<img height="1" width="1" src="https://www.facebook.com/tr?id=1483239291704574&amp;ev=PageView &amp;noscript=1">

Data Privacy Statement

(according to the EU General Data Protection Regulation)

A. This Privacy Policy

HYPE is pleased that you have chosen to visit our website and about your interest in our company. At this point, we would like to inform you about the handling of your personal data. In particular, we would like to inform you whether and which of your personal data we collect in relation to your visit to our website and for what purposes it is processed.

 

I. Name and address of the responsible party

 

The responsible party within the meaning of the General Data Protection Regulation and other national data protection laws of the EU Member States as well as other data protection regulations is:

HYPE Softwaretechnik GmbH
Trierer Strasse 70-72
53115 Bonn
Germany
Phone: +49 228 2276 0
Email: info@hype.de
Website: https://www.hypeinnovation.com/de 


II. Name and address of the Data Protection Officer
The responsible party's Data Protection Officer is:



IITR GmbH as external data protection officer
Marienplatz 2
80331 Munich
Germany
Phone: +49 228 2276 119
Email: dataprotection@hype.de



III. General information on data processing


1. 1. Scope of the personal data processing


We collect and utilise our users' personal data only insofar as this is necessary for provision of an operational site and of our content and services. Collection and utilization of our users' personal data is only undertaken periodically with the user's consent. An exception applies in those cases where prior consent cannot be obtained for legal or factual reasons and the processing of the data is permitted by law.



2. Performance of contractual services


We process inventory data (e.g. names and addresses as well as contact data of users), contract data (e.g. services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with the terms of the contract. Art. 6 Para. 1 lit. b, GDPR. The entries marked as obligatory in online forms are required for the conclusion of the contract.

When using our online services, we store the IP address and the time of the respective user action. The data is stored on the basis of our legitimate interests as well as the user's protection against misuse and other unauthorised use. Passing on of this data to third parties does not take place in principle, unless it is necessary for the pursuit of our claims or there is a legal obligation in accordance with. Art. 6 Para. 1 lit. c, GDPR.

We process usage data (e.g. the visited websites of our online offer, interest in our products) and content data (e.g. entries in the contact form or user profile) for advertising purposes in a user profile in order, for example, to show the user product information based on the services previously used by them.

The data will be deleted after the expiry of statutory warranty and comparable obligations; the necessity of storing the data will be reviewed every three years; in the case of statutory archiving obligations, the data will be deleted after its expiry. Information remains in the hypothetical customer account up to its deletion.

Administration, financial accounting, office organisation, contact management

We process data within the framework of administrative tasks as well as the organisation of our company, financial accounting and in compliance with legal obligations, e.g. archiving. In this regard we process the same data that we process as part of the performance of our contractual services. The bases of processing are art. 6 para. 1 lit. c. GDPR, art. 6 para. 1 lit. f GDPR. Customers, prospects, business partners and website visitors are affected by the processing. The purpose of and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, namely, tasks which serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of the data with regard to contractual services and contractual communication corresponds to the information provided in these processing activities.

We disclose or transmit data to the tax authorities, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers.

Furthermore, we store information regarding suppliers, event organisers and other business partners on the basis of our business interests, e.g. for the purpose of making contact at a later date. We store this data, which is mainly company-related, permanently.



3. Legal basis for processing personal data


Insofar as we obtain the consent of the data subject for processing personal data, Art. 6 Para. 1 (a) EU General Data Protection Regulation (GDPR) serves as legal basis.

In processing personal data necessary for performance of a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR applies as the legal basis. This also applies to processing operations that are necessary for carrying out pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c GDPR applies as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Para. 1 (f) GDPR applies as the legal basis for processing.



4. Data deletion and storage duration


The data subject's personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided by the European or national legislator in EU regulations, laws or other provisions to which the data controller is subject. Blocking or erasure of data will be carried out even if a storage deadline prescribed by the above-mentioned standards expires, unless data storage is a necessity for concluding or performing a contract.



