<img height="1" width="1" src="https://www.facebook.com/tr?id=1483239291704574&amp;ev=PageView &amp;noscript=1">

Data Privacy Statement

(according to the EU General Data Protection Regulation)

HYPE Privacy Policy

HYPE is pleased that you have chosen to visit our website and about your interest in our company. At this point, we would like to inform you about the handling of your personal data. In particular, we would like to inform you whether and which of your personal data we collect in relation to your visit to our website and for what purposes it is processed.

 

I. Name and address of the responsible party


The responsible party within the meaning of the General Data Protection Regulation and other national data protection laws of the EU Member States as well as other data protection regulations is:

HYPE Softwaretechnik GmbH
Trierer Strasse 70-72
53115 Bonn
Germany
Phone: +49 228 2276 0
Email: info@hype.de
Website: https://www.hypeinnovation.com/de 


II. Name and address of the Data Protection Officer
The responsible party's Data Protection Officer is:


IITR GmbH as external data protection officer
Marienplatz 2
80331 Munich
Germany
Phone: +49 228 2276 119
Email: dataprotection@hype.de



III. General information on data processing


1. 1. Scope of personal data processing

We collect and utilize our users' personal data only insofar as this is necessary for the provision of an operational site and of our content and services. Collection and utilization of our users' personal data is only undertaken periodically with the user's consent. An exception applies in those cases where prior consent cannot be obtained for legal or factual reasons and the processing of the data is permitted by law.



2. Performance of contractual services

We process inventory data (e.g. names and addresses as well as contact data of users), contract data (e.g. services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with the terms of the contract. Art. 6 Para. 1 lit. b, GDPR. The entries marked as obligatory in online forms are required for the conclusion of the contract.

When using our online services, we store the IP address and the time of the respective user action. The data is stored on the basis of our legitimate interests as well as the user's protection against misuse and other unauthorized use. Passing on of this data to third parties does not take place in principle unless it is necessary for the pursuit of our claims or there is a legal obligation in accordance with. Art. 6 Para. 1 lit. c, GDPR.

We process usage data (e.g. the visited websites of our online offer, interest in our products) and content data (e.g. entries in the contact form or user profile) for advertising purposes in a user profile in order, for example, to show the user product information based on the services previously used by them.

The data will be deleted after the expiry of statutory warranty and comparable obligations; the necessity of storing the data will be reviewed every three years; in the case of statutory archiving obligations, the data will be deleted after its expiry. Information remains in the hypothetical customer account up to its deletion.

Administration, financial accounting, office organisation, contact management

We process data within the framework of administrative tasks as well as the organization of our company, financial accounting and in compliance with legal obligations, e.g. archiving. In this regard, we process the same data that we process as part of the performance of our contractual services. The bases of processing are art. 6 para. 1 lit. c. GDPR, art. 6 para. 1 lit. f GDPR. Customers, prospects, business partners and website visitors are affected by the processing. The purpose of and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, namely, tasks which serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of the data with regard to contractual services and contractual communication corresponds to the information provided in these processing activities.

We disclose or transmit data to the tax authorities, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers.

Furthermore, we store information regarding suppliers, event organizers, and other business partners on the basis of our business interests, e.g. for the purpose of making contact at a later date. We store this data, which is mainly company-related, permanently.



3. Legal basis for processing personal data

Insofar as we obtain the consent of the data subject for processing personal data, Art. 6 Para. 1 (a) EU General Data Protection Regulation (GDPR) serves as legal basis.

In processing personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR applies as the legal basis. This also applies to processing operations that are necessary for carrying out pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c GDPR applies as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Para. 1 (f) GDPR applies as the legal basis for processing.



4. Data deletion and storage duration

The data subject's personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided by the European or national legislator in EU regulations, laws or other provisions to which the data controller is subject. Blocking or erasure of data will be carried out even if a storage deadline prescribed by the above-mentioned standards expires unless data storage is a necessity for concluding or performing a contract.



