Last updated: September 12, 2024
The protection of personal data is an important concern for Ramblr GmbH (hereinafter referred to as “Ramblr”, “us”, “our” or “we”). Your personal data as a website user (hereinafter referred to as “You” and “Your”) is processed in compliance with the applicable data protection provisions, in particular the General Data Protection Regulation (GDPR).
When You use this website, various personal data is collected. “Personal data” is data that can be used to identify You personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
Responsible for the processing of Your data is:
Ramblr GmbH
Kagerbauerstraße 46
82049 Pullach im Isartal
Germany
(“Controller”)
Email: info@ramblr.ai
Website: https://www.ramblr.ai
Commercial register number: HRB 270115
Registration Court: Amtsgericht München
Our Legal & Compliance Department will be happy to answer any questions You may have on data protection issues. They can be reached:
- by our above-mentioned business address with the addition of "Privacy" or
- by e-mail: privacy@ramblr.ai.
General information
Storage period
Unless a more specific storage period is specified in this privacy policy, Your personal data will remain with us until the purpose for which the data processing ceases to apply. If You make a legitimate request for deletion or withdraw consent to data processing, Your data will be deleted, unless we have other legally permissible grounds for storing Your personal data (e.g. retention periods under tax or commercial law); in the latter case, the deletion will take place after these reasons have ceased to exist.
Legal basis of data processing
If You have consented to data processing, we process Your personal data on the basis of Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, insofar as special categories of data are processed in accordance with Art. 9 (1) GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 (1) (a) GDPR. If You have consented to the storage of cookies or to the access of information in Your device (e.g. via device fingerprinting), data processing is also carried out on the basis of §25 (1) TTDSG. Consent can be revoked at any time. If Your data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, we process Your data on the basis of Art. 6 (1) (b) GDPR. Furthermore, we process Your data insofar as it is necessary for the fulfilment of a legal obligation on the basis of Art. 6 (1) (c) GDPR. Data processing may also be carried out on the basis of our legitimate interest in accordance with Art. 6 (1) (f) GDPR. Information on the relevant legal bases in each individual case is provided in the following paragraphs of this privacy policy.
SSL or TLS encryption
We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) may have security gaps. It is not possible to completely protect the data from access by third parties.
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that You send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address bar of the browser is
"http://" changes to "https://" and click on the lock icon in Your browser line.
If SSL or TLS encryption is activated, the data You transmit to us cannot be read by third parties.
Recipients of personal data
We only pass on personal data to external bodies if this is necessary in the context of the performance of a contract, if we are legally obliged to do so (e.g. disclosure of data to tax authorities), if we have a legitimate interest in the disclosure in accordance with Art. 6 (1) (f) GDPR or if another legal basis permits the data transfer. When using processors, we only pass on personal data of our customers on the basis of a valid contract for order processing. In the case of joint processing, a joint processing agreement is concluded.
Data transfer to third countries that are not secure under data protection law and the transfer to US companies that are not certified based on EU-US Data Privacy Framework (DPF).
We use, among other technologies, tools from companies located in third-party countries (outside of EU or European Economic Area (EEA)) that are not safe under data protection law, as well as US tools whose providers are not certified under the DPF. If these tools are enabled, Your data may be transferred to and processed in these countries. We would like You to note that no level of data protection comparable to that in the EU can be guaranteed in third countries that are insecure in terms of data protection law.
We would like to point out that the US, as a secure third-party country, generally has a level of data protection comparable to that of the EU. Data transfer to the US is therefore permitted if the recipient is certified under the DPF or has appropriate additional assurances.
Your rights as a data subject
You have extensive rights with regard to the processing of Your data.
Right to information
You have the right to information about the data stored by us, in particular, for what purpose the processing is carried out and how long the data is stored (Art. 15 GDPR). This right is limited by the exceptions of Section 34 of the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), according to which the right to information does not apply in particular if the data is stored only due to legal retention requirements or for data security and data protection control, the provision of information would require a disproportionate effort and misappropriation of the data processing is prevented by appropriate technical and organizational measures.
Right to rectify inaccurate data
You have the right to request the rectification of Your data without delay if it should be inaccurate (Art. 16 GDPR).