5. Technical and Organisational Measures for Protection


We take appropriate technical and organisational security measures to protect your stored data against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. Our security measures are continuously improved in line with technological advances. Insofar as the transfer of data to external service providers is concerned, through technical and organisational measures we have ensured that all data protection provisions are adhered to.



6. Transmission to Third Countries


If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this only takes place if it occurs for the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or leave the data in a third country only in the presence of the special requirements of Art. 44 ff. GDPR. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognised determination of a data protection level corresponding to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").



IV. Provision of the website and creation of log files

 


1. Description and scope of data processing


Every time you visit our website, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

Information regarding the used browser type and version
The user’s operating system
The user's Internet service provider
The user's IP address
Date and time of access
Websites from which the user's system accesses our website
Websites accessed by the user's system via our website
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.



2. Legal basis for data processing


The legal basis for temporary storage of data and log files is Art. 6 para. 1 (f) of the GDPR.



3. Purpose of the data processing


Temporary storage of IP address by the system is necessary to enable delivery of the website to the user's computer. To this end, the user's IP address must remain stored for the duration of the session.

The data is stored in log files to ensure the website's functionality. The data is also used to optimise the website and to ensure the security of our information technology systems. No evaluation of the data for marketing purposes is undertaken in this context.

These purposes also encompass our legitimate interest in data processing in accordance with Art. 6 Para. 1 lit. f GDPR.



4. Duration of retention


The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for provision of the website, this will be undertaken once the respective session has ended.

Any data is to be stored in log files will be stored within seven days at the latest. Further storage is possible. In this case, the user's IP addresses will be deleted or distorted, so that assignment of the accessing client is no longer possible.



5. Objection and removal option


Collection of data for provision of the website and storage of data in log files is absolutely necessary for operation of the website. Consequently, there is no option to object on the part of the user.



V. Use of cookies

 


a) Description and scope of data processing


Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the internet browser on the user's computer system. If a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a distinctive character string that enables unique identification of the browser when the website is accessed again.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after changing pages.


b) Legal basis for the data processing


The legal basis for processing personal data using technically necessary cookies is Art. 6 Para. 1 lit f. GDPR.

When accessing our website, the user is informed regarding the use of cookies for analytical purposes and his or her consent to the processing of personal data used in this context is obtained. Reference is also made to this data protection declaration in this context. The legal basis for processing personal data by using cookies for analytical purposes, if the user's consent to this has been obtained, is Art. 6 Para. 1 lit. a GDPR.



c) Purpose of the data processing


The purpose of using technically necessary cookies is to simplify use of websites for users. Some features of our website are not offered without the use of cookies. In this case, it is necessary that the browser be recognised even after changing the page.

The analysis cookies are used to improve the quality of our website and its content. Using analysis cookies, we learn how the site is used and can constantly optimise our service.

For these purposes, our legitimate interest also lies in the processing of personal data pursuant to Art. 6 Para. 1 lit f. GDPR.



d) Overview of cookies used
Name Purpose and Content Lifespan
_hstc The main cookie for recording visitors. It contains: the domain, the user token (utk, see below), the first timestamp (of the first visit), the last timestamp (of the last visit), the current timestamp (for this visit) and the number of sessions (increases with each subsequent session). 2 years
 _hubspotutk This cookie is used to collect the identity of a user. This cookie is transferred to HubSpot when a form is submitted and used to de-duplicate contacts. 10 years
 _hssc Cookie for recording sessions. This is used to determine whether we need to increase the number of sessions and timestamps in the __hstc cookie. It contains: the domain, the number of page views (viewCount, increases with each page view in a session) and the session start time stamp. 30 minutes
 

_hssrc

Each time HubSpot changes the session cookie, this cookie is also set. We simply set it to "1" and use it to determine whether the user has restarted his browser. If this cookie does not exist at the time of our cookie management, we can assume that it is a new session. Length of session
 _hs_opt_out
This cookie is used to remind you not to be asked to accept cookies again.
2 years
 _hs_do_not_track This cookie is set when you choose to disable tracking. 2 years
 __hs_testcookie This cookie is used to test whether your browser supports the activation of cookies..

