Privacy Policy
1. General Information
In this Privacy Policy, we describe the types of data, including Personal Data, that we collect from you when you use the TAKTIQ websites and TAKTIQ products and services, how we use and disclose that data, and your options to access or update your data.
Responsible Party
The responsible party for data processing on this website and the use of our services is:
TAKTIQ GmbH & Co. KG
Am Hoppenhof 32
33104 Paderborn
The responsible party determines the purposes and means of the processing of personal data (e.g., names, contact information, etc.) alone or jointly with others.
Data Protection Officer
We have appointed a data protection officer.
Dr. Paul Markwart
Am Hoppenhof 32
33104 Paderborn
Phone: +49 5251 68262-00
E-mail: dsb@taktiq.de
Information Security Incidents
Please report any suspected or actual information security incidents to us using the following reporting form
In the event of loss or theft of a mobile device or data carrier containing personally identifiable information, please also complete the following form: Data carrier loss report
2. Purposes and Scope of Data Processing
Purpose
We collect data for the following reasons:
a) To provide you with software, services, or information. We may collect data, including personal data, which are required to provide our software, and services. This includes license validation and software updates, provision of support, reporting of issues and bugs, and other processing connected with the use of TAKTIQ software and services. We may use collected data in our development and testing of products and services. You or a representative of your company explicitly fill in the personal data required for you to receive the software, support, or services. This happens during application for a license and use of our support channels, subscription to receive marketing and/or technical information, among others. We may use third-party service providers, acting as data processors, to assist us in providing TAKTIQ products to you or in our operations. Further data processing performed by these service providers is governed by their privacy policies. The legal basis for this data processing is the performance of a contract between you and us.
b) To protect us from piracy and unlawful use of our software or services. We may collect data which are required to protect us from any piracy, unlawful or unauthorized use of our software or services, or which are necessary to ensure the security of our software or services, including both personal data provided by you (see above) and data collected during use of TAKTIQ Products. The legal basis for this data processing is our legitimate interest in protection from piracy and unlawful use of our software and services.
c) For internal evidence to protect the rights and interests of TAKTIQ and other users. We may collect data which are required to keep evidence of provision of software and services to you, of any communication between you and us, of your contact details, of your use of our software and services, and of any issues or disputes between you and us. We may use and disclose these data where we believe, in our sole judgment, that it is legitimate and appropriate to do so to protect our rights and interests and the rights and interests of other users of TAKTIQ Products or services, or where we believe there has been a violation of this privacy policy that could affect the interests of TAKTIQ or its customers. The legal basis for this data processing is our legitimate interest in keeping internal evidence and protecting the rights and interests of us and other users.
d) To improve our offerings based on usage. We may collect data based on your use of TAKTIQ products and services, and we do not associate these data with your name. We use these data to better understand the usage patterns of our products and the behaviors of our collective audience. Collection of data based on your use of TAKTIQ software products is done only if you permit it. The legal basis for this data processing is our legitimate interest in improving our software and services.
e) To promote and market our products and services. We may use feedback that you provide voluntarily on our products or services. We also may use data that we collect and aggregate to assist us in determining appropriate marketing and advertising for our products and services. In doing so, we may share anonymous aggregated data with third parties to assist us with these efforts. With your consent or if permitted by applicable law, we may also use your contact details to send you commercial communications about our products and services. We also may use third-party service providers to assist us with our email marketing; in that case, the third-party service provider will have access to your email address, your name, and other information necessary to engage in the marketing. Such third-party service provider will act as a data processor and will not use your personal data for any other purpose. The legal basis for this data processing is our legitimate interest in promoting and marketing our products and services.
f) To fulfil legal duties stipulated by accounting, taxation, and other laws. We may use and disclose your personal data where required by law, such as in keeping and disclosing our accounts, in keeping and disclosing our tax records, and in response to a court order, valid subpoena, or other legal process. The legal basis for this data processing is our compliance with our legal obligations.
You may object to the processing of your Personal Data for the purposes d) and e) at any time.
