a) Responsibility for Data Processing on Our Website The associated companies will hereinafter be collectively referred to as “io”.
io consultants GmbH & Co. KG is responsible for producing and editing the content on the website of io. The following companies belong to io:
The controller responsible for the processing of the data on the www.io group.com website is: io-consultants GmbH & Co. KG STADTTOR Speyerer Str. 14 69115 Heidelberg
If you have any questions, recommendations, or complaints regarding the protection of your data, please contact our data protection officer Protadus GmbH Kurfürsten-Anlage 59 69115 Heidelberg
b) Responsibility for Third-Party Online Presences Outside Our Website All third-party service providers who offer services on our website transfer and process personal data. It is therefore necessary to establish and describe how the respective responsibilities are allocated between us, the website operator, and the third-party service providers. This concerns all tools and services as well as analytic and social media services offered here.
Any such service will be operated in joint responsibility pursuant to Art. 26 GDPR, i.e., we are jointly responsible for the purposes of and means used for processing the data. Who is responsible for which processing activity must be contractually agreed with the respective service provider.
The service provider (joint controller) is, in general, responsible for the merging and analyses of personal usage data. We assume that any adaptations announced by the service providers will also be implemented by them.
Irrespective thereof, any data transfers that are currently carried out and that are based on your consent are covered on our part by the consent obtained via our cookie banner.
As the other joint controller, we are responsible for setting the respective cookies and transmitting the usage data from our website. You, as the data subject, may, however, claim your rights with either party, irrespective of who has been allocated which responsibility.
In many cases, service providers offer only outdated or insufficient agreements that do not yet meet the latest requirements of the data protection authorities. However, these agreements will be automatically and bindingly concluded on a regular basis when the services are used. We assume that any amendment announced here by the service providers will be implemented. Irrespective thereof, all data transfers are currently carried out on the basis of the consent given to us in the cookie banner.
This information applies to the following online presences of io and its associated companies. The controllers of the social media channels and third-party online services we use are:
a) Shared Information For each data processing operation (e.g., access to and use of our website or other individual online presences) with personal reference, we share the following information with you:
Information on your rights as a data subject, including but not limited to withdrawal of consent and objection to any data processing, is available in section 7.
As a company concerned with the protection of your personal data, we do not carry out any profiling or automated processing of your data for analyzing or predicting aspects relating e.g., to your health or personal preferences. Therefore, Art. 22 GDPR on automated individual decision-making, including profiling, does not apply.
b) General Information on Cookies Cookies are small text files that are saved by your browser and thus stored on your end device. They contain various information such as the length of your website visit, your data input, or, possibly, identification codes for user recognition. They may originate from us as the website provider (so-called first-party cookies) or, in the event of a cooperation with any third party, from any such third party (so-called third-party cookies), and be intended for different storage periods (e.g., for the duration of your website visit, or up to several weeks and years).
You can restrict or deactivate the storage and reading of cookies. In this case, however, the full functionality of the website may not be available to you.
First-Party Cookies Our website uses first-party cookies, so-called "session cookies". These cookies save data about your website visit or serve to recognize your computer upon your next visit (e.g., for easier password entry). They guarantee the full technical functionality of the website. This type of processing is based on Art. 6.1 (f) GDPR.
Third-Party Cookies For links to third-party websites, information about the use of third-party cookies and the extent of the data collected by the respective third-party service providers is separately and individually provided in the following paragraphs about these third-party service providers. This processing is based on your consent pursuant to Art. 6.1 (a) GDPR.
You can adapt your cookie settings and withdraw your consent at any time by visiting this link.
The full list of cookies and third-party tools used on our website requiring your consent is available here.
Usage data may be transmitted to countries outside the EU if providers of advertising or analytic services in connection with or integrated in this website have their headquarters outside the EU and part of the data within the scope of these services is processed on servers outside the EU. Pursuant to Art. 49.1 (a) GDPR, your data may only be transferred abroad if you have previously given your express consent to the respective service. The risks of any such transfer are described under “Data Transfer to Recipients Outside the EU”.
