Privacy Policy

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator.

How do we collect your data?

Your data is collected in two ways. Firstly, by you providing it to us, for example, by entering data into a contact form. Other data is automatically collected or upon your consent when you visit the website through our IT systems. This primarily includes technical data (e.g., internet browser, operating system, or the time of the page visit). The collection of this data occurs automatically as soon as you enter this website.

What do we use your data for?

Part of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time free of charge. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances.

Additionally, you have the right to lodge a complaint with the competent supervisory authority. For this and any other questions about data protection, you can contact us at any time.

Analytics and third-party tools

When visiting this website, your surfing behavior can be statistically evaluated. This mainly happens using so-called analytics programs. Detailed information about these analytics programs can be found in the following privacy policy.

This website is externally hosted. The personal data collected on this website is stored on the servers of the hosting provider. This may include IP addresses, contact inquiries, meta and communication data, contract data, contact details, names, website accesses, and other data generated through a website.

The external hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider (Art. 6(1)(f) GDPR).

We host our website with the provider HubSpot Germany GmbH, Am Postbahnhof 17, 10243 Berlin (hereinafter: HubSpot). When you visit our website, HubSpot collects various log files, including your IP addresses.

HubSpot is a provider of website hosting. HubSpot stores cookies or other recognition technologies that are necessary for the presentation of the site, the provision of certain website functions, and to ensure security (necessary cookies). HubSpot stores data within the European Union.

In accordance with Art. 28(4) GDPR, we have concluded a data processing agreement with HubSpot based on the so-called EU Standard Contractual Clauses.

Responsible entity

The responsible entity for data processing on this website is:

Heisenware GmbH
Levisohnweg 3
22081 Hamburg, Germany

The responsible entity decides alone or jointly with others on the purposes and means of processing personal data (e.g., names, contact details, etc.).

Revocation of your consent to data processing

Some data processing operations are only possible with your explicit consent. You can revoke your consent at any time. An informal notification by email is sufficient for the revocation. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

Right to lodge a complaint with the supervisory authority

In the event of a breach of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the State Data Protection Officer of the federal state in which our company is based (Hamburg).

Right to data portability

You have the right to have data, which we process automatically based on your consent or in fulfillment of a contract, handed over to you or to a third party in a machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent technically feasible.

Right to information, correction, blocking, deletion

You have the right to free information about your stored personal data, their origin, recipients, and the purpose of data processing at any time within the scope of the applicable legal provisions, as well as a right to correction, blocking, or deletion of this data. For this purpose, as well as for further questions regarding personal data, you can contact us at any time using the contact options provided in the imprint.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. You can recognize an encrypted connection by the "https://" address line of your browser and by the lock symbol in the browser line.

Data Protection Officer

We have appointed a data protection officer.

Dr. Burkhard Heisen
Levisohnweg 3
22081 Hamburg, Germany

Email: contact@heisenware.com

Updating and amendment

We reserve the right to change, update, or supplement this privacy policy at any time. All revised information on data processing applies only to personal data collected or modified after the effective date.

Cookies

Our website uses cookies. These are small text files that your web browser stores on your device. Cookies help us to make our offer more user-friendly, effective, and secure.

Some cookies are "session cookies." Such cookies are automatically deleted after the end of your browser session. Other cookies remain on your device until you delete them yourself. These cookies help us to recognize you when you return to our website.

With a modern web browser, you can monitor, restrict, or prevent the setting of cookies. Many web browsers can be configured to automatically delete cookies when the program is closed. Disabling cookies may result in limited functionality of our website.

The setting of cookies, which are necessary for the performance of electronic communication processes or the provision of certain functions desired by you, is based on Art. 6(1)(f) GDPR. As the operator of this website, we have a legitimate interest in storing cookies for the technically error-free and smooth provision of our services. If other cookies (e.g., for analytics functions) are set, they will be treated separately in this privacy policy.

Server log files

The provider of the website automatically collects and stores information in server log files that your browser automatically transmits to us. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Hostname of the accessing computer
• Time of the server request
• IP address

There is no merging of this data with other data sources. The basis for data processing is Art. 6(1)(b) GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

Contact form

Data transmitted via the contact form, including your contact details, will be stored in order to process your request or to be available for follow-up questions. This data will not be passed on without your consent.

The processing of the data entered into the contact form is based exclusively on your consent (Art. 6(1)(a) GDPR). You can revoke your consent at any time. An informal notification by email is sufficient for the revocation. The legality of the data processing operations carried out before the revocation remains unaffected by the revocation.

Data transmitted via the contact form will remain with us until you request deletion, revoke your consent to storage, or there is no longer any need for data storage. Mandatory statutory provisions - especially retention periods - remain unaffected.

Inquiries by email or telephone

If you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested; the consent is revocable at any time.

The data sent to us by you via contact inquiries will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Mandatory statutory provisions - especially retention periods - remain unaffected.

HubSpot CRM

We use the CRM software provided by HubSpot Germany GmbH, Am Postbahnhof 17, 10243 Berlin (hereinafter: HubSpot). HubSpot is a provider of CRM software. HubSpot stores personal data for the purpose of maintaining customer relationships and relationships with prospects. Stored personal data includes, among other things, first name, last name, title, company name, business address, website address, email address, telephone number, contact history, appointment data, contract data, and communication data. In accordance with Art. 28(4) GDPR, we have concluded a data processing agreement with HubSpot based on the so-called EU Standard Contractual Clauses.

