AIMEND | Privacy Policy

Privacy Policy

This privacy policy (hereinafter “Privacy Policy”) informs you about the type, scope and purpose of the processing of personal data (hereinafter also referred to as “data”) within our website and the associated websites, functions and contents as well as external websites, e.g. our social media profile (hereinafter jointly referred to as "website"). With regard to the terms used, such as "personal data" or their "processing", we refer to the definitions in article 4 of the General Data Protection Regulation (GDPR). We ask you to inform yourself regularly about the contents of our data protection declaration. We will adapt this Newsletter Privacy Policy as soon as changes in the data processing make this necessary.
We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

Controller
‍
‍The controller in the sense of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:
‍
Sarah Shakir
Aimend U G
Köpenicker Straße 147
10997 Berlin
Germany
Phone: +49 (0) 30 823 40 15
eMail: privacypolicy@aimend.de
website: www.aimend.de
‍
Questions, comments and requests regarding this privacy policy are welcomed by mail at the relevant address specified below.
‍
You may contact Aimend's Data Protection Officer by email at privacypolicy@aimend.de.
‍
The use of published contact details for marketing purposes is prohibited; offenders sending unwanted spam messages are expressly disclaimed. We expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam e-mails.

‍1. General Notes Legal basis for the processing of personal data

‍ In accordance with article 13 GDPR, we inform you of the legal basis of our data collection. If the legal basis is not mentioned in the Privacy Policy, the following applies: The legal basis for obtaining consents is article 6 para. 1 lit. a and article 7 GDPR, the legal basis for processing the performance of our services and the implementation of contractual measures as well as responding to requests is article 6 para. 1 lit. b GDPR (this also applies to processing that is necessary prior to entering into a contract), the legal basis for processing for compliance with a legal obligation is article 6 para. 1 lit. c GDPR, and the legal basis for processing for the purpose of our legitimate interests is article 6 para. 1 lit. f GDPR.

Processing of Personal Data

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this Privacy Policy. We only process personal data of our visitors and users if this is necessary to provide a functional website as well as our contents and services. The processing of personal data of our users takes place only after user’s consent. An exception applies in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.

Information we may collect from you

‍When you use the Site or contact us by e-mail, social media, SMS, telephone, or other methods, we may collect and process the following data about you: Information you give us, including: - Forms filled out by you on the Site; - Content of correspondence with us by phone, e-mail or otherwise; - Site registration; - Subscriptions or orders placed on the Site; - Participation in discussion boards or other social media functions on the Site; - Entering a competition, promotion or survey; - If applicable, resume, work history, CV, resume or other job application information; - Reporting a problem or requesting support for the Site. The personal data of the person concerned will be erased or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if EU regulations, laws or other provisions by the European or national legislator to which the person responsible is subject are applicable. The data will also be erased or blocked if a storage period prescribed by the aforementioned laws expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

‍Security of processing
‍
‍We take appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with article 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. The measures include in particular safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability and its separation Furthermore, we consider the protection of personal data during the development or selection of hardware, software and procedures, in accordance with the principle of data protection by technology design and by default (article 25 GDPR). The security measures include in particular the encrypted transmission of data between your browser and the server. For security reasons and to protect the transmission of confidential content, such as requests you send to us, our website uses SSL encryption. You can recognize an encrypted connection by the fact that the browsers address line changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

‍Transfers to third countries

We only process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third-party services or disclosure or transfer of data to third parties on the basis of the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or leave the data in a third country only if the special requirements of article 44 et seqq. GDPR are applicable. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognised determination of a data protection level corresponding to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").
‍

Orders

Collection, processing, and transfer of personal data in orders. When you submit an order we only collect and use your personal data insofar as this is necessary for the fulfilment and handling of your order as well as processing of your queries. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of Article 6(1) b) GDPR and is required for the fulfilment of a contract with you. Your data is transferred here for example to the shipping companies and dropshipping providers, payment service providers, service providers for handling the order and IT service providers that you have selected. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.

Shipping
‍
We forward your email address to the shipping company in the course of contractual processing, if you have explicitly agreed to this in the order process. The forwarding is for the purpose of informing you by email on the shipping status of your order. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us or the transport company without affecting the legality of the processing carried out with your consent up to the withdrawal.

