I. Collection, processing and use of personal data
Each time you visit our website, which can be accessed at elaine.io, artegic.de, www.artegic.com, artegic.net and artegic.it, we will automatically collect and process personal data. The following data are collected for the purposes of compiling visitor statistics regarding the use of this website to ensure that the website is convenient to use and to guarantee the security and stability of the system:
- date and visit of the URL which the visitor is currently using,
- URL which the visitor visited immediately beforehand,
- name of the data accessed,
- browser used,
- if applicable, the operating system used,
- the abbreviated IP address of the visitor
The legal basis for the data processing is Article 6 (1) (f) GDPR. Our legitimate interest is derived from the purposes of the data collection listed above.
The data will be deleted once they are no longer required to achieve the purpose for which they are collected. In the event of the data being stored in log files, this is the case after seven days at the latest. It is possible to store data for longer than this. In this case, the IP addresses of the users will be deleted or modified, so that the data can no longer be assigned to the client accessing the website.
For this purpose, the information about usage obtained by the cookie is transmitted to us and stored so that usage behavior can be evaluated. Your IP address is anonymized immediately; thus you remain anonymous as a user. The information generated by the cookie about your use of this website will not be disclosed to third parties.
The processed personal data will be deleted or anonymized after 13 months.
IV. Social Media Appearances
In addition to this website, we also maintain presences in various social networks to present our products and services to you and to present our company to interested parties. As far as you visit one of our presences, personal data are transmitted to the provider of the social network and processed by him. You will be regularly profiled by the social network to show you advertising within or outside the social networks based on your interests. Depending on the social network, your data will be processed by the social media outside the European Union. The data processing takes place on the basis of Article 6 (1) (f) GDPR. Our legitimate interest in the above-mentioned processing purpose, to present our products and services in accordance with our interests and to present our company. In contrast to some social networks, you have also given your consent to data processing by confirming a checkbox. In this case, the legal basis is Art. 6 (1) (a), Art. 7 GDPR. You can object to the data processing. The providers of social networks offer various opt-out options for this. Below you will find the corresponding links with further details of the respective providers:
- You may assert your rights as a person affected (for more details see section IX. Rights of parties concerned) against us or the respective providers of the social networks. Please note, however, that the processed personal data is held by the provider and we have no access to it. Your rights can therefore be most effectively asserted against the respective provider.
In particular, the following special features exist for the social media networks:
You can identify Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, by the Facebook logo (a white “f” on a blue background and/or the “thumbs up” symbol). Detailed information about the appearance of the Facebook social plugins can be found at https://developers.facebook.com/docs/plugins/. If you enable our Facebook button within the framework of the 2-click solution, a connection is established to the Facebook servers, and the Facebook plugin shown, e.g. the “Like” button, will be downloaded by means of a notification to your browser on the website. Facebook is certified under the privacy shield agreement and, as a result, guarantees that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). We do not have any influence over the amount of data collected by Facebook with the aid of this plugin. However, it is currently to be assumed that Facebook obtains the information that you have accessed the relevant page of our website. If you are logged in as a member of Facebook, Facebook allocates this information to your personal Facebook user account. When you use the plugin functions (e.g. clicking on the “Like button” or making a comment), this information is also associated with your Facebook account, which you can only prevent by logging out before using the plugin. The active use of Facebook plugins is subject to the data protection conditions and terms of service of Facebook Inc. Information about the collection, storage and use of your data by Facebook Inc. can be found in the Facebook data privacy guidelines (https://www.facebook.com/about/privacy/) and the privacy guidelines.
You can identify Twitter, Twitter Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, by the Twitter logo (a white “t” on a blue background or a small white “bird”, both of which may possibly be linked to the additional word “tweet”). If you enable the Twitter button within the framework of the 2-click solution, a connection is established to www.twitter.com and the Twitter plugin is thereby downloaded by means of a notification to your browser on the respective webpage. If you are simultaneously logged in to Twitter, a reference will be made to our website in your Twitter account in the form of a so-called tweet. In this case as well, the relevant information is transmitted directly from the plugin to Twitter in the USA and is made visible to all of the third parties who can read your Tweets. Twitter is certified under the privacy shield agreement and, as a result, guarantees that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). If you would like to learn more about the purpose and use of your data and the further use thereof by Twitter, please visit http://twitter.com/privacy. You can find out more details about the tweet button at https://dev.twitter.com/web/tweet-button. You can object to processing by Twitter Inc. and set an opt-out cookie at https://twitter.com/personalization.
