top of page
Data protection notices

Protecting your data is very important to us. For transparent cooperation, we draw your attention to important processing activities and specificities.

Controller under Article 4(7) of the EU General Data Protection Regulation (GDPR)

PROTH!NX GmbH
Hagelberger Str. 53-54
D-10965 Berlin


We have appointed an external Data Protection Officer. This can be found at: privacy(at)prothinx.io.
Sandra Leist – Werk3 für Datenschutz GmbH
Letteallee 3, 13409 Berlin

Scope

These privacy notices apply to the following offers:

Purpose and legal basis for processing

The data processing at PROTH!NX GmbH is carried out for the performance of the contract/technical preparation of the tender and for the performance of the contract pursuant to Article 6(1)(b) of the GDPR and, if the claim is not based on a contract, as part of the reconciliation of interests pursuant to Article 6(1)(f) of the GDPR, and the legitimate interest is linked to:

  • Replying to enquiries

  • Preparation of the tender, performance of the contract 

  • The sending of information material;

  • Administration and administration

  • The maintenance of business relations;

As a company, we are subject to various legal obligations. In order to comply with those obligations, processing of personal data may be necessary under Article 6(1c) of the GDPR or legal obligations or under Article 6(1e) of the GDPR in the public interest.

  • Control and reporting obligations

  • Creditworthiness, age and identity checks

  • Prevention/deterrence of criminal activities

Hosting and delivery of the website (Wix)

This website shall be made available through the provider’s platform:
Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (‘Wix’).


Wix provides the technical infrastructure for the operation of the website (hosting, content delivery network, security and performance functions). When you access the website, Wix automatically collects and processes information that your browser sends. This include in particular:

 

  • IP address

  • Date and time of request

  • Browser type and version

  • OS

  • Speaker URL

  • pages/content viewed

  • technical performance and charging times

This data is necessary for the technical provision of the website, for ensuring its stability and security, as well as for analysing and optimising the performance of the website. When used, static content (e.g. graphics, SVG files) is also loaded via Wix’s content delivery network, as well as technical endpoints to measure charging performance (e.g. via domains such as wixstatic.comoder frog.wix.com). This may also involve the processing of personal data, in particular the IP address.

The processing is carried out on the basis of Article 6(1)(f) of the GDPR.
The legitimate interest lies in the secure, stable and efficient provision of the website, as well as in technical optimisation and error analysis. Israel is the subject of an adequacy decision by the European Commission pursuant to Article 45 of the GDPR. Wix is an internationally active supplier. Data processing can therefore also take place on servers outside the European Union, in particular in Israel and the United States. In so far as data are transferred to the United States, data are transferred to the United States pursuant to Article 45(1) of the GDPR on the basis of the European Commission’s adequacy decision. The U.S. companies involved and/or their U.S. subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF). An order processing agreement pursuant to Article 28 of the GDPR was concluded with Wix.


The data processed by Wix will only be retained for as long as necessary for those purposes or for as long as there are statutory retention obligations. For more information, see https://de.wix.com/about/privacy.

Collection of personal data when you get in touch

If you write an email, use the contact form or contact us by phone, we will process and store the following data of you and use it for the purpose of replying to your request. (The legal basis is point (b) of the first sentence of Article 6(1) of the GDPR)

  • Name, surname

  • Address

  • Fixed/mobile phone number

  • E-mail address

Collecting personal data when visiting our website

(1) If you use the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser sends to our server. If you wish to view our website, we collect the following data that are technically necessary for us to display our website and ensure stability and security (the legal basis is Article 6(1), first sentence, point (f) GDPR):

  • IP address

  • Date and time of request

  • Time zone difference to Greenwich Mean Time (GMT)

  • Content of request (specific page)

  • Access status/HTTP status code

  • data volume transferred on each occasion

  • Website from which request was sent

  • Browsers

  • Operating system and interface

  • Language and version of browser software


(2) We use different cookies for our website.


In addition to the data referred to above, cookies are saved on your computer when you use our website. Cookies are small text files that are saved on your hard disk to the browser you are using and through which certain information accrues to the cookie-setter. Cookies cannot run programs or transmit viruses to your computer; They are designed to make the internet service as a whole more user-friendly and effective. 

This website uses the following types of cookie, the scope and functioning of which are described below:

  • Transient cookies

  • Persistent cookies

Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. They store a so-called session ID, which allows you to link different requests from your browser to the joint session. That will allow your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close the browser.

 

Persistent cookies are automatically deleted after a specific period, which may differ from cookie to cookie. You can delete cookies in your browser’s security settings at any time.

You can configure your browser setting according to your preferences and also refuse to accept third party cookies or all cookies. Please note that you may not be able to use all the features of this website.


The legal basis for the use of cookies is point (f) of the first sentence of Article 6(1) of the GDPR. If you have given us consent for the setting of cookies, point (a) of the first sentence of Article 6(1) of the GDPR is an additional legal basis for the use of cookies.


We will inform you of the legal basis for each processing operation.

(3) We use tracking – technologies.

at www.leak360.io

Information from the provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

  • Google Analytics 4.0

To the extent that you have given your consent, Google Analytics 4, a web analytics service of Google LLC, is used on this website. The entity responsible for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Analytics uses cookies that allow you to analyse how you use our websites. The information collected through the cookies about your use of this website is usually transferred to and stored on a Google server in the US.


For Google Analytics 4, anonymisation of IP addresses is enabled by default. Due to IP anonymisation, your IP address will be reduced by Google within Member States of the European Union or in other States party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the US and shortened there. According to Google, the IP address provided by your browser as part of Google Analytics will not be merged with other Google data.

During your website visit, your user behaviour is recorded in the form of ‘events’. Events may include:

  • Page views

  • First-time visit to the website

  • Start of the meeting

  • Your ‘click path’, interacting with the website

  • Scrolls (always when a user scrolls up to the end of the page (90 %))

  • Click on external links 

  • internal searches

  • Interaction with videos

  • File downloads

  • viewed/clicked ads

  • Language setting

It also covers:

  • Your approximate location (region)

  • Your IP address (in abridged form)

  • technical information about your browser and the devices you use (e.g. voice setting, screen resolution)

  • Your Internet Service Provider

  • the Referrer URL (via which website/promotional means you have come to this website)

The reports provided by Google Analytics are used to analyse the performance of our website.


The recipients of the data are/may be:

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor under Article 28 GDPR)

  • Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

  • Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA


It cannot be excluded that US authorities access the data stored at Google.


Where data is processed outside the EU/EEA and there is no European standard of data protection, we have concluded EU standard contractual clauses with the service provider to ensure an adequate level of data protection. Google Ireland’s parent company, Google LLC, is based in California, USA. Transfer of data to the US and access by US authorities to data stored at Google cannot be excluded.


The data we send and which are linked to cookies will be automatically deleted after two months. The deletion of data for which the retention period has been reached shall take place automatically once a month.


The use of Google Analytics is based on your consent pursuant to Article 6(1)(a) GDPR and Section 25(1) TDDDG. Pursuant to Article 45(1) of the GDPR, the transfer of data to the United States takes place on the basis of the European Commission’s adequacy decision. The U.S. companies involved and/or their U.S. subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).


You can withdraw your consent at any time, with effect for the future, by accessing the cookie settings and changing your choice. This shall be without prejudice to the lawfulness of processing based on consent before its withdrawal.


You can also prevent the storage of cookies from the outset by adjusting your browser software accordingly. However, configuring your browser to reject all cookies may limit functionalities on these and other websites. You can also prevent Google from collecting and processing the data (including your IP address) generated by the cookie and related to your use of the website by:​

  • do not give your consent to the setting of the cookie; or

  • Download and install the Google Analytics HERE deactivation browser add-on.


