Privacy Statement
We (Citizen Systems Europe GmbH) value every visit to our website.
We take data protection and data security very seriously. Therefore, we treat users’ personally identifiable information (hereinafter referred to as “Data”) confidentially and in accordance with the statutory data protection regulations and this Privacy Statement.
Controller:
Citizen Systems Europe GmbH
Otto-Hirsch-Brücken 17
D-70329 Stuttgart Germany
Commercial register: District Court Stuttgart, HRB 213626
Managing director: Mark Moore
Tel.: +49 (0)711 - 49032-0
Email:info@citizen-europe.com
Data Protection Officer:
We do have a DPO and if you have any questions regarding our GDPR guidelines please contact him by post to the Citizen Systems GmbH’s office address stated above, adding (attn. DPO) or via the following mail address: datenschutzbeauftragter@citizen-europe.com
1. General information regarding data processing and legal bases
1.1 This Privacy Statement describes the nature, scope and purpose of the data processing within our web presence and or social media profiles (Facebook, LinkedIn, Twitter, YouTube) and any webpages associated with the web presence. This Privacy Statement applies regardless of which devices the website is running on.
The data protection terms used in this Privacy Statement (for example, “personally identifiable information” or “processing”) can be looked up in the definition catalogue under Article 4 of the General Data Protection Regulation (hereinafter referred to as “GDPR").
1.2 Data processed by our website includes user data (e.g., first and last names or email addresses), usage data (e.g., for website visits or interest in our products), and content data (e.g., entries in the contact form).
The term “user” covers all categories of data subjects affected by data processing. These include our business partners, customers, interested parties and other visitors to our website.
1.3 Users' data is only processed with legal permission or the users’ consent. This means that we only process user data for the purpose of providing our online services on the basis of legal permission or on the basis of prior consent obtained from the user. In this context, we refer in particular to the basis for consent under art. 6 (1) lit. f. GDPR, according to which processing may be necessary to safeguard our legitimate interests. A legitimate interest may arise in particular from the reach measurement, from the creation of profiles for advertising and marketing purposes as well as from the collection of access data and the use of third-party services. Conceivable scenarios are the analysis, optimisation, business operation and security of our website.
1.4 The consent is based on art. 6 (1) lit. a. and art. 7 GDPR, the processing for the fulfilment of a legal obligation is based on art. 6 (1) lit. c. GDPR, the processing for the performance of a contract or a pre-contractual measure is based on art. 6 (1) lit. b. GDPR and processing for the protection of legitimate interests is based on art. 6 (1) lit. f. GDPR.
2. Security measures
All data sent to us via our website or in email traffic is secure. To prevent intentional manipulation, loss, destruction and to prevent access by unauthorised persons, we take extensive organisational, contractual and technical security measures, which are regularly reviewed and adapted as necessary. However, due to the structure of the internet, it is possible that data protection regulations and security arrangements will not be observed by other persons or institutions outside our area of responsibility. In particular, unencrypted data (for example, in an email) may be read by third parties. It is therefore the user’s responsibility to protect the data provided by them against misuse using encryption or by some other means.
3. Disclosure of data
3.1 Data is only transferred to third parties in accordance with legal requirements. We will only pass users' data to third parties if this is required, for example, for the economic and effective operation of our business based on legitimate interests pursuant to art. 6 (1) lit. f. GDPR.
3.2 If we use subcontractors to provide our services, we will take appropriate legal precautions and relevant technical and organisational measures to protect the data in accordance with relevant data protection legislation.
3.3 If contents, tools or other assets of third-party providers with registered offices in third countries are covered by this Privacy Statement, it must be assumed that data will be transferred to third countries. Third countries are to be understood as countries in which the GDPR is not a directly applicable law, that is, principally countries outside the EU or the European Economic Area (EEA). Data is only transferred to third countries if an adequate level of data protection exists in the third countries or if suitable guarantees, separate consent or other legal authorisation exists.
4. Contact
4.1 When contacting us (via email or contact form), the user’s details are processed to handle the request and its processing. The data will be only stored for processing the request as well as for any related questions that may arise.