5. Technical and Organisational Measures for Protection

We take appropriate technical and organizational security measures to protect your stored data against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological advances. Insofar as the transfer of data to external service providers is concerned, through technical and organizational measures we have ensured that all data protection provisions are adhered to.



6. Transmission to Third Countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this only takes place if it occurs for the fulfillment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or leave the data in a third country only in the presence of the special requirements of Art. 44 ff. GDPR. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").



IV. Provision of the website and creation of log files


1. Description and scope of data processing

Every time you visit our website, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

Information regarding the used browser type and version
The user’s operating system
The user's Internet service provider
The user's IP address
Date and time of access
Websites from which the user's system accesses our website
Websites accessed by the user's system via our website
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.



2. Legal basis for data processing

The legal basis for temporary storage of data and log files is Art. 6 para. 1 (f) of the GDPR.



3. Purpose of the data processing

Temporary storage of IP address by the system is necessary to enable delivery of the website to the user's computer. To this end, the user's IP address must remain stored for the duration of the session.

The data is stored in log files to ensure the website's functionality. The data is also used to optimize the website and to ensure the security of our information technology systems. No evaluation of the data for marketing purposes is undertaken in this context.

These purposes also encompass our legitimate interest in data processing in accordance with Art. 6 Para. 1 lit. f GDPR.



4. Duration of retention

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, this will be undertaken once the respective session has ended.

Any data is to be stored in log files will be stored within seven days at the latest. Further storage is possible. In this case, the user's IP addresses will be deleted or distorted, so that assignment of the accessing client is no longer possible.



5. Objection and removal option

Collection of data for provision of the website and storage of data in log files is absolutely necessary for operating the website. Consequently, there is no option to object on the part of the user.



V. Use of cookies 

 

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the internet browser on the user's computer system. If a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a distinctive character string that enables unique identification of the browser when the website is accessed again.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after changing pages.


2. Legal basis for the data processing

The legal basis for processing personal data using technically necessary cookies is Art. 6 Para. 1 lit f. GDPR.

When accessing our website, the user is informed regarding the use of cookies for analytical purposes and his or her consent to the processing of personal data used in this context is obtained. Reference is also made to this data protection declaration in this context. The legal basis for processing personal data by using cookies for analytical purposes, if the user's consent to this has been obtained, is Art. 6 Para. 1 lit. a GDPR.



3. Purpose of the data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some features of our website are not offered without the use of cookies. In this case, it is necessary that the browser is recognized even after changing the page.

The analysis cookies are used to improve the quality of our website and its content. Using analysis cookies, we learn how the site is used and can constantly optimize our service.

For these purposes, our legitimate interest also lies in the processing of personal data pursuant to Art. 6 Para. 1 lit f. GDPR.



