Privacy
1. Name of the Controller
The controller for the processing of personal data within the meaning of Art. 4 (7) GDPR for the e-dialog Group in D-A-CH is represented by
e-dialog GmbH
Opernring 1
1010 Vienna
Austria
Email: datenschutz@e-dialog.group
Website: www.e-dialog.de|at|ch|group
2. Contact Details of the Data Protection Officer:
You can reach our Data Protection Officer as follows: datenschutz@e-dialog.group
3. General Information on Data Collection and Processing
As a company specializing in web analytics consulting, digital marketing, and consent management, we use tools for interest-based analysis of user behavior.
With this privacy notice, we would like to inform you about how we process your data, which technologies we use, why we do this, and what consequences this has for you. To keep this information as transparent and comprehensible as possible, we explain in detail here for what purposes and in what manner we collect and process your personal data when you visit our website, when you request contact regarding our services, when you are a customer, supplier, or business partner of ours, and when you apply to us.
The respective details can be found in the relevant sections of this privacy notice.
Personal data within the meaning of Art. 4 of the General Data Protection Regulation (GDPR) is any information relating to an identified or identifiable natural person, e.g., name, address, email addresses, etc.
4. Security and Integrity of Data
The protection of the information you provide to us or that we receive about you is our priority. We take appropriate security measures to protect your data from loss, misuse, and unauthorized access, alteration, disclosure, or destruction. e-dialog has implemented measures to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services that process personal data, and will restore the availability of and access to information in a timely manner in the event of a physical or technical incident.
5. Cookies and Consent (“Consent” or “Consent Management”)
We use different cookies to improve the user-friendliness of our website. In addition to functional cookies, i.e., technically necessary cookies, these also include analytics cookies used for statistical purposes—as well as cookies for marketing purposes, such as personalization and advertising. These serve to offer you the best possible use of our website and our online offerings.
We only collect data with your consent! The only exception: functional cookies, as these are technically necessary for the correct display of the website.
To manage and document your consent and to handle this technically correctly, we use a consent management solution—a CMP that manages your consents as well as your rejections. Always in our focus: new requirements regarding the conformity of obtaining your consent. We therefore continuously adapt our consent solution and implementation. Tip: How to find the right consent management solution is explained in our free whitepaper.
By consent, we understand any freely given, specific, informed, and unambiguous indication of your wishes by which you, through a statement or clear affirmative action, signify your agreement to the processing of personal data concerning you.
Those cookies that go beyond the technically necessary ones can be individually activated or deactivated using our consent management solution. Use the fingerprint button, which you can find on the left, in the lower area of our page, to access the settings of Usercentrics, our chosen consent management tool, and make your settings.
Your granular decisions made there will be stored for the duration of the retention period. You can revoke your consent at any time with effect for the future by deselecting it via “Privacy Settings.”
6. To What Extent Are You Affected by Data Processing?
6.1. You visit our website
a. Description and Scope of Data Processing
When you visit our website, certain data transmitted by your browser is automatically stored. The log files created from this contain data such as your IP address, the URL, the time, type and number of requests, amount of data transferred, date, time and duration of individual accesses, your browser type, and possibly other similar information. The collection and use of the information stored in the log files serves solely for anonymized evaluation for statistical purposes (such as analysis of user behavior), to improve our services, and to fulfill our security policies.
b. Purpose of Data Processing and Legal Basis
We collect such technical information in so-called “log files” (protocol files) so that you can view our website correctly and so that we can determine the causes in the event of any technical problems. In addition, this information supports the technical optimization of our websites and serves the purpose of securing our computer systems and networks. Based on these reasons, our legitimate interest in data processing also exists as a legal basis according to Art. 6 para. 1 lit. f GDPR.
c. Storage Duration
The data is stored as long as it is necessary to achieve the purpose of its collection. The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no possibility for the user to object.
d. Web Hosting
For the provision of this website, we use the web hosting service of Kinsta Inc. (hereinafter “Kinsta”).
The commissioning of a web hosting service is necessary for the provision of a website. The use of Kinsta is based on Art. 6 para. 1 sentence 1 lit. f GDPR due to our legitimate economic interest in maintaining our offering on this website. In connection with hosting, personal data that arises when using the website is processed by Kinsta on our behalf.
We have concluded a data processing agreement with Kinsta. Through this agreement, the service provider assures that it processes the data in accordance with the General Data Protection Regulation and ensures the protection of the rights of the data subject.
