Your privacy is of high importance to us and we want to be open and transparent with our processing of your personal
how we use them.
You may reach our data protection officer under:firstname.lastname@example.org
2. Manner, purpose and scope of data collection and use
We treat all types of information listed below with special care.
a. Website visitors
Each time you visit our websites (with or without registration) or open a file on our websites, our servers automatically collect the following information from your web browser and store it in log files:
- version and type of your web browser
- operating system of your device
- name of website/file
- referrer URL (website you are coming from)
- amount of data transferred
- your IP address and internet access provider
- date and time.
We partly require this information for technical reasons, i.e. in order to be able to display our websites and ensure stability. We also use it for statistical purposes. In addition, we store IP addresses in log files in order to be able to pursue our rights and restore IT security in case of an attack against our IT (our legitimate interest; Art. 6 Sec. 1 (f) European General Data Protection Regulation, "GDPR"). With the exception of your IP address, it is not possible for us to connect the log files information to you as a person. We only use IP addresses in log files for identification of users in case of an attack. We delete IP addresses in log files after 2 weeks.
b. Customer contacts / Admin users
When you register your organization with us, we need information to set up and manage your organization's account. This information is provided by you and includes, for example, your name, your job title, the name of your organization, contact and payment details, as well as the contents of correspondence with you. We use this information to enter into and fulfil the agreement with your organization, reply to your requests and improve our services (Art. 6 Sec. 1 (b), (c) and (f) GDPR).
c. Application users
When you use our application, we process information about you in our role as data processor on behalf of your organization in its role as data controller, i.e. we process your personal data to the extent necessary for the performance of the contract with your organization. Such personal data may include information entered by you when you log into your account (for example, your name and email address), further personal data to identify yourself (for example, your date of birth, profession and/or job title), as well as your usage of the application, including the contents of the correspondence between yourself and others. Your organization is responsible for the processing of your personal data in the application. It may, for example, grant or withdraw access to a feature, access, analyze, modify, export, share and/or remove the data in the application and/or otherwise apply its policies to it. Please refer to your organization for further details.
d. Cookies and similar technologies
We use the following types of cookies:
We use Google Analytics, a web analytics tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“). We concluded a data processing agreement with Google for it.
The information about your usage of our websites collected by Google Analytics cookies is usually transferred to a Google server in the U.S. Our websites use the tool with the enhancement „anonymizeIp()“. As a consequence, IP addresses are shortened by Google prior to any further processing so that the information is not relating to you as an identified or identifiable natural person anymore. Your IP address is usually shortened within the European Economic Area, only in exceptional cases your full IP address will be transferred to the U.S. and shortened there. For such cases, Google is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. Google uses the information in order to analyse activities on our websites and provide statistical reports and related services to us (our legitimate interest; Art. 6 Sec. 1 (f) GDPR). The information will not be connected to other data stored by Google.
Google Analytics cookies are stored for 26 months, unless you delete them earlier or block them as described above. Furthermore, you may block Google Analytics cookies by downloading and installing the browser-add-on available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de. As an alternative, or on mobile devices, you may block Google Analytics by clicking upon the link below. In this case, an opt-out-cookie will be stored on your device which blocks Google Analytics when you visit our websites: https://tools.google.com/dlpage/gaoptout. Please note that you have to click upon this link again in case you deleted the cookies on your device.
You may find further information with respect to Google's terms and conditions as well as data protection under:
This website uses the Google AdWords service. This service has the purpose of so-called "conversion tracking", ie we can see what happened after you clicked on one of our ads. For this purpose, cookies are set, which have a limited validity and contain no personal data. A personal identification of the user is therefore not possible.
The legal basis for the use of the service is Art. 6 I f DS-GVO - legitimate interest. Our legitimate interest in using this service is to analyze and optimize the operation of our website.
Google Tag Manager
This website uses the "Google Tag Manager" service. The Tag Manager is a tool for managing so-called tags, which are used in tracking in online marketing. The Tag Manager itself processes no personal data, as it purely in the management of other services - for example, Google Analytics, etc. - serves.
For more information about Tag Manager, visit : https://www.google.com/intl/en/tagmanager/use-policy.html
We use the visitor action pixels from Facebook Inc. on our website. This allows user behavior to be tracked after they have been redirected to our website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads in your account-settings. Facebook is certified under the US-EU Privacy Shield Agreement and thus guarantees compliance with European data protection legislation.
