this privacy notice, please feel free to contact us at any time at the email address provided in section 2.

    1. Overview

    The following privacy notice provides information on the nature, scope and purpose of the collection and use of your personal data, as well as the use of cookies by the companies of the Proalpha Group in their capacity as data controllers (hereinafter referred to as "Proalpha", "we" or "us").
    Personal data is any data that can be related to you personally, such as your name, your address or your email address.

    Name and contact details of the data controller and the data protection officer

    Controller

    The data controller responsible for the processing of personal data in accordance with data protection regulations is:

    Böhme & Weihs GmbH
    represented by the Managing Director Jörg von Ploetz
    Linderhauser Straße 153
    42279 Wuppertal
    Tel: +49 202 38434 0
    Fax: +49 202 38434 99
    E: info(at)boehme-weihs.de

    Website: www.enit.io/de/ (see also our Legal notice).

    You can find further information about our group companies HERE, and a list of our locations can be found HERE.

    Data Protection Officer:

    We have appointed a Data Protection Officer for our company. You can contact them at

    dataprotection@proalpha.com.

    Online presence and website optimisation

    For the purposes of analysing and optimising our websites, we use various services that help us to better understand how our site is used and the frequency of visits. Among other things, we collect data on which website a data subject came from (known as the referrer), which subpages of the website were accessed, and how often and for how long a subpage was viewed. This helps us to design our services in a user-friendly manner and to improve them. The data collected in this process is not used to personally identify individual users.

    2. Data Processing on the Website

    Use of the website for information purposes

    When you simply browse our website, the browser on your device automatically sends information to our website’s server, which is temporarily stored in a log file. The following information is collected automatically and stored until it is automatically deleted:

    • the IP address of the requesting internet-enabled device,

    • the date and time of access,

    • the name and URL of the file accessed,

    • the website from which the access originated (referrer URL),

    • the browser you are using and, where applicable, the operating system of your internet-enabled computer, as well as the name of your internet service provider.

    The legal basis for the processing of this data is Article 6(1)(f) of the GDPR. Our legitimate interest lies in ensuring a smooth connection, guaranteeing the user-friendliness of our services, and ensuring and evaluating system security and stability.

    Further information on the retention period and the deletion of data is provided in the following sections.

    Cookies - General Notes

    What are cookies? Cookies are small text files that are stored on your computer by a website or service and enable you to be identified on subsequent visits. Cookies transmit information to the entity that sets the cookie. Cookies can store various types of information, such as your language settings, the duration of your visit to our website, or the data you have entered there. This prevents you, for example, from having to re-enter necessary form data every time you use the site. The information stored in cookies can also be used to identify preferences and tailor content to your areas of interest.

    There are various types of cookies: session cookies are small amounts of data that are stored temporarily in the browser’s cache and deleted when you close your browser. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. With this type of cookie, the information may also be stored in text files on your computer. However, you can also delete these cookies at any time via your browser settings.

    First-party cookies are set by the website you are currently visiting. Only this website is permitted to read the information contained in these cookies. Third-party cookies are set by organisations other than the operator of the website you are visiting. These cookies are used, for example, by marketing companies.

    The legal basis for the processing of personal data via cookies and the duration of their storage may vary. Where you have given us your consent, the legal basis is Article 6(1)(a) of the GDPR. Where data processing is carried out on the basis of our legitimate interests, the legal basis is Article 6(1)(f) of the GDPR. The stated purpose then corresponds to our legitimate interest.

    We use cookies to ensure the website functions properly, to provide basic functionality and – with your consent – to tailor our services to your preferred areas of interest and to measure our reach. To this end, we use both session cookies and persistent cookies.

    You can delete cookies already stored on your device at any time. If you wish to prevent cookies from being stored, you can do so via the settings in your web browser. You can find instructions for common browsers here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can also install ad blockers. Please note that certain features of our website may not work if you have disabled cookies.

    We also use a consent management platform on our website, which allows you to manage your consent settings in one place. You can access this at any time via the consent banner (bottom left).

    Cookiebot

    Cookiebot is a consent management platform that enables websites to protect users’ privacy and comply with the GDPR when it comes to cookies and tracking. “Cookiebot” is a service provided by Usercentrics A/S, 1058 Copenhagen, Denmark.

    We use the ‘Cookiebot’ feature to inform visitors to our website about the use of cookies and other technologies on our site and to allow them to decide whether to accept them. If a visitor consents to the use of cookies, the following data is automatically recorded:

    • the user's IP address,

    • Date and time of consent,

    • User agent of the end user's browser,

    • Provider's URL,

    • the user’s accepted cookies (cookie status), which are required as proof of consent,

    • an anonymous, random and encrypted key.

    The encrypted key and the cookie status are stored on the user’s device via a cookie in order to restore the relevant cookie status when the page is visited in future. This cookie is automatically deleted after 12 months. The legal basis for data processing is Article 6(1)(f) of the GDPR. Our legitimate interest lies in the user-friendliness of the website and in compliance with the legal requirements of the GDPR and the TTDSG.
    The user can prevent or terminate the installation and storage of the cookie, and thus their consent to the cookie, at any time by adjusting their browser settings. You can open and edit the Cookiebot settings via the icon at the bottom left.
    Further information on Cookiebot can be found at:
    https://www.cookiebot.com/de/privacy-policy/

    Google Analytics

    To the extent that you have given your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The controller responsible for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

    Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by cookies about your use of this website is generally transmitted to and stored on a Google server in the USA. We use the User-ID function. With the help of the User ID, we can assign a unique, permanent ID to one or more sessions (and the activities within those sessions) and analyze user behavior across devices.

    We use Google Signals. This allows Google Analytics to collect additional information about users who have activated personalized advertising (interests and demographic data), and advertisements can be delivered to these users in cross-device remarketing campaigns.

    We use the "anonymizeIP" function (IP masking). IP anonymization is activated by default in Google Analytics. Due to IP anonymization, your IP address is shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data.

    During your visit to the website, your user behavior is recorded.