In your browser you may select to be informed before any cookies are set, so that you can decide for each individual cookie whether you want to accept it or not. You may also choose to accept or reject cookies for specific functions or in general. Each browser differs in the way it manages cookie settings. Please refer to your browser’s help menu to learn how to change your cookie settings. You may also find such information by searching for “cookie settings + browser” in your search engine or by clicking on the following links:
If you reject cookies, websites may offer a restricted functionality, so that login and shopping carts in online shops may not work correctly.
d) Data Transfer to Processors in Third Party Countries (outside the EU/EEA) Personal data may be transmitted to countries outside the EU if providers of advertising or analytic services in connection with or integrated in this website either have their headquarters outside the EU and part of the data within the scope of these services is processed on servers outside the EU, or if they have their headquarters in the EU/EEA, but are part of a multinational group of companies. These services will be appropriately identified below.
According to applicable European legislation, for some third-party countries, including but not limited to the USA, an appropriate data protection level can no longer be guaranteed by agreements with the provider or by provider guarantees (formerly known as the EU-USA Privacy Shield). Pursuant to Art. 9.1 (a) GDPR, your data may only be transferred abroad if you have previously given your express consent to the respective service. You can withdraw your consent or adapt your cookie settings at any time by accessing your setting under this link.
A transfer of usage data into certain third-party countries may entail the risk that your data will be read and analyzed by local authorities, including but not limited to intelligence and security services of that particular country, without adequate legal protection or privacy guarantees under the rule of law. It is therefore possible that personal profiles are created without your knowledge and that the analysis of such profiles may lead to actual restrictions and further investigations by such government.
In order to give you additional legal guarantees, we conclude the usual contractual clauses with the providers for the services used. In some cases, the integrated service may be offered by a company established in Europe, but, for certain processing purposes, it is actually processed by a parent company outside the EU. In these cases, the European office of such company is responsible for ensuring compliance with all legal data protection requirements (e.g., by concluding standard contractual clauses and providing further guarantees).
e) Data Transfer Security Our website uses TLS protocol (Transport Layer Security) in conjunction with at least 128-bit encryption for the transfer of personal data in order to protect the data against accidental or intentional manipulation, loss, destruction, or access by unauthorized parties. These security measures are continuously adapted in line with technological developments. You can recognize the encrypted data transfer by the closed key or lock symbol in the upper status bar of your browser.
If you use the following services on our website, the personal data you provide will be stored and processed for the respective purposes mentioned - e.g., for registration, surveys, or contract execution.
When visiting a website, a series of user data is collected, which can theoretically be referred back to a specific user via the visitor’s IP address, the specific user settings, cookies, or other identification options. This data is used for technical purposes to (i) display the site, (ii) optimize the site through statistical recording of user behavior, and (iii) reload previously displayed information or entries after the user has closed a page. Information about which usage data is collected and which other services are used on this site is provided below.
Data categories with personal reference
Legal basis for data processing
In the event of purely informational use of our website, i.e., if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. We create and store log files on our servers, including but not limited to general and log-in errors.
Data processing of this kind is based on Art. 6.1 (f) GDPR (legitimate interest).
In the event of data processing being based on Article 6.1 (f) GDPR, the controller’s or third party’s legitimate interest
Whenever you view our website, we collect the above-mentioned data, which is technically required in order for us to display the website and to ensure its stability and safety.
If applicable, the categories of recipients of the personal data, and
Website host (processor/headquarter Germany, server location Germany)
transfer to processors in third-party countries
Storage period or the legal basis on which the storage period is determined
The aforementioned data, including but not limited to the IP addresses, are stored for up to 14 days and will then be deleted.
Application of automated decision-making, including profiling, pursuant to Articles 22.1 and 22.4 GDPR, and, in such cases, meaningful information about the logic involved and the scope and intended effects of such processing on the data subject
If the provision of the personal data is legally or contractually required or necessary for the conclusion of a contract, if the data subject is required to provide the personal data, and which consequences might follow if the data would not be provided
Without this data, the website cannot be displayed.
Data categories with personal reference
Contact form: Title (if any), last name, company, and e-mail address (mandatory fields are marked with *)
Purposes of data processing
After submitting the contact form, the white paper will be sent to the e-mail address you provide in the contact form. If you wish to receive further information about white papers in future, you will receive an automated e-mail for the purpose of double opt-in after having submitted the filled-out contact form. The personal data you provide will be used for any correspondence accompanying your white paper online delivery.
White papers are mailed on the basis of your consent as per Art. 6.1 (a) GDPR. Any consent given with regard to future e-mails may be informally withdrawn at any time using the contact details of the data protection officer.
