OMR – It's all about Online Marketing

Data & Privacy

I. Data Processing in Connection with Your Visit to Our Website
⁠II. Data processing in connection with events
⁠III. Data processing in connection with our online presence
⁠IV. Data processing in connection with job applications
⁠V. Your rights
⁠VI. Security
⁠VII. Validity and Changes to the Privacy Policy
⁠VIII. Your Questions About Data Protection

With this Privacy Policy, Ramp 106 GmbH (hereinafter: “we” or “us”) informs you about the processing of your personal data (hereinafter also referred to simply as “data”) when you visit our website https://omr.com, use our services, or apply for a job with us.

You will also receive information about your rights. We place a very high priority on data protection and, of course, comply with applicable data protection regulations, in particular the European General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telecommunications and Telemedia Data Protection Act (TDDDG).

If you have any questions regarding data protection, please feel free to contact us (informally) using the contact details provided below.

The entity responsible for data processing is:
⁠Ramp 106 GmbH, Lagerstr.36, 20357 Hamburg, Germany, Tel. +49 40 209310869, info@omr.com

The Data Protection Officer is:
⁠Dr. Nils Haag
⁠datenschutz@omr.com

⁠I. Data Processing in Connection with Your Visit to Our Website

In connection with your visit to our website, we process your personal data. This is done for the purposes and to the extent described below. We only disclose your data to third parties as described below.

1 Provision of our website and services

When you visit our website, we automatically collect and process data from you in order to provide our website and the services offered through it.

In doing so, we collect and process the following data from you to provide our website:

Date and time of your visit
The address of the website through which you reached us
the pages you visit on our site
Information about your internet browser (browser type and version)
The operating system of the device you use to access our website and services
Your Internet service provider

We store this information in log files for security reasons—excluding your IP address—and delete it after 30 days. The data contained in the log files is stored separately from other data about you.

Longer storage is only required in individual cases (e.g., in cases of suspected misuse or fraud). In such cases, the respective log files are stored until the matter has been clarified and any necessary follow-up measures have been completed.

For the hosting of the website, including related services, we use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and is thereby obligated to comply with EU data protection standards.

The legal basis for processing your data to provide our website and services is Article 6(1)(f) of the GDPR or § 25(2)(2) of the German TDDDG. We have a legitimate interest in processing your data so that we can offer you our website and the services provided through it in a technically flawless, secure manner that is optimized for your needs. The data from the server log files is stored separately from other data.

2 Contacting Us (Especially When Using Forms)

You have several ways to contact us. When you contact us via email or through a contact form, we will store the information you provide (your email address, and, if applicable, your name and phone number) in order to answer your questions and address your concerns. The legal basis for this is Article 6(1)(f) of the GDPR. Our legitimate interest lies in establishing and maintaining a customer relationship. To the extent that we request information via our contact form that is not necessary for establishing contact —we have always marked such fields as optional. This information helps us clarify your inquiry and improve the handling of your request. The provision of this information is expressly voluntary and subject to your consent, in accordance with Article 6(1)(a) of the GDPR. Insofar as this involves information regarding communication channels (e.g., email address, phone number), you also consent to us contacting you via this communication channel, if necessary, to respond to your inquiry. You may, of course, revoke this consent at any time with future effect.

An exception applies only if the content of your contact serves directly to fulfill an existing contractual relationship between us. In such cases, we base the processing of your data on Article 6(1)(b) of the GDPR.

Your data stored in connection with your contact will be deleted as soon as it is no longer necessary and provided it is not subject to any legal retention obligations. A review of whether storage is necessary is conducted at least annually.

2.1 OMR Reviews

When you contact “OMR Reviews” regarding specific software products, your data (name and email address) is processed by OMR and forwarded directly to the respective software product company in order to establish the desired contact.

The legal basis is your consent pursuant to Art. 6(1)(a) GDPR. Your consent may also extend to the transfer of data to providers in the U.S.; the legal basis in this regard is Article 49(1)(a) of the GDPR. You may revoke your consent at any time with future effect by sending us an email to info@omr.com and by contacting the respective company.

When you participate in the OMR Reviews Community, we process your name and email address to inform you about new software guides and to send you the newsletter and emails containing tool recommendations, software updates, and suggestions for evaluating tools. The legal basis for this is Article 6(1)(b) of the GDPR.

If registration data is obviously incorrect or incomplete, we will correct it where possible based on our legitimate interest in accurate registration data (legal basis: Art. 6(1)(f) GDPR). All data is stored for the duration of your membership and will be deleted upon cancellation.

2.2 Typeform

For certain inquiries, we use the Typeform service to collect and transmit data via forms. Typeform is a service provided by TYPEFORM, S.L., Bac de Roda 163, 08018 Barcelona. You can send us an inquiry at any time via the contact or Typeform form. Among other things, the following information is requested:

Name
Email address

These fields are marked as required. Any additional information you provide to us as part of your inquiry, including via the free-text field, is voluntary. We use this data exclusively to respond to your inquiry and for related communication.Further information on the handling of user data can be found in Typeform’s privacy policy: https://admin.typeform.com/to/dwk6gt.

The data will be deleted as soon as it is no longer needed for the purposes of processing.The legal basis for this processing of your data depends on the content of your inquiry. Insofar as it concerns answering your questions and handling your concerns, the legal basis for this is Art. 6(1)(f) GDPR or § 25(2)(2) German TDDDG. If the inquiry relates to a contractual relationship between us, we base the processing of your data on Article 6(1)(b) of the GDPR. The provision of optional data is expressly voluntary and subject to your consent, in accordance with Article 6(1)(a) of the GDPR or Section 25(1) of the German TDDDG. Insofar as this involves information regarding communication channels (e.g., email address, phone number), you also consent to us contacting you via this communication channel, if necessary, to respond to your inquiry. You may, of course, revoke this consent at any time with future effect.

2.3 Google Forms

This online survey is created using Google Forms, an application of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The controller for users from the EU/EEA and Switzerland is Google Ireland Limited, Google Building, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Google Forms is a type of universal survey tool that can also be used to create and evaluate online surveys. The data you enter as part of the survey is sent to us by Google and evaluated.In addition, Google processes usage and metadata, which Google uses for security purposes and to optimize the service. When using the website, Google may store cookies on users’ computers for web analytics purposes or to preserve user settings.

In this context, your data may be processed in the United States, i.e., in a third country outside the European Union (EU) or the European Economic Area (EEA), and may be transferred there. The legal basis for the data transfer is the Adequacy Agreement with the United States pursuant to Article 45(1) of the GDPR, based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and has thereby committed to complying with the EU’s data protection standards.

The legal basis for this processing of your data depends on the content of your inquiry. Insofar as it concerns answering your questions and handling your concerns, the legal basis for this is Article 6(1)(f) of the GDPR or § 25(2)(2) of the German TDDDG. If the request relates to a contractual relationship between us, we base the processing of your data on Article 6(1)(b) of the GDPR. The provision of optional data is expressly voluntary and subject to your consent, in accordance with Article 6(1)(a) of the GDPR or § 25(1) of the German TDDDG. Insofar as this involves information regarding communication channels (e.g., email address, phone number), you also consent to us contacting you via this communication channel, if necessary, to respond to your inquiry. You may, of course, revoke this consent at any time with future effect.

2.4 Aircall

For communication, we use the services of Aircall SAS, 11 Rue Saint-Georges, 75009 Paris, France. In doing so, data such as your phone number is used for communication.

Your data will be stored for as long as necessary for the purpose.

This is based on the legal grounds of Art. 6(1)(b) GDPR for contractual partners and Art. 6(1)(f) GDPR for legitimate interests in the efficient handling of telephone calls. Further information from Aircall regarding data protection can be found at: https://aircall.io/privacy/.

2.5 HelpScout

We use the CRM system provided by Help Scout Inc., 131 Tremont St, Boston, MA 02111-1338, USA, to process user inquiries more quickly and efficiently. Help Scout is used to manage contact requests and for communication. At a minimum, an email address is required. The provision of additional data is optional.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the Standard Contractual Clauses pursuant to Art. 46(2), (3) GDPR. These clauses oblige the provider to comply with EU data protection standards when processing personal data, even outside the EU.

The data will be deleted as soon as it is no longer needed for the purposes of processing.

Users can find further information in Help Scout’s privacy policy: https://www.helpscout.net/company/legal/privacy/.