    On behalf of the website operator, Google will use this information to evaluate your use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

    Among other things, the following data is collected during your website visit:

    • Pages visited and your click path
    • Achievement of website goals (conversions, e.g., newsletter registrations, downloads)
    • User behavior (e.g., clicks, time spent, bounce rates)
    • Approximate location (region)
    • Your IP address (in shortened form)
    • Technical information about your browser and devices used (e.g., language settings, screen resolution)
    • Your internet service provider
    • Referrer URL (which website or advertising medium referred you to this website)

    Recipients of the data are/may be:

    • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (processor pursuant to Art. 28 GDPR)
    • Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
    • Alphabet Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

    It cannot be ruled out that U.S. authorities may access the data stored by Google.

    Where data is processed outside the EU/EEA and there is no level of data protection equivalent to European standards, we have concluded EU Standard Contractual Clauses with the service provider to ensure an adequate level of data protection. Google Ireland’s parent company, Google LLC, is based in California, USA. A transfer of data to the USA and access by U.S. authorities to data stored by Google cannot be excluded. From a data protection perspective, the USA is currently considered a third country. You do not have the same rights there as within the EU/EEA. You may not have legal remedies against access by authorities.

    The data sent by us and linked to cookies is automatically deleted after 24 months. Data whose retention period has expired is automatically deleted once a month. You can also prevent Google from collecting and processing data generated by cookies and related to your use of the website (including your IP address) by:

    a) not granting consent to the setting of cookies, or
    b) downloading and installing the browser add-on to disable Google Analytics HERE.

    You can also prevent the storage of cookies by adjusting your browser software settings accordingly. However, if you configure your browser to reject all cookies, some functionalities on this and other websites may be limited.

    The legal basis for this data processing and the possibility of withdrawal is your consent pursuant to Art. 6 (1) lit. a GDPR. You may revoke your consent at any time with future effect by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed at the bottom left) and changing your selection there.

    Further information on the Google Analytics Terms of Use and Google’s Privacy Policy can be found at:
    https://marketingplatform.google.com/about/analytics/terms/de/
    and
    https://policies.google.com/?hl=de

    Google Ads Remarketing Services and Conversion Tracking

    We use the marketing and remarketing services (collectively referred to as “Google Marketing Services”) provided by Google on our website. This serves to optimize and operate our online offering in an efficient and economical manner.

    Google Marketing Services allow us to display advertisements for our website in a more targeted way, presenting you only with ads that may be relevant to your interests. For example, if advertisements for our services are displayed to you on other websites, this is referred to as “remarketing”. For these purposes, when you visit our website and other websites on which Google Marketing Services are active, Google directly executes a code provided by Google and integrates so-called (re)marketing tags (invisible graphics or code, also known as “web beacons”) into the website. These technologies store an individual cookie on your device, i.e., a small file (similar technologies may also be used instead of cookies).

    Cookies may be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com. This file records which websites you have visited, which content you were interested in, and which offers you clicked on. It also records technical information about your browser and operating system, referring websites, the time of your visit, and other information regarding your use of the online offering.

    Your IP address is also collected. However, within the scope of Google Analytics, we have configured IP anonymization so that the IP address is shortened within Member States of the European Union or in other states party to the Agreement on the European Economic Area and is only transmitted in full to a Google server in the USA and shortened there in exceptional cases. The IP address is not combined with your data from other Google services.

    The information mentioned above may also be combined by Google with information from other sources. If you subsequently visit other websites, advertisements tailored to your interests may be displayed to you.

    Your data is processed pseudonymously within the framework of Google Marketing Services. This means that Google does not store or process your name or email address, for example, but processes the relevant data in connection with cookies within pseudonymous user profiles. The information collected about users through Google Marketing Services is transmitted to Google and stored on Google's servers in the United States.

    Among the Google Marketing Services we use is the online advertising program “Google Ads” (formerly “Google AdWords”). In the case of Google Ads, each Ads customer receives a different “conversion cookie”. Cookies can therefore not be tracked across the websites of Ads customers. The information obtained through the cookie is used to create conversion statistics for Ads customers who have opted for conversion tracking. Ads customers learn the total number of users who clicked on their advertisement and were redirected to a page marked with a conversion tracking tag. However, they do not receive any information that could personally identify users.

    We also use “Google Tag Manager” to integrate and manage Google analytics and marketing services on our website.

    This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area to a country that does not provide an adequate level of data protection. If data is transferred to the United States, there is a risk that U.S. authorities may process your data for control and surveillance purposes without you necessarily having access to legal remedies.

    Further information on Google's use of data for marketing purposes can be found on the overview page:
    https://www.google.com/policies/technologies/ads

    Google’s privacy policy is available at:
    https://www.google.com/policies/privacy

    If you wish to object to interest-based advertising by Google Marketing Services, you can use the settings and opt-out options provided by Google:
    https://adssettings.google.com/authenticated?hl=en

    The legal basis for this data processing and your right to withdraw consent is your consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed in the lower left corner) and changing your selection there.

    Google Tag Manager

    For the sake of transparency, we would like to point out that we use the Tag Manager provided by Google. This is a tag management system used to manage JavaScript and HTML tags that are required for the implementation of tracking and analytics tools.

    Google Tag Manager itself does not collect any personal data. The Tag Manager facilitates the integration and management of our tags. Tags are small code elements that are used, among other things, to measure traffic and visitor behavior, track the impact of online advertising and social channels, set up remarketing and audience targeting, and test and optimize websites.

    If you have opted out of tracking, this deactivation will be respected by Google Tag Manager.

    For more information about Google Tag Manager, please visit:

    www.google.com/intl/en/tagmanager/use-policy.html

    www.google.com/intl/en/tagmanager/faq.html

    safety.google/privacy/privacy-controls

    Google Analytics Audiences

    To the extent that you have given your consent, Google Analytics Audience (GA Audience), an advertising and conversion tracking service, is used on this website. The responsible service provider in the EU is Google Ireland Limited.

    GA Audience uses cookies that are stored on your computer and other mobile devices (e.g., smartphones, tablets, etc.) and enable an analysis of the use of these devices. Some of the data is analyzed across devices. Google Audience gains access to the cookies created through the use of Google Ads (formerly Google AdWords) and Google Analytics.

