Privacy policy

General information

As the operator of these pages, we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

This data protection declaration informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the websites, functions and content associated with it, as well as other external online presences, such as our social media profiles.

Regarding the terms used, such as "personal data" or their "processing", we refer to the definitions in Art. 4 of the EU General Data Protection Regulation (GDPR).

Security measures

We take suitable technical and organizational measures in accordance with Article 32 of the GDPR, considering the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of individuals, in order to ensure a level of protection appropriate to the risk.

The measures include safeguarding the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data.

Furthermore, we have established procedures to ensure the exercise of data subjects' rights, deletion of data, and response to data compromise. Furthermore, we consider the protection of personal data already during the development or selection of hardware, software as well as procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 GDPR).

The security measures include the encrypted transmission of data between your browser and our server.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by a lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Data security on the Internet

We would like to inform you that data transmission on the Internet (e. g. communication by e-mail) may be subject to security flaws. Complete protection of data against access by third parties is not possible.

Data processing on this website

On the one hand, your data is processed when you provide it to us. This may be, for example, data that you enter in a contact form.

Other data is processed automatically by our IT systems when you visit the website. This is mainly technical data (e. g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.

Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

You have the right to receive information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have a right to demand the correction, restriction or erasure of this data. For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time at the address given in the legal notice. Furthermore, you have the right to lodge a complaint with a competent supervisory authority.

You also have the right to request the restriction of the processing of your personal data under certain circumstances. For details, please refer to the privacy policy under "Right to restriction of processing".

Analysis and third party tools

When visiting our website, your usage behavior may be statistically evaluated. This is done primarily with so-called analysis programs.

You can find detailed information on this in the following privacy policy.

Payment transactions on this website

If, after the conclusion of a contract with costs, there is an obligation to transmit your payment data to us (e. g. account number in the case of direct debit authorization), this data is required for payment processing.

Payment transactions via the common means of payment (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

Cooperation with processors and third parties

If, after the conclusion of a contract with costs, there is an obligation to transmit your payment data to us (e. g. account number in the case of direct debit authorization), this data is required for payment processing.

Payment transactions via the common means of payment (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

Data transfer to non-EU countries

If we process data in a country outside the European Union (EU) or the European Economic Area (EEA) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this is only done if it is done to fulfill our (pre-)contractual obligations, based on your consent, due to a legal obligation or based on our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Art. 44 et seq. GDPR are met. This means that the processing is carried out, for example, based on special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU or the observance of officially recognized special contractual obligations (so-called "standard contractual clauses").

Among other things, we use tools of companies domiciled in the United States or other, from a data protection perspective, non-secure non-EU-countries. If these tools are active, your personal data may potentially be transferred to these non-EU countries and may be processed there. We must point out that in these countries, a data protection level that is comparable to that in the EU cannot be guaranteed. For instance, U.S. enterprises are under a mandate to release personal data to the security agencies and you as the data subject do not have any litigation options to defend yourself in court. Hence, it cannot be ruled out that U.S. agencies (e.g., the Secret Service) may process, analyze, and permanently archive your personal data for surveillance purposes. We have no control over these processing activities.

Storage period

Unless a more specific storage period has been stated within this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies.

If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e. g. retention periods under tax or commercial law); in the latter case, the data will be deleted after these reasons no longer apply.

1 General notes and mandatory information

Controller

The processing entity and thus the controller within the meaning of data protection law on this website is

streamedup! GmbH
Borsigstraße 11 – 13
65205 Wiesbaden

Telefon: +49 (0)611 944 936 65
E-Mail: info@streamed-up.com

Data protection officer according to Artt. 37-39 GDPR

We have designated a data protection officer:

Boris Koppenhöfer
c/o Koppenhöfer & Werner Beratungsgesellschaft mbH
Nikolausstraße 11
65343 Eltville am Rhein

Telefon: +49 (0)612 392 13-61
E-Mail: privacy@streamed-up.com

Note on data transfer to the US and other third countries

Among other things, tools from companies based in the US or other third countries that are not secure from a data protection perspective are integrated on our website. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Withdrawal of your consent to data processing

Many data processing operations are only possible with your explicit consent. You can withdraw consent you have already given at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the withdrawal remains unaffected by the withdrawal.