4.2 As soon as the user uses our email address to contact us, they automatically leave our website. The provision of data to us in the email is voluntary.
4.3 When contacting us using our contact form, we collect the user's first name, last name and email address in a manner that is earmarked and obligatory for the user. We also collect the company name. The provision of data to us in the free field of the contact form is voluntary.
4.4 Users can object to the processing of the data provided by them at any time. Users should send their objections in any form to the following email address: admin@citizen-europe.com
4.5 User information can be stored in our Customer Relationship Management System (“CRM System”) or comparable query organisation. We use a CRM system from the provider HubSpot Germany GmbH, Unter den Linden 26, 10117 Berlin, Germany, on the basis of our legitimate interests (efficient and fast processing of user requests) pursuant to art. 6 (1) lit. f GDPR. For this purpose, we have concluded an order data processing contract with HubSpot Germany GmbH, which among other things obliges HubSpot Germany GmbH to process data only in accordance with our instructions. HubSpot and its sub-contractors process personal data i.a. in the US. We have concluded standard contractual clauses with HubSpot Inc., 25 First Street, 2nd Floor, MA 02141, USA to ensure an adequate level of data protection in the recipient country.
5. Collection of Access Data and Log Files
5.1 On the basis of our legitimate interests pursuant to art. 6 (1) lit. f. GDPR, we collect data about every access to the server on which this service is located (server log files). The access data include the name of the retrieved web page, the file, the date and time of the retrieval, the amount of data transferred, the message about the successful retrieval, the browser type and version, the user’s operating system, the referrer URL (previously visited page), the IP address and the requesting provider.
5.2 Log file information is stored for security purposes (for example, to investigate abusive or fraudulent activities) for a maximum of seven days and then deleted. Data whose further retention is required for evidential purposes is exempted from deletion until final clarification of the incident.
6. Localisation
Our website can use the user's IP address to identify the location from which a user is visiting our website and can present the website to the user in a language version corresponding to the location or provide information and links to online shops or retailers that may be of interest to the user due to their geographical location. For this purpose, we integrate the service GeoIP by MaxMind Inc (14 Spring Street, Waltham, MA 02451, USA), to which the IP addresses of the users are transmitted. We have concluded a data processing agreement with MaxMind and, since the IP addresses are transmitted to the USA, also standard contractual clauses to guarantee an adequate level of data protection. The legal basis is art. 6 (1) lit. f GDPR, our legitimate interest is to be able to show users relevant content.
7. Cookies and Reach Measurement
7.1 Cookies are information transmitted by our web server or third-party web servers to the users' web browsers, which are stored there for later retrieval. Cookies can be small files or other types of information storage.
7.2 We use session cookies, which are only stored for the duration of the visit to our website (for example, to enable storage of the login status and thus the use of our website in the first place). In a session cookie, a randomly generated unique identification number is stored, which is know as a session ID. In addition, a session cookie contains information about its origin and the retention period. Session cookies cannot save other data. Session cookies are deleted when the use of our website is ended (for example, by logging out or closing the browser).
7.3 If users do not want cookies stored on their device, they are asked to disable the option in the browser's system settings. Saved cookies can be deleted in the browser’s system settings. The exclusion of cookies can restrict functions of our website.
7.4 We use the consent management platform Usercentrics by Usercentrics GmbH, Rosental 4, 80331 Munich, Germany to manage consent and cookies with mandatory opt-out as well as tracking technologies and have concluded a data processing agreement with them. Usercentrics also uses cookies.
7.5 We inform Users of the use of cookies as part of pseudonymous reach measurement in this Privacy Statement and our consent management tool (Usercentrics). An overview over the technology used can be found in our Cookie Policy.
7.6 Users may opt out of the use of cookies for reach measurement and promotional purposes via the deactivation page of the Network Advertising Initiative optout.networkadvertising.org and additionally the US website www.aboutads.info/choices or the European website www.youronlinechoices.com/uk/your-ad-choices/.