From time to time, you have the opportunity to take part in contests at trade fairs, on our website or on other occasions. In the course of this, personal data such as your first and last name, your e-mail address and your address may be collected and stored for the purpose of processing the competition in accordance with the respective conditions of participation The personal data collected will be processed exclusively on the basis for the purpose of handling the sweepstakes; the legal basis is Article 6 (1) lit. b DS-GVO; unless you have expressly consented to processing for other purposes.
In the case of personalized prizes – such as tickets for congresses or trade fairs – it may be that we transmit your name and contact details including e-mail address to the persons responsible for the personalization, such as the operator of the trade fair or its service provider; this is for the personalization. We will explicitly point this out to you in the terms and conditions of the respective competition and the corresponding landing page.
We will not publish the winner’s name or place of residence without her/his express consent.
After the end of the competition, your data will be deleted unless you have expressly consented to the processing for other purposes.
VI. Communication Channels
You can register to receive our newsletter on the subject of “Marketing Engineering” on our web pages. By subscribing to the Marketing Engineering newsletter, you will regularly receive tips, studies, information and details of best practice regarding digital dialogue marketing and CRM. At the same time, you will receive up-to-date information on our company and our services by email. In any event, we will require your email address for the registration. You can provide us with other information on a voluntary basis such as e.g. your name, so that we can address you personally. When you subscribe to our newsletter you will receive an email in which you will be asked to confirm your newsletter subscription (double opt-in process). Your subscription to the newsletter will not become active until you click on the confirmation link contained therein. If you do not click on the link, your data will be automatically deleted again after 30 days. In this way we can ensure that no third party has misused your personal data. In order to adapt the newsletter to your personal interests, we process the following data in addition to the personal data collected when ordering the newsletter:
- Email and link opening rate,
- Data of the mobile device used,
- Location data based on the IP address,
- Reachability of the email address,
- Recommendation via social networks such as Facebook or Twitter.
We will save your opt-in data for demonstrability reasons. This includes your email address, your IP address, the date, the time and information about the communication received.
The legal basis for the dispatch of the newsletter is Article 6 (1) (a) and Article 7 GDPR. The proof of consent is logged on the basis of Article 6 (1) (f) GDPR. Our legitimate interest is derived from the need to furnish proof of granted consent. To this end, we can store the data for up to three years after you unsubscribe from the newsletter.
We offer you a variety of materials such as e.g. white papers, checklists, studies, or handouts regarding our products on our website, which we will send them free of charge on request. This is done solely on the basis of our download conditions. In order to send you the requested documents electronically, we will need your contact data especially your email address. As part of the process, you will receive an email in which you will be asked to confirm your email address and your consent in getting contacted (double opt-in procedure). After you activate the confirmation link, the materials will be sent to the confirmed email address. If you do not click on the link, your data will be automatically deleted again after 30 days. The documents are therefore sent on the basis of Article 6 (1) (b) GDPR and the contacting on the basis of Article 6 (1) (a), Article 7 GDPR. You can object to your consent at any time. The logging to proof your consent occurs on basis of Article 6 (1) (f) GDPR. Following the termination of the contract, your personal data will be kept in accordance with the statutory storage obligations and subsequently deleted.
In order to get in contact with us, the following personal data are also collected by the contact forms provided: your first name and surname, your email address and your message. You can also provide us with further details such as the company, address, or phone number. The personal data collected are exclusively used to respond to your enquiry. Following processing of your enquiry, the data will be deleted by us, provided that they do not have to be kept for longer periods for demonstrability reasons, ongoing customer service, or relevant statutory storage periods. The data will be processed for the purpose of contacting us in the event of pre-contractual measures or questions regarding the execution of the contract in accordance with Article 6 (1) (b) GDPR. We reserve the right to pass on inquiries on pre-contractual or contractual matters addressed to us from outside the EU or concerning business outside the EU to our local distribution partners, but not to third countries outside the EEA without an adequacy decision (Article 45 GPDR) on basis of Article. 6 (1) (b) f. GDPR.
We also answer contact inquiries from other occasions on the basis of Article. 6 (1) (b) f. GDPR. Our legitimate interest lies in answering your inquiry.
