General Data Protection Notice
The security of your personal data is a high priority for us. We therefore protect your data stored with us by technical and organizational measures to effectively prevent loss or misuse by third parties. In particular, our employees who process personal data are bound to data secrecy and must comply with it. To protect your personal data, it is transmitted in encrypted form. To ensure the permanent protection of your data, the technical security measures are regularly reviewed and, if necessary, adapted to the state of the art. These principles also apply to companies that process and use data on our behalf and according to our instructions.
Information in accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR).
With the following general information, we would like to inform you as a data subject,
– on what basis we process your personal data,
– how we handle your personal data,
– what rights you have against us under data protection law and
– whom you can contact to assert your rights or if you have questions about data protection.
Personal data within the meaning of Article 4 (1) GDPR are, for example, information about you, but also about facts that are related to your person. Depending on the processing situation, we collect personal data from you (e.g. in the case of a visit to our website) or also from publicly accessible sources (e.g. the Internet).
You will find general information on data processing by us below. Detailed information on various case constellations can be found under “Data protection statements on individual processing situations”. If your concerns are not adequately reflected here or if there are any questions or uncertainties, please contact our data protection officer.
Contact details of the controller
The controller for the processing of personal data is:
APPsolute Mobility GmbH
Allersberger Str. 185, Building L4
Managing Directors: Victoria von Wachtel, Alexandra Kulfanová
Phone: +49 911 893139-0
Contact details of the data protection officer
Questions about data protection can be directed to our data protection officer:
Management & Personnel Consulting
Purposes and legal basis of processing
As a matter of principle, we only process your personal data insofar as this is necessary to provide a functional website and our content and services, or if you have given your consent. In doing so, we collect, process and use your personal data for the following purposes: establishment and implementation of contractual relationships, sending a newsletter, marketing measures, customer satisfaction surveys and analyses, product evaluations, customer service and customer support and for order processing of our online range of goods.
Fulfillment of a contractual obligation
When processing personal data that is required for the fulfillment of a contract, Article 6 (1) (b) GDPR also serves as the legal basis in individual cases.
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) (a) GDPR is the legal basis for the processing of your personal data.
Existence of a legal obligation
When processing personal data where we are subject to a legal obligation (such as to comply with tax obligations), Art. 6(1)(c) GDPR is the legal basis for processing your personal data.
When processing personal data that is applied on the basis of our legitimate interests (e.g., when using service providers as part of processing your orders, such as shipping service providers, or when conducting statistical surveys and analyses, as well as logging registration procedures), Art. 6 (1) (f) GDPR is the legal basis for processing your personal data. Our interest is directed towards the use of a user-friendly, appealing and secure presentation as well as optimization of our web offer, which both serves our business interests and meets your expectations.
Existence of special categories
Special categories of personal data (such as health data) are processed by us on the basis of Art. 9 Ab. 2 GDPR and the respective legal basis, insofar as this is necessary in exceptional cases within the scope of our activities.
Existence of other purposes
If the processing of personal data takes place for a purpose other than the one for which it was collected, the legal basis results from Article 6 (4) GDPR.
Recipients of personal data
We only disclose your personal data to our employees and third parties on the basis of legal requirements or if we have your express consent.
Within our company, only those persons who need to access your personal data in order to perform their tasks are granted access to it.
In addition, we sometimes work together with order processors. These can be natural or legal persons, authorities, institutions or other bodies that process personal data on our behalf. The contractor is bound by instructions, which means that he may only process the data in a way that we have explicitly instructed him to do.
Data Transfer to Third Party Providers/To Third Party Countries.
Our business activities are supported by a network of computers, cloud-based servers and other infrastructure and information technologies. Furthermore, we use various service providers (“Third-Party Providers”) or their products to optimize our offerings and services; this also applies when our services link to other platforms such as social media. The aforementioned parties may be located in countries outside the European Union, the European Economic Area and Switzerland, if applicable. In these cases, we share personal data with the aforementioned parties in order to provide the requested service.
