Privacy policy

(effective 11/19/2018)

1. Data protection at a glance

General information

The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.

Data collection on our website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.

How do we collect your data?
Your data is collected on the one hand by you providing it to us. This can be, for example, data that you enter in a contact form.

Other data is automatically collected by our IT systems when you visit the website. This is mainly technical data (e.g., internet browser, operating system, or time of page view). The collection of this data takes place automatically as soon as you enter our website.

What do we use your data for?
Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyse your user behaviour.

What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking, or deletion of this data. For this purpose as well as for further questions on the subject of data protection, you can contact us at any time at the address given in the imprint. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

Third-party analytics and tools

When visiting our website, your surfing behaviour can be statistically evaluated. This is done primarily with cookies and with so-called analysis programs. The analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this in the following data protection declaration.

You can object to this analysis. We will inform you about the objection options in this privacy policy.

2. General information and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data are collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission on the Internet (e.g., communication by email) can have security gaps. A complete protection of the data against access by third parties is not possible.

Note on the responsible body

The data controller for this website is:

Spirit Link GmbH
Röthelheimallee H5
Allee am Röthelheimpark 41
D-91052 Erlangen
Phone: +49 (0) 91 31 / 97 792-0
Email: info@spiritlink.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right of appeal to the competent supervisory authority

In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection commissioner of the federal state in which our company is based. A list of the data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction, blocking, or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.

Objection to advertising mails

The use of contact data published within the framework of the imprint obligation for the purpose of sending advertising and information material not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

3. Data protection officer

Data protection officer required by law

Spirit Link GmbH
Gunther Tutein
Allee am Röthelheimpark 41
D-91052 Erlangen

Phone: +49 (0) 91 31 / 97 792-0
Email: datenschutz@spiritlink.de

4. Data collection on our website

Cookies

The internet pages partly use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g., shopping cart function) are stored on the basis of Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g., cookies to analyse your surfing behaviour) are stored, these will be treated separately in this data protection declaration.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • operating system used
  • referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The basis for data processing is Art. 6 (1) lit. f DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The processing of the data entered in the contact form is therefore based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.

5. Analysis tools and advertising

Matomo

Scope of the processing

We use Matomo to analyze the behavior of website visitors to identify potential threats, "Not Found" pages, or search engine indexing issues, or to find out what content is most popular. Once the data is processed (e.g., number of visitors hitting a "Not Found" page, those viewing only a single page, etc.), Matomo generates reports based on which Spirit Link can take action, such as changing the layout of pages, publishing new content ... etc. If you call up individual pages on our website, the following data is processed: IP address, custom dimensions, user location, date and time, title of page viewed, URL of page viewed, URL of page viewed before current page, screen resolution, time in local time zone, country, region, city, main browser language, browser product, and version information (user agent), session record, mouse events (movements, content forms and clicks), and form interactions.

Purpose and legal basis

The processing of the above-mentioned personal data serves the purpose of analysing the usage behaviour and habits of our users so that we can further develop the website and increase its attractiveness, in particular the findability of interesting content and user-friendliness. Our legitimate interest in processing the data lies in these purposes.

Duration of storage and transfer

A storage of personal data does not take place because of the immediate anonymization (see above). Matomo is operated exclusively on our own servers, so no data is transmitted to third parties.

6. Plugins and tools

Vimeo

Our website uses plugins of the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account.

For more information on how Vimeo handles user data, please see Vimeo's privacy policy at: https://vimeo.com/privacy.

7. Online presence in social media

We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there.

We would like to point out that user data may be processed outside the European Union. This may result in risks for the users, because it could, for example, make it more difficult to enforce the rights of the users. With regard to US providers certified under the Privacy Shield, we point out that they thereby undertake to comply with the data protection standards of the EU.

Furthermore, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behaviour and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the computers of the users, in which the usage behaviour and the interests of the users are stored. Furthermore, data may also be stored in the usage profiles regardless of the devices used by the users (in particular if the users are members of the respective platforms and are logged in to them).

The processing of the personal data of the users is based on our legitimate interests in effective information of the users and communication with the users pursuant to Art. 6 para. 1 lit. f. DSGVO. If the users are asked by the respective providers of the platforms for consent to the aforementioned data processing, the legal basis of the processing is Art. 6 para. 1 lit. a., Art. 7 DSGVO.

For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the following linked information of the providers.

Also in the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, you can contact us.

Facebook, pages, groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on the basis of an agreement on joint processing of personal data – Privacy Policy: https://www.facebook.com/about/privacy/,
specifically for pages: https://www.facebook.com/legal/terms/information_about_page_insights_data,
opt out: https://www.facebook.com/settings?tab=ads
and http://www.youronlinechoices.com,
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – Privacy Policy https://www.linkedin.com/legal/privacy-policy,
opt out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out,
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) – Privacy Policy/ Opt Out: https://privacy.xing.com/de/datenschutzerklaerung.

8. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the specified email address and agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the email address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g., email addresses for the member area) remains unaffected by this.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. CleverReach is a service with which the newsletter dispatch can be organised and analysed. The data you enter for the purpose of receiving newsletters (e.g., email address) is stored on CleverReach's servers in Germany or Ireland.

Our newsletters sent with CleverReach allow us to analyze the behavior of newsletter recipients. Among other things, we can analyze how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analysed whether a predefined action (e.g., purchase of a product on our website) has taken place after clicking on the link in the newsletter. For more information on data analysis through CleverReach newsletters, please visit: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

If you do not want any analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also unsubscribe directly on the website.

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of CleverReach after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.

For more details, please see CleverReach's privacy policy at: https://www.cleverreach.com/de/datenschutz/.

Conclusion of a contract on order processing

We have concluded an order processing contract with CleverReach and fully implement the strict requirements of the German data protection authorities when using CleverReach.