Compliance
We are pioneers in the field of fraud prevention. Of course, that means we also know our limits. People are never perfect. That makes us unique, lovable and – vulnerable.
As a responsible and reliable company, we want to behave in accordance with the rules at all times. If we disregard statutory regulations or internal company rules, we not only put our good reputation at risk, but also risk financial damage.
This applies not only to us, but to the entire Otto Group.
That is why everyone associated with the Otto Group – whether employees, business partners, suppliers or customers – has a responsibility to report possible compliance violations. Only with everyone’s help can we identify and counteract violations at an early stage.
Whistleblower system
Our digital whistleblower portal is a protected and secure reporting channel for all employees and for external stakeholders. The platform can be used anonymously, guaranteeing maximum protection for whistleblowers and sensitive data. Every piece of information fed into the system is checked at several stages by proven experts – so no tip-off leads to a hasty reaction or prejudgement.
Within the whistleblower system, you can decide whether your report should go to RISK IDENT’s compliance staff or be checked directly by our parent company.
You can reach our whistleblower system here:
https://www.bkms-system.com/ottogroup-speakup
Ombudsman
Alternatively, you have the option of contacting the Otto Group Ombudsman in confidence: Attorney at Law Dr. Rainer Buchert. As a lawyer, he is subject to the legally recognized duty of confidentiality and is not allowed to pass on any information to third parties without consent.
Attorney at Law Dr. Rainer Buchert
Tel: +49 69 71033330 or 06105-921355
Legal Disclosure & Data Privacy
Privacy information of Risk.Ident GmbH, Am Sandtorkai 50
20457 Hamburg, Germany for the website www.riskident.com
In the following privacy information, we inform you about the processing of personal data by Risk.Ident GmbH, Am Sandtorkai 50, 20457 Hamburg (“RiskIdent” and/or “we” and/or “controller”) in accordance with the DSGVO and the Federal Data Protection Act (BDSG 2018).
Please read our privacy information carefully. If you have any questions or comments about our privacy information, please feel free to contact us at datenschutz@riskident.com.
Table of Contents
- Name and contact details of the controller responsible for processing
- Contact details of the data protection officer
- Online presence and website optimization (using cookies) including consent
3.1. Cookies – General information and consent requirements
3.2. Intervention options / browser settings
3.3 Consent management of the provider Borlabs
3.4. Consents for the use of individual online services / the collection of tracking data
3.4.1 Essential: Technically necessary cookies (No consent required)
3.4.2. Statistics: Consent for statistics cookies
3.4.2.1 Consent for Google Analytics as “basic version”
3.4.2.2 Consent for Microsoft Bing
3.4.2.3 Consent for Mouseflow
3.4.2.4 Consent for Google Optimize
3.4.3 Marketing: Consents for marketing cookies
3.4.3.1 Consent for LinkedIn Insights Tag / LinkedInAds
3.4.3.2 Consent for Capterra Conversion Tracking
- Contacting
- Data processors
- Recipients outside the EU
- Duration of data storage
- Your rights
8.1. Your rights in detail
1. Name and contact details of the controller responsible for processing
This privacy information applies to data processing by:
Risk.Ident GmbH
Am Sandtorkai 50
20457 Hamburg
Germany
represented by the managing directors:
Felix Steinmann
Frank Heisel
for the following websites: www.riskident.com and www.onlinefraudforum.com.
2. Contact details of the data protection officer
You can reach the company’s data protection officer at:
Mr. Dr. Nils Christian Haag
E-mail: datenschutz@riskident.com
3. Online presence and website optimization (using cookies) including consents
We collect data on user behavior on this website (tracking data). This includes, among other things, which individual subpages (article detail pages) were accessed. For this purpose, cookies can be set in the browser used by the respective user, among other things. The collection of tracking data is generally only permitted if you have consented to it beforehand (§ 25 para. 1 sentence 1 TTDSG). You can give such consent by clicking the “AGREE” button in the “Cookie Banner” displayed on this website. However, consent is not required for the processing of such tracking data necessary for the provision of the website (§ 25 para. 2 no. 2 TTDSG). This includes, for example, setting cookies for the purpose of displaying the shopping cart. The information about your usage behavior can be used by us, among other things, to display interesting offers to you on our website or to advertise to you with personalized content (e.g., retargeting) on other websites. Insofar as personal data about your usage behavior on this website can also be used by other providers, e.g., for the purpose of “enriching their own information”, such use will also only take place in these cases if you have previously consented to it. In these cases, the further processing of the data collected on this website is regularly carried out in the sole responsibility of the providers. In the course of this further processing, the providers may transfer the data to the USA. The European Court of Justice has determined that the USA is a country with an insufficient level of data protection. In this context, there is a particular risk that your data will be processed by American institutions/authorities for control and monitoring purposes without you being given adequate legal recourse against this. Tracking data collected and stored by us is processed exclusively in a pseudonymized form. This prevents the data from being assigned to your person. If you wish to delete individual cookies set in your browser or find out which service providers/providers have set cookies in your browser, you can do this via a “preference manager.” One such is available, for example, at www.youronlinechoices.com. In addition, you have the option to set your browser so that it prevents the setting of cookies or only allows the setting of certain types of cookies. Details on the possibility of changing the settings of common browser types (including Google Chrome, Firefox) can be found under item 3.2. of these privacy notices.