Kinsta uses the Google Cloud Platform service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: “Google”) to host our website. The information about the use of our website is transferred to Google servers in the USA and processed there. The transmitted data is only pseudonymous; a conclusion about your name is not possible. The transmission between Kinsta and Google is based on standard contractual clauses. Since July 2023, there has been an adequacy decision by the European Commission for data transfer between the EU and the USA.
Both Kinsta and Google are registered in the Privacy Framework Agreement list. This ensures that a level of protection comparable to that in the EU exists.
Further information is available at: https://kinsta.com/legal/privacy-policy/
6.2. You use services offered on our website
a. Description and Scope of Data Processing
On our website, you can contact us through various means and, among other things, request contact forms, whitepaper downloads, or offers. If you use these options, the data entered in the input form, e.g., name, email address, telephone number, billing data, will be transmitted to us and stored. In addition to the specific data in the input form, the IP address, the referrer (where you came to us from), as well as the date and time of the request are collected and stored. You give your consent to the processing of the data as part of the submission process.
Alternatively, contact via email is possible. In this case, your personal data transmitted with the email will be stored.
b. Purpose of Data Processing and Legal Basis
The processing of personal data from the input form serves the purposes of the desired contact, processing your request, and transmitting the information you requested, as well as establishing and maintaining contracts.
The other personal data processed during the submission process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
The legal basis for the processing of data is Art. 6 para. 1 lit. a GDPR if the user has given consent.
The legal basis for the processing of data transmitted in the course of sending an email is our legitimate interest (Art. 6 para. 1 lit. f GDPR).
If the contact is aimed at concluding a contract, an additional legal basis for the processing exists according to Art. 6 para. 1 lit. b GDPR.
c. Storage Duration
The data is stored as long as it is necessary to achieve the purpose of its collection. Further storage may occur in individual cases if this is legally required.
d. Right to Object and Deletion
You have the option at any time to revoke your consent to the processing of personal data at datenschutz@e-dialog.group. If you contact us by email, you can object to the storage of your personal data at any time. In such a case, however, the correspondence cannot be continued. All personal data stored in the course of contact will be deleted in this case.
6.3. You become a customer or supplier or business partner of e-dialog
a. Description and Scope of Data Processing
If you become a customer or business partner of e-dialog, your personal data will be collected and stored during the contract process. If you do not provide us with your data, we cannot enter into a business relationship with you.
The following data is collected during the registration process: your email address, first and last name, telephone number, company affiliation if applicable, payment information (if applicable of the company), other data that we request from you, and possibly data that we receive in the course of the business relationship.
b. Purpose of Data Processing and Legal Basis
The processing of your data primarily serves to initiate, maintain, and execute our contracts for goods and services. In this context, the purpose of use is the processing of data for the effective and collaborative handling of these and thus to enable the rapid execution of the respective processes vis-à-vis the data subjects.
The legal basis for the processing of data is the implementation of pre-contractual measures or the fulfillment of our contractual obligations (Art. 6 para. 1 lit. b GDPR) within the framework of the customer relationship or business relationship.
An additional legal basis is the fulfillment of our legal and professional obligations (Art. 6 para. 1 lit. c GDPR).
If you give us your consent to be named as a reference, the legal basis for the processing of this data is explicit consent (Art. 6 para. 1 lit. a GDPR).
c. Storage Duration
The data is stored as long as it is necessary to achieve the purpose of its collection or for the execution of the contract. Even after the conclusion of the contract, there may be a need to store personal data of the contractual partner in order to comply with contractual or legal obligations. In particular, our company must observe the retention obligations according to § 212 UGB and § 132 BAO in this context.
6.4. Postal Advertising and Your Right to Object
Furthermore, we reserve the right to use your first and last name as well as your postal address for our own advertising purposes, e.g., to send interesting offers and information about our products by mail. This serves to protect our legitimate interests, which prevail in the context of a balancing of interests, in advertising to our customers in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. You can object to the storage and use of your data for these purposes at any time by sending a message to the contact options described in this privacy policy. The advertising mailings are provided by a service provider on our behalf, to whom we pass on your data for this purpose.
We use the service of Wunderpen for the automated creation of handwritten, postal mailings. In this process, personal data is processed when sending commercial communications as print material (e.g., printed flyer, catalog, postcards) to postal addresses. The data (name, postal address) is deleted by the contractor after order creation.
Service provider: WUNDERPEN GmbH, Aroser Allee 76, 13407 Berlin.
Homepage: https://www.wunderpen.com/;
Privacy Policy: https://www.wunderpen.com/datenschutz.
