§1 - Data Protection at Sentryc
Data protection is of paramount importance to us at Sentryc GmbH.
As a company in the field of media monitoring and legal prosecution, it is essential for us and our customers that the provisions of the General Data Protection Regulation (GDPR) and the respective national data protection laws are compliant within our work.
With this privacy statement, we want to inform you, our customers, and the public as to the legal basis upon which and in what way, to what extent and for what purpose we as the responsible body process personal data, and what rights you have as data subject when you visit and use our website and services.
§2 - Data Controller
Responsible according to Article 4 No. 7 GDPR and other national data protection laws of the member states is:
§3 - Scope of the processing of personal and other data
We collect and use your personal data only to the extent necessary for the provision of a functioning website and our services.
Personal data are available data pertaining to you in person as our customer or third parties, such as name, e-mail, address, user behaviour and IP address.
The processing of personal data takes place exclusively on a statutory basis and, insofar as no such laws exist for specific processing, with your consent as data subject.
In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are examined on a regular basis.
§4 - Scope of the processing of personal data in the case of an informational visit to our website
In the case of merely informational use of our website, we only collect the personal data that your browser transfers to our server. We collect the following data, which are technically necessary for us to display our website to you as a (potential) customer and to ensure its stability and security:
- The IP address;
- The date and time of your query;
- Access status/HTTP status code;
- Each data volume transferred;
- The website from which the request comes;
- The browser used by you;
- Your operating system;
- Language and version of the browser software.
Such data is not stored with other personal data pertaining to the user.
The legal basis for the above processing is Article 6(1) lit. f GDPR. Our legitimate interests arise from the purposes of the data collection listed above. We do not under any circumstances use the data collected for the purpose of drawing conclusions regarding your person.
§5 - Scope of the processing of personal data when registering for our services
In the case of registration on our website, the data recognisable from the input mask are collected and processed for our own purposes. In this regard, we collect the following data for the execution of the contract to be concluded with you as a customer:
- First name and surname;
- The e-mail address of the registered person;
- A password for login;
- The IP address;
- The date and time of registration.
In the event that a registered user logs in, the following data are collected for the execution of the contract concluded with the user:
- The user name = e-mail address of the registered person;
- The password of the registered person;
- The IP address;
- The date and time of the login.
Such data is not stored with other personal data relating to the user.
The legal basis for the above processing is Article 6(1) lit. b GDPR.
§6 - Scope of the processing of personal data when contacting us
6.1 In the case of a contact request on our website, the data recognisable from the input mask of the contact form are collected and processed for our own purposes. In this context, in order to process your request we collect the following data:
- Your first and last name;
- Your e-mail address;
- Other personal data submitted by you;
- IP address;
- The date and time of your request.
In the case of contact via the e-mail address stated on our website, your e-mail address and further personal data provided by you are stored and processed in order to respond to your request.
Such data is not stored with other personal data pertaining to the user.
The legal basis for the above processing is Article 6(1) lit. f GDPR. Our legitimate interests arise from the processing of the chat message sent to us by you.
§8 - Web Analytics and Tracking Services
For the purpose of needs-oriented design and ongoing optimisation of our website, we use Google Analytics, a web analytics service provided by Google, Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter „Google“).
Because IP anonymisation (IP masking) is activated on this website, your IP address is first truncated by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area.
On behalf of us as the operator of this website, Google shall use this information to evaluate your use of the website, compile reports on website activities and provide further services relating to website activity and Internet usage for the website operator. Google shall not combine the IP address transmitted from your browser within the context of Google Analytics with other data. The information may be forwarded to third parties, provided that law requires this or insofar as such third parties process the information on a contract basis.
The storage of Google Analytics cookies is carried out on the basis of Article 6(1) lit. f GDPR. We as a website operator have a legitimate interest in the analysis of user behaviour in order to optimise both our offer as well as its advertising.
§9 - Google AdWords
In addition, we use Google AdWords. AdWords is an online advertising program of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
In the context of Google AdWords, we use so-called conversion tracking. If you click on an advertisement from Google, a cookie is set for conversion tracking. Cookies are small text files, which the Internet browser places on the user’s computer. These cookies expire after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can see that the user clicked on the advertisement and was redirected to this page.
Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information obtained using the conversion cookie are used to create conversion statistics for AdWords customers who have opted for conversion tracking. The customers learn the total number of users who clicked on their advertisement and were forwarded to a page with a conversion tracking tag. However, they do not receive any information that can identify users personally. If you do not wish to participate in tracking, you can object to such use simply by deactivating the Google conversion-tracking cookie in your Internet browser under user settings. You will subsequently not be included in the conversion tracking statistics.
The storage of conversion cookies is carried out on the basis of Article 6(1) lit. f GDPR. We as a website operator have a legitimate interest in the analysis of user behaviour in order to optimise both our offer as well as its advertising.
§10 - Hotjar
We use Hotjar to understand the specific needs of our users and to optimize the offers on our website. Hotjar's technology helps us to better understand our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and dislike, etc.) and helps us tailor our offerings to our users' feedback.
You may opt out of Hotjar's storage of a user profile and information about your visit to our website and Hotjar's use of tracking cookies on other websites by clicking this opt-out link.
§11 - Online Presences in Social Media
SENTRYC maintains online presences on social networks and platforms in order to be able to communicate with customers, interested parties and users and to inform them about our services. These are the following social networks and platforms:
The legal basis for data processing when visiting our online presences in social media is Article 6(1) lit. f GDPR, whereby our legitimate interest is to optimise our services and advertising and to offer users more opportunities for communication and interaction with each other and us. If the users are asked by the providers of the platforms for their consent to the aforementioned data processing, the legal basis of the processing is Article 6(1) lit. a GDPR., Article 7 GDPR.
For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the linked information of the relevant providers.
In the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can undertake corresponding measures and give information directly. Should you require help nonetheless, you can contact us.
§12 - Booking of Services
If you would like to book a service on our website (e.g. a workshop or a seminar), it is necessary for the conclusion of a contract that you provide your personal data, which we need for the processing of your booking. Mandatory information, required for the processing of contracts, is marked separately. Further information is voluntary. We process the data provided by you in order to process your order. For this purpose, we can forward your payment data to our house bank. The legal basis for this is Article 6(1) lit. b GDPR.
We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. However, after two years we will restrict the processing, i.e. your data will only be used to comply with legal obligations.
§13 - Client Management
After establishing contact with us (via contact form or e-mail), we process the data of our users and customers to process the contact request in accordance with Article 6(1) lit. f GDPR, whereby our legitimate interest lies in the possibility of processing your contact request.
User data can be stored and processed in our customer relationship management system ("CRM") or comparable systems. We use this system to improve our websites and services and to improve customer care and development.
The currently used CRM system is operated and offered by Zoho Corporation, 4141 Hacienda Drive, Pleasanton, CA 94588, USA.
The data transmitted to Zoho is only used for establishing contact and will only be further used for this purpose. Zoho is certified under the US-EU data protection agreement "Privacy Shield" and thus undertakes to comply with European data protection regulations.
Further information can be found on the Zoho website: https://www.zoho.eu/privacy.ht... will delete requests if they are no longer necessary. Inquiries from customers who have a customer account will be stored permanently and will be referred to the customer account details for deletion. Furthermore, the statutory archiving obligations apply.
§14 - Data Deletion and Storage Duration
The personal data of the data subject is generally deleted or disabled as soon as the purpose of storage expires.
Furthermore, storage may also occur if so required by European or national law under European Union regulations, laws or other provisions to which the Responsible Body is subject.
Blocking or deletion of data is also carried out if a storage period specified by the standards referred to expires, unless there is a need for further storage of the data in order to conclude or execute a contract.
§15 - Your Right
If your personal data are processed, you are a data subject in the sense of the GDPR and are entitled in particular to the following rights:
Right of access
- You can request confirmation from the controller as to whether data relating to you is being processed by us. In the event of such processing, you may ask the controller to provide you with the following information:
- Purposes for which the personal data are processed;
- the types of personal data processed;
- the recipients or categories of recipients to whom the personal information about you has been or will be disclosed;
- the planned duration of the storage of the personal data concerning you or, if this is not possible, criteria for determining the storage duration;
- the existence of a right to rectify or delete personal data concerning you, a right to limit the processing by the controller or a right to object to such processing; and
- the existence of a right of appeal to a supervisory authority.
