Terms and conditions

 

Our general terms and conditions and our processing agreement shall apply to all Idiligo services.

 

Privacy Statement

 

We are pleased that you are visiting our website. Ensuring the privacy and security of your personal information when using our website is very important to us. We would therefore like to inform you here as to which of your personal data we collect when you visit our website and the purposes for which this data is used.

This privacy statement applies to the website of Idiligo B.V., which can be accessed under the domain https://idiligo.com/.

 

Who is responsible and how can I contact you?

 

Person responsible for the processing of personal data as defined in the EU General Data Protection Regulation (GDPR)

Idiligo B.V.
Managing Director: Frank Korthouwer
Kabelweg 57
1014 BA AMSTERDAM
Netherlands

Postfach 9018
BA AMSTERDAM
Netherlands

Data Protection Officer
Philipp Herold

 

What does this concern?

 

This privacy statement meets the legal requirements for transparency in the processing of personal data. This is all information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address and user behaviour when visiting a website. Information that we cannot relate to your person (or only with disproportionate effort) , e.g. as a result of anonymisation, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of processing has been achieved and there are no legitimate reasons for the further storage of the data. We will inform you about the specific storage periods or criteria for storage in the individual processing operations. Irrespective of this, we store your personal data in individual cases for the purpose of asserting, exercising or defending legal claims and in the event of statutory storage obligations.

 

Who receives my data?

 

We will only share your personal data that we process on our website with third parties if this is necessary for the fulfilment of the purposes and falls within the legal basis (e.g. consent or protection of legitimate interests) in individual cases. In addition, in individual cases, we pass on personal data to third parties if this serves to assert, exercise or defend legal claims. Possible recipients may then include, for example, law enforcement agencies, lawyers, auditors, courts, etc.

If we use service providers for the operation of our website that process personal data on our behalf within the scope of contracted processing in accordance with Art. 28 GDPR, these service providers may be recipients of your personal data. For more information on the use of contracted processors and web services, please refer to the overview of the individual processing operations.

 

Do you use cookies?

 

Cookies are small text files which we send to the browser of your end device during your visit to our website and are stored there. As an alternative to cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). However, other cookies enable us to perform various analyses, allowing us, for example, to recognize the browser you are using when you revisit our website and to transmit various information to us (not necessary cookies). Cookies help us to make our website more user-friendly and effective, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information using cookies, they collect the information directly via your browser. Cookies do not cause any damage to your end device. They cannot run programs and do not contain viruses.

We provide information about the respective services for which we use cookies in the individual processing operations. You can find detailed information on the cookies here.

 

What are my rights?

 

Under the conditions of the statutory provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), you have the following rights as a data subject:

• Information acc. to Art. 15 GDPR, § 34 BDSG about the data stored about you in the form of meaningful information about the processing details and a copy of your data.
• Correction acc. to Art. 16 GDPR of incorrect or incomplete data stored by us.
• Deletion acc. to Art. 17 GDPR of the data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
• Restriction of processing acc. to Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, we no longer require the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to the processing acc. to Art. 21 GDPR.
• Data transferability acc. to Art. 20 GDPR, if you have provided us with personal data within the scope of a consent according to Art. 6 para. 1 lit. a GDPR or on the basis of a contract acc. to Art. 6 para. 1 lit. b GDPR and this data has been processed by us with the aid of automated processes. You receive your data in a structured, standard and machine-readable format or we transfer the data directly to another responsible person, as far as this is technically feasible.
• Objection acc. to Art. 21 GDPR against the processing of your personal data, provided that this is carried out on the basis of Art. 6 para. 1 lit. e, f GDPR and that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. The right to object does not apply if predominant, compelling legitimate reasons for the processing are demonstrated or the processing is carried out for the assertion, exercise or defence of legal claims. Where the right to object does not apply to individual processing operations, this is specified there.
• Revocation acc. to Art. 7 para. 3 GDPR of your given consent with effect for the future.
• Complaint acc. to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can consult the supervisory authority of your usual place of residence, your workplace or our company headquarters.

 

How is my data specifically processed?

 

The following provides information on the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective storage period. Automated decisions are not made in individual cases, including profiling.

 

Provision of the website

 

Nature and scope of processing

When you access and use our website, we collect the personal data that your browser automatically transfers to our server. The following information is temporarily stored in a so-called log file:

• IP address of the requesting computer
• Date and time of access
• Name and URL of the retrieved file
• Website from which the access takes place (referrer URL)
• Browser used and, if applicable, the operating system of your computer and the name of your access provider

 

Our website is not hosted by ourselves, but by a service provider who, for the purpose of providing the website, processes the aforementioned data on our behalf in accordance with Art. 28 GDPR.