3.1. Cookies – General information and obligation to obtain consent
This website uses cookies. Cookies are small text files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.). The cookie stores information related to the specific device used. However, this does not mean that we receive direct knowledge of your identity. Some of the cookies we use are deleted after the end of the browser session (so-called session or session cookies). These cookies allow us, for example, to offer you a cross-page shopping cart display where you can see how many items are currently in your shopping cart and the current purchase value. Other cookies remain on your computer and enable us to recognize your computer on your next visit (so-called permanent or cross-session cookies). These cookies, in particular, serve to make our offer more attractive to you. Thanks to these files, it is possible, for example, to display information on this website that is specifically tailored to your interests.
According to legal requirements, storing information on end devices (desktops, mobile phones, tablets, etc.) – e.g., by setting cookies – and retrieving information from end devices (tracking) is generally only permitted if you have given your prior consent. The legal basis for this is Section 25 (1) sentence 1 of the TTDSG. However, consent does not have to be given if such storage/retrieval is necessary for the provision of the website/app. The legal basis for this is Section 25 (2) No. 2 TTDSG. A necessity exists, for example, with regard to ensuring the following functionalities/achieving the following purposes:
– Ensuring system security
– Enabling billing of partners.
With regard to the data processing necessary for the operation of the website, you do not have the right to object.
You can use this website without data being retrieved from or stored on your end device for purposes that are not necessary for the offer of this website. For this reason, only “basic tracking” is activated when using this website – if you do not give any further consent.
3.2. Intervention options/browser settings
Of course, you can set up your browser so that it does not store our cookies on your end device. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have your browser notify you when you receive a new cookie, or how to delete all cookies you have already received and block all others.
To do this, please proceed as follows:
In Internet Explorer:
- Select “Internet Options” from the “Tools” menu.
- Click on the “Privacy” tab.
- Here you can make the security settings for the Internet zone. Here you can set whether and which cookies should be accepted or rejected.
- Confirm your setting with “OK”.
In Firefox:
- Select the “Settings” item from the “Tools” menu.
- Click on “Privacy”.
- Select “Create custom settings” from the drop-down menu.
- Now you can set whether cookies should be accepted, how long you want to keep these cookies, and add exceptions for which websites you always or never want to allow cookies.
- Confirm your setting with “OK”.
In Google Chrome:
- Click on the Chrome menu in the browser’s toolbar.
- Now select “Settings”.
- Click on “Show advanced settings”.
- Click on “Content settings” under “Privacy”.
Under “Cookies” you can make the following settings for cookies:
- Delete cookies
- Block cookies by default
- Delete cookies and website data by default when closing the browser
- • Allow exceptions for cookies from specific websites or domains
If you want to delete individual cookies set in your browser or find out which service providers/providers have set cookies in your browser, you can do this via a “preference manager”. One such manager is available at www.youronlinechoices.com.
3.3 Consent management of Borlabs provider
For managing your settings and documenting user consents for our services, we use the consent tool Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (“Borlabs”). Borlabs is used, among other things, to store cookie settings for the entire website. Borlabs stores information about the categories of cookies used by the website and whether users have given or revoked their consent for the use of individual categories. This allows us to prevent cookies in each category from being set in the user’s browser if no consent is given for individual categories. Borlabs uses cookies for information storage, which have a normal lifespan of one year, so that the settings of returning visitors are saved. The legal basis for this is Article 6 (1) c DSGVO.
