Privacy Policy

Person responsible for website content:
Michael Lisch - Managing Director

WolfVision GmbH
Oberes Ried 14
6833 Klaus
Austria

Tel: +43-(0)5523-52250-0
Fax: +43-(0)5523-52249
E-Mail: wolfvision@wolfvision.com

 

Data Protection Policy

This data protection policy statement clarifies the nature, scope, and purpose of the processing of personal data (hereinafter referred to as ‘data’) within our online offering, and related websites, features, and content, as well as our external online presence, e.g. our social media profiles (collectively referred to as the ‘online offering’. Regarding the terminology used, e.g. ‘processing’ or ‘responsible’, we refer to the definitions in Article 4 of the General Data Protection Regulations (GDPR).
 

We will use the data to help keep you informed about our latest offers. If you do not wish to receive this information, you are of course free to terminate future receipt of information from us, either all or in part, by contacting us by telephone (Tel. no +43 5523 52250) or by email (wolfvision@wolfvision.com).
On request we will provide you free of charge with details about your own stored data. Upon request we will correct, block, or delete it.

Types of data processed:

- Basic data(e.g. Name, Address).
- Contact data (e.g. Email, telephone number).
- Content data (e.g. Text input, photographs, videos).
- Usage data (e.g. Websites visited, interest in content, access times).
- Meta/communication data (e.g. device information, IP addresses).
 

Categories of data subjects

Visitors and users of the online offering (hereinafter we refer to these data subjects as ‘users’).
 

Purpose of processing

- Provision of the online offering, its functions, and contents
- Answering contact requests, and communicating with users
- Security measures
- Audience measurement/marketing
 

Terminology used

‘Personal data‘ means any information relating to an identified or identifiable individual person (hereinafter the ‘data subject‘); an individual person is considered as identifiable, if they can be identified directly or indirectly, in particular by means of assignment of an identifier, such as a name, an identification number, location data, to an online identifier (e.g. a cookie) or to one or more special features that express the physical, physiological, genetic, mental, economic, cultural or social identity of this individual person.

‘Processing‘ means any process performed with or without the aid of automated procedures, or any such process associated with personal data. The term is far reaching and includes virtually all handling of data.

‘Pseudonymisation‘ means the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without additional information being provided, provided that such additional information is kept separate and subject to technical and organisational measures to ensure that personal data is not assigned to an identified or identifiable individual person.

‘Profiling‘ means any kind of automated processing of personal data which involves the use of such personal data to evaluate certain personal attributes relating to an individual person, in particular aspects relating to job performance, economic situation, health, personal preferences, interests, reliability, behaviour, whereabouts or change of location of that individual person.

’Responsible person‘ means the individual or legal person, authority, agency or other body that decides, alone, or together with others, on the purpose and means of processing personal data.

Relevant statutory sources

In accordance with Article 13 GDPR we inform you about the legal basis of our data processing. Unless the legal basis in the data protection declaration is mentioned, the following applies: The legal basis for obtaining consent is article 6 (1) lit. a and Article 7 GDPR, the legal basis for processing for the delivery of our services, and the execution of contractual measures, as well as the response to enquiries is Article 6 (1) lit. b GDPR, the legal basis for processing in order to fulfil our legal obligations is Article 6 (1) lit. c GDPR, and the legal basis for processing in order to safeguard our legitimate interests is Article 6 (1) lit. f GDPR. In the event that vital interests of the data subject or another individual person require the processing of personal data, the legal basis is Article 6 para. 1 lit. d GDPR.

Security measures

We take appropriate technical measures in accordance with Article 32 GDPR considering the available technology, implementation costs, and the type, scope, circumstances, and purpose of the processing, as well as the differing likelihood and severity of the risk to the rights and freedom of the individual persons. We take technical and organisational measures to ensure a level of protection that is appropriate to the risk.

Measures include ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, the relevance of its access, as well as input, disclosure, availability, and separation. We have also set up procedures to ensure the rights of data subjects, deletion of data, and to guard against the risk of data vulnerability. Furthermore, we consider the protection of personal data, already during the development or selection of hardware, software and procedures, according to the principle of data protection through technology design, and through data protection-friendly default settings (Article 25 GDPR).
 

Collaboration with processors and third parties

If, in the context of our processing, we disclose data to other persons and companies (contract processors or third parties), transmit to them or otherwise grant access to the data, this will only be done based on legal permission (e.g. if a transmission of data to third parties such as payment service providers, pursuant to Article 6 (1) para. 1 lit. b GDPR to fulfil the contract),that you have consented to a legal obligation or is based on our legitimate interests (e.g. the use of agents, webhosters, etc.).

If we commission third parties to process data based on a so-called ‘contract processing contract’, this is done based on Article 28 GDPR.

Transfer to other third party countries

If we process data in a third party country (i.e. outside the European Union EU) or European Economic Area (EEA)), or in the context of the use of third party services or disclosure or transmission of data to third parties, this will only be done if it is to fulfil our (pre) contractual obligations, based on your consent, based on a legal obligation or based on our legitimate interests. Subject to legal or contractual permissions, we process or have data processed in a third party country only under the special conditions of Article 44 ff. GDPR. The processing is e.g. based on specific guarantees, such as the officially recognised level of data protection (e.g. for the USA through the ‘Privacy Shield’) or compliance with the officially recognised special contractual obligations (so-called ‘standard contractual clauses’).

Rights of data subjects

You have the right to ask for confirmation as to whether the data in question is being processed, and for information about this data, as well as for further information and a copy of the data, in accordance with Article 15. GDPR.

You have accordingly, under Article 16 GDPR, the right to demand the completion of the data concerning you, or the correction of any incorrect data concerning you.

In accordance with Article 17 GDPR the right to demand that relevant data is deleted immediately, or alternatively, to require a restriction in the processing of the data, in accordance with Article 18 GDPR.

You have the right to demand that the data relating to you, which you have provided to us, be obtained in accordance with Article 20 GDPR, and request its transmission responsible persons.

You have the right under Article 77 GDPR to file a complaint with the appropriate supervisory authority.

Withdrawal

You have the right in accordance with Article 7 para. 3 GDPR to withdraw your consent at any time with effect for the future.

Right to object

You can object to the future processing of your data in accordance with Article 21 GDPR at any time. The objection may be made against processing for direct marketing purposes.

Cookies and the right to object to direct advertising

‘Cookies‘ are small files that are stored on users‘ computers. Different information can be stored inside the cookie. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after the visit to an online offering. Temporary cookies or ‘session cookies‘ or ‘transient cookies‘ are cookies that are deleted after the user leaves an online service and closes the browser. In such a cookie, e.g. The contents of a shopping cart in an online shop or a login status are saved. The term ‘permanent‘ or ‘persistent‘ refers to cookies that remain stored even after the browser has been closed. Thus e.g. The login status will be saved if users visit the site again after several days. Likewise, is such a cookie, the interests of the users can be stored, which are used for reach measurement or marketing purposes. A ‘third party cookie‘ refers to cookies that are offered by providers other than the person who manages the online offering (otherwise, it is only their cookies, which are called ’first party cookies’.

We can use temporary and permanent cookies, and clarify this in the context of our privacy policy.
If users do not want cookies stored on their computer, they can disable the option in their browser’s system settings. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to restrictions in functionality of this online offering.

A general objection to and explanation of the use of cookies used for online marketing purposes is available for a variety of services, especially in the case of tracking, via the USA website: http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be prevented by switching the preference off in the browser settings. Please note that in this instance, there is a possibility that not all features of our online offering can be used.
 

If you want to know which cookies have been saved in your browser, change cookie settings or delete cookies, you can do this via your browser settings page:
Safari: Manage cookies and website data using Safari
Firefox: Delete cookies to remove the information websites have stored on your computer
Chrome: Clear, enable, and manage cookies
Internet Explorer: Delete and manage Cookies

If you do not wish to have data stored in cookies, you can set up your browser to inform you about cookie placement, and to allow this only in individually selected cases. You can always delete cookies that are already on your computer or disable cookies. The procedure for doing this is different, depending on the browser used. It is best to search for instructions in Google search with the words ‘delete cookies Chrome’ or ‘disable cookies Chrome’ in the case of a Chrome browser, or exchange the word ‘Chrome’ to the name of your browser, e.g. Edge, Safari or Firefox.
If you do not generally allow us to use cookies, because you have disabled them via a browser setting, some features and pages may not work as expected.

 

Deletion of data

The data processed by us is deleted or limited in its processing in accordance with articles 17 and 18 GDPR. Unless explicitly stated in this privacy policy, the data stored by us is deleted as soon as it is no longer required for its purpose, and that deletion does not conflict with any requirement for statutory storage. If the data is not deleted because it is required other legitimate purposes, its processing will be restricted, i.e. The data is locked and not processed for other purposes. This applies, for example, in cases where data must be kept for commercial or tax reasons.