If you request a white paper only once, we will store your contact data for up to three (3) months after shipment. If you give your consent to receiving our white papers on a regular basis, we will use your contact information until you withdraw your consent. Your contact data will then be blocked for active use, but stored for verification purposes (proof of consent/accountability principle pursuant to GDPR).
Contact details are given on a voluntary basis. White papers cannot be shipped without the respective contact information.
Contact form: Title (if any), first name, last name, e mail address, position, company, and address (mandatory fields are marked with *) For paid events: payment data, invoice recipient and address, booking options
Website users may register for events on our website. After submitting the contact form, you will receive a confirmation of your registration. If you wish to receive information about other events in the future, you will receive an automated e-mail for the purpose of double opt-in after having submitted the contact form. The personal data you provide will be used to register your participation in the event, to mail your registration receipt to you and, if applicable, your participation certificate and any further information regarding the event.
E-mailing the various options for event participation will be based on your consent pursuant to Art. 6.1 (a) GDPR. Any consent given with regard to future e-mails may be informally withdrawn at any time using the contact details of the data protection officer.
In the event of the processing being based on Article 6.1 (f) GDPR, the controller’s or third party’s legitimate interest
If applicable, the categories of recipients of the personal data
Transfer to processors in third-party countries
We will store your contact details for the participation in the event for up to three (3) months thereafter. If you give your consent to receiving our information on a regular basis, we will use your contact information until you withdraw your consent. Your contact data will then be blocked for active use, but stored for verification purposes (proof of consent/accountability principle pursuant to GDPR).
Contact details are given on a voluntary basis. Without your contact information, we will not be able to send you any booking confirmation or event-related information.
Die Zusendung der Event-Teilnahmemöglichkeiten erfolgt basierend auf einer Einwilligung, Art. 6 Abs. 1 lit. a DSGVO. Mit jeder Übersendung von Informationen per E-Mail können Sie über Links am Mailende Ihre persönlichen Angaben ändern oder Informationen für die Zukunft per Mausklick abbestellen (Einwilligung widerrufen).
bei Verarbeitung basierend auf Artikel 6 Absatz 1 Buchstabe f DSGVO, die berechtigten Interessen, die von dem Verantwortlichen oder einem Dritten verfolgt werden
If applicable, the recipients or categories of recipients of the personal data
If you agree to receiving information by e-mail on a regular basis, we will use your contact information until you withdraw your consent. Your contact data will then be blocked for active use and stored for verification purposes (proof of consent/accountability principle pursuant to GDPR). After that, the data will be deleted.
Contact details are given on a voluntary basis. Without your contact information, we will not be able to send you our newsletter or other information about our group by e-mail.
Analysis data: -
We use tracking functions in our e-mail campaigns to verify that e-mails reach their destinations, if and when the respective e-mail was opened, whether you clicked on any links included in the mail and whether you sent an answer back. The gathered data is used to better align our automated e-mail campaigns to the needs and interests of our customers and assess the respective campaign’s success. The data is processed for these purposes only.
Processing of this data is based on our legitimate interests in effective direct marketing (Art. 6.1 (f) GDPR).
Should the data reveal that you are interested in specific services, we will use such information to contact you specifically with regard to these services. This allows us to tailor our services to your specific needs and optimize our offers for you. This process is based on legitimate interest pursuant to Art. 6.1 (f) GDPR (our legitimate interest in direct marketing).
Eine Weitergabe an Dritte erfolgt nicht. Wird die Analyse durch einen Auftragsverarbeiter durchgeführt, haben wir einen Auftragsverarbeitungsvertrag mit dem Dienstleistungserbringer abgeschlossen.
We store analytic data for four (4) weeks after collection.
Contact information: Title (if any), last name, company and e-mail address, other contact information for processing your application such as phone numbers. Application documents: including but not limited to Curriculum Vitae, transcripts and certificates, cover letter. Mandatory data for processing your application is marked with *.
If you are interested in applying for a job at our company, you can do so via the concludis (processor) online job application tool on our website. concludis will record your application data on our behalf and make it available to selected employees of our human resource department only. All data you provide is transmitted via a secure TLS connection. If we have an interest in keeping your documents (e.g., for future consideration for other job offers), we will request your consent beforehand. If you agree, your data will be stored for a further three (3) months. The longer storage period will be based on your consent as per Art. 6.1 (a) GDPR.
