Personal data is all information about a specific or identifiable natural person. An identifiable natural person is a person that can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific physical, physiological, genetic, mental characteristics, economic, cultural or social identity of this natural person.
An affected person is any identified or identifiable natural person whose personal data is processed by the controller.
Processing is any process or set of operations performed on personal data or personal data, whether automated, recorded, organized, structured, stored, adapted or changed, accessed, consulted, used, transmitted, disseminated or otherwise made available, directed or combined, restricted, deleted or destroyed.
Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain aspects of a natural person, in particular to analyze or predict aspects of work performance, economic situation, health, personal preferences, interests, the reliability, the behavior, the location or the movements of this natural person.
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific person without the use of additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data is not assigned to a specific or identifiable natural person.
Responsible for processing is the natural or legal person, public authority, agency or other body which, alone or in concert with others, determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by the Union or Member State law, the controller or the specific criteria
for their designation may be determined by the Union or Member State law.
The processor is a natural or legal person, public authority, government agency or other body that processes personal data on behalf of the controller.
Recipient is a natural or legal person, agency, agency or other entity to which the personal information is disclosed, whether or not it is a third party. However, authorities which may obtain personal data under a specific investigation under the Union or national law shall not be considered as beneficiaries. The processing of these data by these authorities will be in accordance with the applicable data protection rules for the purposes of processing.
Third parties are natural or legal persons, public authorities, bodies or entities other than the data subject, the controller, the processor and the persons authorized to process personal data under the direct supervision of the controller or the processor.
The consent of the data subject is any free, specific, informed and unambiguous presentation of the data subject’s wishes, by which they declare their consent to the processing of the personal data concerning them by means of a declaration or a clear affirmation.
The person responsible within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is the
Sendlinger Str. 7
USt ID DE344309811
Management: Tilman Pfeiffer
In principle, we process personal data of our website visitors and users only insofar as this is necessary to provide a functioning website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies to cases in which prior consent can not be obtained for reasons of fact and the processing of the data is permitted by law.
Insofar as we obtain the consent of the data subject for processing of personal data, art. 6 §1 lit.a GDPR serves as a legal basis. In the processing of personal data necessary for the performance of a contract to which the data subject is a party, art. 6 § 1 lit. b GDPR as a legal basis. This also applies to processing operations required to carry out pre-contractual actions. Insofar as processing of personal data is required to fulfill a legal obligation that is subject to our company, art. 6 § 1 lit. c GDPR as legal basis. In the event that vital interests of the data subject or another natural person require the processing of personal data, art. 6 § 1 lit. d GDPR as legal basis. If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not prevail over the first interest, art. 6 § 1 lit. f GDPR as legal basis for processing.
We delete or block the personal data of the data subject as soon as the purpose of the storage is eliminated. It may also be stored if provided for by the European or national legislator in EU regulations, laws or regulations to which our company is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for conclusion of a contract or fulfillment of the contract.
Each time our website is accessed, our own integrated fraud0 service automatically is activated.
fraud0 is a prevention service to detect and prevent automated non-human traffic. The data obtained from this service is only used for Bot mitigation and Analytics. To detect whether the website user is a bot or a human, we use pixels. During your website visit, the following data are collected:
No sensitive data is processed.
The bot/human classification is stored in the browser’s local storage.
In case of an opt-in/consent for Google Analytics, this classification is added to one (or more) Custom Dimensions of Google Analytics.
Data processing by fraud0 only continues until the bot identity is detected. Tracking across websites does not happen at any time.
In case of using the fraud0 Bot mitigation service we process data based on Art. 6 lit. f GDPR.
In case of using the fraud0 Analytics service we process data based on the users consent, Art. 6 lit. a GDPR.
It is in our interest to identify the users of our website as a human or a bot. First and foremost, we are preventing fraud (recital 47 of the GDPR), and correct the website statistics by removing bot shares from our statistics but we can also detect low quality user, bot or human, that clicks on ads but has little or no intention of actually buying products.
The data processing is performed in the European Union and Data is stored on Google’s servers within the European Union The user may object to the processing by fraud0 at any time.
The collection of data for the provision of the website and for fraud prevention and the storage of the data is necessary for the operation of the website.
Please note: For the use of our service data is processed. fraud0 uses the Google Cloud Platform from Google Ireland Limited. The servers are located in Frankfurt and Belgium. Due to the judgment of the Court of Justice of 16.07.2020 (Case C311/18), the transfer of personal data to the USA on the basis of the Privacy Shield was declared invalid. We would like to point out that we cannot exclude the possibility that data will be transferred to the USA and pursuant to 50 USC §1881(b)(4), 50 USC §1881a (= FISA 702).
On our website you can contact us via various options: e.g. contact form, book a demo, request a quote, request product information, request guides. If you make this possible, the data entered in the input mask will be transmitted to us and saved. In addition to the specific input macro data, the IP address and the date and time of the request are collected and stored. For the processing of the data, you give your consent in the context of the
Alternatively, a contact via e-mail address is possible. In this case, the user’s personal data transmitted by email will be stored.