According to legal requirements in Germany, storage is for 10 years according to §§ 147 para. 1 AO, 257 paras. 1 Nr. 1 and 4, para. 4 HGB (Books, records, management reports, accounting documents, trading books, relevant taxation documents etc.) and for 6 years in accordance with § 257 (1) no. 2 and 3, para. 4 HGB (commercial letters).

According to legal regulations in Austria, storage is for 7 years according to § 132 paragraph. 1 BAO (accounting documents, vouchers / invoices, receipts, documents, business papers, statement of income and expenses, etc.), for 22 years in connection with real estate and for 10 years in the case of documents relating to electronically supplied services, telecommunications, broadcasting and television services provided to non-entrepreneurs in EU Member States and for which the Mini-One-Stop-Shop (MOSS) is used.

 

Administration, financial accounting, office organisation, contact management

We process data in the context of administrative tasks and organisation of our business, financial accounting, and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process during rendering our contractual services. The processing principles are Article 6 para. 1 lit. C GDPR, Article 6 para. 1 lit. F GDPR. The processing affects customers, prospects, business partners, and website visitors. The purpose and interest in processing lies in administration, financial accounting, office organisation, data archiving, that is, tasks that serve to maintain our business, perform our duties, and provide our services. The deletion of data in terms of contractual communication corresponds to the information provided in these processing activities.

We disclose or transmit data to the financial administration, advisors, such as tax accountants or auditors, and other fee and payment service providers.

Furthermore, based on our business interests, we store information about suppliers, operators, and other business partners, e.g. for future contact. We generally store most of this company-related data permanently.
 

 

Registration function

Users can create a user account in the partner area. As part of the registration, the required mandatory user information is communicated and based on Article 6 para. 1 lit. D GDPR processed for the purposes of providing the user account. The processed data includes the login information (name, password, and an email address). The data entered during registration will be used for using the user account.

Users can have access to information relevant to their own user account, e.g. To be informed via email about technical changes. If users have terminated their user account, their data will be deleted with respect to the user account, subject to a statutory retention requirement. It is the responsibility of the users to secure their data upon termination before the end of the contract. We are entitled to irretrievably delete all user data stored during the term of the contract.

In the context of registration, and using our registration functions, as well as the use of the user account, we store the IP address and time of the respective user action. This storage is based on legitimate interests, as well as for protection of the user against misuse, and other unauthorised activity. A transfer of this data to a third party does not take place, unless it is necessary for the pursuit of claims, or if there is a legal obligation in accordance with Article 6, para. 1 lit. c. GDPR. The IP addresses will be anonymised or deleted after 7 days at the latest.

 

Contact

When contacting us (for example by contact form, email, telephone or via social media) the information of the user will be processed to fulfil the contact request in accordance with Article 6 para. 1 lit. b (in the context of contractual/pre-contractual relationships), Article 6, para. 1 lit. f (other requests) GDPR. User information can be stored in a Customer Relationship Management System (CRM system) or comparable organisation systems. We are using Salesforce as our main CRM. More details in the according chapter.     

 

Newsletter

With the following information we inform you about the content of our newsletters, as well as the registration, dispatch, and statistical evaluation procedures, as well as your right of objection. By subscribing to our newsletter, you agree to receive it, and to the procedures as described.

Content of the newsletter: We send newsletters, emails, and other electronic notifications with advertising information (hereinafter ‘newsletter) only with the consent of the recipient, or a legal permission: Insofar as the contents of a newsletter can be accurately described, the description is relevant for the user to decide to give consent. Incidentally our newsletters contain information about our products and accompanying information ( such as safety instructions), offers, promotions, and about our company.

Double opt-in and logging: Registration for our newsletter is carried out using a so-called double opt-in procedure. After registration you will receive an email asking you to confirm your registration. This confirmation is necessary so that nobody can register using an unproven email address. The registration for the newsletter will be logged to approve the registration process according to the legal requirements. This includes the storage of the login and confirmation time, as well as the IP address. Likewise, changes to your data stored with the email sending service provider will also be logged.

Credentials: To subscribe to the newsletter, it is sufficient to provide your email address. Optionally we ask you to provide a name in order that we may address you personally.

The sending of the newsletter and the associated performance measurement are based on a consent of the recipients according to Article 6 para. 1 lit. A, Article 7 GDPR i.V.m § 107 para. 2 TKG, or if consent is not required, based on our legitimate interests in direct marketing, according to Article 6, para. 1 lit. F. GDPR i.V.m § 107 para. 2 u. 3 TKG.

The logging of the registration process is based on our legitimate interests in accordance with Article 6 para. 1 lit. F GDPR. Our interest lies in the use of a user-friendly and secure newsletter system, which serves both our business interests, and the expectations of the users, and allows us to prove our consent.

Termination/Revocation – You may terminate the receipt of our newsletter at any time, i.e. revoke your consent. A link to cancel the newsletter can be found at the end of each newsletter. We may save the submitted email addresses for up to 3 years based on our legitimate interests before we delete them so that we can prove prior consent. The processing of this data is limited to the purpose of a possible defence against claims. An individual request for cancellation is possible at any time, provided that at the same time, the former existence of a consent is confirmed.

 

Newsletter - Salesforce Pardot

The newsletter is sent by the sending service provider SFDC Ireland Ltd., Salesforce Level 1, Block A, Nova Atria North, Sandyford Business Park, Dublin 18, Ireland. The privacy policy of this email sending service provider can be viewed here: https://www.salesforce.com/company/privacy/. The email sending service provider usage is based on our legitimate interests according to Article 6, para. 1 lit. f GDPR and a contract processing agreement according to Article 28 (3) sentence 1 GDPR.

The sending service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user to optimise or improve its own services, e.g. for the technical optimisation of sending, and presentation of newsletters, or for statistical purposes. However, the sending service provider does not use the data of our newsletter recipients to contact them themselves or to pass the data on to any third party.

 

Newsletter – performance measurement

The newsletters contain a so-called ‚web beacon‘, which is a pixel-sized file that is retrieved from the server when opening the newsletter from our server, or when using an email sending service provider. This retrieval initially collects technical information, such as information about the browser, and your system, as well as your IP address, and the time of retrieval.

This information is used to improve the technical performance of services based on their specifications or audience, and their reading habits, based on their locations (which can be determined using the IP address) or access times. Statistical surveys also include determining if the newsletters are opened, when they were opened, and which links were clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our goal, nor that of the sending service provider to observe individual users. The evaluations serve us much more to recognise the reading habits of our users, and to adapt our content to them or to send different content according to the interests of our users.

A separate revocation of the performance measurement is unfortunately not possible, in this case the entire newsletter subscription must be terminated.

 

Hosting and Email sending

The hosting services we use are designed to provide the following services: infrastructure and platform services, computing capacity, storage and database services, emailing, security, as well as the technical maintenance services we use to operate this online offering.

Here we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offering based on our legitimate interests, in an efficient and secure provision of this online offering according to Article 6, para. 1 lit. f GDPR i.V.m. Article 28 GDPR (conclusion of contract processing contract).

 

Collection of access data and log files

We, or our hosting provider collect based on our legitimate interests within the meaning of Article 6, para. 1 lit. f. GDPR data on every access to the server on which this service is located (so-called server log files). The access data includes name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

Log file information is stored for security purposes (for example to investigate abusive of fraudulent activities) for a maximum of 14 days, and then deleted. Data whose further retention is required for evidence purposes shall be exempted from deletion until final clarification of the incident has been completed.

 

Evaluation of Visitor Behaviour

In the following Privacy Policy, we will inform you on if and how we evaluate the data of your visit to this website. The evaluation is generally made anonymously, and we cannot link to you personally based on your behaviour on this website.

You can find out more about how to disagree with the evaluation of visitor data, in the Privacy Policy below.

 

TLS encryption with https

We use https to transfer information on the internet in a tap-proof manner (data protection through technology design Article 25 Section 1 GDPR). With the use of TLS (Transport Layer Security), which is an encryption protocol for safe data transfer on the internet, we can ensure the protection of confidential information. You can recognise the use of this safeguarding tool by the little lock-symbol, which is situated in your browser’s top left corner, as well as by the use of the letters https (instead of http) as a part of our web address.

 

Google Maps Privacy Policy

On our website we use Google Maps of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). With the use of Google Maps, we can show you locations in a better way and can therefore adjust our service to your needs. Due to the utilisation of Google Maps, data gets transferred to Google and is saved on Google’s servers. In the following, we want to explain in detail what Google Maps is, why we use this Google service, what data is stored and how you can prevent this.

What is Google Maps?