More information on Google Analytics Terms of Service and Google Data Protection can be found at https://marketingplatform.google.com/about/analytics/terms/de/and at https://policies.google.com/?hl=de.

 

  • Google Tag Manager

Google Tag Manager is a solution that allows us to manage website tags via a interface. The Tag Manager tool itself (implementing the tags) is a cookieless domain. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has taken place at domain or cookie level, it will remain in place for all tracking tags implemented with Google Tag Manager. The use of Google Tag Manager is based on your consent pursuant to Article 6(1)(a) GDPR and Section 25(1) TDDDG. For more information, please consult the user guidelines for this product: https://www.google.com/intl/de/tagmanager/use-policy.html would be appreciated.


For more information on the purpose and scope of the data collection and its processing by the plugin provider, please refer to the provider’s data protection notices. You can also find out more about your privacy rights and settings here: https://www.google.de/intl/de/policies/privacy would be appreciated.


at www.hdithinx.io

  • Google Search Console

To monitor and optimise the findability of our website in Google Search, we use Google Search Console, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In particular, the Google Search Console allows us to consult technical information on indexation, searchability via Google Search, searches, impressions, clicks and general performance data of our website. We understand that the evaluations are aggregated or search-related.

 

Through the Google Search Console, we do not use our own tracking script on our website and do not use cookies or similar technologies to recognise individual website visitors. This does not track individual user behaviour on our website. The use is made on the basis of Article 6(1)(f) of the GDPR. Our legitimate interest lies in the technical monitoring, error analysis and optimisation of our website’s findability in Google Search. More information on Google’s data processing can be found in Google’s privacy notices.

(4) When visiting our website, there is no automated decision-making, known as profiling.

(5) We process your personal data only for the purpose indicated here. Any further processing for other purposes requires your prior consent.

Transfers of data

We receive your data from our hosting provider based and server located in the US and those third parties of PROTH!NX GmbH who need it to fulfil their contractual and legal obligations and legitimate interests.

Amazon Web Services, Inc.410 Terry Avenue North Seattle WA 98109 United States. The legal basis is Article 6(1)(f) of the GDPR. Pursuant to Article 45(1) of the GDPR, the transfer of data to the United States takes place on the basis of the European Commission’s adequacy decision. The U.S. companies involved and/or their U.S. subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).


In addition, processors contracted by us (in particular IT service providers) will receive your data if and to the extent that they need the data to fulfil their respective services. Where there are legal obligations or legitimate interests, public bodies (e.g. courts, authorities) may be recipients of your personal data. Recipients may also be third parties to whom we transfer your data for the above purposes. Your data will only be shared with third parties on the basis of the above-mentioned legal bases.


As a safeguard, we have concluded an order processing agreement with the hosting provider. This involves handling your personal data in accordance with the EU General Data Protection Regulation.

Consent management

Some data processing operations require your consent. In order to obtain and document your consent, we use the cookie consent manager of ‘Wix’ pursuant to Article 6(1), first sentence, point (c). Your consent only sets technically necessary cookies. When you enter our website, a cookie is stored in your browser, where the consents you gave or the withdrawal of these consents are stored. This data is not shared with the provider.
The collected data will be stored until you ask us to delete it, delete the cookie itself or delete the purpose for which the data is stored. Mandatory statutory retention periods remain unaffected. Details of how Wix processes data can be found at https://de.wix.com/about/privacy.

 

Since 6 March 2024, it has been necessary to use Google Consent mode v2 when using Google products. This requirement is already technically integrated in our consent banner. For example, your data will definitely not be sent to Google until you have given your consent. We use the Advanced Mode. As a result, your data will only be sent to the server-side Google Tag Manager. Here, the IP address is overwritten and therefore not sent to Google. As long as server-side tracking is not in place, basic fashion will be used to provide you with the highest possible level of security.

Right of withdrawal when consent is given

In various cases, you may also give us your consent to further processing (possibly for part of the data) in the context of the processing operations described below. In this case, we will inform you separately about all modalities and scope of the consent and the purposes we pursue with these processing operations in the context of the submission of the respective declaration of consent. We inform you that the withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.

Collection of personal data in the application process

Any personal data provided to us in connection with an application will be collected and processed for the purposes of managing the application process.

Your personal data will be processed solely for the purpose of processing your application and will not be processed for any other purpose. The processing is carried out for the performance of the contract or for legitimate interest under points (b) or (f) of the first sentence of Article 6(1) of the GDPR.

If, in doing so, you also spontaneously notify us of special categories of personal data pursuant to Article 9 of the GDPR, such as the status of severely disabled person, the processing will be carried out on the basis of Article 9(2)(b) of the GDPR, as the processing of those data is necessary for the exercise of the profession. If we ask you for special categories of personal data pursuant to Article 9 of the GDPR, the processing is based on your consent pursuant to Article 9(2)(a) of the GDPR.

Electronic processing is possible, in particular for applications received by electronic means such as email or via the contact form on the website.

If the application is converted into an employment relationship, the application file is stored for the purpose of the performance of the employment contract. If there is no employment relationship, the application file is automatically deleted six months after the end of the application procedure, unless legitimate interests under point (f) of the first sentence of Article 6(1) of the GDPR preclude deletion.

Such a legitimate interest exists, for example, when proceedings are pending under the General Equal Treatment Act (AGG). In this case, we will store the data until the end of the procedure.

You can also give us your consent for an extended retention period of your candidate’s data, so that we can take you into account for the future in the recruitment process.

Participation in webinars
Registration for events via www.prothinx.io

To register for our events, we use a form on the event page on our website. The data entered will be collected via the integrated Wix form and sent to our mailbox events@prothinx.io.

Your data will be processed for the purpose of processing your registration, organising and running the event and communicating with you in connection with the event. After successful registration, you will receive a confirmation email and a calendar invitation. Further communication will take place via Microsoft Outlook.


The legal basis for the processing is Article 6(1)(b) of the GDPR and, in addition, Article 6(1)(f) of the GDPR. Our legitimate interest lies in the efficient and orderly organisation of our events.

Registration for events via www.hdithinx.io or www.leak360.io

To register for our events, we use the provider SWEAP, an offer from MATE Development GmbH, Rankestraße 9, 10789 Berlin. According to the provider, the processing of the data takes place on servers within the European Union, mainly in Germany.

 

As part of the event registration process, SWEAP processes the data you entered on our behalf to collect, manage and organise your registration. The legal basis for the processing is Article 6(1)(f) of the GDPR. Our legitimate interest lies in the efficient organisation and management of our events in compliance with data protection rules. More information on data protection in SWEAP can be found in the data protection notices available at https://www.sweap.io/de/datenschutz#.

 

If you have been made aware of our event via a link from HDI Global, we will return the information about your registration to HDI Global or the partner involved in it. The legal basis for this is Article 6(1)(f) of the GDPR. The legitimate interest is to assess the level of interest of existing customers in the events offered.

 

Following your participation in an event, you may receive information about other events that could be relevant to your previous interest. The processing is also carried out on the basis of Article 6(1)(f) of the GDPR. Our legitimate interest is to inform interested parties and participants of appropriate follow-up events. You may object to the use of your data for this purpose at any time, for example by sending us a message.

Implementation of the webinars

For hybrid and virtual events, we use Microsoft Teams, a service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

 

Participation in a virtual or hybrid event via Microsoft Teams will involve the processing of personal data to the extent necessary for the technical provision and implementation of the event. This may include, in particular, name, e-mail address, technical connection data and, in the case of active use, image and audio data and chat post content.