Data processing for job applications is based on the initiation of an employment relationship ([Art. 6.1 (b) GDPR, § 26 German Federal Data Protection Act (BDSG)] Any extension of the storage period for more than three (3) months after completion of the job application process in order for your documents to be available for further application rounds will be based on Art. 6.1 (a) GDPR.
Speicherdauer oder die Bemessungsgrundlagen für die Speicherdauer
Any documents that you have submitted to us will be completely deleted no later than three (3) months after completion of the application process unless we have concluded an employment agreement with you or you have agreed to storing your data for other application rounds and have not withdrawn this consent.
Provision of application-related data is completely voluntary. If you refuse to share data with us that has been marked as mandatory for the application process, we will not be able to process your application and consider you for an employment contract.
a) General Information Our website contains links and shortcuts to the social media services listed below. To non-members, social media services may present themselves like conventional marketing services, but if you are a member of any such platform, the data collected on this website/service may be linked to your social media account.
A distinction must be made between the various social media services and functionalities. Social media services can place advertising on their platforms specifically adapted to the users’ interests or show personalized advertisements on linked pages taking into consideration your user profiles. In addition, they offer social plug-ins such as “like” buttons that allow users to distribute and promote site content. In addition to this website, we have specific pages to present our company on such social media platforms (Facebook, LinkedIn, Xing, Twitter, YouTube, kununu, Instagram).
Data processing triggered on this website or on our social media pages is, pursuant to Art. 26 GDPR, a joint responsibility, i.e., we and the respective service providers are jointly responsible for the purposes and means of data processing. Unless otherwise specified, any obligation concerning the data subjects’ rights arising from the GDPR lies with the respective service provider. For example, the obligation to inform the data subject about the collection and processing of his or her personal data no longer lies with the website operator, but with the operator of the respective social media service.
Further information on the purpose and scope of data collection, processing, and use by social media networks, and your rights and settings options to protect your privacy is available in the privacy policies of the respective social media networks described below in detail.
Links to the corresponding pages are available on our website. Since these are links leading to other websites, they are not subject to the consent requirements pursuant to Art. 6.1 (a) GDPR.
b) LinkedIn LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) is a service that connects professionals and executives around the world. Registered users may interact with each other to increase business and career opportunities. On our website, we offer you the possibility to be redirected directly to our LinkedIn profile.
Our LinkedIn Profile When you visit our LinkedIn profile, you will be browsing the LinkedIn platform. The usage data analyzed by the site operator will only be provided to us in anonymized form (statistics). As described above, we are jointly responsible for the respective data processing. This type of processing is based on our legitimate interest as per Art. 6.1 (f) GDPR to count the users on our LinkedIn profile, as this is connected to our interest to measure and analyze the effectiveness of such profile.
LinkedIn Marketing Services LinkedIn collects data about the use of our site using Pixel and the link to our LinkedIn profile (browser and device settings, usage times and objects, existing identifiers) for the purpose of personalized advertising on the LinkedIn platform. This data transfer from our website is based on your consent given upon your first use of the site pursuant to Art. 6.1 (a) GDPR.
Further information on such data processing and the respective responsibilities and information duties are available at https://legal.linkedin.com/pages-joint-controller-addendum, at https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv, and at https://legal.linkedin.com/dpa/DE.
c) XING XING (New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany) is a social network where you can create personal as well as company profiles and publish corporate information (e.g., description of services, contact details, photos). XING users have access to this information. In addition, users can write their own posts and share content. The functions are used at the sole responsibility of the user. As described above, we are jointly responsible for the respective data processing.
Our XING Profile When you visit our XING profile, you will be browsing the XING platform. The usage data analyzed by the site operator will only be provided to us in anonymized form (statistics). As described above, we are jointly responsible for the respective data processing.
This type of processing is based on our legitimate interest to count the users of our XING profile, as this is connected to our interest to measure and analyze the effectiveness of such profile as per Art. 6.1 (a) GDPR.
d) Twitter Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland) offers so called microblogging services where registered users can post short messages. The individual messages are called "tweets". We have a Twitter account for the purpose of publishing general corporate information, job advertisements, event invitations, etc. As described above, we are jointly responsible for the respective data processing.
h) Facebook/Facebook Fan Page io consultants GmbH & Co. KG, STADTTOR Speyerer Straße 14, 69115 Heidelberg, Germany, has published a so-called fan page on Facebook at https://de-de.facebook.com/ioconsultants/. When operating its Facebook fan page, io consultants GmbH & Co. KG uses the technical platform and services of Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. Pursuant to Art. 26 GDPR (see CJEU case C 210/16), Facebook Ireland Ltd. and io consultants GmbH & Co. KG are therefore jointly responsible for the processing of personal data when using this fan page.