- You have the right to request information as to whether the data concerning you will be transferred to a third country or to an international organisation. You may also request to be informed of the appropriate guarantees in accordance with Article 46 GDPR in connection with the transfer.
Right of rectification
You have the right to have your personal data rectified and/or completed by the controller if the data processed relating to you is inaccurate or incomplete. The controller must carry out the rectification without undue delay.
Right to limitation of processing
- You may request that the processing of data relating to you be restricted: if you dispute the veracity of the personal data concerning you for a period of time, which allows the data controller to verify the accuracy of the personal data;
- if the processing is unlawful and you object to the deletion of the data and instead request the restriction of the use of the personal data;
- if the controller no longer needs the data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
- If you have objected to the processing pursuant to Article 21(1) GDPR and it has not yet been established whether the justified reasons of the data controller outweigh your reasons.
- Where the processing of data relating to you has been restricted, such data may not be processed, with the exception of their storage, without your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or for reasons of an important public interest of the Union or of a Member State.
Right to erasure
- You may request the data controller to erase the data relating to you without undue delay and the data controller is obliged to erase this data without undue delay if one of the following reasons applies:
- The data relating to you are no longer necessary for the purposes for which they were collected.You withdraw your consent on which the processing according to Article 6(1) lit. a or Article 9(2) lit. a GDPR was based upon and there is no other legal basis for the processing.
- You object, according to Article 21(1) GDPR, against the processing and there are no prior legitimate reasons for the processing, or you insert objection against the processing according to Article 21(2) GDPR.
- The data relating to you have been processed unlawfully.
- The erasure of data relating to you is necessary in order to fulfil a legal obligation under Union law or the law of the Member States to which the data controller is subject.
- If the data controller has made the personal data concerning you public and is obliged to erase them in accordance with Article 17(1) GDPR, he shall take adequate measures to inform the person responsible for data processing that you as the data subject have requested them to erase all links to the data or copies or replications of the data. This is done taking into account the state of the art technology and implementation costs.
- The right to erasure does not exist insofar as the processing is necessary
- to exercise the right to freedom of expression and information;
- to fulfil a legal obligation, which requires the processing under the law of the Union or of the Member States to which the controller is subject or to perform a task carried out in the public interest or in the exercise of official authority vested in the controller; or
- to assert, exercise or defend legal claims.
Right of information
- If you have exercised your right to rectify, erase or limit the processing of your data against the controller, the latter is obliged to notify all recipients to whom the data have been disclosed of this rectification, erasure or limitation of the processing, unless this proves impossible or involves a disproportionate effort.
- You have the right, to be informed of these recipients by the data controller
Right to data portability
- You have the right to receive the data relating to you that you have provided to the responsible person in a structured, common and machine-readable format. In addition, you have the right to communicate this data to another controller without being hindered by the controller to whom the personal data was provided, provided that
- the processing is based on a consent in accordance with Article 6(1) lit. a GDPR or Article 9(2) lit. a GDPR or on a contract in accordance with Article 6(1) lit. b GDPR and
- processing is performed using automated procedures.
- In exercising this right, you also have the right to request that the data be transmitted directly by one data controller to another data controller, insofar as this is technically feasible. Rights of other persons must not be affected by this.
The right to data portability
shall not apply to the processing of data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Right to object
- You have the right to object at any time, for reasons related to your particular situation, to the processing of data relating to you carried out pursuant to Article 6(1) lit. e or f GDPR.
- The controller will no longer process the personal data relating to you unless he can prove that there are compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right to withdraw his or her consent
You have the right to withdraw your data protection consent at any time. The withdrawal of your consent does not affect the legality of the processing carried out based on your consent until you withdraw it.
Right to lodge a complaint with a supervisory authority
Regardless of any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State in which you reside, your place of work or the place where the alleged infringement is presumed, if you believe that the processing of your personal data is in breach of the GDPR.
We reserve the right to amend this data protection declaration from time to time so that it always complies with the current legal requirements or to implement changes to our services in the data protection declaration. Your renewed visit to our website or use of our services will then be subject to the current data protection declaration.