Information obligation according to Art. 13 of the GDPR for our website visitors

Thank you for your interest in data processing on our website and we assure you that we understand data protection as an important customer-oriented quality feature. The protection of your personal data and the protection of your personal rights are important to us. We treat your personal data confidentially, in accordance with the statutory data protection regulations and in accordance with the information in this data protection declaration. We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps.

For your trust, it is important to us that we are always available to answer questions about the processing of your personal data. If you have any questions that this data protection declaration cannot answer, or if you would like more detailed information on any point, please contact the data protection officer at any time using the contact details given below.

Name and contact details of the person responsible (Art. 13 Para. 1 a of the GDPR)

STARFACE GmbH
Stephanienstr. 102
76133 Karlsruhe
Email: info@starface.com

Name and contact details of the data protection officer (Art. 13 Para. 1 b of the GDPR)

ENSECUR GmbH
Kaiserstr. 86
76133 Karlsruhe
Personally responsible: Mr. Thorsten Jordan
Email: dsb-starface@ensecur.de

Purpose and legal basis of data processing (Art. 13 Para. 1 c of the GDPR)

  • Handling and processing of contact and appointment requests (Art. 6 Para. 1 f of the GDPR)*
  • Handling and processing of requests for newsletter subscription (Art. 6 Para. 1 a/f of the GDPR)*
  • Handling and processing of support requests (Art. 6 Para. 1 b/f of the GDPR)*
  • Technical operation of the website (Art. 6 Para. 1 f of the GDPR)*
  • Optimization of the website offer by evaluating website usage data (Art. 6 Para. 1 a/f of the GDPR)*

Interests of the person responsible when balancing interests (Art. 13 Para. 1 d of the GDPR)

  • Assertion of legal claims and defence in legal disputes
  • Ensuring IT security and IT operations in the company
  • Prevention of criminal offences
  • Measures for business management and the further development of services and products and the optimization of the website offer by evaluating website usage data

Recipients or categories of recipients of personal data (Art. 13 Para. 1 e of the GDPR)

When accessing and using offers on our website, we pass on data to recipients such as plug-in manufacturers, hosting providers, media and communication service providers and newsletter service providers. Our websites may also contain links to websites from other providers to which this data protection declaration does not apply. We will only transmit, without your express consent, the personal data that you have provided to participating subsidiaries or business partners after careful consideration of interests and to the extent necessary for their order execution, but will never sell them to commercial users or allow them to be used in any other form. The following transmissions also take place:

Doubleclick

This website uses the DoubleClick tool from Google. DoubleClick uses cookies to show relevant advertisements, to improve reports on campaign performance or to avoid a user being shown the same advertisements multiple times. Google uses a cookie ID to record which advertisements are shown in which browser. In addition, DoubleClick can use cookie IDs to record so-called conversions relating to ad requests. You can prevent this tracking in the following ways:

  • by setting your browser accordingly, in particular by suppressing third-party cookies
  • by deactivating the conversion tracking cookies by setting your browser so that cookies from the domain “www.googleadservices.com” are blocked (https://www.google.de/settings/ads). Please note that this setting will be deleted if you delete your cookies.
  • by deactivating the interest-based advertisements of the providers via the link https://www.aboutads.info/choices. This setting will also be deleted if you delete your cookies
  • by permanent deactivation in your Firefox, Internet Explorer or Google Chrome browsers under the link https://www.google.com/settings/ads/plugin. You can find more information about DoubleClick from Google at www.google.de/doubleclick or support.google.com/adsense/answer/2839090. You can find out more about data protection at Google in general at: www.google.de/intl/de/policies/privacy

Google reCAPTCHA

This website uses the reCAPTCHA function from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (or in short: “Google”). This tool is used to differentiate between bots and people when filling in and sending contact/offer forms. This service includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 Para. 1 lit. f of the GDPR on the basis of our legitimate interest in determining individual responsibility on the Internet and in avoiding abuse and spam. When using Google reCAPTCHA, personal data may also be transmitted to the servers of Google LLC. in the USA.
Further information on Google reCAPTCHA and Google’s data protection declaration can be found at: https://www.google.com/intl/de/policies/privacy/

Google Analytics

This website uses Google Analytics (https://www.google.com/intl/de_ALL/analytics/), a web analysis service from Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are saved on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. Due to the IP anonymization on this website, your IP address will be shortened beforehand by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case, you may not be able to use all the functions of this website to their full extent. You can also prevent Google from collecting the data (including your IP address) generated by the cookie and relating to your use of the website and from processing this data by downloading and installing the browser plug-in available at the following link (https://tools.google.com/dlpage/gaoptout?hl=de).
You can prevent Google Analytics from collecting data by clicking on the following link. An opt-out cookie is set that prevents the future collection of your data when you visit this website: Deactivate Google Analytics (requires Javascript).
For more information on the terms of use and data protection, see
https://www.google.com/analytics/terms/de.html or at
https://www.google.com/intl/de/analytics/privacyoverview.html.

We would like to point out that Google Analytics has been expanded to include the code “gat._anonymizeIp();” on this website in order to ensure the anonymous collection of IP addresses (so-called IP masking).