 

The processing is carried out for the purpose of organising the event and communicating with the participants. The legal basis is Article 6(1)(b) of the GDPR, in so far as the processing is necessary for the organisation of the event or the processing of the application, and, in addition, Article 6(1)(f) of the GDPR. The legitimate interest lies in the efficient and up-to-date implementation of hybrid and virtual event formats. Pursuant to Article 45(1) of the GDPR, the transfer of data to the United States takes place on the basis of the European Commission’s adequacy decision. The U.S. companies involved and/or their U.S. subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).


There is no recording of the event, transcription or use of copilot or comparable AI-assisted scoring features. They decide for themselves whether to activate camera and microphone. Where the chat function is used, the content entered in the chat will be processed to enable participation in the event and communication during the event.


More information on data processing can be found at https://www.microsoft.com/dede/privacy?icid=DSM_Footer_Company_Pr

Data source and processing for marketing purposes

We process business contact details of contact persons in companies, such as names, professional roles, companies and business contact details, obtained from external, publicly available or commercial company data sources. This may include, in particular, company databases such as Dun & Bradstreet Deutschland GmbH, established in Brussels Strasse 1-3 60327 Frankfurt am Main.

 

The purpose of the processing is to identify potentially relevant business contacts, to address the B2B market and to maintain and manage business contacts. The legal basis is Article 6(1)(f) of the GDPR. Our legitimate interest lies in initiating and developing business relations and in targeted B2B communication.


In so far as we use personal data for direct marketing purposes, we comply with the requirements of data protection and competition law, in particular the requirements of Article 21 of the GDPR and Paragraph 7 of the UWG. Data subjects shall have the right to object to the processing of their personal data for the purposes of direct marketing at any time with effect for the future.

 

The data shall be retained only for as long as necessary for those purposes, if there are statutory retention obligations or if legitimate interests, such as proof of an advertising objection, require further retention.

Use of SendGrid for sending emails to www.leak360.io

We use the SendGrid email service provided by Twilio Inc. to send you alerts. These alerts inform you about important events or changes in status that are relevant to you. Please note that no promotional emails will be sent via this service.

 

To send the alarm messages, we need your email address. It will only be processed for the stated purpose and will not be used for any other purpose or transferred to any third party. The processing of your email address for sending alarm messages is based on the performance of a contract or pre-contractual measures pursuant to Article 6(1)(b) of the GDPR. SendGrid uses appropriate technical and organisational measures to protect your data from loss, misuse and unauthorised access. We have concluded a contract with SendGrid for the processing of your data, which ensures that your data will only be processed on our behalf and in accordance with our instructions. This is supported by the conclusion of a contract processing agreement.

 

As SendGrid is a US-based service of Twilio Inc., your data can be transferred to a country outside the European Economic Area (EEA). However, Twilio Inc. is certified under the EU-U.S. Data Privacy Framework, which ensures an adequate level of data protection. The legal basis is Article 45 of the GDPR. Your email address will be kept only for the time necessary to fulfil the stated purpose or for as long as we are legally obliged to do so. You have the right to exercise your right to object at any time. Send us an email on this.

For more information, see https://www.twilio.com/en-us/legal/privacy.

Download a white paper

When you download a white paper via our website, we process the personal data you provided in the download form, in particular your name, email address and, if applicable, a telephone number, in order to provide you with the requested white paper and manage the download organisationally.


The legal basis for the processing is Article 6(1)(b) GDPR, to the extent that the processing is necessary to provide the white paper you requested. If, in connection with downloading, further contact is made with similar technical content, services or events, the processing can additionally be based on Article 6(1)(f) of the GDPR. The legitimate interest lies in the provision of information on suitable offers and content.


If, in the context of downloading, you expressly consent to the receipt of further information, for example on specialist topics, events or performances, the processing is carried out on the basis of Article 6(1)(a) of the GDPR. Consent given may be withdrawn at any time with effect for the future. The data will only be kept for as long as necessary to make the white paper available, to allow for a proper follow-up of your request or to comply with legal record-keeping obligations. Data subjects also have, at any time, the right to object to the processing of their personal data for the purposes of direct marketing pursuant to Article 21 of the GDPR.

Use of sentry

We use Sentry from Functional Software, Inc., 132 Hawthorne St San Francisco, CA 94107, United States as a bugtracker to detect code errors at an early stage and thus ensure the technical functionality of our online offer. It collects anonymous information about the device on which the error occurred and the time when the error was detected. In some cases, user sessions may also be recorded to facilitate the correction of the error. Functional Software, Inc. does not analyse these data for advertising purposes. The use of sentry is based on your consent pursuant to Article 6(1)(f) of the GDPR, the legitimate interest in using a fault tracking and performance monitoring tool that helps developers to detect, monitor and correct errors in their applications. Under Article 45(1) of the GDPR, data are transferred on the basis of the European Commission’s adequacy decision. The U.S. companies involved and/or their U.S. subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).


The exact retention period varies from case to case. Data will be deleted as soon as we have corrected the error and no longer need to see the details of the error. Further guidance on the retention period by Functional Software, Inc. can be found in the data protection notices for Sentry: https://sentry.io/privacy/ would be appreciated.

Social Media

We maintain a social media account for further ways of contacting and publishing our current offers. The legal basis is Article 6(1)(f), the legitimate interest of customer communication in conjunction with Article 26 of the GDPR of joint controllership. LinkedIn has therefore set up a contract processing agreement that prescribes compliance with the GDPR. Available at: https://de.linkedin.com/legal/l/dpa


The supplier is: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Data protection notices: https://www.linkedin.com/legal/privacy-policy;

Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out would be appreciated.


As there is no adequacy decision by the European Commission (including the US companies that are not certified under the EU-U.S. DPF), we have agreed with the recipient of the data on other appropriate safeguards within the meaning of Article 44 et seq. GDPR. These are standard contractual clauses of the European Commission pursuant to Implementing Decision (EU) 2021/914 of 4 June 2021, unless stated otherwise. A copy of these standard contractual clauses can be found at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.


We would like to draw your attention to the fact that in the case of transfers to third countries, there may be unknown risks in detail (e.g. the processing of data by third country security authorities, their exact scope and their consequences for you, over which we have no control and of which you may not be aware). The specific retention period of the processed data is not within our control, but is determined by LinkedIn Corporation. Further guidance can be found in the data protection notice for LinkedIn Ads: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy would be appreciated.

Integration of YouTube videos

We have included YouTube videos in our online offer, which are stored on https://www.YouTube.com and can be played directly from our website. These are all embedded in the ‘enhanced privacy mode’, i.e. no data about you as a user will be transferred to YouTube if you do not play the videos. Only when you play the videos will the above-mentioned data be transmitted. We have no control over this data transfer. The legal basis for including YouTube videos is point (f) of the first sentence of Article 6(1) of the GDPR. Pursuant to Article 45(1) of the GDPR, the transfer of data to the United States takes place on the basis of the European Commission’s adequacy decision. The U.S. companies involved and/or their U.S. subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).


By visiting the website, YouTube is informed that you have accessed the relevant page of our website. The data referred to in the ‘Cookies usage’ and ‘Visiting our website’ sections of these instructions are also provided. This is irrespective of whether YouTube provides a user account through which you are logged in or whether there is no user account. When you are logged in to Google, your data will be directly linked to your account. If you do not want to be assigned to your YouTube profile, you must log out before activating the button. YouTube stores your data as user profiles and uses it for advertising, market research and/or customisation of its website. Such analysis is carried out in particular (even for non-logged-in users) to provide customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, which you must address to YouTube.