4. Overview of cookies used
Name Lifespan Description - EN
_cfduid 1 year Cookie associated with sites using CloudFlare, used to speed up page load times. According to CloudFlare it is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information. The main purpose of this cookie is: Strictly Necessary
_cfruid Session Length Cookie associated with sites using CloudFlare, used to identify trusted web traffic. The main purpose of this cookie is: Strictly Necessary
optanonConsent 1 Year This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor.
_gid 1 Day This cookie name is associated with Google Universal Analytics. This appears to be a new cookie and as of Spring 2017 no information is available from Google. It appears to store and update a unique value for each page visited. The main purpose of this cookie is: Performance
_hssc 30 minutes This cookie name is associated with websites built on the HubSpot platform. It is reported by them as being used for website analytics. The main purpose of this cookie is: Performance
_hijIncludedInSample 1 Year Hotjar cookie. This session cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels.
_gat A few seconds This cookie name is associated with Google Universal Analytics, according to documentation it is used to throttle the request rate - limiting the collection of data on high traffic sites. It expires after 10 minutes. The main purpose of this cookie is: Performance
_hssrc Session Length This cookie name is associated with websites built on the HubSpot platform. It is reported by them as being used for website analytics. The main purpose of this cookie is: Performance
hsfirstvisit Session Length This cookie name is associated with websites built on the HubSpot platform. It is reported by them as being used for website analytics. The main purpose of this cookie is: Performance
_hstc 1 Year This cookie name is associated with websites built on the HubSpot platform. It is reported by them as being used for website analytics. The main purpose of this cookie is: Performance
_ga 2 Years This cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customizable by website owners. The main purpose of this cookie is: Performance
_hjid 1 Year Hotjar cookie. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.. The main purpose of this cookie is: Performance
hubspotutk 1 Year This cookie name is associated with websites built on the HubSpot platform. HubSpot report that its purpose is user authentication. As a persistent rather than a session cookie it cannot be classified as Strictly Necessary. The main purpose of this cookie is: Functionality
_fbp 3 months Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers The main purpose of this cookie is: Targeting/Advertising
IDE 7980 years  This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website. The main purpose of this cookie is: Targeting/Advertising
id 13 days This cookie is set by DoubleClick (which is owned by Google) to build a profile of the website visitor's interests and show relevant ads on other sites. The main purpose of this cookie is: Targeting/Advertising
datr 13 days The purpose of the datr cookie is to identify the web browser being used to connect to Facebook independent of the logged in user. This cookie plays a key role in Facebook’s security and site integrity features.
fr 3 months Encrypted Facebook ID and Browser ID. The main purpose of this cookie is: Advertisement
lu 13 days This domain is owned by Facebook, which is the world's largest social networking service. As a third party host provider, it mostly collects data on the interests of users via widgets such as the 'Like' button found on many websites. This is used to serve targeted advertising to its users when logged into its services. In 2014 it also started serving up behaviorally targeted advertising on other websites, similar to most dedicated online marketing companies. Used to manage the login process, remembers user on return visit if they choose to stay logged in.
APISID 13 days This DoubleClick cookie is generally set through the site by advertising partners, and used by them to build a profile of the website visitor's interests and show relevant ads on other sites. This cookie works by uniquely identifying your browser and device. The main purpose of this cookie is: Targeting/Advertising
SSID 13 days This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website. The main purpose of this cookie is: Targeting/Advertising
NID 6 months This cookie is set by DoubleClick (which is owned by Google) to help build a profile of your interests and show you relevant ads on other sites. The main purpose of this cookie is: Targeting/Advertising
SID 13 days This is a very common cookie name but where it is found as a session cookie it is likely to be used as for session state management. The main purpose of this cookie is: Strictly Necessary
SAPISID 13 days This DoubleClick cookie is generally set through the site by advertising partners, and used by them to build a profile of the website visitor's interests and show relevant ads on other sites. This cookie works by uniquely identifying your browser and device. The main purpose of this cookie is: Targeting/Advertising
HSID 13 days This cookie is set by DoubleClick (which is owned by Google) to build a profile of the website visitor's interests and show relevant ads on other sites. The main purpose of this cookie is: Targeting/Advertising
lidc 7980 years  This is a Microsoft MSN 1st party cookie that ensures the proper functioning of this website. The main purpose of this cookie is: Functionality
bcookie 14 days This domain is owned by LinkedIn, which is also part of Microsoft. It is used to provide services for embedding slide presentations into websites. Information collected via cookies on this domain can also be used for targeted advertising purposes.
_utma 13 days This is one of the four main cookies set by the Google Analytics service which enables website owners to track visitor behavior and measure site performance. This cookie lasts for 2 years by default and distinguishes between users and sessions. It  used to calculate new and returning visitor statistics. The cookie is updated every time data is sent to Google Analytics. The lifespan of the cookie can be customized by website owners. The main purpose of this cookie is: Performance
_utmv 13 days This is an optional additional cookie set by the Google Analytics service which enables website owners to track visitor behavior and measure site performance. This cookie is used when site owners create custom visitor-level variables for customizing what can be measured. The cookie is updated every time data is sent to Google Analytics. It has a default lifespan of two years, although this can be customized by site owners. The main purpose of this cookie is: Performance