    The following data may be processed as part of the use of this service:

    • User Agent
    • Location information
    • Referrer URL
    • IP address
    • Page depth
    • Session duration
    • Date and time of visit
    • Usage data

    This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area to a country that does not provide an adequate level of data protection. If data is transferred to the United States, there is a risk that your data may be processed by U.S. authorities for control and surveillance purposes without you necessarily having access to legal remedies.

    The legal basis for this data processing and the possibility to withdraw consent is your consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed in the lower left corner) and changing your selection there.

    Further information on data protection when using GA Audience can be found at the following link:

    https://support.google.com/analytics/answer/2700409?hl=en&ref_topic=2611283

    Google AdSense

    Where you have given your consent, this website uses Google AdSense, an online advertising service. The responsible service provider within the EU is Google Ireland Limited.

    Google AdSense uses cookies that are stored on your computer and collect statistical information about you, which is processed by our advertising partners. We use Google AdSense to present advertising tailored to your interests. By visiting our website, Google receives information that you have accessed our website.

    This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area to countries that do not provide an adequate level of data protection. If data is transferred to the United States, there is a risk that U.S. authorities may process your data for monitoring and surveillance purposes without effective legal remedies being available to you.

    If you are logged into your Google account, your data may be directly linked to your profile. If you do not wish this association to occur, you must log out of your Google account.

    You can prevent Google AdSense from setting cookies by disabling interest-based advertising through:

    Google Ad Preferences

    You can also disable interest-based advertising from providers participating in the “About Ads” self-regulatory initiative via:

    About Ads Choices

    Please note that both opt-out settings will be deleted if you delete your cookies.

    For a permanent deactivation in Firefox, Internet Explorer, or Google Chrome, you can also use:

    Google Ads Browser Plugin

    However, this may limit the full functionality of this website.

    The legal basis for this data processing and the right to withdraw consent is your consent pursuant to Art. 6 (1) (a) GDPR. You may withdraw your consent at any time with effect for the future by changing your selection in our Consent Management Platform.

    Further information on the purpose and scope of data collection and processing by Google can be found at:

    Google Advertising Technologies Privacy Information

    DoubleClick by Google

    To the extent that you have given your consent, the online marketing tool DoubleClick by Google is used on this website. The responsible service provider in the European Union is Google Ireland Limited.

    DoubleClick uses cookies to display advertisements that are relevant to users, improve reports on campaign performance, and prevent users from seeing the same advertisements multiple times. Google uses a cookie ID to record which advertisements are displayed in which browser. This prevents the same advertisement from being shown repeatedly. In addition, DoubleClick can use cookie IDs to track so-called conversions related to advertisements. This is the case, for example, when a user sees a DoubleClick advertisement and later visits the advertiser’s website using the same browser and makes a purchase there.

    When you access a page that uses DoubleClick and where the DoubleClick script is permitted, your browser automatically establishes a direct connection with Google’s servers. Through the integration of DoubleClick, Google receives information that you have accessed the relevant part of our website or clicked on one of our advertisements. If you are registered with a Google service, Google may associate the visit with your account.

    This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area to a country that does not provide an adequate level of data protection. If data is transferred to the United States, there is a risk that your data may be processed by U.S. authorities for control and surveillance purposes without you necessarily having access to legal remedies. Below you will find a list of countries to which data may be transferred. Such transfers may occur for various purposes, including data storage and processing.

    You can prevent data collection through this tracking procedure in several ways:

    a. By configuring your browser settings accordingly. Blocking third-party cookies will prevent advertisements from third-party providers from being displayed.

    b. By disabling cookies used for conversion tracking. To do this, you must block cookies from the domain “www.googleadservices.com” in your browser.

    c. By setting an opt-out cookie via the following link:
    https://www.google.de/settings/ads
    Please note that this setting will be deleted if you delete all cookies.

    d. By disabling interest-based advertisements from providers participating in the “About Ads” self-regulatory campaign via:
    http://www.aboutads.info/choices
    Please note that this setting will also be deleted if you delete your cookies.

    e. By permanently disabling cookies in your browser using:
    https://www.google.com/settings/ads/plugin

    Please note that in this case you may not be able to fully use all functions of our website.

    The legal basis for this data processing and the possibility to withdraw consent is your consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed in the lower-left corner) and changing your selection there.

    Further information about DoubleClick by Google can be found at:

    https://www.google.de/doubleclick

    https://support.google.com/admanager/answer/2839090?hl=en

    General information about Google's privacy practices can be found at:

    https://www.google.de/intl/en/policies/privacy

    Alternatively, you may visit the website of the Network Advertising Initiative (NAI):

    https://www.networkadvertising.org

    HubSpot

    We use HubSpot on our website, a service for marketing, content management, web analytics, and search engine optimization. The service provider is HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. This service is used for statistical and marketing purposes.

    This list contains all (personal) data collected by or through the use of this service:

    • Geographic location
    • Browser type
    • Navigation information
    • Referrer URL
    • Performance data
    • City location
    • Frequency of application use
    • Mobile app data
    • Login information for the HubSpot subscription service
    • Files viewed locally
    • Domain names
    • Pages viewed
    • Aggregated usage data
    • Operating system version
    • Internet service provider
    • IP address
    • Device identifier
    • Duration of visit
    • Source from which the application was downloaded
    • Operating system
    • Events occurring within the application
    • Access times
    • Clickstream data
    • Device model and version

    The legal basis for this data processing and the possibility of withdrawal is your consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time with future effect by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed in the lower-left corner) and changing your selection there.

    The validity period of analytics cookies is a maximum of six months. Further information about individual cookies can be found at:

    https://knowledge.hubspot.com/reports/what-cookies-does-hubspot-set-in-a-visitors-browser

    Data recipients

    Information

    Below you will find the email address of HubSpot’s Data Protection Officer:

    privacy@hubspot.com

    Transfer to third countries

    This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area to a country that does not provide an adequate level of data protection. If data is transferred to the United States, there is a risk that your data may be processed by U.S. authorities for control and surveillance purposes without you necessarily having access to legal remedies.