Right to object to data processing in specific cases and to direct marketing (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) OF THE GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right to lodge a complaint with a supervisory authority

In the event of violations of the GDPR or other provisions of data protection law, data subjects shall have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Information, erasure and rectification

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction or erasure of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the legal notice.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data has happened / is happening unlawfully, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.
  • If you have lodged an objection pursuant to Article 21 (1) of the GDPR, a balance must be struck between your interests and ours. If it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another individual or legal entity or for reasons of an important public interest of the European Union or a Member State.

2 Hosting, Service provider and Content Delivery Networks (CDN)

External Hosting

This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.

The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user's end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.

We are using the following host:

Amazon Web Services
410 Terry Avenue North
Seattle WA 98109
USA

Service providers / agencies:

We use service providers for the development, administration and/or maintenance of the website.

Our service providers process your data only to the extent necessary to fulfill their tasks and follow our instructions regarding this data.

We use the following service provider(s):

soerf GmbH
Marktstraße 25
87527 Sonthofen

jsDelivr CDN

This site uses a so-called "Content Delivery Network" (CDN) by jsDelivr. A CDN is a service that helps to deliver the content of our online offer, especially large media files, such as graphics or scripts, more quickly with the help of regionally distributed servers connected via the Internet. User data is processed exclusively for the purposes and to maintain the security and functionality of the CDN. For this purpose, the browser you use must connect to the servers of the CDN. In this way, the CDN obtains knowledge that our website has been accessed via your IP address. The use is based on our legitimate interests, i.e., interest in a secure and efficient provision, analysis, and optimization of our online offer pursuant to Art. 6 para. 1 lit. f. DSGVO. For more information, please see the privacy policy of jsDelivr: https://www.jsdelivr.com/privacy-policy-jsdelivr-net/

3 Cookies, local storage

Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.

In some cases, it is possible that third-party cookies are stored on your device once you enter our site (third-party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g., cookies for the processing of payment services).

Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g., the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.

Cookies, which are required for the performance of electronic communication transactions, or for the provision of certain functions you want to use (e.g., for the shopping cart function) or those that are necessary for the optimization (required cookies) of the website (e.g., cookies that provide measurable insights into the web audience), shall be stored based on Art. 6(1)(f) GDPR, unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of required cookies to ensure the technically error free and optimized provision of the operator’s services. If your consent to the storage of the cookies and similar recognition technologies has been requested, processing occurs exclusively based on the consent obtained (Art. 6(1)(a) GDPR and § 25 (1) TTDSG); this consent may be revoked at any time.

You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.

If third-party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Data Protection Policy and, if applicable, ask for your consent.

Cookiebot Consent-Tool

Our website uses consent technology from Cookiebot to obtain your consent to the storage of certain cookies on your end device or for the use of certain technologies and to document this in a data protection-compliant manner. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “Cookiebot”).

When you enter our website, a connection is established with the Cookiebot servers to obtain your consent and provide you with other explanations regarding the use of cookies. Cookiebot will then store a cookie in your browser to identify the consent you have given or its revocation. The data collected in this way is stored until you request us to delete it, delete the Cookiebot cookie itself or the purpose for which the data is stored no longer applies. Mandatory legal storage obligations remain unaffected.

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.


Local storage

To enable you to adapt our website to your use, we also use so-called local storage technology (also called "local data" and "local memory") in addition to cookies. In this process, data is stored locally in the cache of your browser, which continues to exist even after you close the browser window or exit the program - unless you delete the cache. Local Storage enables your preferences when using our website to be stored on your computer and used by you. The data from the Local Storage is used, for example, to identify you as a user of the website or to reuse the settings you have made when you visit the website again. Third parties cannot access the data stored in the local storage. It will not be disclosed to third parties and will not be used for purposes other than those mentioned above. Insofar as the use of local storage technology is not strictly necessary to enable the functionality of our website, we will only use it with your consent, see § 25 TTDSG, Art. 6 para. 1 lit. a) DSGVO. You can revoke your consent at any time.

4 Data processing on the website

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version
  • Operating system used
  • referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be collected.