LinkedIn Insight Tag
unipos.me uses the web analytics service “Amplitude”, provided by Amplitude Inc., to evaluate user access to the unipos.me website and the unipos.me app.
Unless the data subject grants their consent separately, the data collected with the technologies will not be used to identify the user personally nor will it be merged with personal data about the holder of the pseudonym. The information collected will be stored on a server in the United States.
The use is based on Art. 6 (1) sentence 1 (f) GDPR on the basis of our legitimate interest in analysing user behaviour in order to optimise our offer.
Information provided by the third-party provider: Amplitude Inc., 501 2nd Street, Suite 100, San Francisco, CA 94107, USA: https://www.amplitude.com/privacy.
You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.
e. Processing of personal data for other purposes
Should we ever intend to process your personal data for other purposes than that for which they have been collected (as
described above), we will inform you and ask for your consent, unless applicable data protection laws permit us to
perform such processing without such information and/or consent.
f. Retention periods
Unless specified otherwise in/according to the above, we delete your personal data when the contract between your
organization and us ended, all claims have been met and we are neither obliged to further store your data (for example,
due to statutory retention obligations) nor entitled to further store your data (for example, based upon consent).
3. Disclosure and transfer of personal data
We do not disclose or otherwise transfer personal information of users to any third party without the prior consent of
the users concerned except in the following situations:
- (1) We outsource a part of our work to a group company or a third party in order to provide the services of the websites
(IT outsourcings). In this case the recipient acts as our data processor within the meaning of Art. 28 GDPR.
- (2) We use services of third parties which are as such not part of our contractual services but still necessary in order to
enter into or perform the contracts with our customers or to pursue claims or to defend against claims (our legitimate
interests) and which require a disclosure/transfer of the data. Such third parties include advisors (in particular tax
and legal advisors), providers of logistics and postal services, payment and claims management providers, courts and
public authorities. In such case, the legal ground for disclosure/transfer is Art. 6 Sec. 1 b) c) or f) GDPR.
- (3) The disclosure/transfer is necessary for compliance with a legal obligation to which we are subject (Art. 6 Sec. 1 (c)
Please note: we are part of an international group of companies and disclosure/transfer of personal data according to
the above includes the following recipients in countries outside of the European Economic Area:
- (1) Unipos Inc. and, as the case may be, other group companies in Japan – Japan is recognized by the European Commission as a country providing an adequate level of data protection.
- With respect to Google and Pardot in the U.S., please see section 2.d. above.
We take special care to manage personal data collected from users appropriately and in accordance with Art. 32 GDPR in
order to avoid accidental or intentional manipulation, leakage, loss, or other such damage. We manage information that
can be used to identify a specific user such that it can only be accessed with a password known only by the user who
supplied the information, and passwords are stored in encrypted format. We also have ISO 27001 certifications.
necessary. Any changes made to the policy will be disclosed directly to users and/or posted on this webpage.
6. Links to third party websites / Third party services
Our websites may provide links to websites of third parties or enable or permit users to connect to third party
services. These websites or services are not owned or controlled by us. Please review the information such third
parties provide about their processing of personal data and contact them or organization for any questions you may have
in this regard.
If You subscribe to the Service, You agree that We may disclose the fact that You are Our customer. While these TOS are in effect,
You grant Us the right to reference Your company name, along with Your logo, in marketing materials and on Ourpublic web site until
such time as Your use of the Service is discontinued.
8. Your rights
According to Art. 15 to 23 GDPR, you have the following rights with respect to your personal data:
- Right to access the personal data we process about you
- Right to rectification of your personal data
- Right to erasure ("right to be forgotten")
- Right to restriction of processing
- Right to data portability
- Right to object: you have the right to object, on grounds relating to your particular situation, at any time to
processing of your personal data which is based on our legitimate interest, including profiling based on this. We shall
no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which
override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Where your
personal data are processed for direct marketing purposes, you have the right to object at any time to such processing,
which includes profiling to the extent that it is related to such direct marketing.
- To the extent we process your personal data based on your consent, you may withdraw such consent at any time. In such
case, we shall no longer process the personal data, unless we are obliged or entitled to further process the personal
data based on another legal ground.
- Furthermore, you have the right to lodge a complaint with a supervisory authority. A list of supervisory authorities in Germany and their contact details you may find under the following link:
Last updated: February 2019