8. Analysis and Range Measurement
8.1 Google Analytics
8.1.1 On the basis of our legitimate interests (interest in the analysis, optimisation and economic operation of our website pursuant to art. 6 (1) lit. f. GDPR), we use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland („Google“). Google uses cookies. Information generated by the cookie regarding the user’s use of our website is generally transferred to a Google server in the USA and stored there.
8.1.2 Google will use the information obtained on our behalf to evaluate the use of our website, to compile reports regarding activities within our website and to provide us with additional services related to the use of our website and internet usage. In the process, pseudonymous user profiles can also be created from the processed data. This is independent from the configuration of marketing functions of Google Analytics which we also use on this website and which are described in section 9.3 below.
8.1.3 We only use Google Analytics with IP anonymisation activated. This mean the user’s IP address will be abridged by Google within the Member States of the European Union or in other states parties to the Agreement on the European Economic Area. The full IP address is only sent to a Google server in the U.S. and truncated there in exceptional cases. To cover these exceptional cases where personal data is transferred to the US Google has concluded standard contractual clauses pursuant to art. 46 GDPR.
8.1.4 Google will not merge the IP address provided by your browser with other data. Users may prevent cookies from being stored by making relevant settings in their browser software; Users can also prevent the recording of the data generated by the cookie and relating to their use of the website by Google as well as the processing of these data by Google, by downloading and installing the browser plug in available at the following link. tools.google.com/dlpage/gaoptout
8.1.5 For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: policies.google.com/privacy.
8.2 HubSpot
8.2.1 Based on our legitimate interests (interest in the analysis, optimisation and economical operation of our online offer pursuant to art. 6 (1) lit. f. GDPR we use HubSpot, a service of HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA, on our website. The functions include email marketing (more on this in section 10 Newsletters), reporting, contact management, landing pages and contact forms for marketing and analysis purposes.
8.2.2 This involves the use of so-called "web beacons" and also the setting of "cookies" which are stored on the user's computer and which enable us to analyse their use of the website. Data such as IP address, geographical location, browser type, duration of the visit and pages viewed are collected and evaluated by HubSpot on our behalf in order to generate reports about the visit and the pages visited on our website. As personal data is transferred to the US as part of the processing via HubSpot, we have concluded standard contractual clauses with HubSpot in addition to a data processing agreement to ensure an adequate level of data protection.
8.2.3 If a collection by HubSpot is generally not desired, the storage of cookies can be prevented at any time by appropriate browser settings (see section 7.6 above).
Further information on how HubSpot works can be found in HubSpot’s privacy policy: legal.hubspot.com/de/privacy-policy.
8.3 Yandex.Metrica
8.3.1 On the basis of our legitimate interests (interest in the analysis, optimisation and economical operation of our online offer pursuant to art. 6 (1) 1 lit. f. GDPR, we use Yandex.Metrica, a service for analysis, click tracking and website optimisation provided by the service provider Yandex Oy, Moreenikatu 6, 04600 Mantsala, Finland. We have concluded a data processing agreement with Yandex Oy (website: yandex.com; privacy policy: yandex.com/legal/privacy/). Standard contractual clauses (ensuring an adequate level of data protection in the case of processing in third countries) have been agreed between Yandex Oy and YANDEX LLC, 16 Lva Tolstogo st., Moscow, 11 902 1, Russia, which is responsible for processing the data.
8.3.2 We use Yandex.Metrica with IP anonymisation activated. This means that Yandex.Metrica replaces the last octet of an IPv4 address or the last 64 bits of an IPv6 address with zeros, so that an incomplete address is registered in the system.
8.3.3 Yandex.Metrica's session replay tool is configured for use on our website to automatically mask fields where personal data may be entered.
8.3.4 Yandex.Metrica opt-out add-on
By default, Yandex.Metrica collects information about all visitors to our website. However, data collection can be blocked by individual users using a browser extension, which is available for popular browsers here: yandex.com/support/metrica/general/opt-out.html.
8.3.5 Further information on data use by Yandex, on setting and objection options can be found on their website: metrica.yandex.com/about/info/gdpr.