Cooperation with processors and third parties

If we disclose data to other persons and companies (processors or third parties) within the scope of our processing, transmit them or otherwise grant them access to the data, this shall only take place on the basis of a legal permission, if you have consented, if there is a legal obligation or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties with the processing of data on the basis of a so-called "order processing contract" we do this on the basis of article 28 GDPR.

Rights of the Data Subject

You have the right to request confirmation as to whether the personal data (hereinafter also referred to as “data”) are being processed and to access information about these data as well as further information and a copy of the data in accordance with article 15 GDPR. In accordance with article 16 GDPR, you have the right to request the completion of data concerning you or the rectification of inaccurate personal data concerning you. In accordance with article 17 GDPR, you have the right to demand that the relevant data be erased immediately or, alternatively, to obtain a restriction of processing the data in accordance with article 18 GDPR. You have the right to receive the data you have provided to us in accordance with article 20 GDPR and to request its transmission to another controller. In accordance with article 77 GDPR, you also have the right to lodge a complaint with a supervisory authority.

Right of withdrawal

You have the right to revoke consents granted pursuant to article 7 para. 3 GDPR with effect for the future.

Right of objection

You can object to the future processing of the data concerning you in accordance with article 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.

Erasure of personal data

The data processed by us will be erased or their processing restricted in accordance with articles 17 and 18 GDPR. Unless expressly stated in this Privacy Policy, the data stored by us will be erased as soon as it is no longer required for its intended purpose and the erasure does not conflict with any statutory obligations. If the data are not erased as they are necessary for other legally permissible purposes, their processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial law or tax reasons. In accordance with statutory requirements, the records are kept in particular for 6 years in accordance with § 257 (1) HGB (German Commercial Code) (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 (1) AO (German Fiscal Code) (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).

‍Links to third party sites

Our Site, our newsletters and other communications may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.

2. Data collection on our website Server Log Files

Every time you visit our website, our system automatically collects data and information in so-called server log files, which your browser automatically transmits to us. The following data is collected:a) Information about the browser type and version usedb) The user's operating systemc) The IP address of the userd) The date and time of accesse) Websites from which the user's system reaches our website These data are not combined with other data sources. The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this the IP address of the user must remain stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. Our purpose and our legitimate interest in data processing are based on article 6 para. 1 lit. f GDPR. An evaluation of the data for marketing purposes does not take place in this context. The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For data collected for providing the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment to a particular client is no longer possible. The collection of data for providing the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no right to object with regard to the user.

‍Cookies

The websites partly use so-called cookies. Cookies serve to make our website more user-friendly, effective and secure. Some elements of our website require that the browser can be identified even after a page change. Cookies are small text files that are stored on your computer and saved by your browser. These cookies contain a characteristic character string that enables a unique identification of the browser when the website is called up again. Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit our website. You can configure your browser in such a way that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. Cookies that have already been saved can be deleted at any time. When cookies are deactivated, the functionality of this website may be limited. The following data is stored and transmitted in the cookies:
‍
a) Log-in information
‍
b) Layout Cookies
‍
c) Search terms (Blog).

The user data collected by technically necessary cookies are not used to create user profiles. The legal basis for the processing of personal data using technically necessary cookies is artilce 6 para. 1 lit. f GDPR. For these purposes, our legitimate interest also lies in the processing of personal data in accordance with article 6 para. 1 lit. f GDPR. We also use cookies on our website which enable an analysis of the user's surfing behaviour. In this way, the following data can be transmitted: a) Language settingsb) Search terms enteredc) Frequency of page viewsd) Use of website functions Those user data collected is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to a specific user. The data will not be stored together with other personal data of the users. When visiting our website, users are informed by an information banner about the use of cookies for analytical purposes and are referred to this Privacy Policy. In this context, there is also a note on how the storage of cookies can be prevented in the browser settings. Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimize our offer. The legal basis for the processing of personal data using cookies for analytical purposes is article 6 para. 1 lit. a GDPR.

Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.
Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

‍3. Website Analysis Services

‍On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our website within the meaning of artice 6 para. 1 lit. f. GDPR) Google Analytics, a web analysis service of Google LLC ("Google"). The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. We have concluded a commissioned data processing contract with Google and fully implement the strict requirements of the German data protection authorities for the use of Google Analytics. Google uses cookies. The information generated by the cookies about the use of the website by the users is generally transferred to a Google server in the USA and stored there. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). Google will use this information on our behalf to analyse the use of our website by users, to compile reports on the activities within this website and to provide us with further services connected with the use of this website and the internet. Pseudonymous user profiles can be created from the processed data. We use Google Analytics only with IP anonymization enabled. This means that Google will shorten the IP address of users within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases the full IP address is transmitted to a Google server in the USA and shortened there. The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the website and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en. Further information on data use by Google, possible settings and objections can be found on Google's websites: https://www.google.com/intl/de/policies/privacy/partners ("Data use by Google when using our partners' websites or apps"), https://policies.google.com/technologies/ads (Data use for advertising purposes), https://adssettings.google.com/authenticated (Manage information that Google uses to show you advertising).

Google Ads conversion tracking
‍
Our website uses the online marketing programme “Google Ads”, including conversion tracking. Google conversion tracking is a service operated by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the data controller responsible for your data if you have your habitual residence in the European Economic Area or Switzerland. Google Ireland Limited is therefore the company affiliated with Google which is responsible for processing your data and for compliance with applicable data protection laws.
If you click on adverts placed by Google, a cookie is placed on your computer for conversion tracking. These cookies have limited validity, do not contain any personal data and thus cannot be used for personal identification. If you visit certain pages on our website and the cookie has not yet expired, we and Google can recognise that you have clicked on the advert and were forwarded to this page. Every Google Ads customer receives a separate cookie. Therefore, it is not possible to track cookies relating to the websites of AdWords customers. The information collected using the conversion cookie serves the purpose of producing conversion statistics. This allows us to find out the total number of users who have clicked on our adverts and were forwarded to a page equipped with a conversion tracking tag. However, they do not receive any information with which could be used to personally identify users. You can prevent the storage of cookies by choosing corresponding technical settings in your internet browser. We would, however, like to point out that this may prevent you from making full use of all the functions of this website. You will then not be included in the conversion tracking statistics.You can also deactivate personalised advertising in Google’s advertising settings. You can find an introduction to this at https://support.google.com/ads/answer/2662922?hl=en You can also deactivate the use of cookies by third parties by calling up the Network Advertising Initiative deactivation page at https://www.networkadvertising.org/choices/ and following the opt-out instructions.You will find more information as well as Google’s data protection declaration at: https://www.google.de/policies/privacy/

‍4. Online presence in social media

‍We have social networking sites and platforms to communicate with customers, prospects and users and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the privacy policy of the respective operators apply. Unless otherwise stated in our Privacy Policy, we will process the data of users who communicate with us within social networks and platforms, e.g. write articles on our websites or send us messages.

‍Social Plugins
‍
‍Within our website and based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of article 6 para. 1 lit. f. GDPR) we use content or services from third parties in order to integrate their content and services, e.g. videos (hereinafter collectively referred to as "content") into our website. This always requires that the third party providers of this content obtain the IP address of the users, as they otherwise would not be able to send the content to the users' browsers. The IP address is therefore required for displaying the content. We do our best to use only those contents whose respective providers use the IP address only for the delivery of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. "Pixel tags" can be used to evaluate information such as visitor traffic on the pages of the particular website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our website, and may also be linked to such information from other sources.

‍Facebook
‍
‍Our website includes plugins from the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. You can identify the Facebook plugins by the Facebook logo on our page. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). When you visit our website, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the contents of our website on your Facebook profile. This allows Facebook to associate the visit to our website with your user account. Please note that we, as the provider of the website, have no knowledge of the content of the data transmitted or of their use by Facebook. For more information, please see Facebook's Privacy Policy at https://de-de.facebook.com/policy.php. If you do not want Facebook to be able to link your visit of our website with your Facebook account, please log out of your Facebook account and delete your cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