Contact form

If you send us inquiries via the contact form, your data from the inquiry form including the contact data you provided there will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6 (1) f GDPR) or on your consent (Art. 6 (1) a GDPR) if this has been requested.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.

Registration on this website

You can register on our website to use additional functions on the site as well as our offers. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.

For important changes, for example in the scope of the offer or for technically necessary changes, we will use the e-mail address provided during registration to inform you in this way.

The processing of your registration data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if this has been requested. You can withdraw your consent at any time with effect for the future. For this purpose, an informal communication by e-mail to us is sufficient.

The data collected during registration will generally be stored by us for as long as you are registered on our website and will then be deleted. Legal retention periods or other legal grounds remain unaffected.

5 eCommerce

Processing of data (customer and contractual data)

We process personal data only to the extent that it is required for the establishment, content or amendment of the legal relationship (inventory data). This is done on the basis of Art. 6 (1) lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We process personal data about the use of our websites (usage data) only to the extent necessary to enable the user to use the service or to bill the user.

The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

Data transfer upon conclusion of a contract for services and digital content

We transmit personal data to third parties only if this is necessary in the context of contract processing, for example to the credit institution commissioned with payment processing.

Further transmission of data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Credit checks

In the case of a purchase on account or any other method of payment for which we make advance payments, we may carry out a credit check (scoring). For this purpose, we transmit your entered data (e. g. name, address, age or bank data) to a credit agency. Based on this data, the probability of a payment default is determined. In the event of an excessive risk of non-payment, we may refuse the payment method in question.

The credit check is carried out on the basis for the fulfillment of the contract (Art. 6 para. 1 lit. b GDPR) as well as for the prevention of payment defaults (legitimate interest according to Art. 6 para. 1 lit. f GDPR). If consent has been obtained, the credit check is carried out based on this consent (Art. 6 (1) lit. GDPR); consent can be revoked at any time.

6 Analytical tools and advertising

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is summarized in a user-ID and assigned to the respective end device of the website visitor.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

The use of these services occurs based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Browser plug-in

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.

Google Analytics E-Commerce-Tracking

This website uses the “E-Commerce Tracking” function of Google Analytics. With the assistance of E-Commerce Tracking, the website operator can analyze the purchasing patterns of website visitors with the aim of improving the operator’s online marketing campaigns. In this context, information, such as the orders placed, the average order values, shipping costs and the time from viewing the product to making the purchasing decision are tracked. These data may be consolidated by Google under a transaction ID, which is allocated to the respective user or the user’s device.

Google Signals

We use Google Signals. Whenever you visit our website, Google Analytics records, among other things, your location, the progression of your search and YouTube progression as well as demographic data (site visitor data). This data may be used for customized advertising with the assistance of Google Signal. If you have a Google account, your site visitor information will be linked to your Google account by Google Signal and used to send you customized promotional messages. The data is also used to compile anonymized statistics of our users’ online patterns.

Google DoubleClick

This website uses functions of Google DoubleClick. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland, (hereinafter "DoubleClick").

DoubleClick is used to display interest-based advertisements to you throughout the Google advertising network. The advertisements can be targeted to the interests of the respective viewer with the help of DoubleClick. For example, our ads may be displayed in Google search results or in banner ads associated with DoubleClick.

To be able to display interest-based advertising to users, DoubleClick must be able to recognize the respective viewer and associate him or her with the web pages visited, clicks and other information on user behavior. For this purpose, DoubleClick uses cookies or comparable recognition technologies (e. g. device fingerprinting). The information collected is combined into a pseudonymous user profile to display interest-based advertising to the relevant user.

The use of this service is based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. The consent can be revoked at any time.

For further information on how to object to the advertisements displayed by Google, please refer to the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated.

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Google Ads

The website operator uses Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display ads in the Google search engine or on third-party websites, if the user enters certain search terms into Google (keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g., location data and interests; target group targeting). As the website operator, we can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks.

The use of these services occurs based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

LinkedIn

This website uses elements of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

By using the LinkedIn Inisght tag, we can access anonymized reports on ad performance and the performance of our landing pages.

