Legal Information – Privacy Policy

Introduction

3T (which means 3T Software Labs Limited) respects your privacy. All information you give us is held with the utmost care and security. 3T is committed to protecting your privacy. If you’re visiting our websites, using our products and services, working with any of our teams, meeting us at events or applying for a role with us, this privacy policy sets out what data we collect, and how we use it. It also describes your rights regarding our use of your data. With the privacy policy we also fulfill our information obligations from the applicable data protection law.

Please take time to review this privacy policy as it sets out our privacy practices and tells you how we will treat your personal information. We do not sell, rent or loan any identifiable information regarding our customers to any third party. Only in the circumstances described within this Privacy Policy would we share your information with any third party.

Applicable law

Generally: As a controller established in the United Kingdom, we comply with UK law and specifically with the provisions of the retained version of the General Data Protection Regulation (UK GDPR) and the Data Protection Act.

For EU residents (or other persons located in the EU): If you are a EU resident (or are otherwise located in the EU), the EU-GDPR applies to us regarding the processing of your personal data as well. Hence, we have ensured that we also fully comply with the GDPR you can exercise any data protection rights against us, as you would against a European Company.

1. Identity of the controller

1.1. Identity of the controller

3T Software Labs Limited
Unit 5 Brockley Road,
Elsworth,
Cambridge, CB23 4EY
United Kingdom

Email address: [email protected]

1.2. Designated representative for the EU

The controller, has designated an EU representative in accordance with Article 27 par. 1 GDPR. The EU representative is established in Germany. The contact details of the EU representative are as follows:

3T Software Labs GmbH
Berliner Straße 80-82
13189 Berlin

Email address: [email protected]

The contact person for all matters concerning the representation of the controller is the managing director Dr. Thomas Zahn.

2. Data processing on our Site

2.1. General use of the Site

Our webserver(s) register(s) all connections to the Site automatically and collects the following technical information about your visit:

  • Your IP address;
  • the name of the files accessed;
  • information about the transmission;
  • date and time of the connection;
  • the amount of data transmitted;
  • the requesting provider;
  • the referrer; and
  • the web browser/user agent.

We store this data in log files in order to ensure the safety and integrity of our IT-Systems. Additionally, we use your IP address only to enable communication with our Site. Both constitute our legitimate interests of us pursuant to Art. 6 par. 1 lit. f) GDPR/ GDPR UK. We store our log files for 8 weeks.

Our website uses Adobe Typekit to display its fonts. Adobe Typekit is a service provided by the Adobe Systems Software Ireland Limited, 4-6 Riverwalk, City West Business Campus, Saggart D24, Dublin, Ireland. Adobe acts as a processor for us in this regard. When you visit our site, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. In the course of providing the Typekit service, no cookies are placed or used to provide the fonts. In order to provide the Typekit service, Adobe collects font information that is used to identify the website itself and the associated Typekit account. For more information, please see the Adobe Typekit privacy information page (https://www.adobe.com/de/privacy/policies/typekit.html). The legal basis is Art. 6 par. 1 lit. f) GDPR/ GDPR UK. Adobe processes personal data in countries in the EU for which an adequacy regulation exists as well as in other third countries, for which adobe has concluded standard contractual clauses. For these purposes Adobe has concluded standard contractual clauses that suffice the EU as well as the UK standards. You can find more information under: https://www.adobe.com/content/dam/cc/uk/legal/terms/enterprise/pdfs/DPA-Sample-EU-uk_FX2.pdf and an example of the UK standard contractual clauses under: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and the EU standard contractual clauses under https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en respectively.

2.2. Buying a license

On our website you can purchase licenses for our software. We will then collect and process your:

  • First name
  • Last name
  • Company
  • Email address
  • Telephone number
  • A billing address

to process your order and the performance of the contract concluded. We support different payment methods provided by our Merchants of Records, FastSpring and Paddle.com, for example Credit Card, PayPal and Amazon pay. We will transfer certain information about the transaction to FastSpring or Paddle.com in order to facilitate your payment, especially the amount due. FastSpring or Paddle.com will inform us if the payment has been successful or not. FastSpring or Paddle.com may also collect additional information depending on the chosen method of payment and will inform you about its processing of personal data separately. We will process and store this information for the aforementioned purposes for three years in case it becomes necessary to establish or exercise or defend against legal claims. The legal basis for the processing is Art. 6 par. 1 lit. b) GDPR/ GDPR UK.