Purpose and legal basis

The processing is carried out in order to safeguard our predominant legitimate interest in displaying our website and to ensure security and stability on the basis of Art. 6 para. f GDPR. The collection of data and storage in log files is essential for the operation of the website. Due to the exception under Art. 21 para. 1 GDPR, there is no right to object to the processing. Insofar as the further storage of log files is required by law, processing is carried out on the basis of Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but accessing our website without providing the data is technically not possible.

Storage period

The aforementioned data is stored for the duration that the website is displayed as well as for a maximum of 7 days for technical reasons.

 

 

Contact form

 

Nature and scope of processing

On our website we offer you the option of contacting us via a form that we provide. The information collected through mandatory fields is required to process the request. In addition, you may voluntarily provide additional information that you feel is necessary to process the contact request.

When using the contact form, your personal data will not be passed on to third parties.

Purpose and legal basis

The processing of your data obtained by using our contact form is for the purpose of communication and the processing of your request based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. If your request refers to an existing contractual relationship with us, the processing for the purpose of fulfilling the contract is based on Art. 6 para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information in the mandatory fields. If you do not wish to provide this information, please contact us by other means.

Storage period

If you use the contact form on the basis of your consent, we will store the data collected for each request for a period of three years, starting with the processing of your request or until your consent is revoked.

If you use the contact form within the scope of a contractual relationship, we store the data collected for each request for a period of three years from the end of the contractual relationship.

 

 

Newsletter

 

Nature and scope of processing

If you subscribe to receive our newsletter on our website, we collect your email address and name and store this information together with the date of the subscription and your IP address. You then receive an email in which you must confirm your subscription to the newsletter (double opt-in). If you do not confirm your subscription within 48 hours, it will automatically expire and the data will not be processed for the newsletter.

The newsletter is sent directly by us. Your data will not be passed on to third parties or contracted processors as defined in Art. 28 GDPR.

Purpose and legal basis

We process your data for the purpose of sending the newsletter on the basis of your consent according to Art. 6 para. 1 lit. a GDPR. By unsubscribing from the newsletter, you can declare your revocation at any time with effect for the future according to Art. 7 para. 3 GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to send the newsletter without providing your data.

Storage period

After subscribing to the newsletter, we store the data for a maximum of 48 hours until the subscription is confirmed. After successful confirmation, we store your data until you revoke your consent (unsubscribe from the newsletter) [as well as for a maximum of 7 days for technical reasons].

 

 

DrawBridge

 

Nature and scope of processing

We have integrated DrawBridge into our website. DrawBridge is a service from Gimbal, Inc. that displays targeted advertising to users. DrawBridge uses cookies and other browser technologies to evaluate user behaviour and recognise users. DrawBridge collects information about visitor behaviour on different websites. This information is used to optimise the relevance of advertising. Furthermore, DrawBridge delivers targeted advertising based on behavioural profiles and geographic location. Your IP address and other identification features, such as your user agent, are transmitted to the provider. In this case, your data will be forwarded to the operator of DrawBridge, Gimbal, Inc., 8605 Santa Monica Blvd #62545 West Hollywood, California 90069-4109, United States.

Web tracking technologies are used to create pseudonymised user profiles. These profiles cannot be associated with you as a natural person, but are used, for example, for segmentation when displaying advertisements.

Purpose and legal basis

We process data with the aid of DrawBridge for the purpose of optimising our advertising campaigns and for marketing purposes on the basis of your consent according to Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is rather determined by Gimbal, Inc. Further information can be found in the privacy statement for DrawBridge: https://gimbal.com/gdpr/.

 

 

Google Analytics

 

Nature and scope of processing

We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our website. This includes, for example, the number of visits to our website, subpages visited and the length of time visitors stay on our website.

Google Analytics uses cookies and other browser technologies to evaluate user behaviour and recognise users.

This information is used, among other things, to compile reports on website activity.

Purpose and legal basis

We process data with the aid of Google Analytics for the purpose of optimising our website and for marketing purposes on the basis of your consent according to Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is rather determined by Google Ireland Limited. Further information can be found in the privacy statement for Google Analytics: https://policies.google.com/privacy.

 

 

Google Fonts

 

Nature and scope of processing

We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our website. To obtain these fonts, you connect to Google Ireland Limited’s servers, whereby your IP address is transmitted.

Purpose and legal basis

The use of Google Fonts is based on our legitimate interests, i.e. interest in harmonised provision as well as the optimisation of our website according to Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is rather determined by Google Ireland Limited. Further information can be found in the privacy statement for Google Fonts: https://policies.google.com/privacy.