    Data may be transferred to the following countries for various purposes, such as storage or processing:

    • Ireland
    • United States of America
    • Other countries in which HubSpot partners operate

    To read the data processor's privacy policy, please visit:

    https://legal.hubspot.com/privacy-policy

    HubSpot Forms

    We use HubSpot Forms on our website, a service for creating online forms. The service provider is HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. This service is used to provide online forms. Cookies are set for this purpose.

    This list contains all (personal) data collected by or through the use of this service:

    • Device identifier
    • User agent data
    • City location
    • Device model and version
    • IP address
    • Operating system version
    • Navigation information
    • Telephone number
    • Browser type
    • Login information for the HubSpot subscription service
    • Duration of visit
    • Geographic location
    • Internet service provider
    • Access times
    • Viewed pages
    • Domain names
    • Company name
    • Referrer source
    • Operating system
    • Referrer URL
    • Where the mobile application was downloaded from
    • Email address
    • Clickstream data
    • Transaction information
    • Frequency of mobile application usage
    • Aggregated mobile application usage
    • Graphics
    • HTML pages
    • Events occurring within the mobile application
    • Information from third-party sources
    • Mobile application performance data
    • Files displayed on our website
    • Payment information
    • Address

    The legal basis for this data processing and the possibility of withdrawal is your consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed in the lower-left corner) and changing your selection there.

    The data will be deleted as soon as it is no longer required for the processing purposes.

    LinkedIn Analytics

    To the extent that you have given your consent, the analytics service LinkedIn Analytics is used on this website. The service provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Cookies are used for this purpose. This service is used for usage analysis.

    This list contains all (personal) data collected by or through the use of this service:

    • Information about the operating system
    • Device identifier
    • ISP or mobile network provider
    • IP address
    • Referrer URL
    • Information about browser add-ons
    • Browser information

    The legal basis for this data processing and the possibility of withdrawal is your consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed in the lower-left corner) and changing your selection there.

    The data will be deleted as soon as it is no longer required for processing purposes.

    Recipients of the data are LinkedIn Ireland Unlimited Company and LinkedIn Inc., USA.

    This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area to a country that does not provide an adequate level of data protection. If data is transferred to the United States, there is a risk that your data may be processed by U.S. authorities for control and surveillance purposes without you necessarily having access to legal remedies. Data may be transferred for various purposes, such as storage or processing.

    Click here to read the data processor's privacy policy:

    https://www.linkedin.com/legal/privacy-policy

    Click here to opt out across all domains of the processing company:

    https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences?lang=en

    Click here to read the data processor's cookie policy:

    https://www.linkedin.com/legal/cookie_policy

    LinkedIn Ads

    To the extent that you have given your consent, the advertising service LinkedIn Ads is used on this website. The service provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This service is used for conversion tracking, advertising, and remarketing purposes. Cookies, pixels, and advertising tags are used for these purposes.

    This list contains all (personal) data collected by or through the use of this service:

    • IP address
    • User Agent data
    • Device ID
    • Search terms
    • Viewed articles
    • Visited pages
    • Viewed advertisements
    • Followers
    • Connections
    • Videos viewed
    • Profile information
    • Advertising identifier
    • Operating system information
    • Device information

    The legal basis for this data processing is your consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform and changing your selection there.

    The data will be deleted as soon as it is no longer required for processing purposes. Recipients of the data are LinkedIn Ireland Unlimited Company and LinkedIn Inc., USA.

    This service may transfer the collected data to another country. Please note that this service may transfer data outside the European Union and the European Economic Area to a country that does not provide an adequate level of data protection. If data is transferred to the United States, there is a risk that your data may be processed by U.S. authorities for control and surveillance purposes without you necessarily having access to legal remedies. Data may be transferred for various purposes, such as storage or processing.

    Click here to read the data processor's privacy policy:

    https://www.linkedin.com/legal/privacy-policy

    Click here to opt out across all domains of the processing company:

    https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences?lang=en

    Click here to read the data processor's cookie policy:

    https://www.linkedin.com/legal/cookie_policy

    LinkedIn Insight Tag

    To the extent that you have given your consent, the LinkedIn Insight Tag conversion tracking and retargeting service is used on this website. The service provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This service is used for analytics, retargeting, and marketing purposes. Cookies are used for this purpose.

    This list contains all (personal) data collected by or through the use of this service:

    • Referrer URL
    • IP address
    • Device information
    • Browser information
    • Timestamp

    The legal basis for this data processing and the possibility to withdraw consent is your consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed in the lower-left corner) and changing your selection there.

    The data is deleted after 90 days. Recipients of the data are LinkedIn Ireland Unlimited Company and LinkedIn Corp.

    Please note that this service may transfer data outside the European Union and the European Economic Area to a country that does not provide an adequate level of data protection. If data is transferred to the United States, there is a risk that your data may be processed by U.S. authorities for control and surveillance purposes without you necessarily having access to legal remedies. Data may be transferred for various purposes, such as storage or processing. The following country may receive the data:

    • United States of America

    Click here to read the data processor's privacy policy:

    https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com

    Click here to read the data processor's cookie policy:

    https://www.linkedin.com/legal/cookie_policy?src=li-other&veh=www.linkedin.com

    Microsoft Clarity

    We use Microsoft Clarity, an analytics service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft Clarity helps us understand user behavior and interactions on our website in order to improve our online presence.

    In addition, your personal data is processed for the following purposes:

    • Tracking (e.g., interest-based/behavioral profiling, use of cookies)
    • Remarketing and conversion measurement (measuring the effectiveness of marketing activities)
    • Interest-based and behavioral marketing
    • Profiling (creation of user profiles)
    • Reach measurement (e.g., access statistics, recognition of returning users)
    • Cross-device tracking (cross-device processing of user data for marketing purposes)

    For these purposes, click data (e.g., visited websites, interest in content, access times), metadata/communication data (e.g., device information, IP addresses), location data (information about the geographical location of a device or person), and movement data (mouse movements, scrolling behavior) are collected in pseudonymized form. In addition, failed interactions with buttons ("dead clicks") are recorded.

