Data Privacy in Accordance with GDPR Article 13
The following data protection notice explains how VISiiO processes your personal data in accordance with the EU General Data Protection Regulation (referred to as GDPR below). Should you have any questions or comments regarding this information, please feel free to get in touch with us using the email address below in Section 2.
The following data protection notice informs you about how and to what extent VISiiO processes your personal data. By personal data we mean information that can be linked to you personally, either directly or indirectly. VISiiO’s data processing can essentially be broken down into the following three categories:
• All the data required by VISiiO for executing a contract will be processed by the company as part of our obligation to fulfil that particular contract. If an external service provider is also involved in executing a contract, e.g. a partner company, then we will only pass on the data required by that partner company to fulfil their part of the contract in hand.
• For market research purposes as part of a panel survey. A panel survey is a type of online survey that is used for measuring and improving usability. For this purpose, we create an online access panel that reflects the desired target audience. Members of the panel are interviewed with the aid of an online questionnaire. E-mail addresses of respondents participating in the panel are only passed on to the company conducting the panel (client / market research agency) once respondents have given their permission. The addresses are then deleted by the client / market research agency after completion of the online survey.
• When you visit the VISiiO website, information is transferred between your end-user device and our server. This information may also include some form of personal data. The data collected can be used, amongst other things, to optimise our website or ensure that it works correctly.
• When you register with our informational mailing system, you consent to us contacting you using a double-opt-in procedure which is used to verify that your e-mail address is correct.
GDPR provides you with certain rights of recourse against us. This includes, among other things, the right of refusal on your part to have your data processed. Your right to appeal is highlighted in the text.
Should you have any questions relating to our data privacy notice, please feel free to send them to our data-privacy e-mail address. The contact data is available below.
2. Name and Contact Data of the Person Responsible for Data Processing
This data privacy notice is valid for data processing carried out by VISiiO, Helena Berghoff, Oberstrasse 2, 51149 Köln (“person responsible”) and for the website www.visiio.de.
Please send any questions relating to data privacy to the following e-mail address: email@example.com.
3. Using the Contact Form
You can use the contact form on our website to register quickly and easily as a member of our pool. The form collects the following data: your name and e-mail address. Inquiries are forwarded to the company department responsible for processing. This data is processed by VISiiO employees. The data is stored in a VISiiO database which can only be accessed by VISiiO.
When we receive a request for a survey, we inform our pool members by e-mail about the possibility of participating in the said survey. As a pool member, it is entirely up to you whether or not you wish to take participate.
Your data is not used for any other purpose.
4. Our Informational Mailings
We offer you the possibility of registering for our informational mailing. These mailings provide information on the current surveys that you are able to sign up for. We use the so-called double-opt-in procedure to ensure that no mistakes have been made when entering your e-mail address, or that your e-mail address has not been used illegitimately. Once you have entered your e-mail address in the registration box, we send you an e-mail containing a confirmatory link. Your e-mail address is only added to our mailing list once you have clicked on this acknowledgement link.
Your electronic contact data is solely processed at this stage on the basis of your having provided your consent in accordance with GDPR, Article 6 (1) (a). You can revoke your explicit consent for the future at any time. Please use the “unsubscribe” link contained in your e-mail message for this purpose.
5. Online Presence and Website Optimisation
5.1 Automated Data Processing
Every time a file stored on areas of our website that are publicly accessible without prior registration and authentication (“logging in”) is accessed or data retrieved, then this information is recorded by the server on which our website is stored. This data is stored for internal system-related and statistical purposes, e.g. to help us to improve the website to better cater for customer demands. The following data is recorded: the name of the retrieved file, date and time of retrieval, transmitted data volume, notification of successful retrieval, web browser, operating system and requesting domain. In addition, the IP addresses of the computer making the request and the internet sites from which you visit us are also recorded. We are not able to assign this data to any one individual. Neither is this data merged with data from any other sources. After being statistically evaluated, the data is deleted and not passed on to any third party.
The legal basis for processing IP addresses is anchored in GDPR Article 6 (1) (f). Our legitimate interest here bases on the above-listed reasons for collecting this data.
5.3 Google Services
In accordance with GDPR Article 6 (1) (f), we use Google Analytics, a web analysis service provided by Google Inc (“Google”), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to cover our needs and to make sure our web pages are continually optimised. Google has been certified in accordance with the EU-US Privacy Shield, which guarantees that EU data protection requirements will also be met when data is processed in the USA: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
Additional information about Google’s data protection policy is available here: https://policies.google.com/privacy
You can alter your settings under this link: https://adssettings.google.com/authenticated
5.3.1 Google Analytics
• Browser type/version
• Operating system used
• Referrer URL (the site visited previously)
• Host name of the accessing computer (IP address)
• Time of the server inquiry
This data is transmitted to a server in the USA by Google and stored there. The information is utilised to evaluate the way in which the website has been used in order to generate website activity reports and provide additional internet-related services relating to market research and make the website more user-friendly. This information may also passed be passed on to a third party insofar this is legally prescribed or a third party is involved in processing this data. At no time does Google merge your IP address with other data. The IP addresses are made anonymous, so that it is impossible to associate the two (so-called IP masking).
