Data Protection

Thank you for your interest in data protection. The protection of your personal data is important to us. In the following, we will inform you of the details about data protection at UXMA.
If you have any questions, suggestions or requests, please do not hesitate to contact our data protection officer named below.

The responsible party, according to Article 4 para. 7 EU data protection regulation (GDPR), is:

UXMA GmbH & Co. KG
Düvelsbeker Weg 12
24105 Kiel

info@uxma.com

  1. What is Personal Data?
    According to the GDPR, personal data is "any information relating to an identified or identifiable natural person [...]" (see GDPR Article 4(1)). This includes, for example, your name, contact details such as your telephone number or your email address.
  2. Managing Access to our Website
    1. Server Log Files
      We collect data about each access to our website. This data is stored in so-called server log files. The information stored is:

      - Your IP-address

      - date and time of access

      - file name of the web page

      - message about the status of access

      - amount of transferred data

      - complete URL of the access

      - browser type and version of the browser and operating system you are using

      The server log files are used exclusively to ensure error-free and high-performance operation of the website. If, on the basis of concrete indications, there is a justified suspicion of illegal use of our website, we may check the log data afterwards.
    2. Contact Form / Login area
      If you use our contact form or our login area on the website, you provide us with some data, for example: 

      - your name

      - your email address

      - the company you are requesting for (optional) 

      - your phone number (optional) 

      We store this data in order to respond to your request and delete it as soon as it is no longer needed or, if applicable, when the legally prescribed periods for storage have expired.
    3. Cookies
      Our website uses cookies, which we use, for example, to store user settings. This storage takes place on your device and does not lead to any damage on your device. You can deactivate the storage of cookies in your browser (generally or specifically for our website) and still use our website.
       
    4. Integration of External Services
      We do not receive any personal data from the services listed below, which we use for our website. At the very least, if you are logged in to any of these services while using our website, that service provider may become aware of your particular use of our website.

      1. Google Analytics
        This website uses the Google Analytics service, which is provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) for the analysis of website usage by users. The service uses "cookies" - text files that are stored on your device. The information collected by the cookies is usually sent to a Google server in the USA and stored there. The personal data is transferred to the USA under the EU-US Privacy Shield on the basis of the European Commission's adequacy decision. 

        IP anonymization is used on this website. The IP address of the user is shortened within the member states of the EU and the European Economic Area. This eliminates the personal reference of your IP address. Within the framework of the Order Data Agreement, which the website operators have concluded with Google Inc., the latter uses the information collected to compile an evaluation of website use and website activity and provides services associated with internet use.

        You have the option of preventing cookies from being stored on your device by selecting the appropriate settings in your browser. It is not guaranteed that you can access all functions of this website without restrictions if your browser does not allow cookies.

        You can also use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to Google Inc. and used by Google Inc. This link will take you to the appropriate plugin.

        Opt-out cookies are used to prevent your data from being collected in the future when you visit this website. To prevent cross-device data collection, opt-out must be performed on all systems you use. Click here to set the opt-out cookie: disable Google Analytics
      2. Shopify
        We use the store system of the service provider Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of hosting and displaying the online store based on processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of the above Shopify services, data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on behalf of Shopify. In the event that data is transferred to Shopify Inc. in Canada, an adequacy finding by the European Commission will ensure an adequate level of data protection. For the transfer of personal data to other countries, Shopify assures compliance with the DSGVO rules by concluding individual contracts.

        Further information on Shopify's data protection policy is available at the following website: https://www.shopify.com/legal/privacy
      3. Sales Viewer
        Use of SalesViewer® technology: 
        This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.
        In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally
        The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
        The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
      4. Youtube
        In order to be able to display relevant content for our website visitors, video content from the video portal "YouTube" of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google") is also embedded. The implementation is based on Art. 6 para. 1 p. 1 lit. f DSGVO.
        Here, we use the "extended data protection mode" option provided by Google.
        If you call up a page in which a corresponding video is embedded, a connection to the Google servers is established and in the process the content is displayed on the website by notifying your browser.
        According to Google, in "extended data protection mode" your data - in particular which of our Internet pages you have visited as well as device-specific information including the IP address - is only transmitted to the YouTube servers in the USA when you play the video. By clicking on the video content, you consent to this transmission.
        If you are logged into your Google account, this information will be assigned to your YouTube account. This can be prevented by logging out of your account before visiting our website.
        In some cases, information is transmitted to the parent company Google Inc. based in the USA, to other Google companies and to external partners of Google, each of which may be located outside the European Union. Google uses standard contractual clauses approved by the European Commission for this purpose and relies on adequacy decisions issued by the European Commission regarding certain countries.
        For more information on data protection in connection with YouTube, please see Google's privacy policy.
      5. Vimeo Without Tracking (Do-Not-Track)
        This website uses plugins of the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New
        York, New York 10011, USA.
        Whenever you visit one of our pages featuring Vimeo videos, a connection with the servers of Vimeo is
        established. In conjunction with this, the Vimeo server receives information about which of our sites you
        have visited. Vimeo also receives your IP address. However, we have set up Vimeo in such a way that Vimeo
        cannot track your user activities and does not place any cookies.
        We use Vimeo to make our online presentation attractive for you. This is a legitimate interest on our part
        pursuant to Art. 6(1)(f) GDPR. If a respective declaration of consent was requested (e.g. concerning the
        storage of cookies), processing shall occur exclusively on the basis of Art. 6(1)(a) GDPR; the given consent
        may be revoked at any time.
        Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European
        Commission and, according to Vimeo, on “legitimate business interests”. Details can be found here:
        https://vimeo.com/privacy. For more information on the handling of user data, please consult Vimeo’s data privacy policy at: https://vimeo.com/privacy
      6. Hubspot
        We use Hubspot CRM on this website. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA 9 / 20 (hereafter Hubspot CRM).
        Hubspot CRM enables us, among other things, to manage existing and potential customers and customer contacts, to communicate with you and to plan and execute marketing activities in line with your interests. Hubspot CRM enables us to capture, sort and analyze customer interactions via email, social media, or phone across multiple channels. The personal data collected in this way can be evaluated and used for communication with the potential customer or marketing measures (e.g., newsletter mailings). Hubspot CRM also enables us to collect and analyze the user behavior of our contacts on our website.
        The use of Hubspot CRM is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the most efficient customer management and customer communication. If consent has been requested, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; consent may be revoked at any time.
        For details, please refer to Hubspot’s privacy policy: https://legal.hubspot.com/de/privacy-policy.
        Data transmission to the US is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.hubspot.de/data-privacy/privacy-shield.
      7. Google Ads
        We use Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
        Google Ads enables us to display ads in the Google search engine or on third-party websites, if the user enters certain search terms into Google (keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g., location data and interests; target group targeting). As the website operator, we can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks.
        The use of Google Ads is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in marketing his services and products as effectively as possible.
        Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.
      8. LinkedIn Insight Tag
        This website uses the Insight tag from LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

