Privacy Policy (Datenschutzerklärung)
Last updated: 23 July 2024
Introduction and Overview
We have drafted this privacy policy (as of December 2024) to explain to you in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (short data) we as controllers – and the processors commissioned by us (e.g. providers) – process, will process in the future, and what legal options you have. The terms used are to be understood as gender-neutral.
Scope of Application
This privacy policy applies to all personal data processed by us in the company and for all personal data processed by companies commissioned by us (processors). By personal data, we mean information in the sense of Art. 4 No. 1 GDPR, such as the name, email address, and postal address of a person. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:
all online presences (websites) that we operate
social media appearances and email communication
mobile apps for smartphones and other devices
In short: The privacy policy applies to all areas in which personal data is processed in an organized manner via the mentioned channels in the company. If we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.
We only process your data if at least one of the following conditions applies:
Consent (Article 6 paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered in a contact form.
Contract (Article 6 paragraph 1 lit. b GDPR): To fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase contract with you, we need personal information in advance.
Legal Obligation (Article 6 paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes. These usually contain personal data.
Legitimate Interests (Article 6 paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For instance, we need to process certain data to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.
Data Retention Period
We will only store personal data as long as it is absolutely necessary for providing our services and products. This is a general criterion for us. This means that we will delete personal data as soon as the reason for data processing no longer exists. In some cases, we are legally obliged to retain certain data even after the original purpose has ceased, for example, for accounting purposes.
If you wish for your data to be deleted or wish to revoke your consent to data processing, the data will be deleted as quickly as possible, provided that there is no obligation to retain.
Your Rights under the General Data Protection Regulation
In accordance with Articles 13, 14 of GDPR, we inform you about the following rights that you have to ensure fair and transparent processing of data:
You have the right under Article 15 GDPR to request information about whether we process data about you. If this is the case, you have the right to obtain a copy of the data and learn the following information:
the purpose for which we carry out the processing;
the categories, i.e. the types of data that are processed;
who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
how long the data will be stored;
the existence of the right to rectification, deletion or restriction of processing and the right to object to processing;
that you can lodge a complaint with a supervisory authority (links to these authorities are found below);
the source of the data if we have not collected it from you;
whether profiling is conducted, i.e. whether data is evaluated automatically to create a personal profile of you.
You have the right under Article 16 GDPR to have data rectified, which means that we must correct data if you find errors.
You have the right under Article 17 GDPR to request deletion (“right to be forgotten”), which specifically means that you may demand the deletion of your data.
You have the right under Article 18 GDPR to restrict processing, which means that we may only store the data but not further use it.
You have the right under Article 20 GDPR to data portability, which means we will provide your data to you in a common format upon request.
You have the right under Article 21 GDPR to object, which may lead to a change in processing after enforcement.
If the processing of your data is based on Article 6 (1) lit e (public interest, exercise of public authority) or Article 6 (1) lit f (legitimate interest), you may object to the processing. We will then examine as quickly as possible whether we can legally comply with this objection.
If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may not use your data for direct marketing thereafter.
If data is used for profiling purposes, you can object to this type of data processing at any time. We may not use your data for profiling thereafter.
You have the right under Article 22 GDPR under certain circumstances not to be subjected to a decision based solely on automated processing (for example, profiling).
You have the right under Article 77 GDPR to lodge a complaint. This means you can complain to the data protection authority at any time if you believe that the processing of personal data violates GDPR.
Whose data do we process and in what way?
Visitors to our website
This section applies as far as we operate a website.
If you visit a website operated by us, we will process some of your personal data in connection with this visit.
In this section, we inform you about how we process your personal data.
Categories of processed data and purposes of data processing
During your visit to this website, we will automatically collect the following personal data about you:
The date and time of accessing a page on our website;
Your IP address (in shortened form, so that no unique association is possible);
Technical information such as name and version of your web browser, internet provider, device and screen resolution
Source (URL) of your visit (i.e. which website or advertisement brought you to us)
Orders including sales and ordered products
The achievement of "website goals" (e.g. contact requests and newsletter registrations)
Your behavior on the pages (for example clicks, scroll behavior, and dwell time)
Your approximate location (country and city)
certain cookies (see below)
Furthermore, we may ask you to enter personal data, such as your name and email address, on our website in order to provide you with certain services.