The legal basis for this processing of your data depends on the content of your inquiry. Insofar as it concerns answering your questions and handling your concerns, the legal basis for this is Article 6(1)(f) of the GDPR or § 25(2)(2) of the German TDDDG. If the inquiry relates to a contractual relationship between us, we base the processing of your data on Article 6(1)(b) of the GDPR. The provision of optional data is expressly voluntary and subject to your consent, in accordance with Article 6(1)(a) of the GDPR or § 25(1) of the German TDDDG. Insofar as this involves information regarding communication channels (e.g., email address, phone number), you also consent to us contacting you via this communication channel, if necessary, to respond to your inquiry. You may, of course, revoke this consent at any time with future effect.

2.6 Chatbase

To answer frequently asked questions, we use a chatbot provided by Chatbase Inc. (4700 Keele Street, 215 Bergeron Centre of Engineering Excellence, Toronto, ON, M3J 1P3, Canada, https://www.chatbase.co/). When using this service, the following categories of data are processed by Chatbase as a data processor based on EU Standard Contractual Clauses: technical connection data from server access (IP address, date, time, page accessed, browser information) and the content of the inquiry. The data is processed solely for the purpose of answering the inquiry and is not stored in a personally identifiable form beyond that. The legal basis is Art. 6(1)(b) GDPR.

3 Use of Our Newsletters

3.1 General Information

On our website, you can subscribe to free newsletters containing promotional information if you have expressly consented to receiving them. The legal basis for the processing of your data is Art. 6(1)(a) GDPR in conjunction with § 7(2)(3) of the German Act against Unfair Competition or the statutory permission under § 7(3) oft he German Act against Unfair Competition. To prevent abuse, you will first receive an email with a confirmation link, which you must activate in order to receive the actual newsletter (so-called double opt-in procedure).

When you subscribe to the newsletter, your email address, your IP address, and the date and time of your registration are transmitted to us and stored and processed by us. This data is used exclusively to verify your consent to receive and to the sending of the newsletter. No data is disclosed to third parties.

Your data will be stored for as long as we send you the newsletter on a regular basis. In the event that we no longer send you the newsletter, we will delete your data no later than 12 months after sending the last newsletter to you.

Please note that you can revoke your consent at any time and unsubscribe from the newsletter by sending us an email tonewsletter@omr.com or by clicking the unsubscribe link found in every newsletter.

3.2 Newsletter Tracking

Please note that when we send the newsletter, we analyze your user behavior to determine whether and when the newsletter was opened. For this analysis, the emails we send contain so-called web beacons or tracking pixels, which are stored on our server and loaded when the newsletter is opened. This transmits technical information such as browser type, time of opening, and IP address. For the analysis, we link the aforementioned data and the web beacons to your email address and a unique ID. Links received in the newsletter also contain this ID and allow us to analyze your clicking behavior.

We use the data collected in this way to create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletters, which links you click on within them, and infer your personal interests from this. We link this data to actions you have taken on our website. The legal basis for this data processing is your consent, Art. 6(1)(a) GDPR or § 25(1) German TDDDG.

You may revoke your consent at any time with future effect. In this case, the revocation applies to the entire newsletter, as separate revocation of tracking is unfortunately not technically possible. To do so, simply click the unsubscribe link provided in every email.

Such tracking is also not possible if you have disabled the display of images by default in your email program. In this case, the newsletter will not be displayed in full, and you may not be able to use all features. If you manually display the images, the tracking described above will take place.

The information from the tracking is stored for as long as you are subscribed to the newsletter. After you unsubscribe, the data is anonymized and used for purely statistical purposes.

The data you have provided to us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe. Data stored by us for other purposes remains unaffected by this.

The following providers are used for the newsletter:

3.2.1 HubSpot

This website uses HubSpot for online marketing activities. HubSpot is a software company based in the U.S. with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland.

This is an integrated software solution that covers various aspects of online marketing. These include, among other things, email marketing, social media publishing & reporting, contact management, landing pages, and contact forms. Cookies are also stored on the device you are using.

Our registration service allows visitors to our website to learn more about our company, download content, and provide their contact information as well as additional demographic information. This information, along with the content of our website, is stored on servers belonging to our software partner HubSpot. We may use this information to contact visitors to our website and to determine which of our company’s services are of interest to them. All information we collect is subject to this privacy policy. We use all collected information exclusively for the optimization of our marketing activities. HubSpot’s privacy policy can be found at: https://legal.hubspot.com/privacy-policy.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and is therefore committed to complying with EU data protection standards.

Further information from HubSpot regarding EU data protection regulations can be found at: https://legal.hubspot.com/data-privacy

More information about the cookies used by HubSpot can be found here and here.

Data collection and storage take place only with your express consent pursuant to Art. 6(1)(a) GDPR or § 25(1) German TDDDG. This consent may be revoked at any time with future effect.

You can unsubscribe from emails sent by HubSpot via a link in the respective email.

3.2.2 Customer.io

We use the customer.io tool from Peaberry Software Inc. (921 SW Washington St, Suite #820, Portland, OR 97205, USA) to send and analyze our email newsletter. For this purpose, your name, email address, and IP address are transmitted to customer.io and stored there.

Peaberry Software is a company based in the United States. Your data may be processed in the United States, i.e., in a third country outside the European Union (EU) or the European Economic Area (EEA), and may be transferred there. The legal basis for the data transfer is the Standard Contractual Clauses pursuant to Art. 46(2), (3) GDPR. These clauses oblige the provider to comply with European data protection standards when processing personal data, even outside the EU.

The data will be deleted as soon as it is no longer needed for the purposes of processing.

For further information, please refer to the privacy policy of customer.io: https://customer.io/legal/privacy-policy/.

Data collection and storage take place only with your express consent pursuant to Article 6(1)(a) of the GDPR or § 25(1) of the German TDDDG. This consent may be revoked at any time with future effect.

4 Customer Feedback (Zenloop)

This website uses a service provided by zenloop GmbH, Pappelallee 78/79, 10437 Berlin (“zenloop”). zenloop is a business-to-business Software-as-a-Service platform that enables us to collect and analyze customer feedback through various channels. This allows us to tailor and improve our offerings to meet our customers’ needs. Through Zenloop, specific surveys regarding our services can be created and sent via email to customers (respondents).

Zenloop collects and stores any responses from respondents, which may include personal data such as first and last names depending on the survey, and evaluates them on our behalf.

The data is deleted as soon as it is no longer needed for the purposes of processing.

Further information on data usage by zenloop can be found in zenloop’s privacy policy at https://www.zenloop.com/de/legal/privacy.

The distribution and evaluation of the survey are carried out exclusively with the customer’s express consent in accordance with Art. 6(1)(a) GDPR or § 25(1) German TDDDG. This consent may be revoked at any time with future effect.

5 Use of Your Email Address

If you purchase a product or service, we will use your email address to send you promotional materials for similar services or products, unless you have opted out of this use. Please note that you can object to this use at any time by sending us an email to newsletter@omr.com or by clicking the unsubscribe link included in every email. You will incur no costs other than standard transmission fees.

6 Friendly Captcha

We use the “Friendly Captcha” service provided by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, on our websites. As a service user, we have entered into a data processing agreement with Friendly Captcha for the processing of end-user data by the data processor Friendly Captcha.

Friendly Captcha is used to verify whether data entry on our websites (e.g., in a contact form) is performed by a human or by an automated program (a so-called bot). To do this, Friendly Captcha analyzes the website visitor’s behavior based on various characteristics.

When an end user visits a website that contains the Friendly Captcha widget, the following log data is collected to evaluate the puzzle request:

User Agent Request Header (includes application, operating system, manufacturer, and version), Origin, and Referer,
the puzzle itself, which contains information about the account and the website key to which the puzzle refers,
the version of the widget, and
a timestamp.

The IP address is anonymized via one-way hashing so that end users cannot be personally identified. Personal data of end users is not stored.

Friendly Captcha is a globally available service headquartered in Germany.

The data is stored in dedicated data centers (e.g., only within the EU). Friendly Captcha ensures that every data transfer is protected by appropriate safeguards, using the European Commission’s standard data protection clauses or binding corporate rules.

The data is stored in one of Friendly Captcha’s more than 200 data centers worldwide, located near the user making the request (so-called point-of-presence procedure). Friendly Captcha ensures that every data transfer is protected by appropriate safeguards by using the European Commission’s Standard Data Protection Clauses or Binding Corporate Rules.