3.4 Consent for the use of individual online services / the collection of tracking data
As already set out in Section 3.1 of these data protection notices, we collect and process tracking data, in some cases based on consent. You give this consent by clicking on the “ACCEPT ALL” button in a banner on the website, which links to these consent texts. By clicking on the “ACCEPT ALL” button, you give your consent for us to store data on your device (e.g., by setting cookies) or retrieve data from your device. Furthermore, by clicking on the “ACCEPT ALL” button, you consent to the use of certain advertising functionalities of third parties, the use of which requires consent. You also have the option to click on “Settings” in the banner and manage your consent preferences there. You can change your consent and preferences at any time in our consent management. The categories “Essential Cookies”, “Statistic Cookies”, and “Marketing Cookies” are differentiated there. The data processing associated with these advertising functionalities is described in the following (Section 3.4.1 to Section 3.4.3 of this Privacy Policy).
All data processing covered by the consent you give by clicking on the “ACCEPT ALL” button serves the same purpose, namely “advertising”.
Revocation of all consents
You can revoke all consents you have given by clicking on the “ACCEPT ALL” button in the banner by clicking here and selecting “REJECT ALL”.
3.4.1 Essential: Technically necessary cookies (No consent required)
3.4.2 Statistics: Consent for statistic cookies
3.4.2.1 Consent for Google Analytics as a “basic version”
For the purpose of demand-oriented design and continuous optimization of this website, we use Google Analytics based on consent. Google Analytics is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses, among other things, so-called “cookies” (text files) and similar technologies that are stored on your device and enable an analysis of your use of the website. This information is used to evaluate your use of the website and to compile reports on website activities. It is possible that Google will use the data collected about your usage behavior for its purposes or for the purposes of other Google customers. The processing of the data after their transmission by RiskIdent to Google Ireland Limited is carried out by Google as the sole data protection controller. In this context, Google Ireland Limited, as the sole data protection controller, may store data about you in the USA. The European Court of Justice has found that the USA is a country with an insufficient level of data protection. In this context, there is a particular risk that your data will be processed by American institutions/authorities for control and surveillance purposes without you having sufficient legal recourse against this. The legal basis for this data processing is Article 6 (1) a) DSGVO.
You can revoke your consent to data processing by Google Analytics at any time here in our consent management by deselecting the “Statistics” category or refusing to grant consent for the use of Google Analytics.
3.4.2.2 Consent for Microsoft Bing
Our website uses the Microsoft Bing service. The use of the service allows us to evaluate the success of advertising campaigns, and it is provided by Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521) (“Microsoft”). Upon visiting our website and granting consent, a cookie enables the collection of actions performed on the website and sends this information back to Microsoft. Microsoft stores a cookie in your browser for this purpose. This cookie records your visits and can then be used for campaign optimization. The cookie serves to uniquely identify your web browser and not your person. The legal basis for this data processing is Article 6(1)(a) DSGVO (consent). More information on Microsoft’s privacy policy can be found here. You can also assert your rights as a data subject with Microsoft (e.g., right to erasure). Microsoft processes the data collected about you on this website as the sole data controller. In this context, there is a possibility that your data will be transferred to the United States by Microsoft. The European Court of Justice has determined that the United States is a country with an insufficient level of data protection. In this context, there is a particular risk that your data may be processed by American institutions/agencies for control and monitoring purposes without adequate legal remedies available to you. The legal basis for the data processing described above is consent under Article 6(1)(a) DSGVO.
You can withdraw your consent to the described data processing by Microsoft (Bing) at any time here in our consent management by deselecting the “Statistics” category or by declining consent for the use of Microsoft Retargeting.
3.4.2.3 Consent for Mouseflow
This website uses Mouseflow, a web analytics tool from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to randomly record individual visits (only with anonymized IP address). This creates a log of mouse movements, mouse clicks, and keyboard interactions, with the intention of replaying individual visits to this website as so-called session replays, and evaluating them in the form of so-called heatmaps to derive potential improvements for this website. The storage and processing of the collected data take place within the EU.
The legal basis for this processing is Article 6(1)(a) DSGVO.
You can withdraw your consent for the use of Mouseflow at any time here in our consent management by deselecting the “Statistics” category or by declining consent for the use of Mouseflow.