Google Maps is an internet maps service of the company Google Inc. With Google Maps you can search for exact locations of cities, sights, accommodations or businesses online via a PC, a tablet or an app. If businesses are represented on Google My Business, the respective location as well as other information about the company are shown there. In order to show route directions, a location’s map sections can be integrated in a website through a HTML-code. Google Maps depicts the earth’s surface as either a road map or as air and satellite images. Due to the street view and high-quality satellite images, it is possible for exact representations to be made.

Why do we use Google Maps on our website?

The efforts we make on this page have the goal of giving you a useful and meaningful experience on our website. Through the integration of Google Maps, we can offer you essential information on various locations. Therefore, you can spot our office address with one glance. Furthermore, the route directions always show you the best and fastest way to us. You can retrieve the route directions for traveling either by car, by public transport, on foot or by bike. The integration of Google Maps is a part of our customer service.

What data is stored by Google Maps?

For Google Maps to offer its full services, the company must collect and store your data. This includes your entered search terms, your IP-address as well as your longitude and latitude coordinates. When you use the route-planner function, the entered start address is stored also. However, this data retention happens on Google Maps‘ websites. We can only inform you about it but cannot influence it in any way. Since we have included Google Maps on our website, Google will set at least one cookie (Name: NID) into your browser. This cookie saves data on your user behaviour. Google primarily uses this data to optimise ist own services and to provide you with individual, personalised advertisements.

The following cookies are set in your browser due to the integration of Google Maps:

Name: NID
Value: 188=h26c1Ktha7fCQTx8rXgLyATyITJ111644684-5
Purpose: Google uses NID in order to adjust advertisments to your Google searches. With the cookie’s help Google “remembers“ your most frequently entered search queries or your previous interaction with ads. That way you always receive customised adertisments. The cookie contains a unique ID, wich Google uses to collect your personal settings for advertising porposes.
Expiration date: after 6 months

Note: We cannot guarantee completeness of the information on saved data. This is, because especially concerning the use of cookies, changes can happen anytime. To identify the cookie NID, a test page was created, to which Google Maps was included.

How long and where is the data saved?

There are Google servers in data centres across the entire planet. However, most servers are in America. For this reason, your data is widely stored in the USA. Here you can read in detail about where the Google servers are located: https://www.google.com/about/datacenters/inside/locations/?hl=en

Google distributes data to various data carriers. This makes it possible to retrieve the data faster and to better protect it from possible attempted manipulations. Every server has emergency programs. Thus, should for example a problem with Google’s hardware occur or should a natural disaster impact the servers, any data will quite certainly stay protected.

Moreover, Google saves some data for a specified period. With some other data on the other hand, Google only offers the opportunity for deleting it manually. Furthermore, the company anonymises information (e.g. advertising data) in server logs, by deleting a part of the IP-address and cookie information after 9 to 18 months.

How can I delete my data, or prevent data retention?

Due to the automatic delete function for location and activity data, which was introduced in 2019, information that is used for determining your location and web or app activity is saved for either 3 or 18 months, depending on your preferred decision, and is deleted thereafter.
Furthermore, it is possible to delete this data manually from your browser history via your Google account anytime. If you want to prevent the determination of your location altogether, you must pause the category “Web and app activity” in your Google account. Click on “Data and personalisation” and then choose the option “Activity controls”. Here you can switch the activities on or off.

Moreover, in your browser you can deactivate, delete or manage individual cookies. This function can differ a little, depending on what browser you are using. The following instructions will show you how to manage cookies in your browser:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

If you generally do not want to permit any cookies, you can set up your browser in a way that ensures you get informed whenever a cookie is about to be placed. That way you can decide to either permit or refuse every single cookie.

Google is an active participant of the EU-U.S. Privacy Shield Framework, which regulates the correct and safe transfer of personal data. You can find more information on this on https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI.
If you want to find out more about Google’s data processing, we recommend the company’s internal privacy statement on https://policies.google.com/privacy?hl=en-GB.

 

Google Analytics Privacy Policy

We use the tracking and analysis tool Google Analytics (GA) of the US-American company Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google Analytics collects data on your actions on our website. Whenever you click a link for example, this action is saved in a cookie and transferred to Google Analytics. With the help of reports which we receive from Google Analytics, we can adapt our website and our services better to your wishes. In the following, we will explain the tracking tool in more detail, and most of all, we will inform you what data is saved and how you can prevent this.

What is Google Analytics?

Google Analytics is a tracking tool with the purpose of conducting data traffic analysis of our website. For Google Analytics to work, there is a tracking code integrated to our website. Upon your visit to our website, this code records various actions you perform on your website. As soon as you leave our website, this data is sent to the Google Analytics server, where it is stored.

Google processes this data and we then receive reports on your user behaviour. These reports can be one of the following:

  • Target audience reports: With the help of target audience reports we can get to know our users better and can therefore better understand who is interested in our service.
  • Advertising reports: Through advertising reports we can analyse our online advertising better and hence improve it.
  • Acquisition reports: Acquisition reports provide us helpful information on how we can get more people enthusiastic about our service.
  • Behaviour reports: With these reports, we can find out how you interact with our website. By the means of behaviour reports, we can understand what path you go on our website and what links you click.
  • Conversion reports: A conversion is the process of leading you to carry out a desired action due to a marketing message. An example of this would be transforming you from a mere website visitor into a buyer or a newsletter subscriber. Hence, with the help of these reports we can see in more detail, if our marketing measures are successful with you. Our aim is to increase our conversion rate.
  • Real time reports: With the help of these reports we can see in real time, what happens on our website. It makes us for example see, we can see how many users are reading this text right now.

Why do we use Google Analytics on our website?

The objective of our website is clear: We want to offer you the best possible service. Google Analytics’ statistics and data help us with reaching this goal.

Statistically evaluated data give us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimise our page in a way, that makes it easier to be found by interested people on Google. On the other hand, the data helps us to get a better understanding of you as our visitor. Therefore, we can very accurately find out what we must improve on our website, in order to offer you the best possible service. The analysis of that data also enables us to carry out our advertising and marketing measures in a more individual and more cost-effective way. After all, it only makes sense to show our products and services exclusively to people who are interested in them.

What data gets stored by Google Analytics?

With the aid of a tracking code, Google Analytics creates a random, unique ID which is connected to your browser cookie. That way, Google Analytics recognises you as a new user. The next time you visit our site, you will be recognised as a “recurring” user. All data that is collected gets saved together with this very user ID. Only this is how it is made possible for us to evaluate and analyse pseudonymous user profiles.

Your interactions on our website are measures by tags such as cookies and app instance IDs. Interactions are all kinds of actions that you perform on our website. If you are also using other Google systems (such as a Google Account), data generated by Google Analytics can be linked with third-party cookies. Google does not pass on any Google Analytics data, unless we as the website owners authorise it. In case it is required by law, exceptions can occur.

The following cookies are used by Google Analytics:

Name: _ga
Value:2.1326744211.152111644684-5
Purpose: By deafault, analytics.js uses the cookie _ga, to save the user ID. It generally serves the purpose of differenciating between website visitors.
Expiration date: After 2 years

Name: _gid
Value:2.1687193234.152111644684-1
Purpose: This cookie also serves the purpose of differentiating between website users
Expiration date: After 24 hours

Name: _gat_gtag_UA_
Value: 1
Verwendungszweck: It is used for decreasing the demand rate. If Google Analytics is provided via Google Tag Manager, this cookie gets the name _dc_gtm_ .
Expiration date: After 1 minute

Name: AMP_TOKEN
Value: No information
Purpose: This cookie has a token which is used to retrieve the user ID by the AMP Client ID Service. Other possible values suggest a logoff, a request or an error.
Expiration date: After 30 seconds up to one year

Name: __utma
Value:1564498958.1564498958.1564498958.1
Purpose: With this cookie your behaviour on the website can be tracked and the site performance can be measured. The cookie is updated every time the information is sent to Google Analytics.
Expiration date: After 2 years

Name: __utmt
Value: 1
Purpose: Just like _gat_gtag_UA_ this cookie is used for keeping the requirement rate in check.
Expiration date: Afer 10 minutes

Name: __utmb
Value:3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or information gets sent to Google Analytics.
Expiration date: After 30 minutes

Name: __utmc
Value: 167421564
Purpose: This cookie is used to determine new sessions for recurring visitors. It is therefore a session cookie, and only stays saved until you close the browser again.
Expiration date: After closing the browser

Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: This cookie is used to identify the source of our website’s visitor number. This means, that the cookie saves information on where you came to our website from. This could be another site or an advertisement.
Expiration date: After 6 months

Name: __utmv
Value: No information
Purpose: The cookie is used to store custom user data. It gets updated whenever information is sent to Google Analytics.
Expiration date: After 2 years

Note: This list is by no means exhaustive, since Google are repeatedly changing the use of their cookies.

Below we will give you an overview of the most important data that can be evaluated by Google Analytics:

Heatmaps: Google creates so-called Heatmaps an. These Heatmaps make it possible to see the exact areas you click on, so we can get information on what routes you make on our website.