LOGIN_INFO 7980 years YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites.
UID 2 Years This cookie provides a uniquely assigned, machine-generated user ID and gathers data about activity on the website. This data may be sent to a 3rd party for analysis and reporting. The main purpose of this cookie is: Performance
UIDR 2 Years This cookie is set to measure the number and behavior of website visitors coming and going. It helps the website send out surveys to better understand user preferences. The main purpose of this cookie is: Targeting/Advertising
_uv_id 2 Years This domain is owned by LinkedIn, which is also part of Microsoft. It is used to provide services for embedding slide presentations into websites. Information collected via cookies on this domain can also be used for targeted advertising purposes.
_utmz 6 months This domain is owned by LinkedIn, which is also part of Microsoft. It is used to provide services for embedding slide presentations into websites. Information collected via cookies on this domain can also be used for targeted advertising purposes.
_utmb 29 minutes This domain is owned by LinkedIn, which is also part of Microsoft. It is used to provide services for embedding slide presentations into websites. Information collected via cookies on this domain can also be used for targeted advertising purposes.
_utmt 9 minutes This domain is owned by LinkedIn, which is also part of Microsoft. It is used to provide services for embedding slide presentations into websites. Information collected via cookies on this domain can also be used for targeted advertising purposes.
lang Session Length This domain is owned by LinkedIn, which is also part of Microsoft. It is used to provide services for embedding slide presentations into websites. Information collected via cookies on this domain can also be used for targeted advertising purposes.
_utmc Session Length This domain is owned by LinkedIn, which is also part of Microsoft. It is used to provide services for embedding slide presentations into websites. Information collected via cookies on this domain can also be used for targeted advertising purposes.
sc_anonymos_id 10 years This cookie allows users to embed files or other content onto the website, this function can be limited to specific visitors.
auth_token 14 days This domain is owned by Twitter. The main business activity is: Social Networking Services. Where twitter acts as a third party host, it collects data through a range of plug-ins and integrations, that is primarily used for tracking and targeting.
twll 4 years This domain is owned by Twitter. The main business activity is: Social Networking Services. Where twitter acts as a third party host, it collects data through a range of plug-ins and integrations, that is primarily used for tracking and targeting.
secure_session 14 years This domain is owned by Twitter. The main business activity is: Social Networking Services. Where twitter acts as a third party host, it collects data through a range of plug-ins and integrations, that is primarily used for tracking and targeting.
guest_id 13 days This domain is owned by Twitter. The main business activity is: Social Networking Services. Where twitter acts as a third party host, it collects data through a range of plug-ins and integrations, that is primarily used for tracking and targeting.
remember_checked 4 years This domain is owned by Twitter. The main business activity is: Social Networking Services. Where twitter acts as a third party host, it collects data through a range of plug-ins and integrations, that is primarily used for tracking and targeting.
remember_checked_on 4 years This domain is owned by Twitter. The main business activity is: Social Networking Services. Where twitter acts as a third party host, it collects data through a range of plug-ins and integrations, that is primarily used for tracking and targeting.
VISITOR_INFO1_LIVE 6 months This cookie is set by YouTube to keep track of user preferences for YouTube videos embedded in sites; it can also determine whether the website visitor is using the new or old version of the YouTube interface. The main purpose of this cookie is: Targeting/Advertising
PREF 4 years YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites. This is a common Google cookie, used across several of their services. Stores user preference, can be used to personalize ads on google searches
GPS 24 minutes YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites.
YSC Session Length YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites.
SERVER_ID Session Length This cookie is used to assign the visitor to a specific server - this function is required for the functionality of the website.
language Session Length Stores the user's preferred language on the website.
hs_ab_test Session Length There are many different types of cookies associated with this name, and a more detailed look at how it is used on a particular website is generally recommended. However, in most cases it will likely be used to store language preferences, potentially to serve up content in the stored language. The ICC category given here is based on this usage. The main purpose of this cookie is: Functionality
ssi_lastInteraction 5 minutes Stores the date of the last secure session the user had when visiting the site.
ssi_sessionId 1 Year Helps us to be more efficient when serving a secure connection, reusing one the user has used already.
muxData 20 years This cookie is used in context with a video-player, so that if the visitor is interrupted while viewing video content, the cookie remembers where to start the video when the visitor reloads the video. The main purpose of this cookie is: Functionality
_dc_gtm_UA-xxxxxxxx A few seconds This cookie is associated with sites using Google Tag Manager to load other scripts and code into a page. Where it is used it may be regarded as Strictly Necessary as without it, other scripts may not function correctly. The end of the name is a unique number which is also an identifier for an associated Google Analytics account. The main purpose of this cookie is: Strictly Necessary
OptanonAlertBoxClosed 1 Year This cookie is set by websites using certain versions of the cookie law compliance solution from OneTrust. It is set after visitors have seen a cookie information notice and in some cases only when they actively close the notice down. It enables the website not to show the message more than once to a user. The cookie has a one year lifespan and contains no personal information.
CheckConnectionTempCookie7 A few seconds This domain is owned by YouTube. The main business activity is: Video/Advertising Platform
GAPS 17 days This domain is owned by Google. The main business activity is: User Accounts sub-domain. Cookies in this domain have lifespans between 1 month to 2 years.
5. Duration of storage, objection and removal option