YouTube with Enhanced Privacy

We have integrated YouTube videos on our website. YouTube Video is a component of the video platform provided by YouTube, LLC, where users can upload content, share it over the internet, and obtain detailed statistics. YouTube Video enables us to integrate platform content into our website.

YouTube Video uses cookies and other browser technologies to analyze user behavior, recognize users, and create user profiles. This information is used, among other things, to analyze the activity of the viewed content and create reports. If a user is registered with YouTube, LLC, YouTube Video can associate the played videos with their profile.

When you access this content, you establish a connection to servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted.

The use of the service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG.

We intend to transfer personal data to third countries outside the European Economic Area, particularly the USA. In cases where there is no adequacy decision by the European Commission (e.g., in the USA), we have agreed with the recipients of the data on other appropriate safeguards within the meaning of Art. 44 ff. GDPR. These are – unless otherwise stated – standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of 4 June 2021.

Furthermore, we obtain your consent in accordance with Art. 49(1) sentence 1 lit. a GDPR before such a transfer to a third country, which you grant via the consent manager (or other forms, registrations, etc.). We would like to point out that there may be specific unknown risks associated with transfers to third countries (e.g., data processing by security authorities of the third country, the exact scope of which and its consequences for you are unknown to us, over which we have no control, and which you may not become aware of).

The specific storage period of the processed data is not influenced by us but is determined by YouTube, LLC. Further information can be found in the privacy policy for YouTube Video: https://policies.google.com/privacy.

Google Analytics

We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service to statistically evaluate our online offering. This includes, for example, the number of views of our online offering, visited subpages, and the length of time visitors spend on our website. Google Analytics uses cookies and other browser technologies to analyze user behavior and recognize users. This information is used, among other things, to compile reports on website activity.

The use of Google Analytics is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG.

We intend to transfer personal data to third countries outside the European Economic Area, particularly the USA. In cases where there is no adequacy decision by the European Commission (e.g., in the USA), we have agreed with the recipients of the data on other appropriate safeguards within the meaning of Art. 44 ff. GDPR. These are – unless otherwise stated – standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of 4 June 2021.

Furthermore, we obtain your consent in accordance with Art. 49(1) sentence 1 lit. a GDPR before such a transfer to a third country, which you grant via the consent manager (or other forms, registrations, etc.). We would like to point out that there may be specific unknown risks associated with transfers to third countries (e.g., data processing by security authorities of the third country, the exact scope of which and its consequences for you are unknown to us, over which we have no control, and which you may not become aware of).

The specific storage period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.

Google Ads

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to analyze user behavior and recognize users.

Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of the advertising. Furthermore, Google Ads delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identification features such as your user agent are transmitted to the provider.

If you are registered with a Google Ireland Limited service, Google Ads can associate your visit with your account. Even if you are not registered with Google Ireland Limited or logged in, it is possible for the provider to determine and store your IP address and other identification features.

In this case, your data is shared with the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of Google Ads is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG.

We intend to transfer personal data to third countries outside the European Economic Area, particularly the USA. In cases where there is no adequacy decision by the European Commission (e.g., in the USA), we have agreed with the recipients of the data on other appropriate safeguards within the meaning of Art. 44 ff. GDPR. These are – unless otherwise stated – standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of 4 June 2021.

Furthermore, we obtain your consent in accordance with Art. 49(1) sentence 1 lit. a GDPR before such a transfer to a third country, which you grant via the consent manager (or other forms, registrations, etc.). We would like to point out that there may be specific unknown risks associated with transfers to third countries (e.g., data processing by security authorities of the third country, the exact scope of which and its consequences for you are unknown to us, over which we have no control, and which you may not become aware of).

The specific storage period of the processed data is not influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads: https://policies.google.com/privacy.

Spotify

This website incorporates features of the music service Spotify. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden. You can recognize the Spotify plugins by the green logo on this website. An overview of the Spotify plugins can be found at: https://developer.spotify.com.

As a result, when you visit this website, a direct connection can be established between your browser and the Spotify server via the plugin. Spotify thereby receives the information that you have visited this website with your IP address. If you click the Spotify button while logged into your Spotify account, you can link the content of this website to your Spotify profile. This enables Spotify to associate your visit to this website with your user account.

We would like to point out that when using Spotify, cookies from Google Analytics may be used, so that your usage data may also be transmitted to Google. Google Analytics is a tool of the Google Group for analyzing user behavior based in the USA. Spotify alone is responsible for this integration. We, as the website operator, have no influence on this processing.

The storage and analysis of the data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the appealing auditory design of his website. If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of TDDDG. Consent can be revoked at any time.

Further information on this can be found in Spotify's privacy policy: https://www.spotify.com/de/legal/privacy-policy/.

If you do not wish Spotify to associate your visit to this website with your Spotify user account, please log out of your Spotify user account.

 

Sources:

• www.e-recht24.de
• www.mein-datenschutzbeauftragter.de