Session duration: Google calls the time you spend on our website without leaving it session duration. Whenever you are inactive for 20 minutes, the session ends automatically.

Bounce rate If you only look at one page of our website and then leave our website again, it is called a bounce.

Account creation: If you create an account or make an order on our website, Google Analytics collects this data.

IP-Address: The IP address is only shown in a shortened form, to make it impossible to clearly allocate it.

Location: Your approximate location and the country you are in can be defined by the IP address. This process is called IP location determination.

Technical information: Information about your browser type, your internet provider and your screen resolution are called technical information.

Source: Both, Google Analytics as well as ourselves, are interested what website or what advertisement led you to our site.

Further possibly stored data includes contact data, potential reviews, playing media (e.g. when you play a video on our site), sharing of contents via social media or adding our site to your favourites. This list is not exhaustive and only serves as general guidance on Google Analytics’ data retention.

How long and where is the data saved?

Google has servers across the globe. Most of them are in America and therefore your data is mainly saved on American servers. Here you can read detailed information on where Google’s data centres are located: https://www.google.com/about/datacenters/inside/locations/?hl=en

Your data is allocated to various physical data mediums. This has the advantage of allowing to retrieve the data faster, and of protecting it better from manipulation. Every Google data centre has respective emergency programs for your data. Hence, in case of a hardware failure at Google or a server error due to natural disasters, the risk for a service interruption stays relatively low.

Google Analytics has a 14 months standardised period of retaining your user data. After this time, your user data is deleted. However, we have the possibility to choose the retention period of user data ourselves.

As soon as the chosen period is expired, the data is deleted once a month. This retention period applies to any of your data which is linked to cookies, user identification and advertisement IDs (e.g. cookies of the DoubleClick domain). Any report results are based on aggregated information and are stored independently of any user data. Aggregated information is a merge of individual data into a single and bigger unit.

How can I delete my data or prevent data retention?

Under the provisions of the European Union’s data protection law, you have the right to obtain information on your data and to update, delete or restrict it. With the help of a browser add on that can deactivate Google Analytics’ JavaScript (ga.js, analytics.js, dc.js), you can prevent Google Analytics from using your data. You can download this add on at https://tools.google.com/dlpage/gaoptout?hl=en-GB. Please consider that this add on can only deactivate any data collection by Google Analytics.

Should you generally want to deactivate, delete or manage all cookies (independently of Google Analytics), you can use one of the guides that are available for any browser:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

Google Analytics is an active participant of the EU-U.S. Privacy Shield Framework, which regulates correct and save transfer of personal data.
You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=111644684. We hope we were able to make you more familiar with the most important information on Google Analytics’ data processing. If you want to learn more about the tracking service, we recommend both of the following links: https://marketingplatform.google.com/about/analytics/terms/gb/ and https://support.google.com/analytics/answer/6004245?hl=en.

 

Google Analytics IP Anonymisation

We implemented Google Analytics’ IP address anonymisation to this website. Google developed this function, so this website can comply with the applicable privacy laws and the local data protection authorities’ recommendations, should they prohibit the retention of any full IP addresses.
The anonymisation or masking of IP addresses takes place, as soon as they reach Google Analytics’ data collection network, but before the data would be saved or processed.

You can find more information on IP anonymisation at https://support.google.com/analytics/answer/2763052?hl=en.

 

Google Analytics Reports on demographic characteristics and interests

We have turned on Google Analytics’ functions for advertising reports. These reports on demographic characteristics and interests contain details about age, gender and interests. Through them we can get a better picture of our users – without being able to allocate any data to individual persons. You can learn more about advertising functions at https://support.google.com/analytics/answer/3450482?hl=en&%3Butm_id=ad.

You can terminate the use of your Google Account’s activities and information in “Ads Settings” at https://adssettings.google.com/authenticated via a checkbox.

 

Google Analytics Google Signals Privacy Policy

We have activated Google signals in Google Analytics. Through this, any existing Google Analytics functions (advertising reports, remarketing, cross-device reports and reports on interests and demographic characteristics) are updated, to result in the summary and anonymisation of your data, should you have permitted personalised ads in your Google Account.

The special aspect of this is that it involves cross-device tracking. That means your data can be analysed across multiple devices. Through the activation of Google signals, data is collected and linked to the Google account. For example, it enables Google to recognise when you look at a product on a smartphone and later buy the product on a laptop. Due to activating Google signals, we can start cross-device remarketing campaigns, which would otherwise not be possible to this extent. Remarketing means, that we can show you our products and services across other websites as well.

Moreover, further visitor data such as location, search history, YouTube history and data about your actions on our website are collected in Google Analytics. As a result, we receive improved advertising reports and more useful information on your interests and demographic characteristics. These include your age, the language you speak, where you live or what your gender is. Certain social criteria such as your job, your marital status or your income are also included. All these characteristics help Google Analytics to define groups of persons or target audiences.

Those reports also help us to better assess your behaviour, as well as your wishes and interests. As a result, we can optimise and customise our products and services for you. By default, this data expires after 26 months. Please consider, that this data is only collected if you have agreed to personalised advertisement in your Google Account. The retained information is always exclusively summarised and anonymous data, and never any data on individual persons. You can manage or delete this data in your Google Account.

Facebook Pixel Privacy Policy

We use Facebook’s Facebook pixel on our website. For that, we have implemented a code on our website. The Facebook pixel is a segment of a JavaScript code, which, in case you arrived on our website via Facebook ads, loads an array or functions that enable Facebook to track your user actions. For example, if you buy a product on our website, the Facebook pixel is triggered and then saves your actions on our website in one or more cookies. These cookies enable Facebook to match your user data (customer data such as IP address, user ID) with the data of your Facebook account. After that, Facebook deletes your data again. The collected data is anonymous as well as inaccessible and can only be used for ad placement purposes. If you are a Facebook user and you are logged in, your visit to our website is automatically assigned to your Facebook user account.

We exclusively want to show our products or services to persons, who are interested in them. With the aid of the Facebook pixel, our advertising measures can get better adjusted to your wishes and interests. Therefore, Facebook users get to see suitable advertisement (if they allowed personalised advertisement). Moreover, Facebook uses the collected data for analytical purposes and for its own advertisements.

In the following we will show you the cookies, which were set on a test page through the integration of the Facebook pixel. Please consider that these cookies are only examples. Depending on the interaction that is made on our website, different cookies are set.

Name: _fbp
Value: fb.1.1568287647279.257405483-6111644684-7
Purpose: Dieses Cookie verwendet Facebook, um Werbeprodukte anzuzeigen.
Expiration date: nach 3 Monaten

Name: fr
Value: 0aPf312HOS5Pboo2r..Bdeiuf…1.0.Bdeiuf.
Purpose: Dieses Cookie wird verwendet, damit Facebook-Pixel auch ordentlich funktioniert.
Expiration date: nach 3 Monaten

Name: comment_author_50ae8267e2bdf1253ec1a5769f48e062111644684-3
Value: Name of the author
Purpose: This cookie saves the text and name of a user who e.g. leaves a comment.
Expiration date: after 12 months

Name: comment_author_url_50ae8267e2bdf1253ec1a5769f48e062
Value: https%3A%2F%2Fwww.testseite…%2F (URL of the author)
Purpose: This cookie saved the URL of the website that the user types into a text box on our website.
Expiration date: after 12 months

Name: comment_author_email_50ae8267e2bdf1253ec1a5769f48e062
Value: email address of the author
Purpose: This cookie saves the email address of the user, if they provided it on the website.
Expiration date: after 12 months

Note: The above-mentioned cookies relate to an individual user behaviour. Moreover, especially concerning the usage of cookies, changes at Facebook can never be ruled out.

If you are registered at Facebook, you can change the settings for advertisements yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. If you are not a Facebook user, you can manage your user based online advertising at https://www.youronlinechoices.com/uk/your-ad-choices. You have the option to activate or deactivate any providers there.

If you want to learn more about Facebook’s data protection, we recommend you the view the company’s in-house data policies at https://www.facebook.com/policy.php.

Privacy Policy for Facebook‘s Automatic Advanced Matching

Along with Facebook’s pixel function, we have also activated the automatic advanced matching. This function allows us to send hashed emails, names, genders, cities, states, postcodes and dates of birth or telephone numbers as additional information to Facebook, provided you have made them available to us. This activation gives us the opportunity, to customise advertising campaigns even better to persons who are interested in our services or products.

Microsoft Advertising Privacy Policy

We also use the Microsoft Advertising program by Microsoft Corporation, located in One Microsoft Way, Redmond, WA 98052-6399, USA, for our online marketing measures. With the help of Microsoft Advertising, we want to draw many people’s attention to the high quality of our products and/or services. For this, we use a technology (conversion tracking tool) by Microsoft on our website, which also stores your data. In this privacy policy, we will go into more detail about this service, show you which of your data is stored, managed, and processed and how you can prevent this data retention.