6.5. You apply to us
a. Description and Scope of Data Processing
If you apply to us, the following data will be collected and stored during the application process: name, date of birth, other data that we request from you, and possibly data that we receive during the application process.
b. Purpose of Data Processing and Legal Basis
The processing of your data serves to handle the application process and to register with social security in the event of employment. If you do not provide us with your data, we cannot process your application.
We process your personal data for the implementation of pre-contractual measures (conclusion of an employment contract, Art. 6 para. 1 lit. b GDPR).
An additional legal basis for the processing of your personal data is also the fulfillment of our legal obligations (registration as an employee with social security, Art. 6 para. 1 lit. c GDPR).
If we wish to keep you as an applicant on record, we process your personal data based on your explicit consent (Art. 6 para. 1 lit. a GDPR).
c. Storage Duration
Data of applicants who are not hired will be deleted seven months after the conclusion of the application process if we do not receive consent to keep them on record and with regard to documents from the job interview (§ 15 para. 1, § 29 para. 1 GlBG) 3 years from rejection of the application (e.g., job interview protocol). For applicants who enter into an employment relationship, our internal privacy notices for employees apply, which can be requested during the application process.
d. Recipients in the Application Process
– LinkedIn
We use the recruiting tool LinkedIn Recruiter on our website. The service provider and thus recipient within the meaning of the GDPR is LinkedIn Ireland Unlimited Company, Wilton Pl, Dublin 2, Ireland (“LinkedIn”).
When using LinkedIn Recruiter, your data may therefore be processed in the USA. Since July 2023, there has been an adequacy decision by the European Commission for data transfer between the EU and the USA. The company belongs to the Microsoft Group. Microsoft Corporation is registered in the Privacy Framework Agreement list. This ensures that a level of protection comparable to that in the EU exists.
The data collected from applicants includes: first and last name, unique ID, email address, and timestamp.
Our legal basis for using the LinkedIn company page is our legitimate interest (Art. 6 para. 1 lit. f GDPR).
– Personio
We use the WordPress plugin from Personio SE & Co. KG, Seidlstraße 3 80335 Munich, Germany (“Personio”). This allows us to import and display our positions from Personio directly on our website.
By submitting an application on our recruiting page, you express your interest in taking up employment with us. In this context, you transmit personal data to us, which we use and store exclusively for the purpose of your job search/application.
In particular, the following data is collected:
- Name (first and last name)
- Email address
- Telephone number
- LinkedIn profile (optional)
- Channel through which you became aware of us
In addition, you have the option to upload meaningful documents such as a cover letter, your CV, and certificates. These may contain additional personal data such as date of birth, address, etc.
Only authorized employees from the HR department or employees involved in the application process have access to your data.
The storage of personal data is generally carried out exclusively for the purpose of filling the vacant position for which you have applied.
Personio is our data processor in this context according to Art. 28 GDPR.
The basis for the processing is a data processing agreement between us as the controller and Personio.
We process your personal data for the implementation of pre-contractual measures (conclusion of an employment contract, Art. 6 para. 1 lit. b GDPR).
7. Data Recipients within the Meaning of the GDPR
When we process your personal data as stated in sections 6, 7, 8, and 9, we use the following service providers who may have access to your data (recipients within the meaning of the GDPR). These service providers (so-called “data processors” or “DP”) are contractually obligated to strictly comply with data protection regulations. We point out that a transfer of your data to a third country may take place. In the event of access to data outside the European Economic Area (EEA), an adequate level of data protection is ensured through the use of the currently applicable version of the EU Commission’s standard contractual clauses within the meaning of Art. 46 para. 2 lit. c GDPR:
| Recipient | Registered Office | Basis for Transfer to Third Country | Data Subjects within the Meaning of the GDPR |
|---|---|---|---|
| ActiveCampaign, LLC, | 150 N. Michigan Ave Suite 1230, Chicago, IL, USA | EU Commission Standard Contractual Clauses available at: | Customers Newsletter Subscribers |
| Zoho Corporation GMBH (“Zoho”) | Trinkausstr. 7, 40213 Dusseldorf, Germany | EEA | Customers, Prospects, Suppliers, Employees, Newsletter Subscribers |
| Google Ireland Limited | Gordon House, Barrow Street Dublin 4, Ireland | EEA | Customers, Prospects, Suppliers, Employees, Newsletter Subscribers |
| Google LLC | 1600 Amphitheatre Parkway Mountain View, CA 94043, USA | EU Commission Standard Contractual Clauses available at: https://workspace.google.com/ |
Customers, Prospects, Suppliers, Employees, Newsletter Subscribers |
| Kinsta Inc. (Hosting) | 8605 Santa Monica Blvd #92581, West Hollywood, CA 90069, United States
DMCA@kinsta.com |
https://kinsta.com/legal/data-processing-addendum/ | Website Visitors |
| Zapier Inc. | 548 Market St. #62411; San Francisco, CA 94104-5401 | https://zapier.com/privacy DPA: https://cdn.zappy.app/a6ceaed EU Commission Standard Contractual Clauses available at: https://zapier.com/help/ |
Customers, Prospects, Suppliers, Employees, Newsletter Subscribers |
| Personio GmbH & Co. KG | Rundfunkplatz 4, 80335 Munich, Germany | EEA https://www.personio.de/ |
Employees, Applicants |
| LinkedIn Ireland Unlimited Company | Wilton Pl, Dublin, Ireland | EEA: https://de.linkedin.com/legal/ |
Applicants |
| Wunderpen GmbH | Aroser Allee 76, 13407 Berlin | EEA: https://www.wunderpen.com/ |
Customers, Prospects, Suppliers, Employees |
| Stripe Payments Europe | Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland | EEA: https://stripe.com/at/ |
Customers, Prospects, Suppliers |
8. Whistleblower Protection Act
Since December 2023, we have had a professional whistleblowing platform in use that enables violations under the Whistleblower Protection Act to be reported anonymously.
