I. Data Protection Contact
The responsible party for the website and for the services is:
Pentland Firth Software GmbH
Baierbrunner Strasse 85
81379, Munich, Germany
Phone: +49 89 – 59 08 37 0
II. Processing of Personal Data
1. Data That We Process When You Make Use of Our Services:
If you use our services, personal data will be processed for technical reasons each time you access them.
As soon as you use our services, your browser or device sends technical information to our web server, which is stored in server log files. The following usage and web access data are processed:
the date and time of the visit and the duration of use of the website;
the IP address of your device;
the referral URL (the website from which you may have been redirected);
the subpages of the website visited; and
more information about your device (device type, browser type and version, settings, installed plug-ins, operating system).
This so-called usage data is processed exclusively in pseudonymous form in order to enable you to use the services and to ensure the functionality of the services. In principle, the data will not be used to identify you as a person. In addition, we process the pseudonymous usage data in order to analyze the performance of the website, to continuously improve the website and to correct errors or to personalize the content of the website for you. Finally, we also process the usage data to ensure IT security and the operation of our systems and to prevent or detect misuse, in particular fraud. These server log files are deleted after a maximum of 7 days. The legal basis for the processing of this data is Art. 6 (1) lit. f) GDPR, the protection and functionality of the services are legitimate interests in this sense.
2. Data We Process for Communication Purposes
If you contact us with a request via the contact form provided on our site, we need your contact details and information regarding what it is about to be able to answer your request. The data processing for the purpose of contacting us takes place at your request and on the basis of Art. 6 para. 1 sentence 1 lit.b GDPR for the implementation of pre-contractual measures or to safeguard our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in being able to respond to inquiries and thus ensure a functioning customer service.
3. Data We Process for Other Purposes
In individual cases, your data may also be processed for other purposes. This includes, for example, the disclosure of your personal data to third parties if we are legally obliged to do so, but also for the purpose of asserting legal claims on our part or third parties or defending against legal disputes. The legal basis in these cases is either a legal obligation (Art. 6 (1) lit.c) GDPR) or our legitimate interests or legitimate third-party interests (Art. 6 (1) lit. f) GDPR), e.g., if we support users in the enforcement of rights.
4. Disclosure of Personal Data / Recipients
We treat your personal data carefully and confidentially and only pass it on to third parties in the rarest of cases.
Data Transfers Outside the EEA:
We do not transfer your personal data to countries outside the EEA (so-called "third countries") without appropriate protective measures being taken. However, third countries do not offer a level of data protection identical to that in the EU.
We only transfer your personal data if
The Commission has taken a so-called adequacy decision for the third country or the beneficiary in that third country,
the recipient offers appropriate safeguards in accordance with Article 46 GDPR for the protection of personal data (including any necessary additional measures),
you have expressly consented to the transfer after we have informed you about the risks in accordant to Art. 49 (1) lit. a) GDPR,
the transfer is necessary for the fulfillment of contractual obligations between you and us
or another exception from Art. 49 GDPR applies.
Suitable guarantees according to Art. 46 GDPR can be so-called standard data protection clauses, with which the recipient assures that the data is sufficiently protected and thus to ensure a level of protection comparable to the GDPR.
Purposes and Recipients
Website Hosting: Wix.com Ltd.
Recipient: Wix.com Ltd., 40 Namal Tel Aviv Street Tel Aviv, 6350671 Israel
Adequacy decision: The State of Israel has an adequate level of protection for the transfer of personal data from the European Union within the meaning of Article 45 GDPR, see decision of the European Commission of 31 January 2011 (OJ No. N. L 27 p. 39, Celex-No. 3 2011 D 0061). Should the Commission's assessment of the level of data protection under data protection change, we will adapt the processing activities by Wix accordingly.
5. Duration of Storage:
We process and store your personal data to the extent necessary to fulfill our contractual or legal obligations. If the data is no longer required to fulfill legal obligations (e.g., tax or commercial law), it will be deleted, unless further processing is necessary to preserve evidence or to defend legal claims against us, unless the processing is based on your consent. In this case, we store your data until revoked.