What is Microsoft Advertising?

Perhaps you know Microsoft Advertising by its former name “Bing Ads”. It is an advertising program by Microsoft which is based on a Pay-Per-Click system. This means that advertisers can advertise through the search engines Bing and Yahoo! and only pay when a user clicks the ad.

Why do we use Microsoft Advertising?

We are convinced of our offers, and therefore, we of course want to show them to a wider public. With Microsoft Advertising, we can bring our products or services closer to precisely those people who are specifically interested in them. Moreover, we want to present our products not only on the famous search engine Google, but also on Bing and Yahoo! Microsoft Advertising also gives us the option of placing ads in the so-called “Microsoft Audience Network”. This allows us to also place advertisements on LinkedIn for example. Furthermore, conversion tracking for example tells us, which advertisement you used to find us, which one of our subpages you particularly like and which actions you are taking on our website. This data enables us to tailor our website, our advertisements, and our offers much better to your needs.

What data is stored by Microsoft Advertising?

We have integrated a conversion tracking tag (i.e. a small code snippet) from Microsoft Advertising to our website. This snippet is known as the Universal Event Tracking (UET) tag. If you come to our website via a Microsoft advertisement, we can use this tracking tool to find out more about your user behaviour on our website. For example, we can find out which keyword or ad led you to us, what you clicked on our website, how long you stayed on our website, as well as how many people visit our website via Microsoft Ads. All these data relate to user behaviour but not to any personal information. In this sense, we only receive data or analyses of your web behaviour, but none of your personal information. Microsoft uses the data to optimise its own promotional offer as well as other services. If you have a Microsoft account yourself, the data collected may be linked to your account. Moreover, Microsoft might also recognise and store your IP address. To save all data on your user behaviour, the following cookie is set in your browser after you have visited our website via a Microsoft ad:

Name: MUIDB
Value: 08A53CA3313F6255044C307E353F61CD
Purpose:This cookie is set by our embedded Microsoft tag (UET tag) and is used for synchronisation purposes across various Microsoft websites. This allows users to be recognised across different domains.
Expiry date: after one year

However, if you access our website via a Bing ad, other cookies may also be placed in your browser. In the following we will show you a selection of possible cookies:

Name: ABDEF
Value: V=0&ABDV=0&MRNB=1594294373452&MRB=0111644684-7
Purpose: We could not find any detailed information on this cookie.
Expiry date: after one year

Name: SRCHD
Value: AF=NOFORM
Purpose: This cookie is responsible for the functionality of the tracking and the website itself.
Expiry date: after one year

Name: SRCHHPGUSR
Value: WTS=63729889193&HV=1594294374&CW=1920&CH=937&DPR=1&UTC=120&DM=0
Purpose: This cookie tracks and saves your user behaviour on our website, as well as the interaction with the Bing map interface.
Expiry date: after one year

Name: SRCHUID
Value: V=2&GUID=157B20CCF36A43F3A4AE9790346EB7A7&dmnchg=1
Purpose: This cookie tracks and stores your user behaviour on our website and the interaction with the Bing map API.
Expiry date: after one year

Name: _EDGE_S
Value: mkt=de-at&SID=2EE7002D956A61511D280F2F9474607111644684-2
Purpose: This cookie collects and stores your user behaviour across multiple websites. The aim of targeting is to better adjust our advertising measures to our target group.
Expiry date: after end of the browser session

Name: _SS
Value: SID=2EE7002D956A61511D280F2F94746077111644684-9
Purpose : Among other things, this cookie serves the purpose of recognising when you as a user have accessed our website (i.e. which advert led you to our website).
Expiry date: after one year

How long and where are the data stored?

We have no influence on how Microsoft continues to use your collected user data. The company are using various servers accross the world. Most of them are in the United States. Therefore, your data may also be stored, managed, and processed on American servers. Microsoft stores data (especially personal data) for as long as it is necessary for both, delivering their services or products and for legal purposes. Furthermore, Microsoft states that the actual time data are retained, depends on the respective product and may vary strongly.

Microsoft deletes your stored Bing search requests after 6 months by deleting your IP address. Cookie-IDs which are be generated via the Cookie MUID for example, are encrypted after 18 months.

How can I delete my data or prevent data retention?

You always have the possibility to opt out of Microsoft Ads’ conversion tracking. If you do not want interest-based adverts by Microsoft Advertising to be shown to you, you can deactivate the function at https://account.microsoft.com/privacy/ad-settings/signedout. Moreover, you can deactivate, manage, or delete any cookies in your browser. Since this works a little different for every browser, you can find instructions for the most common browsers here:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

We hope we could give you an overview on data processing by Microsoft Ad’s conversion tracking. Of course, it is always possible for Microsoft’s privacy guidelines to change. For finding more information and always staying up-to-date, we recommend you to read Microsoft’s privacy policy at https://privacy.microsoft.com/en-gb/privacystatement.

 

LinkedIn Privacy Policy

On our website we use social plugins from the social media network LinkedIn, of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Social plugins can be feeds, content sharing or a link to our LinkedIn page. Social plugins are clearly marked with the well-known LinkedIn logo and for example allow sharing interesting content directly via our website. Moreover, LinkedIn Ireland Unlimited Company Wilton Place in Dublin is responsible for data processing in the European Economic Area and Switzerland.

By embedding these plugins, data can be sent to, as well as stored and processed by LinkedIn. In this privacy policy we want to inform you what data this is, how the network uses this data and how you can manage or prevent data retention.

What is LinkedIn?

LinkedIn is the largest social network for business contacts. In contrast to e.g. Facebook, LinkedIn focuses exclusively on establishing business connections. Therefore, companies can present services and products on the platform and establish business relationships. Many people also use LinkedIn to find a job or to find suitable employees for their own company. In Germany alone, the network has over 11 million members. In Austria there are about 1.3 million.

Why do we use LinkedIn on our website?

We know how busy you are. You just cannot keep up with following every single social media channel. Even if it would really be worth it, as it is with our channels, since we keep posting interesting news and articles worth spreading. Therefore, on our website we have created the opportunity to share interesting content directly on LinkedIn, or to refer directly to our LinkedIn page. We consider built-in social plugins as an extended service on our website. The data LinkedIn collects also help us to display potential advertising measures only to people who are interested in our offer.

What data are stored by LinkedIn?

LinkedIn stores no personal data due to the mere integration of social plugins. LinkedIn calls the data generated by plugins passive impressions. However, if you click on a social plugin to e.g. share our content, the platform stores personal data as so-called “active impressions”. This happens regardless of whether you have a LinkedIn account or not. If you are logged in, the collected data will be assigned to your account.

When you interact with our plugins, your browser establishes a direct connection to LinkedIn’s servers. Through that, the company logs various usage data. These may include your IP address, login data, device information or information about your internet or cellular provider. If you use LinkedIn services via your smartphone, your location may also be identified (after you have given permission). Moreover, LinkedIn can share these data with third-party advertisers in “hashed” form. Hashing means that a data set is transformed into a character string. This allows data to be encrypted, which prevents persons from getting identified.

Most data on of your user behaviour is stored in cookies. These are small text files that usually get placed in your browser. Furthermore, LinkedIn can also use web beacons, pixel tags, display tags and other device recognitions.

Various tests also show which cookies are set when a user interacts with a social plug-in. We do not claim for the information we found to be exhaustive, as it only serves as an example. The following cookies were set without being logged in to LinkedIn:

Name: bcookie
Value: =2&34aab2aa-2ae1-4d2a-8baf-c2e2d7235c16111644684-
Purpose: This cookie is a so-called “browser ID cookie” and stores your identification number (ID).
Expiry date: after 2 years

Name: lang
Value: v=2&lang=en-gb
Purpose:This cookie saves your default or preferred language.
Expiry date: after end of session

Name: lidc
Value: 1818367:t=1571904767:s=AQF6KNnJ0G111644684…
Purpose:This cookie is used for routing. Routing records how you found your way to LinkedIn and how you navigate through the website.
Expiry date: after 24 hours

Name: rtc
Value: kt0lrv3NF3x3t6xvDgGrZGDKkX
Purpose:No further information could be found about this cookie.
Expiry date: after 2 minutes

Name: JSESSIONID
Value: ajax:1116446842900777718326218137
Purpose: This is a session cookie that LinkedIn uses to maintain anonymous user sessions through the server.
Expiry date: after end of session

Name: bscookie
Value: “v=1&201910230812…
Purpose: This cookie is a security cookie. LinkedIn describes it as a secure browser ID cookie.
Expiry date: after 2 years

Name: fid
Value: AQHj7Ii23ZBcqAAAA…
Purpose: We could not find any further information about this cookie.
Expiry date: after 7 days

Note: LinkedIn also works with third parties. That is why we identified the Google Analytics cookies _ga and _gat in our test.