Information from the provider: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. The data controller is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For more information on the purpose and scope of the data collection and its processing by YouTube, please consult the Data Protection Notices. You can also find out more about your privacy rights and settings 
here: https://www.google.de/intl/de/policies/privacy.

No obligation to make available & consequences of not making available

The provision of the personal data is not required by law or contract and you are not obliged to provide data. As part of the encoding process, we will inform you if the provision of personal data is required for the specific service (e.g. by naming it as a ‘mandatory field’). Failure to provide the required data means that the service in question cannot be provided.

How long your data will be stored

We process your personal data, where necessary, for the duration of the business relationship, or for as long as it is necessary for the stated purposes, and also in accordance with the statutory retention and documentation obligations arising in particular from the Tax Code and the Commercial Code, which generally amount to 10 years. In addition, personal data may be stored and retained for as long as the data are relevant to pending judicial or administrative proceedings in which the controller has the status of a party.

What are your rights?

(1) You have the following rights vis-à-vis us concerning your personal data:

  • The right to know what data we have collected and stored from you;

  • Right to rectification or erasure of your pre-existing data, after considering any retention periods;

  • The right to restrict the processing of your data if they are no longer needed to the extent necessary;

  • Right to object to the processing, so we have to stop the processing and the

  • Right to data portability, if you want to take datasets from another institution with you.

(2) You also have the right to lodge a complaint with a data protection supervisory authority concerning the processing of your personal data by us. This complaint should be addressed to the competent supervisory authority at https://www.datenschutz-berlin.de/buergerinnen-und-buerger/beschwerde/

Contradiction

You have the right to object to the processing of your personal data at any time. Please send it in writing by e-mail or by post to the above-mentioned address.

 

As legal provisions may change, we invite you to regularly read these privacy notices. We will update changes in a timely manner in order to be able to share transparent information with you.


As of April 2026
created with Werk3 für Datenschutz GmbH

Data Protection.

Privacy policy 

The protection of your data is very important to us. For transparent cooperation, we draw your attention to important processing activities and special features. 

 

Purpose and legal basis of data processing 

The data processing at PROTH!NX GmbH takes place for the fulfilment of the contract / technical offer and for the execution of the contract in accordance with Art. 6 (1) (b) GDPR and, if the claim is not based on a contract, in the context of the reconciliation of interests in accordance with Art. 6 (1) (f) GDPR, whereby the legitimate interest is related to: 

 

  • Answering enquiries 

  • Quotation preparation, order processing  

  • Sending information material 

  • The Administration and Administration 

  • Maintaining business relationships 

 

As a company, we are subject to various legal obligations. In order to fulfil these obligations, processing of personal data may be necessary, pursuant to Article 6(1c) GDPR legal obligations or pursuant to Article 6(1e) GDPR in the public interest. 

  • Control and reporting obligations 

  • Creditworthiness, age and identity checks 

  • Prevention/defence of criminal acts 

 

Controller pursuant to Article 4(7) of the EU General Data Protection Regulation (GDPR) 

 

PROTH!NX GmbH 
Hagelberger Str. 53-54 

10965 Berlin 
 

If you have any questions about data protection, please send us an e-mail privacy(at)PROthinx.io

 

Scope 

 
This data protection notice applies to the following offers: 

  • our website 

  • our social media page 

  • whenever reference is made to this data protection information from any of our offers, regardless of the way in which you access or use it. 

 

Use of a website builder 

Our website was created with the website builder system Wix. Wix is a service of Wix.com, Inc. and provides web development technology, web design and layout tools, domain hosting, and other applications for marketing and workflow management. 

We use Wix, among other things, for web hosting and the presentation of our website. In addition, Wix collects statistical data about your visit to our website. 

The following data is usually transmitted: the website accessed, the date and time of access, the amount of data transferred, whether a retrieval was successful, the browser type and version, the user's operating system, the website previously visited (referrer) and the IP address.  

This log data is processed exclusively for the above-mentioned purposes, as well as to maintain the security, functionality and optimisation of Wix's offer. The use of the service is based on our legitimate interests, i.e. interest in a secure and efficient provision, as well as the optimization of our online offer in accordance with Art. 6 (1) (f) GDPR. 

Furthermore, we use Wix CDN for the proper provision of the contents of our website. Wix CDN is a service provided by Wix.com, Inc., which acts as a Content Delivery Network (CDN) on our website. 

A CDN helps to provide content of our online offer, in particular files such as graphics or scripts, faster with the help of regionally or internationally distributed servers. When you access this content, you connect to servers of Wix.com, Inc., where your IP address and, if applicable, browser data such as your user agent are transmitted. This data is processed exclusively for the above purposes and to maintain the security and functionality of Wix CDN. 

The specific storage period of the processed data is not influenced by us, but is determined by Wix.com, Inc. Further information can be found in the privacy policy for Wix: https://en.wix.com/about/privacy. 

 

 

Collection of personal data when you contact us 

If you write us an e-mail, use the contact form or contact us by phone, we collect, process and store the following data from you and use it for the purpose of answering your request. 

  • First name, surname 

  • address 

  • Landline/mobile phone number 

  • E-mail address 

 

Collection of personal data when visiting our website 

(1) When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 (1) sentence 1 lit. f GDPR): 

  • IP address 

  • Date and time of the request 

  • Greenwich Mean Time (GMT) 

  • Content of the request (concrete page) 

  • Access status/HTTP status code 

  • amount of data transferred in each case 

  • Website from which the request comes 

  • browsers 

  • Operating system and its interface 

  • Language and version of the browser software. 

 

(2) We use various cookies for our website. 

 

In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the body that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer as a whole more user-friendly and effective.  

This website uses the following types of cookies, the scope and functionality of which are explained below: 

  • Transient cookies 

  • Persistent cookies 

Transient cookies are automatically deleted when you close the browser. This includes, in particular, session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser. 

Persistent cookies are automatically deleted after a predetermined period, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time. 

You can configure your browser settings according to your wishes and also refuse the acceptance of third-party cookies or all cookies. Please note that you may not be able to use all functions of this website. 

The legal basis for the use of cookies is Art. 6 (1) sentence 1 lit. f GDPR. If you have given us your consent for the setting of cookies, Art. 6 (1) sentence 1 lit. a GDPR is an additional legal basis for the use of cookies.  

We will inform you about the corresponding legal basis at the individual processing operations. 

 

(3) We do not use tracking technologies.  

(4) When visiting our website, no automated decision-making, the so-called profiling, takes place. 

(5) We process your personal data only for the purpose stated here. Any further processing for other purposes requires your prior consent. 

 

Transmission of data 

 

Our hosting provider with headquarters and server location in the USA and those third parties of PROTH!NX GmbH receive your data, which they need to fulfil contractual and legal obligations as well as legitimate interests. 

Provider is Amazon Web Services, Inc.410 Terry Avenue North Seattle WA 98109 United States. The legal basis is in accordance with Art. 6 (1) (f) GDPR. The data transfer to the USA takes place according to Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).  

In addition, contract processors commissioned by us (in particular IT service providers) receive your data if and to the extent that they need the data to fulfil their respective services. If there are legal obligations or legitimate interests, public bodies (e.g. courts, authorities) may be recipients of your personal data. Recipients may also be third parties to whom we transfer your data for the aforementioned purposes. Your data will only be passed on to third parties on the basis of the above-mentioned legal bases.  

For security purposes, we have concluded an order processing agreement with the hosting provider. This includes a compliant handling of your personal data in accordance with the EU General Data Protection Regulation. 

 

Consent management 

For some data processing we need your consent. In order to obtain and document your consent, we use the Cookie Consent Manager of ‘Wix’ in accordance with Article 6(1), first sentence, point (c). With your consent, only technically necessary cookies are set. When you enter our website, a cookie is stored in your browser in which the consents you have given or the revocation of these consents are stored. This data will not be passed on to the provider. 

The collected data will be stored until you ask us to delete it or delete the cookie itself or the purpose for the data storage no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Wix can be found at https://en.wix.com/about/privacy

 

Since 06.03.2024 it is necessary to use Google Consent mode v2 when using Google products. This requirement is already technically integrated in our consent banner. So your data will definitely not be sent to Google until you have given your consent. We use advanced mode forthis. Your data will only be sent to us at the server-side Google Tag Manager. Here the IP address is overwritten and therefore not sent to Google. As long as server-side tracking is not set up, basic mode is used to provide you with the greatest possible security. 

 

 

Right of withdrawal when consent is given 

In various cases, you have the option of granting us your consent to further processing in connection with the processing described below (possibly for part of the data). In this case, in connection with the submission of the respective declaration of consent, we will inform you separately about all modalities and the scope of the consent and about the purposes we pursue with these processing operations. We inform you that the revocation of the consent does not affect the legality of the processing carried out on the basis of the consent until the revocation. 

 

Registration at events 
For registration for events we use the provider Cvent Deutschland GmbH c/o TMF Steuerberatung GmbH WPG, Maximilianstr. 54 in 80538 Munich. 

The tool stores your data on a server in Germany and does not pass the data on to third parties. The legal basis is in accordance with Art. 6 (1) (f) GDPR. The privacy policy can be found at https://www.cvent.com/sites/default/files/files/2023-06/Cvent%20Global%20Privacy%20Policy_11.30.21_v_02.10.23_For%20Translation_7.pdf

If you came across our event via a link via HDI Global, we will report your registration back to HDI Global. The legal basis is in accordance with Art. 6 (1) (f) GDPR, the legitimate interest. This is because HDI Global wants to evaluate the extent to which existing customers are interested in the events.  

Furthermore, after attending an event, we will send you further event proposals that could be in your interest in accordance with Art. 6 (1) (f) GDPR, your legitimate interest. If you no longer wish this, please reply to the e-mail and let us know.  

 

Use of Sentry 

We use Sentry from Functional Software, Inc., 132 Hawthorne St San Francisco, CA 94107, United States as a bug tracker to detect code errors at an early stage and thus ensure the technical functionality of our online offer. Anonymous information is collected about the device on which the error occurred and the time at which the error was detected. In some cases, user sessions can also be recorded to make it easier to fix the error. Functional Software, Inc. does not evaluate this data for advertising purposes. Sentry is used on the basis of your consent in accordance with Article 6(1)(f) GDPR, the legitimate interest of using an error tracking and performance monitoring tool that helps developers to detect, monitor and correct errors in their applications.  

The exact storage time varies from case to case. Data will be deleted as soon as we have fixed the error and no longer need to see the error details. Further information on the storage period of Functional Software, Inc. can be found in the privacy policy for Sentry: https://sentry.io/privacy/

 

LinkedIn  

  • Social media 

For further possibilities of contacting and publishing our current offers, we maintain a social media account. The legal basis is provided in accordance with Article 6(1)(f), the legitimate interest of customer communication in conjunction with Article 26 GDPR of joint responsibility. In this way, LinkedIn has drawn up an order processing agreement that stipulates the compliant handling of the GDPR. To be read at: https://en.linkedin.com/legal/l/dpa 

The provider is: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Privacy policy: https://www.linkedin.com/legal/privacy-policy; Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.  

As there is no adequacy decision of the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipient of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission pursuant to Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be found at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.  

We would like to point out that in the case of third-country transfers, unknown risks may exist in detail (e.g. data processing by security authorities of the third country, the exact scope and consequences of which for you we do not know, over which we have no influence and of which you may not be aware). The specific storage period of the processed data is not influenced by us, but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Ads: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Integration of YouTube videos 

We have integrated YouTube videos into our online offer, which are stored on https://www.YouTube.com and can be played directly from our website. These are all integrated in the ‘extended data protection mode’, i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the aforementioned data be transmitted. We have no influence on this data transmission. The legal basis for the integration of YouTube videos is Art. 6 (1) sentence 1 lit. f GDPR. 

By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under "Use of cookies" and "Visit to our website" of this notice are transmitted. This is done regardless of whether YouTube provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as user profiles and uses them for the purposes of advertising, market research and/or needs-based design of its website. Such an evaluation takes place in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles, whereby you must address yourself to YouTube in order to exercise this right. 

Information from the provider: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. The data controller is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information on the purpose and scope of the data collection and its processing by YouTube can be found in the data protection information. There you will also find more information about your rights and settings options to protect your privacy: https://www.google.de/intl/de/policies/privacy 

 

No obligation to provide & Consequences of non-provision 

The provision of personal data is not required by law or contract and you are not obliged to provide data. As part of the input process, we will inform you if the provision of personal data is necessary for the respective service (e.g. by naming it as a ‘mandatory field’). Failure to provide the required data means that the service in question cannot be provided. 

 

Storage period of your data 

We process your personal data, as far as necessary, for the duration of the business relationship, or as long as it is necessary for the aforementioned purposes, as well as in accordance with the statutory retention and documentation obligations, which arise in particular from the Fiscal Code and the Commercial Code and usually amount to 10 years. In addition, personal data may be stored and retained for as long as the data is relevant to a pending judicial or administrative proceeding in which the controller has a party status. 

 

Your rights 

(1) You have the following rights vis-à-vis us with regard to the personal data concerning you: 

  • Right to information about which data we have collected and stored from you; 

  • the right to rectification or erasure of your already existing data, after examination of any retention periods; 

  • Right to restriction of processing, in relation to your data, if it is no longer needed to the extent necessary; 

  • Right to object to the processing, so that we have to stop the processing and the 

  • Right to data portabilityif you want to take records to another institution. 

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. Please address this complaint to the competent supervisory authority at https://www.datenschutz-berlin.de/buergerinnen-und-buerger/complaint/ 

 

Contradiction 

You have the right to object to the processing of your personal data at any time. Please send it in writing by e-mail or by post to the above address.  

 

Since legal provisions may change, we kindly ask you to read this data protection information regularly. We will make changes in a timely manner in order to be able to pass on transparent information to you. 

 

As of June 2024 

created with Werk3 for Datenschutz GmbH 

Hinweise zur Datenverarbeitung.

Datenschutzhinweise

Der Schutz Ihrer Daten ist uns sehr wichtig. Für eine transparente Zusammenarbeit weisen wir Sie auf wichtige Verarbeitungstätigkeiten und Besonderheiten hin.

 

Zweck und Rechtsgrundlage der Datenverarbeitung

Die Datenverarbeitung bei der PROTH!NX GmbH erfolgt zur Vertragserfüllung/ technischer Angebotserstellung und zur Vertragsabwicklung nach Art 6 Abs. 1 lit. b DSGVO und, sofern der Forderung kein Vertrag zugrunde liegt, im Rahmen des Interessenabgleichs nach Art. 6 Abs. 1 lit. f DSGVO, wobei das berechtigte Interesse im Zusammenhang steht, mit:

 

·       Der Beantwortung von Anfragen

·       Der Angebotserstellung, Auftragsabwicklung

·       Dem Versand von Informationsmaterial

·       Der Verwaltung und Administration

·       Der Pflege von Geschäftsbeziehungen

 

Als Unternehmen unterliegen wir verschiedenen rechtlichen Verpflichtungen. Zur Erfüllung dieser Verpflichtungen kann eine Verarbeitung von personenbezogenen Daten, nach Art. 6 Abs. 1c DSGVO rechtlicher Verpflichtungen oder nach Art. 6 Abs. 1e DSGVO im öffentlichen Interesse, erforderlich sein.