9 Marketing
9.1 Facebook Pixel (Conversion / Custom Audiences)
9.1.1 We use "Facebook Pixel", a service of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook") on our website and based on consent pursuant to art. 6 (1) lit. a. GDPR for marketing and optimisation purposes. As a transfer of personal data to the USA may take place, we have agreed standard contractual clauses with Facebook pursuant to art. 46 (2) lit. c. GDPR to ensure an adequate level of data protection. Information on the data security can be found here: https://www.facebook.com/legal/terms/data_security_terms. Information on the processing based on standard contractual clauses can be found here: www.facebook.com/legal/EU_data_transfer_addendum.
9.1.2 We use Facebook Pixel for remarketing purposes (Facebook (Website) Custom Audiences) to be able to display interest-based advertisements ("Facebook Ads") to users of our website again within 180 days if they visit the social network "Facebook" or other websites also using this process and to make our website and our offers more interesting.
9.1.3 With the help of Facebook Pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes because it allows us to see whether users were redirected to our website after clicking on a Facebook ad ("conversion").
9.1.4 Due to the Facebook Pixel, the user's browser automatically establishes a direct connection with Facebook’s servers as soon as the user has agreed to the use of cookies. Facebook then receives the information that the user has called up our website or clicked on an advertisement. If a user has a Facebook account and is logged in, Facebook can assign the visit to the user's account. Further information on data protection at Facebook: www.facebook.com/about/privacy. Further information on Facebook Pixel: www.facebook.com/business/help/651294705016616
9.1.5 Logged-in Facebook users can object to the collection of data by Facebook Pixel and the use of their data to display Facebook Ads. Users can make the relevant settings as to which types of advertisements are displayed to them within Facebook on the Facebook website: www.facebook.com/settings. Please note that this setting will be deleted when the user deletes the cookies.
9.1.6 For the collection and transfer of data as part of this process, we are jointly responsible with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland within the meaning of art. 26 GDPR. This applies to the creation and optimisation of interest-based ads. The processing that takes place after collection and transfer is the sole responsibility of Facebook. For the joint responsibility, we have concluded a corresponding agreement with Facebook, which can be accessed here: www.facebook.com/legal/controller_addendum. This agreement sets out the respective responsibilities for fulfilling the obligations under the GDPR with regard to joint responsibility. Among other things, the agreements say that, irrespective of the allocation of responsibilities in the agreement, Facebook can be used as a contact point for the assertion of data subject rights.
The contact details of the data controller and the data protection officer of Facebook can be found here: www.facebook.com/about/privacy.
9.1.7 The preparation of reports and analyses in aggregated and anonymised form is carried out as part of commissioned processing and is therefore our responsibility.
We transmit the data within the scope of joint responsibility based on legitimate interest pursuant to art. 6 (1) lit. f. GDPR.
9.1.8 Lifetime of cookies: up to 180 days after the last interaction (this only applies to cookies set via this website).
9.2 Google Ads
9.2.1 Google Ads Conversion
On the basis of consent pursuant to art. 6 (1) lit. a. GDPR, we use the Google Ads Conversion service to advertise our services on external websites and to determine the effectiveness of our advertising campaigns.
Google delivers these ads via so-called "Ad Servers". This is done with the help of Ad Server Cookies, which can be used to measure certain parameters for measuring success, such as the display of ads or clicks by users. If a user accesses our website via a Google Ad, Google Ads stores a cookie on the user's device. These cookies usually lose their validity after 30 days and are not used to identify the user personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.
These cookies enable Google to recognise a user's internet browser. If a user visits certain pages of an Ads client's website and the cookie stored on their computer has not yet expired, Google and the client can recognise that the user has clicked on the ad and been redirected to that page. The (custom) cookies cannot be tracked via Ads customers' websites. We ourselves do not collect and process any personal data in the aforementioned advertising measures and only receive statistical evaluations from Google. From these, we can see which of the ads used are particularly effective.