 Length of session

 hsPagesViewedThisSession This cookie is used to keep track of page views in a session. Length of session
 hsfirstvisit This cookie is used to record the first visit of a visitor.

10 years

 _ga; _gat; _gid Google Web Analytics: These cookies allow us to analyse your use of this website by assigning your device a unique, randomly generated ID with which we recognise your device on your next visit.

6 months

e) Duration of storage, objection and removal option

 

Cookies are stored on the user's computer and transmitted to our site. Therefore, as a user you have full control of the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all of the website's features in full.



VI. Register for blogs, webinars or download documents

 

1. Description and scope of data processing


If you are interested in our products, you can register for a blog (e.g. INNOVATION BLOG) or webinars and download documents (e.g. case studies) on our website. The data from the input screen is sent to us when you subscribe to the newsletter. The following data will also be collected upon subscription:

IP address of the accessing computer
Date and time of subscription
When operating our blog with comment function, the personal data entered in the input mask is stored and published under the respective blog entry. Comments can also be subscribed to.

Your data will not be passed on to third parties, except for the publication of comments. The data will be used exclusively for the provision of these offers.

The user's consent to processing this data is obtained during the registration process.



2. Legal basis for data processing


If your company uses our services and you provide us with your email address in this context, we may subsequently use it to send you a newsletter. In such a case, only direct marketing of our own similar products or services will be sent via the newsletter. The legal basis for the provision of the services is Art. 7 para. 3 UWG (Law against unfair competition).

Otherwise your consent will be obtained for the processing of the data and reference will be made to this data protection declaration. The legal basis for processing the data, if the user's consent to this has been obtained, is Art. 6 Para. 1 lit. a GDPR.


3. Purpose of the data processing


The collection of the user's email address serves to deliver the requested information. Collection of other personal data as part of the subscription process is for preventing the misuse of the services or of the email address used.

Should we also come to the conclusion on the basis of the data entered that a cooperation could be beneficial for both parties, we reserve the right to contact you in this regard.


4. Duration of storage


The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case, at the latest, when cooperation can be ruled out.


5. Objection and removal option


The services can be terminated by the user concerned at any time. For this purpose, there is a corresponding link in every message transmitted. You can also send the cancellation form free to dataprotection@hype.de.


VII. Registration for demonstrations and contacting HYPE


1. Description and scope of data processing


On our website, we offer users the opportunity to register by providing personal data in order to book a demonstration of our software products or to contact us. The data is entered into a contact form, transmitted to us, and stored. This data is not transferred to third parties. The following data is stored during registration:

  • The user's IP address
  • Date and time of subscription
  • The user's consent to processing this data is obtained during the registration process.


Alternatively, you can contact us via the email address provided. In this case, the user's personal data that is transmitted along with the email will be stored.

The data will not be disclosed to third parties during the course of this. The data is used exclusively for the processing of the conversation.


2. Legal basis for data processing


The legal basis for processing the data, if the user's consent to this has been obtained, is Art. 6 para. 1 lit. a of the GDPR.

If registration is for fulfilment of a contract to which the user is a party or for implementation of pre-contractual measures, an additional legal basis for the data processing is Art. 6, Para. 1 b GDPR.


3. Purpose of the data processing


Establishing contact with the user.


4. Duration of storage


The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case, at the latest, when cooperation can be ruled out. The data collected during the registration process will be deleted immediately if the registration is canceled.


5. Objection and removal option

 

As a user, you have the option of canceling the registration at any time. You can change the data stored about you at any time. Please contact us for free at dataprotection@hype.de. If the data is required for the fulfillment of a contract or the implementation of pre-contractual measures, early erasure of data is only possible insofar as contractual or legal obligations do not preclude erasure.


VIII. Hosting


The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online offering.

Hereby we or our hosting provider process inventory data, contact data, content data, contract data, usage data, metadata and communication data of customers, potential customers and visitors to this online offering on the basis of our legitimate interests in an efficient and secure provision of this online offering according to Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of order processing contract).


