We will only use your personal data for the purposes stated in this Privacy Statement and not for other purposes, unless the further processing of the personal data is compatible with the purposes for which this data was originally processed.
2. Information we collect
We collect the following information from you:
- When you contact us directly via the web form or an e-mail, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
- When you visit our website, we collect data about your visit and surfing behaviour on our website.
- For our newsletter we collect your name, e-mail address, company name (optional). We register whether you open the newsletter and your click behaviour.
3. Why we collect information
We use the information we collect in various ways, including to:
- Respond to your questions or comments
- Provide, operate, and maintain our website
- Improve, personalize, and expand our website
- Understand and analyse how you use our website
- Generate user statistics
- Develop new products, services, features, and functionality
- Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
- Find and prevent fraud
We will not use your personal data for other purposes, unless the further processing of the personal data is compatible with the purposes for which this data was originally processed.
4. Legal grounds
The information we ask to be able to contact you or to process an order is based on the legal ground of ‘performance of the agreement’ with you.
Other information is processed on the basis of ‘our legitimate interests’, such as the data we need for a properly functioning website, tailored to the wishes of the website visitor.
You have the right to object to these processing operations. If you wish to object, please contact us. In that case, we will stop processing your personal data, unless there are compelling, legitimate reasons that make our interest in the processing greater than your interest to stop processing. If you ask us to stop processing, you may no longer be able to make optimal use of our services.
In some cases we will ask for your permission before we process your data. This concerns the following processing operations:
- Before you register for an event
- Before we send you a newsletter or other publication
You have the right to withdraw your consent at any time. In that case we will not further process your personal data.
We offer a newsletter with which we want to inform interested parties about news in the field of our services and related matters. You will only receive this newsletter if you are a subscriber. Subscribers are 1) persons who have registered for the newsletter and 2) existing customers. Each newsletter contains a link that allows you to unsubscribe with one click.
7. Use of Facebook Pixel and Conversions API
On our website, we use the “Custom Audiences” remarketing feature, the “Lookalike Audiences” target group feature, and the Conversions API from Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland “Facebook”).
The Facebook Ireland Limited (“Facebook”) “Lookalike Audiences” feature uses the same tracking pixel and is used by Facebook to calculate similarities with other Facebook/Instagram users and to identify new customers based on website visits and interactions. Facebook uses this to generate statistical twin/lookalike target groups in order to display targeted advertisements to these users as well.
With the Facebook Conversions API, the data is still collected in the client and processed on our web server. However, data collection with the API also takes place even when the Facebook pixel should be blocked in the client. A tracking code is then executed on the server which sends the collected events to the actual Facebook API on the Facebook servers. There, the data from the API and the data from the Facebook Pixel are merged, with the Conversion API complementing the tracking via the Facebook Pixel. For more information, please visit: https://www.facebook.com/business/help/2041148702652965?id=818859032317965
Facebook Ireland and we are jointly responsible for the collection of your data when the service is integrated and the transmission of this data to Facebook. The basis for this is an agreement between us and Facebook Ireland for the joint processing of personal data, in which the respective responsibilities are defined. The agreement is available at HTTPS://WWW.FACEBOOK.COM/LEGAL/CONTROLLER_ADDENDUM. According to this agreement, we are in particular responsible for fulfilling the information obligations in accordance with Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service, and for compliance with the obligations in accordance with Art. 33, 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Facebook Ireland is responsible for enabling the rights of the data subject in accordance with articles 15-20 of the GDPR, for complying with the security requirements of article 32 of the GDPR with regard to the security of the service and for complying with the obligations under articles 33, 34 of the GDPR, insofar as a breach of personal data protection concerns Facebook Ireland’s obligations under the joint processing agreement.
Since personal data is transferred to the USA, further safeguards are required to ensure the data protection level of the GDPR. There is no adequacy decision by the EU Commission for the USA. The data transfer is based, among other things, on standard contractual clauses as appropriate safeguards for the protection of personal data, available at: HTTPS://WWW.FACEBOOK.COM/LEGAL/EU_DATA_TRANSFER_ADDENDUM. As an additional measure to the standard contractual clauses, Facebook has implemented the following technical and organizational measures to protect your data: https://www.facebook.com/legal/terms/data_security_terms
The “Facebook Custom Audiences” feature may be deactivated by logged-in users via this link and via the privacy settings in their browser.
8. Third parties
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers’ respective websites.
9. Security of personal data
We ensure appropriate security of the personal data we have received from you, in line with the applicable legal requirements and guidelines.
10. Retention period of personal data
We do not store your personal data longer than is necessary for the purpose of the data processing.
11. Where your personal data is processed
We process your personal data in the European Union / EEA. Your personal data will not be processed or passed on to other countries without appropriate safeguards in place to protect your data.
12. Who receives your data
We may use the services of third parties to process your data in accordance with this privacy statement. These third parties act as processors and we ensure that these parties offer sufficient guarantees with regard to technical and organizational security measures. Third parties who act as processor for us have entered into a processor agreement with us, which states, among other things, that they will only process your data on our behalf.
Your data can also be provided to third parties, because we have to perform an agreement with you or if this is necessary to fulfil the agreements with you. In addition, we provide your data to other parties that we need in the context of our services, for example lawyers or bailiffs.
Other than that, we will only provide data to third parties with your explicit consent or if it is obliged to do so on the basis of legislation and regulations, it is forced to do so as a result of a lawsuit and / or if it deems this necessary for the protection of our own interests and / or interests of third parties.
13. Changes to our policy
This privacy statement can be changed in the event of changes to our services or changes in privacy legislation. We will post any changes on this website. We will inform you personally of changes that apply to you, for example by sending you an e-mail.
14. How you can exercise your rights
You have a number of rights under privacy legislation (including the General Data Protection Regulation (GDPR). These rights are described in Articles 12 – 23 of the GDPR and related legislation. In any case, you have the following rights with regard to your personal data:
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
- The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
- The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
- The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you wish to exercise one or more of these rights, please contact us at firstname.lastname@example.org
15. Objection and right of complaint
We have processed certain of your personal data on the basis of our legitimate interests. You have the right to object at any time to the processing of your personal data on this basis. In that case, we will stop processing your personal data, unless there are compelling, legitimate reasons that make our processing interest greater than your interest to stop processing.
If you have a complaint about how we handle your data you can:
- Contact us: we will try to find a solution together with you.
- Submit a complaint: you have the right to submit a complaint to your local Data Protection Authority.
The responsibility for processing the personal data lies with:
360 Service Agency GmbH
c/o LISTAN GmbH
Wilhelm-Bergner-Straße 11 c