We store your personal data for the duration of the purposes specified above. Afterward, we no longer store your personal data unless we are required by law to store it for a longer period or longer storage is necessary to assert, exercise, or defend legal claims.

For more information on how Friendly Captcha handles your data, please visit the provider’s website and review its privacy policy, accessible via the following links:

https://friendlycaptcha.com/de/

https://friendlycaptcha.com/de/legal/privacy-end-users/

The data processing associated with the use of Friendly Captcha is carried out for the purpose of ensuring the security of our websites. The legal basis for data processing is Art. 6(1)(f) GDPR and § 25(2)(2) German TDDDG. Our legitimate interest lies in fulfilling legal requirements to ensure the security of data processing (e.g., protection against spam and bots).

7 Leadfeeder

On our website, we use the Leadfeeder analytics tool from Liidio Oy, a company based at Mikonkatu 17 C, 00100 Helsinki, Finland. This tool enables us to collect information about visitors to our website.

The Leadfeeder system works by identifying the IP addresses of companies. A special code on our website enables Leadfeeder to identify the IP addresses of visitors associated with companies. These IP addresses are then matched against a global database of companies and business information. The data collected in this way is deleted after two years. You can request earlier deletion at support@leadfeeder.com. After deletion, the data remains in the system for up to seven days due to backup copies.

Leadfeeder does not collect personal IP addresses or data from mobile devices, but only those associated with companies. In addition to company information, Leadfeeder also provides data on the date, duration of the visit, and the web pages visited by the user. Leadfeeder does not provide information about specific, identifiable individuals who visit our website and does not use cookies to identify or track visitors. Information about visitors using dynamic IP addresses is not provided.

The data provided by Leadfeeder allows us to compile statistics on visits to our website. We use this data to improve our website and measure its reach.

For more information, please visit https://www.leadfeeder.com/privacy/ and https://www.leadfeeder.com/leadfeeder-and-gdpr/.

The legal basis for data processing is Art. 6(1)(f) GDPR. Our legitimate interest lies in the economic evaluation of user data. The data subjects’ legitimate interests do not override this, as only company data is stored and personal data is deleted immediately.

8 Registration and Use of the User Account, Payment Processing, and Ticket Purchase

You have the option to create and use a user account, for example to purchase tickets, book events, or purchase our reports. During registration, we may receive the following data from you (e.g., via Google, Facebook, email, or LinkedIn):

Personal data: First name, last name, date of birth, email, phone number
Interests
Company data: Company name, email, website, phone number, address, company type, field of activity, number of employees, career level
Link to Facebook, LinkedIn, or Google

If you decide to purchase a paid product, we also process your data to facilitate order and payment processing.

In doing so, we process your name, address, and contact information, date of birth (for events open to those 18 and older), as well as contract details and the payment information you provide (e.g., bank account details). The legal basis for this is to fulfill the contract between us or to take steps prior to entering into a contract (Art. 6(1)(b) GDPR). Data is disclosed to third parties—specifically to financial service providers at for payment processing—as well as to authorities and consultants within the scope permitted by law (Art. 6(1)(c) GDPR). We use any additional data for the following purposes:

Recommendations of relevant content and events from OMR and OMR partners based on the interests provided
Contact initiation by other members and OMR partners
Publication in participant lists and profile formats
Sending newsletters – promoting OMR events and products
Enabling a more personalized event experience (suggestions for presentations, exhibitors, side events, (digital) masterclasses, jobs, etc.)

The legal basis for this is Art. 6(1)(f) GDPR. The legitimate interest lies in the provision of the aforementioned services.

If you have consented to the use of OMR’s networking features, other users can see whether you are registered for an OMR event, are currently checked in (badge scan at entry and exit), and can contact you via email or the app. The legal basis for this is Article 6(1)(a) of the GDPR. You can revoke this consent at any time in your user dashboard (my.omr.com).

You can delete your user account, including your data, at any time. Your data stored in connection with the registration and use of your user account as well as payment processing will be deleted within 14 days after you have notified us of your request to delete your customer account. This does not apply to data that must be retained for commercial or tax law reasons. We store this data on the basis of Article 6(1)(c) of the GDPR.

You have the option to purchase tickets for our events. The following data collected in this process is used to organize the respective event: title, first name, last name, company, company size, position, email, career level, phone number, sector, country, special dietary requests, and billing address. The legal basis for this data processing is Article 6(1)(b) of the GDPR.

As a general rule, we store your data only for the period necessary to achieve the purpose of storage, or to the extent required by European directives and regulations or by other legislative bodies in laws or regulations to which we are subject. In Germany, there is a specific obligation to retain data for 6 years pursuant to Section 257(1) of the German Commercial Code (in particular, commercial ledgers, inventories, opening balance sheets, annual financial statements, business correspondence, and accounting documents). Pursuant to Section 147(1), (3) of the German Fiscal Code, 10 years for books, records, management reports, accounting documents, and documents relevant for taxation, as well as 6 years specifically for commercial and business letters. If the purpose of storage no longer applies or a legally prescribed retention period expires, your personal data will be routinely blocked or deleted in accordance with legal requirements.

If you received the invitation to our event through one of our partners, this was based on a corresponding request from our partner. For this purpose, your data (your name, your company, your gender, and your email address) was transmitted to us for the purpose of creating a ticket. We record this data in our OMR Manager to create the tickets, manage the invitations, and send them out.

Our partners have access to the OMR Manager and can view which of the visitors they invited redeemed their ticket, registered, and subsequently attended the festival. Our partners’ access is limited to data regarding the individuals they invited. The processing of the data they provide to us is based on Art. 6(1)(f) of the GDPR and serves the purpose of organizing the festival. If you wish to object to this processing or exercise other rights under the GDPR, you will find the relevant information under “V. Your Rights” in this privacy policy.

8.1 myfestival Area

As part of the OMR Festival, we offer you the opportunity to create a personal profile in the myfestival area and provide additional information (e.g., phone number, industry, links to social networks). We process this voluntary data based on our legitimate interest (Art. 6(1)(f) GDPR). Our legitimate interest is to provide you with relevant content as well as an improved and personalized festival experience. You may object to this form of personalization at any time by deleting your additional profile data or by writing to us at datenschutz@omr.com.

If you additionally activate the visibility of your profile in your myfestival area, you consent, in accordance with Art. 6(1)(a) GDPR, to your data stored there (including first and last name and, if applicable, other voluntary information) becoming visible to our exhibitors. Exhibitors may contact you via the contact details you have provided if they are interested. If you do not enable visibility, your profile will not be shared with exhibitors but will only be used by us for the personalization mentioned above. If you do not fill out your profile at all, your data will also not be shared with exhibitors.

You may revoke your consent to make your profile visible at any time with future effect by deactivating visibility in the myfestival area or by sending your revocation to datenschutz@omr.com. The lawfulness of the processing carried out up to the time of revocation remains unaffected by this. For further information on storage and deletion, the provisions under Section 8 apply accordingly.⁠

9 Segment.io

We use Segment on our website, a service provided by Segment.io, Inc., 100 California Street Suite 700 San Francisco, CA 94111, USA.

Segment.io provides a platform for collecting, consolidating, and analyzing data to improve the user experience and the effectiveness of marketing campaigns. The tool enables the collection, combination, and analysis of data from various sources to gain insights into user behavior and the performance of our products and services. For example, usage data such as interactions with our online offering (e.g., purchasing a festival ticket or registering for a masterclass) can be aggregated and pseudonymized to provide you with relevant recommendations.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Art. 45(1) GDPR based on the EU-US Data Privacy Framework. Segment.io, Inc. has obtained certification under the US-EU Data Privacy Framework and is thereby committed to complying with European data protection guidelines.

Further information is available in the provider’s privacy policy at https://segment.com/legal/privacy/.

The data will be deleted as soon as it is no longer required for the purposes of processing.

The processing of your personal data is carried out to fulfill our contract pursuant to Art. 6(1)(b) GDPR. If there is no contractual relationship or if the data processing is not directly necessary for the fulfillment of the contract, the legal basis is our legitimate interest pursuant to Art. 6(1)(f) GDPR. Our legitimate interest consists of improving our website and the service we provide to our customers.

10 Make

We use the Make service provided by Celonis Inc., One World Trade Center, 87th Floor, New York, NY 10007, USA. Make is a cloud-based automation platform that connects applications and services with integrations to automate online workflows. The solution enables the creation of complex processes that integrate multiple systems and offers tools such as automatic error handling and complete logging of operations. We use the service, among other things, for invoicing and managing newsletter subscribers.