There is no obligation to provide the data we ask for on our website. However, if you do not do so, you may not be able to utilize all functionalities of the website.
We process your data for the following purposes:
to make this website available to you and to continually improve and develop this website;
to create usage statistics;
to display personalized page suggestions;
to detect, prevent and investigate attacks on our website;
to possibly provide members with a user account on our website and
to contact users via email.
Legal bases of processing
We process your personal data based on:
Art. 6 para. 1 lit. a GDPR (Consent): You give us consent to store your data and use it for purposes related to business;
Art. 6 para. 1 lit. b GDPR (Contract): It is necessary for the fulfillment of a contract with you or a processor such as your telephone provider or we need to process the data for pre-contractual activities, such as the preparation of an offer;
our legitimate interest according to Art. 6 para. 1 lit. f GDPR, which consists of making our website user-friendly and protecting our website from attacks.
Data Retention Period
We will generally store your data for a period of three months. Longer storage will only occur as required to investigate identified attacks on our website, and additionally only until the expiry of relevant limitation periods, legal retention periods, or any litigation where the data is needed as evidence.
Cookies (general)
Our website uses so-called cookies. A cookie is a small file that can be stored on your computer when you visit a website. In principle, cookies are used to provide users with additional functionalities on a website. For example, they can be used to facilitate navigation on a website, allow you to continue using a website from where you left off and/or save your preferences and settings when you revisit the website. Cookies cannot access, read, or modify any other data on your computer.
Many cookies on our website are called session cookies. They are automatically deleted when you leave our website. However, persistent cookies remain on your computer until you manually delete them in your browser. We use such persistent cookies to recognize you the next time you visit our website.
If you want to control cookies on your computer, you can choose your browser settings so that you receive a notification when a website wants to store cookies. You can also block or delete cookies if they have already been stored on your computer. If you would like to know how to carry out these steps, please use the "Help" function in your browser. For a user-friendly handling, we also use a so-called "cookie management tool" that allows you to manage the setting of cookies even more easily. Please note that blocking or deleting cookies may affect your online experience and prevent you from fully using this website.
We also use cookies to display personalized page suggestions. No IP numbers are stored in this process. The following data are collected during the visit to the website: internal ID of the accessed page, attributes of the accessed page, categories of the accessed page. This data is not transmitted to anyone.
Google Tag Manager
We use Google Tag Manager on our pages. The Google Tag Manager is an application that allows us to deploy small code elements (tags) on our pages based on custom rules. Such tags can be used, for example, to measure visitor behavior (Google Analytics).
The Tag Manager itself does not write cookies and does not collect personal data but can deploy tags that collect such data.
The foundation for the cookie consent tool offered on our pages is the use of the Google Tag Manager, which interprets the settings made by the visitor and subsequently deploys tags on the page or not.
Google Analytics
Our website uses functions of the web analytics service Google Analytics, offered by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (“Google”). Google Analytics uses cookies to help us analyze how you use this website.
The information generated by such a cookie about your use of this website (including your IP address and the URLs of the pages you accessed as well as the attributes of the webpages) will be transmitted to Google servers in the USA and stored there.
The data obtained in this process are used to optimize our website and advertising measures.
Our website uses the IP anonymization feature provided by Google Analytics. Therefore, your IP address will be shortened/anonymized by Google as soon as Google receives your IP address. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide us with additional services related to website usage and internet usage. The IP address transmitted by your browser in the context of Google Analytics will not be merged with other data by Google.
You can prevent the collection of your data by Google Analytics on this website through our “cookie management tool” (link “cookie settings” at the bottom of the page) (an opt-out cookie will be set, which prevents future collection of your data when visiting this website).
