Privacy First means the conscious handling of personal data. The fundamental approach is to adhere to a minimum principle when working with this data. The aim is to refrain from using sensitive information of any kind unless it fulfils a specific purpose: it is not collected, it is not disclosed, and it is protected in such a way that it complies with the current state of the art and avoids an unwanted outflow of data. Among other things, it includes the rule that all employees only have the minimum access rights they need to perform their work – both on our side and on the client's side.
If you disclose something about yourself, you expect it to be handled in accordance with its intended purpose, and that no third party will have unwarranted access to it. We make sure that this is the case.
Forms are used on almost all websites when users need to enter their data, for example to contact the website operator or subscribe to a newsletter. There is a great temptation to learn as much as possible about users to be able to address them with their first and last names in a company newsletter, among other things.
We encourage our customers to clarify these requirements first and foremost with their own Data Protection Officer at the concept development stage. Experience has shown that, from a data protection point of view, it is not necessary in most cases to collect more than the data that is absolutely necessary, such as the recipient's name or email address.
The protection of personal data is also relevant for marketing activities. Our clients can focus totally on the development of their ideas, while we are on hand to advise on compliance with the technical and organisational measures.
For instance, we ensure that the personal data of competition participants is not transmitted in an unencrypted form, and that it can only be accessed by the people who need to be aware of it in the course of their duties. We also make sure that the retention periods and associated deletion of data records from all relevant instances are observed as soon as the purpose for which the data was collected has expired.
Many websites are enhanced by external services to provide additional information and features. Some of the most popular services include video and map providers, such as YouTube and Google Maps. We manage the technical integration and configuration of these applications, taking into account the need to collect only the minimum data.
Depending on the service, IP addresses and other information from end users are often transmitted to external servers, which sometimes also involves the transfer of data to third countries outside the EU. We advise our clients on technical precautionary measures and alternative solutions in the exchange of data between their own and external servers.
Privacy First is of great importance to us because we know that our clients have the same legitimate claim to their data being handled responsibly as we offer our clients. We regard ourselves as a service provider with the task of handing over IT projects to you, as our partner, on schedule, but also of having the foresight to design them in such a way that we can all rely on them in the long term.
When we take care of something, we always adhere to the Privacy First principle. We are not just obliged by law to protect your data, we are also committed to doing so out of conviction.