Each time you access a page on this website that contains elements from LinkedIn, a connection to LinkedIn's servers is established. LinkedIn is informed that you have visited this website with your IP address. If you click the "Recommend Button" of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to this website to you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and its use by LinkedIn.

Insofar as consent has been obtained, the use of the above-mentioned service is based on Art. 6 Para. 1 lit. a GDPR and § 25 TTDSG. The consent can be revoked at any time. Insofar as no consent has been obtained, the use of the service is based on our legitimate interest in achieving the greatest possible visibility in social media.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=de

For more information, please see LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy.

Meta Pixel (formerly Facebook Pixel)

This website uses the visitor action pixel from Facebook/Meta for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

This allows the behavior of page visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The collected data is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook Data Usage Policy (https://de-de.facebook.com/about/privacy/). This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. This use of data cannot be influenced by us as the site operator.

The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The consent can be revoked at any time.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

In Facebook's privacy notices, you will find further information on protecting your privacy: https://de-de.facebook.com/about/privacy/.

You can also deactivate the "Custom Audiences" remarketing function in the Ad Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged into Facebook.

If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

7 Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletter, we use newsletter service providers, which are described below.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address, and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

Sendinblue

This website uses Sendinblue for the sending of newsletters. The provider is the Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.

Sendinblue services can, among other things, be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter are archived on Sendinblue’s servers in Germany.

Data analysis by Sendinblue

Sendinblue enables us to analyze our newsletter campaigns. For instance, it allows us to see whether a newsletter message has been opened and, if so, which links may have been clicked. This enables us to determine, which links drew an extraordinary number of clicks.

Moreover, we are also able to see whether once the e-mail was opened or a link was clicked, any previously defined actions were taken (conversion rate). This allows us to determine whether you have made a purchase after clicking on the newsletter.

Sendinblue also enables us to divide the subscribers to our newsletter into various categories (i.e., to “cluster” recipients). For instance, newsletter recipients can be categorized based on age, gender, or place of residence. This enables us to tailor our newsletter more effectively to the needs of the respective target groups.

If you do not want to permit an analysis by Sendinblue, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also unsubscribe from the newsletter right on the website.

For detailed information on the functions of Sendinblue please follow this link: https://www.sendinblue.com/newsletter-software/.

Legal basis

The data is processed based on your consent (Art. 6(1)(a) GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.

Storage period

The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist, if such action is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.

For more details, please consult the Data Protection Regulations of Sendinblue at: https://de.sendinblue.com/datenschutz-uebersicht/.

Amazon Simple Email Service (SES)

This website uses the services of SES for sending newsletters. The provider is Amazon Web Services, Inc, 410 Terry Avenue North, Seattle WA 98109, United States.

SES is a service with which, among other things, the dispatch of newsletters can be organized. If you enter data for the purpose of receiving newsletters (e. g. e-mail address), this data will be stored on the servers of SES in the USA.

The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

Our newsletters sent with SES enable us to analyze the behavior of newsletter recipients. Here, among other things, it can be analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e. g. purchase of a product on this website) has taken place after clicking on the link in the newsletter. For more information about SES, please visit: https://aws.amazon.com/de/ses/.

8 Plugins and Tools

Google Maps

This website uses the mapping service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer. In case Google Maps has been activated, Google has the option to use Google web fonts for the purpose of the uniform depiction of fonts. When you access Google Maps, your browser will load the required web fonts into your browser cache, to correctly display text and fonts.

We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR. If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

JW Player

Plugins of the video portal JWPlayer, LongTail Ad Solutions, Inc. d/b/a JW Player 530 7th Avenue, 16th Floor, New York, NY 10018, USA are integrated on our website.

Each time you visit a page that offers one or more JWPlayer video clips, a direct connection is established between your browser and a JW Player server in the USA. In the process, information about the visit and your IP address are stored there. Through interactions with the JW-Player plugins (e.g. clicking the start button), this information is also transmitted to JW-Player and stored there.

The privacy policy for JWPlayer with more detailed information on the collection and use of your data by JWPlayer can be found at https://www.jwplayer.com/privacy.