» Further information on the terms of use of Google as well as Google's privacy policy
1.7.1 Cookies used by Google Analytics
CookieValidityPurposeStorage Duration_ga1st PartyContains a randomly generated user ID, which allows Google Analytics to recognize returning visitors on our websites and consolidate them with data from previous visits.2 years_gid1st PartyContains a randomly generated user ID, which allows Google Analytics to recognize returning visitors on our websites and consolidate them with data from previous visits.24 h_gat1st PartyCertain data is sent to Google Analytics only once a minute. The cookie has a lifespan of one minute. As long as it is set, certain data transmissions are blocked.1 Min_dc_gtm_xxx1st PartyCertain data is sent to Google Analytics only once a minute. The cookie has a lifespan of one minute. As long as it is set, certain data transmissions are blocked.1 MinIDEdoubleclick.net3rd PartyContains a randomly generated user ID. This ID allows Google to recognize the user across multiple websites and display personalized advertising.1 year
Google Ads
We use Google Ads conversion tracking to measure the success of our advertising measures. After certain goal achievements on our website (“conversions”) – such as the completion of an order or signing up for our newsletter – this achievement is recorded by Google. Google can thereby measure the number of goal achievements. Moreover, Google will allocate which ads were clicked beforehand based on previously set cookies and were therefore crucial for achieving the goal. Google processes this data on servers in the USA but will not associate it with personal data from your Google account.
1.8.1 Cookies used by Google Ads
CookieValidityPurposeStorage DurationTest_cookiedoubleclick.net
3rd PartySet for testing to check whether the browser permits the setting of cookies. Contains no identifying features.15 MinIDEdoubleclick.net
3rd PartyContains a randomly generated user ID. This ID allows Google to recognize the user across multiple websites and display personalized advertising.1 year
Facebook
1.9.1 Facebook Page
If you visit our Facebook page, personal data (documentation of usage behavior) will be processed via cookies from Facebook. From this information, anonymized, statistical data on page activity will be generated and automatically provided to us (Insights). We are jointly responsible with Facebook for this data processing according to Article 26 of the General Data Protection Regulation, based on our legitimate interests. Without processing this data, our presence and optimization of our offering on Facebook would not be possible. You can find more information on the Facebook information page.
1.9.2 Plugins
Plugins from Facebook that we use store personal data from visitors to our website according to Facebook's data usage guidelines. This also applies to users who are not logged in or are not members of Facebook. For more information, please see the privacy policy of Facebook.
1.9.3 Facebook Pixel
We partially use the “pixel” from Facebook on our websites as well. This allows us to track the behavior of users after they have clicked an ad on Facebook. This way, we evaluate ads for statistical and market research purposes and optimize future advertising measures.
Another benefit is to recognize whether and which interactions on the website (e.g. downloads) have been performed
(see Event Tracking).
This function also serves to present visitors to this website with targeted advertisements on the social network Facebook (“Facebook-Ads”) (see Custom Audiences). For this purpose, Facebook pixel has been implemented on our website. When visiting the website, a direct connection to Facebook servers is established via Facebook pixel. Information is transmitted to the Facebook server indicating that you have visited this website, and Facebook assigns this information to your personal Facebook user account.
We do not receive any personal data in this process. At the same time, the data is also stored and processed by Facebook itself, making it possible for Facebook to link to the respective Facebook user profile. Facebook can use this data for its own advertising purposes following Facebook's data usage policy. The consent for this falls under Facebook and is beyond our influence. For more information regarding the collection and use of data by Facebook, as well as your rights and options for protecting your privacy, please refer to Facebook's privacy notice.
