Privacy Policy


As of November 15th 2024


SUBJECT MATTER AND SCOPE OF APPLICATION


This Privacy Policy provides information about which personal data is collected during individual processing operations and how and for what purposes this personal data is processed.


This Privacy Policy provides information about data processing when visiting the website, but also in other contexts, e.g. about the processing of data from customers, applicants and when participating in video conferences.


Your personal data will always be processed in accordance with the statutory data protection regulations and this Privacy Policy.


CONTROLLER AND DATA PROTECTION OFFICER

Controller is Team Internet AG, Liebherrstraße 22, 80538 Munich, Germany, Tel.: +49 89 416146010, E-Mail: info@teaminternet.com (hereinafter "Team Internet").


In the case of individual processing operations, the respective group company is the controller if the respective processing operation is not carried out centrally for the entire group of companies by one controller, but if the data processing is carried out locally for the respective group company. This is the case, for example, with job applications.


The data protection officer of the respective controller can be contacted at christian.schmoll@teaminternet.com.


VISITING THE WEBSITE

Hosting and Log Files


The website is hosted by a service provider based on a data processing agreement in the EU and in the USA. Our Hosting-Provider is Amazon Web Services EMEA SARL in Luxemburg.


Each time the website is accessed, the system automatically collects data and information from the computer system of the accessing end device. The following data is recorded or logged:


  • IP address of the calling computer
  • Operating system of the calling computer
  • Browser version of the calling computer
  • Name of the retrieved file/website
  • Date and time of retrieval
  • Transferred amount of data
  • Referring UR

This data is processed in order to be able to present the website, to ensure the security, availability and integrity of the website (e.g., detection and defense against DoS attacks or access by bots), to improve the quality and presentation of the website, to be able to identify and correct errors and for statistical purposes. This data is regularly deleted after 7 days.


The legal basis for this data processing is the legitimate interest of the Controller in the above-mentioned purposes.


Content Delivery Network for the Website

The website uses a Content Delivery Network (CDN) to increase the security and delivery speed of the website. A CDN is a network of distributed servers that is able to deliver optimized content to users. For this purpose, personal data can be processed in server log files of the CDN provider.


The provider acts as a data processor for us on the basis of a data processing agreement. Our CDN-Provider is Cloudfront from Amazon Web Services EMEA SARL in Luxemburg.


Since a CDN is a network of servers that are often distributed worldwide, the use of a CDN may result in the transfer of personal data to third countries that do not offer an adequate level of data protection. In this case, it is ensured that appropriate safeguards are provided for such a transfer in order to ensure an adequate level of data protection. The Controller will provide evidence of these appropriate safeguards upon request.


The legal basis for this data processing is the legitimate interest of the Controller in the above-mentioned purposes.


Your personal data will be stored by AWS for 7 days.


Cookies

Cookies are used on the website. Cookies are pieces of information that are transferred from our web server or third-party web servers to the browser of the website visitor and stored there for later retrieval. Cookies can be small files or other types of information storage. Information is stored in cookies that are generated in connection with the specific end device used. Cookies contain a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. A cookie also contains information about its origin and the storage period. However, this does not mean that the identity of the website visitor can be obtained directly from a cookie.


When you visit the website, cookies are set that are absolutely necessary for the operation of the website. These absolutely necessary cookies may, for example, be cookies that are required to display the website with a content management system, that are used to recognize language settings or that are used to document whether consent has been given to the setting of further (optional) cookies or whether such storage has been rejected. The strictly necessary cookies, including their purpose and storage or deletion period, are explained below and in the cookie banner that is displayed when the website is accessed.


Optional cookies are also used, for example, to collect additional information about the interests of visitors to the website or their usage behavior to analyze and optimize the website and customer interactions in general.


Optional cookies, including their purpose and storage or deletion period, are explained below and in the banner that is displayed when the website is accessed. Optional cookies are only set if you have expressly consented to the setting of optional cookies.


Consent Management (CCM19)

The Consent Management Platform ("CMP") CCM19 provided by Papoo Software & Media GmbH is used on the website. The provider acts as a data processor on the basis of a data processing agreement.


CCM19 is used to inform website visitors about the cookies used on the website and to request and, if necessary, document consent to the use of optional cookies. A cookie is stored for 12 month in the browser to save the consent.


The following data is logged automatically:


  • date and time of consent
  • User ID
  • status of consent (which cookies were consented to).