The information received via the whistleblowing platform is processed on our behalf by the third-party provider Personio GmbH & Co. KG. Only users at the ECB can access this information.
The reporting of a case is anonymous, but it cannot be ruled out that we may encounter personal information when reviewing a report.
Our employees who are responsible for handling a reported case are bound by strict confidentiality provisions.
More detailed information can be found on the following page: https://e-dialog.group/hinweisgeberschutz/
9. Information on Joint Controllership
For the purpose of better customer service, both to maintain cooperation with suppliers and partners, and to optimize the service offering, we manage the contact data of our customers together with our group companies e-dialog GmbH, Kurfürstendamm 15, 10719 Berlin, Germany and e-dialog AG, Weissbadstrasse 14, CH-9050, Appenzell, Switzerland within a Customer Relationship Management System (CRM) and in cloud-based office solutions or licensed systems, which constitutes joint processing according to Art. 26 GDPR.
The legal basis for the processing of your data for the above-mentioned purposes is the protection of our legitimate interests in using a CRM system and in joint customer management (Art. 6 para. 1 lit. f GDPR).
As joint controllers, we have contractually established cooperation with the above group companies in the use of the CRM system. The following provisions were essentially made:
e-dialog GmbH, Opernring 1 E/803, A-1010 Vienna, Austria is responsible for the following tasks and for carrying out the following measures: fulfillment of information obligations according to Art. 13 and 14 GDPR vis-à-vis the data subjects, fulfillment of data subject rights according to Art. 15 ff. GDPR. Contact with the above controllers: datenschutz@e-dialog.group.
10. Newsletter / Email Marketing
With our newsletter, we will inform you about news in online marketing. For this, we need a valid email address from you. We also need information that allows us to verify that you are the owner of the email address and agree to receive it.
The transmitted data is used solely for the purpose of delivering our newsletter.
For your protection, your IP address and the date of registration are stored with us. This serves as proof, among other things, in case a third party misuses your email address. In addition, interactions such as opens and clicks are recorded in our system.
For the above-mentioned purpose, we process the following personal data from you, namely your email address and name. In this context, the following tools or service providers (so-called “data processors” or “DP”) are used, which may have access to your data (recipients within the meaning of the GDPR), whereby these service providers are contractually obligated to strictly comply with data protection regulations, or insofar as access takes place outside the EEA, an adequate level of data protection is ensured through the use of EU Commission standard contractual clauses within the meaning of Art. 46 para. 2 lit. c GDPR:
ActiveCampaign, LLC, 150 N. Michigan Ave Suite 1230, Chicago, IL, USA (available at https://www.activecampaign.com/legal/newscc. More information about the recipient and data processing can be found here: https://www.activecampaign.com/legal/privacy-policy.
The data processing is based on the legal basis of your consent (Art. 6 para. 1 lit. a GDPR or § 174 TKG 2021). You can revoke your consent at any time by clicking on the unsubscribe link contained in each email newsletter. The revocation does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
If you are a customer of ours (and not registered in the “ECG list”), we collected your email address when concluding the contract for our services and gave you the opportunity to decline receipt of our newsletter free of charge and easily. Then the newsletter is sent for direct advertising for our own similar services even without your consent.
