Privacy policy

The use of this website https://www.dpa.com  and other offers is associated with the processing of personal data (hereinafter also referred to simply as "data").we process your personal data (hereinafter also referred to as “data”). Therefore, we would like to provide you with an overview of the processing by means of the following information to ensure that you fully comprehend how and to what extent your personal data is processed by us. In addition, this privacy policy informs you about your rights under the EU General Data Protection Regulation (GDPR).

For our business contacts, our privacy policy for business contacts applies in addition. You can find this privacy policy at https://www.dpa.com/en/privacy-policy-of-the-dpa-group-for-business-contacts 

1. Controller / Contact

dpa Deutsche Presse-Agentur GmbH
Mittelweg 38
20148 Hamburg

Phone: +49 40 4113-0
Telefax: + 49 40 4113-32305
E-Mail: info@dpa.com

(hereinafter also referred to “we”, “us“ or “dpa”)

If you have any questions or suggestions regarding any data protection matter, including this privacy policy; or if you would like to contact us to exercise your data subject rights, please contact us using the contact details above.

2. Data Protection Officer

You may contact our data protection officer at

dpa Deutsche Presse-Agentur GmbH
Data Protection Officer
Mittelweg 38
20148 Hamburg
Germany

Email: datenschutz@dpa.com

3. Automated Data Processing

Whenever you access our website, your device automatically transmits data for technical reasons. These data are stored separately from other data, which you may transmit to us under certain circumstances:

  • browser type/ -version,

  • operation system used,

  • the website you access,

  • URL of the website visited prior to access (referrer-URL),

  • IP-address,

  • date and time of access; and

  • HTTP-status code.

The processing of these data is necessary to provide the website and the associated functions and services. This is also our legitimate interest, Art 6 (1)(f) GDPR.

In addition, your data are processed for the following purposes:

  • ensuring the security of our IT systems, e.g., to counter specific attacks on our systems and detect attack patterns; and

  • ensuring proper operation of our website and our IT systems, including error analysis and safeguarding the functionality of our website.

The processing is based on our aforementioned legitimate interests, Art 6 (1)(f) GDPR. Your IP address will be stored in truncated form for a period of up to two weeks.

4. Hosting

We use the services of a content management service provider to operate our website. This service provider processes your personal data on our behalf and in accordance with our instructions (within the meaning of Art 4 No 8, 28 GDPR).

5. Creating your Account / Login

In order to access certain services and features on our website, such as the direct download of whitepapers or our premium support, your registration and login with your dpa-ID is required.

Kindly note that the following privacy policy applies to the processing of your data in relation to your registration and use of the dpa-ID: https://sso.dpa-id.de/goto/privacy-policy-sso .

For your registration and/or login, it is mandatory that you provide the same email address and password that have been stored for your dpa-ID.

In addition, we automatically query the following information from the dpa-ID database:

  • your name and surname,

  • your business phone number,

  • name and address of the company you are working for; and

  • your profile picture or avatar (if any).

Based on the information stored in connection with your dpa-ID, we verify

  • whether you are a registered and authenticated user and

  • the date of your registration

and store the aforementioned data in your dashboard.

We process these data in order

  • to facilitate your access to the areas of our website that are open only to registered users and the associated services and

  • to set up, personalize and manage your dashboard for you.

The information is necessary to provide you with access to the area of our website that are open only to registered users and the services associated with it. The legal basis for the processing is Art 6 (1)(b) GDPR. The processing is necessary for the performance of the contractual relationship with you.

If you have uploaded a profile picture or avatar to your dpa-ID profile, we will also retrieve the respective profile picture or avatar from the dpa-ID database and display it within your dashboard. In this case, the legal basis for the processing is your consent, Art 6 (1)(a) GDPR. You can withdraw your consent at any time with effect for the future, by deleting your profile picture or avatar from your dpa ID profile at https://sso.dpa-id.de/goto/myprofile .

We also process the data which you have provided to log in for authenticating your login. Such processing is based on our legitimate interest to restrict the access to the areas of our website requiring registration to authenticated users only.

6. Processing of our Data when using the Website and the associated Services, Features and Functions

When you use our website and associated services, features and functions, we process your personal data to provide these services, features and functions.

When using such services, features and functions and/or certain settings, e.g. search and filter functions, download of whitepapers, manage content in your dashboard or apply language settings, we process such information and settings to provide the respective services, features and functions and settings that you have requested.

The processing is necessary to provide you with the respective services, features and functions, thus the legal basis for the processing is Art 6 (1)(b) GDPR.

7. Email Marketing, Newsletters and Tracking

For the distribution of marketing emails and newsletters, including email and newsletter tracking, we use the services of a newsletter mailing service provider. This service provider processes your personal data on our behalf and in accordance with our instructions (within the meaning of Art 4 No 8, 28 GDPR).

7.1 Marketing communication via email

If you have given your consent, you will receive from us advertisements and other marketing information by email about industry news, events, dates, awards, on the companies within the dpa-group  and their respective job offers, and promotion of their respective products and services related to editorial and informative content, including content (from planning up to media communication) and training offers, and regarding the dpa-ID service and the services available through the dpa-Marketplace, as well as invitations to customer and customer satisfaction surveys in relation to the products and services of the companies of the dpa-Group.

For this purpose, we process:

  • your salutation,

  • your name and

  • your email address.