    Behavioral patterns, heatmaps, and session recordings are generated from this data. We are unable to identify individual persons from these recordings. Click data is stored for up to 13 months.

    The legal basis for processing your personal data for the above purposes is your consent pursuant to Article 6(1)(a) GDPR and Section 25(1) TTDSG. You may withdraw your consent at any time with effect for the future via the Consent Tool.

    The data is also transmitted to Microsoft. Microsoft may further process the data for its own purposes, such as product improvement and advertising. We have no knowledge of which specific data is processed for which specific purposes by Microsoft and have no influence over such processing.

    Further information about the information collected can be found at:

    https://learn.microsoft.com/en-us/clarity/setup-and-installation/clarity-data

    Data processing is carried out by Microsoft Corporation, headquartered in the United States. Microsoft Corporation is certified under the Data Privacy Framework. Therefore, data transfers to Microsoft Corporation are covered by an adequacy decision of the European Commission pursuant to Article 45 GDPR.

    The certification status can be verified at:

    https://www.dataprivacyframework.gov/s/

    Further information on Microsoft's data processing practices can be found in Microsoft's Privacy Statement.

    Dealfront (Leadfeeder)

    We use the technology of Dealfront Group GmbH, Durlacher Allee 73, 76131 Karlsruhe, Germany, hereinafter referred to as “Dealfront”, on our website.

    We use Dealfront to analyze and identify business visitors to our website. The service is primarily used to identify potential B2B customers, analyze the use of our website, and develop and optimize sales and marketing strategies.

    For this purpose, your IP address is processed to determine whether it is a business-related IP address. In addition to the IP address, Dealfront collects information about the websites visited and page views. This also includes the source that led visitors to our website. For company identification purposes, IP addresses are linked to company-specific information such as company names and industry codes. This data is supplemented through web crawling and publicly available social media information. Such information may include, for example, addresses, industry sectors, and employee counts.

    For this purpose, at the beginning of a session, the visitor's IP address and corresponding session data are compared with an extensive whitelist of known companies. Unfortunately, we do not know how these whitelists are compiled and have no influence over them.

    To enhance the privacy of our visitors, we have enabled “IP Address Anonymization”, meaning that only shortened values are stored and processed by Dealfront instead of the actual IP addresses. When this function is activated, the actual IP address is not stored anywhere in our systems, including log files. This anonymization makes it impossible to subsequently link the data to external IP address information, thereby preventing the identification of an individual person.

    As part of the integration of Dealfront into our website, the following first-party cookies are used to analyze visitor behavior:

    Name Description Storage Period
    _lfa Remains in the browser and is accessed on each subsequent visit so that we know when the visitor returns to the website. Apart from this random text identifier, it contains no additional information. 1 year
    _lfa_consent If your website has enabled support for the Dealfront Consent Management Tool, the visitor's consent status is stored in this cookie. 2 years
    _lfa_test_cookie_stored A cookie used temporarily to determine whether the browser supports cookies. This cookie may appear in a cookie scanner used for consent management. Deleted immediately
    _lfa_expiry A local storage variable used to store the duration of the Dealfront ClientID stored in the browser's Local Storage. 2 years

     

    The legal basis for the processing and storage of data is your consent pursuant to Article 6(1)(a) GDPR and Section 25(1) TDDDG. Consent may be withdrawn at any time with effect for the future.

    The data will be deleted as soon as it is no longer required for the original purposes or if you withdraw your consent.

    Further information about Dealfront can be found in the privacy policy:

    https://www.dealfront.com/privacy-notice/

    Twipla (Web analytics without cookies in Maximum Privacy Mode)

    We use the web analytics service Twipla, provided by Visitor Analytics GmbH, Siemensstraße 20, 85521 Ottobrunn, Germany, in the publicly accessible areas of our website. The use of Twipla serves to analyze and optimize our online presence. In particular, we collect information on which websites users come from when accessing our website (referrers), which pages are accessed, how often and for how long they are viewed, and how page views develop over time. The data collected in this context is not used to personally identify individual users. We operate Twipla in what is known as Maximum Privacy Mode. In this operating mode:

    • no cookies are set,
    • no individual visitor profiles or complete visit histories are stored, and
    • no fingerprinting technologies are used.

    Instead, Twipla processes only:

    • general location information (e.g. the country/region from which access occurs),
    • technical information from HTTP requests (e.g. pages accessed, date and time of access, and basic technical parameters), as well as
    • an approximate identification of returning visitors, carried out without fingerprinting and without direct personal identifiers.

    The analyses are performed in an aggregated, statistical form and enable us in particular to measure the reach and use of our website and to make the content and structure of our offerings more user-friendly and to improve them.

    Legal basis and right to object
    The use of Twipla in Maximum Privacy Mode takes place without the use of cookies or comparable technologies on your device. The legal basis for the data processing is therefore our legitimate interest in privacy-friendly web analytics and in designing our website to meet user needs in accordance with Art. 6(1)(f) GDPR. Our legitimate interest lies in particular in analyzing the use of our online offering, improving user-friendliness, and ensuring the efficient operation of our website.

    You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is based on Art. 6(1)(f) GDPR (Art. 21 GDPR). To exercise this right, please contact us using the contact details provided in section 1.

    Since analyses in Twipla’s Maximum Privacy Mode are carried out exclusively in an aggregated and highly privacy-conscious form, and since we generally do not maintain individual user profiles, it is usually not possible to identify you personally.

    Newsletter

    It is possible to subscribe to free newsletters on our website. When registering, the data entered into the registration form is transmitted to us.

    The only mandatory fields are your email address, your country, and your area of interest. Optionally, you may provide your salutation, first name, last name, and the company you work for.