Data transfers to countries that do not have an adequate level of data protection that complies with the requirements of the GDPR (“third countries”) may therefore arise in the context of the administration, development and operation of IT systems, marketing and customer communications and securing our offers.
Such data transfers only take place insofar as the transfer is permissible in principle and special requirements for a transfer to a third country exist. In particular, we ensure that the party processing the data there guarantees an adequate level of data protection in accordance with the EU standard contractual clauses for the transfer of personal data to data processors in third countries. Other data transfers may be based on other contractual protections.
We conclude contracts with our partners and service providers to ensure an adequate level of data protection, depending on the respective circumstances. These may be data processing agreements (DPAs) where there is commissioned processing, contracts based on the EU standard contractual clauses (SCCs) where there is shared responsibility, or binding corporate rules (BCRs).
Personal data collected by us may be recorded both in paper form and electronically. According to Art. 17 GDPR, personal data must be deleted as soon as they are no longer required for the above-mentioned purposes and the deletion does not conflict with any legal retention requirements. We thus process and store your personal data only for the period of time required to fulfill the purpose of storage or if this has been provided for in laws or regulations. After discontinuation or fulfillment of the purpose, your personal data will be deleted or blocked. In the case of blocking, deletion will take place as soon as legal, statutory or contractual retention periods do not conflict with this, there is no reason to assume that deletion would impair your interests worthy of protection and deletion would not cause a disproportionately high expense due to the special nature of the storage.
Collection of log files
If you visit our website for informational purposes only, without providing personal data via registration or otherwise, only the Internet connection data that your browser transmits to our server will be processed. With each call, our website collects a number of general data and information, which are temporarily stored in log files of a server. A log file is created in the course of an automatic log of the processing computer system.
The following data can be collected: Access to the website (date, time and frequency), how you got to the website (previous page, hyperlink, etc.), amount of data sent, which browser and browser version you are using, which operating system you are using, which internet service provider you are using, your IP address, which your internet access provider assigns to your computer when connecting to the internet.
The legal basis for this data processing is Art. 6 (1) letter b GDPR, as the collection and storage of this data is necessary for the operation of the website, to ensure the functionality of the website and to deliver the content of our website correctly. In addition, the data serves us to optimize our website and to ensure the security of our IT systems; in this respect, the processing is based on Art. 6 (1) letter f GDPR.
Data subject rights
You have the following rights vis-à-vis us, which you can assert with regard to personal data concerning you:
Right to information, Art. 15 GDPR.
You have the right to information about whether we process personal data about you. In addition, the right of access provides you with information about the data concerning you and some other important criteria, such as the purposes of processing or the duration of storage. It makes it much easier for us to provide you with information if you tell us in what context we receive your data.
Right to rectification, Art. 16 GDPR.
You have the right to rectification if you wish to have inaccurate personal data corrected.
Right to erasure, Art. 17 GDPR
Under the conditions of Art. 17 GDPR, you can request that we delete your personal data. However, this is only possible if the personal data concerning you is no longer necessary, is being processed unlawfully, or consent in this regard has been revoked.
Right to restriction of processing, Art. 18 GDPR.
The right to restriction of processing gives you the opportunity to prevent further processing of the personal data concerning you for the time being. The GDPR restricts this right when it concerns the exercise of legal claims, public interests worthy of protection or interests of another person.
Right to object, Art. 21 GDPR
According to Art. 21 GDPR, you have the possibility to object to the processing of personal data concerning you. This means that in a specific situation, you may object to the further processing of your personal data insofar as it is carried out on the basis of the performance of public tasks.
Right to data portability, Art. 20 GDPR
The right to data portability means the possibility for you to receive your personal data from us in a common, machine-readable format in order to transfer it to another controller, if necessary. However, according to Article 20 (3) sentence 2 GDPR, this right does not apply to data processing that is in the public interest or in the exercise of official authority.
Right to withdraw consent, Art. 7 (3) GDPR.
Insofar as the processing of personal data is based on consent, you may revoke this consent at any time for the relevant purpose. The lawfulness of the processing based on the consent given remains unaffected until receipt of the revocation.