Scope
Types of data processed for the above purposes include
- names
- email address
- physical address
- phone umber
- username
- password
- IP address
- cookies
- data about usage of TAKTIQ products and services
- analysis data, esp. log files during the voluntary transmission of error reports from TAKTIQ software products
- comments, voluntarily provided feedback, and any data provided in survey responses
Where appropriate, we will prompt you to give us your consent to the collection and processing of your data for the purposes described above. This may happen on TAKTIQ websites, within TAKTIQ products, or as part of other written contracts with TAKTIQ.
Storage Periods
Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.
3. Data Subject Rights
As a data subject, you have the following rights (chapter 3 of the GDPR, “Data subject rights”):
- The right to object: You have the right to object to the processing of your data on grounds relating to your particular situation; and we will cease processing unless other legislation requires us to process it.
- Revocation of your consent to the processing of data: Some data processing transactions are only possible with your explicit consent. A revocation of consent is possible at any time. An informal e-mail is sufficient for this purpose. The legality of the data processing which has taken place prior to the revocation remains unaffected.
- Right to log a complaint with the competent supervisory agency: In the event of a violation of the data protection law, you as a data subject are entitled to log a complaint with the responsible supervisory agency. The responsible supervisory agent for data protection issues is the data protection authority of the state in which the head office of our company is situated.
- Right to data portability: You have the right to demand that we provide you or a third party with the data we process automatically based on your consent or as a part of a contract. The data is delivered in a machine-readable format. A direct transfer of the data to a third party is only possible if it is technically feasible.
- Rights of access, correction, blocking and deletion: Within the scope of the applicable statutory provisions, you have the right to free information about your stored personal data, its source and recipients as well as the purpose of the processing of your data. You may also have the right to have your data corrected, blocked or deleted. If you have questions about this subject or any other questions about personal data, please do not hesitate to use the contact options listed in the imprint.
4. E-Mail Newsletter
Recipient Data
For sending our newsletter, we require your e-mail address. Additional data is not collected or is voluntary. The data is only used for sending the newsletter.
The data generated when registering for the newsletter is only processed with your consent (Art. 6(1)(f) GDPR). A revocation of a given consent is possible at any time. An informal e-mail is sufficient, or you can deregister via the “unsubscribe”-link in the e-mail. The legality of the data collected prior to the revocation remains unaffected.
Data collected for the purpose of subscription is deleted in case of deregistration. If the data has been provided to us for other purposes and through different channels, it remains with us.
CleverReach
We use CleverReach for the distribution of newsletters. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. With this service, we can organize and analyze the newsletter distribution. The data you have given for the subscription of the newsletter is stored in the servers of CleverReach. The server locations are Germany and Ireland.
Distribution of the newsletter through CleverReach allows us to analyze the behavior of the newsletter recipient. The analysis states, e.g., how many recipients have opened the newsletter and how often links in the newsletter are clicked. CleverReach supports conversion tracking to analyze whether a predefined action takes place after a click, such as a product purchase. Details concerning the data analysis can be found here: https://www.cleverreach.com/de/funktionen/reporting-und-tracking.
If you prefer no analysis through CleverReach, you must unsubscribe from the newsletter. An informal e-mail is sufficient, or you can deregister via the “unsubscribe”-link in the e-mail. In case of deregistration, data collected for the subscription is deleted from our servers and the servers of CleverReach. If the data has been provided to us for other purposes and through different channels, it remains with us.
Details concerning the privacy policy of CleverReach can be found here: https://www.cleverreach.com/en/privacy-policy.
To comply fully with legal data protection requirements, we have signed a data processing agreement (DPA) with CleverReach.
5. Websites
Server Logfiles
In server log files, the provider of the website automatically saves information which your browser submits to us automatically. These are:
- Browser type and browser version
- Used operating system
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources. The basis of the data processing is Art. 6(1)(b) GDPR, which allows data processing in compliance with a contract or in case of pre-contract measures.
Contact Form
When you submit data via our contact form, only your contact information is stored in order to process your request or to be available for follow-up questions. This data is not passed on without your consent.
The data is only processed with your consent (Art. 6(1)(b) GDPR). A revocation of a given consent is possible at any time. An informal e-mail is sufficient for this purpose. The legality of the data processing prior to the revocation is not affected by the revocation.