7.2  Email and newsletter tracking

To measure the performance of our marketing emails and newsletters, these emails and newsletters contain tracking pixels (also called web beacons) that connect with the servers of dpa whenever an email and / or newsletter is opened by its recipient. This enables us to determine whether any marketing email or newsletter has been opened. In addition, our marketing emails and newsletters contain tracking links so that we can track which links you clicked on and to which of our websites or sub-pages you were redirected. We can also track how you interact with the content on our website, such as whether you download certain content, click on links to internal or external content, or open and / or submit forms.

In addition, technical information is collected as part of the tracking process (e.g., time of access, IP address, browser type, and operating system). This information is used solely for the statistical analysis of email and newsletter campaigns. We use the results of these analyses to better tailor future marketing emails and newsletters to the interests of our recipients.

7.3  Sharing your Data

The consent you have provided for receiving marketing emails and newsletters from dpa also includes the receipt of marketing emails and / or newsletters on the aforementioned topics from the following companies of the dpa-Group:

We will share the data you have provided in the context of your registration with these companies for these purposes.

7.4  Demonstration of consent

We verify your consent by means of the so-called double opt-in process which is meaning, that we will send an email to the email address you have provided to ask you to actively confirm your consent. We use the information on your submitted confirmation and the time of confirmation to document and demonstrate that you have provided your consent.

7.5  Legal basis and storage period

The legal basis for the receipt of marketing emails and / or newsletters, including email and / or newsletter tracking, from and / or by the aforementioned companies of the dpa-Group and the associated processing of your personal data is your consent, Art 6 (1)(a) GDPR. In this respect, the use of the pixels, including the resulting storage of information on your device as well as access to this information is likewise based on your consent, Sec 25 (1) of the German Act on the Regulation of Data Protection and the Protection of Privacy in Telecommunications and Telemedia (Gesetz zur Regelung des Datenschutzes und des Schutzes der Privatsphäre in der Telekommunikation und bei Telemedien "TTDSG"), Art 6 (1)(a) GDPR.

You can withdraw your consent at any time with effect for the future by using the opt-out or unsubscribe option provided in each respective marketing email or newsletter, by sending an email to unsubscribe@dpa.com or by contacting us at the contact details provided in sec 1. Furthermore, you can also withdraw your consent towards the other companies of the dpa-Group to which your consent relates by addressing your withdrawal to the contact details stated in sec 7.3.

The legal basis for the processing of your personal data for the purposes of the double opt-in as well as demonstration of your given consent is Art 6 (1)(c) GDPR in conjunction with Art 7 (1) GDPR. It is our legal obligation to demonstrate that you have provided your consent.

In this context, your data will be processed until the purpose of the processing no longer applies or you withdraw your consent. We store data to demonstrate your consent for as long as this is necessary to for this purpose, in any case for a period of three years.

8. Data Processing in the Context of Feedback-, Customer Surveys and Customer Satisfaction Surveys in Connection with Products and Services of the of the dpa Group Companies

Subject to that you have consented to receive marketing emails and / or newsletters (for further information, please refer to sec 7), we may invite you from time to time to participate in feedback, customer and / or customer satisfaction surveys regarding products and services and your use of those products and services (User Research).

Participation in these surveys is voluntary. If you decide to participate in these surveys, we will process the information you provide in these surveys. Unless we specifically ask for your consent (Art 6 (1)(a) GDPR) for the processing of your data, the processing of your data collected in the scope of the surveys is based on our legitimate interest (Art 6 (1)(f) GDPR) in obtaining customer feedback and optimising the products and services of the respective dpa group companies in order to ensure a high level of quality management and customer satisfaction.

Further information can be found in the privacy policies we provide to you, when inviting you to the respective customer and customer satisfaction surveys.

9. Offers/products delivered by e-mail

For the dispatch of offers or products delivered by e-mail, we or the relevant companies of the dpa Group use the services of a newsletter mailing service provider. This service provider processes your personal data exclusively on behalf of us or the dpa Group company concerned, i.e. only in accordance with corresponding instructions, see Art. 4 No. 8, 28 GDPR.

Your e-mail address and, if applicable, your title and name will be processed for sending.

The relevant product emails contain so-called tracking pixels (also known as web beacons), which connect to the dpa servers when the email is opened. This makes it possible to determine whether an e-mail has been opened and to count how often this happens.

The use of the counting pixel serves solely to analyse your product usage in order to check compliance with the contractually agreed scope of use and, if necessary, to bill or recalculate the contractual services.

The legal basis for data processing in the context of sending e-mails is contract fulfilment, Art. 6 para. 1 b) GDPR.

The legal basis for the use of the counting pixel and the associated processing of your personal data is the concerned dpa Group company's legitimate interest in measuring the scope of use to control the contractually agreed use, Art. 6 para. 1 f) GDPR. The counting pixel is therefore used without your consent in accordance with Section 25(2)(2) of the German Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia ("TTDSG") in order to be able to safeguard delivery within the scope of the contractually agreed scope of use.

Please note that for technical reasons every e-mail contains an unsubscribe link. If this link is clicked, the recipient stored in our e-mail system is automatically unsubscribed from the delivery. We would like to point out that this has no effect on the obligation to pay for ordered products and that it is the customer's responsibility to provide a deliverable e-mail address for delivery at any time.

In addition, our data protection information for business contacts at https://www.dpa.com/en/privacy-policy-of-the-dpa-group-for-business-contacts  also applies.