Please be aware that we might process personal information for a longer period in your license manager account or due to our legal obligation to retain certain documents.

2.3 Registering for a license manager account

On our site you can register for a license manager account by giving us your email address and a password of your choosing. A license manager account is required if you wish to use our software and your purchased or otherwise obtained licenses within it and to be able to manage your licenses (or the licenses of your company). We will use the information from your account to manage your licenses and to verify if and to what extent you are allowed to use our software. The legal basis for this processing is Art. 6 par. 1 lit. b) GDPR/ UK GDPR.

To authenticate you during the creation or log in, we use the services of Amazon AWS Cognito der Amazon Web Services EMEA Sàrl, Avenue John F. Kennedy 38, 1855 Luxembourg (“AWS”) as a processor. Generally, AWS processes personal data in data centers in Europe, for which an adequacy decision has been adopted. We have also concluded standard contractual clauses with AWS (or AWS with respective sub processors). You can obtain a copy of the standard contractual clauses on the ICO’s website (https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/) and the website of the EU Commission respectively (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en).

The account also provides you with the option to assign bought licenses to other users if you bought multiple or multi-user licenses. Licenses are paired with the user’s email addresses, so in order to give a license to another user you have to enter their email address in the license manager. We will then invite the user via email and ask them to claim their license. The processing is based on Art. 6 par. 1 lit. b) and f) GDPR/ UK GDPR. Our legitimate interest in the processing is to provide the licenses to the other persons.

Additionally, we will do license enquiries from time to time, in order to get an overview on the use of our licenses to pursue our legitimate interest to detect and prevent cases of license exploitation or fraud. This processing is based on Art. 6 par. 1 lit. f) GDPR/ UK GDPR.

We store the aforementioned information for as long as you have a license or account with us. At least we will keep the information for 3 years after the end of the year your license expires in order to be able to make or defend ourselves against claims that arise from the use of the license or stand in connection with it in any way.

2.4. Discounts

For certain groups of users, namely Startups, teachers, students, researchers and nonprofits, we offer special discounts on our products. To verify if you are entitled to receive such discount we collect:

If you apply for a Startup discount:

  • Your name
  • Your company email
  • Company name
  • Website
  • Establishment date
  • Supporting documents
  • Supporting links (if applicable)

If you apply for a teacher, student or researcher discount:

  • Name
  • Email address
  • Your role as teacher, student or researcher
  • Academic institution
  • Supporting documents (official documents verifying your status)

If you apply for a nonprofit discount:

  • Name
  • Email address
  • Organization name
  • Website
  • Supporting documents (if applicable)

The legal basis for verifying whether you are entitled to a discount is Art. 6 par. 1 lit. b) GDPR/ UK GDPR. Additionally, we use the data for the purposes described in Section 2.2.

As a company, we have to comply with certain legal obligations, such as to retain certain documents like business letters or invoices or other documents containing financial relevant information. Such documents may include personal information, for example in case of an invoice the recipient of the invoice. We will store and retain these documents for the time legally necessary and destroy them thereafter together with any personal data contained therein. The legal basis for this processing is Art. 6 par. 1 lit. c) GDPR / UK GDPR in connection with the respective laws. The retention period for tax relevant and financial documents is 6 years.

2.6. Feedback & Support via our Site

We enable you to contact us and ask us for support on our Site. For these purposes we collect your:

  • First name
  • Last name
  • Email address and
  • Your message to us

Depending on the topic you request our help for, we may ask you for additional information to help us assist you (like diagnostic logs). We may share this with our product development teams to enable them to reproduce and fix product issues. 3T also maintains a presence on Uservoice, Twitter, Facebook, YouTube, and LinkedIn. We manage your interactions with us using Hootsuite as well as using social media platforms directly. If you send us a message via social media, we may include this in our CRM systems.

The legal basis for these processing is Art. 6 par. 1 lit. f) GDPR/GDPR UK. Our legitimate interest is to answer your questions and fulfill your requests. We store your data for 3 years.

Some of our products also include feedback mechanisms such as live chat. If you’re signed into the product, we’ll see your name and email address when you chat to us. Any information you send to us in the chat session will be shared with our product development and support teams. We store your data for 3 years.