Data submitted via the contact form remains with us unless you request deletion of the data, revoke your consent to the storage or when storage of the data is no longer necessary. Mandatory legal regulations – especially retention periods – remain unaffected.
Cookies
Our websites use cookies to improve the user experience. The user’s web browser places cookies on his hard drive to collect data about the use of the website.
With a modern web browser, you can monitor, limit and prevent the placement of cookies. Deactivation of cookies can result in limited functioning of our websites.
6. Website Analysis and Plugins
WP Statistics
Our websites use the internal WordPress plugin “WP Statistics” to assess visitor accesses purely statistically and anonymously. The provider is VeronaLabs (https://veronalabs.com), their privacy policy is available at https://wp-statistics.com/privacy-and-policy.
For anonymization of the data, an option of the plugin is used to replace the IP addresses in the data bank by generated hash values. Such anonymized IP addresses cannot be retrieved at any later time.
Google Analytics
We use Google Analytics to analyze website usage. The data obtained from this is used to optimize our website and advertising.
Google Analytics is a web analytics service operated and provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). Google processes website usage data on our behalf and is contractually committed to ensure the confidentiality of the processed data.
During your website visit, the following data is recorded, among others:
- Pages viewed
- The achievement of “website goals” (for example, contact requests and downloading our demo)
- Your behavior on the pages (for example, dwell time, clicks, scrolling behavior)
- Your approximate location (country and city)
- Your IP address (in shortened form, so that no clear assignment is possible)
- Technical information such as browser and device
- Source of origin of your visit (via which website or which advertising medium you came to us)
This data is transferred to Google servers in the USA. We would like to point out that the data protection law within the USA differs from the EU. The same level of data protection cannot be guaranteed in the USA.
Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID that can be used to recognize you during future website visits.
The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. Details can be found in Google’s privacy policy: https://policies.google.com/privacy.
More information: EU-focused data and privacy – Google Analytics
LinkedIn and LinkedIn Insight Tag
Our websites use functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Each time you access a page of a website that contains functions of LinkedIn, a connection to servers of LinkedIn is established. LinkedIn is informed that you have visited this website with your IP address. If you click the “Recommend Button” of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to this website to you and your user account.
We also use the LinkedIn Insight Tag to measure the success of our advertising measures. After an event, such as downloading a demo or signing up for a live demonstration, this goal achievement is recorded by LinkedIn. LinkedIn can thus measure the number of goal achievements. In addition, LinkedIn will use previously set cookies to assign which advertisements were clicked on beforehand and were thus decisive for the target achievement.
The use of the LinkedIn plug-in is based on Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. If a declaration of consent has been obtained, the data shall be processed exclusively based on Art. 6(1)(a) GDPR. This declaration of consent may be revoked at any time.
For more information, please refer to LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.
Google Ads and Conversion Tracking
Our websites use Google Ads. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.
Google Ads is an online advertising program. As part of the online advertising program, we work with conversion tracking. After a click on an ad placed by Google, a cookie is set for conversion tracking. From the cookie, Google and we can recognize that you clicked on an ad and were redirected to our website.
Conversion cookies are used to create conversion statistics for Google Ads customers who use conversion tracking. Google Ads customers learn how many users clicked on their ad and were redirected to pages with the conversion tracking tag. However, Google Ads customers do not receive information that personally identifies users. If you do not want to participate in tracking, you can object to its use. In this case, the conversion cookie must be deactivated in the user settings of the browser. In this way, there will also be no inclusion in the conversion tracking statistics.
The storage of the conversion cookies takes place based on Art. 6(1)(f) GDPR. As the website operator, we have a legitimate interest in analyzing user behavior in order to optimize our website and our advertising.
Details on Google Ads and Google conversion tracking can be found in Google’s privacy policy: https://policies.google.com/privacy.
Google Maps
Our websites use Google Maps from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website, you consent to the storage, processing, and use of the automatically collected data through Google Inc, their representatives and third parties. The terms and conditions of Google Maps can be found at “Terms and conditions of Google Maps”.
The terms of use of Google Maps can be found at https://policies.google.com/privacy?hl=de.
YouTube
Our websites embed videos from YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. If you visit a page on this website into which a YouTube has been embedded, a connection with YouTube’s servers will be established. As a result, the YouTube server will be notified about the pages you have visited.