How long and where are the data stored?

In general, LinkedIn retains your personal data for as long as the company considers it necessary for providing its services. However, LinkedIn deletes your personal data when you delete your account. In some exceptional cases, LinkedIn keeps some summarised and anonymised data, even account deletions. As soon as you delete your account, it may take up to a day until other people can no longer see your data. LinkedIn generally deletes the data within 30 days. However, LinkedIn retains data if it is necessary for legal reasons. Also, data that can no longer be assigned to any person remains stored even after the account is closed. The data are stored on various servers in America and presumably also in Europe.

How can I delete my data or prevent data retention?

You have the right to access and delete your personal data at any time. In your LinkedIn account you can manage, change and delete your data. Moreover, you can request a copy of your personal data from LinkedIn.

How to access account data in your LinkedIn profile:

In LinkedIn, click on your profile icon and select the “Settings & Privacy” section. Now click on “Privacy” and then on the section “How LinkedIn uses your data on”. Then, click “Change” in the row with “Manage your data and activity”. There you can instantly view selected data on your web activity and your account history.

In your browser you also have the option of preventing data processing by LinkedIn. As mentioned above, LinkedIn stores most data via cookies that are placed in your browser. You can manage, deactivate or delete these cookies. Depending on which browser you have, these settings work a little different. You can find the instructions for the most common browsers here:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

You can generally set your browser to always notify you when a cookie is about to be set. Then you can always decide individually whether you want to allow the cookie or not.

LinkedIn is an active participant in the EU-U.S. Privacy Shield Frameworks. This framework ensures correct data transmission between the USA and the European Union. You can find out more about it at https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0. We gave our best to provide you the most essential information about LinkedIn’s data processing. At https://www.linkedin.com/legal/privacy-policy you can find out more about data processing of the social media network LinkedIn.

 

AddThis Privacy Policy

On our website we use plug-ins from AddThis by Oracle America, Inc. (500 Oracle Parkway, Redwood Shores, CA 94065, USA). With these plug-ins, you can quickly and easily share contents of our website with other people. If you visit a website with an AddThis function, your data may be transferred to the company AddThis, where it may be stored and processed. This privacy statement will tell you why we use AddThis, which data is processed and how you can prevent data transmission.

What is AddThis?

AddThis develops software tools for integration to websites, where they serve the purpose of enabling users to distribute content either on various social media channels or by email. AddThis also offers functions for website analysis. Moreover, the collected data is used to offer interest-based advertising to internet users. More than 15 million website operators worldwide have used the service.

Why do we use AddThis on our website?

Via AddThis buttons, you can share interesting content from our website to various social media channels such as Facebook, Twitter, Instagram or Pinterest. If you like our content, we would of course be happy if you would also share it with your social community. The easiest way this can be done is via AddThis buttons.

What data is stored by AddThis?

If you share content with AddThis while you are logged into a social media account, data such as your visit to our website and the content you shared may be assigned to your user account on the respective social media channel. AddThis uses cookies, pixels, HTTP headers and browser identifiers to collect data about your visitor behaviour. Moreover, some of this data is pseudonymised and then shared with third parties.

Here is an example list of data that may be processed:

  • Unique ID of a cookie placed in the web browser
  • Address of the visited website
  • Time of the website visit
  • Search queries which led a visitor to website via AddThis
  • Time spent on a website
  • The IP address of a computer or mobile device
  • Mobile ad IDs (Apple IDFA or Google AAID)
  • Information contained in HTTP headers or other utilised transmission protocols
  • What program on the computer (browser) or which operating system was used (iOS)

AddThis uses cookies, which we will list examples of below. You can read more on AddThis cookies at http://www.addthis.com/privacy/privacy-policy.

Name: bt2
Value: 8961a7f179d87qq69V69111644684-3
Purpose: : This cookie is used to record parts of the visited website, in order to recommend other parts of the website.
Expiry date: after 255 days

Name: bku
Value: ra/99nTmYN+fZWX7111644684-4
Purpose: This cookie registers anonymised user data such as your IP address, geographic location, your visited websites and the ads you clicked on.
Expiry date: after 179 days

Note: Please keep in mind that this is an exemplary list and we do not claim for it to be exhaustive.

AddThis also shares collected information with other companies. You can find further details at http://www.addthis.com/ privacy / privacy-policy # section5 . AddThis also uses received data to create target groups and interest profiles in order to offer interest-based advertising to users in the same advertising network.

How long and where are the data stored?

After collection, AddThis stores the data for 13 months. 1% of the data is saved as a “sample data record” for a maximum of 24 months, which ensures to maintain the business relationship. However, in this “sample data record”, any direct and indirect identifications (such as your IP address and cookie ID) are hashed. That means that, without additional information, personal data can no longer be associated with you. Since the company AddThis is headquartered in the USA, the collected data is stored on American servers.

How can I delete my data or prevent data retention?

You have the right to access and delete your personal data at any time. If you no longer want to see ads based on data collected by AddThis, you can click the opt-out button at http://www.addthis.com/privacy/opt-out. By clicking the button, an opt-out cookie is set, which you must not delete in order to keep this setting.

You can also set your preferences for usage-based online advertisements in “Your Ad Choices” at http://www.youronlinechoices.com/uk/.

Your browser an option for preventing data processing or managing it to your wishes. The settings for data processing vary, depending on the browser. Here you will find instructions for the most popular browsers:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

AddThis is an active participant in the EU-U.S. Privacy Shield Framework, which regulates correct and secure transfer of personal data. You can find more information about it at https://www.privacyshield.gov/participant?id=a2zt00000000181AAA. If you would like to know more about the processing of your data by AddThis, you can find further information at http://www.addthis.com/privacy/privacy-policy.

 

YouTube Privacy Policy

We have integrated YouTube videos to our website. Therefore, we can show you interesting videos directly on our site. YouTube is a video portal, which has been a subsidiary company of Google LLC since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that contains an embedded YouTube video, your browser automatically connects to the servers of YouTube or Google. Thereby, certain data are transferred (depending on the settings). Google is responsible for YouTube’s data processing and therefore Google’s data protection applies.

In the following we will explain in more detail which data is processed, why we have integrated YouTube videos and how you can manage or clear your data.

What is YouTube?

On YouTube, users can watch, rate, comment or upload videos for free. Over the past few years, YouTube has become one of the most important social media channels worldwide. For us to be able to display videos on our website, YouTube provides a code snippet that we have integrated to our website.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and best content. We strive to offer you the best possible user experience on our website, which of course includes interesting videos. With the help of our embedded videos, we can provide you other helpful content in addition to our texts and images. Additionally, embedded videos make it easier for our website to be found on the Google search engine. Moreover, if we place ads via Google Ads, Google only shows these ads to people who are interested in our offers, thanks to the collected data.

What data is stored by YouTube?

As soon as you visit one of our pages with an integrated YouTube, YouTube places at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, by using cookies YouTube can usually associate your interactions on our website with your profile. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your Internet provider. Additional data can include contact details, potential ratings, shared content via social media or YouTube videos you added to your favourites.

If you are not logged in to a Google or YouTube account, Google stores data with a unique identifier linked to your device, browser or app. Thereby, e.g. your preferred language setting is maintained. However, many interaction data cannot be saved since less cookies are set.

In the following list we show you cookies that were placed in the browser during a test. On the one hand, we show cookies that were set without being logged into a YouTube account. On the other hand, we show you what cookies were placed while being logged in. We do not claim for this list to be exhaustive, as user data always depend on how you interact with YouTube.

Name: YSC
Value: b9-CV6ojI5Y111644684-1
Purpose: This cookie registers a unique ID to store statistics of the video that was viewed.
Expiry date: after end of session

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website.
Expiry date: after 8 months

Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices to track GPS locations.
Expiry date: after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie tries to estimate the user’s internet bandwith on our sites (that have built-in YouTube videos).
Expiry date: after 8 months

Further cookies that are placed when you are logged into your YouTube account:

Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7111644684-
Purpose: This cookie is used to create a profile on your interests. This data is then used for personalised advertisements.
Expiry date: after 2 years

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user’s consent to the use of various Google services. CONSENT also provides safety measures to protect users from unauthorised attacks.
Expiry date: after 19 years

Name:  HSID
Value:  AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile on your interests. This data helps to display customised ads.
Expiry date: after 2 years

Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information on your login data.
Expiry date: after 2 years

Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie identifies your browser and device. It is used to create a profile on your interests.
Expiry date: after 2 years

Name: SID
Value: oQfNKjAsI111644684-
Purpose: This cookie stores your Google Account ID and your last login time, in a digitally signed and encrypted form.
Expiry date: after 2 years

Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information on how you use the website and on what advertisements you may have seen before visiting our website.
Expiry date: after 3 months

How long and where is the data stored?