10. Making Contact (Inquiries regarding our Products and Services, Support Requests and other Inquiries)    

10.1   Contacting us via our contact forms

If you contact us using our contact forms to submit an inquiry regarding our products and services to us, we process

  • your name and surname,

  • information regarding the company you are working for,

  • your email address; and

  • time and date of your inquiry as well as any further information you provide us in such communication.

10.2  Support-request and further inquiries

If you contact us, using the contact details provided on our website, e.g., for support requests, our press contact details or by using our general contact details in sec 1 above, we process

  • your name,

  • time and date of your request/enquiry as well as any further information you provide us in such communication;

and, depending on the method of communication you choose and / or the contact information you provide:

  • your email address,

  • your phone number; and / or

  • your fax number; and / or

  • your address.

Whenever a request and / or inquiry is related to contracts, e.g., in connection with products, services or support requests, the processing is carried out for the purpose of pre-contractual steps or the performance of the respective contractual relationship.

If you contact us as an employee of the company you are working for, the legal basis for the processing is Art 6 (1)(f) GDPR, as the processing is necessary for the performance of the contractual relationship with the respective company. Therein also lies our legitimate interest. If you yourself are our contractual partner, the legal basis for the processing is Art 6 (1)(b) GDPR. In this case, the processing is necessary for the performance of the contractual relationship with you.

In all other cases, the processing is based on our legitimate interests in receiving and processing your inquiry, Art 6 (1)(f) GDPR.

11. CRM System

For the management of our customer relationships, in particular for the purpose of making contact through our sales department and for support provided by our customer service department, we store the personal data that you have provided to us in the course of your registration, your consent to receive marketing communications, including e-mail tracking, and/or in connection with your enquiries in our CRM system.

The processing is based on our legitimate interests in managing our customer relationships, Art 6 (1)(f) GDPR. Where we store your data in our CRM system in connection with your consent to receive marketing communications, including e-mail and newsletter tracking (sec 7), the processing is based on your consent, Art 6 (1)(a) GDPR. You can withdraw your consent at any time with effect for the future. Further information on how you can exercise your right to withdraw your consent and on the storage of data collected on the basis of your consent can be found in sec 7.5.

We use the services of an IT service provider for the operation of our CRM system as part of maintenance and support. This service provider processes personal data on our behalf, i.e. solely in accordance with our instructions, (see Art. 4 No. 8, 28 GDPR).

12. Embedded Content    

12.1 Embedded content of the dpa-shop

On our website, we have embedded content provided by dpa-infocom GmbH, Mittelweg 38, 20148 Hamburg, Germany (“dpa-infocom”). This content is loaded directly from the dpa-infocom servers, so that your device transmits certain data to dpa-infocom (your IP address, browser type / version, operation system, the website you previously visited, host name of the device accessing the content and the time of access). Your IP address is not stored by us for the provision of the embedded content. Further information on the processing of your personal data by dpa-infocom can be found at https://www.dpa-shop.com/datenschutzerklaerung/ .

12.2  Embedded content of the video platform dpa-video

In addition, we have embedded videos of our video platform dpa-video on our website. Your IP address is not stored by us for the provision of the embedded content.

The privacy policy of our video platform can be found at https://www.dpa-video.com/page/privacy .

12.3 Purposes and legal basis

Data processing in connection with embedding of content is based on our legitimate interest, to provide the respective content and features to our users in order to operate our website economically, Art 6 (1)(f) GDPR.

13. Applications

Via our website you have the possibility to find information on job vacancies at our company and / or other companies of the dpa-Group and to apply for vacant positions and / or send an initiative application to us or with other companies of the dpa-Group via email.

When applying for a vacancy at dpa, we are the controller for the corresponding processing of your personal data. If you apply for a vacancy at another company of the dpa Group, dpa and the hiring company will process your application data as joint controllers in accordance with Art 26 GDPR. The primary point of contact for the exercise of your data subject rights is dpa. To exercise your data subject rights, please use the contact details stated in this privacy policy.

Notwithstanding, you can contact the respective hiring company of the dpa-Group in case of any questions and / or to exercise your data subject rights towards this respective company. You can find the respective contact details at https://www.dpa.com/de/about-dpa/group. You can request further information, including the essential aspects of the joint controller agreement concluded between dpa and the other companies of the dpa-Group, by using our contact details mentioned in sec 1 above.

If you apply to us via e-mail, we will process

  • your name,

  • your email address,

  • any other contact details you provide,

  • the time and date of your application; and

  • the application documents provided by you, including the information contained therein.

In the course of your application process, we typically process further personal data, for example, if we take notes during an interview or if we have questions directed to you. We process your data in order to process your application and / or to decide on the establishment of an employment relationship with you.

We process the contact details you have provided in order to contact you, to address further questions concerning your application to you, to arrange an appointment for an interview and to inform you about the progress of the application process.

If you apply for a position at another company of the dpa-Group, we will transfer the data that you have provided us to that company for the aforementioned purposes.

The legal basis for the processing is Sec 26 (1), (3) Federal Data Protection Act (Bundesdatenschutzgesetz – “BDSG”).

You are not required to provide your personal data to us, neither by contract nor by law. Notwithstanding, the provision of your data, which are necessary for the receipt and processing of your application, is required for this purpose, for the application process and for the decision on the establishment of an employment relationship with you. If you do not provide us with the necessary personal data in connection with your application, we will not be able to consider your application.