2.7. Registering for Academy 3T

To register for free Academy 3T courses, we ask you to create an account and provide us with your:

  • First name
  • Last name
  • Email address

We also require you to enter a password to access your account information. Please do not disclose your account password to unauthorized people.

We use this data to get insights on your course progression and feedback. Moreover, we use this data to provide course reminders and updates, and inform you of other educational resources that might be of interest to you. The legal basis is Art. 6 par. 1 lit. f) GDPR/GDPR UK. The aforementioned purposes also constitutes our legitimate interests. If you agreed in receiving this information, we store your data until you object. Otherwise, we delete your data after 3 years.

You can opt out of Academy 3T by sending an email to [email protected]. You can opt out of receiving educational emails at any time by clicking the unsubscribe link in these emails, or sending an email to [email protected].

2.8. Newsletters and drip campaigns

If you subscribe to our newsletter, we will send your emails with information about our products, onboarding, and use of our software (including educational emails). We also gather statistics around email opening and interaction using industry-standard technologies to analyze the performance or email campaigns. We use data about your interactions with our emails as an indicator of your interest in our products and to send you more appropriate information in the future. We store the data necessary for sending the newsletters until you withdraw your consent or object to the processing.

To send our emails we use processors that carry out the processing on our behalf. These processors are: 3T Software Labs GmbH, Berliner Straße 80-82,13189 Berlin and; HubSpot (see below sec. 10) and Twilio Ireland Limited, a company registered in the Republic of Ireland, whose registered address is 25-28 North Wall Quay, Dublin 1, Ireland. Hence, when you subscribe access our website your information is processed in the European Union and specifically in Germany and Ireland, which are a third country outside of the UK. However, the UK has adopted an adequacy regulation for the EU so that an adequate level of protection for any processing of your personal information is ensured. With Hub Spot Inc. we have concluded Standard Contractual Clauses as appropriate guarantees that ensure an adequate level of protection as well. You may obtain a copy under: https://legal.hubspot.com/dpa.

Depending on how you subscribed the legal basis for the processing is either your informed consent Art. 6 par. 1 lit. a) GDPR/GDPR UK or if you obtained one of our free licenses our legitimate interest to send you such email marketing (Art. 6 par. 1 lit f) GDPR in connection with the UK PECR regulation.

You may withdraw your consent or object to this processing at any time, for example by using the unsubscribe link in one of our emails or sending an email to [email protected].

2.9. About cookies

On our website we use cookies and similar technologies (for simplification we will refer to such technologies collectively as “cookies”) that either store information on your end device or access such information. Your web browser allows you to control whether cookies can be stored by our websites. However, some cookies are strictly necessary for our website to work properly. Your web browser’s documentation has more information on controlling cookie behavior.

We use cookies that are strictly necessary for our service to:

  • Maintain your active session
  • Store your preferences

Additionally – and with your informed consent – we also use cookies to:

  • Track the success of our marketing and advertising campaigns
  • Analyze the way people use our websites
  • Gather data on how our websites are performing

We provide you with an easy-to-use consent manager to either give or withdraw your consent at any time. You may access it via https://studio3t.com/#cookie-settings

For a detailed information on the analytics, tracking and advertising tools please refer to Section 11.

3. Data processing when you use our Software

3.1 Installing our software and registering for a license

You may download our software for free and without giving us any information about yourself. However, in order to use our software, you need to activate it with a valid license. You can either buy a license (see sec. 2.2) or use our restricted free license. In both cases (as well as for a free, time-limited trial of our software) you have to have or register for a license manager account (see sec. 2.3) though and enter your name during set up. We will process your information to verify if and to what extent you are allowed to use our software. You may also voluntarily enter your telephone number.

If you install our software and use our free license, we will also subscribe you to our newsletter (see section 2.8 above) and use your email address to contact you in the future for customer service and sales purposes, e.g. to inform you about renewal and upgrade options, which also constitutes our legitimate interests (Art. 6 par. 1 lit. f) GDPR/GDPR UK). For more information please refer to section 2.8 above.