Right to erasure
You have the right to request the erasure (Art. 17 GDPR) of Your data. These conditions exist in particular if a) the respective processing purpose has been achieved or otherwise ceases to apply, b) we have processed Your data unlawfully, c) You have revoked a consent without the data processing may not be continued on another legal basis, d) You successfully object to the data processing, or e)the obligation to delete Your data based on the law of the EU or an EU member state, to which we are subject, exists. This right is subject to the restrictions set out in Section 35 BDSG, according to which the right to erasure may be waived, in particular if, in the case of non-automated data processing, there is a disproportionate effort for erasure and Your interest in erasure is to be regarded as low.
Right to restriction of processing
You have the right to request restriction of the processing of Your data (Art. 18 GDPR). This right exists in particular if a) the accuracy of the data is disputed, b) You request restricted processing instead of erasure under the conditions of a legitimate request for erasure, c) the data is no longer necessary for the purposes pursued by us, but You need the data to assert, exercise or defend legal claims or d) the success of an objection is still disputed.
Right to data portability
You have the right to obtain Your data that were provided to us in a structured, common, machine-readable format (Art. 20 GDPR), if the data has not already been deleted.
Right to object
You have the right to object to the processing of Your data at any time on grounds relating to Your particular situation (Art. 21 GDPR). We will stop processing Your data unless we can demonstrate compelling legitimate grounds for the processing which outweigh Your interests, rights, and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.
According to Art. 7 (3) GDPR, You have the right to revoke Your consent at any time. The revocation does not affect the lawfulness of the processing carried out on the basis of the previous consent. The only consequence of the revocation is that we may no longer continue the data processing based on this consent for the future. However, please note that we may not be able to provide certain services or additional services if we are not able to process the data required for this purpose.
Right in relation to automated decision making
You have the right (Art. 22 GDPR) not to be subject to automated decision making, including profiling, that has legal consequences or similar significant effects for You. We do not use automated decision making or profiling.
Right to complain to the supervisory authority
You have the possibility to contact the above-mentioned data protection officer (if appointed) or a data protection supervisory authority if You believe that the processing of Your data violates the GDPR.
External hosting
Our homepage (www.ramblr.ai) and webpages are hosted externally. The personal data collected on these websites is stored on the servers of the hosters. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.
External hosting is provided for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast and efficient provision of our online services by a professional provider (Art. 6 (1) (f) GDPR). If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR and §25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Our host(s) will or will process Your data only to the extent necessary to fulfil its performance obligations and to follow our instructions with regard to this data.
We use the following hosters.
GoDaddy Deutschland GmbH
Hansestr. 111, 51149 Köln, Germany
Telephone: +49 89 21 094 807
Google Cloud EMEA Limited
Velasco
Clanwilliam Place
Dublin 2
Ireland
We have concluded data processing addendums (DPA) for the use of the above-mentioned services. A DPA is a contract required by data protection law that ensures that the personal data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.
Data collection
Website visit
Each time You access our websites, Your browser automatically transmits data that is stored in the server’s log files. These are the following data ("log files data"):
- Browser type and browser version;
- Name und URL of the accessed file;
- Date and time of the server request;
- Report about successful access (HTTPS response code);
- Operating system in use;
- Referrer URL;
- Websites that are accessed by the user’s system via our website;
- Internet service provider of the user and
- IP-address (anonymized) and the requesting provider.
We analyse log files data anonymously to continuously improve the website, to adapt the website to the interests of our users and to improve errors more quickly. These purposes are also our legitimate interest in data processing according to Art. 6 (1) (f) GDPR.
In non-anonymised form, log files data is used exclusively to identify malfunctions and to ensure system security, including the detection and tracking of unauthorized access attempts and fraud.
Ramblr Web Tools
Web tools access
You have the possibility to log into our Demo Environment and other controlled-access web-based tools, e.g., app.[demo/prod].ramblr.de and annotate.[demo/prod].ramblr.de, (together the “Ramblr Web Tools”) by entering certain personal data. Which personal data You transmit to us is determined by the respective input mask used for the log-in process (e.g., name, email address, job title, company name).