Due to the marketing tools used, the user's browser automatically establishes a direct connection with Google's server. We have no influence on the scope and further use of the data collected by Google through the use of this tool. As far as we are aware, the integration of Ads Conversion provides Google with the information that the user has called up the relevant part of our website or clicked on one of our advertisements. If the user is registered with a Google service, Google can assign the visit to their account. Even if the user is not registered with Google or has not logged in, it is still possible for the provider to obtain and store the user's IP address.
9.2.2 Google Ads Remarketing
On the basis of consent in accordance with art. 6 (1) lit. a. GDPR, we use the remarketing function within the Google Ads service. With the remarketing function, we can show users of our website interest-based advertising on other websites within the Google advertising network (in Google Search or on YouTube, so-called "Google Ads" or on other websites). For this purpose, the interaction of users on our website is analysed, e.g., which offers the user was interested in, to be able to display targeted advertising to users on other sites even after they have visited our website. For this purpose, Google stores cookies on the end devices of users who visit certain Google services or websites in the Google display network. These cookies are used to record the visits of these users. The cookies are used to uniquely identify a web browser on a particular device and not to identify a person.
Further information on data protection at Google can be found here: www.google.com/intl/de/policies/privacy and services.google.com/sitestats/de.html.
Transfers to third countries are possible. So-called standard contractual clauses pursuant to art. 46 GDPR have been concluded as suitable guarantees.
Cancellation/revocation: Users can prevent participation in this tracking procedure in various ways: By an appropriate setting of the browser software, in particular the suppression of third-party cookies leads to the user not receiving ads from third-party providers, by installing the plug-in provided by Google at the following link: www.google.com/settings/ads/plugin, by deactivating the interest-based ads of the providers that are part of the self-regulation campaign "About Ads" via the link www.aboutads.info/choices, whereby this setting is deleted when the user deletes cookies on the end device, by means of the corresponding cookie setting in our consent management tool Usercentrics. We would like to point out that in this case not all functions of this website may be fully available.
9.3 Google Analytics Advertising Functions
9.3.1 We use Google Analytics advanced features on this website in addition to the standard features. The Google Analytics advertising features implemented on this website include: Google Display Network Impressions reports; Google Analytics Performance by Demographics and Interests reports; Integrated Services for which Google Analytics collects data for advertising purposes, including the collection of data via cookies for ad preferences and anonymous identifiers; Event Tracking. For this purpose, in addition to the data collected by the Google Analytics analysis tool, further data is collected via Google cookies for ad preferences and anonymous identifiers on accesses. We use this information to improve our website.
9.3.2 Users can prevent the use of Google Ads and Google Analytics advertising functions by making the appropriate setting in their browser, via the Google Ads settings at www.google.com/ads/preferences/, in our consent management platform Usercentrics or by deactivating them on the Network Advertising Initiative (NAI) website at www.networkadvertising.org. We would like to point out that in this case not all functions of this website may be fully available.
9.4 Google Tag Manager
This website uses Google Tag Manager, a service by Google Ireland Ltd, Gordon House, Barrow Street, Dublin, Ireland, based on consent pursuant to art. 6 (1) lit. a. GDPR, Dublin 4, Ireland. So-called standard contractual clauses pursuant to art. 46 GDPR have been concluded with this service provider as suitable guarantees to ensure an appropriate level of data protection.
Google Tag Manager allows marketers to manage website tags via an interface. The tool itself (which implements the tags) is a cookie-less domain and does not store any personal data. The tool takes care of triggering other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
9.5 LinkedIn Analytics and LinkedIn Ads
We use the conversion tracking technology and the retargeting function of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland on our website based on consent pursuant to art. 6 (1) lit. a. GDPR.
With the help of this technology, visitors to this website can be shown personalised advertisements on LinkedIn. Furthermore, it allows to create anonymous reports on the performance of the advertisements as well as information on website interaction. For this purpose, the LinkedIn Insight tag is integrated on this website, which establishes a connection to the LinkedIn server for users who are logged into their LinkedIn account at the same time.
Further information on data collection and use and on the options and rights to protect your privacy is available in LinkedIn's privacy policy at: www.linkedin.com/legal/privacy-policy. Data collection can be deactivated in the LinkedIn account under the following link: www.linkedin.com/psettings/enhanced-advertising.