3.2. Information sent to us when you use our products

Our products send in certain situations usage and fault reporting information to us. We use this to:

  • Measure how many people are using the different versions of our products, and the different features within them.
  • Understand the environments in which our products are used (for example, the operating system version, MongoDB Server version, the amount of system memory and screen resolutions)
  • Measure the success of our sales and marketing operations
  • Guide product development decisions and improve our products

During and for the transfer of the information our server will process your IP address which will then be processed as described under sec. 2.1 of this privacy policy. The information itself is stored in a usage profile under a random identifier for 12 months and then deleted. We will use the information to create aggregated and anonymous statistics and reports that help us to improve our products. The identifier cannot and will not be connected with your actual identity.

Some of our products allow you to submit error reports if something goes wrong. These contain logs and other diagnostic data, and you can choose to include your contact details and any additional information you think may be useful. Our support and development teams use this data to improve our products. If you choose not to include diagnostic data with an error report, an anonymous record of the type of error which occurred will be sent. This allows us to measure how many of our customers experience errors and prioritize our focus for product development.

The legal basis for this processing is Art. 6 par. 1 lit. f) GDPR/GDPR UK. The aforementioned purposes also constitute our legitimate interests.

4. Applying for a role with us

If you apply for a role at 3T, we will use all the information you provide to assess your application. In most cases this will be at least your name, address, birth date and your cv. If you are unsuccessful in your application, we will remove your data after 6 months.

The legal basis is Art. 6 par. 1 lit. f) GDPR/ GDPR UK. We may ask your permission to keep your details on file in our talent pool on the legal basis of Art. 6 par. 1 lit. a) GDPR/ GDPR UK. We store this data until you withdraw your consent.

5. Recipients of personal data and transfers to third countries outside of the UK (or EU)

Internally, we process your personal data in the relevant department. Externally, we use selected third parties to help us process data, which helps us deliver our products and services to you. Specifically, we use service providers to run our online shop, to send you emails, to provide you with the Site’s “Feedback & Support” tool and generally, to give you access to our site. If you ask for assistance, support or other services, your data may be processed by affiliated companies, which will provide the services directly to you.

We do not sell any data regarding your use of our products or services except as part of a reorganization or a sale of the assets of 3T. In such case, we will ensure that your privacy continues to be protected.

For any processing described under section 2 and 3, we use to different extents the 3T Software Labs GmbH, Berliner Straße 80-82,13189 Berlin as a data processor on our behalf. Hence, when you access our website, use our software or subscribe to a newsletter, your information is processed in the European Union and specifically in Germany, which is a third country outside of the UK. However, the UK has adopted an adequacy regulation for the EU so that an adequate level of protection for any processing of your personal information is ensured.

Some of our other service providers reside outside of the UK as well, in most cases in the EU. For these service providers (that are named throughout the privacy policy) the adequacy regulation applies as well.

To the extent that there is no adequacy regulation (Art. 46 UK GDPR) or adequacy decision (Art. 46 GDPR) for the transfer of data from the European Economic Area, or the United Kingdom respectively, we have concluded the UK and EU standard contractual clauses with these providers. You can obtain a copy of the standard contractual clauses on the ICO’s website (https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/) and the website of the EU Commission respectively (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en).

6. Your rights

If the respective requirements are met, the GDPR/ GDPR UK grants you certain rights as a data subject.

– Art. 15 GDPR/ GDPR UK – Right of access: You shall have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain information.

– Art. 16 GDPR/ GDPR UK – Right to rectification: You shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

– Art. 17 GDPR / GDPR UK – Right to erasure: You shall have the right to obtain from us the erasure of personal data concerning you without undue delay.

– Art. 18 GDPR/ GDPR UK – Right to restriction of processing: You shall have the right to obtain from us the restriction of processing.

– Art. 20 GDPR/ GDPR UK – Right to data portability: You shall have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you shall have the right to transmit those data to another controller without hindrance from us. You shall also have the right to have the personal data transmitted directly from us to another controller, where technically feasible.

– Art. 21 GDPR/ GDPR UK – Right to object: You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, which is based on legitimate interests or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller

In such a case, we shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms or where the processing is necessary for the establishment, exercise or defence of legal claims.

Where personal data are processed for direct marketing purposes, the you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

– Art. 77 GDPR – Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, within the territorial scope of the GDPR, you shall have the right to lodge a complaint with a supervisory authority, in particular in the (EU) Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

– Art. 77 GDPR UK – Right to lodge a complaint with the Commissoner: Without prejudice to any other administrative or judicial remedy, within the territorial scope of the GDPR UK, you shall have to right to lodge a complaint with the Commissioner if you consinder that the processing of personal data relating to you infringes the GDPR UK.