Right of complaint, Art. 77 GDPR
You also have a right of appeal to the supervisory authority under data protection law.
You can also contact our data protection officer mentioned above with questions and complaints.
Links to Internet pages of other companies
Our website contains links to Internet sites of other companies. We are not responsible for the data protection precautions on external websites that you can reach via these links. Please inform yourself there about the data protection of these external websites.
Subject to change
We reserve the right to change the data protection information in order to adapt it to changed legal situations or in the event of changes to the service or data processing. In the course of the further development of our Internet offer and the technologies used, changes to this data protection information may also become necessary. We therefore recommend that you visit this page regularly if you wish to keep up to date. If your consent is required or parts of the data protection information contain regulations of the contractual relationship with you, the changes will only be made with your consent.
You will find the current status of this data protection notice at the end of this document.
Data protection information on special processing situations
In addition to the general data protection information, you will find the following further information on specific processing situations.
Cookies and local storage
Cookies are small text files that are collected by your browser and temporarily stored on your computer. They do not reveal any personal data and can neither access the data on your hard drive nor cause any damage there.
When you visit our website, you must declare which cookies we may use. We do this by means of a so-called Consent Management System – commonly referred to as a “cookie banner”.
A distinction is made between so-called “essential cookies” / necessary cookies, which are required for the correct functioning of the website and the functions offered on it (such as registration form for test access), and those that we use to improve our website and the functions offered on it; this also includes cookies that we use to measure the success of our website and the other websites connected to it. You may object to the use of the latter cookies; if you do so, no such cookies will be set.
In addition, you can manage cookies in your web browser and delete them completely. We would like to point out that this may result in functional restrictions on our website.
In order to enable you to adapt our Internet offer to your personal needs and usage, we use not only cookies but also the so-called local storage technology (also called “local data” and “local memory”). In this process, data is stored locally in the cache of your browser, which continues to exist and can be read even after the browser window is closed or the program is terminated – unless the cache is deleted.
Local Storage makes it possible for your preferences when using our Internet offer to be stored on your computer and used by you.
Third parties cannot access the data stored in Local Storage. They are not passed on to third parties and are not used for advertising purposes.
We use these techniques in the legitimate interest of being able to provide you with an attractive, fully functional offer (Art. 6 para. 1 lit. f GDPR).
Matomo (formerly Piwik)
This website uses the web analytics software Matomo (www.matomo.org), a service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”) to collect and store information about visitors to our website for optimization and marketing purposes. Pseudonymized usage profiles can be created and evaluated from this data for the same purpose. Cookies can be used for this purpose (for cookies, see the explanations above). The data collected using Matomo technology (including your pseudonymized IP address) is processed on Matomo servers within Germany. The information generated by cookies in the pseudonymous user profile is not used to personally identify visitors to this website and is not merged with personal data about the bearer of the pseudonym.
If you do not agree with the storage and analysis of this data from your visit, then you can disable or restrict the transfer of cookies by changing the settings in your Internet browser. Cookies that have already been stored can be deleted at any time. Matomo also supports the “Do Not Track” procedure of current web browsers. If you want to generally prevent the analysis of your web behavior, we recommend that you activate this option in your browser. You can find more information about the privacy settings of the Matomo software at the following link: https://matomo.org/docs/privacy
Purpose of processing
We use the service of HubSpot for our online marketing activities. This is an integrated software solution that we use to cover various aspects of our online marketing and sales. The resulting data, as well as the content of our website, is stored on HubSpot’s servers.
We use HubSpot for our email marketing, among other things. Visitors to our website can subscribe to topic-related newsletters and mailings as well as download certain documents. This requires, for example, the provision of the name and e-mail address. We use this data to contact visitors to our website.
Reporting and contact management
The legal basis for e-mail marketing is your consent (Art. 6 para. 1 lit. a GDPR), which you give, for example, when ordering our newsletter.
You can revoke your consent to receive newsletters, mailings or downloads at any time via a link at the end of each e-mail or by sending us a message. After your revocation, your contact data will be deleted immediately from the corresponding email lists.