Where we collect voluntary information in connection with your application, and you decide not to provide this information, this will not affect the application process or our decision to consider your application.

Should you take up a position with us after your application, the data will be stored for the time being and be transferred to your personnel file. You will receive specific information about the processing of your personal data in this context.

If we are unable to offer you a job, your application documents will be kept to the end of the application process in order to answer any queries in connection with your application. In addition, your data is stored in constellations, where the storage of your data is necessary for providing evidence, in particular for the defence, establishment or enforcement of legal claims (Art 6 (1)(f) or Art 9 (2)(f) GDPR).

Apart from that, we only store your application data based on your consent (if requested and provided), Art 6 (1)(a) GDPR in conjunction with Sec 26 (2) BDSG or Art 9 (3)(a) GDPR in conjunction with Sec 26 (2) BDSG, respectively. In that case, you can withdraw your consent at any time with effect for the future by addressing your withdrawal using the contact details provided in sec 1 above.

We then also store your consent as well as the time at which consent was provided in order to be able to demonstrate that we have obtained your consent. This processing is based on Art 6 (1)(c) in conjunction with Art 7 (1) GDPR. We store these data for a period of three years.

14. Matomo Analytics and Matomo Tag Manager

14.1  Matomo Analytics

We use the open source analysis service Matomo on our website for the statistical evaluation of visitor numbers and for analysis purposes. We host Matomo on our own servers and always use Matomo without cookies.

Matomo records the log files that are automatically generated when the website is accessed respectively the information automatically transmitted by your end device (device type, device model, screen resolution, operating system with version number, browser with version number, browser language, browser plug-ins, geolocation) and automatically assigns a randomly generated hash value as a visitor ID to you on this basis. The IP address automatically transmitted by your end device is immediately truncated during this process so that you as a user are not directly identifiable to us.

Matomo records and analyses your user behaviour on our website, including your individual interactions by using the randomly assigned hash value respectively your visitor ID. So, for example, from these data we can comprehend,in detail, from which website you came to us (referrer URL), at what time and for how long you visited our website, which of its functions you used and which individual pages and content you accessed. The usage information collected by Matomo (including your truncated IP address) is transmitted to our server and stored under the above-mentioned visitor ID.

The relevant hash value is only valid for 24 hours. This means that a new hash value or visitor ID is automatically assigned when you visit our website again thereafter. This means that we will then not be able to recognise you again and will not be able to merge the information collected during a new visit with data collected during a previous visit.

Furthermore, the information obtained via Matomo is stored on our own servers, is not merged with other information and is not transmitted to any third parties.

The data processing is necessary to safeguard our legitimate interest in analysing the reach of our website and gaining a better understanding of how it is used. The legal basis is Art. 6 para. 1 f) GDPR.

You can object to the website analysis and the associated processing of your data by Matomo by clicking here: Matomo Opt-out 

After your objection, a so-called opt-out cookie is stored in your browser. This enables Matomo to recognise that you have already objected when you visit our website again. Insofar as the use of the opt-out cookie is associated with the processing of personal data, this processing is based on Art. 6 para. 1 f) GDPR. The processing is necessary so that we can implement your objection in accordance with Art. 21 para. 1 GDPR. This is also our legitimate interest. Please note that you must object again if you visit our website with a different browser or delete the cookies stored on your device.

 

14.2  Matomo Tag Manager

We use the Matomo Tag Manager. The Matomo Tag Manager is a service with the help of which we integrate the Matomo Analytics service on our website. The Matomo Tag Manager is only used to manage and display the technologies integrated via it (using so-called tags). This means that the Matomo Tag Manager itself does not create any user profiles and does not carry out any independent analyses.

The Matomo Tag Manager therefore only enables tags to be triggered, which then record the information and data used via Matomo Analytics. The Matomo Tag Manager collects your IP address in order to establish a connection to the dpa servers.

The legal basis for the use of the Matomo Tag Manager is our legitimate interest in the efficient use of Matomo Analytics for evaluation and analysis purposes, Art. 6 para. 1 f) GDPR.

15. Our Social Media and Social Network Profiles

In addition to this website, we also operate pages or profiles on various social media platforms through which we present our company, provide information about our products and services, and communicate with our customers and prospects.

15.1  General Information

If you interact with us through our social media pages or our posts, we will collect and process the data you provide, including your username and any profile photos, including when you "like", share, comment, or provide other content. The collection of this data is carried out on the respective platform on which we maintain our social media presence. These processing activities are regularly carried out on the basis of our legitimate interest in providing the corresponding functions on our social media pages or social network pages (Art 6 (1)(f) GDPR), and, if applicable, based on your consent to the operator of the respective platform (Art 6 (1)(a) GDPR) or your contractual relationship with this respective operator (Art 6 (1)(b) GDPR). Please note that the content you provided will be published according to your account settings on our relevant social media pages or social network pages and can be accessed worldwide by anyone.

We may also process data to receive and process inquiries or messages via our social media pages or social network pages (Art 6 (1)(f) GDPR). If the inquiries are related to contracts, the processing is carried out to enable precontractual steps or the performance of the respective contractual relationship with you (Art 6 (1)(b) GDPR) or with the company for which you work (Art 6 (1)(f) GDPR). In the latter case, this also constitutes our legitimate interest.

In addition, the respective operators process personal data from you as independent controllers when you visit our social media pages or social network pages and/or interact with them or our posts.