In this context, data such as title, first and last name, email address, or invoice number may be processed. Your personal data will be deleted or blocked immediately once the purpose for which it was stored no longer applies.

The processing of your personal data is carried out to fulfill our contract pursuant to Art. 6(1)(b) GDPR. If there is no contractual relationship or if data processing is not directly necessary for the fulfillment of the contract, the legal basis is our legitimate interest pursuant to Art. 6(1)(f) GDPR in the efficient processing of transactions and inquiries.

For more information on data protection at Celonis, please visit: https://www.make.com/en/privacy-notice.

11 Use of Cookies and Similar Technologies

When you visit our website, we also collect and use data from you to make it easier for you to use our website and services and to measure and improve the effectiveness of our marketing activities. Non-essential cookies are set exclusively with the user’s consent pursuant to Art. 6(1)(a) GDPR or § 25(1) German TDDDG. In doing so, we also use so-called cookies and cookie-like technologies such as pixel tags (i.e., small transparent graphics, also known as web beacons). Cookies are small text files that are stored on your device via your internet browser.

All information regarding the individual cookies, in particular their provider and purpose, storage duration, assignment to the selectable categories (Essential, Statistics, and Marketing), and legal basis can be found in this Privacy Policy as well as in the “Cookie Banner.”

You have the option at any time to change the decision you made there and to subsequently grant or revoke your consent. To do so, you can access the settings options in the footer.

You can learn more about the use of cookies in this Privacy Policy in the section relevant to cookie usage. Additionally, you can find further information about cookies and the individual providers on the websites http://www.meine-cookies.org and http://www.youronlinechoices.com.

11.1 Usercentrics (Cookie Banner)

Usercentrics is a consent management platform that enables websites to protect user privacy and comply with the GDPR when it comes to cookies and tracking. “Usercentrics” is a service provided by Usercentrics GmbH, Rosental 4, 80331 Munich, hereinafter referred to as “Usercentrics.”

Through the “Usercentrics” feature, we inform our website visitors about the use of cookies on our website and enable them to make a decision regarding their use.

If the visitor consents to the use of cookies, the following data is automatically logged:

The user’s IP address
Date and time of consent
User agent of the end user’s browser
The provider’s URL
An anonymous, random, and encrypted key.

The encrypted key and the cookie status are stored on the user’s device via a cookie in order to restore the corresponding cookie status during future page visits. This cookie is automatically deleted after 12 months.

The legal basis for storing the data is Article 6(1)(c) of the GDPR in conjunction with Article 7(1) of the GDPR, as Usercentrics is used to comply with requirements under the German TDDDG and the GDPR.

The user can prevent or revoke the installation and storage of the cookie—and thus their cookie consent—at any time by adjusting their browser settings.

Further information about Usercentrics can be found at:

https://usercentrics.com/de/datenschutzerklaerung/

11.2 Use for Analytical Purposes

If you consent, we process data during your visit to our website using the tools listed below in order to track visitor behavior on our website, optimize our website, and tailor it to visitor interests. The legal basis for this is your consent pursuant to Art. 6(1)(a) GDPR or § 25(1) German TDDDG.

11.2.1 Google Analytics – Universal Analytics (with anonymization feature)

On this website, we use the web analytics service Google Analytics (with anonymization function) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

The purpose of the Google Analytics component is to analyze how visitors use our website. As our data processor pursuant to Article 28 of the GDPR, Google provides us with reports that allow us to display and evaluate activity on our website. In doing so, a Google Analytics cookie is stored on the device you use to visit our website. When you visit individual pages of this website, the Google Analytics component automatically prompts the web browser on your device to transmit data to Google for the purpose of online analysis. As part of this technical process, Google obtains personal data about you, in particular information regarding browser type/version, operating system used, the page you previously visited, the hostname of the accessing device, IP address, and the time of the request, which Google uses, among other things, to track the origin of visitors and clicks. However, this data is not combined with other data about you. In addition, we use the feature whereby the IP address of your internet connection is automatically truncated and thus anonymized by Google when accessing our website from a member state of the European Union or from another signatory state to the Agreement on the European Economic Area.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and has thereby committed to complying with EU data protection standards.

Further information and Google’s applicable privacy policies can be found at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link: https://www.google.com/intl/de_de/analytics/

We have configured Google Analytics so that the data underlying the reports is deleted after 26 months at the latest.

The legal basis for this data processing is your consent pursuant to Art. 6(1)(a) GDPR or § 25(1) German TDDDG. You may revoke your consent at any time with future effect by accessing the cookie settings in the footer and changing your selection there.

11.2.2 Google Analytics 4

Provided you have given your consent, we use Google Analytics, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected via the cookies regarding your use of this website is generally transmitted to a Google server in the U.S. and stored there.

We use the User ID feature. With the help of the User ID, we can assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and analyze user behavior across devices.

We use the “anonymizeIP” function (so-called IP masking): Due to the activation of IP anonymization on this website, your IP address is truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the U.S. and truncated there. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

During your visit to the website, the following data, among others, is collected:

the pages you visit, your “click path,”
achievement of “website goals” (conversions, e.g., newsletter sign-ups, downloads),
your user behavior (e.g., clicks, time spent on the site, bounce rates),
your approximate location (region),
your IP address (in truncated form),
technical information about your browser and the devices you use (e.g., language settings, screen resolution),
your internet service provider, and
the referrer URL (the website or advertising medium through which you arrived at this website).

On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activity . The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, acting as a data processor. We have entered into a data processing agreement with Google for this purpose. Google LLC, based in California, USA, and, where applicable, U.S. government authorities may access the data stored by Google.

The data we send and that is linked to cookies is automatically deleted after 30 days. Data that has reached the end of its retention period is automatically deleted once a month.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by

a. do not give your consent to the setting of the cookie, or

b. downloading and installing the browser add-on to disable Google Analytics HERE.

You can also prevent the storage of cookies by adjusting your browser settings accordingly. However, if you configure your browser to reject all cookies, this may result in limited functionality on this and other websites.

For more information on the terms of use of Google Analytics and Google’s privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.

11.2.3 Posthog

We use the web analytics service PostHog, provided by PostHog Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA (hereinafter: "PostHog") on our website. PostHog enables us to analyze the behavior of visitors to our website and to improve our offering on this basis. The following data may be processed, among other things: IP address (in shortened or anonymized form), timestamps, pages visited, click behavior, browser and device information, and language settings.

Where you have consented to the use of PostHog cookies, this is done on the basis of your consent pursuant to § 25 para. 1 TDDDG in conjunction with Art. 6 para. 1 sentence 1 lit. a) GDPR. You may withdraw your consent at any time with effect for the future by adjusting your cookie settings on our website. Otherwise, PostHog is used solely in a configuration that does not set any cookies. In this case, we base the processing on our legitimate interest in analyzing and improving our website pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

For more information on data protection at PostHog, please visit: https://posthog.com/privacy

11.2.4 Albacross

This website uses features of the lead identification and ad targeting service Albacross. The provider is Albacross Nordic AB, Kungsgatan 26, 111 35 Stockholm, Sweden.

Albacross uses so-called “cookies.” These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie regarding your use of this website is generally transmitted to a server operated by Albacross Nordic AB in Ireland and stored there.

The data that Albacross collects and uses for this purpose includes information about the IP address from which you visited our website, as well as technical information that enables Albacross to distinguish between different visitors using the same IP address. Albacross stores the domain from the form submission in order to link the IP address to your employer.

If your browser supports the “Do Not Track” feature and you have enabled it, your visit will be automatically ignored.

Your data will be deleted after 12 months at the latest.

Further information on the processing of personal data can be found in Albacross’s Privacy Policy (https://albacross.com/privacy-policy/).

11.2.5 Hotjar

We use the web analytics service Hotjar to analyze the use of our website. Hotjar Ltd. (St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta) complies with the provisions of the Data Protection Act, Chapter 440 of the Laws of Malta (“Applicable Law”), which implements all relevant European Union directives on data protection.

Hotjar measures, records, and analyzes user behavior (mouse movements, clicks, scroll depth, etc.) on our website. Additionally, information is collected regarding previously visited websites, your country of origin, and the devices, operating systems, and browsers used. The IP address of the end device is collected and stored only in an anonymized manner by setting the last octet of IPv4 addresses to 0 to ensure that the full IP address is never written to the hard drive. The collected data is transmitted via an encrypted connection to servers located in Ireland (EU) and stored there.