10. Newsletter
10.1 With the following information, we inform users regarding the contents of our newsletter, the registration, dispatch and statistical evaluation procedures and the right of objection. By subscribing to our newsletter, the user agrees to the receipt and the procedures described.
10.2 Content of the newsletter: We only send newsletters, emails and other electronic notifications containing advertising information (hereinafter “newsletter”) based on the recipient’s (user’s) consent within the meaning of art. 6 (1) lit. a. GDPR or any other legal permission. If the contents of the newsletter are outlined specifically upon registration, these are authoritative for users’ consent. In all other cases, our newsletters contain information regarding our products, offers, promotions and our company.
10.3 Double opt-in and logging: Registration for our newsletter is performed using a double opt-in procedure. This means that after signing up, the user will receive an email to their email address asking them to confirm their registration. This confirmation is necessary so that nobody can register with third-party email addresses. The registration for the newsletter will be logged to prove that the registration process complies with legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Changes in the data stored with the shipping service provider are also logged.
10.4 The newsletter is distributed via the service provider Hubspot Ireland Limited, Ground Floor, Two Dockland Central, Guild St, North Dock, Dublin, D01 R8H7 Dublin (“Hubspot”) who receives the user data provided upon sign up. The data provided by the use (e.g., email address) is stored on servers in Germany. HubSpot uses this information to send the newsletter and analyse interactions with the newsletter on our behalf. As it is possible that personal data is transferred to the US, we have concluded standard contractual clauses pursuant to art. 46 GDPR in addition to a data processing agreement with the service provider, who in addition is certified under the Privacy Shield, to ensure an adequate level of data protection in the recipient country.
10.5 According to its own statements, the marketing automation service provider may use the data in a pseudonymised form, meaning without assignment to a user, for the optimisation or improvement of their own services (e.g., for the technical optimisation of mailouts and the display of newsletters or for statistical purposes to determine which countries the recipients come from). However, the marketing automation service does not use the newsletter recipients’ data to write to them itself or pass this data on to third parties.
10.6 Registration data: To sign up for the newsletter, the user only needs to provide their email address. We request the user to optionally provide their name so that they may be addressed personally in the newsletter.
10.7 Statistical survey and analyses: For evaluation purposes, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. With the help of so-called conversion tracking, it can also be analysed whether a predefined action (e.g., the purchase of a product on our website or the filling out of a form) has taken place after clicking on the link in the newsletter. In addition, technical information is collected (e.g., time of retrieval, IP address, browser type and operating system). The data is collected exclusively in pseudonymised form and is not linked to any other personal data of the user; direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
10.8 The use of the marketing automation provider, the performance of statistical surveys and analyses and the logging of the registration process are based on our legitimate interests in pursuant to art. 6 (1) lit. f. GDPR. Our interest lies in maintaining a user-friendly and secure newsletter system that serves both our business interests and meets users' expectations.
10.9 Termination/revocation: The user may unsubscribe our newsletter at any time, which means revoking consent. This also revokes consent to its dispatch by the marketing automation provider and ends the statistical analyses. Separate revocation of dispatch or statistical evaluations by the marketing automation service provider is unfortunately not possible. This means that if a user does not wish that its personal data for statistical analysis, the user must terminate the newsletter. A link to terminate/revoke the newsletter can be found at the end of each newsletter. The data stored with us or with the marketing automation service will be deleted after termination unless the user has consented to continued processing of the data or such processing is permissible by law.
11. Third-Party Services and Contents
On the basis of our legitimate interests (interest in the analysis, optimisation and economic operation of our website within the meaning of art. 6 (1) lit. f. GDPR), contents and service offers from third parties are used within our website to integrate their contents and services, such as videos or fonts (hereinafter collectively referred to as “Content”). This always assumes that the third-party providers can see the users’ IP addresses, since they cannot send the contents to users’ browser without the IP address. The IP address is therefore required to display the contents. However, we endeavour to only use contents from providers who only use the IP addresses to deliver the respective contents. Third-party providers may also use pixel tags (invisible graphics, also known as web beacons) for statistical or marketing purposes. Pixel tags allow information, such as our website’s traffic, to be evaluated. In addition, the pseudonymous information may be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and the operating system, referring websites, time of visit, and other information regarding the use of our website and be linked to such information from other sources.