Please note that content posted in community areas will be stored indefinitely. If you wish to remove content you have posted, you can delete it yourself at any time. Furthermore, you can contact us using the contact details mentioned under Sec 1 to request the deletion of content subject to our disposition within the platform functionalities. We will delete or anonymize your personal data as soon as it is no longer necessary for the purposes for which we collected or used it in accordance with the sections above.

15.2  Further processing of personal data of users (logged in and / or not logged in to the respective platform)

If you are logged in to the respective platform while visiting our social media pages or social network pages and interacting with our posts, e.g., by liking them, the operators of the platforms collect personal data from you. Even if you are not logged in with the respective platform, the operators collect certain personal data when you access the page, such as your IP address and other unique identifiers that are linked to your browser or your device. In addition, the operators collect pseudonymous usage data from you, such as how you interact with our social media pages or social network pages and the content provided on them (posts, videos, buttons, etc.).

15.3 Cookies and similar technologies

The operators of the respective platforms use cookies and similar technologies, e.g., to determine whether you are already logged in or registered as a user on the respective platform or in / to other products, apps and platforms of the operator. In addition, the operators of the respective platforms also use these technologies, in particular, to track your usage behaviour for profiling, analysis and marketing purposes. Your usage behaviour can also be tracked if you visit other websites and apps that embed products of the respective operators. For example, Meta Platforms can track your usage behaviour if you visit a website that embeds the "Like" button or other Facebook or Meta technologies. Please note, that the respective operators will also share these data with third parties.

Further information can be found in the cookie policies of the respective operators, to which we refer below.

15.4 Third country transfers

The respective operators of the platforms share your personal data within their corporate group as well as with other third parties. That sharing can entail that personal data are transferred to the U.S. and other third countries for which no adequacy decision of the EU Commission exists. In this case, the respective operators will rely on the standard data protection clauses adopted by the EU Commission in accordance with Art 46 (2)(c) GDPR, unless they can rely on a statutory exemption pursuant to Art 49 (1) GDPR. Further information can be found in the privacy policies of the operators listed below.

Please note that your data may be combined across different platforms and services if they are operated by the same operator. For example, both Facebook and Instagram are operated by Meta Platforms Ireland Limited (formerly Facebook Ireland Ltd.) for users outside the US and Canada. Further information can be found in the privacy policies of the respective operators, to which we refer below.

We maintain social media or social network pages on the following platforms:

15.5 X (formerly Twitter)

X (formerly Twitter) is operated by the Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland (“Twitter International”).

You can find the X-privacy policy at: https://twitter.com/en/privacy . The X-privacy policy also provides information on how to change your settings for your X-account.

Twitter International uses cookies and similar technologies. For more information, please refer to the X-cookie policy https://help.twitter.com/en/rules-and-policies/twitter-cookies . Information on how to manage your information processed on X can be found at https://help.twitter.com/en/managing-your-account  and at https://help.twitter.com/en/safety-and-security  as well as at https://twitter.com/settings/account/personalization .

We use X Analytics. As part of this feature, we receive from Twitter International anonymous information regarding the use of and interactions with our X-profile.

Using X Analytics, we can analyse the audience and interactions (likes, comments, retweets of posts) as well as certain characteristics, such as location data provided by users in their X-profile or tweets in an anonymised form. For these analyses, we can make use of certain settings or corresponding filters, selecting specific time periods or posts for our analysis as well as for the evaluation of specific characteristics, e.g., the locations and interests of our followers. These analyses allow us to evaluate and optimise the effectiveness of our X-activities. This is also our legitimate interest, Art 6 (1)(f) GDPR.

15.6  Instagram

For users outside the U.S. and Canada, Instagram is operated by Meta Platforms Ireland Limited (formerly Facebook Ireland Ltd.), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Meta Platforms”)

For information on how Meta Platforms processes your personal data, please refer to the Instagram privacy policy not only at https://help.instagram.com/519522125107875  but also at https://de-de.facebook.com/legal/terms/information_about_page_insights_data . There, you can also find information on your settings options for your Instagram account.

Meta Platforms uses cookies and similar technologies. For more information, please refer to Meta Platforms‘ and Instagrams’ cookie policies at https://www.facebook.com/policies/cookies/  and at https://help.instagram.com/1896641480634370?ref=ig .

Information on how to manage your information processed on Instagram can be found at https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/ .

In addition, as part of the operation of our Instagram page, we and Meta Platforms are joint controllers for so-called Instagram Insights. With the help of these Instagram Insights, Meta Platforms analyses the behaviour on our Instagram page and provides these data to us in an anonymized form. Using Instagram Insights, we can analyse the audience, page views, the time spent on (video) posts and interactions (likes, comments, sharing of posts), as well as by certain criteria, for example, by gender and location (as specified by the users in their respective Instagram profiles) in an anonymised form. For these analyses, we can make use of certain settings or corresponding filters, selecting specific time periods, posts or demographic groups (e.g., by age and gender). For more information, please refer to https://www.facebook.com/help/pages/insights .

For this purpose, we have entered into a joint controller addendum with Meta Platforms, which you can review at https://www.facebook.com/legal/terms/page_controller_addendum . In this addendum, Meta Platforms Ireland Limited agrees to assume primary responsibility under the GDPR for the processing of Instagram Insights data and to comply with all applicable obligations under the GDPR with respect to the processing of these Instagram Insights data.