The purpose of data processing is to improve the offering, the functionality of the Hotjar-based website, and thus the user experience. For this purpose, Hotjar also places cookies on your devices, among other things. You can find more information about the cookies used at: https://www.hotjar.com/legal/policies/cookie-information.

Further information on Hotjar’s compliance with data protection regulations can be found here: https://www.hotjar.com/legal/policies/privacy/

11.2.6 VG Wort

We use the tracking pixel of the collecting society WORT, Goethestraße 49, 80336 Munich (“VG Wort”) on our website.

The tracking pixel enables authors to receive royalties for their literary works. The tracking pixel is embedded as an invisible graphic within a webpage and counts visitors. The data is used exclusively to determine whether the required threshold for a payout has been reached. The IP address is processed and used only in anonymized form to prevent misuse.

For more information, please visit https://www.vgwort.de/hilfsseiten/datenschutz.html.

The legal basis for processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR or § 25(2)(2) German TDDDG, which lies in the commercial exploitation of our texts.

11.2.7 Sentry

We use Sentry (132 Hawthorne St, San Francisco, CA 94107, USA) to monitor the stability of our platform and identify potential code errors. The use of Sentry serves exclusively to improve and monitor system stability. No data processing for marketing purposes takes place. The collected data, such as IP address, browser, and/or device information at the time of the error, does not allow any conclusions to be drawn about your identity. Cookies are also used for this purpose.

Your personal data will be stored for as long as necessary to fulfill the purposes stated in this Privacy Policy.

For more information, please visit: https://sentry.io/privacy/.

The legal basis for processing users’ personal data is our legitimate interest pursuant to Art. 6(1)(f) GDPR or § 25(2)(2) German TDDDG in the stable operation of our service.

You can prevent the collection and processing of your personal data by Sentry by blocking the storage of third-party cookies on your computer, using the “Do Not Track” feature of a compatible browser, disabling the execution of script code in your browser, or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

11.3 Use for Marketing Purposes

If you consent, we collect and process data on our website using the tools listed below to display more relevant advertising to you on this and other websites (remarketing/retargeting) and to measure the success of our advertising campaigns. In doing so, we work with providers who help us, in particular, to track whether users reach us via specific advertising measures (so-called conversion tracking). In this context, pseudonymized user profiles are also created. The legal basis for this is your consent pursuant to Art. 6(1)(a) GDPR or § 25(1) German TDDDG.

11.3.1 Google Marketing Services

We use marketing services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, on these websites. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

The services used include:

AdWords: The use of the Google service AdWords allows us to perform conversion tracking, i.e., it enables us to determine whether you arrived at our website via a Google ad. However, we cannot identify you on this basis. Only statistics are generated.

AdSense: The use of the Google service AdSense enables us to display third-party advertisements on our pages. Cookies and pixel tags are used to analyze visitor behavior and display ads that are as relevant as possible to your interests.

Firebase: The use of the Google service Firebase allows us to analyze user groups and send push notifications, in the course of which only anonymized data is transmitted to Firebase. You can find more information here: https://www.firebase.com/terms/privacy-policy.html

Google Tag Manager: The use of the Google Tag Manager service merely enables us to integrate the listed services by implementing the other cookies/tags and integrating the Consent Manager (“cookie banner”). The legal basis for the processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR or § 25(2)(2) German TDDDG; this lies in optimizing our website and complying with the provisions of the GDPR through a Consent Manager.

Within the scope of the aforementioned services, Google uses cookies and cookie-like technologies such as pixel tags (i.e., small transparent graphics, also known as web beacons) and processes your personal data, in particular information about browser type/version, operating system used, the page you previously visited, the hostname of the accessing device, IP address, and the time of the request, as well as offers, search terms, and content in which you have shown interest. This data is transmitted to Google. Usage profiles are created on a pseudonymized basis. This means that we cannot identify you on this basis. For more information, please visit https://policies.google.com/technologies/types

The cookies are automatically deleted after 30 days. You can opt out of or customize interest-based advertising here: https://www.google.com/ads/preferences/?hl=de

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR, based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and is therefore committed to complying with EU data protection standards.

Further information and Google’s applicable privacy policy can be found at https://policies.google.com/privacy. The functionality of Google’s marketing services is explained in more detail at this link: https://policies.google.com/technologies/ads

11.3.2 Facebook Pixel / Facebook Custom Audiences

As part of our usage-based online advertising, we use the Custom Audiences service provided by Meta Platforms, Inc. (1601 S. California Avenue, Palo Alto, CA 94304, USA). For this purpose, we define target groups of users in Facebook Ads Manager based on specific characteristics, and these users are subsequently shown ads within the Facebook network. Users are selected by Facebook based on the profile information they have provided, as well as other data made available through their use of Facebook. If a user clicks on an advertisement and is subsequently redirected to our website, Facebook receives information via the Facebook Pixel embedded on our website that the user has clicked on the advertisement. In general, a non-reversible and non-personally identifiable checksum (hash value) is generated from your usage data and transmitted to Facebook for analysis and marketing purposes. A Facebook cookie is set in the process. This cookie collects information about your activities on our website (e.g., browsing behavior, subpages visited, etc.). Your IP address is also stored and used for the geographic targeting of advertisements. We do not use Facebook Custom Audiences via the customer list or the “advanced matching” feature.

The data is deleted after 720 days at the latest.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Art. 45(1) GDPR based on the EU-US Data Privacy Framework. The provider has certified itself under the EU-US Data Privacy Framework and is thus committed to complying with EU data protection standards.

You can find Facebook’s privacy policy here: https://www.facebook.com/policy.php– You can object to the collection via the Facebook Pixel and the use of your data here: https://www.facebook.com/settings?tab=ads.

11.3.3 TikTok Advertising

We use the tracking and conversion tool “TikTok Pixel” from the Chinese company ByteDance on our website. The controller for users in the EU/EEA and Switzerland is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (“TikTok”).

Pixels are small, invisible image files used to collect information about how users interact with a website. When the website is accessed, a simple code is automatically triggered, allowing the pixel to be loaded onto the device being used and enabling the collection of specific information about the device and the user’s actions on the website.

This allows us to measure our ad performance and conversions, as well as build audiences for remarketing. Additionally, it enables us to display interest-based advertising to users of our website and to measure and analyze their behavior on our website for statistical and market research purposes.

Among other things, the IP address, a device ID, device type, and operating system, as well as information about activities on our website (e.g., browsing behavior, subpages visited, etc.) may be collected. This data may also be transmitted to TikTok. TikTok can use this information to associate a user of our website with a TikTok user account. TikTok uses this data to display personalized advertising to its users and to create interest-based user profiles.

If data is transferred to countries outside the European Economic Area where there is no level of data protection equivalent to the European standard, TikTok states that it uses standard data protection clauses in accordance with Art. 46(2)(c) of the GDPR.

For more information on data processing by TikTok, please refer to TikTok’s Privacy Policy: https://www.tiktok.com/legal/privacy-policy-eea?lang=de.

11.3.4 EPOM

We use the EPOM service provided by EPOM SERVICES LTD (79 Spyrou Kyprianou Avenue, Protopapas Building, 2nd floor, Office 201, 3076 Limassol, Cyprus) to display and optimize advertisements on our website.

When using EPOM, cookies are placed on your device to enable the delivery, targeting, and performance measurement of advertisements. In particular, the following data may be processed: information about your device and browser, your IP address (truncated and anonymized), location data (at the country level), usage data (e.g., clicks on advertisements, interactions with ad spaces), and, where applicable, information about previously visited websites. This data is stored and analyzed solely for the purpose of measuring the effectiveness of advertisements, displaying targeted advertising, and optimizing our offerings.

The cookies set by EPOM have different retention periods: The opt-out cookie is stored for 2 years; other cookies are stored as session or persistent cookies in accordance with your browser’s default settings. You can control or delete the storage of cookies at any time via your browser settings.

Your personal data is processed exclusively on servers within the European Union, specifically in Cyprus. Personal data is not transferred to third countries.

For more information on the cookies used, please visit: https://epom.com/privacy-policy.

12 Integration of Third-Party Content

We have integrated third-party content in some areas of our website. This includes, for example, videos, map services, images, or fonts. In connection with the integration of this content, it is technically necessary for us to share your IP address with the third-party providers so that they can display the content to you. We do not store your IP address for the purpose of integrating third-party content. The third-party providers may use your IP address, the use of cookies, and other technologies (e.g., pixel tags, i.e., invisible graphics) to track your browsing behavior and, in doing so, process additional technical information alongside your IP address (including browser type/version, operating system used, the page you previously visited, the hostname of the accessing device, the time, and other details regarding your use of our online service).