The responsibility for the data processed when visiting our Facebook fan page is governed by an agreement with Facebook, which is available at: https://www.facebook.com/legal/terms/page_controller_addendum.
This agreement also stipulates that any processing of personal data that is not the responsibility of io consultants GmbH & Co. KG as listed below is the full responsibility of Facebook Ireland Ltd. Please note that you are using this Facebook page and its features based on your user agreement with Facebook. This applies in particular to the use of the available interactive functions (e.g., commenting, sharing, rating).
When you visit our Facebook fan page, Facebook collects, among other data, your IP address and other information available on your PC, such as cookies. This information is used to provide us, as the Facebook fan page operator, with statistical information about the use of our Facebook page.
More information is available here: https://www.facebook.com/help/pages/insights
When accessing a Facebook page (from a German IP address), the IP address assigned to your computer and transmitted to Facebook is anonymized and deleted after 90 days. Facebook also stores information about its users' devices (e.g., as part of the “registration notification” function). This enables Facebook to assign IP addresses to individual users.
If you are logged in to your Facebook account at the time of accessing the site, Facebook stores a cookie with your Facebook identification on your device. This way, Facebook can see that you used this site and how you used it. The Facebook buttons integrated on the website allow Facebook to record your website visits and allocate them to your Facebook profile. This information can be used to tailor content and/or advertising to you. This type of data processing by io consultants GmbH & Co. KG is based on its legitimate interest to check and optimize the effectiveness and use of its fan page, and to use the fan page and Facebook services for advertising purposes (Article 6.1 (f) GDPR).
If you want to avoid the above-mentioned type of data processing, please log off from Facebook or deactivate the “stay logged in” function, delete the cookies on your device, close and restart your browser. This way, any Facebook information that could identify you directly will be deleted. It allows you to use our Facebook page without revealing your Facebook identification. If you access any interactive features of the page (such as the “like” button, comment, share or message functions), a Facebook login screen appears. Once you log in again, Facebook may recognize you as a specific user. More information about how to manage or delete existing information about you is available here: https://www.facebook.com/about/privacy.
How io consultants GmbH & Co. KG Uses Your Data As the provider of this information service, we also collect and process the following data from your use of our service:
Contacting us via our Facebook fan page
The use of your data is subject to the same rules. The processing of your personal data is subject to Art. 6.1 (f) GDPR. Our interest in processing your data is based on responding to your inquiries, optimizing our website, and creating user-friendly service recommendations.
Your rights as the data subject are explained in more detail in section 7 below.
a) Google Tag Manager and Google Fonts Google Tag Manager is a tool to organize all third-party tags on our company’s website. It also controls at what time these tags are triggered. The so-called Tag Management System (TMS) integrates and updates tracking codes and connected code fragments (so called tags) on the website. The web-based Tag Manager interface allows its users to set up tracking tags and define triggers for such tags. It is also possible to create variables to simplify and automate tag configurations.
Although Tag Manager inserts cookies and code fragments, the tool itself does not collect or process any personal data. The cookies set in this context are therefore indispensable for operating the website and do not require any consent.
Further information regarding the use of the transmitted data is available at https://policies.google.com/privacy?gl=DE&hl=de.
Since we use Google Fonts on our website only locally, Google does not automatically learn from your browser and from loading the fonts that your IP address accessed our website.
The use of Google Fonts facilitates a uniform and attractive presentation of our website. If your browser does not support Google Fonts or Web Fonts, your device will use a default font.
By integrating the Google services listed below, Google receives your unambiguous device ID, type and setting of browser, device and network used, your IP address (anonymized as far as possible) and information about your operating system. Google also records the reference URL of the service request, which, in this case, means information about the use of our website itself and the times of use. If you are logged into your Google account when surfing on our website, this data will be linked to your account.