    To ensure that no errors occur when entering your email address, we use the so-called double opt-in procedure. After entering your email address into the registration form, we will send you a confirmation link. Your email address will only be added to our mailing list once you click on this confirmation link. At this stage, the processing of your electronic contact data is based solely on your consent (Article 6(1)(a) GDPR). You may revoke your consent at any time with effect for the future. To do so, simply click the “unsubscribe” button included in every newsletter.

    If you provide optional information when subscribing to our newsletter, we process this data based on our legitimate interest (Article 6(1)(f) GDPR) in presenting our newsletter in an appealing manner and solely for the purpose of personally addressing you within the newsletter.

    Newsletter distribution may also occur in connection with the sale of goods or services:

    If you purchase goods or services and provide your email address in this context, we may subsequently use this email address to send you newsletters. In such cases, the newsletter will contain only direct advertising for our own similar goods or services. The legal basis for sending newsletters following the sale of goods or services is Section 7(3) UWG (German Act Against Unfair Competition).

    You may object to receiving newsletters based on an existing customer relationship at any time.

    No data is disclosed to third parties in connection with newsletter distribution. The data is used exclusively for sending newsletters. Marketing emails are sent using HubSpot Mail, whose servers are located in the United States.

    Newsletter Tracking

    Please note that when sending newsletters, we analyze your user behavior to determine whether and when a newsletter has been opened. For this purpose, the emails sent contain so-called web beacons or tracking pixels, which are stored on our server and loaded when the newsletter is opened. Technical information such as browser type, opening time, and IP address is transmitted.

    For analysis purposes, we link this information and the web beacons to your email address and an individual ID. Links contained in newsletters also include this ID, enabling us to analyze your click behavior.

    Using the data collected in this way, we create a user profile in order to tailor the newsletter to your individual interests. We record when you read our newsletters, which links you click, and derive your personal interests from this information. We combine this data with actions you perform on our website. The legal basis for this data processing is your consent pursuant to Article 6(1)(a) GDPR.

    You may withdraw your consent at any time with effect for the future. In this case, the withdrawal applies to the entire newsletter, as a separate withdrawal of tracking consent is unfortunately not technically possible. To do so, simply click the unsubscribe link provided in every email.

    Such tracking is also not possible if you have disabled the display of images by default in your email program. In this case, the newsletter will not be displayed in full, and you may not be able to use all functions. If you manually display the images, the tracking described above will take place.

    The information collected through tracking will be stored for as long as you remain subscribed to the newsletter. After unsubscribing, the data will be anonymized and used solely for statistical purposes.

    The data you provide for the purpose of receiving the newsletter will be stored until you unsubscribe from the newsletter and will be deleted after cancellation of the subscription. Data stored by us for other purposes remains unaffected.

    Contact

    You have the option of contacting us via our email address, our chat service, or our callback request contact form. Any personal data transmitted to us in this way will, of course, be used solely for the purpose for which you provided it when contacting us. The legal basis for this processing is our legitimate interest in responding to your inquiry pursuant to Article 6(1)(f) GDPR.

    Where our contact form requests information that is not required to establish contact, we have always marked such fields as optional. This information helps us to better understand your request and to process your inquiry more efficiently. Providing this information is entirely voluntary and based on your consent pursuant to Article 6(1)(a) GDPR. Where such voluntary information relates to communication channels (for example, email address or telephone number), you also consent to us contacting you via these communication channels if necessary in order to respond to your request.

    You may withdraw this consent at any time with effect for the future. To do so, please contact us using the contact details provided above.

    The data collected in this context will be deleted once storage is no longer necessary, or processing will be restricted if statutory retention obligations apply.

    3. Registrations on the Website

    You may register in certain areas of our website in order to use additional functions and services. The data entered during registration will be used solely for the purpose of providing the respective offer or service for which you have registered, such as registering for an event or downloading an information brochure.

    The mandatory information requested during registration must be provided in full. Otherwise, we may refuse your registration.

    For important changes, such as modifications to the scope of services offered or technically necessary updates, we will use the email address provided during registration to inform you accordingly.

    The processing of the data entered during registration is based on your consent (Article 6(1)(a) GDPR). You may withdraw any consent you have given at any time. An informal notification by email is sufficient for this purpose.

    The withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

    In certain cases, we would also like to use the information obtained through registration to send you information about our product portfolio or other news by email. If we intend to use your registration data for these purposes, we will always inform you accordingly during the registration process. The legal basis for this processing is always your consent, which you provide when registering for the respective offers.

    The data collected during registration will be stored for as long as you remain registered on our website or for as long as the relevant service is required. If you have also consented to receiving information, we will store your data until you withdraw your consent. Statutory retention periods remain unaffected.

    4. Appointment Scheduling

    Calendly Interaction Tool

    This website uses Calendly.com, a scheduling and organization tool for the online appointment booking services offered. This site provides an external platform for arranging appointments. By using the appointment booking service, you automatically use the services of the American company Calendly LLC, 271 17th St NW, Ste 1000, Atlanta, Georgia 30363, USA.

    Data is transmitted there for the security and documentation purposes of Enit Systems. The collected data includes: name, company, email address, telephone number, annual electricity consumption, IP address at the time of booking, agreed appointment date, and agreed appointment time.

    This data is not shared with third parties and is used solely for the administration and organization of appointments as well as for internal statistics. By using the appointment booking service, you agree to this processing.

    By using Calendly, data may also be transferred to the USA, which is considered a third country that does not provide an adequate level of data protection. To safeguard such transfers, Calendly uses the Standard Contractual Clauses approved by the European Commission.

    Further information can be found on Calendly.com. Please read it carefully. Please note that the page is only available in English: Privacy Notice | Calendly.

    5. Applications

    You can apply online via our application portal at https://jobs.proalpha.com/de. Your online application will be transmitted directly to the Human Resources Department through an encrypted connection and will, of course, be treated confidentially.

    If you nevertheless choose to apply by email, we expressly point out that sending unencrypted emails or email attachments is not secure. Your information will be used to process your application and to decide on the establishment of an employment relationship. The legal basis for this processing is Section 26 (1) in conjunction with Section 26 (8) sentence 2 of the German Federal Data Protection Act (BDSG).