 

 

Google Tag Manager

 

Nature and scope of processing

We use Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Google Tag Manager is used to manage website tags through an interface and allows us to control the exact integration of services on our website.

This allows us to flexibly integrate additional services to evaluate user access to our website.

Purpose and legal basis

The use of Google Tag Manager is based on our legitimate interests, i.e. interest in the optimisation of our services according to Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is rather determined by Google Ireland Limited. Further information can be found in the privacy statement for Google Tag Manager: https://www.google.de/tagmanager/use-policy.html.

 

 

Hotjar

 

Nature and scope of processing

We use Hotjar CDN to ensure the proper delivery of the contents of our website. Hotjar CDN is a service of Hotjar Ltd. which acts as a Content Delivery Network (CDN) on our website to ensure the functionality of other Hotjar Ltd. services. You will find a separate section in this privacy statement for said services. This section only addresses the use of the CDN.

A CDN helps to make contents of our website, especially files such as graphics or scripts, available more quickly with the aid of regionally or internationally distributed servers. When you access this content, you connect to servers at Hotjar Ltd, Hotjar Ltd, Level 2, St Julian’s Business Centre 3 Elia Zammit Street St Julian’s STJ 3155 Malta, whereby your IP address and, if applicable, browser information such as your user agent are transmitted. This data is processed exclusively for the abovementioned purposes and to maintain the security and functionality of Hotjar CDN.

Purpose and legal basis

The use of the content delivery network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimisation of our website according to Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is rather determined by Hotjar Ltd. Further information can be found in the privacy statement for Hotjar CDN: https://www.hotjar.com/privacy/.

 

 

Hotjar Behavior Analytics

 

Nature and scope of processing

We have integrated Hotjar Behavior Analytics into our website. Hotjar Behavior Analytics is a service of Hotjar Ltd. and provides optimisation tools that analyse the behaviour and feedback of users of our website through analytical and feedback tools.

Hotjar Behavior Analytics uses cookies and other browser technologies to evaluate user behaviour and recognise users.

This information is used, among other things, to compile reports on website activity and to statistically evaluate visitor data. Furthermore, Hotjar Behavior Analytics records clicks, mouse movements and scroll heights to create so-called heat maps and session replays.

In this case, your data is passed on to the operator of Hotjar Behavior Analytics, Hotjar Ltd, Hotjar Ltd, Level 2, St Julian’s Business Centre 3 Elia Zammit Street St Julian’s STJ 3155 Malta.

Purpose and legal basis

We process your data with the aid of Hotjar Behavior Analytics for the purpose of optimising our website and for marketing purposes on the basis of your consent according to Art. 6 para. 1 lit. a. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is rather determined by Hotjar Ltd. Further information can be found in the privacy statement for Hotjar Behavior Analytics: https://www.hotjar.com/privacy/.

 

 

LinkedIn

 

Nature and scope of processing

We use LinkedIn CDN to ensure the proper delivery of the contents of our website. LinkedIn CDN is a service of LinkedIn Corporation which acts as a Content Delivery Network (CDN) on our website to ensure the functionality of other LinkedIn Corporation services. You will find a separate section in this privacy statement for said services. This section only addresses the use of the CDN.

A CDN helps to make contents of our website, especially files such as graphics or scripts, available more quickly with the aid of regionally or internationally distributed servers. When you access this content, you connect to servers of LinkedIn Corporation, Sunnyvale, California, US, whereby your IP address and, if applicable, browser information such as your user agent are transmitted. This data is processed exclusively for the abovementioned purposes and to maintain the security and functionality of LinkedIn CDN.

Purpose and legal basis

The use of the content delivery network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimisation of our website according to Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is rather determined by LinkedIn Corporation. Further information can be found in the privacy statement for LinkedIn CDN: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

 

 

WordPress CDN

 

Nature and scope of processing

We use WordPress CDN to ensure the proper delivery of the contents of our website. WordPress CDN is a service of Automattic Inc. which acts as a Content Delivery Network (CDN) on our website.

A CDN helps to make contents of our website, especially files such as graphics or scripts, available more quickly with the aid of regionally or internationally distributed servers. When you access this content, you connect to servers of Automattic Inc., San Francisco, California, US, whereby your IP address and, if applicable, browser information such as your user agent are transmitted. This data is processed exclusively for the abovementioned purposes and to maintain the security and functionality of WordPress CDN.

Purpose and legal basis

The use of the content delivery network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimisation of our website according to Art. 6 para. 1 lit. f. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is rather determined by Automattic Inc. Further information can be found in the privacy statement for WordPress CDN: https://automattic.com/privacy/.