3.4.2.4 Consent for Google Optimize
To improve our website, we use Google Optimize (Google Ireland Limited) in the field of A/B testing with your consent. Google Optimize allows us to increase the attractiveness, content, and functionality of our website by displaying new features and content to a percentage of our users and statistically evaluating the changes in usage. Google Optimize analyzes the use of different variants of the website, allowing us to adjust the user-friendliness according to the behavior of website users.
The legal basis for processing is consent under Article 6(1)(a) DSGVO.
You can withdraw your consent for data processing by Google Optimize at any time here in our consent management by deselecting the “Statistics” category or by declining consent for the use of Google Optimize.
3.4.3 Marketing: Consent for Marketing Cookies
3.4.3.1 Consent for LinkedIn Insights Tag / LinkedInAds
This website uses the “LinkedIn Insights Tag”, an analytics tool of the social network LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). The LinkedIn Insights Tag allows the collection of data about visits to our website, including URL, Referrer URL, IP address, device and browser properties, timestamps, and page views. This data is encrypted, pseudonymized within seven days, and the pseudonymized data is deleted within 90 days. The use of the LinkedIn Insights Tag is for the purpose of tracking the success of campaigns, displaying targeted advertising outside our website (retargeting), and gathering additional information about LinkedIn members who view our advertisements. You can find more information in LinkedIn’s privacy policy here.
The legal basis for processing personal data is Article 6(1)(a) DSGVO.
You can withdraw your consent for the use of the LinkedIn Insight Tag at any time here in our consent management by deselecting the “Marketing Cookies” category or by declining consent for the use of the LinkedIn Insight Tag.
3.4.3.2 Consent for Capterra Conversion Tracking
This website uses “Capterra Conversion Tracking”, an analytics tool of the research platform Capterra (Capterra Inc. 1201 Wilson Blvd, 9th Floor, Arlington, Va 22209, USA). The Capterra Conversion Tracking Tag allows the collection of data about visits to our website, including Referrer URL, IP address, Session ID Cookie from Capterra.com, GetApp.com, Softwareadvice.com, and timestamp. The use of Capterra Conversion Tracking is for the purpose of tracking the success of campaigns.
You can withdraw your consent for the use of Capterra Conversion Tracking at any time here in our consent management by deselecting the “Marketing Cookies” category or by declining consent for the use of the LinkedIn Insight Tag.
4. Contacting Us
You have the opportunity to contact us in several ways. By email, by phone, via contact form, or by mail. When you contact us, we use the personal data that you voluntarily provide to us solely for the purpose of contacting you and processing your request.
The legal basis for this data processing is Article 6 paragraph 1 letter a), Article 6 paragraph 1 letter b), Article 6 paragraph 1 letter c) DSGVO, and Article 6 paragraph 1 letter f) DSGVO.
5. Data Processor
Risk.Ident uses data processors within the scope of processing your data. A data processor is a natural or legal person, authority, institution, or other entity that processes personal data on behalf of the data controller. Data processors do not use the data for their own purposes, but rather carry out the data processing exclusively for the data controller.
6. Recipients outside the EU
With the exception of the processing where we inform about the possibility of transferring data to recipients located outside the EU in these privacy notices, we do not transfer your data to recipients located outside the European Union or the European Economic Area. Data transfers are based on so-called standard contractual clauses of the EU Commission.
7. Duration of Data Storage
The duration of the storage of the data collected about you depends on the purpose for which we process the data. Storage takes place as long as it is necessary to achieve the pursued purpose. If we are required by law (e.g., tax obligations) to store certain data categories for a certain period of time, the continued storage of the data after it is no longer necessary for achieving the respective purpose is carried out exclusively for the purpose of fulfilling the legal obligation. In these cases, the data is blocked for access.
Examples of storage durations:
Use of data for marketing purposes (without tracking): 3 years.
Consents: Permanent storage as long as consents are used continuously (e.g., permanent sending of email newsletters).
Tracking data: 2 years.
Data for the purpose of implementing (advertising) objections: Unlimited storage.
8. Your Rights
In connection with the processing of personal data by us, you have data subject rights. For example, you have the right to request information about the data stored about you by us. You can also revoke consents given to us and object to individual data processing. You also have the right to have incorrect data corrected and to request that we provide you with specific data in a common electronic format. Furthermore, you have the right to delete the data stored by us about you. Please note in this regard that we may be legally obliged to continue storing the data despite your request for deletion. In addition, we may have an interest in continuing to store your data that outweighs your interest in its deletion (e.g., if we still have outstanding claims against you).