The purpose is to make sure that your preferred language and other settings remain the same on all web pages you visit and that display settings are optimized according to your preferences. Nevertheless, the data will also be used to optimize Google services.
In so far as cookies or any comparable technologies are used to collect data and identify you, these are subject to the consent settings you selected at your first access of the site. Therefore, this type of data processing is subject to your consent pursuant to Art. 6.1 (a) GDPR. If the data transfers merely arise from accessing services from Google servers these transfers are based on the legitimate interest as per Art. 6.1 (f) GDPR to optimize the use of our site.
These services are provided exclusively by Google Ireland Ltd. If any such data is transferred to servers in the USA or elsewhere outside of Europe, Google Ireland Ltd. is responsible for ensuring the lawfulness of such transfers, in particular for giving sufficient data privacy guarantees. By agreeing to the service mentioned above, you also consent to the transfer of your data outside the EU even if there are no further guarantees and no adequacy decision is provided to ensure the appropriate data protection level; see also Art. 49.1 (a) GDPR. For further information on security risks, please refer to “Data Transfer to Recipients Outside the EU”.
c) Google ReCAPTCHA We use data security services such as CAPTCHA services (Completely Automated Public Turing Test To Tell Computers And Humans Apart) to prevent non-human and automated input. Captchas are relatively easy to read for humans, but not for computers. The numbers and letters used in a CAPTCHA are distorted so that IT systems cannot decipher them.
We use the reCAPTCHA service of Google Ireland Ltd., Gordon House, 4 Barrow St. Dublin, D04 E5W5, Ireland (“Google”). When using reCAPTCHA, your IP address and, if applicable, other data required for the reCAPTCHA service will be sent to Google. This is based on our legitimate interest to establish individual accountability for actions on the Internet and the prevention of abuse and spam pursuant to Art. 6.1 (f) GDPR.
d) Google Maps We use Google Maps (API) by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, to show website users our location.
If you open the subpage where Google Maps is integrated, our website sends various data, including your IP address, to Google in the USA where it is stored on its servers. If you have a Google user account and are logged in while you access our website, the data will be directly allocated to your account. But even without a user account, Google will create a user profile about you. This happens regardless of whether Google provides a user account with which you have logged in or whether no user account exists. This type of processing is subject to Art. 6.1. (f) GDPR. Our transfer of data to Google is based on our legitimate interest to offer you the map function of Google Maps on our website. As per Art. 26 GDPR, Google and io consultants are jointly responsible for any data protection in connection with Google Maps. The parties determine the purposes and tools for processing your personal data individually, always complying, though, with the requirements established by the GDPR.
The allocation of the responsibilities related to the processing of your personal data is available in the Google Maps Controller-Controller Data Protection Terms at https://privacy.google.com/intl/de/businesses/mapscontrollerterms/.
If you want to prevent the data transferred by us from getting connected to your user account, you can log out of your Google account before visiting our site.
More information about Google and the use of Google Maps is available here:
a) Google Analytics Google Analytics, a web analysis service offered by Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland) is used for the purposes of demand-oriented website design, reach measurement, analysis of general user behavior on the website, and optimization of website efficiency.
Google Analytics uses so-called "cookies" to enable the analysis of your use of the website. The information generated by the cookie about your use of the website is usually transmitted to and stored on servers operated by Google in the USA. We have activated IP anonymization on this website. This activates the truncation of your IP address by Google within member states of the European Union and all other countries party to the Agreement on the European Economic Area, prior to use and further transmission.
Under special circumstances only, the full IP address will be transmitted to a server in the U.S. and truncated there. IP anonymization does not, however, result in the anonymization of your usage data because allocation is, for example, still possible through the installed cookies.
The use of Google Analytics is the joint responsibility of Google and the website operator. Therefore, we have concluded a data processing agreement with Google which currently makes both parties responsible for the processing tasks assigned to them. Google combines your usage data with data collected elsewhere and uses the profiles created this way for personalized advertising and analyses. On behalf of the operator of this website, Google will use this information for the purpose of analyzing your use of the site, compiling reports on your website activity, and providing other services relating to website activity and Internet usage for the website operator. The data that Google processes includes the settings and technical data of your device, the exact times of your access of the site and individual parts thereof and, therefore, your user behavior.