The data YouTube receive and process on you are stored on Google’s servers. Most of these servers are in America. At https://www.google.com/about/datacenters/inside/locations/?hl=en you can see where Google’s data centres are located. Your data is distributed across the servers. Therefore, the data can be retrieved quicker and is better protected against manipulation.

Google stores collected data for different periods of time. You can delete some data anytime, while other data are automatically deleted after a certain time, and still other data are stored by Google for a long time. Some data (such as elements on “My activity”, photos, documents or products) that are saved in your Google account are stored until you delete them. Moreover, you can delete some data associated with your device, browser, or app, even if you are not signed into a Google Account.

How can I delete my data or prevent data retention?

Generally, you can delete data manually in your Google account. Furthermore, in 2019 an automatic deletion of location and activity data was introduced. Depending on what you decide on, it deletes stored information either after 3 or 18 months. Regardless of whether you have a Google account or not, you can set your browser to delete or deactivate cookies placed by Google. These settings vary depending on the browser you use. The following instructions will show how to manage cookies in your browser:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

If you generally do not want to allow any cookies, you can set your browser to always notify you when a cookie is about to be set. This will enable you to decide to either allow or permit each individual cookie. Since YouTube is a subsidiary company of Google, Google’s privacy statement applies to both. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=en.

 

Google reCAPTCHA Privacy Policy

Our primary goal is to provide you an experience on our website that is as secure and protected as possible. To do this, we use Google reCAPTCHA from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA). With reCAPTCHA we can determine whether you are a real person from flesh and bones, and not a robot or a spam software. By spam we mean any electronically undesirable information we receive involuntarily. Classic CAPTCHAS usually needed you to solve text or picture puzzles to check. But thanks to Google’s reCAPTCHA you usually do have to do such puzzles. Most of the times it is enough to simply tick a box and confirm you are not a bot. With the new Invisible reCAPTCHA version you don’t even have to tick a box. In this privacy policy you will find out how exactly this works, and what data is used for it.

What is reCAPTCHA?

reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. This service is used the most when you fill out forms on the Internet. A captcha service is a type of automatic Turing-test that is designed to ensure specific actions on the Internet are done by human beings and not bots. During the classic Turing-test (named after computer scientist Alan Turing), a person differentiates between bot and human. With Captchas, a computer or software program does the same. Classic captchas function with small tasks that are easy to solve for humans but provide considerable difficulties to machines. With reCAPTCHA, you no longer must actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. The only thing you must do there, is to tick the text field “I am not a robot”. However, with Invisible reCAPTCHA even that is no longer necessary. reCAPTCHA, integrates a JavaScript element into the source text, after which the tool then runs in the background and analyses your user behaviour. The software calculates a so-called captcha score from your user actions. Google uses this score to calculate the likelihood of you being a human, before entering the captcha. reCAPTCHA and Captchas in general are used every time bots could manipulate or misuse certain actions (such as registrations, surveys, etc.).

Why do we use reCAPTCHA on our website?

We only want to welcome people from flesh and bones on our side and want bots or spam software of all kinds to stay away. Therefore, we are doing everything we can to stay protected and to offer you the highest possible user friendliness. For this reason, we use Google reCAPTCHA from Google. Thus, we can be pretty sure that we will remain a “bot-free” website. Using reCAPTCHA, data is transmitted to Google to determine whether you genuinely are human. reCAPTCHA thus ensures our website’s and subsequently your security. Without reCAPTCHA it could e.g. happen that a bot would register as many email addresses as possible when registering, in order to subsequently “spam” forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.

What data is stored by reCAPTCHA?

reCAPTCHA collects personal user data to determine whether the actions on our website are made by people. Thus, IP addresses and other data Google needs for its reCAPTCHA service, may be sent to Google. Within member states of the European Economic Area, IP addresses are almost always compressed before the data makes its way to a server in the USA.
Moreover, your IP address will not be combined with any other of Google’s data, unless you are logged into your Google account while using reCAPTCHA. Firstly, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed in your browser. Then reCAPTCHA sets an additional cookie in your browser and takes a snapshot of your browser window.

The following list of collected browser and user data is not exhaustive. Rather, it provides examples of data, which to our knowledge, is processed by Google.

  • Referrer URL (the address of the page the visitor has come from)
  • IP-address (z.B. 256.123.123.1)
  • Information on the operating system (the software that enables the operation of your computers. Popular operating systems are Windows, Mac OS X or Linux)
  • Cookies (small text files that save data in your browser)
  • Mouse and keyboard behaviour (every action you take with your mouse or keyboard is stored)
  • Date and language settings (the language and date you have set on your PC is saved)
  • All Javascript objects (JavaScript is a programming language that allows websites to adapt to the user. JavaScript objects can collect all kinds of data under one name)
  • Screen resolution (shows how many pixels the image display consists of)

Google may use and analyse this data even before you click on the “I am not a robot” checkmark. In the Invisible reCAPTCHA version, there is no need to even tick at all, as the entire recognition process runs in the background. Moreover, Google have not given details on what information and how much data they retain.

The following cookies are used by reCAPTCHA: With the following list we are referring to Google’s reCAPTCHA demo version at https://www.google.com/recaptcha/api2/demo.
For tracking purposes, all these cookies require a unique identifier. Here is a list of cookies that Google reCAPTCHA has set in the demo version:

Name: IDE
Value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-111644684-8
Purpose:This cookie is set by DoubleClick (which is owned by Google) to register and report a user’s interactions with advertisements. With it, ad effectiveness can be measured, and appropriate optimisation measures can be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiry date: after one year

Name: 1P_JAR
Value: 2019-5-14-12
Purpose: This cookie collects website usage statistics and measures conversions. A conversion e.g. takes place, when a user becomes a buyer. The cookie is also used to display relevant adverts to users. Furthermore, the cookie can prevent a user from seeing the same ad more than once.
Expiry date: after one month

Name: ANID
Value: U7j1v3dZa1116446840xgZFmiqWppRWKOr
Purpose:We could not find out much about this cookie. In Google’s privacy statement, the cookie is mentioned in connection with “advertising cookies” such as “DSID”, “FLC”, “AID” and “TAID”. ANID is stored under the domain google.com.
Expiry date: after 9 months

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: This cookie stores the status of a user’s consent to the use of various Google services. CONSENT also serves to prevent fraudulent logins and to protect user data from unauthorised attacks.
Expiry date: after 19 years

Name: NID
Value:  0WmuWqy111644684zILzqV_nmt3sDXwPeM5Q
Purpose: Google uses NID to customise advertisements to your Google searches. 
With the help of cookies, Google “remembers” your most frequently entered search queries or your previous ad interactions. Thus, you always receive advertisements tailored to you. The cookie contains a unique ID to collect users’ personal settings for advertising purposes.
Expiry date: after 6 months

Name: DV
Value: gEAABBCjJMXcI0dSAAAANbqc111644684-4
Purpose: This cookie is set when you tick the “I am not a robot” checkmark. Google Analytics uses the cookie personalised advertising. DV collects anonymous information and is also used to distinct between users.
Expiry date: after 10 minutes

Note: We do not claim for this list to be extensive, as Google often change the choice of their cookies.

How long and where are the data stored?

Due to the integration of reCAPTCHA, your data will be transferred to the Google server. Google have not disclosed where exactly this data is stored, despite repeated inquiries. But even without confirmation from Google, it can be assumed that data such as mouse interaction, length of stay on a website or language settings are stored on the European or American Google servers. The IP address that your browser transmits to Google does generally not get merged with other Google data from the company’s other services.
However, the data will be merged if you are logged in to your Google account while using the reCAPTCHA plug-in. Google’s diverging privacy policy applies for this.

How can I delete my data or prevent data storage?

If you want to prevent any data about you and your behaviour to be transmitted to Google, you must fully log out of Google and delete all Google cookies before visiting our website or use the reCAPTCHA software. Generally, the data is automatically sent to Google as soon as you visit our website. To delete this data, you must contact Google Support at https://support.google.com/?hl=en-GB&tid=111644684.

If you use our website, you agree that Google LLC and its representatives automatically collect, edit and use data.

You can find out more about reCAPTCHA on Google’s Developers page at https://developers.google.com/recaptcha/. While Google do give more detail on the technical development of reCAPTCHA there, they have not disclosed precise information about data retention and data protection. A good, basic overview of the use of data however, can be found in the company’s internal privacy policy at https://policies.google.com/privacy?hl=en-GB.

 

Cookiehub Privacy Policy

We use functions of Cookiehub on our website. The company behind Cookiehub is CookieHub ehf, Hafnargata 18, 230 Reykjanesbæ, Iceland. Cookiebhub offers us the opportunity to provide you with an extensive cookie notice (also known as a cookie banner or cookie notice).
By using this function, your data will be sent to Cookiehub, where it may be saved and processed. In this privacy policy we will inform you on why we use Cookiehub, what data is transmitted and how you can prevent the transmission of data.