Users who want to avoid that their visits on our website are connected to social media user accounts must log off before they visit our website and delete the cookies from their device.
The following statement provides an overview of third-party providers as well as their contents and links to their privacy statements, which contain further information on the processing of data as well as opt-out options:
11.1 Facebook Social Plugins
11.1.1 On the basis of our legitimate interests (interest in the analysis, optimisation and economic operation of our online offer within the meaning of art. 6 (1) lit. f. GDPR), we use social plug-ins ("plug-ins") of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plug-ins can display interaction elements or content (e.g., videos, graphics or text contributions) and are recognisable by one of the Facebook logos (e.g., white "f" on a blue tile, the terms "Like", "Like" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plug-In". The list and appearance of Facebook social plug-ins can be viewed at developers.facebook.com/docs/plugins/.
11.1.2 When a user calls up a function of our online offer that contains a plug-in, their device establishes a direct connection with the Facebook servers. The content of the plug-in is transmitted by Facebook directly to the user's device and integrated into the online offer by the latter. In the process, user profiles can be created from the processed data. We have no influence on the scope of the data that Facebook collects with the help of this plug-in and therefore inform users according to our own knowledge.
11.1.3 By integrating the plug-ins, Facebook receives the information that a user has accessed the corresponding page of our online offer. If the user is logged in to Facebook, Facebook can assign the visit to their Facebook account. When users interact with the plug-ins, e.g. by clicking the "Like" button or posting a comment, the corresponding information is transmitted from the user's device directly to Facebook and stored there and, if the user is logged into their Facebook account, linked to their Facebook profile. According to Facebook, only an anonymised IP address is stored in Germany.
11.1.4 The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for protecting the privacy of the users, can be found in the data protection information of Facebook at www.facebook.com/about/privacy/. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings at https://www.facebook.com/settings?tab=ads.
11.2 Google Fonts
We use the online font library Google Fonts by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), for the uniform, fast and secure display of fonts on our website. The integration of Google Fonts takes place through a server call at Google (usually in the USA). No cookies or other trackers are stored in the user's browser for the use of the fonts. However, when the fonts are requested from the provider's server, usage data such as IP address, the browser used, the website previously visited and the usage behaviour are transmitted to the provider of the fonts, as is the case with all data transmission on the web. According to Google, all requests concerning CSS and fonts are processed separately from all other Google services and are not assigned to users' Google accounts. Google only uses the data pseudonymously for a static evaluation. Google's privacy policy can be found at https://www.google.com/policies/privacy/.
11.3 Google Maps
We integrate maps from the "Google Maps" service into our website. The data processed may include, in particular, IP addresses and location data of the users, which are, however, not collected without their consent (usually executed within the framework of the settings of their mobile devices). The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Website: cloud.google.com/maps-platform; Privacy policy: policies.google.com/privacy; Opt-out: Opt-out plugin: tools.google.com/dlpage/gaoptout, Settings for the display of advertisements: https://adssettings.google.com/authenticated.
11.4 YouTube Videos
11.4.1 Videos stored on the "YouTube" platform of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, can be played directly via our website. Google Ireland Limited can be played directly. Google Ireland Limited is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google also processes users' personal data in the USA and has concluded standard contractual clauses pursuant to art. 46 GDPR.
11.4.2 The videos are integrated in "extended data protection mode". This means that data about users is only transmitted to YouTube when they play the videos. We have no influence on this data transmission. By visiting the website, YouTube receives the information that the user has called up the corresponding sub-page of our website and the information mentioned in section 5. This takes place regardless of whether the user maintains an account with Google via which he or she is logged in or whether no user account exists. If the user is logged in to Google, the data will be assigned to his or her account. If the user does not wish this allocation to his account, he or she must log out before activating the button. YouTube stores the data as user profiles and uses them for the purposes of advertising, market research and/or designing its website to meet user needs.
11.4.3 Further information on the purpose and scope of data collection and processing by YouTube, as well as on the rights of users concerned, is contained in the Google privacy policy: https://www.google.de/intl/de/policies/privacy.
11.5 LinkedIn
Our website uses functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (parent company: LinkedIn Corp., 2029 Stierlin Court, Mountain View, CA 94043, USA). If the user clicks on the LinkedIn "Recommend" button, among other things, and he or she is logged into his or her LinkedIn account, it is possible for LinkedIn to assign the visit to our website to the user's LinkedIn profile. We have no knowledge of the content of the transmitted data or its use by LinkedIn.
Privacy policy: www.linkedin.com/legal/privacy-policy.
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
11.6 Twitter for Websites
Our website uses functions of the Twitter service ("Twitter for websites"), with which Twitter content can be integrated into third-party websites. This Twitter content includes embedded tweets, embedded timelines, Twitter buttons and "follow" buttons. These features are offered to users in the EU, EFTA countries and UK by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRELAND (Parent company: Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA). When viewing content integrated into other websites via Twitter for Websites, Twitter may collect that visit, including the particular page, IP address, browser type, operating system and cookie information for purposes such as product improvement, personalised suggestions and personalised ads. According to Twitter, the browsing history that Twitter collects for websites through Twitter is never linked to the name, email address, phone number or Twitter username and the data is deleted, obscured or aggregated after a maximum of 30 days. By using Twitter and the "Re-Tweet" function, the websites visited by the user are linked to his or her Twitter account and made known to other users. In the process, data is also transmitted to Twitter. If the user clicks on the Twitter "Share" button, among other things, and is logged into his or her Twitter account, it is possible for Twitter to associate the visit to our website with the user's Twitter profile. Otherwise, we have no knowledge of the content of the transmitted data or its use by Twitter.
Privacy policy: twitter.com/privacy.
The user can change the data protection settings in his account settings at https://twitter.com/account/settings.
11.7 Instagram
Our website uses functions of the Instagram service. These functions are offered by Facebook Ireland Ltd. (details above under 11.1.1). If the user is logged into his or her Instagram account, the contents of our online offer are linked to her or his Instagram profile by clicking on the "Insta" button, among others. This enables Instagram to associate the visit to our online offer with its user account. We have no knowledge of the content of the transmitted data or its use by Instagram.
Privacy policy: https://instagram.com/legal/privacy/
12. Integration of links to third-party websites
We integrate links to third-party websites in our website under the tab partnerships/cooperations and other places. We assume no responsibility or liability for the confidential handling of users' data by providers of other websites, as we neither know their privacy statement nor have any influence over compliance. Information regarding the handling of users' data by providers of other websites can be found in the privacy statement of the respective provider.
13. Partner Area
By entering the registered email address and the assigned password, our distributors can register as users in the Partner Area to, for example, download the latest firmware for our products. The registration data of our distributors (name and email address of the respective employee) are only processed by us for the implementation of the login and the provision of our services relating to the Partner Area.
14. Users' Rights
Users of our website have the following rights as provided by law with respect to their personal data:
• right of access to personal data,
• right to rectification and erasure,
• right to restriction of processing,
• right to data portability,
• right to object.
We may require proof of identity when dealing with your request.
User also have the right to lodge a complaint with a supervisory authority regarding our processing of your personal data.
15. Right of Objection
We would like to point out that users can object to the future processing of their data at any time in accordance with legal requirements. The objection may be made in particular against processing for the purpose of direct advertising – if this is performed by us. Users should send their objections in any form to the following email address: admin@citizen-europe.com.
16. Changes to the Privacy Statement
We reserve the right to change this Privacy Statement for the purpose of adapting it to any changes in the legal situation or any changes in services or data processing. However, this only applies to statements regarding services and data processing. If users' consent is required or elements of the Privacy Statement contain provisions of the contractual relationship with the users, the changes will only be made with the users’ consent. Users are requested to regularly keep themselves informed regarding the content of the Privacy Statement.
Last updated: 10.05.21