You can prevent cookies being installed by altering a setting on your browser. However, we would point out that, if you do so, you may not be able to use all the features of the website to their full extent. If you so wish, you can prevent the data generated by the cookie and your usage of the website (including your IP address) being recorded and processed by Google by downloading and installing this browser add-on Further information regarding data protection relating to Google Analytics is available on the Google Analytics website.
5.3.2 Google Fonts
We have fonts (“Google fonts”) embedded on our website. For certain fonts to be represented correctly on our website, it is necessary to connect to a Google server in the USA. Google is able to establish which website your request comes from and to which IP address the representation of the font is transmitted.
5.3.3 Google Maps
This website uses Google Maps via an API.
Your IP address has to be stored for you to be able to use Google Maps features. As a rule, this information is transmitted to a Google server located in the USA and stored there. The provider of this website has no influence on this data being transferred. Google Maps is used to increase the attractiveness of our website and also to simplify locating places mentioned on the website.
5.4 Social Media Plug-Ins
Our website is currently linked to our presence on the social media platforms Xing and Facebook. None of your personal data is initially transmitted to Xing or Facebook when you visit our site. However, you do have the option of transferring directly to our profiles on these platforms by using the corresponding link. The respective links are clearly identified by the logo and/or name. Only by clicking on, and thus activating, the relevant box or link are you actually transferred to the social media site in question. Only then does the provider receive the information that you previously visited the corresponding webpage of our online offer. You are then forwarded to our presence on the respective social media platform. When you activate the link, your personal data is transferred to the respective social media provider and saved in the country in which that subsidiary is based.
We would like to point out that you use social media sites and their features at your own risk. This is especially true when it comes to using interactive features (e.g. sharing or rating information, etc.).
Exact details of what data is processed by the social media platform, what this data is used for, what exactly your rights are and what settings are available to protect your privacy can be obtained from the respective social media platform data protection guidelines:
Please be aware that we have no influence on how the above social media platforms process, use and disseminate your data. Neither do we have any effective means of monitoring these matters.
6. Recipients from Outside of the EU
Apart from the exceptions listed in Section 4, we do not pass your data on to anyone based outside the European Union or European Economic Area. The methods of data processing listed in Section 4 require data to be transferred to the servers of tracking and targeting technology companies whose services we utilise. These servers are located in the USA. Data is transferred in accordance with the principles of the so-called Privacy Shield and on the basis of so-called standard contractual clauses of the European Commission. If you so wish, we can provide you with a copy of these standard contractual clauses. Please send a letter containing a stamped and self-addressed envelope to the address listed in Section 2 if you require a copy.
7. Your Rights
As well as having the right to revoke your consent to collect your data, you also have the following legal rights as well:
• The right to request information on your personal data stored by us, in accordance with GDPR Article 15
• The right to correct incorrect or complete incomplete data, in accordance with GDPR Article 16
• The right to have any of your data deleted that we have stored, in accordance with GDPR Article 17
• The right to restrict processing of your data, in accordance with GDPR Article 18
• The right to data portability, in accordance with Article 20 GDPR
7.2 Right of Objection
Under the premises of GDPR Article 21 (1), it is also possible to object to data-processing for reasons which arise in conjunction with the special circumstances of affected persons.
The preceding general right of objection is valid for all the data-processing purposes described in this data privacy notice, insofar as this data is processed in accordance with Article 6 (1) (f). We are only obliged to implement such a general right of objection under GDPR if you can provide reasons of vital importance for doing so (e.g. possible risks for life and health). The consent you give, allowing your data to be processed can also be revoked at any time using the e-mail address firstname.lastname@example.org
7.3 Contact Data for Exercising Your Rights as an Affected Person
You can obtain information about your personal data we have stored from email@example.com. It is also possible to ask for data to be corrected, deleted or restricted, or for you to exercise your right of objection.
7.4 Your Right to Complain to Supervisory Authorities
Complaints should be directed to the following supervisory authority, responsible for VISiiO Insight:
The Data Protection Authority for the State of North Rhine-Westphalia
Die Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Telefon: 0211 – 384 24-0
Fax: 0211 – 384 24-10
8. Data Privacy
Any data that you transfer personally is protected using the widely used and secure standard SSL (Secure Socket Layer). You can tell if you are using a secure SSL connection by, among other things, the ‘s’ attached to http (https://…) in your browser, or by the lock icon in the bottom section of your browser.
We take appropriate technical and organizational security measures to protect any of your personal data in our hands against being manipulated, partially or entirely lost and also against unauthorized access by third parties. Our security measures are continually updated in accordance with the latest technological developments.