IX. Use of Hubspot


We use Hubspot for our online marketing activities. This is an integrated software solution with which we cover various aspects of our online marketing.

These include:

  • Content Management (website and blog)
  • Email marketing (newsletter/infomail, as well as automated mailings, e.g. for the provision of downloads)
  • Social Media Publishing & Reporting
    Reporting (e.g. traffic sources, accesses, etc....)
  • Contact management (e.g. user segmentation & CRM)
  • Landing Pages and Contact Forms

Our registration service allows visitors to our website to learn more about our company, download content and provide their contact information and other demographic information.



This information and the contents of our website are stored on servers of our software partner HubSpot. They can be used by us to contact visitors to our website and to determine which services of our company are of interest to them. All information we collect is subject to this privacy policy. We use all collected information exclusively to optimise our marketing.

HubSpot is a software company based in the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, phone: +353 1 5187500. HubSpot is certified under the conditions of the "EU - U.S. Privacy Shield Framework" and is subject to the TRUSTe 's Privacy Seal and the "U.S. - Swiss Safe Harbor" Framework.


X. Web analysis by Google Analytics


1. Scope of personal data processing


Our website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA., hereinafter referred to as "Google". Google also uses cookies (see Cookies for details). If individual pages of our website are accessed, the following data is stored:

  • Two bytes of the IP address of the user's requesting system
  • The web page requested
  • The website from which the user has accessed the website (referrer)
  • The sub-pages that are called up from the called up web page
  • The time spent on the website
  • The frequency with which the website is accessed
    This data is transmitted to Google.


Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for us, and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties as required by law or if said third parties process this data on behalf of Google.

For further information on data usage by Google, setting and objection options, please see the Google website: https://policies.google.com/technologies/partner-sites?hl=en ("How Google uses information from sites or apps that use our services“), https://adssettings.google.com/authenticated ("Use of data for promotional purposes"), ("Manage information Google uses to show you advertising").


2. Legal basis for processing personal data


The legal basis for processing the personal data of users is Art. 6 para. 1 lit f. GDPR.


3. Purpose of the data processing


The processing of users' personal data enables us to analyze the surfing behavior of our users. We are in a position to compile information about the use of the individual components of our website by evaluating the data obtained. This helps us to continuously improve our website and its user-friendliness. For these purposes, our legitimate interest also lies in the processing of personal data pursuant to Art. 6 para. 1 lit f. GDPR. By anonymizing the IP address, users' interest in protecting their personal data is sufficiently taken into account.


4. Duration of storage


The data will be deleted as soon as it is no longer needed for our recording purposes. Automatic deletion takes place after 14 months at the latest.


5. Objection and removal option


You can prevent the installation of Google Analytics cookies by setting your browser software accordingly; however, we point out that in this case, you may not be able to fully use all functions of our website.

Google also offers a deactivation add-on for the most popular browsers, giving you more control over what information Google collects about the websites you visit. The add-on informs Google Analytics' JavaScript (ga.js) that no information about the website visit should be transmitted to Google Analytics. However, the deactivation add-on for browsers from Google Analytics does not prevent information from being transmitted to us or to other web analytics services that we may use. For more information on installing the browser add-on, see Link.


XI. Rights of the data subject


If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights


1. Right to information


You may request confirmation from us as to whether personal information concerning you is processed by us.

If such processing is taking place, you can request to be informed by the data controller regarding the following information:

  • the purposes for processing the personal data;
  • the categories of personal data being processed;
  • the recipients or categories of recipients to whom your personal data has been or will be disclosed;
  • the planned storage duration of your personal data or, if specific information in that regard is not possible, criteria for determining the storage period;
  • the existence of a right of rectification or deletion of your personal data or of a restriction on processing by the data controller or of a right to oppose such processing;
  • the existence of a right of appeal to a supervisory authority;
  • any available information on the origin of the data if the personal data has not been collected from the person concerned;
  • the existence of automated decision-making, including profiling, in accordance with Article 22 Para. 1 and 4, GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the person concerned.


