Data Protection
1. Introduction
Thank you for visiting our website candis.io. The protection and security of our customers' and users' data is important to us. We have therefore designed our website and our business processes in such a way that as little personal data as possible is collected or processed. The following privacy statement explains what information we collect during your visit to our website and what parts of this information are used, if any, and how. Below, you are welcome to read in detail how we handle your personal data.
Candis takes the protection of your personal data very seriously and strictly adheres to the rules of the data protection laws of the Federal Republic of Germany, the Telemedia Act and the data protection regulations of the European Union. CANDIS obligates its employees to comply with the data protection requirements of the DSGVO.
The following statement also provides you with an overview of how Candis ensures this protection and what type of data is collected for what purpose.
For all questions regarding data protection, please contact the following e-mail address: datenschutz@candis.io
2. Collection of server log data
We process so-called access data (in particular your IP address) on our website for statistical evaluations for the purpose of the operation, security and technical optimization of our website. This enables us to present our website to you more effectively and to identify errors. We collect access data when you call up our website and store it in a log file (so-called log file):
Name of the accessed website,
the date and time of the retrieval,
the amount of data transferred / notification of successful retrieval,
browser type and version,
the operating system,
referrer URL,
requesting provider / your IP address
From these data you are not identifiable for us. Log data is regularly deleted in a timely manner, but at the latest after 90 days. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO.
3. Processing and use
Candis collects, processes and uses the personal data - unless expressly provided otherwise in this Privacy Policy - exclusively for the purpose of processing the contractual relationship pursuant to Art. 6(1)(b) DSGVO and for improving the user experience pursuant to Art. 6(1)(a) DSGVO and Art. 6(1)(f) DSGVO i.e. for the purpose of
Creation of an account
Verification of the customer identity
Processing of the payment
Suggesting individual suggestions for improvement that are helpful to the customer.
Personal data will be transmitted to third parties if the data subject has expressly consented to this in accordance with Art. 6 (1) sentence 1 a) DSGVO, if there is a legal requirement for the data transmission in accordance with Art. 6 (1) sentence 1 c) DSGVO, or if there is a legal requirement for the data transmission in accordance with Art. 6 (1) sentence 1 a) DSGVO. c) DSGVO a legal obligation exists, and/or this is necessary for the fulfillment of a contractual relationship with the data subject according to Art. 6 para. 1 sentence 1 letter b) DSGVO.
In other cases, personal data will not be disclosed to third parties.
4. Cookies use
On our site we use so-called "cookies". Cookies are small text files used by websites to simplify and speed up the management of your visit to our website or are necessary to allow you to use and access secure areas of the website.
Website cookies contain personal information about the customer. Cookies save the website customer from having to enter data multiple times, facilitate the transmission of specific content, and help Candis identify particularly popular areas of the website. This enables Candis, among other things, to tailor the content of its website precisely to the needs of its customer.
If the use of cookies is deactivated via the browser settings, the range of services can no longer be accessed.
Depending on where a cookie originates, a distinction can be made between so-called first-party cookies and third-party cookies:
First-Party-Cookies | Cookies that are generated and stored locally by the website operator, as the controller, or by a processor commissioned by the operator. Only the operator has access to these cookies later. |
Third-Party-Cookies | Cookies that are generated, set and accessed by third-party providers that are not acting as processors on behalf of the website operator. |
Depending on the validity period, a distinction can also be made between so-called transient and persistent cookies:
Transient Cookies | Cookies, which are automatically deleted when you close the browser. These include in particular the session cookies. |
Persistent Cookies | Cookies that remain stored on your terminal device for a specified period of time after you close the browser. |
Depending on their nature and purpose, the use of certain cookies may require the consent of the user. In this respect, cookies can be differentiated according to whether the user's consent is mandatory for their use:
Consent free Cookies | Cookies that are strictly necessary for the website operator, expressly requested by the subscriber or user, to provide this service ("Strictly Necessary Cookies").
|
Cookies requiring consent | Cookies used for all purposes other than those mentioned above.
|
Insofar as the user's consent is required, we use these cookies alone if you have given your consent in advance. When you call up our website, we display a so-called "cookie banner" in this respect, in which you can declare your consent to the use of cookies on the website by pressing a button.
Cookies that are absolutely necessary cannot be deactivated via the cookie banner on this website. However, you can generally manage and disable these cookies in your browser at any time.