1.9.4 Cookies used by Facebook Pixel
CookieValidityPurposeStorage Duration_fbp1st PartyUsed to display a range of advertising products.6 monthsactfacebook.com
3rd PartyContains a timestamp of when the user logged into Facebook.Sessiondprfacebook.com
3rd PartyNo further information about the use is known.1 weekwdfacebook.com
3rd PartyStores the dimensions of the browser window and is used to optimize page rendering.1 weekspinfacebook.com
3rd PartyNo further information about the use is known.1 dayxsfacebook.com
3rd PartyContains various session information of the user3 monthsc_userfacebook.com
3rd PartyContains user ID of the currently logged-in user.3 monthspresencefacebook.com
3rd PartyContains chat status of the user (e.g. whether chat tabs are open)Sessionsbfacebook.com
3rd PartyContains information about the browser.2 yearslocalefacebook.com
3rd PartyContains information about the display area scheme1 weekdatrfacebook.com
3rd PartyUsed for identifying the web browser2 yearsfrfacebook.com
3rd PartyUsed to display a range of advertising products.3 months
1.10 LinkedIn Pixel
We partially also use the LinkedIn Insight Tag on our websites. The LinkedIn Insight Tag uses browser cookies to collect data on our websites, including page activities, URL, referrer URL, IP address, device and browser properties, and timestamps, if the user is an active LinkedIn member. The IP addresses are shortened or hashed. This allows us to track the behavior of users after they have clicked an advert on LinkedIn. We evaluate ads for statistical and market research purposes and optimize future advertising measures. See also the cookie policy of LinkedIn.
1.10.1 Cookies used by LinkedIn Pixel
CookieValidityPurposeStorage DurationUserMatchHistory3rd PartyMeasurement of advertising performance in LinkedIn advertising.30 daysli_sugr3rd PartyContains browser ID3 monthsli-oatml3rd PartyLinkedIn member identification for conversion tracking, retargeting, analytics1 monthli_fat_id1st PartyLinkedIn member identification for conversion tracking, retargeting, analytics1 monthU3rd PartyBrowser detection3 monthsbcookie3rd PartyIdentification of browser ID1 yearbscookie3rd PartyIdentification of a secure browser ID1 year
2. Our Customers
As far as the provider (Ads By You) can access personal data of the customer or from their area, they will operate solely as a processor and process and use this data only for the purpose of fulfilling the contract. The provider will adhere to the customer's instructions regarding the handling of this data. The customer bears any adverse consequences of such instructions for the fulfillment of the contract.
The customer acknowledges, understands, and irrevocably agrees that the provider may use the customer data transmitted to the price comparison platform or collected by the provider on an anonymized basis for any purpose and may process and use it.
The provider processes personal data of the customer necessary for accessing the Google Content API for Shopping. In principle, personal data of the customer will not be shared with third parties. Data typically retained by the provider includes:
Email addresses and access to shop data, expressed in the following scopes:
(i) “googleapis(dot)com/auth/userinfo.profile”
(ii) “googleapis(dot)com/auth/userinfo.email”
(iii) “googleapis(dot)com/auth/content”
The customer remains the controller both in the contractual relationship in general and in the data protection legal sense. If the customer processes personal data (including collection and use) in connection with the contract, they ensure that they are entitled to do so according to applicable data protection regulations and releases the provider from claims from third parties in the event of a breach.
For the relationship between the provider and the customer: The customer bears responsibility for processing (including collection and use) personal data in relation to the affected person, unless the provider must represent any claims of the affected person due to a breach of duty attributable to them. The customer will responsibly review, handle, and respond to any inquiries, requests, and claims from the affected person. This applies even in cases where the provider is approached by the affected person.
VI. International Data Transfers
Some of the recipients mentioned above may be located outside Austria or the EU or may process your personal data there. The level of data protection in other countries may not correspond to that of Austria. However, we will only transmit your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we will take measures to ensure that all recipients have an adequate level of data protection. For this purpose, we conclude standard contractual clauses (2010/87/EC and/or 2004/915/EC). The agreements concluded are available upon request.
VII. Contact Details of the Controller
If you have any questions regarding data protection or the processing of personal data, you can find the contact details of the responsible person or entity below:
AdsByYou OG
Peter Pick
Email: hi@labelup.io
Imprint: labelup.io/impressum
__________
All texts are copyright protected.
Source: Created with the Privacy Generator from AdSimple