By submitting your data, the IP address—assigned by the Internet service provider (ISP) and used by You —date, and time of the registration are also stored. The storage of this data takes place to prevent the misuse of our services, and, if necessary, to make it possible to investigate committed offenses. Insofar, the storage of this data is necessary to secure our online environment. Beyond what is stated herein, Your data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.
Your voluntary log-in and Your provision of personal data enable us to offer You content or services that may only be offered to registered users due to the nature of the matter in question (e.g., proprietary video content or subscription service). Furthermore, we may use Your personal data to contact You directly with personalized offers for goods and services. We may also use such personal data for internal analytics - to determine interest from companies and industries for our products and services, to assess how users use the website, how frequently they visit and for how long. This processing may involve assessing patterns, trends, and preferences to identify potential business opportunities and enhance our product and services portfolio.
The processing of Your personal data is conducted on the legal basis of Art. 6 (1) (a) GDPR (Your consent) and Art. 6 (1) (f) GDPR, which allows for the processing of personal data for our legitimate interests, including the analysis and improvement of our commercial offerings, ensuring the relevance and effectiveness of our promotional activities, and enhancing the overall user experience. Any impact on Your privacy is carefully considered within the framework of GDPR.
Registered users are free to change the personal data specified during the log-in at any time, or to request erasure. We shall, at any time, provide information upon request to You as to what personal data are stored. In addition, we shall correct or erase personal data at Your request or indication, insofar as there are no statutory storage obligations. However, it's important to note that in certain circumstances, fulfilling such requests may impact the accessibility or functionality of Your access to our Ramblr Web Tools.
Third-party services
Hosting
Ramblr Web Tools are hosted and maintained on third-party cloud services, including Google Cloud and Microsoft Azure. These services are essential for the development, production, and testing environments of our software tools. The data collected is primarily used for providing services related to user access, internal statistical purposes, and ensuring tool functionality. This includes monitoring user activity, project assignments, and ownership within the system. Personal data such as IP addresses, names, and email addresses may be collected as part of logging user activity within the tools. This data allows administrators to assign projects, track user contributions, and maintain accurate project records.
Both Google Cloud and Microsoft Corporation ensure that all data is processed and stored within EU data centers, in full compliance with the GDPR and the EU-U.S. Data Privacy Framework.
The Microsoft Services Agreement is linked under “Terms of Use” on the log-in page. For further details on the privacy policy of Microsoft Azure, please read:
For more information on Google Cloud’s privacy policies, see here:
https://cloud.google.com/privacy?hl=en.
Performance analytics
Regarding Ramblr Web Tools, we use New Relic for performance monitoring and analytics. New Relic collects login information, IP addresses, and other metrics related to the usage and performance of our systems. The information collected is used for performance analytics, system monitoring, and ensuring the efficient functioning of our Ramblr Web Tools. New Relic may temporarily process Your IP address to derive Your city and state for analytics purposes. However, IP addresses are subsequently discarded after processing. Additionally, New Relic's agents do not collect any personal data by default for metrics, events, and traces. Custom configurations of New Relic’s services that involve personal data transmission are fully controlled by us, and we ensure such configurations adhere to strict data privacy and security standards. New Relic stores data within EU data centers, ensuring compliance with applicable GDPR regulations. For more information, please refer to New Relic’s Terms and GDPR FAQ: https://newrelic.com/termsandconditions/gdprfaq.
Other than as outlined above, the personal data provided directly or indirectly by You to Ramblr Web Tools is collected and stored for our internal use and not passed on to third parties.
Restrictions on Your web tools use
To access certain features of the Ramblr Web Tools, users may send content to us in accordance with the applicable terms of use so we can provide the services. Unless otherwise stated or agreed by us in writing (e.g., in a quote, purchase order or other commercial contract), it is strictly prohibited to send restricted information, including personal data, as content to the Ramblr Web Tools. You are solely responsible, and Ramblr will have no liability, for all personal data sent to us in contravention of the applicable terms of use. Ramblr reserves the right, but has no obligation, to delete user materials and output alleged to be infringing from user’s account. If You upload or send personal data in violation of our applicable terms of use, we may process and store this data to provide services to You based on your consent (Article 6(1)(a) GDPR) and the following legal grounds:
- Performance of a Contract (Article 6(1)(b) GDPR): Processing Your personal data may be necessary to address a breach of our Terms of Use and to otherwise provide products and services to You.