·       Kontroll- und Meldepflichten

·       Kreditwürdigkeits-, Alters- und Identitätsprüfungen

·       Prävention/Abwehr strafbarer Handlungen

 

Verantwortlicher gem. Art. 4 Abs. 7 EU-Datenschutz-Grundverordnung (DSGVO)

 

PROTH!NX GmbH
Hagelberger Str. 53-54

10965 Berlin
 

Wenn Sie Fragen zum Datenschutz haben, schreiben Sie uns eine E-Mail privacy(at)PROthinx.io.

 

Geltungsbereich


Diese Datenschutzhinweise gelten für folgende Angebote:

  • unsere Website

  • unsere Social Media Seite

  • immer dann, wenn sonst aus einem unserer Angebote auf diese Datenschutzhinweise verwiesen wird, unabhängig davon, auf welchem Weg Sie es aufrufen oder verwenden.

 

Einsatz eines Website-Baukasten

Unsere Website wurde mit dem Website-Baukastensystem Wix erstellt. Wix ist ein Dienst der Wix.com, Inc und bietet Webentwicklung-Technologie, Webdesign- und Layout-Tools, Domain-Hosting und andere Anwendungen für Marketing und Workflow-Management an.

Wir verwenden Wix unter anderem zum Webhosting und der Darstellung unserer Website. Darüber hinaus sammelt Wix statistische Daten über den Besuch unserer Website.

Folgende Daten werden in der Regel übertragen: abgerufenen Website, Datum und Uhrzeit des Zugriffs, übertragene Datenmenge, Meldung, ob ein Abruf erfolgreich war, Browsertyp und Browserversion, Betriebssystem des Nutzers, die zuvor besuchte Website (Referrer) und die IP-Adresse. 

Diese Protokolldaten werden ausschließlich zu den oben genannten Zwecken, sowie zur Aufrechterhaltung der Sicherheit, Funktionalität und der Optimierung des Angebots von Wix verarbeitet. Die Nutzung des Dienstes erfolgt auf Grundlage unserer berechtigten Interessen, d.h. Interesse an einer sicheren und effizienten Bereitstellung, sowie der Optimierung unseres Onlineangebotes gemäß Art. 6 Abs. 1 lit. f. DSGVO.

Weiterhin verwenden wir zur ordnungsgemäßen Bereitstellung der Inhalte unserer Website Wix CDN. Wix CDN ist ein Dienst der Wix.com, Inc, welcher auf unserer Website als Content Delivery Network (CDN) fungiert.

Ein CDN trägt dazu bei, Inhalte unseres Onlineangebotes, insbesondere Dateien wie Grafiken oder Skripte, mit Hilfe regional oder international verteilter Server schneller bereitzustellen. Wenn Sie auf diese Inhalte zugreifen, stellen Sie eine Verbindung zu Servern der Wix.com, Inc, her, wobei Ihre IP-Adresse und ggf. Browserdaten wie Ihr User-Agent übermittelt werden. Diese Daten werden ausschließlich zu den oben genannten Zwecken und zur Aufrechterhaltung der Sicherheit und Funktionalität von Wix CDN verarbeitet.

Die konkrete Speicherdauer der verarbeiteten Daten ist nicht durch uns beeinflussbar, sondern wird von Wix.com, Inc bestimmt. Weitere Hinweise finden Sie in der Datenschutzerklärung für Wix: https://de.wix.com/about/privacy.

 

 

Erhebung personenbezogener Daten bei Kontaktaufnahme Ihrerseits

Wenn Sie uns eine E-Mail schreiben, das Kontaktformular nutzen oder uns telefonisch kontaktieren erheben, bearbeiten und speichern wir folgende Daten von Ihnen und nutzen diese zum Zwecke der Beantwortung Ihrer Anfrage.

  • Vorname, Name

  • Adresse

  • Festnetz-/ Mobil-Telefonnummer

  • E-Mail-Adresse

 

Erhebung personenbezogener Daten bei Besuch unserer Website

(1) Bei der bloß informatorischen Nutzung der Website, also wenn Sie sich nicht registrieren oder uns anderweitig Informationen übermitteln, erheben wir nur die personenbezogenen Daten, die Ihr Browser an unseren Server übermittelt. Wenn Sie unsere Website betrachten möchten, erheben wir die folgenden Daten, die für uns technisch erforderlich sind, um Ihnen unsere Website anzuzeigen und die Stabilität und Sicherheit zu gewährleisten (Rechtsgrundlage ist Art. 6 Abs. 1 S. 1 lit. f DSGVO):

·       IP-Adresse

·       Datum und Uhrzeit der Anfrage

·       Zeitzonendifferenz zur Greenwich Mean Time (GMT)

·       Inhalt der Anforderung (konkrete Seite)

·       Zugriffsstatus/HTTP-Statuscode

·       jeweils übertragene Datenmenge

·       Website, von der die Anforderung kommt

·       Browser

·       Betriebssystem und dessen Oberfläche

·       Sprache und Version der Browsersoftware.

 

(2) Wir verwenden für unsere Website verschiedene Cookies.

 

Zusätzlich zu den zuvor genannten Daten werden bei Ihrer Nutzung unserer Website Cookies auf Ihrem Rechner gespeichert. Bei Cookies handelt es sich um kleine Textdateien, die auf Ihrer Festplatte dem von Ihnen verwendeten Browser zugeordnet gespeichert werden und durch welche der Stelle, die den Cookie setzt, bestimmte Informationen zufließen. Cookies können keine Programme ausführen oder Viren auf Ihren Computer übertragen. Sie dienen dazu, das Internetangebot insgesamt nutzerfreundlicher und effektiver zu gestalten.

Diese Website nutzt folgende Arten von Cookies, deren Umfang und Funktionsweise im Folgenden erläutert werden:

-                           Transiente Cookies

-                           Persistente Cookies

Transiente Cookies werden automatisiert gelöscht, wenn Sie den Browser schließen. Dazu zählen insbesondere die Session-Cookies. Diese speichern eine sogenannte Session-ID, mit welcher sich verschiedene Anfragen Ihres Browsers der gemeinsamen Sitzung zuordnen lassen. Dadurch kann Ihr Rechner wiedererkannt werden, wenn Sie auf unsere Website zurückkehren. Die Session-Cookies werden gelöscht, wenn Sie sich ausloggen oder den Browser schließen.

Persistente Cookies werden automatisiert nach einer vorgegebenen Dauer gelöscht, die sich je nach Cookie unterscheiden kann. Sie können die Cookies in den Sicherheitseinstellungen Ihres Browsers jederzeit löschen.

Sie können Ihre Browser-Einstellung entsprechend Ihren Wünschen konfigurieren und zudem die Annahme von Third-Party-Cookies oder allen Cookies ablehnen. Wir weisen Sie darauf hin, dass Sie dann jedoch eventuell nicht alle Funktionen dieser Website nutzen können.

Rechtsgrundlage für die Verwendung von Cookies ist Art. 6 Abs. 1 S. 1 lit. f DSGVO. Falls Sie uns für das Setzen von Cookies eine Einwilligung erteilt haben, so ist Art. 6 Abs. 1 S. 1 lit. a DSGVO zusätzliche Rechtsgrundlage für die Verwendung von Cookies.