6. Your Legal Rights Under the GDPR:
You have the following rights concerning us / our website:
Your right to revoke your consent in accordance with Art. 7 (3) GDPR. Once you have given your consent, you can revoke your consent at any time, without giving reasons, with effect for the future.
Your right to information pursuant to Article 15 GDPR, in particular you can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, as well as on the existence of automated decision-making, including profiling and, if applicable, meaningful information on their details.
Your right to rectification pursuant to Art. 16 GDPR, e.g., if your data is incomplete or incorrect, you can ask us to correct this.
Your right to deletion in accordance with Article 17 GDPR if these are no longer necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
Your right to restriction of processing pursuant to Article 18 GDPR. You can request that your data be blocked, e.g., because you believe that the data is incorrect, or the processing is unlawful, but you reject its deletion because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Article 21 GDPR.
Your right to data portability pursuant to Article 20 GDPR. You can request that we hand over data to you that you have provided to us in a structured, commonly used, and machine-readable format or transmit it to another controller.
Finally, you also have the right to lodge a complaint with the competent data protection supervisory authority (Art. 77 GDPR). You can file this complaint both at your place of residence, at the place of your workplace or at the place of the data protection violation you are complaining about. You can also lodge a complaint with the supervisory authority at our places of business.
If you wish to exercise your rights as a data subject, you can also do so by contacting us: email@example.com.
Information About Your Right to Object According to Art. 21 GDPR
In addition to the rights already mentioned, for reasons arising from your particular situation, you have the right to object to the processing of your personal data at any time, provided that this processing is carried out on the basis of Art. 6 (1) lit. f) GDPR (data processing on the basis of a balancing of interests). If you object, we will no longer process your personal data unless we can set out circumstances that outweigh your interests, rights and freedoms and therefore justify the processing.
You also have the right at any time to object to the processing of your personal data for the purpose of direct marketing (including subscribing to our newsletter) without incurring any costs other than the transmission costs according to the basic tariffs; this also applies to the creation of a user profile (so-called "profiling"), insofar as this is associated with direct marketing. If you object, we will no longer process your personal data in the future.
Please note that you may not be able to use the Website or Services or only to a limited extent if you do not provide us with certain data or if you object to the use of this data. The objection can be filed informally at firstname.lastname@example.org
What are cookies?
Cookies are small text files containing information that is stored on your access device. They are usually used to assign a specific action or preference to a user on a website, but without identifying the user as a person or revealing their identity.
Cookies are not automatically good or bad, but it is worth understanding what you can do about them and making your own decision about your data.
We use the following types of cookies, the scope and functionality of which are explained below: session cookies and persistent cookies.
Session cookies are automatically deleted when you close your browser. This applies in particular to session cookies. They store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.
Persistent cookies are also first stored when you close your browser and then automatically deleted after a certain period of time, which may vary depending on the cookie. You can also delete the cookies in the security settings of your browser at any time.
You can reset your browser before or after your visit to our website so that all cookies are rejected or to indicate when a cookie is sent. By default, the setting of cookies can be managed by the browser program of your browser, also in such a way that no cookies can be set at all or that cookies are deleted as soon as you close your browser. Your browser may also have an anonymous browsing feature. You can use these functions of your browser yourself at any time. However, if you have disabled the setting of cookies in your browser by default, it may happen that our website or our services do not function properly.
Purposes and Legal Bases
The use of these technologies serves exclusively to make the use of our offer more pleasant for you and to ensure the security of our services. This is how we set e.g., session cookies to recognize that you have already visited individual pages of our services. These are automatically deleted after leaving our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a certain specified period of time. If you visit our site again to use our services, it will automatically be recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again. The data processed by these cookies are required for the aforementioned purposes to safeguard our legitimate interests and those of third parties in accordance with Article 6 (1) lit. (f) GDPR.