Where the processing is based on your informed consent, you shall have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. Therefore, you may send us a message to [email protected].

7. Your obligation to provide us with personal data

You have no statutory or contractual obligation to provide us with any personal data. However, we may not be able to provide you with our services if you decide not to do so.

8. Existence of automated decision-making, including profiling

We do not use automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you.

9. Tools used on our website for analytics, marketing and other purposes

We use several tools and technologies for analytics, marketing and other purposes. These technologies usually store cookies or other information on your device and access such information. Hence, we will only use these technologies with your explicit consent according to PECR or the applicable e-Privacy regulation (such as the German Telekommunikation-Telemedien-Datenschutz-Gesetz – TTDSG).

Accordingly, any processing of personal data is based on your informed consent (Art. 6 par. 1 lit. a) GDPR / UK GDPR).

You can give us or withdraw your consent at any time in our Consent Manager: https://studio3t.com/#cookie-settings

9.1 Performance

The purpose “Performance” allow us to collect information such as number of visits and sources of traffic. This information is used in aggregate form to help us understand how our websites are being used, allowing us to improve both our website’s performance and your experience. We also may use this information for personalized advertising.

Google Tag Manager:

Google Tag Manager operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, (“Google“) as a processor on our behalf is a solution with which we can manage so-called website tags via an interface and thus integrate other services into our online offer (please refer to further information in this data protection declaration). The Tag Manager itself (which implements the tags) does not create user profiles or store cookies. Google only learns the user’s IP address, which is necessary for the Google Tag Manager to be able to perform its functions.

Generally, any personal data in connection with Google Analytics is processed in the EU and/or UK; however, if that should in exceptional cases not be the case, Google has concluded standard contractual clauses with any recipient in a third country. Please see https://business.safety.google/adsprocessorterms/ for more details.

Google Analytics

We use Google Analytics, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, (“Google“) to collect information about how users use our Site. The information generated by the cookie about your use of the Site will be transmitted to and stored by Google on servers in the United States. As IP-anonymization is activated, your IP address will be anonymized as soon as technically feasible at the earliest possible stage of the collection network. In addition, it will only be partially used within the European Union or just in the European Economic Area if it is used by other parties. Only in exceptional cases, the full IP address will be transferred to a Google server in the United States, and then shortened so it is only partially used there.

Google will use this information on our behalf for the purpose of analyzing your use of the Site, compiling reports on the website activity and providing other services relating to activity on the Site and internet usage. The IP address that your browser conveys within the scope of Google Analytics will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser; please note, however, that if you do this you may not be able to use our service comprehensively.

Generally, any personal data in connection with Google Analytics is processed in the EU; however, if that should in exceptional cases not be the case, Google has concluded standard contractual clauses with any recipient in a third country. Please see https://business.safety.google/adsprocessorterms/ for more details.

The legal basis for this data processing is your consent in accordance with Art. 6 par. 1 lit. a) GDPR/ GDPR UK.

The collected data is stored for 50 months. Further information on how Google processes personal data is available at: https://policies.google.com/?hl=en.

We use the online marketing tool “Google Ads” to place ads in the Google advertising network (e.g., in search results, in videos, on web pages, etc.) so that they are displayed to users who have a presumed interest in the ads (so-called “conversion”). We also measure the conversion of the ads. However, we only learn the anonymous total number of users who clicked on our ad and were redirected to a page marked with a so-called “conversion tracking tag”. We do not receive any information with which users can be identified. You can find more information under:  https://policies.google.com/privacy; and https://privacy.google.com/businesses/adsservices.

We also use enhanced conversions for Google Ads: When you click on our Google ads and subsequently use the advertised service (so-called “conversion”), the data entered by the user, such as the email address, name, residential address or telephone number, may be transmitted to Google. The hash values are then matched with existing Google accounts of the users in order to better evaluate and improve the interaction of the users with the advertisements (e.g. clicks or views) and thus their performance.

Bing Ads

We use Bing Ads Universal Event Tracking, a conversion tracking service of the Microsoft Ireland operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland (“Microsoft”). The service enables us to track your activities, if you accessed our site by clicking on a bing advertisement. For this purpose, Microsoft stores a cookie on your device. By using this cookie, Microsoft and we can see the total number of users that clicked on the ad. This data is stored by Microsoft for 180 days. We have no access to any personal information about you.

