Unipos
Go to Unipos
Privacy Policy

Your privacy is of high importance to us and we want to be open and transparent with our processing of your personal data. In this Privacy Policy we would like to inform you which kind of personal data we collect, for which purposes and how we use them.

1. Controller, data protection officer and scope of this Privacy Policy

"We" or "us" in this Privacy Policy refers to Unipos GmbH, Rheinsberger Str. 76/77,10115 Berlin, Germany.

You may reach our data protection officer under:contact@unipos.me

This Privacy Policy applies to the processing of personal data collected via our websites under https://unipos.me/en/ and we are the controller in this regard.

2. Manner, purpose and scope of data collection and use

We treat all types of information listed below with special care.

a. Website visitors

Each time you visit our websites (with or without registration) or open a file on our websites, our servers automatically collect the following information from your web browser and store it in log files:

  • version and type of your web browser
  • operating system of your device
  • name of website/file
  • referrer URL (website you are coming from)
  • amount of data transferred
  • your IP address and internet access provider
  • date and time.

We partly require this information for technical reasons, i.e. in order to be able to display our websites and ensure stability. We also use it for statistical purposes. In addition, we store IP addresses in log files in order to be able to pursue our rights and restore IT security in case of an attack against our IT (our legitimate interest; Art. 6 Sec. 1 (f) European General Data Protection Regulation, "GDPR"). With the exception of your IP address, it is not possible for us to connect the log files information to you as a person. We only use IP addresses in log files for identification of users in case of an attack. We delete IP addresses in log files after 2 weeks.

For our use of cookies or similar technologies, please see section d. below.

b. Customer contacts / Admin users

When you register your organization with us, we need information to set up and manage your organization's account. This information is provided by you and includes, for example, your name, your job title, the name of your organization, contact and payment details, as well as the contents of correspondence with you. We use this information to enter into and fulfil the agreement with your organization, reply to your requests and improve our services (Art. 6 Sec. 1 (b), (c) and (f) GDPR).

For our use of cookies or similar technologies, please see section d. below.

c. Application users

When you use our application, we process information about you in our role as data processor on behalf of your organization in its role as data controller, i.e. we process your personal data to the extent necessary for the performance of the contract with your organization. Such personal data may include information entered by you when you log into your account (for example, your name and email address), further personal data to identify yourself (for example, your date of birth, profession and/or job title), as well as your usage of the application, including the contents of the correspondence between yourself and others. Your organization is responsible for the processing of your personal data in the application. It may, for example, grant or withdraw access to a feature, access, analyze, modify, export, share and/or remove the data in the application and/or otherwise apply its policies to it. Please refer to your organization for further details.

For our use of cookies or similar technologies, please see section d. below.

d. Cookies and similar technologies

We use cookies on our websites. A cookie is a small piece of data (usually a code or a small image file) send from our websites and stored on your device by your web browser while you are browsing. It allows recognition of your device when you are browsing on different websites. You may generally block and also delete cookies via the settings of your web browser. Furthermore, when you visit our websites, a cookie banner will inform you about our usage of cookies and enable you to agree to or block them.

We use the following types of cookies:

  • Technical cookiesWe use cookies which are technically required in order to ensure smooth operation of our websites, for example, in order to ensure stability of our web services and enable a safe log-in. Cookies necessary for the services we provide with our application are covered by section c. above. Other cookies required for technical reasons are cookies which are neither collecting personal data nor being connected with personal data.

  • Analytical cookies Google Analytics

    We use Google Analytics, a web analytics tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“). We concluded a data processing agreement with Google for it.

    The information about your usage of our websites collected by Google Analytics cookies is usually transferred to a Google server in the U.S. Our websites use the tool with the enhancement „anonymizeIp()“. As a consequence, IP addresses are shortened by Google prior to any further processing so that the information is not relating to you as an identified or identifiable natural person anymore. Your IP address is usually shortened within the European Economic Area, only in exceptional cases your full IP address will be transferred to the U.S. and shortened there. For such cases, Google is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. Google uses the information in order to analyse activities on our websites and provide statistical reports and related services to us (our legitimate interest; Art. 6 Sec. 1 (f) GDPR). The information will not be connected to other data stored by Google.
    Google Analytics cookies are stored for 26 months, unless you delete them earlier or block them as described above. Furthermore, you may block Google Analytics cookies by downloading and installing the browser-add-on available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de. As an alternative, or on mobile devices, you may block Google Analytics by clicking upon the link below. In this case, an opt-out-cookie will be stored on your device which blocks Google Analytics when you visit our websites: https://tools.google.com/dlpage/gaoptout. Please note that you have to click upon this link again in case you deleted the cookies on your device.
    You may find further information with respect to Google's terms and conditions as well as data protection under:
    www.google.com/analytics/terms/de.html
    www.google.com/intl/de/analytics/privacyoverview.html
    https://policies.google.com/?hl=de

    Google Adwords

    This website uses the Google AdWords service. This service has the purpose of so-called "conversion tracking", ie we can see what happened after you clicked on one of our ads. For this purpose, cookies are set, which have a limited validity and contain no personal data. A personal identification of the user is therefore not possible.
    The legal basis for the use of the service is Art. 6 I f DS-GVO - legitimate interest. Our legitimate interest in using this service is to analyze and optimize the operation of our website.
    For more information and Google's privacy policy, please visit : https://www.google.com/policies/privacy/

    Google Tag Manager

    This website uses the "Google Tag Manager" service. The Tag Manager is a tool for managing so-called tags, which are used in tracking in online marketing. The Tag Manager itself processes no personal data, as it purely in the management of other services - for example, Google Analytics, etc. - serves.
    For more information about Tag Manager, visit : https://www.google.com/intl/en/tagmanager/use-policy.html

    Facebook Pixel

    We use the visitor action pixels from Facebook Inc. on our website. This allows user behavior to be tracked after they have been redirected to our website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads in your account-settings. Facebook is certified under the US-EU Privacy Shield Agreement and thus guarantees compliance with European data protection legislation.