Cookies are stored on the user's computer and transmitted to our site. Therefore, as a user, you have full control of the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all of the website's features in full.



VI. Registration for events or meetings


1. Description and scope of data processing

If you would like to participate in a HYPE event (e.g., the Innovate Forum in Bonn), the data from the input mask will be transmitted to us when you register. In addition, the following data is collected at registration:

  • IP address of the calling computer
  • Date and time of the registration

Your data will not be passed on to third parties. The data will only be used for the processing of your participation in the event.

The user's consent to the processing of this data is obtained within the framework of the request process.

 
2. Legal basis for data processing

If you enter your email address when registering, we will use it to send you a registration confirmation and information about the event.

The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if consent is given.

 
3. Purpose of the data processing

The collection of the user's e-mail address serves to deliver the requested information. The collection of other personal data as part of the registration process is necessary for event management and also serves to prevent misuse of our services or the e-mail address used.

Should we come to the conclusion that other events may be of interest to you, we reserve the right to contact you by e-mail. The legal basis is Art. 6 para. 1 lit. f GDPR.

 
4. Duration of the storage

The data are deleted as soon as they are no longer required for the purpose of their collection. This is the case at the latest when cooperation can be excluded. We exclude cooperation if you are not already a customer of HYPE and have neither opened an e-mail from us nor visited our website for more than two years.

 
5. Possibility of objection and deletion

You can request the deletion of your data at any time. To do so, please reply to the e-mail sent or inform us informally at dataprotection@hype.de.



VII. Register for blogs, webinars or download documents

 

1. Description and scope of data processing

If you are interested in our products, you can register for a blog (e.g. INNOVATION BLOG) or webinars and download documents (e.g. case studies) on our website. The data from the input screen is sent to us when you subscribe to the newsletter. The following data will also be collected upon subscription:

  • IP address of the accessing computer
  • Date and time of subscription

When operating our blog with comment function, the personal data entered in the input mask is stored and published under the respective blog entry. Comments can also be subscribed to.

Your data will not be passed on to third parties, except for the publication of comments. The data will be used exclusively for the provision of these offers.

The user's consent to processing this data is obtained during the registration process.



2. Legal basis for data processing

If your company uses our services and you provide us with your email address in this context, we may subsequently use it to send you a newsletter. In such a case, only direct marketing of our own similar products or services will be sent via the newsletter. The legal basis for the provision of the services is Art. 7 para. 3 UWG (Law against unfair competition).

Otherwise, your consent will be obtained for the processing of the data and reference will be made to this data protection declaration. The legal basis for processing the data, if the user's consent to this has been obtained, is Art. 6 Para. 1 lit. a GDPR.