In this context, there will be no disclosure of the data to third parties, unless this is necessary for the processing of the query (for example, demo booking tool). In any case, the data will be used exclusively for processing the conversation.
Legal basis for the processing of the data is in the presence of the consent of the user art. 6 § 1 lit. a GDPR. The legal basis for the processing of the data transmitted in the course of sending an e-mail is article 6 (1) lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
The processing of personal data from the input mask is solely for the processing of your request. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
If you have booked a demo, requested product information or an offer, we reserve the right to store the data for two years to measure the profitability of our sales and marketing. Otherwise, we will delete the data as soon as it is no longer necessary to achieve the purpose of its collection. For the personal data from the input form of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified. The additional personal data collected during the sending process will be deleted at the latest after a period of seven days.
The user has the possibility at any time to revoke his consent to the processing of the personal data. If the user contacts us by email, he may object to the storage of his personal data at any time. In such a case, the conversation can not continue. All personal data stored in the course of contacting will be deleted in this case.
We offer the possibility of becoming a customer or partner by providing personal data. The data is collected and stored in the contract process. A transfer of data to third parties does not take place. The following data is collected during the registration process:
Legal basis for the processing of the data is in the presence of the consent of the user art. 6 § 1 lit. a GDPR and art. 6 §1 lit. b GDPR, since the registration of the fulfillment of a contract or the implementation of pre-contractual measures.
Registration is required to fulfill the customer or partner contract or to carry out pre-contractual measures.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. This is the case during the registration process for the performance of a contract or for the performance of pre-contractual measures if the data are no longer necessary for the performance of the contract. Even after the conclusion of the contract, there may be a need to store personal data of the contracting party in order to comply with contractual or legal obligations. In particular, our company has to observe the storage obligations of § 257 Commercial Code in this connection.
As a user you always have the option to cancel your account. You can change the data stored about you at any time. If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible, unless contractual or legal obligations preclude deletion.
A web browser cookie is a small text file sent from a website to your computer or mobile device where it is stored by your web browser. Web browser cookies may store information such as your IP address or other identifier, your browser type, and information about the content you display and interact with on the digital services. By storing such information, web browser cookies can store your preferences and settings for online services and analyze how you use online services.
Tracking Technologies: Web Beacons / Gifs, Pixels, Page Tags, Script
Emails and mobile applications can contain small, transparent image files or lines of code to record how you interact with them. This information is used to help website and app publishers better analyze and improve their services.
Before consent is given 2 functional cookies are set.
The legal basis for the processing of personal data using technically necessary cookies is Article 6 (1) lit. f GDPR.
The legal basis for the processing of personal data using cookies for analysis purposes is the consent of the user Art. 6 para. 1 lit. a GDPR.
The user data collected through technically necessary cookies will not be used to create user profiles. The use of the analysis cookies is for the purpose of improving the quality of our website and its contents. Through the analysis cookies, we learn how the website is used and so we can constantly optimize our offer.
Our services are not aimed at children under 13 years. We do not knowingly collect information from children under the age of 13. If you have not reached the age limit, do not use the services and do not provide us with your personal information. If you are a parent of a child below the age limit and you learn that your child has provided fraud0 personal information, please contact us at and insist on exercising your rights of access, correction, cancellation and / or opposition. If you are resident in California and are under 18 years of age and wish to erase publicly available content, please contact us at .
If we process your personal data you have – after successful identiﬁcation – the following rights towards us:
You have the right to request information about whether your personal information relates to a third country or an international organization. In this connection, you can request the appropriate guarantees in accordance with. Art. 46 GDPR in connection with the transfer.
If the processing of your personal data has been restricted, we may only process this data – with the exception of its storage – with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person.
If the limitation of the processing after the o.g. If conditions are restricted, you will be informed by us before the restriction is lifted.
Have we made your personal data public and we are gem. Article 17 (1) of the GDPR requires that we take appropriate measures to inform other companies processing your personal data that you have deleted all links to yours, taking into account available technology and implementation costs personal data (and all copies thereof) (“right to be forgotten”). The right to erasure does not exist if the processing is necessary.
processing, unless this proves to be impossible or involves a disproportionate effort. You also have the right to be informed by us about these recipients.
In exercising this right, you also have the right to obtain that your personal data relating to you are transmitted directly from one person to another, insofar as this is technically feasible. Freedoms and rights of other persons may not be affected.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the controller.
We will no longer process your personal information in this case unless there are compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to proﬁling insofar as it is associated with such direct mail.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
This does not apply if the decision
With respect to the cases referred to in (1) and (3), the person responsible shall take reasonable steps to uphold the rights and freedoms and your legitimate interests, including at least the right to intervene in the intervention of a person of our company in order to express his or her own position and to challenge it heard of the decision.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
Protecting the information you give us or that we receive about you is our priority. We take appropriate security measures to protect your information from loss, misuse, and unauthorized access, alteration, disclosure, or destruction. fraud0 has taken measures to ensure the ongoing conﬁdentiality, integrity, availability and resiliency of systems and services that process personal information, and will restore the availability and access to information in the event of a physical or technical incident in a timely manner.