Wir informieren Sie an den einzelnen Verarbeitungen über die entsprechende Rechtsgrundlage.

 

(3) Wir verwenden keine Tracking - Technologien.

(4) Beim Besuch unserer Website findet keine automatisierte Entscheidungsfindung, das sogenannte Profiling, statt.

(5) Wir verarbeiten Ihre personenbezogenen Daten nur zu dem hier angegeben Zweck. Jede weitere Verarbeitung zu anderen Zwecken bedarf Ihrer vorherigen Einwilligung.

 

Übermittlung von Daten

 

Es erhalten unser Hosting-Anbieter mit Sitz und Serverstandort in den USA und diejenigen Dritten von PROTH!NX GmbH Ihre Daten, die diese zur Erfüllung der vertraglichen und gesetzlichen Pflichten sowie berechtigten Interessen benötigen.

Anbieter ist Amazon Web Services, Inc.410 Terry Avenue North Seattle WA 98109 United States. Rechtsgrundlage erfolgt gemäß Art. 6 Abs. 1 lit. f DSGVO. Die Datenübermittlung in die USA erfolgt nach Art. 45 Abs. 1 DSGVO auf Grundlage des Angemessenheitsbeschluss der Europäischen Kommission. Die beteiligten US-Unternehmen und/oder deren US-Unterauftragnehmer sind nach dem EU-U.S. Data Privacy Framework (EU-U.S. DPF) zertifiziert.

Darüber hinaus erhalten von uns beauftragte Auftragsverarbeiter (insb. IT-Dienstleister) Ihre Daten, sofern und soweit diese die Daten zur Erfüllung ihrer jeweiligen Leistungen benötigen. Bei Vorliegen gesetzlicher Verpflichtungen oder berechtigter Interessen können öffentliche Stellen (z.B. Gerichte, Behörden) Empfänger Ihrer personenbezogenen Daten sein. Empfänger können auch Dritte sein, an die wir zu den o.g. Zwecken Ihre Daten übermitteln. Ihre Daten werden ausschließlich auf Grundlage der oben genannten Rechtsgrundlagen an Dritte weitergegeben.

Zur Absicherung haben wir mit dem Hosting-Anbieter eine Auftragsverarbeitungsvereinbarung abgeschlossen. Die beinhaltet einen konformen Umgang mit Ihren personenbezogenen Daten nach EU-Datenschutz-Grundverordnung.

 

Einwilligungsmanagement

Für einige Datenverarbeitungen benötigen wir Ihre Einwilligung. Um Ihre Einwilligung einzuholen und zu dokumentieren, verwenden wir gemäß Art. 6 Abs. 1 S. 1 lit. c  den Cookie Consent Manager von „Wix“. Durch Ihre Einwilligung werden nur technisch notwendige Cookies gesetzt. Wenn Sie unsere Website betreten, wird ein Cookie in Ihrem Browser gespeichert, in dem die von Ihnen erteilten Einwilligungen oder der Widerruf dieser Einwilligungen gespeichert werden. Diese Daten werden nicht an den Anbieter weitergegeben.

Die erfassten Daten werden gespeichert, bis Sie uns zur Löschung auffordern bzw. das Cookie selbst löschen oder der Zweck für die Datenspeicherung entfällt. Zwingende gesetzliche Aufbewahrungsfristen bleiben unberührt. Details zur Datenverarbeitung durch Wix finden Sie unter https://de.wix.com/about/privacy.

 

Seit 06.03.2024 ist es erforderlich, den Google Consent mode v2 zu nutzen, wenn Produkte von Google genutzt werden. Diese Anforderung ist bereits in unserem Einwilligungsbanner technisch integriert. So werden Ihre Daten definitiv erst an Google gesendet, wenn Sie Ihre Einwilligung gegeben haben. Wir nutzen dazu den Advanced Modus. Ihre Daten werden dadurch erst zu uns an den server-side Google Tag Manager gesendet. Hier wird die IP-Adresse überschrieben und somit nicht an Google gesendet. Solange das server-side Tracking nicht aufgebaut ist, greift der „basic Mode“, um Ihnen die größtmögliche Sicherheit zu bieten.

 

 

Widerrufsrecht bei Erteilung einer Einwilligung

In verschiedenen Fällen haben Sie die Möglichkeit, uns im Zusammenhang mit den nachstehend dargestellten Verarbeitungen auch (ggf. für einen Teil der Daten) Ihre Einwilligung in weitergehende Verarbeitungen zu erteilen. In diesem Fall informieren wir Sie im Zusammenhang mit der Abgabe der jeweiligen Einwilligungserklärung gesondert über alle Modalitäten und die Reichweite der Einwilligung und über die Zwecke, die wir mit diesen Verarbeitungen verfolgen. Wir setzen Sie davon in Kenntnis, dass durch den Widerruf der Einwilligung die Rechtmäßigkeit, der aufgrund der Einwilligung bis zum Widerruf erfolgten Verarbeitung nicht berührt wird.

 

Registrierung bei Veranstaltungen
Zur Anmeldung für Veranstaltungen nutzen wir den Anbieter Cvent Deutschland GmbH c/o TMF Steuerberatung GmbH WPG, Maximilianstr. 54 in 80538 München.

Das Tool speichert Ihre Daten auf einem Server in Deutschland und gibt die Daten nicht an Dritte weiter. Rechtsgrundlage erfolgt gemäß Art. 6 Abs. 1 lit. f DSGVO. Die Datenschutzhinweise finden Sie unter https://www.cvent.com/sites/default/files/files/2023-06/Cvent%20Global%20Privacy%20Policy_11.30.21_v_02.10.23_For%20Translation_7.pdf.

Wenn Sie über einen Link über die HDI Global auf unsere Veranstaltung gestoßen sind, dann melden wir Ihre Anmeldung an PRO Global zurück. Rechtsgrundlage erfolgt gemäß Art. 6 Abs. 1 lit. f DSGVO, dem berechtigten Interesse. Das besteht darin, das HDI Global auswerten möchte, wie stark das Interesse der bestehenden Kunden an den Veranstaltungen vorliegt.

 

Einsatz von Sentry

Wir verwenden Sentry von Functional Software, Inc., 132 Hawthorne St San Francisco, CA 94107, United States als Bugtracker, um Codefehler frühzeitig zu erkennen und somit die technische Funktionalität unseres Onlineangebotes zu gewährleisten. Dabei werden anonyme Informationen über das Gerät, auf dem der Fehler stattgefunden hat und über den Zeitpunkt, zu dem der Fehler erkannt wurde, gesammelt. In einigen Fällen können User-Sessions ebenfalls aufgezeichnet werden, um die Behebung des Fehlers zu vereinfachen. Functional Software, Inc. wertet diese Daten nicht zu Werbezwecken aus. Der Einsatz von Sentry erfolgt auf Grundlage Ihrer Einwilligung gemäß Art. 6 Abs. 1 lit. f. DSGVO, dem berechtigten Interesse, ein Fehlerverfolgungs- und Performance-Monitoring-Tool, zu nutzen, dass Entwicklern hilft, Fehler in ihren Anwendungen zu erkennen, zu überwachen und zu beheben.

Die exakte Speicherdauer variiert von Fall zu Fall. Daten werden gelöscht, sobald wir den Fehler behoben haben und keine Einsicht auf Fehlerdetails mehr benötigen. Weitere Hinweise zur Speicherdauer seitens Functional Software, Inc. finden Sie in der Datenschutzerklärung für Sentry: https://sentry.io/privacy/.