        Data processing by LinkedIn Insight tag
        We use the LinkedIn Insight tag to obtain information about visitors to our website. Once a website visitor is registered with LinkedIn, we can analyze the key occupational data (e.g., career level, company size, country, location, industry, job title) of our website visitors to help us better target our site to the relevant audience. We can also use LinkedIn Insight tags to measure whether visitors to our websites make a purchase or perform other actions (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also features a retargeting function that allows us to display targeted advertising to visitors to our website outside of the website. According to LinkedIn, no identification of the advertising addressee takes place.

        LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser characteristics and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data will then be deleted within 180 days.
        The data collected by LinkedIn cannot be assigned by us as a website operator to specific individuals. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own promotional activities. For details, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.
        Legal basis
        The use of LinkedIn Insight is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time. Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs. 
        Objection to the use of LinkedIn Insight Tag
        You can object to LinkedIn’s analysis of user behavior and targeted advertising at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. In addition, LinkedIn members can control the use of their personal information for promotional purposes in the account settings. To prevent LinkedIn from linking information collected on our site to your LinkedIn account, you must log out of your LinkedIn account before you visit our site.
      9. Google Tag Manager
        We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
        The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.
        The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If the relevant consent has been requested, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time.
      10. Facebook Pixel
        To measure conversion rates, this website uses the visitor activity pixel of Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.
        This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.
        For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data.
        The use of Facebook Pixel is based on Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in effective advertising campaigns, which also include social media. If a corresponding agreement has been requested (e.g., an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the agreement can be revoked at any time.
        Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.
        Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.
        In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: https://www.facebook.com/about/privacy/.
        You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.
        If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
  3. Social Networks
    We would like to present our company and our activities to interested people via various communication channels. Therefore we operate fan pages and profiles in different social networks. In order to be able to respond to your contributions and to be able to interact with you, we process the data you enter and send us via these networks in order to reply to you. Otherwise, we only use the statistical evaluations of access provided by the operators for the analysis and optimisation of what we offer. The operators of these channels collect further personal data of their own accord during your use of our content.

    For information or other ways of exercising of your rights, please contact the respective operator directly, as only the operators themselves have full access to your user data stored there. Our data protection officer listed below is, of course, also available to answer your questions. 

    The data protection declarations of the respective operators and possible objections are listed below. The providers from the USA are certified according to the Privacy Shield. This means that they meet the requirements of the European Basic Data Protection Regulation.

    Facebook Privacy Policy: https://www.facebook.com/about/ privacy/
    Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com

    Twitter Privacy Policy: https://twitter.com/de/privacy Opt-Out: https://twitter.com/personalization

    LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy Opt-Out: https://www.linkedin.com/legal/cookie-policy

    Xing Privacy Policy and Opt-Out: https://privacy.xing.com/en

    Instagram Privacy Policy and Opt-Out: http://instagram.com/legal/privacy/
  4. Contact
    If you provide us with personal information, we will collect it to the extent it is needed for the purpose for which you provide it to us. By providing us with contact information, you consent to us using that information to contact you. You can revoke this consent by notifying our data protection officer named below.
  5. Data Transmission to Third Parties
    The transmission of your personal data to third parties only takes place in justified cases. If such a transfer is not legally justified, we ask you for a declaration of consent. We take appropriate measures to ensure compliance with data protection laws.
  6. Your Rights
    You have the right to free information about your stored data, its origin, recipient and purpose of storage. According to the GDPR, you also have the right to correct your data, restrict processing if necessary or request complete or partial deletion, provided that this is not contrary to other legal requirements (such as legally prescribed storage obligations). In addition, you have the right to object to any consent given at any time and with future effect. You also have the right to data transfer. Please direct your inquiries to our data protection officer named below.

    If you are of the opinion that the processing of your personal data violates data protection regulations, you can address your complaint to a supervisory authority.
  7. Data Protection Officer
    If you have any requests, suggestions or questions, please contact our data protection officer at:

    UXMA GmbH & Co. KG
    data protection officer
    Düvelsbeker Weg 12
    24105 Kiel

    +49 431 80002 - 0
    privacy@uxma.com

If you wish to withdraw your consent to the use of our analytics services, you may do so here: