Privacy Statement

Company: Marketing Factory Consulting GmbH
Street, No.: Marienstraße 14
Postcode, City, Country: 40212 Düsseldorf, Germany
Company registry number: HRB 53971
Managing Directors: Karoline Steinfatt, Christoph Allefeld, Ingo Schmitt
Phone number: +49 211 36 11 76 0
E-mail address: info@marketing-factory.de

IITR Datenschutz GmbH

Dr. Sebastian Kraska
Marienplatz 2
80331 Munich

E-Mail: email@iitr.de, Phone: 089-18917360

1. This privacy statement informs you on the kind, scope and purpose of personal data processing within the scope of our online offering and websites to which our online offering provides hyperlinks, as well as on functions and content (hereinafter jointly referred to as “Online Offering” or “Website”). This privacy statement applies independent of the used domains, systems, platforms or devices (e.g. desktop or mobile devices) to provide or access the Online Offering.
2. Regarding the used terms, such as e.g. “personal data” or “processing” of personal data, we refer to the definitions in Article 4 General Data Protection Regulation (GDPR).
3. Personal data of users that is processed within the scope of this Online Offering includes user data (e.g. name and address of customers), usage data (e.g. visited Websites of our Online Offering, interest in our services) and content data (e.g. entered data in contact forms).
4. The term “user” includes all categories of data subjects that are affected by data processing. This includes our business partners, customers, prospects and other visitors of our Online Offering. The used terms, such as e.g. “user” are to be interpreted in a gender-neutral manner.
5. We only process personal user data in compliance with relevant data protection provisions. This means that user data is only processed if the user has provided its consent as required by law. I.e., in particular, that user data is only processed, if the processing of data is necessary or required by law to perform our contractual obligations / services (e.g. order processing) and to provide our online services or if the user has provided his consent, but also, if processing of user data is based on our legitimate interests (i.e. Interest in the analysis, optimization and economic operation and security of our Online Offering in terms of Art. 6 Para 1 lit. f. GDPR, in particular for media coverage measurement purposes, preparation of profiles for advertising and marketing purposes, as well as access data collection and use of third-party services).
6. We expressly note that the legal basis for the provision of consent is Art. 6 Para 1 lit. a. and Art. 7 GDPR, that the legal basis for the processing of data to fulfil our service obligations and to perform contractual measures is Art. 6 Para 1 lit. b. GDPR, that the legal basis for the processing of data to meet our legal obligations is Art. 6 Para 1 lit. c. GDPR and that the legal basis for the processing of data to safeguard our legitimate interests is Art. 6 Para 1 lit. f. GDPR.

1. We apply organisational, contractual and technical security measures with regard to the state of the art to ensure compliance with data protection law provisions and the protection of the data we process against accidental or intentional manipulations, loss, destruction or access by unauthorised individuals.
2. These security measures include, in particular, encrypted data transmission between your Browser and our server.

1. Data is only disclosed to third parties to the extent permitted by law. We only disclose user data to third parties, if such disclosure is necessary, e.g., for contractual purposes in accordance with Art. 6 Para 1 lit. b. GDPR or based on our legitimate interests in accordance with Art. 6 Para 1 lit. f. GDPR to operate our business in an economic and effective manner.
2. In those case where we engage sub-contractors to provide our services, we take appropriate legal precautions, as well as adequate technical and organisational measures to provide for the protection of personal data in accordance with relevant statutory provisions.
3. If within the scope of this privacy statement content, tools or other means of other providers (hereinafter jointly referred to as “third-party providers”) are used and their stated principal place of business is located in a third country, one has to expect that data will be transferred to the countries of the third-party providers’ principal place of business. Third countries are to be understood as countries, where the GDPR is not directly applicable law, i.e. in general any country outside of the EU / European Economic Area. Data is transmitted to third countries, if an appropriate data protection level is implemented or if such data transmission is permitted by law.

If you contact us (using the contact form or via e-mail), we will process your information in accordance with Art. 6 Para 1 lit. b. GDPR to deal with and process your contact inquiry.

1. Based on our legitimate interests in terms of Art. 6 Para 1 lit. f. GDPR, we collect data on each access to the server on which our service is located (so-called server log files). This access data includes, name of the accessed website, file name, access date and time, transmitted data volume, successful data transmission message, Browser type and version, the user’s operating system, referrer URL (previously visited page), IP address and requesting provider.