You have the right to request information regarding whether your personal information will be transmitted to a third-party country or an international organisation. In this respect, you can request the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transmission.


2. The right of rectification


You have a right of rectification and/or completion with respect to the responsible party if the personal data processed concerning you is incorrect or incomplete. The controller shall make the correction immediately.


3. The right to limitation of processing


Under the following conditions, you may request that the processing of personal data concerning you be restricted if:

  • you contest the accuracy of your personal data for a period that enables the controller to verify the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
  • the controller no longer needs the personal data for the purposes of processing, but it is required by you for the establishment, exercise or defense of legal claims or
  • you have objected to processing pursuant to Art. 21 Para. 1 GDPR pending the verification whether the legitimate grounds of the controller override your reasons.


Where processing of the personal data that concerns you has been restricted, such data – apart from being stored – may be processed only with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on the grounds of an important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, we will inform you before the restriction has been lifted.


4. Right to deletion


a) Deletion obligation


You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:


  • the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
  • you withdraw your consent on which the processing is based according to Art. 6 Para. 1 lit. a or Art. 9 Para. 2 (a) GDPR, and where there is no other legal ground for the processing.
  • You object pursuant to Art. 21 Para. 1 GDPR, you object to the processing and there are no overriding justifiable reasons for the processing or Art. 21 Para. 2 GDPR to the processing;
  • The personal data has been unlawfully processed.
  • The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • The personal data concerning you has been collected in relation to services offered by information society services according to Art. 8 Para. 1, GDPR.


b) Passing information to third parties


If we have passed on the personal data concerning you to third parties and we are obliged to erasure pursuant to Art. 17, Para. 1 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you as the data subject have requested the erasure of all links to this personal data or of copies or replications of this personal data.


c) Exceptions


The right to deletion does not exist insofar as the processing is necessary

  • to exercise the right of freedom of expression and information;
  • to fulfill a legal obligation required for processing under the law of the Union or of the Member States to which we are subject;
  • to assert, exercise or defend legal claims.

5. Right to information


If you have exercised your right to have the responsible party correct, delete or limit the processing, this party is obliged to inform all recipients to whom the personal data that concerns you has been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort.

It is your right to be informed regarding such recipients.


6. Right to data portability


You have the right to obtain your personal data, which you have provided to the controller, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, insofar as

  • the processing is based on consent pursuant to Art. 6 Para. 1 lit. a, GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract pursuant to Art. 6 Para. 1 (b) GDPR and
    the processing is carried out using automated methods.
  • In exercising this right, you also have the right to request that the personal data concerning you be transferred directly by us to another person responsible, insofar as this is technically feasible. This must not affect the freedoms and rights of other persons.


The right to data portability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the responsible party.


7. Right to object


You have the right,for reasons arising from your specific situation, to object to the processing of personal data concerning you at any time, which is carried out in accordance with Art. 6 para. 1 lit. e or f GDPR, including profiling based on those provisions;


In this case, we will no longer process the personal data concerning you, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of asserting, exercising or defending legal claims.

If the personal data that concerns you is being processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data that concerns you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing.

If you object to processing that is for direct marketing purposes, the personal data that concerns you will no longer be processed for these purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.


8. The right to revoke the data protection declaration of consent


You have the right at any time to revoke your data protection declaration of consent. The withdrawal of consent shall not affect the lawfulness of processing taking place on the basis of this consent before its revocation.


9. The right of appeal to a supervisory authority


Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or where the infringement is suspected, if you believe that the processing of personal data that concerns you is in contravention of GDPR.

The supervisory authority with which the appeal has been lodged shall inform the appellant of the status and results of the appeal, including the possibility of a judicial remedy under Art. 78 GDPR.

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Helga Block, P.O. Box 20 04 44, 40102 Düsseldorf or Kavalleriestrasse 2-4, 40213 Düsseldorf, Phone: +49 (0)211/384 24-0, Fax: +49(0)211/384 24-10, Email: poststelle@ldi.nrw.de Homepage: https://www.ldi.nrw.de.