Facebook

We use the “Custom Audiences” pixel of the social network Facebook within our website. So-called tracking pixels are integrated on our pages. When you visit our pages, a direct connection is established between your browser and the Facebook server via the tracking pixel. Facebook thus receives information from your browser that our site has been accessed from your end device. If you are a Facebook user, this enables Facebook to associate your visit to our pages with your user account. Facebook can then measure the performance of content and advertisements, as well as play advertisements on Facebook in a targeted manner. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. We can only select which segments of Facebook users (such as age, interests) should be shown our advertisements. We do not use the feature “Facebook Custom Audiences via the customer list”. We do not transmit any customer data to Facebook, in particular no e-mail addresses – neither encrypted nor unencrypted. The “advanced matching” function is deactivated.

We are jointly responsible with Facebook for the information collected through Facebook Business Tools of Meta Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). Information about Facebook and the contact details of its data protection officer, as well as further information about how Facebook processes personal data, including the legal basis and how you can exercise your rights as a data subject against Facebook, can be found in Facebook’s data policy. We have entered into a Shared Responsibility Agreement (Art. 26 GDPR) with Facebook, which sets out our respective responsibilities for fulfilling our obligations under the GDPR with respect to joint processing. Thereafter, we are obliged to provide the above information and Facebook has assumed responsibility for the further data subject rights under Art. 15-20 of the GDPR.We are jointly responsible with Facebook for the targeting of advertising on Facebook under data protection law. You can find more information at: https://www.facebook.com/legal/controller_addendum  and https://www.facebook.com/legal/terms/businesstools_jointprocessing as well as in Facebook’s privacy policy https://de-de.facebook.com/policy.php.

We also use the Facebook Conversion API. No cookies or other files are stored on your device or data on your device is accessed. The Conversion API allows us to track how successful our activities are on Facebook. When you reach us via an ad on Facebook, Facebook assigns you an ID and shares this ID with us. If you then submit one of our forms, we in turn transmit this ID to Facebook so that Facebook can determine from which ad you arrived at our site. Of course, the content data of the form is not transmitted. In the end, we only receive anonymous and aggregated statistics on the success of our ads from which we cannot identify individual users. Facebook acts on our behalf within the scope of these activities. The legal basis for the processing in this case is Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest lies in being able to measure the success of our campaigns.

The information obtained by using the Facebook Conversion API is also used to optimise future campaigns, which is also in our legitimate interest (Art. 6 para. 1 lit. f) DSGVO). Here too, you can prevent and object to the processing by making the appropriate setting in your privacy settings on Facebook. We are jointly responsible with Facebook for processing for these purposes under data protection law. You can find more details about our cooperation and the respective responsibilities at: https://www.facebook.com/legal/controller_addendum and https://www.facebook.com/legal/terms/businesstools_jointprocessing as well as in Facebook’s privacy policy https://de-de.facebook.com/policy.php.

LinkedIn

We also use the analysis and conversion tracking technology of the LinkedIn platform. The data processing is carried out by: LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn places a cookie on your computer, from which information is obtained for the display of advertising. LinkedIn collects information about your use of our site in order to recognise you on LinkedIn and target you with our ads or to track when you have clicked on one of our ads on LinkedIn. LinkedIn also processes your data in the United States of America, among other places. In order to provide suitable guarantees for the transfer, we have concluded standard contractual clauses of the European Union with LinkedIn, which establish an appropriate level of data protection. You can obtain a copy at: https://www.linkedin.com/legal/l/dpa.

Quora Ads

On our website, we use services from Quora Inc., 605 Castro Street, Mountain View, CA 94041, USA. Quora.

Quora helps us to show you advertising within the Quora network and on the Quora site as well as to to track user behaviour after they have been redirected to our websites by clicking on a Quora ad. This allows us to track the effectiveness of Quora ads for statistical and market research purposes. We only obtain anonymous and aggregated information from Quora. Quora itself however may link this information to your Quora account and also use it for its own promotional purposes, in accordance with Quora’s privacy policy: https://www.quora.com/about/privacy. A cookie may also be stored on your computer for these purposes. Quora processes personal data in third countries outside of the UK/EU respectively. We have concluded Standard Contractual Clauses with Quora to ensure an adequate level of protection of your personal information.