Use of Facebook remarketing
‍
Our website uses the remarketing function “Custom Audiences” by Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA; “Facebook”).This function serves to address the visitor to the website with interest-related advertising on the social network Facebook. We have implemented Facebook’s remarketing tag on our website for this purpose. This tag sets up a direct connection to Facebook’s servers when you visit our website. This informs the Facebook server which of our web pages you have visited. Facebook assigns this information to your personal Facebook user account. When you visit the social network Facebook you will then be shown personalised, interest-related Facebook ads. Your data may also be transmitted to the USA. Following the US-EU Data Protection Agreement, Facebook has become “Privacy Shield“ certified and is therefore obliged to observe European data protection laws. You can deactivate the remarketing function “Custom Audiences” here. You can find more detailed information on Facebook’s collection and use of data, your associated rights and options for protecting your privacy in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

‍YouTube

‍Our website includes plugins of the service of YouTube, belonging to Google Inc, located in San Bruno/California, USA. As soon as you visit pages of our website that contain a YouTube plugin, a connection to the YouTube servers is established. The Youtube server will be informed which specific page of our website you have visited. If you are logged-in to your YouTube account, you would allow YouTube to associate your internet surfing behaviour directly with your personal profile. Further information on YouTube's collection and use of your data can be found in the privacy policy at https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated. If you do not want YouTube to be able to link your visit to our website with your YouTube account, please log out of your YouTube account.

‍5. Newsletter/ Contact / Evaluations

‍You can subscribe to our newsletter here. Please see our separate newsletter Privacy Policy here.

‍Collection and processing when using the contact form When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact. By submitting your message you agree to the processing of your transmitted data. Processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent.You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.
Data collection when you post a comment When you comment on an article or a contribution, we collect your personal data (name, email address, comment text) only in the scope provided by you. The processing serves to allow you to comment and to display comments. By submitting the comment you agree to the processing of the transmitted data. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. You personal data will then be deleted.
On publication of your comment the name and email address you have entered will be published.

On submission of your comment your IP address will also be saved in order to prevent misuse of the comment function and to ensure the security of our IT systems. By submitting the comment you agree to the processing of the transmitted data. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your IP address will then be deleted.

Use of your email address for mailing of newsletters.
We use your email address outside of contractual processing exclusively to send you a newsletter for our own marketing purposes, if you have explicitly agreed to this.
The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent.
You can withdraw your consent at any time without affecting the legality of the processing carried out with your consent up to the withdrawal.

You can unsubscribe from the newsletter at any time using the relevant link in the newsletter or by contacting us.

Your email address will then be removed from the distributor.
‍
Your data will be forwarded to a service provider for email marketing in the course of order processing. It will not be forwarded to other third parties.

Your data will be transferred to a third country, which is covered by an adequacy decision by the European Commission.Use of your email address for mailing of direct marketing We use your email address, which we obtained in the course of selling a good or service, for the electronic transmission of marketing for our own goods or services which are similar to those you have already purchased from us, unless you have objected to this use. You must provide your email address in order to conclude a contract. Failure to provide it will prevent the conclusion of any contract. The processing will be carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in direct marketing. You can object to this use of your email address at any time by contacting us. You will find the contact details for exercising your right to object in our imprint. You can also use the link provided in the marketing email. This will not involve any costs other than transmission costs at basic tariffs.

‍6. Payment Provider

Payment service providers

Use of PayPal
All PayPal transaction are covered by the PayPal Data Privacy Statement. You can find this at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=en

Use of Stripe
All other transactions are covered by the Stripe Data Privacy Statement. You can find this at
https://support.stripe.com/questions/privacy-and-security-of-personal-information-submitted-to-stripe
‍

‍7. California Online Privacy Protection Act

‍CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf According to CalOPPA, we agree to the following:Users can visit our site anonymously.Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above. You will be notified of any Privacy Policy changes:• Via EmailCan change your personal information:• By emailing us How does our site handle Do Not Track signals?We don’t honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don’t honor them because:there is no consistent industry understanding of how to respond to Do Not Track signals, we do not alter our data collection and usage practices when we detect such a signal from your browser. Does our site allow third-party behavioral tracking?It’s also important to note that we allow third-party behavioral tracking

‍8. COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13 years old.