3. Purpose of the data processing

The collection of the user's email address serves to deliver the requested information. Collection of other personal data as part of the subscription process is for preventing the misuse of the services or of the email address used.

Should we also come to the conclusion on the basis of the data entered that a cooperation could be beneficial for both parties, we reserve the right to contact you in this regard.



4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case, at the latest, when cooperation can be ruled out.



5. Objection and removal option

The services can be terminated by the user concerned at any time. For this purpose, there is a corresponding link in every message transmitted. You can also send the cancellation form free to dataprotection@hype.de.



VIII. Registration for demonstrations and contacting HYPE


1. Description and scope of data processing

On our website, we offer users the opportunity to register by providing personal data in order to book a demonstration of our software products or to contact us. The data is entered into a contact form, transmitted to us, and stored. This data is not transferred to third parties. The following data is stored during registration:

  • The user's IP address
  • Date and time of subscription
  • The user's consent to processing this data is obtained during the registration process.


Alternatively, you can contact us via the email address provided. In this case, the user's personal data that is transmitted along with the email will be stored.

The data will not be disclosed to third parties during the course of this. The data is used exclusively for the processing of the conversation.



2. Legal basis for data processing

The legal basis for processing the data, if the user's consent to this has been obtained, is Art. 6 para. 1 lit. a of the GDPR.

If registration is for fulfillment of a contract to which the user is a party or for implementation of pre-contractual measures, an additional legal basis for the data processing is Art. 6, Para. 1 b GDPR.



3. Purpose of the data processing

Establishing contact with the user.



4. Duration of storage

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case, at the latest, when cooperation can be ruled out. The data collected during the registration process will be deleted immediately if the registration is canceled.



5. Objection and removal option

As a user, you have the option of canceling the registration at any time. You can change the data stored about you at any time. Please contact us for free at dataprotection@hype.de. If the data is required for the fulfillment of a contract or the implementation of pre-contractual measures, early erasure of data is only possible insofar as contractual or legal obligations do not preclude erasure.



IX. Hosting


The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online offering.

Hereby we or our hosting provider process inventory data, contact data, content data, contract data, usage data, metadata and communication data of customers, potential customers and visitors to this online offering on the basis of our legitimate interests in an efficient and secure provision of this online offering according to Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of order processing contract).



X. Use of Hubspot


We use Hubspot for our online marketing activities. This is an integrated software solution with which we cover various aspects of our online marketing.

These include:

  • Content Management (website and blog)
  • Email marketing (newsletters, as well as automated mailings, e.g. for the provision of downloads)
  • Social Media Publishing & Reporting
    Reporting (e.g. traffic sources, accesses, etc....)
  • Contact management (e.g. user segmentation & CRM)
  • Landing Pages and Contact Forms

Our registration service allows visitors to our website to learn more about our company, download content and provide their contact information and other demographic information.


This information and the contents of our website are stored on servers of our software partner HubSpot. They can be used by us to contact visitors to our website and to determine which services of our company are of interest to them. All information we collect is subject to this privacy policy. We use all collected information exclusively to optimize our marketing.

HubSpot is a software company based in the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, phone: +353 1 5187500. HubSpot is certified under the conditions of the "EU - U.S. Privacy Shield Framework" and is subject to the TRUSTe 's Privacy Seal and the "U.S. - Swiss Safe Harbor" Framework.



XI. Use of the Mobile Applications


This Privacy Policy also applies to the use of Mobile Applications.

You have the option to use the Mobile Applications as a Web App or as a Native App. The mobile applications use the stored data, as soon as you use your camera, microphone or media galleries, as part of the application. Mobile applications also capture data such as the manufacturer, model, and operating system of your mobile device. The app does not access the location data of your mobile device.

When using the HYPE Native App, personal data such as the name of the creator of a comment or an idea is sent via push-messages through Google Firebase. Google Firebase stores and processes the data within the framework of the GDPR. In this respect, the data protection agreements of Google Firebase (https://firebase.google.com/support/privacy/) apply.