In addition, we use Google Analytics to evaluate data from AdWords and the double-click cookie for statistical purposes. If you do not want this, you can deactivate this via the ad preferences manager (https://www.google.com/settings/ads/onweb/?hl=de) or adjust your consent to data processing using our cookie management tool.

Google Fonts

Google Fonts is a service provided by Google Inc. (“Google”). These web fonts are integrated through a server call, usually with the help of Google servers in the USA. The IP address of the browser of the end device is saved by Google. You can find more information in Google’s data protection information, which you can access here:
https://www.google.com/fonts#AboutPlace:about
https://www.google.com/policies/privacy

Google Tag Manager

This website uses the Tag Manager from Google. This service enables us to manage website tags via an interface. This Google tool only sets tags. This means: No cookies are used and no personal data is regularly recorded. However, other tags may be triggered, which may in turn collect data. The Google Tag Manager does not access this data. If a deactivation has been performed at the domain or cookie level, it will remain in effect for all tracking tags if they are implemented with the Google Tag Manager.

Hotjar

We use the Hotjar service from Hotjar Limited (Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta) on this website to statistically evaluate data from website visitors using a combination of analysis and feedback tools. Personal data such as your IP address are automatically anonymized, which means that you, as a website user, cannot be personally identified, but we can still learn a lot about your user behaviour and thus improve our site. You can find more details on data processing and which data is recorded and how by Hotjar at: https://www.hotjar.com/legal/policies/privacy?tid=331605001807.

Intercom

We use Intercom, a service from Intercom, Inc., 98 Battery Street, Suite 402, San Francisco, CA 94111 USA (hereinafter “Intercom”) to communicate via chat or to answer your support queries. To do this, we may transmit your name, email address and IP address to the Intercom servers. The legal basis for this is Art. 6 Para. 1 b/f of the GDPR. Intercom stores this data until we delete it.

Vimeo

We include videos from Vimeo on our website. The video portal is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. With the help of a plug-in, we can show you video material directly on our website. Certain data can be transferred from you to Vimeo. This includes your IP address, technical information such as your browser type, your operating system or basic device information. Vimeo also saves information about which website you use for the service and which web activities you carry out on our website. This can include data such as session duration, bounce rate or type of use. Vimeo can track and save this data with the help of cookies and similar technologies.

Youtube / Google

We use the YouTube.com platform to post our own videos and make them publicly available. Videos from YouTube are linked or integrated via links with the integration of the offer from YouTube LLC, which is a subsidiary of Google LLC (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). We do not see ourselves as responsible for the content of the websites that are linked to. If you follow a link on YouTube, we would like to point out that YouTube stores the data of its users (e.g. personal information, IP address) in accordance with its own data usage guidelines and uses it for business purposes. In the case of the integration of videos, content from the YouTube website is displayed in parts of a browser window. The YouTube videos are only accessed by clicking on them. If you call up a page of our website on which YouTube videos are integrated in this way, a connection to the YouTube servers is established and the content is displayed on the website by notifying your browser. More information can be found at https://policies.google.com/privacy.

Transfer to third countries (Art. 13 Para. 1 f of the GDPR)

It is possible that data will be transmitted to third countries via subcontractors or companies affiliated with them when accessing and using our website and related offers. Potential risks can be unenforceable data subject rights and a lower level of data protection. With the conclusion of order processing contracts (if such a contractual relationship exists), as well as the conclusion of standard contractual clauses including effective supplements required by the supervisory authorities, we minimize the risk as far as possible.

Storage period in accordance with the statutory retention requirements (Art. 13 Para. 2 a of the GDPR)

  • Web server (Hosting Provider): 14 days
  • Contact form: Your data will only be used to fulfil your request and will then be deleted as long as there is no legal, contractual or statutory retention obligation to prevent this.
  • Cookies: Information on how to delete cookies can be found in the cookie information on our homepage.

Until the storage period expires, the data transmitted to us is protected by suitable technical and organizational means in order to protect them from accidental or deliberate manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously monitored and improved in line with technological developments and organizational possibilities.

Storage period in accordance with the statutory retention requirements (Art. 13 Para. 2 a of the GDPR)

As a person concerned, you have the right to information, the correction and deletion of your data and to the restriction of processing at any time, as well as the right to data portability. Please contact the person responsible using the contact details provided.

Right of objection (Art. 21. Para. 1 of the GDPR)

If your data is processed to safeguard legitimate interests, you have the right to object to this processing at any time using our contact details provided, if your particular situation gives rise to reasons that conflict with this data processing. We will then terminate this processing unless it serves overriding legitimate interests on our part.

Right of withdrawal (Art. 13. Para. 2 c of the GDPR)

If you have consented to the processing of your data, you have the right to revoke it at any time for the future. This does not affect the legality of the processing up to the point of revocation. Please contact the responsible office using the contact details provided.

Existence of a need to provide personal data (Art. 13 Para. 2 e of the GDPR)

The data collected is necessary for the technical operation of the website, the processing of contact and appointment requests for inquiries about newsletter subscription and support requests. A possible consequence of not providing your data could be that you cannot use the offers on our website, or cannot use them to their full extent.