1. What is personal data?
Personal data is all information relating to an identified or identifiable natural person. This may involve data that can be personally related to you, for example names, addresses, email addresses, or user behaviour.
2. Data Controller and Data Protection Officer
The data controller pursuant to Article 4 no. 7 of the General Data Protection Regulation (GDPR) is Datos-Intelligence GmbH, Lohmühlenstraße 65, 12435 Berlin.
We have designated a data protection officer. You may contact our data protection officer under the postal address above – for the attention of the „Data Protection Officer“– and under the email address email@example.com
3. What personal data do we collect?
Our website is primarily for informational use. Interested users can inform themselves about our company and our products and services. The data and information we collect can be categorized as follows:
Automatically collected data: When you access and use our website, we automatically collect information, including personal data, about the technologies you use and information about how you use these and our website.
Data and information provided by you: If you contact us with questions about our company and our products, we will store and process your personal data transmitted with the inquiry. If necessary, we will contact you and request further data and information to process your inquiry to your full satisfaction.
4. How do we use the data we collect from you? On what legal basis is the use based?
We use, store and process information, including personal data, on you, for the following purposes and on the following legal basis:
Provision, improvement, development and security of the websites: We use log files to make the website, including its functionalities, available to you. We also use the information and data to optimize our website and to ensure the security of our IT systems. For this purpose, your IP address must remain stored for the duration of the session.
We use log files as part of our legitimate interest in the availability and continuous development of our website. The legal basis for the use of the log files is Article 6 (1) (f) GDPR.
Analysis: We use the information and data generated by cookies to analyse the use of our website. This enables us to find out more about the number of visits to a web page, user behaviour or the length of your stay and to draw conclusions about which content on our website is particularly interesting and which is less interesting for visitors. Usage patterns illuminate areas of a website that are confusing or underused, allowing us to improve customer experience and build better features. Technical data help us to perform root cause analysis as bugs and errors are often particular to a specific web browser or device type. This information helps us build and ship fixes faster. For these purposes, we use the analytical service of
Google Analytics of Google, LLC, 1600 Amphitheatre Pkwy, Mountain View, CA 94043, US. This is a tool that provides us with information about the use of the website. The information and data are collected these cookies are transferred to Google. Google will use this information to compile aggregated evaluations of the use of our website.
Further Information about Google Analytics can be found under http://www.google.com/intl/de/analytics/learn/privacy.html.
FullStory provided by FullStory, Inc., 1745 Peachtree St. NW ·, Atlanta, Georgia, 30309, US. FullStory allows us to track how users navigate through our website and which contents are interesting for them. For this purpose, usage patterns (i.e., mouse movements, clicks, typing), technical data (browser, device type, operating system, viewfinder size, script errors), and navigation data (pages visited, referrers, URL parameters, session duration) are processed.
Further Information about FullStory can be found under https://www.fullstory.com/resources/fullstory-gdpr-you/.
CrazyEgg provided by Crazy Egg, Inc. 6220 E. Ridgeview Lane, La Mirada, CA , 90638, US. CrazyEgg allows us to track how users navigate through our website and which contents are interesting for them. For this purpose, CrazyEgg provides heatmaps, scrollmaps and click reports on the basis of usage patterns (i.e., mouse movements, clicks, typing). These information illuminate areas of a website that are confusing or underused, allowing us to improve customer experience and build better features. Technical data help us to perform root cause analysis as bugs and errors are often particular to a specific web browser or device type. This information helps us build and ship fixes faster.
Further Information about CrazyEgg can be found under https://help.crazyegg.com/article/165-crazy-eggs-gdpr-readiness.
Segment, a tool provided by Segment.io, Inc., 100 California Street Suite 700 San Francisco, CA 94111, US. This service simplifies collecting and using data from the use of our website. It enables us to enrich the customer data we collect by connecting data from other tools (like the above), and then aggregate it to monitor performance and create uniquely customized user experiences.