This processing serves the legitimate interests we have in optimizing and curating our Instagram page to align with our users‘ needs, Art 6 (1)(f) GDPR.

15.7  Facebook

For users outside the U.S. and Canada, Facebook is operated by Meta Platforms Ireland Limited (formerly Facebook Ireland Ltd.), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Meta Platforms”).

For information on how Meta Platforms processes your personal data, please refer to the Instagram privacy policy not only at https://help.instagram.com/519522125107875  but also at https://de-de.facebook.com/legal/terms/information_about_page_insights_data . There, you can also find information on your settings options for your Facebook account.

Meta Platforms uses cookies and similar technologies. For more information, please refer to Meta Platforms‘ and Instagrams’ cookie policies at https://www.facebook.com/policies/cookies/ .

Information on how to manage your information processed on Facebook can be found at https://www.facebook.com/about/basics .

In addition, we and Meta Platforms are joint controllers for so-called Page-Insights data which are generated whenever you visit our Facebook Fan Page. With the help of these Page-Insights data, Meta Platforms analyses the behaviour on our Facebook Fan Page and provides these data to us in an anonymized form. Using page-insights data, we can analyse the audience, page views, the time spent on (video) posts and interactions (likes, comments, sharing of posts), as well as by certain criteria, for example, by age, gender and location (as specified by the users in their respective Facebook profiles) in an anonymised form. For these analyses, we can make use of certain settings or corresponding filters, selecting specific time periods, posts or demographic groups (e.g., by age and gender). For more information, please visit https://www.facebook.com/help/pages/insights .

For this purpose, we have entered into a joint controller addendum with Meta Platforms, which you can review at https://www.facebook.com/legal/terms/page_controller_addendum . In this addendum, Meta Platforms agrees to assume primary responsibility under the GDPR for the processing of Page-Insights data and to comply with all applicable obligations under the GDPR with respect to the processing of these Page-Insights data.

This processing serves the legitimate interests we have in optimizing and curating our Facebook fan page to align with our users’ needs, Art 6 (1)(f) GDPR.

15.8  TikTok

For users in the European Economic Area, Switzerland and the UK, TikTok is operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Irleand and TikTok Information Technologies UK Limited, 4 Lindsey Street, Barbican, London, EC1A 9HP, UK as joint controllers (jointly “TikTok”).  You can find TikTok’s privacy policy at https://www.tiktok.com/legal/page/eea/privacy-policy/en .

TikTok provides us with so-called TikTok Analytics for our TikTok profile. With the help of this analytics data, TikTok evaluates the behaviour and interactions of users on our TikTok profile and provides these data us in an anonymized form. Using TikTok Analytics, we can analyse and filter the audience, our follower development, profile and video views as well as the number of interactions (likes, comments, sharing of videos) within specific time periods in an anonymised form. In addition, we can also use the analytics data to set individual filters for each of our videos. This allows us to analyse and filter the number of views, actions (likes, comments, sharing of the video), the average duration spent viewing the video, and the proportion of users who have watched the entire video for specific time periods. This also includes information about where users discovered our videos (e.g., on our profile or in the For You Feed) and the regions our users come from.

TikTok Analytics provides further filter and analysis options that can be applied to our followers. For example, we can evaluate where our followers come from, at what times they are active and compare the development of our follower numbers.

With this information we can analyse and optimise the effectiveness of our TikTok activities. This processing serves our legitimate interests in optimising our TikTok activities, Art 6 (1)(f) GDPR.

15.9 LinkedIn

For users in the European Economic Area and Switzerland, LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn Ireland“). For information on how LinkedIn Ireland processes your personal data, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy . There, you can also find information on your settings options for your LinkedIn account.

LinkedIn Ireland uses cookies and similar technologies. For more information, please visit LinkedIn‘s cookie policies at https://www.linkedin.com/legal/cookie-policy  as well as the privacy policy at https://www.linkedin.com/legal/privacy-policy .

We use Page Insights. In this context, we receive anonymous information and analytics from LinkedIn Ireland about the use of our company page and interactions with our posts (e.g., clicks on customized buttons in our posts). We use this information to analyse and optimise the effectiveness of our LinkedIn activities. For this purpose, LinkedIn Ireland processes in particular data that you have provided to LinkedIn Ireland via the information in your profile. This includes, for example, information on job functions, country, industry, professional seniority, company size and employment status. In addition, LinkedIn Ireland will process information about whether you are a follower of our LinkedIn company page. We can filter this information according to the above demographic criteria.

In addition, we and LinkedIn Ireland are joint controllers for the Page Insights data, which are generated whenever you visit our LinkedIn page. For this purpose, we have entered into a joint controller addendum with LinkedIn Ireland, which you can review here: https://legal.linkedin.com/pages-joint-controller-addendum . In this addendum, LinkedIn Ireland agrees to assume primary responsibility under the GDPR for the processing of Page Insights data and to comply with all applicable obligations under the GDPR with respect to its processing of Page Insights data.

This processing serves the legitimate interests we have in optimizing and curating our LinkedIn page to align with our users‘ needs, Art 6 (1)(f) GDPR.

15.10 XING

XING is operated by New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. For information on how XING processes your personal data, please see the XING privacy policy at https://privacy.xing.com/en .