The legal basis for this data processing is initially the Controller's legitimate interest in obtaining the consent of website visitors to the storage of optional cookies as part of the provision of the website. If such consent has been given, the legal basis for the processing of the data for consent is the fulfillment of the legal obligation to obtain and document consent for this.


VWO

The website uses the heatmap tool VWO from Wingify Software Pvt. Ltd. in Germany.


A so-called heatmap tool is used on the website to analyze the use of the website by visitors to the website (e.g. how much time users spend on which pages and which links they click on). The provider of the heatmap tool acts as a data processor based on a data processing agreement.


Based on the analysis of user behavior, the website can be optimized. As part of the use of the heatmap tool, cookies and other technologies are used to collect data about the behavior of users and their devices, in particular:


  • Geo location
  • Anonymized IP address
  • UUID (Universally unique identifier).

This information is stored in a pseudonymized user profile, but this information is not used to identify individual users or to match it with other data about an individual user.


Personal data may be transferred to third countries that do not offer an adequate level of data protection. In this case, it is ensured that appropriate safeguards are provided for such a transfer to ensure an adequate level of data protection. The Controller will provide evidence of these appropriate safeguards on request.


This data is regularly deleted after a few days.


The legal basis for this data processing is the Controller's legitimate interest in the continuous improvement of the website and the content and services offered.


New Relic

The New Relic web analysis service from New Relic, Inc. in the USA is used on the website. The provider acts as a processor on the basis of an order processing agreement.


New Relic is used to optimise the use of our online offering.


The following data is automatically logged:


  • IP address in anonymised form,
  • Browser version
  • Geolocation.

We only use New Relic with activated IP anonymisation. Only in exceptional cases is the full IP address transmitted to a New Relic server in the USA and truncated there.


Users' personal data is deleted or anonymised after 14 months.


The legal basis for this data processing is the legitimate interest of the controller in the above-mentioned purposes.


Fonts (Google Fonts)

To display the content of the website correctly and graphically appealing across browsers, the Web Fonts font library provided by Google Ireland Ltd. in Ireland is used to make the website available. The provider acts as a data processor based on a data processing agreement.


When a website on which a font library is integrated is accessed, the required font is loaded into the browser cache to display texts and fonts correctly. Google receives the information that the font required for the website has been called up from the IP address of the website visitor.


Personal data may be transferred to third countries that do not offer an adequate level of data protection. In this case, it is ensured that appropriate safeguards are provided for such a transfer in order to ensure an adequate level of data protection. The Controller will provide evidence of these appropriate safeguards on request.


The legal basis for this data processing is the Controller's legitimate interest in a uniform and legible presentation of the website across all devices. If consent has been obtained, the expressly granted consent, which can be revoked at any time, constitutes the legal basis.


Google AdSense

The website uses the Google AdSense advertising service provided by Google Ireland Limited in Ireland. The provider acts as a data processor on the basis of a data processing agreement.


AdSense makes it possible to display targeted advertisements from third parties on the website or to have them displayed by Google. The content of the advertisements is selected based on the interests and previous user behavior of the website visitors. Google AdSense uses cookies and so-called "web beacons" (small invisible graphics) and device fingerprints (which can be used to recognize end devices based on the configuration).


Personal data may be transferred to third countries that do not offer an adequate level of data protection. In this case, it is ensured that appropriate safeguards are provided for such a transfer in order to ensure an adequate level of data protection. The Controller will provide evidence of these appropriate safeguards on request.


The legal basis for this data processing is the express consent of the website visitor. If no consent has been given, the legal basis for this data processing is our legitimate interest Our overriding legitimate interest is the above-mentioned purposes.


Tracking-Pixel

Tracking pixels and cookies from various providers, e.g. LinkedIn, Bing, Meta, Google, Outbrain, Pinterest, Snapchat, Taboola, TikTok, Twitter and/or Yahoo Native (Gemini), are used on the website to track the use of the website and the actions of website visitors for the purpose of conversion tracking.


The tracking pixels are a code snippet that can be used to track the actions of visitors to the website, which makes it possible to personalize and improve advertisements and measure their success. In this way, the use of the website can be evaluated for statistical and market research purposes and advertising campaigns can be optimized.


The data collected via the tracking pixels can be used by the providers of the respective pixels for their own tracking and advertising purposes. Further details can be found in the Privacy Policies of the providers of the respective pixels.