8.1. Your Rights in Detail
In addition to the right to revoke your consent given to us, you have the following additional rights, provided the respective legal requirements are met:
the right to access your personal data stored by us (Article 15 DSGVO), in particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage duration, the origin of your data, if it was not collected directly from you;
the right to rectification of incorrect or completion of correct data (Article 16 DSGVO);
the right to deletion of your data stored by us (Article 17 DSGVO), insofar as no legal or contractual retention periods or other legal obligations or rights for further storage by us must be observed (e.g., if we still have outstanding claims against you);
the right to restriction of processing your data (Article 18 DSGVO), insofar as the accuracy of the data is contested by you, the processing is unlawful, but you refuse its deletion; the controller no longer needs the data, but you require it for the assertion, exercise, or defense of legal claims, or you have objected to the processing according to Article 21 DSGVO;
the right to data portability (Article 20 DSGVO), i.e., the right to receive selected data stored by us about you in a common, machine-readable format, or to request transmission to another controller;
the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
You can exercise the aforementioned rights by contacting us at datenschutz@riskident.com. You can also assert your right to data portability by contacting datenschutz@riskident.com.
You can also request information about your personal data stored by us by sending an email to datenschutz@riskident.com.
Last updated: May 2023
Data privacy of Risk.Ident GmbH
State: 17.12.20
Data protection
In the following data protection information, we inform you about the processing of personal data carried out by Risk.Ident GmbH, (“Risk.Ident” and/or “we” and/or “controller”) in accordance with the DSGVO and the German Federal Data Protection Act (BDSG).
Please read this information attentively. In case you have any questions or comments regarding the data protection information do not hesitate to contact contact@riskident.com
Content
1. Name and contact details of the responsible body
Risk.Ident GmbH, Am Sandtorkai 50, 20457 Hamburg, Deutschland
Represented by the managers Piet Mahler, Frank Heisel
Tel.: +49 40 60945 2590
E-Mail: contact@riskident.com
Website: www.riskident.com
for the following Internet pages www.riskident.com ; www.onlinefraudforum.com ; www.deviceident.com
2. Contact details of the protection officer
You can reach the responsible data protection officer at:
Herr Dr. Nils Christian Haag
Tel.: +49 (0) 40 790 235 402
E-Mail: datenschutz@riskident.com
3. Processing purposes, legal basis and legitimate interests
3.1 Use of our websites/applications
3.1.1 Log files
With every use of our websites/applications, the respective internet browser of your device will send information to the server of our website/application which will temporarily be stored in the so-called log files. The thereby stored data sets contain the following data, which will be stored until the automatic deletion: date and time of the accessing, name of the viewed website, IP address of the requesting device, referrer URL, the transferred amount of data, loading time, as well as product and version information of the respectively used browser and the name of your access provider.
The processing of the IP address is done based on Art. 6 para. 1 lit. f) DSGVO. We pursue the following legitimate interests:
- Guarantee of a smooth connection establishment,
- Ensuring comfortable use of our website/application,
- Evaluation of system security and stability.
From the information, one is not able to infer your identity and will as well not be realized by us.
The data will be stored and deleted after the achievement of the mentioned purposes. The respites for the deletion conform to respective necessities.
3.1.2 Cookies und Tracking
The website uses so-called “cookies”, tracking-tools and targeting-procedure. Which procedures exactly are meant by this and how your data will be used for this will be explained in detail subsequently.
3.2 Online presence and website optimization
3.2.1 Cookies – General information
We use cookies on various pages to make the visit to our website attractive and to enable the use of certain functions as well as to record the use of our website statistically. Cookies are small text files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone, or similar) when you visit our site. Cookies do not cause any damage to your end device, do not contain viruses, Trojans, or other malware. Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we obtain direct knowledge of your identity.
Most of the cookies we use are deleted after the browser session ends (so-called session cookies). Other cookies remain on your computer and enable us to recognize your computer the next time you visit us (so-called permanent or session-spanning cookies). These cookies in particular serve to make our offer user-friendly, more effective, and safer.
Of course, you can set up your browser so that it does not store cookies on the hard disk. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have your browser inform you when you receive a new cookie or how to delete all cookies you have already received and blocked them for all others.