- Compliance with Legal Obligations (Article 6(1)(c) GDPR): We may need to process and store personal data to comply with our legal obligations. This includes obligations to report unlawful activities to the relevant authorities.
- Legitimate Interests (Article 6(1)(f) GDPR): We may process and store personal data to pursue our legitimate interests, provided these interests are not overridden by Your rights and freedoms. Our legitimate interests include:
- Ensuring Website Security: Preventing misuse of our website and protecting against fraud and cyberattacks.
- Legal Claims and Defense: Managing and defending any legal claims or disputes that may arise from the misuse of our website.
- Legal Action: Ramblr reserves the right to take appropriate legal action against violations of our Terms of Use.
Contact by email, telephone or fax
If You contact us by e-mail, telephone or fax, we will store and process Your enquiry, including all personal data (name, enquiry) for the purpose of processing Your request. We will not pass on this data without Your consent.
The processing of this data is carried out on the basis of Art. 6 (1) (b) GDPR, provided that Your enquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 (1) (f) GDPR) or on Your consent (Art. 6 (1) (a) GDPR), if this has been requested; the consent can be revoked at any time.
The data You send to us via contact requests will remain with us until You request us to delete it, revoke Your consent to storage or the purpose for which the data is stored no longer applies (e.g. after Your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
Newsletter subscription
On our main website, users are given the opportunity to subscribe to our newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter is ordered from us.
Ramblr informs its customers and business partners regularly by means of a newsletter about our offers. Our newsletter may only be received by You if (1) You have a valid e-mail address and (2) You register for the newsletter shipping. A confirmation e-mail will be sent to the e-mail address registered by You for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.
During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by You at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of Ramblr.
The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. The subscription to our newsletter may be terminated by You at any time. The consent to the storage of personal data, which the data subject has given for shipping the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on our website, or to communicate this to us in a different way.
CleverReach
To enable newsletter sign-ups on our website, we utilize the services of a third-party provider: CleverReach GmbH & Co. KG, CRASH Building, Schafjückenweg 2, 26180 Rastede, Germany.
Based on our legitimate interest in effective and user-friendly newsletter marketing, we transfer the data provided during newsletter registration pursuant to Art. 6 (1) (f) GDPR to this provider so that they can handle the newsletter dispatch on our behalf.
Subject to Your explicit consent pursuant to Art. 6 (1) (a) GDPR, the provider also conducts a statistical evaluation of the success of newsletter campaigns using web beacons or tracking pixels in the emails sent, measuring open rates and specific interactions with the newsletter content. In this process, device information (e.g., time of access, IP address, browser type, and operating system) is collected and evaluated but not merged with other data sets.
You can revoke Your consent to newsletter tracking at any time with effect for the future.
We have entered into a data processing agreement with the provider, which protects the data of our site visitors and prohibits the disclosure to third parties.
There will be no transfer of personal data collected by the newsletter service to third parties.
Newsletter Tracking
Our newsletter contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, we may see if and when an e-mail was opened by You, and which links in the e-mail were called up by You.
Such personal data collected in the tracking pixels contained in the newsletters are stored and analysed by us in order to optimize the shipping of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject. These personal data will not be passed on to third parties. You are at any time entitled to revoke the respective separate declaration of consent issued by means of the double-opt-in procedure. After a revocation, these personal data will be deleted by us. Ramblr automatically regards a withdrawal from the receipt of the newsletter as a revocation.
Sending advertising
If You are our customer, we may send You information about campaigns, offers and our products in written communications. In this manner, we provide You information on subjects that You may be interested in. This is a special form of direct marketing that intensifies the relationship with customers by providing them with exclusive information.
The legal basis is Art. 6 (1) (f) GDPR. If a corresponding consent has been requested, the processing is exclusively based on Art. 6 (1) (a) GDPR; the consent can be revoked at any time.