A more detailed description of whose content we embed and how your data is processed in the process can be found below in the respective description of the embedded content.

These plugins typically collect data from you by default and transmit it to the servers of the respective provider. To ensure the protection of your privacy, we have implemented technical measures that ensure your data cannot be collected by the providers of the respective plugin without your consent. When you visit a page on which the plugins are embedded, they are initially deactivated unless you have given your consent via the Consent Manager (“Cookie Banner”). If you have not given your consent, the plugin is only activated when you click on the respective icon. By doing so, you consent to your data being transferred to the respective provider. The legal basis for the use of the plugins is Art. 6(1)(a) GDPR.

12.1 Google Maps Plugin

This site uses the Google Maps mapping service. Google Maps is a mapping service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

To use the features of Google Maps, information—including your IP address and the address entered when using the route planner—may be transmitted to the provider’s servers. This information is typically transmitted to a Google server in the United States and stored there. When you visit a website that includes Google Maps, your browser establishes a direct connection to Google’s servers, and the map content is sent to your browser and integrated into the page. We have no influence over this data transfer. Based on current information, this includes the following data:

Date and time of the visit to the relevant website,
Internet address or URL of the accessed website,
IP address, (starting) address entered as part of route planning

The use of Google Maps is intended to ensure an appealing presentation of our online offerings and to make it easy to locate the places we specify on the website. If you do not wish Google to process data via this service, you can disable JavaScript in your browser settings. Please note that in this case, the interactive map function of Google Maps will not be available.

If you have not given your consent via the Consent Manager, you have the option to do so later using the so-called “2-click procedure.” When you visit a page where Google Maps is embedded, a connection to the Google servers is only established once you click the confirmation button. In this case, Google will set cookies and use your visit data for its own purposes. If you are logged into Google at this time, the information about the videos you have viewed will be associated with your Google account. You can prevent this by logging out of your Google account before visiting our website.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and is thereby committed to complying with EU data protection standards.

For more information on the handling of user data, please refer to Google’s Privacy Policy: https://www.google.de/intl/de/policies/privacy/.

12.2 Google Web Fonts

This site uses so-called web fonts provided by Google to ensure consistent font display. When you visit a page, your browser loads the required web fonts into its cache to display text and fonts correctly. We have opted for the offline version, in which the Google Fonts are stored locally on our web server. The fonts can then be managed—using CSS—just like any other font family. No IP address or other data is transmitted to Google.

The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offerings, taking into account efficiency and cost-saving considerations. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR and § 25(2)(2) German TDDDG. If your browser does not support web fonts, a standard font from your computer will be used.

For more information about Google Web Fonts, please refer to Google’s Privacy Policy: https://www.google.com/policies/privacy/.

12.3 YouTube

We use services provided by YouTube, LLC, 901 Cherry Ave., 94066 San Bruno, CA, USA, a subsidiary of Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA, on our website. For users whose habitual residence is in the European Economic Area or Switzerland, Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland, is the data controller responsible for your data. YouTube is an online platform where users can upload, watch, share, and comment on videos. It offers a wide variety of content, including music videos, vlogs, tutorials, and more.

When you visit a page that contains an embedded YouTube video, a connection to the YouTube servers is only established once you click the confirmation button. In this case, YouTube will set cookies and use your visit data for its own purposes. If you are logged into YouTube at that time, the information about the videos you have viewed will be associated with your YouTube account. You can prevent this by logging out of your account before visiting our website. If you have not given your consent via the Consent Manager, you have the option to do so later using the so-called “2-click procedure.”

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and is thus committed to complying with EU data protection standards.

Further information on YouTube’s data protection is provided by Google at the following link: https://www.google.de/intl/de/policies/privacy/.

12.4 Vimeo

We use services from “Vimeo” (Vimeo LLC, 555 West 18th Street, New York 10011, USA) on our website. Vimeo is a video portal similar to YouTube. Any user can upload their own videos via an account and share them on the internet.

Some of our web pages contain videos from Vimeo. When you visit such a page on our website, a connection is established with the Vimeo servers. This transmits information to the Vimeo server regarding which of our web pages you have visited. If you are logged in to your Vimeo account at that time, Vimeo associates this information with your personal user account. Clicking the play button on a video may also link this information to an existing user account. You can prevent this linking by logging out of your Vimeo account before using our website and deleting the relevant Vimeo cookies.

If you have not given your consent via the Consent Manager, you have the option to do so later using the so-called “2-click procedure.” When you visit a page that contains an embedded Vimeo video, a connection to the Vimeo servers is only established once you click the confirmation button. In this case, Vimeo will set cookies and use your visit data for its own purposes. If you are logged into Vimeo at that time, the information about the videos you have viewed will be associated with your Vimeo member account. You can prevent this by logging out of your member account before visiting our website.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and is therefore committed to complying with EU data protection standards.

For more information, please refer to Vimeo’s privacy policy at https://vimeo.com/privacy.

12.5 Podigee

We use the podcast hosting service Podigee provided by Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee.

Podigee processes IP addresses and device information to enable podcast downloads/playbacks and to collect statistical data, such as the number of views. This data is anonymized or pseudonymized before being stored in Podigee’s database, unless it is necessary for the provision of the podcasts.

Further information can be found in Podigee’s privacy policy: https://www.podigee.com/de/about/privacy/.

The legal basis for this data processing is your consent pursuant to Article 6(1)(a) of the GDPR and Section 25(1) of the German TDDDG. You may revoke your consent at any time with future effect by accessing the cookie settings in the footer and changing your selection there.

12.6 Leaflet and OpenStreetMap

We use Leaflet, an open-source JavaScript library, to display interactive maps on our website. The maps are displayed using OpenStreetMap, a service provided by the OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom.

When using Leaflet and OpenStreetMap, personal data such as your IP address, browser information, information about your device, and usage data (e.g., map sections viewed, interactions with the map) may be processed. This data is transmitted directly to OpenStreetMap’s servers as soon as you consent to the display of the map. The data will be deleted as soon as it is no longer needed for the purposes of processing.

Your data may be processed in the United Kingdom (UK) and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The European Commission has issued an adequacy decision for the United Kingdom pursuant to Art. 45(1) GDPR, ensuring an adequate level of data protection.

Further information on data processing by OpenStreetMap can be found in the OpenStreetMap Foundation’s privacy policy at: https://wiki.osmfoundation.org/wiki/Privacy_Policy.

13 Use of Social Plugins

We use so-called “social plugins” from various social networks (hereinafter: “plugin providers”) on our website. A social network is an online social gathering place that enables users to communicate with one another and interact in a virtual space. To ensure the protection of your privacy, we have implemented technical measures to ensure that your data cannot be collected by the providers of the respective plugin/tool without your consent.

By default, these plugins typically collect data from you and transmit it to the respective provider’s servers. To ensure the protection of your privacy, we have implemented technical measures to ensure that your data cannot be collected by the respective plugin providers without your consent. When you visit a page on which the plugins are integrated, they are initially deactivated unless you have given your consent within the Consent Manager (“Cookie Banner”). If you have not given your consent, the plugin is only activated when you click on the respective icon. By doing so, you consent to your data being transferred to the respective provider . The legal basis for the use of the plugins is Art. 6(1)(a) GDPR or § 25(1) German TDDDG.

After activation, the plugins/tools also collect personal data such as your IP address and send it to the respective provider’s servers, where it is stored. Additionally, when you visit the relevant webpage, activated social plugins/tools set a cookie with a unique identifier. This allows the providers to create profiles based on your usage behavior. This occurs even if you are not a member of the respective provider’s social network. If you are a member of the provider’s social network and are logged in to that social network during your visit to this website, your data and information about your visit to this website may be linked to your profile on the social network. We have no influence over the exact scope of the data collected from you by the respective provider.

For more information about the scope, nature, and purpose of data processing, as well as your rights and settings options for protecting your privacy, please refer to the privacy policies of the respective social network provider. These are available at the following addresses:

13.1 Facebook

The social plugins of the social network Facebook are operated by Meta Platforms, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (“Facebook”). An overview of Facebook’s plugins can be found here: http://developers.facebook.com/docs/plugins; information on data protection at Facebook can be found here: www.facebook.com/policy.php

When you visit a page that has Facebook embedded, a connection to Facebook’s servers is only established when you click the “Confirm” button. In this case, Facebook will set cookies and use your visit data for its own purposes. If you are logged into Facebook at that time, the information regarding the videos you have viewed will be associated with your Facebook account. You can prevent this by logging out of your Facebook account before visiting our website. If you have not given your consent via the Consent Manager, you have the option to do so subsequently via the so-called “2-click procedure.”