2. All log file information is stored for a period of seven days at a maximum for security reasons (e.g. investigation and clarification of abuse or fraudulent acts). After this period, log files are anonymised, so that the identity of website visitors can no longer be concluded from these log files. Data that must be kept for evidence purposes is excepted from anonymisation until the relevant incident is finally solved.

1. A cookie is information that is transmitted from our web server or third-party web servers to the users’ web Browsers and stored on the user’s computer to support future visits. Cookies can be small files or other types of information storage.

2. We use "Session-Cookies” that are only temporarily stored for the duration of the current visit on our online presence. A randomly created unique identification number is stored in a session cookie, a so-called session ID. A cookie contains, in addition, the information on its origin and the storage period. These cookies cannot store any other data. Session-Cookies will be erased, when you have ended the use of our online offering and e.g. close your Browser.

3. This privacy statement informs you on the use of cookies within the scope of pseudonymous media coverage measurement.

4. If you do not wish that cookies are stored on your computer, please deactivate the respective option in the system settings of your Browser. Stored cookies can be erased using the system settings of the Browser. If storage of cookies is blocked, this may restrict functionality of this online offering.

5. You may object to the use of cookies used for media coverage measurement and advertising purposes via the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and also the American web page in the USA (http://www.aboutads.info/choices) or the European web page (http://www.youronlinechoices.com/uk/your-ad-choices/).

We use various web analysis services on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR).

We understand web analysis as a component of our internet service. We want to use it to further improve the website and adapt it more to the needs of the users. Data on the behavior of users is collected to identify and improve possible problems such as pages not found, crawling problems by search engine bots or particularly popular or unpopular content.

As a digital agency, we also have an interest in understanding how web analytics programs work and how we can report usage data in a privacy-compliant and effective manner. Therefore, we have installed different variants of web analyitcs programs on our own servers in parallel, which we explain individually below.

Some of these analysis services set cookies on the end devices of the users in order to recognize sessions. This data storage is only carried out after consent has been given in the consent banner (see detailed information on use).

Matomo (PIWIK)

For statistical analysis, we use “Matomo” (formerly “PIWIK”) on this website. This is an open source web analytics tool developed by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769.

For more information on Matomo's terms of use and data protection regulations, please visit: https://matomo.org/privacy/

Since we host Matomo on our own server, no data is transmitted to servers that are outside of our control. We do not share the data obtained with the Matomo tool with any third party, the data is processed exclusively in Germany on our own statistics servers.

When tracking, we only collect your IP address anonymously by removing the last 2 bytes/octets in each case (e.g. 197.15.0.0 instead of 197.15.107.24).

The data is deleted as soon as it is no longer needed for our recording purposes (currently, the deletion of anonymized raw access data takes place after 90 days).

Matomo without cookies (without consent query)

We use a version of the Matomo tracker without cookies on this website. This version is delivered without prior consent query, since no data is stored on your end device.

Matomo with cookies (only after consent query)

We alternatively use a version of the Matamo tracker with session tracking cookies on this website. This version is only used if you have previously explicitly agreed to the purpose of "analysis cookies" in the consent management layer (cookie layer). The Matomo cookies we set are explained in detail in the consent layer.

1. Data stored with us are erased as soon as data is no longer needed for their intended purpose and such erasure does not conflict with statutory retention obligations. If user data is not erased, because it is required for other purposes permitted by law, processing of such data is restricted. I.e. such data is locked and will not be used for other purposes. This applies e.g. for user data that must be kept for commercial or tax law reasons.
2. In accordance with statutory requirements data is kept for six years according to Section 257 Para 1 HGB [German Commercial Code] (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting records etc.), as well as for ten years according to Section 147 Para 1 AO [German Tax Code] (books, records, management reports, accounting records, commercial and business letters, tax relevant documents etc.).

You may object to future processing of your personal data at any time in accordance with statutory provisions. You may, in particular, object to data processing for direct advertising purposes.

1. We reserve the right to amend this privacy statement to adapt this privacy statement to changed legal situations or in the case our services or processing of data changes. This applies, however, only in relation to statements regarding data processing. If your consent is required or if components of the privacy statement contain arrangements of the contractual relationship with you, amendments to the privacy statement are only performed with your consent.
2. We kindly ask you to routinely check the privacy statement’s content.

The competent supervisory authority is the

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2-4
40213 Düsseldorf

Phone: 0211/38424-0
Fax: 0211/38424-10

E-mail: poststelle{at}ldi.nrw.de