With each newsletter sent, you will receive the opportunity to decline receipt free of charge and easily.
The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR and Art. 174 para. 4 TKG 2021.
The data you have provided to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter distribution list. Alternatively, in the event of an opt-out, your data will be stored until you request deletion at datenschutz@e-dialog.group.
11. Use of Cookies
a. Description and Scope of Data Processing
Cookies are small text files that are sent from a website to your computer or mobile device and subsequently stored by your web browser.
There are session cookies and persistent cookies. Session cookies are automatically deleted as soon as you leave the website. Persistent cookies, on the other hand, remain on your computer until you manually delete them in your browser. We use persistent cookies to recognize you when you visit our website again.
b. Purpose of Processing and Legal Basis
On our website, we use not only technically necessary cookies but also cookies that enable analysis of users’ browsing behavior and improve the performance and functionality of our website. Only the technically necessary cookies are set without consent. You can individually activate or deactivate all other cookies using our consent management solution and thus grant or withdraw your consent.
The legal basis for processing personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR.
The legal basis for processing personal data using cookies for analytical purposes is Art. 6 para. 1 lit. a GDPR, provided the user has given consent.
12. Tracking and Analytics Tools
We use tools on our site for interest-based analysis of user behavior and describe below which technologies we employ, why we do so, and what consequences this has for you.
To keep this information as transparent and comprehensible as possible for you, we explain in detail here and through our consent management solution where your personal data in the broadest sense could be processed. Using our consent management solution (CMP), you can grant and manage your consents as well as your rejections and thus your withdrawal in a granular manner.
If you have given us your consent to use cookies, the lawfulness of using the data collected in this context is based on Art. 6 para. 1 sentence 1 lit. a GDPR.
The respective processing purposes and the data processed can also be found in the following description of the tracking and analytics tools.
Google Tag Manager
For our website, we use Google Tag Manager from Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
Google Tag Manager is an organizational tool that allows us to integrate and manage website tags centrally via a user interface. Tags are small code sections that, for example, record (track) your activities on our website. JavaScript code sections are used in the source code of our site for this purpose. The tags often come from Google’s internal products such as Google Ads or Google Analytics, but tags from other companies can also be integrated and managed via the Manager. Such tags perform various tasks. They can collect browser data, feed marketing tools with data, integrate buttons, set cookies, and even track users across multiple websites.
To design our website as well as possible for you and all people interested in our products and services, we need various tracking tools such as Google Analytics. The data collected by these tools shows us what interests you most, where we can improve our services, and which people we should show our offers to. In principle, we could integrate each code section of the individual tracking tools separately into our source code. However, this requires a considerable amount of time and it is easy to lose track. That is why we use Google Tag Manager.
The Tag Manager itself is a domain that does not set cookies and does not store data. It acts as a “manager” of the implemented tags. The data is collected by the individual tags of the various web analytics tools. The data is essentially channeled through the Google Tag Manager to the individual tracking tools and stored there. When using various web analytics tools, such as Google Analytics, different data about your web behavior is usually collected, stored, and processed with the help of cookies, depending on the analytics tool. For this, please read our privacy policy regarding the individual analytics and tracking tools we use on our website.
Data Storage:
When Google stores data, this data is stored on Google’s own servers. The servers are distributed worldwide—you can find a list at: https://www.google.com/about/datacenters/locations/?hl=de. How long the individual tracking tools store your data can be found in our individual privacy texts for each tool. There you will also find instructions and detailed information on how to delete or manage your data.
Legal Basis:
The use of Google Tag Manager requires your consent, which we have obtained with our consent banner. This consent represents the legal basis for the processing of personal data as may occur when collected by web analytics tools, in accordance with Art. 6 para. 1 lit. a GDPR (consent).
Google may also process data from you in the USA. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
Google Analytics (Universal Analytics)
We use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, which is offered for the purpose of analyzing website usage by users. Information is automatically generated by cookies. The information generated by the Google Analytics cookie about your use of our website is generally transmitted to a Google server in its global infrastructure and stored there. However, by activating IP anonymization on this website, your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities, and to provide other services related to website and internet usage to the website operator. This website uses the Analytics functions for remarketing, reports on impressions in the Google Display Network, integration of DoubleClick Campaign Manager, and Google Analytics reports on performance based on demographic characteristics and interests. You can deactivate Google Analytics for display advertising and customize ads in the Google Display Network by accessing the ad settings via this link: https://www.google.de/settings/ads. This website uses the Analytics UserID functions to track interaction data. This User ID is additionally anonymized and encrypted and is not linked to other data.