In Internet Explorer
- In the “Tools” menu, select “Internet Options” – Click on the “Privacy” tab
- Now you can set the security settings for the internet zone. Here you can set whether and which cookies should be accepted or rejected
- With “OK” you confirm your attitude.
In Firefox
- In the menu “Extras” select Settings
- Click on “Privacy”
- In the drop-down menu, select “Create custom settings”
- Now you can set whether to accept cookies, how long you want to keep these cookies, and add exceptions to which sites you always or never want to allow cookies to use
- With “OK” you confirm your attitude
In Google Chrome
- Click the Chrome menu in the browser toolbar
- Now select “Settings”
- Click on “Show advanced settings”
- Under Privacy, click Content Settings
- Under “Cookies” you can make the following settings for cookies:
- Delete cookies
- Block cookies by default
- Allow cookies by default
- Delete cookies and website information by default after exiting the browser
- Allow exceptions to cookies from certain websites or domains
We point out that, in that case, you may not be able to fully use all the functions of this website.
If the cookies and/or the therein contained information are personally identifiable information, the legal basis of the data processing is Art. 6 para. 1 lit. f) DSGVO. Thereby, our interest in optimizing our website is considered to be justified in the sense of the aforementioned provision.
3.2.2 Consent Google Adwords / Remarketing
Our website uses the service of Google Adwords. Google AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use the remarketing function within the Google AdWords service. The remarketing feature allows us to serve ads based on your interests on other sites within the Google advertising network. For this purpose, your surfing behavior on our website is analyzed, e.g. which offers you have viewed. This enables us to show you on the online search engine Google itself, so-called “Google ads” and on other websites individualized advertising after your visit to our website. For this purpose, Google stores a cookie in your browser when you visit Google services or websites in the Google advertising network. This cookie records your visits. The cookie is used to uniquely identify your web browser, not to identify you personally. The legal basis for this data processing is Article 6 paragraph 1 letter a) DSGVO (consent).
You can deactivate the use of cookies by Google and thus revoke the consent you have given us for the use of the Google AdWords / Google Remarketing service by following the link below and downloading and installing the plug-in provided there: www.google.com/settings/ads/plugin.
Further information about Google Remarketing as well as Google’s privacy policy can be found at www.google.com/privacy/ads/.
3.2.3. Google Analytics as “basic version”
For the purpose of needs-based design and ongoing optimization of otto.com, we use the basic version of Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies” (text files), which are stored on your computer and which enable an analysis of your use of the website. On behalf of Risk.Ident, Google will use this information to evaluate your use of the website and to compile reports on website activity. Google processes the data collected through the use of the “basic version” of Google Analytics exclusively on the instructions of Risk.Ident and for purposes of Risk.Ident. Insofar as data collected via Google Analytics is used for advertising technologies of Google (e.g. Google Remarketing) and in this case is also processed by Google for its own purposes and/or purposes of third parties, such processing is only carried out if you have given your consent to the use of such advertising technology on riskident.com.
You can object to the collection of data by Google Analytics here.
3.2.4 Objection/opt-out possibility
In addition to the described deactivation methods, you can also generally prevent the described targeting technologies by means of a corresponding cookie setting in your browser (see also 3.2.1). You also have the option of deactivating preference-based advertising using the preference manager which can be accessed here.
3.2.5 Mouseflow
This website uses Mouseflow, a web analysis tool of Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to record randomly selected individual visits (only with anonymized IP address). This results in a protocol of mouse movements, mouse clicks and keyboard interaction, with the intention of randomly reproducing individual visits to this website as so-called session replays as well as evaluating them in the form of so-called heat maps and deriving potential improvements for this website. The storage and processing of the collected data takes place within the EU.
The legal basis for this processing is Article 6 paragraph 1 letter f) DSGVO. If you do not want Mouseflow to collect your data, you can object to it on all websites that use Mouseflow by clicking on the following link: https://mouseflow.com/opt-out/
Further information on data protection can be found at: https://mouseflow.com/de/privacy/
3.2.6 LinkedIn Insights Tag
This website uses the “LinkedIn Insights Tag”, an analysis tool of the social network LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). The LinkedIn Insights tag allows us to collect information about visits to our website, including URL, referrer URL, IP address, device and browser characteristics, timestamps and page views. This data is encrypted, pseudonymized within seven days and the pseudonymized data is deleted within 90 days. The LinkedIn Insights tag is used for the purpose of tracking the success of campaigns, playing targeted advertising outside of our website (retargeting), and to gather additional information about LinkedIn members who view our ads. Please see the LinkedIn privacy policy for more information.