Further information on Google’s data processing, your settings and objection options are available on the following Google websites: https://policies.google.com/privacy/partners?hl=en ("How Google Uses Information From Sites Or Apps That Use Our Services"), https://policies.google.com/technologies/ads?hl=en
("Technologies and Principles/Advertising"), adssettings.google.com/authenticated ("Ad Settings").
You may also prevent the collection and transmission of the data, which is created by the cookies and reflects your use of the website (including your IP address), to Google as well as the processing of such data by Google, by downloading and installing the browser plug-in available from the following link: http://tools.google.com/dlpage/gaoptout?hl=en
The Google marketing services we use also include the online advertising program "Google Ads". When using Google Ads, every Google Ads customer (i.e., site operators like us) receives a different "conversion cookie". These cookies cannot be tracked by the websites of Google Ads customers. We are therefore unable to evaluate the conversion cookie ourselves. The information collected with the help of this cookie is used to create so-called conversion statistics for our website. Conversion statistics are evaluations of previously defined actions that a user has carried out on the website. Google tells us the total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can identify the user. We also use Google Analytics to evaluate data from Google Ads and the double-click cookie for statistical purposes. If you do not wish to participate in the Google Ads evaluation, you can deactivate the function via the Google Ads Preferences Manager: https://adssettings.google.com/authenticated?hl=de
The legal basis for the use of Google Analytics on our website and for the resulting data transfer to the USA is your consent given upon your first access of this site pursuant to Art. 6.1 (a) and Art. 49.1 (a) GDPR. The risks of transmitting personal data to the USA are listed in the section “Data Transfer to Recipients Outside the EU”.
b) LinkedIn Insight Tag We use the conversion tool LinkedIn Insight Tag by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, for marketing purposes such as optimizing campaigns, retargeting website visitors for the purpose of increasing the success rate of product placement and improving advertisement relevance by using member data, and reaching members across a variety of devices.
The use of this tool is subject to your consent given in the cookie settings as per Art. 6.1 (a) GDPR. Forwarding such data to countries outside the EU is the sole responsibility of LinkedIn Ireland Unlimited Company.
The LinkedIn Insight Tag creates a cookie in your web browser that collects, among others, the following data: IP address, device and browser features, and page-related events (e.g., page requests). This data will be encrypted and pseudonymized within seven (7) days, and the pseudonymized data will be deleted within 180 days after collection.
LinkedIn does not share any data with us that allows any personal identification (anonymized reports on website target group and ad performance).
In addition, LinkedIn offers a retargeting service via the Insight tag. This data allows us to show you personalized advertising outside the scope of our website without you being personally identified as a website user.
c) Instagram Pages Insight When visiting our Instagram page, Facebook records, among other things, your IP address. In addition to other information that Facebook receives through cookies, Facebook provides us, as the operator of the Instagram page, with statistical data regarding the use of such Instagram page (so-called page insights). This aggregated data shows us how users interact with our page. These page insights may be based on personal data that Facebook collected in connection with a visit or a user interaction on or with our Instagram page and its content. Further information is available at: https://www.facebook.com/about/privacy.
We may use Page Insights to anonymously analyze reach, page views, time spent on video posts, actions (likes, comments, sharing) distinguished by age, gender, and location (as given by the user in their respective Instagram profiles). In order to analyze reach, for example, specific settings can be made or filters set for certain time periods, posts, or demographic criteria (e.g., gender or age). This data is anonymized, aggregated, and abstracted. This way, we are not able to draw any conclusions regarding user identity. This analysis has the sole purpose of optimizing our offerings on our Instagram page for public relation purposes.
Instagram does not share any data with us that allows any personal identification (anonymized reports on website target group and ad performance).
Pursuant to Art. 15 GDPR, every data subject may, at any time:
Right to Object If your personal data is processed on the basis of legitimate interest pursuant to Art. 6.1 (f) GDPR, Art. 21 GDPR entitles you to object to such processing on grounds relating to your particular situation or if your objection relates to processing for direct marketing purposes. With the latter, you have a general right to object, which we will observe without you specifying a particular situation or reason.
Any objection may simply be sent by e-mail to: firstname.lastname@example.org.
Right of Withdrawal of Consent Pursuant to Art. 7.3 GDPR, you may withdraw your consent at any time. If you withdraw your consent, we may no longer process any data based on such consent (right of withdrawal). Any withdrawal note may simply be sent by e-mail to: dataprotection(at)io-group.com
Updated: January 2022