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and is thus committed to complying with EU data protection standards.

If you wish to object to Facebook’s data collection in the future, you can do so here: https://www.facebook.com/settings?tab=ads

13.2 Instagram

Instagram plugins are operated by Meta Platforms, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (“Instagram”). For more information, please refer to Instagram’s Privacy Policy (https://help.instaqram.com/15583370790Q388).

When you visit a page where Instagram is embedded, a connection to the Instagram servers is only established when you click the “Confirm” button. In this case, Instagram will set cookies and use your visit data for its own purposes. If you are logged into Instagram at that time, the information about the videos you view will be associated with your Instagram account. You can prevent this by logging out of your account before visiting our website. If you have not given your consent via the Consent Manager, you have the option to do so later using the so-called “2-click procedure.”

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the adequacy decision with the United States pursuant to Article 45(1) of the GDPR based on the EU-US Data Privacy Framework. The provider has obtained certification under the EU-US Data Privacy Framework and is thus committed to complying with EU data protection standards.

You can find information on data protection at Instagram here: https://help.instagram.com/155833707900388/

13.3 LinkedIn

LinkedIn plugins are operated by LinkedIn Ireland Unlimited Company
Wilton Place, Dublin 2, Ireland. Information on data protection at LinkedIn can be found here: https://de.linkedin.com/legal/privacy-policy.

When you visit a page where LinkedIn is embedded, a connection to the LinkedIn servers is only established when you click the “Confirm” button. In this case, LinkedIn will set cookies and use your visit data for its own purposes. If you are logged into LinkedIn at that time, the information regarding the videos you view will be associated with your LinkedIn member account. You can prevent this by logging out of your member account before visiting our website. If you have not provided consent via the Consent Manager, you have the option to do so subsequently using the so-called “2-click procedure.”

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the Standard Contractual Clauses pursuant to Art. 46(2), (3) GDPR. These clauses require the provider to comply with the EU data protection standards when processing personal data, even outside the EU.

13.4 Pinterest

The Pinterest social plugins are operated by Pinterest Inc., 635 High Street, Palo Alto, CA 94301, USA (“Pinterest”). Information on data protection at Pinterest can be found here: https://about.pinterest.com/de/privacy-policy.

When you visit a page where Pinterest is embedded, a connection to the Pinterest servers is only established when you click the “Confirm” button. In this case, Pinterest will set cookies and use your visit data for its own purposes. If you are logged into Pinterest at that time, the information regarding the videos you view will be associated with your Pinterest account. You can prevent this by logging out of your account before visiting our website. If you have not provided consent via the Consent Manager, you have the option to do so subsequently using the so-called “2-click procedure.”

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the Standard Contractual Clauses pursuant to Art. 46(2), (3) GDPR. These clauses oblige the provider to comply with the EU data protection standards when processing personal data, even outside the EU.

13.5 TikTok

We use a plugin from “TikTok” (for the EU: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland), a subsidiary of the Chinese company ByteDance, on our website. The controller for users in the EU/EEA and Switzerland is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (“TikTok”).

TikTok is a social media platform that allows users to create and share short videos. The app offers a variety of tools and effects for creating videos, including music clips, filters, and more. TikTok has a large and active community where users can express their creativity and interact with others.

Through the plugin, information such as the IP address, a device ID, device type, and operating system, as well as information about activities on our website (e.g., browsing behavior, subpages visited, etc.) may be collected. This data may also be transmitted to TikTok. TikTok can use this information to associate a user of our website with a TikTok user account. TikTok uses this data to display personalized ads to its users and to create interest-based user profiles.

When you visit a page that contains an embedded TikTok video, a connection to the TikTok servers is only established once you click the confirmation button. In this case, TikTok will set cookies and use your visit data for its own purposes. If you are logged into TikTok at that time, the information about the videos you have viewed will be associated with your TikTok account. You can prevent this by logging out of your account before visiting our website. If you have not given your consent via the Consent Manager, you have the option to do so later using the so-called “2-click procedure.”

There is a risk that your data will be processed in China and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the European Commission for this country that guarantees a level of data protection there equivalent to European standards. According to the European Court of Justice (ECJ), there is a particular risk that data may be processed unnoticed by Chinese authorities for surveillance purposes. When data is transferred to countries outside the European Economic Area where there is no level of data protection equivalent to European standards, TikTok states that it uses standard data protection clauses in accordance with Art. 46(2)(c) of the GDPR.

For more information on this, please refer to TikTok’s Privacy Policy at https://www.tiktok.com/legal/privacy-policy?lang=de.

14 Use of Website Features (Quizzes, Checks, etc.)

In several places on our website, you have the option to use certain services, in particular checks, quizzes, etc. As a rule, no personal data is collected or processed in this context. We use the data collected in this context exclusively to perform the respective function and do not combine the collected data with any other data we may have about you. If, in individual cases, a personal connection can nevertheless be established, the legal basis for the processing of your data is Art. 6(1)(f) GDPR or § 25(2)(2) German TDDDG. Our legitimate interest in this regard is to offer you the respective feature in order to enhance the appeal of our websites. The data entered will not be disclosed to third parties.

Your data processed in connection with the use of the respective functions will be deleted as soon as it is no longer required or you have ceased using the function. The IP address stored during use is automatically deleted after 7 days.

15 Participation in a Contest

You can participate in a contest on our website.

When participating in a contest, the data we request (first name, email address) as well as the time and date of your participation are transmitted to us and stored and processed by us. Your data will be used exclusively for the purpose of conducting the contest and will not be disclosed to third parties.

The legal basis for processing your data in connection with participation in constests is your consent (Art. 6(1)(a) GDPR or § 25(1) German TDDDG). Your consent may be revoked at any time (see V. Your Rights / 5. Right to Withdraw Consent).

Your data will be stored until the contest has ended. Your data will then be deleted within 7 days.

16 Other Recipients of Your Data

In the context of data processing, we also engage service providers (in particular cloud providers, providers of accounting and similar services, and payment service providers) who process your personal data exclusively on our behalf in accordance with Article 28 of the GDPR and in accordance with our instructions, and who have implemented appropriate technical and organizational measures to protect your rights. These include, in particular, the following:

No agency – Web design agency based in Hamburg, Karpfangerstrasse 17, 20459 Hamburg (for the maintenance of our website).

If data is transferred outside the EEA, where there may not be a standard comparable to the European level of data protection, this is done on the basis of appropriate safeguards in accordance with Articles 44 to 49 of the GDPR.

II. Data Processing in Connection with Events

After you register for an event, we may share your company and position (without disclosing your name) with participants and partners to give them the opportunity to have you invited to future events through us. The potential sponsor will not receive your name. If the transmitted data is not anonymized due to the combination of company and position, the transmission is based on Art. 6(1)(f) GDPR. The consolidation of business contacts is a core objective of such a conference in the common interest, and the disclosure of company and position is minimally invasive with regard to privacy interests. Your other data remains with us.

1 Digital HR Summit
⁠For further exchange during and following the Digital HR Summit, the organizing companies will receive the first name, last name, email address, phone number (if provided), company, company size, and position of participants registered for the Digital HR Summit event. The legal basis for this data processing is Article 6(1)(b) of the GDPR. Please note that in the case of organizing companies based in the United States, data may be transferred to a third party in a non-EU country. In this case, the data is transferred on the basis of the adequacy decision (EU-US Data Privacy Framework). If a company is not certified under the EU-US Data Privacy Framework, we enter into EU Standard Contractual Clauses with the organizing companies.

2 (Digital) Masterclass
⁠When you apply for a (Digital) Masterclass, we provide the content providers of the (Digital) Masterclass (“Speakers”), as described in the Terms and Conditions, with the following data for the purpose of participant selection and for communication during and after the (Digital) Masterclass: Title, first name, last name, email address, company, country, position, phone number, career level, company size, sector, industry, department, and company type. The legal basis for this data processing is Article 6(1)(b) of the GDPR. After the Digital Masterclass, we will make on-demand videos of the event available. When these on-demand videos are played, the speakers also receive the participants’ title, first name, last name, email address, company, country, position, phone number, career level, company size, sector, industry, department, and company type to facilitate further communication following the Digital Masterclass. The legal basis for this data processing is Art. 6(1)(b) of the GDPR. Please note that for speakers or companies from the U.S., data may be transferred to a third party in a non-EU country. In this case, the data is transferred on the basis of the adequacy decision (EU-U.S. Data Privacy Framework). If a speaker or company is not certified under the EU-US Data Privacy Framework, we enter into EU Standard Contractual Clauses with the organizing companies.