This site uses different types of cookies:
Essential Cookies
| These cookies are set automatically when the website or a specific function is called up, unless you have prevented cookies from being set by means of settings in your browser. | |||
Name | Provider | Purpose | Expiration | Type |
| iw_optional_cookies_status | inwendo | Saves the selected setting of the cookie banner. | 30 Take | http Cookie |
Preference Cookies
| These cookies allow a website to remember certain information that affects how a website behaves or looks. (For example, the preferred language or the region in which a user is located). | |||
Name | Provider | Purpose | Expiration | Type |
| __cfduid | Cloudflare | Security cookie which helps Cloudflare to detect dangerous visitors on the websites and minimize blocking of legitimate users. The IP of the user is anonymized. | 30 Days | http Cookie |
We process the data collected through the use of these cookies on the basis of Article 6 Paragraph 1 Letter a) GDPR.
Statistical Cookies
| These cookies enable website operators to understand how visitors interact with websites by aggregating and reporting data anonymously. | |||
Name | Provider | Purpose | Expiration | Type |
| _gid | Google Analytics | Used to anonymously identify the user | 1 Day | http Cookie |
| Ajs_anonymous_id | Google Analytics | To record the number of users, even with recurring calls | 12 Months | http Cookie |
| ajs_user_id | Google Analytics | To record site usage, achievement of predefined events and goals, and to measure site performance and stability | 12 Months | http Cookie |
| _ga[4x] | Google Tag Manager | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 24 Months | http Cookie |
| CONSENT | Security cookies set by Google to authenticate users, prevent fraudulent use of login information and protect user data from unauthorized access. | 20 years | http Cookie | |
| DV | Google Analytics | This cookie is used to store user preferences and other information. These include in particular the preferred language, the number of search results to be displayed on the page and the decision whether or not to activate the Google SafeSearch filter. | Session | http Cookie |
| __utmzz, | Google Analytics | Parameters for using Google Analytics (can also be deactivated before accepting the cookie banner) | 6 Months | http Cookie |
| __utmzzses | Google Analytics | Parameters for using Google Analytics (can also be deactivated before accepting the cookie banner) | Session | http Cookie |
| _hjClosedSurveyInvites | Hotjar | Cookie is only set in certain cases - cookie that is created when a user interacts with an external survey link and prevents the survey invitation from appearing again. | 1 year | http Cookie |
| _hjDonePolls | Hotjar | Cookie which ensures that a Hotjar survey is not displayed again to a user who has already answered the survey. | 1 year | http Cookie |
| _hjMinimizedPolls | Hotjar | Cookie which ensures that a survey window remains minimized when the user visits a page on which it should appear. | 1 year | http Cookie |
| _hjShownFeedbackMessage | Hotjar | This cookie is set when the user first answers or minimizes a feedback window. The cookie is set so that the window remains minimized when the user visits a page in which it should be displayed. | 1 year | http Cookie |
| _hjid | Hotjar | Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to store the Hotjar user ID unique to that page in the browser. This ensures that behavior on subsequent visits to the same page can be attributed to the same user ID. | 1 year | http Cookie |
| _hjRecordingLastActivity | Hotjar | Stored in session storage, unlike cookies. This file is dropped when a recording starts and when the recording is sent through the WebSocket (thus when the user does something that Hotjar records). | Session | http Cookie |
| _hjTLDTest | Hotjar | When the Hotjar script runs, Hotjar tries to figure out the most generic cookie path, which we should use instead of the site's hostname. This is done so cookies can be shared across subdomains (if applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed. | Session | http Cookie |
| _hjUserAttributesHash | Hotjar | User attributes sent via the Hotjar detection interface are and are cached for the duration of the session to know when an attribute has changed and needs to be updated. | Session | http Cookie |
| _hjCachedUserAttributes | Hotjar | This cookie stores user properties that are sent through the Hotjar identification interface. These properties are only saved when the user interacts with the Hotjar feedback window. | Session | http Cookie |
| _hjLocalStorageTest | Hotjar | This cookie is used to check whether Hotjar can store data in local storage. This cookie is deleted immediately after use. | Session | http Cookie |
| _hjIncludedInPageviewSample | Hotjar | This cookie is set to tell Hotjar whether this visitor is included in the data sample defined by your website's pageview limit. | 30 minutes | http Cookie |
| _hjIncludedInSessionSample | Hotjar | This cookie is set to tell Hotjar whether this visitor is included in the data sample defined by your site's daily session limit. | 30 minutes | http Cookie |
| _hjAbsoluteSessionInProgress | Hotjar | This cookie is used to recognize a user's first pageview session. This is a true/false flag set by the cookie. | 30 minutes | http Cookie |
| _hjFirstSeen | Hotjar | This cookie is set to identify the first session of a new user. It stores a true/false value indicating whether Hotjar saw this user for the first time. It is used by recording filters to identify new user sessions. | Session | http Cookie |
| hjViewportId | Hotjar | This cookie stores information about the viewing settings used by the user, such as the resolution used. | Session | http Cookie |
| _hjRecordingEnabled | Hotjar | This cookie is added when a recording is started and is read when the recording engine is initialized to determine if the user is already in a recording in a given session. | Session | http Cookie |
We process the data collected through the use of these cookies on the basis of Article 6 Paragraph 1 Letter a) GDPR.
Marketing-Cookies
| Cookies used to track visitors on websites. The idea is to display ads that are important and engaging to the individual user and therefore more important to publishers and third party advertisers. | |||
Name | Provider | Purpose | Expiration | Type |
| WE | Bing | This cookie keeps track of information about how the end-user uses the website and any advertisements that the end-user saw before visiting said website. | 13 months | http Cookie |
| intercom-id-rbert73i | Intercom | To create unique anonymous identifiers | 9 months | http Cookie |
| intercom-session-rbert73i | Intercom | To detect sessions and recurring sessions | 7 days | http Cookie |
| GOES | Google Doubleclick | Cookie to store user preferences. E.g. to display individual advertising. | 2 years | http Cookie |
| fr | Cookie to enable Facebook functions on our site | 3 days | http Cookie | |
| 1P_JAR | Google Doublecklick | Used to optimize advertising by Google DoubleClick, to provide ads relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads multiple times. | 1 month | http Cookie |
| ANID | Playing out individual and relevant advertising | 6 days | http Cookie | |
| NOT | Playing out individual and relevant advertising | 6 days | http Cookie | |
| lidc | Used for routing | 1 day | http Cookie | |
| lissc | Classification pending | 12 days | http Cookie | |
| just | Saves the language setting used | Session | http Cookie | |
| UserMatchHistory | Used to track visitors across multiple websites in order to present relevant advertisements based on the visitor's preferences. | 29 days | http Cookie | |
| Visitor_id<id> | Salesforce Pardot | The visitor cookie contains a unique visitor ID and the unique identifier for your account. For example, the cookie name visitor_id12345 stores the visitor ID 1010101010. The account identifier 12345 ensures that the visitor is being tracked on the correct Pardot account. The visitor value is the visitor_id in your Pardot account. This cookie is set for visitors by the Pardot tracking code. | Up to 10 years | http Cookie |
| Visitor_id<id>hash | Salesforce Pardot | The visitor hash cookie contains the account ID and stores a unique hash. The cookie name visitor_id12345-hash stores e.g. For example, the hash is "855c3697d9979e78ac404c4ba2c66533" and the account ID is 12345. This cookie is a security measure to ensure that a malicious user cannot impersonate a Pardot visitor and access relevant prospect information. | Up to 10 years | http Cookie |
| _BEAMER_FIRST_VISIT_{product ID} | Beamer | Save the date of your first visit to the website. | 3000 days | http Cookie |
| _BEAMER_USER_ID{product ID} | Beamer | Stores a unique user ID of the user. | 300 days | http Cookie |
| _BEAMER_LAST_UPDATE_{product ID} | Beamer | Stores a timestamp for the last number of unread updates for this user. | 3000 days | http Cookie |
| _BEAMER_FILTER_BY_URL_{product ID} | Beamer | Stores whether a URL filter is available | 20 minutes | http Cookie |
| _BEAMER_DATE_{product ID} | Beamer | Stores the time the feed was last accessed. | 300 Days | http Cookie |
| _BEAMER_LAST_POST_SHOWN_{product ID} | Beamer | (Cookie is only stored if certain circumstances are met) Saves the user ID of the last post that was displayed as a teaser by Beamer | 300 days | http Cookie |
| _BEAMER_SOUND_PLAYED_{product ID} | Beamer | (Cookie is only stored if certain circumstances are met) Saves whether the notification sound was played after the last notification | 7 days | http Cookie |
| _BEAMER_LAST_PUSH_PROMPT_INTERACTION_{product ID} | Beamer | (Cookie is only stored if certain circumstances are met) Stores the date of the user's last interaction with the | 300 days | http Cookie |
| _BEAMER_NPSLAST_SHOWN_{product ID} | Beamer | (Cookie is only stored if certain circumstances are met) Saves the time at which the user satisfaction survey was last shown to the customer. | 300 days | http Cookie |
| taboola_global:user-id | Tabola | Stores a unique user ID of the user. | 1 year | http Cookie |
5. Statistical evaluation - tracking
We use tracking technology on our website to measure and evaluate our website and to be able to optimize our content. To protect our users and partners, we can also detect and defend against fraud and security risks. The legal basis for this data processing is the consent you have given us (Art. 6 Para. 1 lit. a) GDPR). To do this, we use the following products, which are provided to us by service providers:
5.1 Leadlab
We use the Leadlab service from theWiredMinds GmbH, Lindenfühlstraße 32, 70176 GmbH and its tracking pixel technology to analyze user behavior and optimize our site based on this.
In particular, the service allows us to see which companies have visited our site. We do not receive any information that directly identifies you. In connection with the use of Leadlab, cookies and tracking pixels are used, which enable a statistical analysis of the use of this website through your visits. Information - including personal information - about your visitor behavior is stored in the cookie and transmitted to Wiredminds or collected directly by Wiredminds.
The information is processed by Wiredminds using a pseudonym in a usage profile for the purpose of analysis and is anonymised as far as possible. The data obtained in this way will not be used to identify you personally without your separate consent and the data will not be combined with personal data about you as the bearer of the pseudonym.
Insofar as IP addresses are collected, they are made anonymous immediately after collection by deleting the last block of numbers.
Information on data protection at Wireminds GmbH can be found on this company's website.
The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
Wiredminds processes the data on our behalf on the basis of an order processing agreement between us and Wiredminds. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
Information on data protection at Wireminds GmbH can be found at:https://www.wiredminds.de/datenschutz/.
5.2 Pardot
This website uses the Pardot analysis tool from salesforce.com, inc, San Francisco, CA 94105, USA. We use Pardot to analyze and regularly improve the use of our website. To do this, we analyze user and click behavior on our website in order to better tailor our communication to customer needs.
The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
Pardot processes the data on our behalf based on an order processing agreement between us and Pardot. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
5.3 Segment
We use "Segment" on our website, a service provided by Segment.io, Inc., 100 California Street, Suite 700, San Francisco, CA 94111, USA (hereinafter referred to as: "Segment"). Segment stores and processes information about your user behavior on our website.
We use segments for marketing and optimization purposes, in particular to analyze the use of our website and to be able to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behavior, we can improve our offer and make it more interesting for you as a user. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
Segment processes the data on our behalf on the basis of an order processing contractbetween us and segment. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
Further information from the third-party provider on data protection can be found on the following website:https://segment.com/docs/legal/privacy/.
5.4 Google Analytics
We use Google Analytics, web analytics services provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4 Ireland ("Google").
The protection of your data is important to us, which is why we have also added the "anonymizeIp" configuration parameter to Google Analytics. Your IP address is only recorded in abbreviated form by the code. We therefore process your personal usage data in Google Analytics anonymously. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.
The IP address transmitted by the user's browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; In addition, users can prevent the data generated by the cookie and related to their use of the online offer being collected by Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Otherwise, your data will only be processed in a pseudonymised form, as explained in more detail below. It is not possible for us to draw any conclusions about your person. Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and internet usage. Pseudonymous user profiles can be created from the processed data.
The cookies are stored on the basis of Article 6 (1) (a) GDPR. You can revoke your consent under the following link:
| Manage personal settings |
Google processes the data on our behalf on the basis of an order processing contract between us and Google. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
You can find more information on data use by Google, setting and objection options in Google's data protection declaration (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).
Further information on the terms of use of Google Analytics and the data protection regulations can be found at:http://www.google.com/analytics/terms/de.html or underhttps://policies.google.com/?hl=de&gl=de.
5.5 Facebook
This website uses integrated plugins from the social network Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook"). An overview of the Facebook plugins can be found here:https://developers.facebook.com/docs/plugins/.
When you visit our website, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address. If you click the Facebook "Like" button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to assign visits to our pages in each case. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or how it is used by Facebook. If you do not want Facebook to be able to associate your visit to our site with your Facebook user account, please log out of your Facebook user account.
Facebook remarketing tags are integrated on our website. When you visit our pages, a direct connection is established between your browser and the Facebook server via the remarketing tags. Facebook receives the information that you have visited our site with your IP address. This allows Facebook to assign visits to our pages in each case. We can use the information obtained in this way to display Facebook Ads.
The cookies are stored on the basis of Article 6 (1) (a) GDPR. You can revoke your consent under the following link:
| Manage personal settings |
Information on how to contact Facebook, how to set up advertisements and the data usage guidelines is available under the following link:http://de-de.facebook.com/about/privacy.
5.6 Intercom
On our website we use "Intercom", a service of Intercom, Inc., 55 Second Street, Suite 400, San Francisco, CA 94105, USA (hereinafter referred to as: "Intercom"). Intercom stores and processes information about your user behavior on our website to enable easier support via the built-in chat function.
We use Intercom for marketing and optimization purposes, in particular to analyze the use of our website and to be able to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behavior, we can improve our offer and make it more interesting for you as a user. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
Intercom processes the data on our behalf on the basis of an order processing contractbetween us and intercom. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
Further information from the third-party provider on data protection can be found on the following website:https://www.intercom.com/legal/terms-and-policies.
5.7 Optimizely
We use the “Optimizely” software, a web analysis service provided by Optimizely, Inc., ("Optimizely") on our website. Optimizely is provided by Optimizely GmbH, Spichernstrasse 6, 50672 Cologne, Germany.
The program allows us to create different versions of a page (A/B tests) and direct the users of our website to different pages. By statistically evaluating user behavior, we can improve our offer and make it more interesting for you as a user. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
In addition, you can deactivate Optimizely tracking at any time and thus prevent Optimizely from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Optimizely by following the instructions onhttps://www.optimizely.com/legal/opt-out/ consequences.
Optimizely processes the data on our behalf on the basis of an order processing contract between us and Optimizely. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
For more information about how Optimizely processes your data, visit https://www.optimizely.com/privacy/.
5.8 Bing Ads
On our website we use technologies from "Bing Ads", a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter referred to as: "Microsoft").
Bing Ads collects and stores data from which usage profiles are created using pseudonyms. Bing Ads enables us to track user activities on our website, insofar as the users have reached our website via ads from Bing Ads. If you access our website via such an ad, a cookie will be set on your end device. This enables us and Microsoft to understand that a user clicked on a Bing Ads ad and was redirected to our website. Microsoft and we can also understand that the user has reached a predetermined target page, a so-called conversion page. We only learn the total number of users who clicked on a Bing Ads ad and were then redirected to the conversion page.
The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. In addition, Microsoft may be able to use so-called cross-device tracking to track your usage behavior across several end devices you use. This allows Microsoft to show you personalized advertising on Microsoft websites and in apps provided by Microsoft.
We use Bing Ads for marketing and optimization purposes, in particular to analyze the use of our website and to be able to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behavior, we can improve our offer and make it more interesting for you as a user. This is also our legitimate interest in the processing of the above data by the third-party provider. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
Microsoft processes the data on our behalf based on an order processing agreement between us and Microsoft. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
You can find more information about the analysis services of Bing Ads at:https://help.bingads.microsoft.com/#apex/3/de/53056/2.
5.9 OptinMonster
We use the “OptinMonster” software on our website, a service provided by Retyp, LLC., 5127, NW 24th Dr, Gainesville, Florida, 32605, OptinMonster stores and processes information about your user behavior on our website.
The program enables us to include pop-ups and other opt-ins (such as floating bars) on our website. The data is only collected through an active action by the customer (e.g. the customer registers for the newsletter via a pop-up). OptinMonster does not store the collected data on its own servers, but forwards it directly to Candis. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
OptinMonster processes the data on our behalf on the basis of an order processing agreement between us and OptinMonster. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
Details on how Optinmonster handles the customer's personal data are described in more detail in Optinmonster's data protection information (https://optinmonster.com/privacy/).
5.10 Beamer
We use the “Beamer” software on our website, a service provided by Joincube, Inc..
We use Beamer to notify our users of important changes, news, and updates, as well as to collect user feedback on our latest updates. Beamer uses cookies and other technologies to collect data about the behavior of our users and their devices (in particular the IP address of the device (is only recorded and stored in an anonymous form), the device type (unique device identifier), browser information, geographic location). (country only), the preferred language in which our website is displayed). Beamer stores this information in a pseudonymised user profile. Neither Beamer nor we will ever use this information to identify individual users or to match it with other data about an individual user. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
Beamer processes the data on our behalf on the basis of an order processing contract between us and Beamer. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
You can find more information about projectors at:https://www.getbeamer.com/privacy-policy/
5.11 Hotjar
We use the “Hotjar” software on our website, a service provided by Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta.
We use Hotjar to better understand the needs of our users and to optimize the offer and experience on this website. Hotjar's technology gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click, what they like and don't like, etc.) and this helps us tailor our offering to our users' feedback to align Hotjar works with cookies and other technologies to collect data about the behavior of our users and their end devices, in particular the IP address of the device (is only recorded and stored in anonymous form while you are using the website), screen size, device type (unique device identifiers). ), information about the browser used, location (country only), preferred language for viewing our website. Hotjar stores this information on our behalf in a pseudonymised user profile. Hotjar is contractually prohibited from selling the data collected on our behalf. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
| Manage personal settings |
For more information see the 'about Hotjar' section on Hotjar's help page:https://help.hotjar.com/hc/en-us/categories/115001323967-About-Hotjar
5.12 Taboola
We use the “Taboola” software on our website, a service provided by Taboola, Inc., 16 Madison Square West,
7th Floor, New York, New York 10010.
Our website uses Taboola technology. Taboola uses cookies to determine what content you use and which of our pages you visit if you have arrived at our website by clicking on a Taboola advertisement.
This procedure is used to evaluate the effectiveness of the advertisements for statistical and market research purposes and can help to optimize future advertising measures. These usage profiles do not allow any conclusions to be drawn about your person and are anonymous to us. We process this data on the basis of your consent in accordance with Article 6 (1) (a) GDPR.
You can object to your consent at any time with effect for the future. Please use the following link for this:
Manage personal settings
For more information on Taboola, visit: https://www.taboola.com/policies/privacy-policyIn addition, Taboola has created a way to permanently deactivate the processing of your data (opt-out):https://www.taboola.com/policies/privacy-policy#user-choices-and-opting-out
5.13 Ethn.io
On our website we use technologies from "Ethn.io", a service of Ethn.io, Inc., 6121 Sunset Blvd., Los Angeles California 90028, USA (hereinafter referred to as: "Ethn.io").
With the help of Ethn.io, we carry out individual surveys on user behavior and satisfaction on a voluntary basis. A transfer takes place via the servers of Ethn.io. By evaluating the surveys, we can improve our offer and fix errors faster, thus making our software better and more interesting for you as a user. This is also our legitimate interest in the processing of the above data by the third-party provider. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
Wehave concluded standard contractual clauses with Ethn.io in accordance with Art. 46 Para. II Letter c) GDPR,in order to be able to guarantee the perception and enforceability of the rights of our users and the level of protection of their data. In individual cases, processing can take place on the basis of Article 49 (1) (a) GDPR. We would like to point out that we select our third-party services as carefully as possible, but due to the current legal situation with service providers in the USA there is a residual risk of evaluation by American authorities.
You can find more information about data processing by Ethn.io at:https://ethn.io/privacy.
5.14 VWO
We use the “VWO” software on our website, a service provided by Wingify Software Pvt Ltd., Schellinggase 3/10, 1010 Vienna, Austria.
We use VWO to better understand the needs of our users and to optimize the offer and experience on this website. Using VWO's technology, we get a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and don't like, etc.) and this helps us to tailor our offer to our users' feedback to align The program allows us to create different versions of a page (A/B testing) and direct users to different pages for testing purposes of our website. By statistically evaluating user behavior, we can improve our offer and make it more interesting for you as a user. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.
VWO processes the data on our behalf on the basis of an order processing contract between us and VWO. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
More information can be found on VWO's help page:https://vwo.com/de/compliance/gdpr/
6. Voluntary Participation in Research / Surveys & Interviews
The following section only applies to you if you participate in our research programme. We are constantly working to improve Candis and need your feedback to do so. For this reason, we conduct user interviews, surveys and other measures to obtain evaluable feedback for us. In the following paragraphs, we would like to explain to you which tools we use for this purpose and how these tools process data.
6.1 Typeform
On our website, we offer the opportunity to contact us and participate in surveys. For this purpose, we use Typeform, a plugin from the provider: TYPEFORM SL C/Bac de Roda, 163 (Local), 08018 - Barcelona, Spain.
We store the information you provide in the TYPEFORM form, including the data you enter there, in order to be able to process your enquiry and in the event of follow-up questions. This data remains with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. , as soon as the appointment has taken place). Relevant legal provisions - in particular retention periods - remain unaffected by this.
We have also agreed a "Data Processing Addendum" with TYPEFORM. This is a contract in which TYPEFORM undertakes to protect our users' data, not to pass it on to third parties and to process it on our behalf in accordance with data protection regulations.
When you visit one of our Typeform-equipped pages, a connection to Typeform's servers is established. In the process, the Typeform server is informed which of our pages you have visited. Typeform also obtains your IP address.
The use of Typeform is based on your consent in accordance with Art. 6 Para. 1 lit. a) DSGVO.
We have concluded an order processing agreement with Typeform. This ensures that Typeform only uses the user data within the framework of the EU data protection standards exclusively for processing the requests and does not pass them on to third parties.
For more information, please see Typeform's privacy policy: https://admin.typeform.com/to/dwk6gt/.
6.2 Calendly
We use the tool calendly, a service of Calendly, LLC, 1315 Peachtree St NE, Atlanta, GA 30309, USA, to arrange appointments in a simple, fast and uncomplicated way. Calendly is used for uncomplicated appointment finding for existing and new customers.
When using the tool, you will be asked to provide personal data such as your name, e-mail address and telephone number. You also have the option of presenting your request and providing us with further information. If you use the tool, your details from the enquiry form, including the information you provide there, will be saved and, of course, transmitted on the Internet. The processing of the data entered takes place exclusively on Basis of your consent (Art. 6 para. 1 lit. a DSGVO).
This privacy policy and the provider's privacy policy apply to the handling of data collected through the use of Calendly. We have an order with Calendly You can find the data protection declaration of Calendly at: https://calendly.com/pages/privacy
7. Social media
We maintain online presences within social networks and video services in order to communicate with the users who are active there and to offer information about us there. However, when you visit our site, no direct connection is established between your browser and the servers of the respective social networks. The data will only be forwarded after you have checked the privacy settingsagree to the data transfer with a click.This tool does not automatically transfer user data to the operators of these platforms.
For a detailed description of the respective forms of processing and the possibility of objection, we refer to the data protection declarations and information provided by the operators of the respective networks.
7.1 LinkedIn
Our website uses the "share function" of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. If you click the LinkedIn "button", you will be forwarded to your user account in a separate browser window - provided you are logged into your LinkedIn user account. The plug-in establishes a direct connection between your browser and the LinkedIn server. LinkedIn receives the information that you have visited our website with your IP address. In addition, LinkedIn will then be able to assign your visit to our website to you and your user account. We point out that we have no knowledge of the content of the transmitted (personal) data and their use by LinkedIn.
The legal basis for the collection and processing of your personal data carried out for us by LinkedIn for the aforementioned statistical purposes is Article 6 Paragraph 1 Clause 1 Letter a) GDPR. You can find more information on this in LinkedIn's privacy policy at:https://www.linkedin.com/legal/privacy-policy.
7.2 Facebook (Fanpage)
We operate a so-called "fan page" on Facebook to provide information about topics related to our software. This is an offer from Facebook Ireland Ltd ("Facebook"), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We have agreed to the terms of commercial use of Facebook.
If you visit our fan page on Facebook, Facebook uses our fan page cookie on your end device and collects so-called "insights data" about the use of our fan page:
Information about your visit to our Facebook fan page (your IP address, last visited website, file name, URL)
Information about your Facebook interactions regarding our content ("likes")
If necessary, your comments will be saved, together with a time stamp
These Facebook cookies each have a unique cookie ID. On the basis of the data processing carried out by Facebook, we receive anonymous statistical data from the fan page visitors from Facebook, in accordance with our joint responsibility in accordance with Article 26 GDPR. At no time during your visit to our fan page is it possible for us to identify you personally using the insights function and the statistics provided by it.
The legal basis for the collection and processing of your personal data carried out for us by Facebook for the aforementioned statistical purposes is Article 6 Paragraph 1 Clause 1 Letter a) GDPR.
Only Facebook knows when and in what form Facebook corrects, stores or deletes your personal data. We have no influence on this. Since Facebook, as the provider of the fan page and the Facebook Insights tool, carries out the collection and evaluation of personal data required for our statistics, Facebook can also use this data to establish a personal reference. Facebook can also transfer data to the USA.
Information on how to contact Facebook, how to set up advertisements and the data usage guidelines is available under the following link:http://de-de.facebook.com/about/privacy.
You can find more information about our shared responsibility with Facebook at:https://www.facebook.com/legal/terms/page_controller_addendum.