    Furthermore, your personal data may be processed insofar as this is necessary for the defense against legal claims asserted against us arising from the application process. The legal basis for this is Art. 6 (1) (f) GDPR. The stated purposes also constitute our legitimate interest in the processing.

    If an employment relationship is established between you and us, we may continue to process the personal data already received from you for purposes related to the employment relationship in accordance with Section 26 (1) BDSG, provided this is necessary for the implementation or termination of the employment relationship or for exercising or fulfilling rights and obligations arising from laws, collective agreements, works agreements, service agreements, or employee representation requirements.

    No processing of your application data beyond the purposes described above will take place. Your personal data will be deleted no later than six months after completion of the application process, unless other legitimate interests on our part prevent deletion or you have given your consent to a longer storage period. Such a legitimate interest may, for example, arise from obligations to provide evidence in proceedings under the German General Equal Treatment Act (AGG).

    Further information on data protection in the application process can be found in the corresponding privacy notice on our careers page.

    6. Customers

    As our customer, we value you as a reliable and trusted partner. For this reason, the protection of your data is of great importance to us. We would therefore like to inform you below about how we process your data and how you can exercise the rights granted to you under the General Data Protection Regulation (GDPR).

    Which personal data we process and for what purpose depends on the respective contractual relationship.

    Information about the controller responsible for data processing and, where applicable, our Data Protection Officer can be found in this Privacy Notice.

    What Data We Use

    We process your personal data when you enter into a business relationship with us, when you send us an inquiry regarding our products, or when you work with us on projects. In addition, we process your personal data, among other things, to comply with legal obligations, to protect legitimate interests, or based on your consent.

    Depending on the legal basis, the following categories of personal data may be processed in particular:

    • First name, last name
    • Communication data (telephone number, email address)
    • Department
    • Account information, in particular registrations and logins

    Sources from Which the Data Originate

    We process personal data that we receive directly from you, from our customers, service providers and suppliers, or from other companies within the Proalpha Group.

    Purposes for Which Your Data Is Used

    We process your personal data in particular in compliance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and all other applicable legal provisions.

    Based on Your Consent (Art. 6 (1) (a) GDPR)

    If you have voluntarily given us your consent to collect, process, or transfer certain personal data, this consent forms the legal basis for processing such data. The purposes of the processing will be communicated to you when your consent is obtained.

    In particular, we process your personal data based on your consent in the following cases:

    • Sending email newsletters
    • Personalized newsletter tracking
    • Market research (e.g., customer satisfaction surveys)
    • Marketing and advertising – creation of customer profiles

    For the Performance of a Contract (Art. 6 (1) (b) GDPR)

    We process your data insofar as this is necessary to maintain contractual relationships with you, perform ongoing contracts, and communicate with you.

    • Management and performance of contractual relationships
    • Contact and correspondence

    Based on Our Legitimate Interest (Art. 6 (1) (f) GDPR)

    In certain cases, we process your data to safeguard our legitimate interests or those of third parties, in particular for:

    • Direct marketing or market and opinion research
    • Centralized customer data management within the Proalpha Group
    • Communication and collaboration within projects
    • Provision of communication tools for cooperation and collaboration

    To Whom Your Data Is Disclosed

    As a general principle, we do not disclose your data to third parties. However, in order to fulfill our contractual and legal obligations, it may be necessary to share your data with other parties, such as public authorities or external service providers.

    Where necessary for the fulfillment of our contractual obligations or for internal administrative purposes, data may be shared with other companies within the Proalpha Group. An up-to-date list of our affiliated companies can always be found on our website.

    External service providers:

    • IT service providers (e.g., maintenance providers, hosting providers)
    • Printing services
    • Telecommunications services
    • Marketing or sales service providers
    • Mailing service providers (letter shops)

    If you have any further questions regarding individual recipients of your data, please contact us using the contact details provided above.

    Will Your Data Be Transferred to Countries Outside the European Union (So-Called Third Countries)?

    Countries outside the European Union (and the European Economic Area – EEA) apply different standards for the protection of personal data than countries within the European Union. For the processing of your data, we also use service providers that are located in third countries outside the European Union.

    For some of these third countries, there is currently no decision by the European Commission confirming that they generally provide an adequate level of data protection.

    We have therefore implemented special measures to ensure that your data is processed in third countries with the same level of security as within the European Union. With service providers in third countries, as well as within our corporate group, we conclude the Standard Contractual Clauses provided by the European Commission. These clauses provide appropriate safeguards for the protection of your data when processed by service providers in third countries.

    We have also ensured, through contractual and organizational measures within our corporate group, that the legal requirements for transfers to third countries are fully complied with.

    How Long Will Your Data Be Stored?

    We store your personal data for as long as it is required for the respective purpose and as long as it is necessary to fulfill our legal and contractual obligations.

    If the storage of the data is no longer required for the fulfillment of contractual or legal obligations, your data will be deleted unless further processing is necessary to comply with statutory retention requirements or to retain data until the expiration of applicable limitation periods.

    The same applies if you withdraw your consent.

    7. Social Media

    We maintain channels on various social media platforms in order to communicate directly with you and to provide information about interesting news and developments from our company.

    In this context, we process data of visitors to our channels, in particular information about user interactions (e.g. likes, comments, retweets), demographic and statistical data, as well as data transmitted to us through messages and comments.

    Please note that when using these social networks, the respective platform providers also have access to your data. Such data may be used by these providers for market research and advertising purposes. We have no further knowledge of the data processing activities carried out by the operators of the respective social media platforms.

    We would also like to point out that the links to the respective platforms integrated on our website are merely hyperlinks. Data processing by the platforms only takes place when you visit them.

    The processing of personal data of visitors to our online presences is based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR. Our legitimate interest consists of maintaining communication with our customers and informing them about news related to our products.

    Please note that data processed through social media platforms and networks may, in some cases, be processed outside the European Economic Area (EEA).

    For a comprehensive description of the respective data processing activities and available opt-out options, please refer to the privacy information provided by the respective platform operators.