    LinkedIn Insight Tag

    The LinkedIn Insight Tag is a piece of lightweight JavaScript code that we have added to our websites to enable in-depth campaign reporting and to help us unlock valuable insights about our website visitors. We use the LinkedIn Insight Tag to track conversions, retarget website visitors, and unlock additional insights about members interacting with our LinkedIn adverts. The LinkedIn Insight Tag enables the collection of metadata such as IP address information, timestamp, and events such as page views. All data is encrypted. The LinkedIn browser cookie is stored in a visitor's browser until they delete the cookie or the cookie expires. You can opt out of cookies from LinkedIn on your LinkedIn settings page and recommend you read their Cookie Policy for more information.

    Hubspot

    We use Hubspot to gain insight into - among other things - visitor flows, traffic sources and page views on our website, as well as email interaction such as opens and clicks. Entering information on our website (for example by filling out a form), downloading images in any of our newsletter or marketing emails, or clicking on a link in any of our newsletter or marketing emails, will cause you to be personally identified. This means we can see, for example, whether you open our email and whether you click through to our website, and what your website activities are. For more information, please refer to Hubspot’s Privacy Policy. If you wish to avoid this tracking, you can unsubscribe from our mailings and/or customize the settings of your browser so that it refuses cookies.

    Amplitude

    unipos.me uses the web analytics service “Amplitude”, provided by Amplitude Inc., to evaluate user access to the unipos.me website and the unipos.me app.
    Unless the data subject grants their consent separately, the data collected with the technologies will not be used to identify the user personally nor will it be merged with personal data about the holder of the pseudonym. The information collected will be stored on a server in the United States.
    The use is based on Art. 6 (1) sentence 1 (f) GDPR on the basis of our legitimate interest in analysing user behaviour in order to optimise our offer.
    Information provided by the third-party provider: Amplitude Inc., 501 2nd Street, Suite 100, San Francisco, CA 94107, USA: https://www.amplitude.com/privacy.

    Hotjar

    We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link. You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.

e. Processing of personal data for other purposes

Should we ever intend to process your personal data for other purposes than that for which they have been collected (as described above), we will inform you and ask for your consent, unless applicable data protection laws permit us to perform such processing without such information and/or consent.

f. Retention periods

Unless specified otherwise in/according to the above, we delete your personal data when the contract between your organization and us ended, all claims have been met and we are neither obliged to further store your data (for example, due to statutory retention obligations) nor entitled to further store your data (for example, based upon consent).

3. Disclosure and transfer of personal data

We do not disclose or otherwise transfer personal information of users to any third party without the prior consent of the users concerned except in the following situations:

  • (1) We outsource a part of our work to a group company or a third party in order to provide the services of the websites (IT outsourcings). In this case the recipient acts as our data processor within the meaning of Art. 28 GDPR.
  • (2) We use services of third parties which are as such not part of our contractual services but still necessary in order to enter into or perform the contracts with our customers or to pursue claims or to defend against claims (our legitimate interests) and which require a disclosure/transfer of the data. Such third parties include advisors (in particular tax and legal advisors), providers of logistics and postal services, payment and claims management providers, courts and public authorities. In such case, the legal ground for disclosure/transfer is Art. 6 Sec. 1 b) c) or f) GDPR.
  • (3) The disclosure/transfer is necessary for compliance with a legal obligation to which we are subject (Art. 6 Sec. 1 (c) GDPR).

Please note: we are part of an international group of companies and disclosure/transfer of personal data according to the above includes the following recipients in countries outside of the European Economic Area:

  • (1) Unipos Inc. and, as the case may be, other group companies in Japan – Japan is recognized by the European Commission as a country providing an adequate level of data protection.
  • With respect to Google and Pardot in the U.S., please see section 2.d. above.

4. Security

We take special care to manage personal data collected from users appropriately and in accordance with Art. 32 GDPR in order to avoid accidental or intentional manipulation, leakage, loss, or other such damage. We manage information that can be used to identify a specific user such that it can only be accessed with a password known only by the user who supplied the information, and passwords are stored in encrypted format. We also have ISO 27001 certifications.

5. Changes to the Privacy Policy

We will conduct appropriate reviews of this Privacy Policy and will work to continuously improve it and revise it as necessary. Any changes made to the policy will be disclosed directly to users and/or posted on this webpage.

6. Links to third party websites / Third party services

Our websites may provide links to websites of third parties or enable or permit users to connect to third party services. These websites or services are not owned or controlled by us. Please review the information such third parties provide about their processing of personal data and contact them or organization for any questions you may have in this regard.

7. Publicity

If You subscribe to the Service, You agree that We may disclose the fact that You are Our customer. While these TOS are in effect, You grant Us the right to reference Your company name, along with Your logo, in marketing materials and on Ourpublic web site until such time as Your use of the Service is discontinued.

8. Your rights

According to Art. 15 to 23 GDPR, you have the following rights with respect to your personal data:

  • Right to access the personal data we process about you
  • Right to rectification of your personal data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object: you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on our legitimate interest, including profiling based on this. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Where your personal data are processed for direct marketing purposes, you have the right to object at any time to such processing, which includes profiling to the extent that it is related to such direct marketing.
  • To the extent we process your personal data based on your consent, you may withdraw such consent at any time. In such case, we shall no longer process the personal data, unless we are obliged or entitled to further process the personal data based on another legal ground.
  • Furthermore, you have the right to lodge a complaint with a supervisory authority. A list of supervisory authorities in Germany and their contact details you may find under the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Last updated: February 2019