We receive anonymous information and analytics from New Work SE about the use of our company page and interactions with our posts. This information allows us to analyse and optimise the effectiveness of our XING activities. The processing that takes place in this respect is based on our legitimate interests in optimising our XING activities, Art 6 (1)(f) GDPR.

15.11 YouTube

For users in the European Economic Area and Switzerland, YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). You can find Google’s privacy policy at https://policies.google.com/privacy .

As your Google account may be in use for various different Google services (e.g., Gmail, Google Search), YouTube or Google, respectively, may combine your personal data relating to each Google service you use depending on the settings of your Google account.

Google uses cookies and similar technologies. For more information, please visit https://policies.google.com/technologies/cookies .

We use YouTube Analytics. As part of this function, we receive anonymous and aggregated information from Google about the users' interactions with our content provided on YouTube and the use of our YouTube channel.

YouTube Analytics allows us to anonymously evaluate the audience and popularity of our YouTube videos among subscribers and non-subscribers of our YouTube channel based on views and playback times of individual YouTube videos. In addition, we can analyse community posts and audience engagement based on "like" and "dislike" ratings and click rates. YouTube Analytics also enables us an evaluation according to target groups (e.g., by age and gender, regions and languages) and to compare these evaluations with data and online activities outside of our own YouTube channels.

This information allows us to analyse and optimise the effectiveness of our YouTube activities. The processing that takes place in this respect is based on our legitimate interests in optimising our YouTube activities, Art 6 (1)(f) GDPR.

15.12  Vimeo

Vimeo is operated by Vimeo.com , Inc., 330 West 34th Street, 5th Floor, New York, New York 10001, U.S. (“Vimeo”). You can find Vimeo’s privacy policy at https://vimeo.com/privacy .

Vimeo uses cookies and similar technologies. For more information, please visit https://vimeo.com/cookie_policy 

We receive non-personalised and aggregated information from Vimeo about user interactions with our videos provided on Vimeo. We can use this information to create anonymyzed analyses of the reach and popularity of our Vimeo videos. In particular, we can comprehend from this information how often our videos have been viewed and / or, if applicable, downloaded via our websites, as well as how popular the content of our videos is (e.g. number of likes and comments, average duration of views, number of users who have watched our respective videos to the end).

The data processing carried out in this respect serves our legitimate interests in the analysis of the reach as well as the optimisation and needs-based design of our Vimeo videos, Art. 6 para. 1 f) GDPR.

16. Further Processing of your Data

We will process the same data that we have collected for the purposes mentioned above also for the following purposes:

  • enabling criminal prosecution, averting of dangers and/or legal prosecution in any event of specific indications of a criminal offense;

  • providing evidence and for the establishment, exercise or defence of legal claims;

  • administrative purposes and internal business processes; and

  • compliance with our legal obligations.

The processing is based on our legitimate interests in maintaining our business activities, the performance of our tasks, the establishment, exercise or defence of legal claims, Art 6 (1)(f) GDPR or, as the case may be, based on our legal obligation, Art 6 (1)(c) GDPR.

17. Provision of your Personal Data

You are not required to provide your personal data to us, neither by contract nor by law. Notwithstanding, the provision of your personal data is necessary to access the areas of our website requiring registration and to use the associated services, features and functions. When not providing your personal data, it will not be possible to enter into the respective contract with us.

Further, the provision of your personal data is necessary, so that

  • we can administer and manage your dashboard;

  • we can provide you with the services, features and functions of our website that you have requested;

  • we can receive and process your inquiries regarding our products and services, and/or your support or other inquiries;

  • you can participate in customer and customer satisfaction surveys; and / or

  • you can communicate and interact with us on our social media and social network pages.

Where it is necessary to provide certain data to us, we will mark such data as mandatory items. Provision of any other data is voluntary. In the event that you do not provide mandatory data to us we will be unable to provide the relevant services and features to you.

In other cases, the consequence of you not providing your data may be that we will not be capable to provide the relevant features and services or the full usual scope of them.

18. Sharing of your Data

Except as set out in this privacy policy we will only share or otherwise disclose your personal data in the following events:

  • As necessary, to investigate any illegitimate use of our website, including any of its services, features and functions, we will share personal data with external consultants (e.g., lawyers), law enforcement agencies and, where applicable, with any third parties; in each case provided that specific indications for illegal or abusive conduct exist. Moreover, we will share your data as necessary to enforce our terms of use or for the establishment, exercise or defence of legal claims. Furthermore, we are required by law to provide information to certain public authorities upon their request, including law enforcement agencies, other authorities that prosecute regulatory offences which are subject to fines and fiscal authorities.

    Your personal data may also be shared by us with others if third parties make claims against us which include the disclosure of your data, particularly, without limitation, claims by data subjects who are exercising their rights under Chapter III of the GDPR.

  • Within our administrative processes, organization of our business operations, financial accounting activities, and in order to comply with legal obligations, such as archiving obligations, we may disclose or transfer your personal data to  fiscal authorities, consultants (such as tax advisors or auditors) and to payment -, postal and shipping service providers and similar providers.

  • Such transfer is based on our legitimate interest in the proper operation of our business, the performance of our obligations, establishing, exercising of or defending against claims, Art 6 (1)(f) GDPR, or ,as the case may be, a legal obligation according to Art 6 (1)(c) GDPR.

  • The legal basis for sharing your data is our legitimate interest in combating any misuse; in prosecuting criminal offences; and in securing, establishing and enforcing claims, Art 6 (1)(f) GDPR, or, as the case may be, a legal obligation, according to Art 6 (1)(c) GDPR.