Hotjar

We also use Hotjar (Dragonara Business Centre 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta) in order to better understand our users’ needs and to optimize this service and experience.

Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. For further details, please see the ‘about Hotjar’ section of Hotjar’s support site: https://help.hotjar.com/hc/en-us/categories/115001323967-About-Hotjar.

Reddit

Our website employs advertising services provided by Reddit, a renowned social news and discussion platform based in the United States.

Reddit helps us display targeted advertising to you within the Reddit network and on the Reddit site. Additionally, we may use Reddit to track user behaviour  after they have been redirected to our website by clicking on a Reddit ad, which allows us to measure the effectiveness of our advertising campaigns for statistical and market research purposes. We only receive anonymous and aggregated information from Reddit. However, Reddit may link this information to your Reddit account and use it for its own promotional purposes, in accordance with Reddit’s privacy policy: https://www.redditinc.com/policies/privacy-policy. A cookie may also, if accepted, be stored on your device for these purposes. Reddit processes personal data in third countries outside of the UK/EU respectively. To ensure an adequate level of protection of your personal information, we have concluded Standard Contractual Clauses with Reddit.

9.2 Functional

The purpose “Functional” means that we collect information about your preferences and choices and make using the website a lot easier and more relevant. Without these cookies, some of the site functionality may not work as intended.

HubSpot

We use the services of HubSpot (HubSpot Ireland Ltd., 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telefon: +353 1 5187500 “HubSpot”). HubSpot is an integrated software solution that we use to cover different aspects of our online marketing. This includes, among others:

  • Email marketing (e.g. marketing and sales emails)
  • Contact management (e.g, user segmentation & CRM)
  • Customer support (e.g. tickets, customer support emails)
  • Reporting (e.g., sources of traffic, access, etc.)
  • Contact forms

HubSpot tracks visitors using browser cookies. Every time a visitor lands on our website, HubSpot will check for an existing tracking cookie. If one does not exist, a cookie will be associated with that visitor and will log every page that person visits moving forward. Visitors will be tracked anonymously. If a visitor fills out a form, HubSpot will associate their previous page views based on the tracking cookie. Visitors will be tracked anonymously even before they become contacts. We use this data to analyze and improve our website and services in order to make them more appealing to you. 

Insofar as data is processed outside the EU/EEA or the UK and there is no level of data protection corresponding to the European or the UK standard, we have concluded EU standard contractual clauses (and the “EU SCCs UK Amendment”) with the service provider to establish an adequate level of data protection.

More information on HubSpot’s data privacy provisions

More information from HubSpot regarding to EU data protection provisions

More information on the cookies used by HubSpot can be found here & here

9.3 Social Media

For the purpose Social media we share user behaviour information with a third-party social media platform. They may consequently effect how social media sites present you with information in the future.

9.4 Training

The purpose of “Training” means that we may collect information to help train internally to better be able to assist our customers and prospects and to provide training to our staff. We may also use this information to help capture information about the use of our product and to be able to improve it.

Aircall

We use Aircall (a Delaware corporation with offices at 381 Park Ave South, Floor 16, New York, New York 10016) as a tool for making telephone calls to customers and users around the world. We may use Aircall for recording or monitoring of these calls but only at the express permission of the callee and all permission will be asked prior to any recording taking place.

Aircall may transfer this data outside of the EU/EEA. To ensure an adequate level of protection we have concluded Standard Contractual Clauses with Aircall. Aircalls privacy policy can be found at https://aircall.io/en-gb/privacy/

10. Questions about data privacy

If you have any questions regarding this policy, or wish to make a complaint about the way we’ve handled your personal information, contact [email protected].

11. Miscellaneous

We encourage the responsible disclosure of security issues, and will act quickly on any vulnerabilities reported. We will not take legal action against you if you:

  • Provide us with the information needed to reproduce and validate the vulnerability
  • Avoid violating the privacy of our customers, staff and other users
  • Avoid the destruction of data, or degradation of our services
  • Do not modify or access data that is not your own
  • Give us a reasonable time to address the issue before making any information public

12. Changes to this privacy policy

We regularly review our privacy policy. This policy was last updated on March 11th 2024.