In addition, JWPlayer calls up the Google Analytics tracker via an iFrame in which the video is called up. This is JWPlayer's own tracking, to which we have no access. It takes place based on the legal basis Art. 6 para. 1 lit. a) GDPR (your consent). Data processing only begins when you have given the corresponding opt-in in the Cookie Consent Tool.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. The purpose of reCAPTCHA is to determine whether data entered on this website (e.g., information entered a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g., IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google. reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway. Data are stored and analyzed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the protection of the operator’s websites against abusive automated spying and against SPAM. If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time. For more information about Google reCAPTCHA please refer to the Google Data Privacy Declaration and Terms of Use under the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

9 Payment services

We integrate payment services from third-party companies on our website. When you make a purchase from us, your payment data (e. g. name, payment amount, account details, credit card number) is processed by the payment service provider for the purpose of payment processing. For these transactions, the respective contract and data protection provisions of the respective providers apply. The payment service providers are used based on Art. 6 para. 1 lit. b GDPR (contract processing) and in the interest of a smooth, convenient, and secure payment process (Art. 6 para. 1 lit. f GDPR). Insofar as your consent is requested for certain actions, Art. 6 para. 1 lit. a GDPR is the legal basis for data processing; consents can be revoked at any time for the future.

We use the following payment services / payment service providers within the scope of this website:

Stripe

The provider for customers within the EU is Stripe Payments Europe, Ltd.,1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter "Stripe").

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://stripe.com/en-de/privacy.

The transfer of your data to Stripe is based on Art. 6 (1) lit. b GDPR (contract processing) as well as our legitimate interest in using reliable and secure payment processes (Art. 6 (1) lit. f GDPR).

Mollie

We integrate payment functions from Mollie on our website.

As a financial service provider, Mollie processes large amounts of data from customers and consumers who use Mollie's services when purchasing products or services digitally.

The operating company of Mollie is Mollie B. V. - Keizersgracht 313 - 1016 EE Amsterdam - Netherlands - Phone: +493022409020 - E-mail: info@ mollie.com.

If the data subject selects an offered payment option during the ordering process, data of the data subject will be automatically transmitted to Mollie. By selecting a payment option, the data subject consents to a transmission of personal data required for the payment transaction.

Mollie processes personal data about you when you use Mollie's services and/or you provide this data to Mollie yourself. Below is an overview of the personal data that Mollie processes depending on the service you use. When you use a service from Mollie as a (paying) consumer, the following personal data is processed:

Your payment data (for example, bank account number or credit card number), Your IP address, Your Internet browser and device type, in some cases, Your first and last name, in some cases, Your address data, In some cases, Information about the product or service you have purchased, Other personal data that you actively provide, for example, by correspondence or over the phone.

Mollie will retain your personal data at most until the end of the period prescribed by law or, if there is no such period prescribed by law, at most for as long as is necessary to achieve the purposes for which we obtained your personal data. In any case, for the personal data Mollie receives in connection with the assessment of your application, the creation and execution of the contract and the processing of payments, this means that Mollie will not keep your personal data for longer than five years after the rejection of your application or the termination of the contract.

You have the right to access, correct, restrict, or erasure of the data processed by Mollie about you, unless Mollie cannot allow this due to legal requirements. You may send your request for access, correction, restriction, or erasure to info@mollie.com. In this regard, Mollie would like to determine in advance whether this request is from you. Therefore, Mollie asks you to attach a copy of your identity card to the request, if necessary.

Mollie is insofar controller for the processing of the data in the sense of the GDPR, this results from the following reasons:

Mollie determines which personal data must be processed for the correct execution of a payment.

Mollie determines for what other purposes the Personal Data may be processed, if those purposes are consistent with the purpose for which Mollie received the Personal Data.

Mollie must comply with the legal provisions applicable to it, for example provisions based on the Dutch Financial Supervision Act (Wet op het financieel toezicht - Wft), the Dutch Prevention of Money Laundering and Terrorist Financing Act (Wet ter voorkoming van witwassen en financieren van terrorisme - Wwft) and the Dutch Civil Code (Burgerlijk Wetboek - BW).

Mollie has established its own General Terms and Conditions, which apply directly to Customers and Consumers.

Mollie has registered its data processing with the Dutch Data Protection Authority under number 1449126.

Mollie's full privacy policy can be viewed at https://www.mollie.com/de/privacy.