You may object to the sending of advertising at any time. A notification in text form using the contact data (e.g. email, fax, letter) mentioned above is sufficient for this purpose. Your data will remain with us until the purpose for processing the data no longer applies.
Privacy policy for applicants (recruiting)
Further information on the application process (employment, internships, etc.) can be found in the separate Recruitment Privacy Policy:
https://ramblr.jobs.personio.com/privacy-policy/
Integration of Third-Party Services
AI chat assistant
Some of our services, such as the Ramblr Web Tools, feature an AI chat assistant or chatbot powered by a third-party Large Language Model, currently OpenAI’s ChatGPT. If you choose to use this feature, please be aware that any personal data you voluntarily provide the tool during the interaction will be processed in accordance with the privacy policy of the third-party service.
Third Party Offerings: https://ramblr.ai/third-party-offerings
We recommend that you review the provider's privacy policy to understand how your personal data will be handled.
Google Analytics
On our websites, we have integrated the component of Google Analytics (with the anonymizer function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising.
The operator of the Google Analytics component is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
For the web analytics through Google Analytics, Ramblr uses the application "_gat. _anonymizeIp". By means of this application the IP address of the Internet connection of the data subject is abridged by Google and anonymised when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyze the traffic on our website. Google uses the collected data and information, inter alia, to evaluate the use of our website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us.
Google Analytics places a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google is enabled to analyze the use of our website. With each call-up to one of the individual pages of this Internet site, which is operated by Ramblr and into which a Google Analytics component was integrated, the Internet browser on the information technology system of the data subject will automatically submit data through the Google Analytics component for the purpose of online advertising and the settlement of commissions to Google. During the course of this technical procedure, the enterprise Google gains knowledge of personal information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements.
The cookie is used to store personal information, such as the access time, the location from which the access was made, and the frequency of visits of our website by the data subject. With each visit to our Internet site, such personal data, including the IP address of the Internet access used by the data subject, will be transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.
The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.
In addition, the data subject has the possibility of objecting to a collection of data that are generated by Google Analytics, which is related to the use of this website, as well as the processing of this data by Google and the chance to preclude any such. For this purpose, the data subject must download a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This browser add-on tells Google Analytics through a JavaScript, that any data and information about the visits of Internet pages may not be transmitted to Google Analytics. The installation of the browser add-ons is considered an objection by Google. If the information technology system of the data subject is later deleted, formatted, or newly installed, then the data subject must reinstall the browser add-ons to disable Google Analytics. If the browser add-on was uninstalled by the data subject or any other person who is attributable to their sphere of competence, or is disabled, it is possible to execute the reinstallation or reactivation of the browser add-ons.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under https://www.google.com/analytics/terms/us.html . Google Analytics is further explained under the following Link https://www.google.com/analytics/.
Social media
We maintain publicly accessible profiles on social networks. You can find the social networks we use in detail below. The social media icons presented on our website are links. This means that Your data on our website is not processed by the social media providers. If You click on the "plug-ins", You will be redirected to our respective social media presence. Social networks such as Facebook, Instagram, etc. can usually comprehensively analyse Your user behaviour when You visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media accounts causes many processing operations that are relevant to data protection.
In detail
If You are logged into Your social media account and visit our social media presence, the provider of the social media portal can allocate this visit to Your user account. However, Your data may also be collected if You are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on Your device or by recording Your IP address.
By collecting data, the providers of the social media portals can create user profiles in which Your preferences and interests are stored. Thus, demand-driven advertising can be displayed to You inside and outside the respective social media presence. If You have an account with the respective social network, the interest-based advertising may be displayed on all devices on which You are or were logged in.
Please also note that we are not able to track all processing on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media provider.
Legal basis of processing
Our social media presences are designed to ensure the broadest possible presence on the internet. This complies with our legitimate interest according to Art. 6 (1) (f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be stated by the respective social providers (e.g. consent according to Art. 6 (1) (a) GDPR).
Data Controller and enforcement of rights
If You visit one of our social media websites (e.g. Instagram), please take note that we are jointly responsible with the provider of the social media platform for the data processing resulting from this visit. In principle, You can assert Your claims (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Meta).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our possibilities are significantly determined by the company policy of the respective provider.