Furthermore, YouTube will be able to place various cookies on your device or use comparable technologies for recognition (e.g., device fingerprinting). This way, YouTube will be able to obtain information about the visitors on the website. Amongst others, this information will be used to generate video statistics to improve the user friendliness of the site and to prevent fraud attempts. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.
The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If a declaration of consent has been obtained, the processing takes place exclusively based on Art. 6(1)(a) GDPR; the agreement can be revoked at any time.
For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy at: https://policies.google.com/privacy?hl=en.
hCaptcha
Our website uses hCaptcha. Provider is the company Intuition Machines Inc, 350 Alabama St, San Francisco, CA 94110, USA. hCaptcha is an anti-spam system and processes data from you, among others, also in the USA.
By using hCaptcha, we want to prevent erroneous bot or spam requests via our contact forms. hCaptcha recognizes requests from bots and blocks them. For this purpose, hCaptcha places cookies in your browser.
For data processing/data transfer to recipients in third countries, hCaptcha uses standard contractual clauses (Art. 46. para. 2 and 3 DSGVO). hCaptcha thereby undertakes to comply with the European level of data protection when processing your data. Also in the case of storage, processing and management in the USA.
You can learn more about the data processed through the use of hCaptcha in the privacy policy at https://www.hcaptcha.com/privacy.
7. Job Applications
We process your data within the scope of applicant management for the purpose of deciding on the establishment of an employment relationship in accordance with Section 26 BDSG. We process the data that you disclose to us as part of your (online) application exclusively for the purpose of selecting applicants. Data processing for other purposes does not take place.
You yourself determine the scope of the data that you wish to transmit to us as part of your application. Applications sent to karriere@taktiq.de can only be viewed by our personnel managers and will be processed as quickly as possible. If necessary, applications will be forwarded to the relevant department. Your data will not be passed on beyond this. Your data will be treated confidentially in our company. If your application is unsuccessful, your documents will be included in an applicant pool for 24 months so that they can be considered for future job openings.
In the event that your application is considered for another vacancy, we will forward your application documents to the relevant department and, if necessary, contact you subsequently by telephone or e-mail. The processing of your data is based on Art. 6 para. 1 lit. a, 7 DSGVO in conjunction with. § 26 para. 2 BDSG. Your declaration of consent includes the processing of all data that you have provided to us as part of the application process. In addition, such data will be processed and stored which was necessary for the processing of the application procedure (correspondence, handwritten records from job interviews, etc.). In addition, we may process job-related information that you have made publicly available, such as a profile on professional social media networks or online job portals.
Unless you revoke your consent for the processing of your data in the applicant pool, your data will be completely deleted after 24 months at the latest. There will be no notification of the deletion of your data.
You can revoke your consent at any time without formalities. You can declare the revocation, for example, by e-mail to karriere@taktiq.de.
8. Partners and Third-Party Services
Hosting
For hosting websites and applications, we collaborate with our partner Vegasystems GmbH & Co. KG. This company operates data centers exclusively in Germany and is audited by TÜV Rheinland and is ISO 27001 certified. The privacy policy can be viewed at https://www.vegasystems.de/datenschutz.
To fully comply with the legal data protection requirements, we have we have signed a data processing agreement (DPA) with Vegasystems GmbH & Co. KG.
Error Reports and Usage Statistics
When voluntarily submitting error reports and allowing collecting of anonymized usage statistics, data is transferred to our partner Microsoft. This takes place in the context of the use of cloud services from the Microsoft Azure product family.
Microsoft takes extensive measures to protect this data. The privacy policy can be viewed at https://privacy.microsoft.com/privacystatement. Specific information on compliance with the GDPR for users of Microsoft services is available at https://www.microsoft.com/trust-center/privacy/gdpr-faqs.
Wherever possible, TAKTIQ chooses data centers within the EU for data processing by Microsoft. Any unavoidable transfer of data to countries outside the EU will be based on the EU Commission’s Standard Contractual Clauses (SCC), which Microsoft uses as the basis for data transfers for its Enterprise Online Services. Further information on this can be found in Microsoft’s Online Services Terms of Use, in particular the Data Protection Addendum (DPA).