Data Privacy in Accordance with GDPR Article 13
The following data protection notice explains how VISiiO processes your personal data in accordance with the EU General Data Protection Regulation (referred to as GDPR below). Should you have any questions or comments regarding this information, please feel free to get in touch with us using the email address below in Section 2.
The following data protection notice informs you about how and to what extent VISiiO processes your personal data. By personal data we mean information that can be linked to you personally, either directly or indirectly. VISiiO’s data processing can essentially be broken down into the following three categories:
• All the data required by VISiiO for executing a contract will be processed by the company as part of our obligation to fulfil that particular contract. If an external service provider is also involved in executing a contract, e.g. a partner company, then we will only pass on the data required by that partner company to fulfil their part of the contract in hand.
• For market research purposes as part of a panel survey. A panel survey is a type of online survey that is used for measuring and improving usability. For this purpose, we create an online access panel that reflects the desired target audience. Members of the panel are interviewed with the aid of an online questionnaire. E-mail addresses of respondents participating in the panel are only passed on to the company conducting the panel (client / market research agency) once respondents have given their permission. The addresses are then deleted by the client / market research agency after completion of the online survey.
• When you visit the VISiiO website, information is transferred between your end-user device and our server. This information may also include some form of personal data. The data collected can be used, amongst other things, to optimise our website or ensure that it works correctly.
• When you register with our informational mailing system, you consent to us contacting you using a double-opt-in procedure which is used to verify that your e-mail address is correct.
GDPR provides you with certain rights of recourse against us. This includes, among other things, the right of refusal on your part to have your data processed. Your right to appeal is highlighted in the text.
Should you have any questions relating to our data privacy notice, please feel free to send them to our data-privacy e-mail address. The contact data is available below.
2. Name and Contact Data of the Person Responsible for Data Processing
This data privacy notice is valid for data processing carried out by VISiiO, Helena Berghoff, Oberstrasse 2, 51149 Köln (“person responsible”) and for the website www.visiio.de.
Please direct any questions relating to data privacy to our external data protection officer:
Dipl.-Ing. Klaus Pampuch
e-mail address: email@example.com.
3. Using the Contact Form
You can use the contact form on our website to register quickly and easily as a member of our pool. The form collects the following data: your name and e-mail address. Inquiries are forwarded to the company department responsible for processing. This data is processed by VISiiO employees. The data is stored in a VISiiO database which can only be accessed by VISiiO.
When we receive a request for a survey, we inform our pool members by e-mail about the possibility of participating in the said survey. As a pool member, it is entirely up to you whether or not you wish to take participate.
Your data is not used for any other purpose.
4. Our Informational Mailings
We offer you the possibility of registering for our informational mailing. These mailings provide information on the current surveys that you are able to sign up for. We use the so-called double-opt-in procedure to ensure that no mistakes have been made when entering your e-mail address, or that your e-mail address has not been used illegitimately. Once you have entered your e-mail address in the registration box, we send you an e-mail containing a confirmatory link. Your e-mail address is only added to our mailing list once you have clicked on this acknowledgement link.
Your electronic contact data is solely processed at this stage on the basis of your having provided your consent in accordance with GDPR, Article 6 (1) (a). You can revoke your explicit consent for the future at any time. Please use the “unsubscribe” link contained in your e-mail message for this purpose.
5. Online Presence and Website Optimisation
5.1 Automated Data Processing
Every time a file stored on areas of our website that are publicly accessible without prior registration and authentication (“logging in”) is accessed or data retrieved, then this information is recorded by the server on which our website is stored. This data is stored for internal system-related and statistical purposes, e.g. to help us to improve the website to better cater for customer demands. The following data is recorded: the name of the retrieved file, date and time of retrieval, transmitted data volume, notification of successful retrieval, web browser, operating system and requesting domain. In addition, the IP addresses of the computer making the request and the internet sites from which you visit us are also recorded. We are not able to assign this data to any one individual. Neither is this data merged with data from any other sources. After being statistically evaluated, the data is deleted and not passed on to any third party.
The legal basis for processing IP addresses is anchored in GDPR Article 6 (1) (f). Our legitimate interest here bases on the above-listed reasons for collecting this data.
5.3 Social Media Plug-Ins
Our website is currently linked to our presence on the social media platforms Xing and Facebook. None of your personal data is initially transmitted to Xing or Facebook when you visit our site. However, you do have the option of transferring directly to our profiles on these platforms by using the corresponding link. The respective links are clearly identified by the logo and/or name. Only by clicking on, and thus activating, the relevant box or link are you actually transferred to the social media site in question. Only then does the provider receive the information that you previously visited the corresponding webpage of our online offer. You are then forwarded to our presence on the respective social media platform. When you activate the link, your personal data is transferred to the respective social media provider and saved in the country in which that subsidiary is based.
We would like to point out that you use social media sites and their features at your own risk. This is especially true when it comes to using interactive features (e.g. sharing or rating information, etc.).
Exact details of what data is processed by the social media platform, what this data is used for, what exactly your rights are and what settings are available to protect your privacy can be obtained from the respective social media platform data protection guidelines:
Please be aware that we have no influence on how the above social media platforms process, use and disseminate your data. Neither do we have any effective means of monitoring these matters.
6. Recipients from Outside of the EU
We do not pass your data on to anyone based outside the European Union or European Economic Area.
7. Your Rights
As well as having the right to revoke your consent to collect your data, you also have the following legal rights as well:
• The right to request information on your personal data stored by us, in accordance with GDPR Article 15
• The right to correct incorrect or complete incomplete data, in accordance with GDPR Article 16
• The right to have any of your data deleted that we have stored, in accordance with GDPR Article 17
• The right to restrict processing of your data, in accordance with GDPR Article 18
• The right to data portability, in accordance with Article 20 GDPR
7.2 Right of Objection
Under the premises of GDPR Article 21 (1), it is also possible to object to data-processing for reasons which arise in conjunction with the special circumstances of affected persons.
The preceding general right of objection is valid for all the data-processing purposes described in this data privacy notice, insofar as this data is processed in accordance with Article 6 (1) (f). We are only obliged to implement such a general right of objection under GDPR if you can provide reasons of vital importance for doing so (e.g. possible risks for life and health). The consent you give, allowing your data to be processed can also be revoked at any time using the e-mail address firstname.lastname@example.org
7.3 Contact Data for Exercising Your Rights as an Affected Person
You can obtain information about your personal data we have stored from email@example.com. It is also possible to ask for data to be corrected, deleted or restricted, or for you to exercise your right of objection.
7.4 Your Right to Complain to Supervisory Authorities
Complaints should be directed to the following supervisory authority, responsible for VISiiO Insight:
The Data Protection Authority for the State of North Rhine-Westphalia
Die Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Telefon: 0211 – 384 24-0
Fax: 0211 – 384 24-10
8. Data Privacy
Any data that you transfer personally is protected using the widely used and secure standard SSL (Secure Socket Layer). You can tell if you are using a secure SSL connection by, among other things, the ‘s’ attached to http (https://…) in your browser, or by the lock icon in the bottom section of your browser.
We take appropriate technical and organizational security measures to protect any of your personal data in our hands against being manipulated, partially or entirely lost and also against unauthorized access by third parties. Our security measures are continually updated in accordance with the latest technological developments.