10 Own services

Inquiry by e-mail, telephone, or fax

If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6 (1) f GDPR) or on your consent (Art. 6 (1) a GDPR) if this has been requested.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e. g. after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

Postal advertising

We use your address in compliance with all legal provisions for sending postal advertising (postal advertising).

The legal basis for this is our legitimate interest in direct advertising according to Art. 6 (1) f) GDPR. Insofar as a corresponding consent has been requested, the processing is carried out exclusively based on Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time with effect for the future. More specific regulations may be communicated to them during data collection, if applicable, and take precedence over the present regulation.

Your address will remain with us until the purpose for the data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to postal advertising, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e. g., retention periods under tax or commercial law); in the latter case, the data will be deleted after these reasons no longer apply.

We use the following service provider for the dispatch of our postal mailings:

atrikom fulfillment Gesellschaft für Projekt-Dienstleistungen mbh
Haagweg 12
65462 Ginsheim-Gustavsburg

ELLER repro+druck GmbH
Peter-Henlein-Straße 10
78056 Villingen-Schwenningen

Applications

We offer you the opportunity to apply for a job with us (e. g. by e-mail, by post or via an online application form). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the processing of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection

When you send us an application, we process your associated personal data (e. g. contact and communication data, application documents, notes taken during interviews, etc.) to the extent necessary to decide whether to establish an employment relationship. The legal basis for this is Section 26 of the BDSG under German law (initiation of an employment relationship), Article 6 (1) (b) of the GDPR (general contract initiation) and - if you have given your consent - Article 6 (1) (a) of the GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons involved in processing your application.

If the application is successful, the data you submitted will be stored in our data processing systems based on Section 26 BDSG-neu and Article 6 (1) lit. b GDPR for the purpose of implementing the employment relationship.

Retention period of the data

If we are unable to make you a job offer, you reject a job offer, withdraw your application, revoke your consent to data processing or request us to delete the data, the data you have submitted, including any remaining physical application documents, will be stored or retained (retention period) for a maximum of 6 months after the conclusion of the application process in order to be able to trace the details of the application process in the event of discrepancies (Art. 6 (1) f GDPR).

YOU MAY OBJECT TO THIS STORAGE IF YOU HAVE LEGITIMATE INTERESTS THAT OUTWEIGH OUR INTERESTS.

After expiry of the retention period, the data will be deleted, unless there is a legal obligation to retain the data or another legal reason for further storage. If it is evident that it will be necessary to retain your data after the retention period has expired (e. g. due to an impending or pending legal dispute), the data will not be deleted until it has become irrelevant. Other statutory retention obligations remain unaffected.

Inclusion in the applicant pool

If we do not make you a job offer, it may be possible to include you in our applicant pool. If you are accepted, all documents and information from your application will be transferred to the applicant pool so that we can contact you in the event of suitable vacancies.

Inclusion in the applicant pool takes place exclusively based on your explicit consent (Art. 6 para. 1 lit. a GDPR). The provision of consent is voluntary and is not related to the current application process. The data subject may revoke his/her consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, unless there are legal reasons for retention.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.

Meeting rooms

In our Internet offer, there is the possibility in certain cases to switch to virtual meeting rooms. The use of this function is voluntary. By using this offer, you explicitly consent to the processing of your personal data and the associated transfer of data to the USA.

The use and thus the processing of your data is based on your consent pursuant to Art. 6 (1) a) GDPR. It can be revoked at any time with effect for the future.

In these meeting rooms, you will see and hear other participants and be seen and heard yourself, provided you activate the camera and/or microphone.

For this function, we use the technology of Zoom. The provider of this service is Zoom Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For details on data processing, please refer to Zoom's privacy policy: https://zoom.us/de-de/privacy.html.

The associated data transfer to the USA is also based on your consent and is based on the standard contractual clauses of the EU Commission. Details can be found here: https://zoom.us/de-de/privacy.html.

11 Actuality and change of this privacy policy

Changes and further developments of this website or other websites and services operated by us as well as changed legal or official requirements may make changes to this data protection declaration necessary.

You can find the current declaration here at https://streamed-up.com/privacy-policy.

As of August 2023.