- On our website, we publish current vacancies which you are welcome to apply for. In order to process your application, we will process the personal data provided by you when you send the application documents. In the process, selected service providers gain access to your data, which supports us in the context of applicant management. The legal basis for this data processing is Section 26 of the German Data Protection Act (new). If an employment contract is concluded between you and us, the data will be processed for the implementation of the employment relationship in compliance with the statutory storage obligations. If you receive a rejection from us, the application documents provided will be kept by us for a further six months in pursuance of Article 6 (1) (f) GDPR and subsequently deleted. This is done so that we are still able to objectively justify the selection of candidate even after the conclusion of the application process, for example in court proceedings. If additional storage is required, specific consent to this in pursuance of Article 6 (1) (a) GDPR will be obtained from the applicant, who can withdraw this at any time by sending an email to info@ELAINE.io.
- ELAINE technologies GmbH is open to the use of new forms of application. For this reason, we also use the mobile recruiting app “Truffles” from Truffles GmbH, Chausseestraße 86, 10115 Berlin. If you should decide in favour of us on this app by a swipe, we will first receive an anonymous short profile. If we confirm your interest, the personal data provided by you – usually first and last name, photograph and, if applicable, curriculum vitae – will be displayed. As with a classic application, the legal basis for this data processing is § 26 BDSG (new). If an employment contract is concluded between the candidate and us, the data will be processed for the implementation of the employment relationship in compliance with the statutory storage obligations. If the candidate receives a rejection from us, the application documents provided will be kept by us for a further six months in pursuance of Article 6 (1) (f) GDPR and then be deleted. This is done in order to be able to objectively justify the selection of applicants even after completion of the application procedure, for example in court proceedings. This is done so that we are still able to objectively justify the selection of candidate even after the conclusion of the application process, for example in court proceedings. If additional storage is required, specific consent to this in pursuance of Article 6 (1) (a) GDPR will be obtained from the applicant, who can withdraw this at any time by sending an email to info@ELAINE.io.
We offer webinars at regular intervals. Webinars are used for communication between us and a group of individuals who register online for a digital conference for the purposes of obtaining information. On registering, you are concluding a contract with us regarding the conducting of the webinar. As part of the registration process, we will therefore require your first name and surname, your email address and your phone number in order to conduct the webinar. The processing of your personal data is carried out on the basis of Article 6 (1) (b) GDPR. Both before the webinar and as a follow-up to the webinar, you will receive information related to the webinar from us. We also reserve the right to send participants to webinars, downloads and other events with similar topics, unless the participants have objected to this. The participants can object to the use at any time without incurring any costs other than the transmission costs according to the prime rates.
We conduct some of these webinars with a Partner (“partner webinar”). This is explicitly indicated on the registration page and in the terms and conditions for the respective webinar. In this case, we share your registration data with the partner. In the course of the preparation and follow-up of a partner webinar, you may also receive information from the partner in connection with the webinar. The partner will responsibly inform you about possible further uses of your data for the Partner’s own purposes.
Your personal data will be kept following the termination of the contract in accordance with the statutory storage obligations and subsequently deleted.
We approach our customers at regular intervals in order to ask them about their satisfaction with our services. We use the „SurveyLegend“ software from SurveyLegend AB, Hamngatan 4, 211 22, Malmö, Sweden (For details, see the SurveyLegend for respondents privacy notice: https://www.surveylegend.com/gdpr-compliance/gdpr-for-respondents/). If we do not carry out the surveys in an anonymous form, the survey is carried out on the basis of your express consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. In the course of the survey we process technical data such as your IP address and device information, your first and last name, your contact data such as email address or telephone number, as well as content data according to your entries. After completion and evaluation of the customer survey, the personal data will be deleted. The maximum storage period is three months.
To enable an encrypted file exchange between us and our customers, we use the software „Cryptshare“ of Befine Solutions AG. In the course of this, the customer can have himself verified by us for encrypted dispatch by stating his first and last name, his telephone number, and e-mail address. The data provided is used exclusively for the purpose of sending the files/messages provided in an encrypted form as part of the contractual relationship. The legal basis is to be seen in Art. 6 para. 1 sentence 1 letter b GDPR.The data is deleted after 180 days.
BY PAPER MAIL, FAX AND E-MAIL
If you contact us by (paper) mail, by fax, or by email we will process the data you provide in the massage in order to respond to you and otherwise contact you or process and respond to your submission. The explanations regarding the contact form apply accordingly. You can also request by paper mail our materials offered for download, such as white papers, checklists, studies or handouts: ELAINE technologies GmbH, Zanderstraße 7, 53177 Bonn, Germany. We will then use your data for any queries and for sending the materials.