What is Cookiehub?

Cookiehub is a software product from CookieHub ehf. The software automatically creates a GDPR-compliant cookie notice for our website visitors. The technology behind Cookiehub also scans, controls and evaluates all cookies and tracking measures on our website.

Why do we use Cookiehub on our website?

We take data protection very seriously. We want to show you exactly what is happening on our website and which of your data is stored. Cookiehub helps us to get a good overview of all our cookies (first- and third-party cookies). This enables us to be transparent and to inform you precisely on the use of cookies on our website. Cookiehub ensures you always receive an up-to-date and GDPR compliant cookie notice, so you can decide yourself which cookies you allow or deny.

What data are stored by Cookiehub?

CookieHub don’t collect any personal information about your end users or track any activity except anonymous consent log used to demonstrate user choices in case of a complaint as required in GDPR article 7.1.

We use a 1st party cookie to store the user’s preference which is not shared between websites and not used to identify or profile the end user in any way.

Any anonymous data collected is never sold or distributed to third parties.

If you allow cookies, the following data will be transmitted to Cookiehub, where it is stored and processed.

PropertyDetails / Purpose
TokenA unique string stored in cookiehub cookie in the users browser along with the settings for the cookie categories. In case you need to demonstrate the consent, you’ll have to request this token from the subject to find the entry from the consent log.
UrlThe full url that the user was viewing when the cookie settings were configured in the CookieHub widget.
Widget revisionA reference to the widget revision which was shown at the time the user made his choices.
IP addressAnonymized IP address of the client. The last part of the IP address is replaced with a 0 as IP address could be considered personal information.
CountryThe registered country code for the anonymized IP address block.
User agentUser agent string usually containing browser and operating system information.
Date and timeThe date and time of the consent

 If you have allowed the use of cookies, the following cookie get set by Cookiehub:

Name: cookiehub
Value: eyJhbnN3ZXJlZCI6dHJ1ZSwicHJlY29uc2VudCI6ZmFsc2UsInJldmlzaW9uIjoyLCJkbnQiOnRydWUsImNvb2tp ZUxhd3MiOnRydWUsInRva2VuIjoiIiwiY2F0ZWdvcmllcyI6W3siY2lkIjoxLCJpZCI6Im5lY2Vzc2FyeSIsInZhbHVlIjp0cn VlLCJwcmVjb25zZW50IjpmYWxzZSwiZmlyZWQiOnRydWV9LHsiY2lkIjoyLCJpZCI6InByZWZlcmVuY2VzIiwidmFsd WUiOmZhbHNlLCJwcmVjb25zZW50IjpmYWxzZSwiZmlyZWQiOnRydWV9LHsiY2lkIjozLCJpZCI6ImFuYWx5dGljc yIsInZhbHVlIjpmYWxzZSwicHJlY29uc2VudCI6ZmFsc2UsImZpcmVkIjp0cnVlfSx7ImNpZCI6NSwiaWQiOiJ1bmNh dGVnb3JpemVkIiwidmFsdWUiOmZhbHNlLCJwcmVjb25zZW50IjpmYWxzZSwiZmlyZWQiOnRydWV9XX0=
Purpose:Your consent status is stored in this cookie. This enables our website to read and follow the current status even for future visits.
Expiry date: til end of session

Note: Please keep in mind that this is an exemplary list and that we do not claim for this list to be exhaustive. In the cookie statement at https://support.cookiehub.com/article/46-what-is-stored-in-the-cookiehub-cookie you can read which further cookies may be used.

How long and where is the data stored?

All servers used to store and process data, including the CookieHub Dashboard (dash.cookiehub.com), geolocation services and the consent log are located in Amazon AWS tier 3+ data centers in Frankfurt, Germany.

Crawlers / Cookie scanners used to identify cookies used on web sites are located in various data centers around Europe.

The content delivery network (CDN) used to render the CookieHub widget on your website is distributed in various data centers around the world to reduce latency to your end users and making sure the CookieHub widget has minimal impact on your website’s performance.

Data collected is only stored in the EU and never transferred outside the EU and EEA.

How can I delete my data or prevent data retention?

You have the right to access and delete your personal data at any time. You can prevent data collection and storage, by e.g. rejecting the use of cookies via the cookie notice. Furthermore, your browser offers another option to prevent data processing or to manage it according to your wishes. Depending on the browser, the cookie settings work a little differently. Here you will find the instructions for the most popular browsers:

Chrome: Clear, enable and manage cookies in Chrome

Safari: Manage cookies and website data in Safari

Firefox: Clear cookies and site data in Firefox

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete cookies in Microsoft Edge

If you want to learn more about the data protection guidelines of “Cookiehub”, we recommend the privacy policy and the data processing information from cookiehub: https://support.cookiehub.com/category/20-data-processing-security

 

Google AdWords and Conversion Measurement

We use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, („Google“) on the basis of our legitimate interests (i.e. Interest in the analysis, optimisation, and economic operation of our online offering within the meaning of Article 6 (1) lit. f. GDPR).

Google is certified under the Privacy Shield Agreement, which provides a guarantee of compliance with European data protection law: (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).

We use Google’s online AdWords marketing tool ‘AdWords‘ to place advertisements on the Google advertising network (e.g. In search results, in videos, on websites, etc) so that they are displayed to users who have a possible interest in the ads. This allows us to more specifically display ads for and within our online offering so that we only present ads to users that potentially match their interests. If a user e.g. is shown ads for products that have been viewed on other online offerings, this is called remarketing. For these purposes, upon access to ours and other websites where the Google advertising network is active, Google will immediately execute a Google code and so-called (re)marketing tags (invisible graphics or code, also known as ‘web beacons’) incorporated into the website. With their help, the user is provided with an individual cookie, i.e. a small file is saved (instead of cookies, comparable technologies can also be used). In this file it is noted which websites the user visited, what content is of interest, and on what offers the user has clicked, as well as technical information about the browser and operating system, referring websites, visit time and other information on the use of the online offering.

Furthermore, we receive an individual ‘conversion‘ cookie. The information obtained through the cookie is used by Google to generate conversion statistics for us. However, we only receive the anonymous total number of users who clicked on our ad and were redirected to a conversion tracking tag page. However, we do not receive any information that personally identifies users.

The user data is pseudonym processed within the Google advertising network. That is, Google stores and processes not the name or email address of the users, but processes the relevant cookie-related data into pseudonymous user profiles. From the perspective of Google, the ads are not displayed and managed to a specifically identified person, but to the cookie owner. This does not apply if a user has explicitly allowed Google to process the data without this pseudonymisation. The information collected about users is transmitted to Google and stored on Google’s servers in the United States of America.

For more information about Google’s data usage, please read Google’s privacy policy: (https://policies.google.com/technologies/ads) ) as well as the description of settings available for Google’s Advertising: (https://adssettings.google.com/authenticated).

 Lead Forensics

We also analyse the usage of our website using Lead Forensics (Communication House 26 York Street, London W1U 6PZ). Lead Forensics does not use cookies and analyses the use of our website based primarily on your IP address. Basically, only company IP addresses are processed (provided it is possible). For more information on Lead Forensic’s use of data, settings, and opt-outs, please read the Lead Forensics privacy statement: (https://www.leadforensics.com/privacy-and-cookies/)

Bitly

We analyse the number of clicks on our social media links using ‘Bitly links’ (NEW YORK CITY, 139 5th Avenue, 5th Floor, New York, NY 10010). Bitly analyses clicks based primarily on your IP address. Bitly collects traffic information (such as clicks) on every bitly link created using its services. Among other things, this information includes: (i) the IP address and physical location of the devices through which the Bitly link is invoked, (ii) the referring websites or services, (iii) the time and date of each access, and (iv) information about the release of the Bitly link to third party services such as Twitter and Facebook. This information is used by Bitly and its partners to improve their websites and services, for example by providing value-added functionality, and to analyse clicks on Bitly links, for example to understand how, when and where Bitly links were clicked. For more information about Bitly’s use of data, settings and opt-outs, please read Bitly’s privacy policy: (https://bitly.com/pages/privacy?lang=en).

 

Except for the named companies, your data will only be passed on by us to third parties for the purpose of marketing our own products, in particular to other companies of the WolfVision Group. In any case, these third parties are required by us to observe data protection legislation, and to ensure that your data is not misused.

The place of jurisdiction for all disputes arising from this document is the relevant court in 6800 Feldkirch, Austria. However, WolfVision is also at its free discretion to call the relevant court at your own registered office or location.

From the original privacy policy, translations can be made, such as this translation into the English language. In the case of differences between the German language original version and the translated version, the German language version is always the authoritive and binding version.

 

This privacy policy was updated on 22 February 2021