 

LinkedIn

  • Social Media

Für weitere Möglichkeiten der Kontaktaufnahme und Veröffentlichung unserer aktuellen Angebote pflegen wir einen Social Media Account. Rechtsgrundlage erfolgt gemäß Art. 6 Abs. 1 lit. f, dem berechtigten Interesse der Kundenkommunikation i.V.m. Art. 26 DSGVO der gemeinsamen Verantwortlichkeit. Somit hat LinkedIn eine Auftragsverarbeitungsvereinbarung aufgestellt, welche den konformen Umgang mit der DSGVO vorgibt. Einzulesen unter: https://de.linkedin.com/legal/l/dpa

Anbieter ist: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland; Datenschutzhinweise: https://www.linkedin.com/legal/privacy-policy; Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Da kein Angemessenheitsbeschluss der Europäischen Kommission existiert (einschließlich der US-Unternehmen, die nicht nach EU-U.S. DPF zertifiziert sind) haben wir mit dem Empfänger der Daten anderweitige geeignete Garantien im Sinne der Art. 44 ff. DSGVO vereinbart. Dies sind – sofern nicht anders angegeben – Standardvertragsklauseln der EU-Kommission gemäß Durchführungsbeschluss (EU) 2021/914 vom 4. Juni 2021. Eine Kopie dieser Standardvertragsklauseln können Sie unter  https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE einsehen.

Wir weisen Sie darauf hin, dass bei Drittlandübermittlungen im Detail unbekannte Risiken (z.B. die Datenverarbeitung durch Sicherheitsbehörden des Drittlandes, deren genauer Umfang und deren Folgen für Sie wir nicht kennen, auf die wir keinen Einfluss haben und von denen Sie unter Umständen keine Kenntnis erlangen) bestehen können. Die konkrete Speicherdauer der verarbeiteten Daten ist nicht durch uns beeinflussbar, sondern wird von LinkedIn Corporation bestimmt. Weitere Hinweise finden Sie in der Datenschutzhinweise für LinkedIn Ads: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

Einbindung von YouTube-Videos

Wir haben YouTube-Videos in unser Online-Angebot eingebunden, die auf https://www.YouTube.com gespeichert sind und von unserer Website aus direkt abspielbar sind. Diese sind alle im „erweiterten Datenschutz-Modus“ eingebunden, d. h. dass keine Daten über Sie als Nutzer an YouTube übertragen werden, wenn Sie die Videos nicht abspielen. Erst wenn Sie die Videos abspielen, werden die genannten Daten übertragen. Auf diese Datenübertragung haben wir keinen Einfluss. Rechtsgrundlage für die Einbindung von YouTube-Videos ist Art. 6 Abs. 1 S. 1 lit. f DS-GVO.

Durch den Besuch auf der Website erhält YouTube die Information, dass Sie die entsprechende Unterseite unserer Website aufgerufen haben. Zudem werden die unter „Einsatz von Cookies“ und „Besuch unserer Website“, dieser Hinweise genannten Daten übermittelt. Dies erfolgt unabhängig davon, ob YouTube ein Nutzerkonto bereitstellt, über das Sie eingeloggt sind, oder ob kein Nutzerkonto besteht. Wenn Sie bei Google eingeloggt sind, werden Ihre Daten direkt Ihrem Konto zugeordnet. Wenn Sie die Zuordnung mit Ihrem Profil bei YouTube nicht wünschen, müssen Sie sich vor Aktivierung des Buttons ausloggen. YouTube speichert Ihre Daten als Nutzungsprofile und nutzt sie für Zwecke der Werbung, Marktforschung und/oder bedarfsgerechten Gestaltung seiner Website. Eine solche Auswertung erfolgt insbesondere (selbst für nicht eingeloggte Nutzer) zur Erbringung von bedarfsgerechter Werbung und um andere Nutzer des sozialen Netzwerks über Ihre Aktivitäten auf unserer Website zu informieren. Ihnen steht ein Widerspruchsrecht zu gegen die Bildung dieser Nutzerprofile, wobei Sie sich zur Ausübung dessen an YouTube richten müssen.

Informationen des Anbieters: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. Für die Datenverarbeitung verantwortlich ist Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. Weitere Informationen zu Zweck und Umfang der Datenerhebung und ihrer Verarbeitung durch YouTube erhalten Sie in der Datenschutzhinweise. Dort erhalten Sie auch weitere Informationen zu Ihren Rechten und Einstellungsmöglichkeiten zum Schutze Ihrer Privatsphäre: https://www.google.de/intl/de/policies/privacy

 

Keine Verpflichtung zur Bereitstellung & Folgen der Nichtbereitstellung

Die Bereitstellung der personenbezogenen Daten ist nicht gesetzlich oder vertraglich vorgeschrieben und Sie sind nicht verpflichtet, Daten bereitzustellen. Wir informieren Sie im Rahmen des Eingabeprozesses, wenn die Bereitstellung personenbezogener Daten für den jeweiligen Service erforderlich ist (z.B. durch die Bezeichnung als „Pflichtfeld“). Bei erforderlichen Daten hat die Nichtbereitstellung zur Folge, dass der betreffende Service nicht erbracht werden kann.

 

Speicherdauer Ihrer Daten

Wir verarbeiten Ihre personenbezogenen Daten, soweit erforderlich, für die Dauer der Geschäftsbeziehung, bzw. solange es für die genannten Zwecke erforderlich ist sowie darüber hinaus gemäß den gesetzlichen Aufbewahrungs- und Dokumentationspflichten, die sich insbesondere aus der Abgabenordnung und dem Handelsgesetzbuch ergeben und i.d.R. 10 Jahre betragen. Darüber hinaus können personenbezogene Daten solange gespeichert und aufbewahrt werden, als die Daten für ein anhängiges gerichtliches oder behördliches Verfahren, in dem der Verantwortliche Parteistellung hat, von Bedeutung sind.

 

Ihre Rechte

(1) Sie haben uns gegenüber folgende Rechte hinsichtlich der Sie betreffenden personenbezogenen Daten:

·       Recht auf Auskunft, welche Daten wir von Ihnen erhoben und gespeichert haben;

·       Recht auf Berichtigung oder Löschung, Ihrer bereits bestehenden Daten, nach Prüfung etwaiger Aufbewahrungsfristen;

·       Recht auf Einschränkung der Verarbeitung, bezüglich Ihrer Daten, falls diese nicht mehr in dem Umfang benötigt werden;

·       Recht auf Widerspruch gegen die Verarbeitung, sodass wir die Verarbeitung einstellen müssen und das

·       Recht auf Datenübertragbarkeit, falls Sie Datensätze zu einer anderen Institution mitnehmen möchten.

(2) Sie haben zudem das Recht, sich bei einer Datenschutz-Aufsichtsbehörde über die Verarbeitung Ihrer personenbezogenen Daten durch uns zu beschweren. Diese Beschwerde richten Sie bitte an die zuständige Aufsichtsbehörde unter https://www.datenschutz-berlin.de/buergerinnen-und-buerger/beschwerde/

 

Widerspruch

Sie haben jederzeit das Recht gegen die Verarbeitung Ihrer personenbezogenen Daten Widerspruch einzulegen. Richten Sie diesen bitte schriftlich per E-Mail oder per Post an die oben genannte Adresse.

 

Da sich gesetzliche Bestimmungen ändern können, bitten wir Sie regelmäßig diese Datenschutzhinweise zu lesen. Änderungen werden wir zeitnah einpflegen, um eine transparente Information an Sie weitergeben zu können.

 

Stand Juni 2024

erstellt mit Werk3 für Datenschutz GmbH

bottom of page