Privacy Information Social Media
1. Jointly responsible
We operate company pages on the networks Facebook, Instagram, LinkedIn, YouTube and Xing. In principle, the platform operators of these networks are solely responsible for the processing of personal data of their users. Insofar as we receive evaluations and analyses from the platform operators about the interactions with our content, we are thereby jointly responsible with
Facebook: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, hereinafter: Facebook,
Instagram: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland, hereinafter: Instagram
LinkedIn: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, hereinafter: LinkedIn,
YouTube: Google LLc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, hereinafter Youtube.
Responsible in the sense of Article 4 No. 7 of the General Data Protection Regulation (DSGVO) for the processing of your personal data when you access our site or contact us via it.
We have reached agreement with the network operators as joint controllers of these pages.
The following agreements are authoritative in each case:
Facebook & Instagram: Page Insights Addendum regarding the controller.
LinkedIn: Page Insights Joint Controller Addendum https://legal.linkedin.com/pages-joint-controller-addendum from LinkedIn.
LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum from LinkedIn.
In these agreements, the providers assume the essential obligations under data protection law to inform data subjects and to fulfill data subject rights to data security and to report and inform in the event of data breaches. As providers of the social network, they have direct access to the required information and can also take any necessary measures and provide information immediately. If our support is nevertheless required, we can be contacted at any time. In particular, you can also assert your data subject rights against us at any time.
2. Page Insights evaluations
In connection with the operation of the above-mentioned social media profiles, we receive evaluations and analyses about the interactions with our content.
For this purpose, cookies and similar technologies such as pixels are used by the network operators when you visit our pages, and a unique user code is created in each case. This user code can be linked to the data of such users who are registered with the platform operators.
The visitor statistics created are transmitted to us exclusively in anonymized form and we do not have access to the underlying data in each case.
3. Purposes and legal basis
We use our social media pages to communicate with our customers, interested parties and users and to provide information about our range of services. In this context, we may receive further information, e.g. due to user comments, private messages or because you follow us or share our content. The processing is solely for the purpose of communicating and interacting with you.
We process user statistics so that we can better understand how to use our social media pages to further our business goals. We also operate our social media pages to present ourselves to and communicate with users of these platforms and other interested persons who visit our social media pages. The processing of the users' personal data is based on our legitimate interests in an optimized presentation of our company and products (Art. 6 para. 1 p. 1 lit. f) DSGVO).
4. Recipients and third country processing
The providers are U.S. companies that process personal data in insecure third countries. A third country is considered insecure if the EU Commission has not issued an adequacy decision for that country under Article 45(1) of the GDPR confirming that adequate protection for personal data exists in that country. EU citizens are not entitled to the same effective legal protections in third countries compared to the EU.
Facebook and Instagram: Meta Platforms Ireland Ltd transfers personal data to Meta Platforms Inc, 1 Hacker Way, Menlo Park, CA 94025, US based in the US, based on standard contractual clauses approved by the European Commission. We have no influence on these processing operations. We ourselves do not pass on any personal data that we receive via our Facebook page.
LinkedIn: LinkedIn transfers data to LinkedIn Corporation 1000 W Maude Ave Sunnyvale, CA, US on the basis of standard contractual clauses approved by the European Commission. We have no influence on these processing operations. We ourselves do not share any personal data we receive through our LinkedIn profile.
Youtube: Google Ireland transmits data on the basis of standard contractual clauses approved by the European Commission to Google LLC., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (hereinafter: Google). We have no influence on these processing operations. We ourselves do not pass on any personal data that we receive via our Youtube channel.
5. Objection options
You are entitled to the following objection options in particular:
Facebook and Instagram: Users of Facebook and Instagram can influence the extent to which their user behavior may be recorded when visiting our Facebook page or Instagram profile under the settings for advertising preferences. The Facebook settings or the form provided via Facebook for the right to object offer further options for objection. Settings for Instagram can also be made via the form.
6. Further information
7. Further information on your data subject rights
You can find more information about your data subject rights here.