The legal basis for reporting and contact management is your consent (Art. 6 para. 1 lit. a GDPR); you give this via the cookie banner.
If a collection by HubSpot is generally not desired, the storage of unnecessary cookies can be prevented at any time by setting your browser accordingly.
Registration for a consulting appointment, for the newsletter and for various downloads
With registration for one of the above services, we process the data you provide for the provision of the services as well as for proof of registration. Based on your consent, the legal basis for the processing is Art. 6 para. 1 lit. a) GDPR.
Your registration for our services can be revoked at any time with effect for the future.
When registering for one or more of the above services via our website, we process the data you provide for the conclusion and implementation of the corresponding service (Art. 6 para. 1 lit. b GDPR).
We measure the success of our websites and in particular the so-called “conversion rate”, i.e. how many visitors register for one of our services. This serves to optimize our offers in order to be able to offer the services as simply and optimized as possible. The legal basis for the corresponding data processing is our legitimate interest (Art. 6 para. 1 lit. f GDPR).
You can revoke your consent to receive newsletters, mailings or downloads at any time via a link at the end of each e-mail or by sending us a message. After your revocation, your contact data will be deleted immediately.
The recipient of your personal data as a service provider is:
HubSpot, Inc, 25 First Street, Cambridge, MA 02141 USA; the company has an office in Ireland (2nd Floor 30 North Wall Quay, Dublin 1, Ireland) and an office in Germany (Koppenstraße 93, 10234 Berlin).
As part of the processing of your data via HubSpot, this data may also be transferred to the USA. We have concluded a contract with HubSpot; in this contract, HubSpot undertakes to process personal data within the framework of the standard data protection clauses approved by the EU Commission. The basis for this is Art. 46 GDPR.
LinkedIn Insight Tag
Purpose of processing
The LinkedIn Insight Tag allows us to record and analyze LinkedIn members’ visits to our website. When we run ad campaigns on LinkedIn that link to offers or information on our website, we can use it to measure the performance of these ads. This means, among other things, that we can track conversions, retarget our website visitors, and thereby gain additional information about the members who view our ads.
Categories of personal data
The LinkedIn Insight tag creates a unique LinkedIn browser cookie in your browser; this enables the collection of the following data for that cookie: metadata such as IP address, URL, referrer URL, timestamp, and page events (e.g., page views). IP addresses are shortened or (if used to reach members across devices) hashed.
LinkedIn does not share any personal data with us, but only provides reports and notifications about website audience and ad performance. LinkedIn members cannot be identified in the process.
The collected data is anonymized within seven days and deleted within 90 days.
The legal basis for the processing of your personal data is our legitimate interest (Art. 6 para. 1 lit. f GDPR). Further legal basis is your consent according to Art. 6 para. 1 lit. a GDPR, which is related to your consent to a cookie use (see information on cookies).
The recipient of the data is
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
Purpose of processing
We use the open-source content management system “WordPress” as well as plug-ins for our website. Plug-ins are function-related extensions of the “WordPress” software. In the course of using these plug-ins, personal data, such as your IP address, may be processed.
We use plug-ins in particular for the following purposes:
– to protect against abusive comments (“spam”),
– to find faulty links,
– to improve the loading speed of our mobile websites.
We use WordPress as well as the respective plug-ins used on the basis of legitimate interest (Art. 6 para. 1 lit. f GDPR). Our legitimate interest is to achieve the purposes described above. If you have given your consent, Art. 6 (1) lit. a GDPR is the legal basis.
We store your data for as long as we need it for the specific processing purpose.
For more information about WordPress and data protection, please visit:
Video service YouTube
Purpose of processing
We embed videos on our website. The content of these videos is stored directly on the provider’s platform and embedded on our site.
Categories of personal data
Provided that you call up such a video and have allowed the cookies for external media, the IP address, technical information such as browser, operating system and basic device information as well as the website you visited are communicated. Personal data is only transmitted when you call up a video, because only then is a connection to YouTube servers established and a corresponding cookie is set, which is used to save the settings you have selected.