XII. Web analysis by Google Analytics


1. Scope of personal data processing

Our website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA., hereinafter referred to as "Google". Google also uses cookies (see Cookies for details). If individual pages of our website are accessed, the following data is stored:

  • Two bytes of the IP address of the user's requesting system
  • The web page requested
  • The website from which the user has accessed the website (referrer)
  • The sub-pages that are called up from the called up web page
  • The time spent on the website
  • The frequency with which the website is accessed
    This data is transmitted to Google.


Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for us, and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties as required by law or if said third parties process this data on behalf of Google.

For further information on data usage by Google, setting and objection options, please see the Google website: https://policies.google.com/technologies/partner-sites?hl=en ("How Google uses information from sites or apps that use our services“), https://adssettings.google.com/authenticated ("Use of data for promotional purposes"), ("Manage information Google uses to show you advertising").



2. Legal basis for processing personal data

The legal basis for processing the personal data of users is Art. 6 para. 1 lit f. GDPR.



3. Purpose of the data processing

The processing of users' personal data enables us to analyze the surfing behavior of our users. We are in a position to compile information about the use of the individual components of our website by evaluating the data obtained. This helps us to continuously improve our website and its user-friendliness. For these purposes, our legitimate interest also lies in the processing of personal data pursuant to Art. 6 para. 1 lit f. GDPR. By anonymizing the IP address, users' interest in protecting their personal data is sufficiently taken into account.



4. Duration of storage

The data will be deleted as soon as it is no longer needed for our recording purposes. Automatic deletion takes place after 14 months at the latest.



5. Objection and removal option

You can prevent the installation of Google Analytics cookies by setting your browser software accordingly; however, we point out that in this case, you may not be able to fully use all functions of our website.

Google also offers a deactivation add-on for the most popular browsers, giving you more control over what information Google collects about the websites you visit. The add-on informs Google Analytics' JavaScript (ga.js) that no information about the website visit should be transmitted to Google Analytics. However, the deactivation add-on for browsers from Google Analytics does not prevent information from being transmitted to us or to other web analytics services that we may use. For more information on installing the browser add-on, see Link.


6. Google Analytics

When using our website, the operator has the option of using Google Analytics. As a result, the information generated by the cookie about the use of the website by the user is transferred to a Google server in the USA and stored there. The personal data will be transferred to the USA under the EU-US Privacy Shield on the basis of the European Commission's adequacy decision.

The operator can use a browser plug-in at http://tools.google.com/dlpage/gaoptout?hl=de to decide for himself whether he wants to use tracking and withdraw his consent at any time with effect for the future. The user is given the option of IP anonymization. In the event of activation of IP anonymization on the Website, its IP address will be previously shortened by Google within Member States of the European Union or in other Contracting States to the Agreement on the European Economic Area. We would like to point out that on this website Google Analytics has been extended to include IP anonymization in order to guarantee anonymous collection of IP addresses (so-called IP masking). The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google. On behalf of the operator of the website, Google will use the information obtained to evaluate the use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the Internet. This enables the operator to assign data, sessions and interactions across several devices to a pseudonymous user ID and thus to analyze the activities of a user across all devices.



XIII. Rights of the data subject


If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights


1. Right to information

You may request confirmation from us as to whether personal information concerning you is processed by us.

If such processing is taking place, you can request to be informed by the data controller regarding the following information:

  • the purposes for processing the personal data;
  • the categories of personal data being processed;
  • the recipients or categories of recipients to whom your personal data has been or will be disclosed;
  • the planned storage duration of your personal data or, if specific information in that regard is not possible, criteria for determining the storage period;
  • the existence of a right of rectification or deletion of your personal data or of a restriction on processing by the data controller or of a right to oppose such processing;
  • the existence of a right of appeal to a supervisory authority;
  • any available information on the origin of the data if the personal data has not been collected from the person concerned;
  • the existence of automated decision-making, including profiling, in accordance with Article 22 Para. 1 and 4, GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the person concerned.