Further Information about Segment can be found under https://segment.com/product/gdpr/.
Please note that the data retrieved from the described tools exist in pseudonymized form without personal information directly and without further ado identifying you as a person. We further configured the tools so that the data do only contain as less information as required to achieve the analytical purposes. In particular, we have activated the IP anonymization option which masks your IP address before it is transmitted to the providers’ servers in the US. This procedure makes the IP address untraceable.
Once you visit our website, we will ask you to provide your consent to the implementation of cookies for analytical purposes. The legal basis is Article 6 (1) (a) GDPR.
Communication: We use the data that we request from you or that you provide to us in connection with your enquiry when you contact us in order to respond to your enquiry as quickly and efficiently as possible. You may contact us through customary means (i.e., e-mail or postal service) and via our live-chat opportunity which we implemented into our website. The messenger tool comes from Intercom, a solution provided by Intercom, Inc.,19505 52Nd Ave W Ste A Lynnwood, WA 98036, US. This tool places cookies on your device creating a unique identifier and keeping track of the conversations. Information on how Intercom complies with applicable data protection standard can be found here: https://www.intercom.com/help/en/articles/1385437-how-intercom-complies-with-gdpr.
The use of your data in the context of communication with you generally corresponds to our legitimate interest pursuant to Article 6 (1) (f) GDPR.
5. Will the data and information on me be shared with others?
Generally, the data and information obtained from you are only shared with others according to the need-to-know principle. Only the relevant departments and contact persons receive insight into your personal data to the extent necessary to enable them to perform their tasks.
Besides that, we will share the information and data processed through cookies with our cooperation and service partners as explained above.
6. Will data also be transmitted to recipients outside the European Union or outside the European Economic Area (EEA)?
We share personal information with contractors located in non-EEA countries. We ensure that the recipient either has an adequate level of data protection (e.g. based on an adequacy decision of the EU Commission for the respective country, a self-certification of the recipient for the EU-US Privacy Shield or the agreement of so-called EU standard contractual clauses of the European Union with the recipient) or sufficient consent.
We can provide you with an overview of the recipients in third countries and a copy of the concretely agreed regulations to ensure the appropriate level of data protection. Please contact our data protection officer under the e-mail address indicated above.
7. How long will my data be stored?
We only store your data provided to us for as long as it is necessary to fulfil the respective purpose for which you have transmitted your data to us or to comply with legal requirements.
Log files are erased once the respective session has ended. Log files for security purposes and as a precaution against attacks on our websites are automatically erased after 7 days at the latest.
The data and information obtained by analytical service providers are automatically erased after a pre-determined period (in case of Google Analytics 14 months).
8. What rights do I have?
In accordance with applicable data protection law, you have the right to access, to rectification, to portability and to erasure of your personal data. You have the right at any time to withdraw your consent with specific data processing operations. In case of cookies you can withdraw your consent by deleting the cookies from your device using the respective functionalities of your browser. Further, you can prevent the storage of cookies in various ways, by
Setting your browser not to accept cookies. However, we would like to point out that in this case you may not be able to use all the functions of our website to their full extent.
Downloading and installing the browser add-on offered by Google for "Google Analytics” under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
Downloading and installing the browser add-on offered by FullStory under the following link: https://www.fullstory.com/optout/.
Downloading and installing the browser add-on offered by CrazyEgg under the following link: https://www.crazyegg.com/opt-out.
You have the right to object to processing of personal data which is based on our legitimate interests according to Article 6 (1) (f) GDPR.
To exercise your rights, please contact us or our data protection officer by e-mail contact[at]y42.com or privacy[at]y42.com, by postal service under the address indicated above.
Your right of complaint to a supervisory authority: Without prejudice to the rights described above, you have the right of complaint to a supervisory authority, in particular in the Member State of your place of residence, work or suspected infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.
The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
9. No automated decision-making
We do not use technologies allowing automated decision-making, including profiling.