By calling up a video, you leave our website and enter the external platforms of YouTube, which are beyond our control. Before you call up a video, you will be informed about it again. If you have an account with the provider of the video service, it may be able to identify you. You can avoid this by logging out of your account before playing a video.
We have embedded the YouTube videos in a privacy-friendly manner in “Enhanced Privacy Mode”.
The legal basis for the activation of these videos is your consent pursuant to Art. 6 (1) lit. a GDPR, which is related to your consent to a cookie use (see information on cookies).
The recipient of the processed data is
YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA; YouTube LLC is part of Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA94043, USA.
We have concluded an order processing agreement with Google; in this agreement, Google undertakes to process personal data within the framework of the standard data protection clauses approved by the EU Commission. The basis for this is Art. 46 GDPR.
Info on social media fanpages
Appsolute Mobility maintains a social media profile on the social network Facebook (so-called “Fanpage”). On our Fanpage, we regularly publish and share content, offers and product information. With each interaction on our Fanpage or other Facebook websites, the social network operator records your usage behavior using cookies and similar technologies. Fanpage operators may view general statistics about the interests and demographic characteristics (such as age, gender, region) of the Fanpage audience. When you use social networks, the nature, scope and purposes of social network data processing are primarily determined by the social network operators.
Provider / Responsible party
The social network Facebook is offered by Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”).
Insofar as you communicate directly with us via our fan page or share personal content with us, APPsolute Mobility is responsible for processing your data. An exception applies to the data processing described below for usage analysis (page insights); we are jointly responsible for this with Facebook.
Processing of your data by Facebook
With every interaction with fan pages, Facebook records the usage behavior of the fan page visits using cookies and similar technologies. On this basis, the fan page operators receive so-called “page insights”. Page insights contain only statistical, depersonalized (anonymized) information about visitors to the fan page, which can therefore not be assigned to any specific person. We have no access to the personal data used by Facebook for the creation of Page Insights (“Page Insights data”). The selection and processing of Page Insights data is carried out exclusively by Facebook.
With the help of Page Insights, we obtain insights into how our Fanpages are used, what interests the visitors to our Fanpages have, and which topics and content are particularly popular. This allows us to optimize our fan page activities, for example, by better responding to the interests and usage habits of our audience when planning and selecting our content.
APPsolute Mobility and Facebook are jointly responsible for processing your data to provide Page Insights. For this purpose, we and Facebook have entered into an agreement specifying which company fulfills which data protection obligations under the GDPR with respect to the processing of Page Insights data.
More info about page insights
You can view the agreement with Facebook here: https://www.facebook.com/legal/terms/page_controller_addendum
Facebook has summarized the main contents of this agreement (including a list of Page Insights data) for you here: https://www.facebook.com/legal/terms/information_about_page_insights_data
Insofar as you have consented to Facebook in relation to the creation of Page Insights described above, the legal basis is Article 6(1)(a) GDPR (consent). Otherwise, the legal basis is Article 6(1)(f) GDPR, whereby our legitimate interests lie in the above-mentioned purposes.
So-called tracking pixels are integrated on our pages via the “Website Custom Audiences” pixel from Facebook. When you visit our pages, a direct connection is established between your browser and the Facebook server via the tracking pixel. Facebook thereby receives, among other things, the information from your browser that our page was called up from your end device. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. If you wish to object to the use of Facebook Website Custom Audiences, you can do so at https://www.facebook.com/ads/website_custom_audiences/.
We also use the “conversion pixel” or visitor action pixel of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). By calling this pixel from your browser, Facebook can subsequently recognize whether a Facebook ad was successful. We receive from Facebook for this purpose exclusively statistical data without reference to a specific person. This allows us to record the effectiveness of the Facebook ads for statistical and market research purposes. Via the settings on Facebook, you as a Facebook user can revoke the consent to Conversion Pixel under the following link: https://www.facebook.com/settings?tab=ads.
The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy, provides information about the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect privacy. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used to suppress data transmission to Facebook.
Status of this privacy notice