Storage period
The data directly collected by us via the social media presence will be deleted from our system as soon as the purpose for storing it no longer applies, You request us to delete it, revoke Your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on Your terminal device until You delete them. Binding legal conditions - in particular retention periods and limitation periods - will remain unaffected. We have no influence on the storage period of Your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the social media provider directly (e.g. in their privacy policy, see below).
Our social networks in detail
Functions of the Instagram service are integrated into this website. These features are provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When the social media element is active, a direct connection is established between your device and the Instagram server. As a result, Instagram receives information about your visit to this website.
If you are logged in to your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to assign your visit to this website to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.
Insofar as consent has been obtained, the use of the above-mentioned service is based on Art. 6 (1) (a) GDPR and § 25 TTDSG. Consent can be revoked at any time. Insofar as consent has not been obtained, the use of the service is based on our legitimate interest in the widest possible visibility on social media.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its disclosure to Facebook or Instagram. The processing carried out by Facebook or Instagram after the transfer is not part of the joint responsibility.
The joint obligations incumbent on us have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum . According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the data protection-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook and Instagram products. You can assert your rights as a data subject (e.g. request for information) with regard to the data processed by Facebook or Instagram directly from Facebook. If you assert your rights as a data subject with us, we are obliged to forward them to Facebook.
The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum
https://privacycenter.instagram.com/policy/
and
https://de-de.facebook.com/help/566994660333381.
You can find more information about this in Instagram's privacy policy: https://privacycenter.instagram.com/policy/.
The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the United States. Every company certified under the DPF is committed to complying with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active .
YouTube
This website embeds videos from the YouTube website. The website is operated by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
When You visit one of our websites on which YouTube is integrated, a connection to YouTube's servers is established. In doing so, the YouTube server is informed which of our pages You have visited.
Furthermore, YouTube may store various cookies on Your device or use comparable technologies for recognition (e.g., device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts.
If You are logged in to Your YouTube account, You allow YouTube to assign Your surfing behavior directly to Your personal profile. You can prevent this by logging out of Your YouTube account.
The use of YouTube is in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
For more information on the handling of user data, please refer to YouTube's privacy policy at: https://policies.google.com/privacy?hl=de.
The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the United States. Every company certified under the DPF is committed to complying with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.
Ramblr has integrated components of the LinkedIn Corporation on its website. LinkedIn is a web-based social network that enables users with existing business contacts to connect and to make new business contacts.
The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, UNITED STATES. For privacy matters outside of the UNITED STATES LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.
With each call-up to one of the individual pages of its website, which are operated by Ramblr and on which a LinkedIn component (LinkedIn plug-in) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to the download of a display of the corresponding LinkedIn component of LinkedIn. Further information about the LinkedIn plug-in may be accessed under developer.linkedin.com/plugins. During the course of this technical procedure, LinkedIn gains knowledge of what specific sub-page of our website was visited by the data subject.
If the data subject is logged in at the same time on LinkedIn, LinkedIn detects with every call-up to our website by the data subject — and for the entire duration of their stay on our Internet site — which specific sub-page of our Internet page was visited by the data subject. This information is collected through the LinkedIn component and associated with the respective LinkedIn account of the data subject. If the data subject clicks on one of the LinkedIn buttons integrated on our website, then LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores the personal data.
LinkedIn receives information via the LinkedIn component that the data subject has visited our website, provided that the data subject is logged in at LinkedIn at the time of the call-up to our website. This occurs regardless of whether the person clicks on the LinkedIn button or not. To prevent LinkedIn from linking information collected on our site to Your LinkedIn account, You must log out of Your LinkedIn account before You visit our site.
LinkedIn provides under https://www.linkedin.com/psettings/guest-controls the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads, as well as the ability to manage ad settings. LinkedIn also uses affiliates such as Eire, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame. The setting of such cookies may be denied under https://www.linkedin.com/legal/cookie-policy . The applicable privacy policy for LinkedIn is available under https://www.linkedin.com/legal/privacy-policy . The LinkedIn Cookie Policy is available under https://www.linkedin.com/legal/cookie-policy .