If a visitor to the website is a member of a social media platform of one of the providers of the tracking pixels and has allowed the respective provider to do so via the settings of the user account with the social media network, the provider of the social media network or tracking pixel can link the information collected about the visit to the website with the associated user account with the respective social media network and use it for the targeted placement of advertisements.


The website provider can also measure the effectiveness of advertisements in the respective social media networks and see whether a user was redirected to the website via such advertisements (conversion measurement).


When such tracking pixels are integrated, personal data may be transferred to third countries that do not offer an adequate level of data protection. In this case, it is ensured that appropriate safeguards are provided for such a transfer in order to ensure an adequate level of data protection. The Controller will provide evidence of these appropriate safeguards on request.


The legal basis for this data processing, including the transfer of data to LinkedIn, is the express consent of the visitor to the website.


AGE RESTRICTION

This website is not intended or designed for use by children under the age of 16. We do not knowingly collect personally identifiable information from or about anyone under the age of 16.


RECIPIENTS OF DATA

Within the Controller's organization, access to data is granted to those internal departments or organizational units that need it to perform their tasks, if necessary to fulfill contracts, for data processing based on the consent of the data subject(s) or to protect overriding legitimate interests.


Data will only be passed on to third parties in accordance with legal requirements. Your data will only be passed on to third parties if this is necessary for contractual purposes or to safeguard our overriding legitimate interest in the effective performance of our business operations.


If we use service providers or third-party providers to provide the website or other services, we take suitable legal precautions and appropriate technical and organizational measures to ensure the protection of your personal data.


DATA SUBJECT RIGHTS

Within the scope of the legal requirements, data subjects have the following rights with regard to the processing of personal data:


Right of Access

Data subjects have the right to request information about the personal data processed about them.


Right to Rectification

Data subjects have the right to request the rectification of inaccurate personal data concerning them. They also have the right to request the completion of incomplete personal data.


Right to Erasure

Data subjects have the right to request the erasure of personal data concerning them.


Right to Restriction of Processing

Data subjects have the right to request that the processing of personal data concerning them be restricted.


Right to Object to Processing

Data subjects have the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or which is based on a legitimate interest. In this case, the data will no longer be processed unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.


In addition, data subjects have the right to object at any time to the processing of personal data concerning them for the purpose of direct marketing; this also applies to any profiling insofar as it is associated with such direct marketing.


Right to Withdraw a Consent

Data subjects have the right to withdraw their consent if they have given their consent for processing.


Right to Data Portability

Data subjects have the right to receive the personal data concerning them, which they have provided to a Controller, in a structured, commonly used and machine-readable format ("data portability") and the right to transmit those data to another Controller.


Exercising the Rights

The rights of data subjects can be exercised by notifying the Controller or, where applicable, the Data Protection Officer using the contact details provided above.


Right to Lodge a Complaint with the Data Protection Supervisory Authorities

If data subjects believe that the processing of personal data concerning them breaches data protection law, they have the right to lodge a complaint with a data protection supervisory authority.


MANDATORY INFORMATION AND PROFILING

The provision of personal data is neither legally nor contractually required. There is no obligation to provide personal data, however, the provision of personal information is necessary for the conclusion of a contract insofar as certain information is mandatory in order to conclude (and execute) a contract.


Automated decision-making, including profiling, is not carried out.


RETENTION AND DELETION

We adhere to the principles of data avoidance and data economy and only store your personal data for as long as is necessary to achieve the respective purpose of the data processing purposes or as stipulated by the storage periods provided by law.


If the purpose of storage no longer applies or if a storage period provided for by law expires, the personal data will be routinely anonymized or deleted in accordance with the statutory provisions.


INFORMATION SECURITY


We take appropriate technical and organizational measures in accordance with the state of the art to ensure a level of protection for the personal data we process that is appropriate to the risk of the respective processing and to protect the data we process against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.


Our website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as orders, inquiries or payment data that you send to us.


Our employees receive regular training on data protection and information security and are committed to confidentiality and data protection.


A restrictive rights and roles concept on a "need to know" basis ensures that employees only have access to the personal data they absolutely need to perform their duties.


AMENDMENT OF THIS PRIVACY POLICY

We reserve the right to amend this Privacy Policy from time to time so that it always complies with current legal requirements and/or in order to implement changes to our services in the Privacy Policy, e.g. when introducing new services. When visiting the website or using our services, the current privacy policy always applies.