We use the service emlen.io, of the emlen GmbH, Dudweilerstraße 71. 66111 Saarbrücken (emlen) – privacy statement (https://www.emlen.io/emlen-datenschutz), to make certain unofficial documents, like whitepapers and case studies, available for online customers and interested persons.
Therefore – your approval provided – a personalized access-account is created, for which we ourselves or emlen process your name, your professional position, your opt-in-data and you email address as well as the provided documents. If you log in at emlien.io, certain interaction with the documents will be processed, especially the documents that you opened including the point in time (date and exact time); therefore an additional approval will be requested, without wich you can use emlen, but only with reservations. While using emlen, data to your devide, your browser and you IP-address will be constantly processed, to make the service technically available.
In order to facilitate the service, emlen sets technically required cookies. If you agree to the processing of your interactive data, the evaluation of the cookies will be personalized, if not, there will be no connection with your aforementioned data and the cookies remain anonymized.
The certificate of the approval is protocolled based on the Article 6 (1) (f) GDPR. Our legitimate interest derives from providing a certificate of a given approval. By the way, the basis for processing Article 6 (1) (f) GDPR is: your approval.
VII. Sharing Personal Data
In addition, personal data will not be shared without your express consent in pursuance of Article 6 (1) (a) GDPR, unless there is a legal obligation in pursuance of Article 6 (1) (c), this is legally required in pursuance of Article 6 (1) (b) GDPR for the performance of contractual relations, or the sharing is required in pursuance of Article 6 (1) (f) GDPR for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest in the non-sharing of your data, which merits protection.
IIX. Data Security
The website is protected by technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons. We use the widespread SSL method (Secure Socket Layer) during your visits to the website, in conjunction with the highest level of encryption which is supported by your browser in each case. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we have recourse to 128-bit v3 technology instead. You can see whether an individual page of our website is encrypted by means of the locked padlock icon in the bottom status bar of your browser. Despite regular checks, it is impossible to provide complete protection against all risks. However, our security measures are continuously being improved in accordance with technological developments.
IX. Rights of Parties Concerned
You have the right:
- in pursuance of Article 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the purposes of the processing, the category of the personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged storage period, the existence of a right to rectification, erasure, restriction of the processing or to object to such processing, the existence of a right to lodge a complaint, the origin of your data if these were not collected by us, as well as regarding the existence of automated decision-making, including profiling and, if applicable, meaningful information about the details thereof;
- in pursuance of Article 16 GDPR, to immediately request the rectification of inaccurate personal data or the completion of your personal data stored by us;
- in pursuance of Article 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
- in pursuance of Article 18 GDPR, to request the restriction of the processing of your personal data, inasmuch as the accuracy of the data is contested by you, the processing is unlawful but you oppose the erasure thereof and we no longer need the data but you need them for the establishment, exercise or defence of legal claims, or you have objected to the processing in pursuance of Article 21 GDPR;
- in pursuance of Article 20 GDPR, to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format, or to request the transmission to another controller;
- in pursuance of Article 7 (3) GDPR, to withdraw the consent you have given us at any time. The consequence of this is that we can no longer continue processing the data which was based on this consent for the future, and
- in pursuance of Article 77 GDPR, to lodge a complaint with a supervisory authority. As a general rule, you can contact the supervisory authority of your habitual residence or place of work, or the head office of our company.
X. Right to object
If your personal data are processed on the basis of legitimate interests in pursuance of Article 6 (1) (f) GDPR, you have the right, in pursuance of Article 21 GDPR, to object to the processing of your personal data, inasmuch as grounds relating to your particular situation exist or the opposition is aimed at direct marketing. In the latter case, you have a general right to object which will be implemented by us without the indication of a particular situation. On the basis of Article 7 (3) GDPR you can object to your consent at any time. If you do so, we are not allowed to proceed the processing of your data, which you gave consent for. The legitimacy of the processig of your data which occured before you objected to it remains untouched by your withdrawal. If you would like to make use of your right to withdraw consent or right to object, you simply have to send an email to this effect to email@example.com. You can also contact us via mail or telephone.
XI. Data Protection Contact
If you have any questions regarding the collection, processing, or use of your personal data or if you require information, or for rectification, blocking or erasure of data, please contact:
The Data Protection Officer
ELAINE technologies GmbH
Tel: +49 228 22 77 97-0
Fax: +49 228 22 77 97-900