General note: To review your privacy settings with Google, please go to https://myaccount.google.com/ – there you can view and change your settings and define future changes.
Google Analytics 4
This website also uses Google Analytics 4, a service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which can be used to analyze website usage.
When using Google Analytics 4, the IP address transmitted by your device during your use of the website is always collected and processed by default and automatically only in an anonymized manner, so that direct personal identifiability of the collected information is excluded. This automatic anonymization occurs because the IP address transmitted by your device is truncated by Google within member states of the European Union (EU) or other contracting states of the Agreement on the European Economic Area (EEA) by removing the last digits.
On our behalf, Google uses this and other information to evaluate your use of the website, to compile reports on your website activities and usage behavior, and to provide us with other services related to your website usage and internet usage. The truncated IP address transmitted by your device within the scope of Google Analytics 4 is not merged with other Google data.
Google Analytics 4 also enables, via a special function called “demographic characteristics,” the creation of statistics with statements about the age, gender, and interests of website users based on an evaluation of interest-based advertising and with the inclusion of third-party information. This makes it possible to determine and differentiate user groups of the website for the purpose of target-group-optimized marketing measures. However, data collected via “demographic characteristics” cannot be assigned to a specific person and therefore not to you personally.
All processing described above, in particular the setting of Google Analytics cookies for storing and reading information on the device you use to access the website, only takes place if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR. Without your consent, Google Analytics 4 will not be used during your visit to the website. You can revoke your given consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service via the “Cookie Consent Tool” – Usercentrics – provided on the website.
Storage Period
We have concluded a data processing agreement with Google for our use of Google Analytics 4, which obliges Google to protect the data of our website users and not to pass it on to third parties.
To ensure compliance with the European data protection level, even when data is transferred from the EU or EEA to the USA and potentially further processed there, Google relies on the new standard contractual clauses of the European Commission, which Google applies.
Further legal information on Google Analytics 4, including a copy of the aforementioned standard contractual clauses, can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites
Google Signals
We also use the technical extension “Google Signals,” which enables cross-device tracking – i.e., tracking across multiple devices. This allows for the assignment of a single website visitor to different devices. However, this only happens if the visitor has logged into a Google service during website visits and has also activated the “personalized advertising” option in their Google account settings. Even then, no personal data or user profiles are accessible to us; they remain anonymous to us.
If you do not wish to use “Google Signals,” you can deactivate the “personalized advertising” option in your Google account settings.
You can prevent the storage of cookies by adjusting your browser software settings accordingly; however, we would like to point out that in this case, you may not be able to fully use all functions of this website. Furthermore, you can prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plugin available at the following link: Browser add-on to deactivate Google Analytics.
Alternatively to the browser add-on or for mobile browsers, you can prevent Google Analytics from collecting data by clicking on the following link: Deactivate Google Analytics. An opt-out cookie will be set, which prevents the future collection of your data when visiting this website. After deleting the cookies, this process must be repeated.
Google Ads
We use cookies to create user pools for Google Ads from visitors to specific e-dialog website areas. This allows us to improve the performance of our Ads campaigns in Google search results and to specifically target returning visitors who have already engaged with e-dialog. Users can remain in one of our user pools for up to 540 days. To avoid being classified into a Google Ads user pool, an incognito browser can be used or the browser history can be deleted. Users in Google Ads user pools remain anonymous, and no conclusions can be drawn about personal data.
You can manage and revoke the storage of cookies at any time by adjusting the settings in the Consent Management Solution.
More information can be found at https://policies.google.com/privacy?hl=de.
Floodlight activities/ DV360
DoubleClick Floodlight is a Google conversion tracking service – a service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland, to measure the effectiveness of our advertising campaigns and to limit the frequency with which you are shown a particular ad. The goal is for you to receive only those advertisements that are relevant to you and your interests. In particular, information is collected and stored that indicates the time of your visit, your advertising interest through clicks made, and your user behavior on third-party websites. This information is not passed on to third parties but is only used for campaign management and control. In addition, user profiles are created, which are used for our own market research purposes – especially based on the determined interests.
You can manage and revoke the storage of cookies at any time by adjusting the settings in the Consent Management Solution.
Further information on this Google service can be found at https://www.google.com/policies/privacy/ads/ and at https://www.google.com/settings/u/0/ads/authenticated
Hotjar
Occasionally, this website uses the Hotjar web service from Hotjar Ltd, St. Julians, Malta. Hotjar collects information about the user’s device, IP address, geographical location, language settings, and user interactions such as mouse movements, clicks, and keyboard input. Hotjar also uses cookies to recognize visitors. Hotjar’s privacy policy can be found at https://www.hotjar.com/privacy.
You can manage and revoke the storage of cookies at any time by adjusting the settings in the Consent Management Solution.
AB Tasty
We use AB Tasty on our website, a web management tool used for A/B and multivariate testing. The service provider is the French company AB Tasty Société par Actions simplifiée, 19 Rue Michel-le-Comte, 75003 Paris, France.
You can manage and revoke the storage of cookies at any time by adjusting the settings in the Consent Management Solution.
You can find more information about the data processed by using AB Tasty in the Privacy Policy at https://www.abtasty.com/de/nutzungsbedingungen/.
ActiveCampaign
The emails sent via ActiveCampaign contain a “web beacon,” i.e., a pixel-sized file that is retrieved from the ActiveCampaign server when the email is opened. During this retrieval, technical information such as browser and system details, as well as your IP address and the time of retrieval, are initially collected. This information is collected for the technical improvement of the service based on technical data, target groups, and their reading behavior through the retrieval location (which can be determined with the help of the IP address) and the access time.
The statistical surveys also include determining whether emails are opened, when they are opened, and which links are clicked. Although this information can be assigned to individual recipients for technical reasons, it is neither our intention nor that of ActiveCampaign to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
You can manage and revoke the storage of cookies at any time by adjusting the settings in the Consent Management Solution.
Further information can be found at: https://www.activecampaign.com/legal/newscc
Usercentrics
We use Usercentrics, a Consent Management Platform (CMP), on our website. The service provider is the German company Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany. You can find more information about the data processed by using Usercentrics in the Privacy Policy at https://usercentrics.com/privacy-policy/.
Facebook (a Meta company product)
We use a “Facebook pixel” from the social network Facebook. The Facebook pixel allows tracking the behavior of users after clicking on a Facebook ad. With the help of the Facebook pixel, we can understand how our marketing measures on Meta (formerly Facebook) are received and, if necessary, take optimization measures. The tracking period for users who reached the e-dialog website via one of our Facebook ads is up to 180 days. If you wish to deactivate cookie storage for Meta (formerly Facebook), you must change your browser settings. Please use your browser’s help menu for more information. The collected data remains anonymous and does not allow conclusions about the identity of users. Meta stores and processes the data for its own advertising purposes in accordance with the Meta Platforms Ireland Limited Facebook Data Policy (https://www.facebook.com/about/privacy/).
You can manage and revoke the storage of cookies at any time by adjusting the settings in the Consent Management Solution.
LinkedIn Insight Tag
Our website uses the conversion tool “LinkedIn Insight Tag” from LinkedIn Ireland Unlimited Company. This tool creates a cookie in your web browser, which enables the collection of data such as: IP address, device and browser properties, and page events (e.g., page views). This data is encrypted, anonymized within seven days, and the anonymized data is deleted within 90 days. LinkedIn does not share personal data with us but provides anonymized aggregated reports on website audience and ad performance. In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. With this data, we can display targeted advertising outside our website without identifying you as a website visitor. More information on data protection at LinkedIn can be found in the LinkedIn Privacy Policy.
Processing is based on your explicit consent, Art. 6 para. 1 lit. a) GDPR.
LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To deactivate the Insight Tag on our website (“Opt-out”), click here.
Use of videos (e.g., YouTube)
YouTube elements are embedded on our website. YouTube is an internet video portal belonging to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
We use the YouTube No-Cookies function, meaning we have activated Enhanced Privacy; videos are accessed not via youtube.com, but via the YouTube enhanced privacy mode.
When accessing the relevant pages, IP addresses are transmitted, and thus, in particular, YouTube and Google are informed which of our internet pages you have visited. Further information on this can be found at: https://www.youtube.com/yt/about/de/. As soon as you start playing an embedded video by clicking on it, YouTube, even with enhanced privacy mode, only stores cookies on your device that do not contain personally identifiable data, unless you are currently logged into a Google service. These cookies can be prevented by appropriate browser settings and extensions at https://adssettings.google.com/authenticated.
When embedding videos with activated enhanced privacy settings (youtube-nocookie.com), the following happens:
- Scripts and other files are loaded from the domains youtube-nocookie.com, ytimg.com, and ggpht.com
- Google fonts are loaded from the domain gstatic.com
- The DoubleClick tracker is loaded from the domain doubleclick.net
Further information on data protection at YouTube can be found in the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy/
13. Payments on our website
We use a payment tool on our website from the American technology company and online payment service Stripe. For customers within the EU, Stripe Payments Europe (Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) is responsible.