You have the right to request information regarding whether your personal information will be transmitted to a third-party country or an international organization. In this respect, you can request the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transmission.



2. The right of rectification

You have a right of rectification and/or completion with respect to the responsible party if the personal data processed concerning you is incorrect or incomplete. The controller shall make the correction immediately.



3. The right to limitation of processing

Under the following conditions, you may request that the processing of personal data concerning you be restricted if:

  • you contest the accuracy of your personal data for a period that enables the controller to verify the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
  • the controller no longer needs the personal data for the purposes of processing, but it is required by you for the establishment, exercise or defense of legal claims or
  • you have objected to processing pursuant to Art. 21 Para. 1 GDPR pending the verification whether the legitimate grounds of the controller override your reasons.


Where processing of the personal data that concerns you has been restricted, such data – apart from being stored – may be processed only with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on the grounds of an important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, we will inform you before the restriction has been lifted.



4. Right to deletion

a) Deletion obligation

You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

  • The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
  • You withdraw your consent on which the processing is based according to Art. 6 Para. 1 lit. a or Art. 9 Para. 2 (a) GDPR, and where there is no other legal ground for the processing.
  • You object pursuant to Art. 21 Para. 1 GDPR, you object to the processing and there are no overriding justifiable reasons for the processing or Art. 21 Para. 2 GDPR to the processing;
  • The personal data has been unlawfully processed.
  • The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • The personal data concerning you has been collected in relation to services offered by information society services according to Art. 8 Para. 1, GDPR.


b) Passing information to third parties

If we have passed on the personal data concerning you to third parties and we are obliged to erasure pursuant to Art. 17, Para. 1 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you as the data subject have requested the erasure of all links to this personal data or of copies or replications of this personal data.


c) Exceptions

The right to deletion does not exist insofar as the processing is necessary:

  • To exercise the right of freedom of expression and information;
  • To fulfill a legal obligation required for processing under the law of the Union or of the Member States to which we are subject;
  • To assert, exercise or defend legal claims.


5. Right to information

If you have exercised your right to have the responsible party correct, delete or limit the processing, this party is obliged to inform all recipients to whom the personal data that concerns you has been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort.

It is your right to be informed regarding such recipients.



6. Right to data portability

You have the right to obtain your personal data, which you have provided to the controller, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, insofar as:

  • The processing is based on consent pursuant to Art. 6 Para. 1 lit. a, GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract pursuant to Art. 6 Para. 1 (b) GDPR and
    the processing is carried out using automated methods.
  • In exercising this right, you also have the right to request that the personal data concerning you be transferred directly by us to another person responsible, insofar as this is technically feasible. This must not affect the freedoms and rights of other persons.


The right to data portability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the responsible party.



7. Right to object

You have the right, for reasons arising from your specific situation, to object to the processing of personal data concerning you at any time, which is carried out in accordance with Art. 6 para. 1 lit. e or f GDPR, including profiling based on those provisions;


In this case, we will no longer process the personal data concerning you, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms, or the processing is for the purpose of asserting, exercising or defending legal claims.

If the personal data that concerns you is being processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data that concerns you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing.

If you object to processing that is for direct marketing purposes, the personal data that concerns you will no longer be processed for these purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.



8. The right to revoke the data protection declaration of consent

You have the right at any time to revoke your data protection declaration of consent. The withdrawal of consent shall not affect the lawfulness of processing taking place on the basis of this consent before its revocation.



9. The right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or where the infringement is suspected if you believe that the processing of personal data that concerns you is in contravention of GDPR.

The supervisory authority with which the appeal has been lodged shall inform the appellant of the status and results of the appeal, including the possibility of a judicial remedy under Art. 78 GDPR.

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Helga Block, P.O. Box 20 04 44, 40102 Düsseldorf or Kavalleriestrasse 2-4, 40213 Düsseldorf, Phone: +49 (0)211/384 24-0, Fax: +49(0)211/384 24-10, Email: poststelle@ldi.nrw.de Homepage: https://www.ldi.nrw.de.

 

Privacy Settings