    Use of Social Plugins and Embedded Functions

    YouTube

    We use services provided by YouTube on our website, a video content provider operated by Google LLC. The responsible service provider within the European Union is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). This serves to improve our online offering.

    This always requires that the providers of such content (hereinafter referred to as "third-party providers") receive the users' IP addresses, as they would otherwise be unable to transmit the content to the respective user's browser. The IP address is therefore necessary for the display of this content.

    We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. However, we have no influence on whether third-party providers store the IP address, for example for statistical purposes. To the extent that we are aware of such processing, we inform users accordingly.

    The legal basis for this data processing and the possibility of withdrawal is your consent pursuant to Art. 6 (1) (a) GDPR. You may revoke your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed at the bottom left) and changing your selection there.

    YouTube / Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland)

    Privacy Policy:
    Google Privacy Policy

    Opt-Out:
    Google Ads Settings (Opt-Out)

    LinkedIn Widget

    We use the LinkedIn Widget on our website. The service provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This service is used to improve our online offering and facilitate communication.

    The use of this service always requires that the providers of the content (hereinafter referred to as "third-party providers") receive the users' IP addresses. Without the IP address, they would not be able to transmit the content to the user's browser. The IP address is therefore required for the display of this content.

    We make every effort to use only content whose providers use the IP address solely for the delivery of the content. However, we have no influence over whether third-party providers store the IP address, for example for statistical purposes. To the extent that we are aware of such processing, we inform users accordingly.

    The legal basis for this data processing and the possibility of withdrawal is your consent pursuant to Art. 6 (1) (a) GDPR. You may withdraw your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform (fingerprint icon displayed at the bottom left) and changing your selection there.

    LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)

    Privacy Policy:
    LinkedIn Privacy Policy

    Opt-Out:
    LinkedIn Retargeting Opt-Out

    Vimeo

    We use the services of Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA ("Vimeo"), to provide video content. These videos are loaded from or transmitted via Vimeo. In the process, your data may be transferred to Vimeo. By integrating Vimeo videos, we aim to make our online services more interesting and attractive for users and to improve the presentation of content related to the use of our products.

    When you access a page that contains an embedded Vimeo video, a connection to Vimeo's servers is normally established and data is transmitted to servers in the USA. This informs Vimeo's servers which website you have visited. However, the use of our consent management tool prevents this connection from being established unless you have consented to the data processing associated with Vimeo. Therefore, no data is transferred to Vimeo without your consent.

    If you consent to Vimeo data processing through our consent management tool, you agree that data about you may be transmitted to Vimeo through cookies and similar technologies used by Vimeo when you watch a video, regardless of whether you have a Vimeo account. This includes, among other things, your IP address, technical information about your browser type, operating system, and basic device information.

    If you are logged into Vimeo at that time, information about the videos you watch may be associated with your Vimeo account. You can prevent this by logging out of your Vimeo account before visiting the platform.

    Vimeo is headquartered in the United States and also uses data centers located in the USA to provide its services. Your data may therefore be processed on servers in the United States.

    The legal basis for the data processing described above is your consent pursuant to Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. You may withdraw your consent at any time with effect for the future.

    Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA ("Vimeo")

    Privacy Policy:
    Vimeo Privacy Policy

    8. Data Transfer

    Transfer to Companies within the Proalpha Group

    As a general rule, your data is not transferred to third parties outside the Proalpha Group unless we are legally obliged to do so, the transfer is necessary for the performance of a contractual relationship, or you have expressly consented to the transfer of your data. External service providers and partner companies receive your data only to the extent necessary for processing your request. In such cases, the scope of the transmitted data is limited to the minimum required.

    Certain services within our corporate group are provided centrally by individual group companies. Therefore, in the context of order processing, customer support, marketing activities, or for internal administrative and analytical purposes, data may be shared within the group. Only the data strictly necessary for the respective purpose is transferred and is deleted once the purpose no longer applies and any statutory retention periods have expired.

    Through internal agreements and policies, we have ensured that the integrity and security of data transferred in this manner are always protected.

    Transfer to External Service Providers

    Your data may be transferred to service partners if they act on our behalf and support Proalpha in providing its services.

    The processing of your personal data by commissioned service providers takes place within the framework of data processing agreements pursuant to Art. 28 GDPR. These service providers are granted access only to the personal information necessary for carrying out their respective tasks. They are prohibited from disclosing your personal information or using it for any other purposes, particularly for their own advertising purposes.

    Where external service providers have access to your personal data, we ensure through legal, technical, and organizational measures, as well as regular audits, that they comply with applicable data protection regulations.

    Your personal data is not commercially disclosed to other companies.

    9. Data Subject Rights

    General Rights

    You have the right to access, rectify, erase, restrict processing of, object to the processing of, and receive a copy of your personal data in a portable format (data portability). Where processing is based on your consent, you have the right to withdraw that consent at any time with effect for the future.

    Rights Regarding Processing Based on Legitimate Interests

    Pursuant to Art. 21 (1) GDPR, you have the right, on grounds relating to your particular situation, to object at any time to the processing of your personal data where such processing is based on Art. 6 (1) (e) GDPR (processing in the public interest) or Art. 6 (1) (f) GDPR (processing for legitimate interests). This also applies to profiling based on these provisions.

    If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or unless the processing serves the establishment, exercise, or defense of legal claims.

    Rights Regarding Direct Marketing

    Where we process your personal data for direct marketing purposes, you have the right under Art. 21 (2) GDPR to object at any time to the processing of your personal data for such marketing purposes. This also applies to profiling insofar as it is related to direct marketing.

    If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

    Right to Lodge a Complaint with a Supervisory Authority

    You also have the right to lodge a complaint with a competent data protection supervisory authority regarding our processing of your personal data.

    10. Data Security

    We have implemented extensive technical and organizational security measures to protect your data against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological developments.

    11. Version of the Privacy Notice

    This Privacy Notice is continuously updated as part of the ongoing development of the Internet and our services. Any changes will be announced on this page in due time.

    To stay informed about the current version of our Privacy Notice, you should visit this page regularly.

    Version: 06/2026