The legal basis for the processing of personal data is Article 6 paragraph 1 letter f) DSGVO.
You can object to the collection of data by LinkedIn here. As a result of your objection, LinkedIn will no longer collect any data about you on riskident.com.
3.3 Google Maps Plugin
This site uses the map service Google Maps. Google Maps is a map service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
In order to use the functions of Google Maps, information, including the IP address and the address entered as part of the route function, may be transmitted to the provider’s servers. This information is usually transferred to a Google server in the USA and stored there. When you visit a website that contains Google Maps, your browser establishes a direct connection with the Google servers, whereby the map content is sent to your browser and integrated by it. The provider of this site has no influence on this data transfer. According to current knowledge, this includes the following data:
– Date and time of your visit to the website in question,
– Internet address or URL of the web page called up,
– IP address, (start) address entered during route planning
The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easy to find the places we have indicated on the website. The legal basis for this processing is Article 6 paragraph 1 letter f) DSGVO. If you do not want Google to process data via this service, you can deactivate the use of JavaScript in your browser settings. Please note that in this case the interactive map function of Google Maps cannot be used.
You can find more information on the handling of user data in Google’s privacy policy: https://www.google.en/intl/en/policies/privacy/.
3.4 Contact us
You have the possibility to get in contact with us in several ways. By e-mail, by phone, by contact form or by mail. If you contact us, we use the personal data that you voluntarily provide us with in this context solely for the purpose of contacting you and processing your request.
The legal basis for this data processing is art. 6 paragraph 1 letter a), art. 6 paragraph 1 letter b), art. 6 paragraph 1 letter c) DSGVO as well as art. 6 paragraph 1 letter f) DSGVO.
4. Recipients outside the EU
With the exception of the processing described above, we do not pass on your data to recipients based outside the European Union or the European Economic Area. The above-mentioned processing operations result in a transfer of data to the servers of the providers of tracking or targeting technologies commissioned by us. These servers are located in the USA. The data transfer is carried out on the basis of so-called standard contractual clauses of the EU Commission and according to the principles of the so-called Privacy Shield.
5. Contract processor (new to be added)
Risk.Ident uses contract processors for the processing of your data. A processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the data controller. Processors do not use the data for their own purposes, but carry out the data processing exclusively on behalf of the data controller.
6. Your Rights
In addition to your right of withdrawal of your consent you have the following further rights, if the legal requirements are met:
- the Right of access of your personal data (Art. 15 DSGVO), especially you can obtain information about the purposes of the processing, the categories of the personal data concerned, the categories of recipient to whom the personal data have been or will be disclosed, the envisaged storing period, the data source, as long as the data is not collected from you;
- the Right to rectification (Art. 16 DSGVO);
- the Right to erasure (“right to be forgotten”) (Art. 17 DSGVO), if there are no legal or contractual storage periods or other legal duties resp. rights about the on-going storage to comply with;
- the Right to restriction of processing (Art. 18 DSGVO), if the accuracy of the personal data is contested by you, the processing is unlawful, and you oppose the erasure of the personal data; the controller no longer needs the personal data, but they are required by you for the establishment, exercise or defence of legal claims;
- the Right to data portability (Art. 20 DSGVO), meaning your right to receive selected personal data in a structured, commonly used and machine-readable format and the right to transmit those data to another controller;
- the Right of appeal to the supervisory authority. According to Art. 77 DS-BER, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful. Generally, you can address your claim to the supervisory authority of your usual place of residence or work or our company headquarter.
You can claim the aforementioned rights at datenschutz@riskident.com. The right to data portability you can claim at the same address.
7. Right to object
The data subject has the right to object, on grounds relating to his or her particular situation based on Art. 21 para. 1 DSGVO.
The above general Right to object applies to all purposes of processing described in this legal disclosure, which are processed based on Art. 6 para. 1 lit. f) DSGVO. Unlike the special right of objection to data processing for advertising purposes we are, based on the DSGVO, only obliged to effectuate such a general Right to object, if you give us reasons of overriding importance (e.g. possible danger to life or health).
8. Right of withdrawal
Forasmuch we process the data based on an approval granted by you, you have the right to withdraw your approval at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.