7.3 Wistia
Our website uses plugins from the Wistia video portal, a service provided by Wistia Inc., 120 Brookline Street, Cambridge, Massachusetts, 02139 USA.
We use Wistia in connection with the "extended data protection mode" function to be able to show you videos. The legal basis is Article 6 Paragraph 1 Letter a) GDPR.
This page uses the two-click solution for this. This ensures that direct contact between the networks and users is only established when you actually start a video. This tool does not automatically transfer user data to the operators of these platforms.
Without this "two-click solution", a connection to the Wistia server in the USA will be established as soon as you access one of our websites on which a Wistia video is embedded. This connection is required in order to be able to display the respective video on our website via your Internet browser. In the course of this, Wistia will record and process at least your IP address, the date and time and the website you have visited.
Wistia tracks how you interact with the videos on this site: how much of a video you play, where in a video you pause or rewind, etc. In some media, we pause the media and ask you to provide your email address or provide your name. You are not required to provide this information, but we reserve the right to restrict certain media to identified users. Wistia aggregates the information collected through the media, including names and email addresses, and makes it available to us. Apart from providing us with this data, Wistia does not sell or make available the data collected by our media to third parties.
Wistia processes the data on our behalf on the basis of an order processing contract between us and Beamer. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.
Further information on handling user data can be found in Wistia's data protection declaration at:https://wistia.com/support/account-and-billing/privacy-and-data-protection#cookies.
8. Newsletter
You can subscribe to our newsletter on our website to receive information. We only process the information you provide us voluntarily to send the newsletter. Our legal basis for processing is your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.
8.1 Salesforce E-Mail Studio
The newsletter is sent using "eMail Studio", a newsletter sending platform from the cloud provider Salesforce (salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany).
The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on the Salesforce servers. Salesforce uses this information to send and evaluate the newsletter on our behalf.
According to its own information, Salesforce can also use this data to optimize or improve its own services, e.g. for the technical optimization of the dispatch and presentation of the newsletter or for statistical purposes in order to determine from which countries the recipients come. This data is used in pseudonymous form, i.e. without assignment to a user. However, Salesforce does not use the data of our newsletter recipients to write to them themselves or to pass them on to third parties.
The legal basis for this type of data processing is your consent, Article 6(1)(a) GDPR, e.g. B. as part of subscribing to the newsletter or registering on our website. You can object to the sending of newsletters and mailings by Salesforce at any time with effect for the future by clicking on the unsubscribe link in the respective e-mail. If you e.g. B. unsubscribe from your newsletter, your data will be deleted as far as possible.
Salesforce processes the data on our behalf (Article 28 GDPR). You can view the data protection regulations of the shipping service provider here:https://www.salesforce.com/de/company/privacy/.
9. Your data subject rights
With regard to the data processing listed here, you have various data subject rights, which are regulated in the DSGVO.
Right to information
First of all, you have the right to obtain information about your data transmitted to us and processed by us (Article 15 GDPR).
Right to rectification, erasure and restriction
In addition, you can request the correction (Art. 16 GDPR), deletion (Art. 17 GDPR) and restriction (Art. 18 GDPR) of your data.
Right to data portability and right to object
You also have a right to data portability (Article 20 GDPR) and a right to object (Article 21 GDPR).
Right to Complaint
Without prejudice to any other administrative or judicial remedy, you also have the right to lodge a complaint with a data protection supervisory authority. You can contact the data protection supervisory authority of your usual place of residence or our company headquarters. The address of the supervisory authority responsible for us is:
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219
10969 Berlin
Phone: 030 13889-0
E-mail:mailbox@datenschutz-berlin.de
10. Responsible / data protection officer
If you have any further questions, e.g. about data that we have stored about you, please do not hesitate to contact us.
Candis GmbH
Friedrichsstraße 200
10117 Berlin
Represented by:
Managing directors: Christian Ritosek
Contact:
Phone: 030 346 556 100
E-mail:info@candis.io
Our data protection officer is Mr. Ali Schakari, LL.M. Bitkom Servicegesellschaft mbH, Albrechtstrasse 10, 10117 Berlin. You can contact him directly at the email addressdatenschutz@bitkom-consult.de ordatenschutz@candis.ioto reach.
11. Status and update of this data protection declaration
This privacy policy is dated 24. Februrary, 2023.
Candis reserves the right to change this data protection policy at any time, taking into account currently applicable data protection regulations.