For example, if you wish to purchase one of our paid whitepapers and choose Stripe as the payment method during an ordering process on our site, your payment will be processed via Stripe Payments. Stripe allows us to accept credit and debit card payments on our website. Stripe handles the entire payment process. A major advantage of this provider is that you do not have to leave our website or the shop during the payment process, and payment is processed quickly. Data necessary for the payment process is forwarded to and stored by Stripe.
Description and scope of data processing
If you choose to pay by credit or debit card, personal data about you will also be transmitted to and stored by Stripe. This includes transaction data. This type of data includes the payment method (credit/debit card or account number), bank code, currency, amount, and date of payment. For a transaction, your name, email address, billing/shipping address, and sometimes your transaction history may also be transmitted. The data collected here is required for authentication.
In addition, Stripe may also collect your name, address, telephone number, and country, in addition to technical data about your device, such as the IP address, for fraud prevention, reporting, and to fully offer its services.
Stripe states that it does not sell any of your data to independent third parties. However, the data may be passed on to internal departments, a limited number of Stripe’s external partners, or to comply with legal requirements.
Storage period
Personal data is generally stored for the duration of the service provision. This means that the data is stored until we terminate our cooperation with Stripe. However, to fulfill legal and regulatory obligations, Stripe may also store personal data beyond the duration of the service provision. As Stripe is a globally active company, data may also be stored in any country where Stripe offers services. Thus, data may also be stored outside your country, for example, in the USA.
Please note that when using this tool, your data may be stored and processed outside the EU.
You always have the right to information, rectification, and erasure of your personal data. If you have any questions, you can also contact the Stripe team directly at https://support.stripe.com/contact/email.
You can delete, deactivate, or manage cookies that Stripe uses for its operations in your browser.
Legal basis
For the processing of contractual or legal relationships (Art. 6 para. 1 lit. b GDPR), we offer the payment service provider Stripe for payments on our site. This service requires your consent (Art. 6 para. 1 lit. a GDPR) insofar as the use of cookies is necessary.
Stripe also processes your data in the USA, as mentioned above. It should be noted that Stripe is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. More information on this can be found at the following link: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
In addition, Stripe uses so-called Standard Contractual Clauses (Art. 46 para. 2 and 3 GDPR). The Standard Contractual Clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to and stored in third countries (such as the USA).
Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Stripe commits to adhering to the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA.
More information about Stripe can be found in the Privacy Policy at: https://stripe.com/at/privacy?tid=133907609
14. Data traffic to third countries
We would like to point out that, by means of the technologies mentioned above, personal data from us and from third-party providers, such as Google LLC, Meta Platforms, Inc., and ActiveCampaign, LLC, which are established in the USA and other third countries and carry out data processing there, may also be processed. Since July 2023, there has been an adequacy decision by the European Commission for data transfers, on the basis of which data processing in the USA corresponds to the same level of data protection as in the EU.
If you click “Accept” in the Consent Banner, you actively agree that we may use the mentioned technologies and also transmit your data to third-party providers in third countries (including the USA). Under “Privacy Settings,” you will receive more detailed information about the individual technologies and cookies that are collected. You can manage your consent separately for each purpose and each provider there. This allows you to give and revoke your consent to data transfer to a third country (including the USA) at any time. Please note that based on your self-set settings, not all functionalities of the site may be available.
15. Your Rights
If your personal data is processed, you are a data subject according to the GDPR. You have the following rights against us, after successful identification:
- To request information about which of your data is processed by us (see Art. 15 GDPR for details),
- To have your data rectified or erased (see Art. 16 GDPR for details),
- To restrict the processing of your data (see Art. 18 GDPR for details),
- To object to data processing (see Art. 21 GDPR for details),
- To exercise data portability (see Art. 20 GDPR for details).
If we process your data based on your consent, you have the right to revoke this consent at any time via email to datenschutz@e-dialog.group or by mail to e-dialog GmbH, Opernring 1, 1010 Vienna, Austria. This does not affect the lawfulness of data processing carried out until that point (Art. 7 para. 3 GDPR).
However, you also have the right to lodge a complaint with the Austrian Data Protection Authority or another data protection supervisory authority in the EU, particularly at your place of residence or work.
16. Updates
We reserve the right to update this privacy policy from time to time. In the event that we make material changes that restrict your rights or e-dialog’s obligations under this privacy policy, we will post a prominent notice in this section of the privacy policy informing users that an update has been made.