  • For providing our services and related functionalities, we sub-contract (by agreement) certain services in whole or in part to third-party companies and third-party service providers (“processors” within the meaning of Art 4 No 8, 28 GDPR). In such event, we share your personal data with these processors for further processing on our behalf and in accordance with our instructions.

In addition to the processers that are specified in this privacy policy, we engage the following categories of processers:

  • IT service providers

  • Cloud service providers

  • Software service providers

When engaging processors in third countries, we will ensure that one of the following prerequisites will be met:

  • transfer to a third country for which an adequacy decision by the EU Commission exists according to Art 45 GDPR; or

  • we have agreed with the processor on the standard contractual clauses adopted by the EU Commission in accordance with Art 46 (2)(c) GDPR and implemented additional measures in compliance with the criteria of the European Court of Justice (Schrems II judgement).

For further information, including a copy of the standard contractual clauses, please contact us using the contact details set out in Sec 1 above.

  • Future development of our business may result in a change of our the company structure by means of a change of its legal form; by establishing, sale of, or acquisition of any subsidiaries, business units or corporate components. In the event of such transactions, personal data will be passed on, together with the portion of the business that will be transferred and we shall ensure that such data will be shared in accordance with applicable data protection law.

The legal basis for such sharing of personal data is our legitimate interest in changing the legal form and structure of our company in accordance with the economic and legal development, Article 6(1)(f) GDPR.

19. Deletion of your data

Unless set out otherwise in this privacy policy, we erase or anonymize your personal data when they are no longer required for the purposes for which we have collected and / or further processed them in accordance with this privacy policy. As a general rule, we will store your data for the duration of your usage of our website and / or the duration of the contractual relationship. Where we process your data based on your consent, such data will be deleted upon your withdrawal of consent; or at an earlier if such data are no longer required for the purpose for which we collected them.

We store your personal data for a longer period of time only to the extent:

  • that we are bound by law to retain your data, we will store your data throughout the time period prescribed by law (Art 6 (1)(c) GDPR). In particular, such legal obligations to store your data may result from retention periods under the “Handelsgesetzbuch” (Commercial Code) or the “Abgabenordnung” (German Fiscal Code). The retention period under these laws is regularly between 6 and 10 years, starting from the end of the year in which the relevant process or operation was completed, e.g., when we have fully processed your request.

  • the data is still needed for criminal prosecution or for the establishment, exercise of or defence against legal claims, which also explains our legitimate interest, Art 6 (1)(f) GDPR. In these cases, the data are stored until the corresponding process has been completed plus the statutory retention period.

If data must be retained for the purposes detailed above, processing will be restricted. The data will then no longer be available for any other use.

20. Your Rights

You have the rights set out below concerning the processing of your personal data. In addition to any options already described in this privacy policy, you may exercise your rights by sending a request by letter or e-mail using the contact details provided in Sec 1 above.

20.1  Right of access

Within the scope of Art 15 GDPR and § 34 Federal Data Protection Act (“BDSG”), you have the right to obtain from us, information on and access to the personal data that is being processed by us.

20.2  Right to rectification

You have the right to obtain from us the rectification of any inaccurate personal data concerning you.

20.3  Right to erasure

Under the prerequisites set out in Art 17 GDPR and § 35 BDSG, you have the right to obtain from us the erasure of personal data concerning you.

20.4  Right to restriction of processing

You have the right to obtain from us the restriction of processing pursuant to Art 18 GDPR.

20.5  Right to data portability

You have the right to receive from us the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format pursuant to Art 20 GDPR.

20.6  Right to Object

Pursuant to Art 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to any processing of personal data concerning you, that, inter alia, is based on Art 6 (1)(f) GDPR. We shall then no longer process your personal data, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise or defence of legal claims.

Where personal data are being processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. Upon your objection, we will no longer process your data for marketing purposes.

20.7  Withdrawal of consent

In accordance with Art 7 (3)(1) GDPR, you have the right to withdraw your consent at any time. Withdrawal of your consent does not affect the lawfulness of any processing that is based on your consent before your withdrawal.

21. Right to Lodge a Complaint

If you believe that the processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with a data protection authority.

22. Data Processed when you Exercise your Rights

Finally, we hereby advise, that we process the personal data transmitted by you, when you exercise your rights under Art 7 (3)(1) and Art 15 to Art 22 GDPR for the purpose of complying with these rights and to be able to demonstrate such compliance. Further, we will process your personal data to defend our legal position.

In this context your personal data is stored as long as necessary to demonstrate that we have fully and compliantly processed your data subject right request.

Such processing is based on our legal obligation according to Art 6 (1)(c) GDPR in connection with Art 7 (3)(1) and Art 15 to Art 22 GDPR and § 34 (2) BDSG. Insofar that we process your personal data to defend our legal position this also explains our legitimate interest, Art 6 (1)(f) GDPR.

You are not required to provide your personal data to us, neither by contract nor by law, notwithstanding, we may refuse to fulfil your request concerning your data subject rights pursuant to Art 12 (2)(2) GDPR if you do not provide us, though being requested to do so, with the data necessary for your identification.

23. Changes to this Privacy Policy

You can access the current version of this privacy policy at any time at https://www.dpa.com/en/privacy-policy .

Last updated: 11/2023