3 OMR Festival

⁠3.1 Visitor Accreditation
⁠As part of the accreditation process, we collect the following personal data: title, first name, last name, phone number, city, country, job title, email address, company, and proof of accreditation. This data is used exclusively for the purpose of accreditation and for the conduct of the event. With your consent, the PR team at OMR and Finance Forward may contact you regarding interview requests from speakers. Your data will be stored for as long as necessary to fulfill this purpose. The legal basis for this data processing is your consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time with future effect by sending an email to presse@omr.com.

3.2 Accreditation of Staff
⁠Employees of service providers must be registered in our Festival Manager by the contracted companies. The following mandatory information is collected for this purpose: company, name, date of birth, email address. Information regarding position, mobile phone number, and dietary preferences may be provided voluntarily.

The mandatory personal and company information is required to authorize access to the premises and to enable clear identification upon entry. Contact information is necessary for communication prior to, during, and after the event. Voluntary address information may help facilitate faster assignment to specific service providers. The legal basis for this data processing is Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR in the case of a contractual relationship with the employer who is assigning you to us. The legitimate interest lies in enabling your assignment with us.

Following registration, accreditation and ticket issuance take place.

3.3 Processing of Ticket Scans on the Festival Grounds

To control access to the festival grounds, visitors’ tickets are scanned at the turnstiles in the entrance areas. Additionally, tickets are scanned at the turnstiles leading to individual event halls to monitor and manage the halls’ permitted capacities. If capacity is exceeded, access must be temporarily restricted to ensure the safety of individuals. Furthermore, the data from the scans at the turnstiles is anonymized and processed for statistical analysis to provide us and the exhibitors with statistics on the number and characteristics of visitors in specific halls and during specific time periods. The legal basis for this processing is Article 6(1)(f) of the GDPR; the legitimate interest lies in ensuring access control, managing visitor flows, and conducting subsequent statistical analysis of visits for us and our exhibitors.

In addition, at the exhibition booths, you have the option to have your visitor badge scanned to leave contact information, which is intended to enable the respective exhibitor or sub-exhibitor represented there to contact you. In this case, we will transmit the following data about you to the exhibitor (or sub-exhibitor): title, first name, last name, email address, company, country, position, phone number, career level, company size, sector, industry, department, and company type. This transfer is based on a legitimate interest in the form of a simplified exchange of contact information at the festival (Article 6(1)(f) of the GDPR). If you do not agree to this, please briefly inform the respective booth staff.

3.4 Creation and Publication of Photos or Videos

Photos and videos are taken at our events and may be published in print, digital, and online publications as well as via social media channels. Data processing is based on a legitimate interest in public relations (Art. 6(1)(f) GDPR). If you do not consent to this, please briefly inform our photographer in the specific situation.

3.4 OMR Match
⁠If you give us your consent to participate in OMR Match, you consent to the processing of your data (name, company, position, email address) for the purpose of finding suitable job offers from our partners, which we will send to you via email (legal basis: Art. 6(1)(a) GDPR). Optionally, and only after consulting with you, we may subsequently establish direct contact with our partners and share your data with them. You may revoke your consent at any time by emailingsupport@omr.com .

3.5 Visitor Flow Analysis

In addition, XPAI sensors equipped with AI technology are used in the halls at our event to track guest behavior.
In connection with the use of XPAI sensors, no personal data is stored or transmitted to third parties. The data is used exclusively for analyzing the audience’s experience and improving the customer experience. XPAI is certified with the ePrivacyseal data protection seal.

4 OMR Deep Dive
To conduct the OMR Deep Dive via the internet, we rely on the software solution from Digital Samba (Digital Samba S.L., Aribau 15, 08011 Barcelona, Spain).

In doing so, we process your name, address, and contact information, as well as contractual and payment data provided by you (e.g., account details). The legal basis for this is to fulfill the contract between us or to take pre-contractual measures (Art. 6(1)(b) GDPR). The legal basis for free webinars is Article 6(1)(f) of the GDPR. We have a legitimate interest in conducting a technically flawless webinar.

5 WebinarJam
⁠We use WebinarJam to organize and conduct online webinars. The provider of this service is Genesis LLC, 7660 Fay Ave #H184, La Jolla, California, USA. When you participate in one of our webinars, your personal data is stored on WebinarJam’s servers. This includes, in particular, your IP address as well as any content you enter into WebinarJam yourself (e.g., your email address or chat messages).

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the Standard Contractual Clauses pursuant to Art. 46(2) and (3) of the GDPR. These clauses require the provider to comply with EU data protection standards when processing personal data, even outside the EU.

Details regarding data processing can be found in WebinarJam’s privacy policy: https://home.webinarjam.com/privacypolicy.

The data will be deleted as soon as it is no longer required for the purposes of processing.

6 Zoom
⁠We use the video conferencing tool Zoom from the provider Zoom Video Communications (“Zoom”), 55 Almaden Boulevard, Suite 600, San Jose, CA 95113, USA, for our services. Zoom is a video conferencing solution that we use to hold online video conferences.

This process involves the use of technical data, such as your IP address or browser information, as well as additional data that you may voluntarily provide, such as your name or email address.

Your data may be processed in the United States and transferred there, i.e., to a third country outside the European Union (EU) or the European Economic Area (EEA). The legal basis for the data transfer is the Standard Contractual Clauses pursuant to Art. 46(2) and (3) of the GDPR. These clauses require the provider to comply with EU data protection standards when processing personal data, even outside the EU.

Details regarding data processing can be found in Zoom’s Privacy Policy: https://explore.zoom.us/de/privacy/.

The data will be deleted as soon as it is no longer required for the purposes of processing.

The legal basis for this is to fulfill the contract between us or to be able to carry out pre-contractual measures (Art. 6(1)(b) GDPR). The legal basis for free webinars is Art. 6(1)(f) GDPR. We have a legitimate interest in conducting a technically flawless webinar. The legal basis for this data processing may also be your consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time with future effect.

III. Data Processing in Connection with Our Online Presence

In addition to our website, we are also present on online platforms and social networks. When you visit these online platforms and communicate with us through them, the terms of service and privacy policies applicable there (see below) as well as this Privacy Policy apply. In this regard, we may be jointly responsible under data protection law with the provider pursuant to Article 26 of the GDPR.

Your data may be processed for analytical and advertising purposes. This is done, for example, by creating user profiles based on your usage behavior and the resulting interests. Cookies are typically used to store these user profiles, enabling the analysis of your usage behavior and interests. The usage profiles generally serve to enable the display of advertisements that correspond to your interests on the respective provider’s site or elsewhere on the internet. In addition, other data may also be stored in connection with the usage profiles, particularly if you are a registered user of the respective provider’s platform and are logged in to it. For a detailed description of the processing activities of the respective providers and the consent (opt-in), please refer to the information provided by the providers via the links below.

If you visit our online presence and communicate via these online platforms, the data processing that takes place is based on your consent (Art. 6(1)(a) GDPR) provided that you have given it. Your consent may be revoked at any time (see V. Your Rights / 5. Right to Withdraw Consent). Otherwise, data processing, in particular communication with us, is based on legitimate interests (Art. 6(1)(f) GDPR). In this regard, our interest at is to provide you with an online presence that is as informative, personalized, and engaging as possible.

We will delete your data (in particular the content of our communications) as soon as it is no longer necessary for the respective purpose and to the extent that this is possible for us. You have the rights listed under “Your Rights” (see below) vis-à-vis us and the provider. Since access to your data is in some cases only possible for the respective provider, you should in any case also assert your rights vis-à-vis them.

Facebook: http://www.facebook.com/OnlineMarketingRockstars
Xing: https://www.xing.com/news/pages/online-marketing-rockstars-56
YouTube: https://www.youtube.com/channel/UC2vPnUauXTOLZHpVXCm9m7Q
Instagram: https://www.instagram.com/omrockstars/
LinkedIn: https://www.linkedin.com/company/online-marketing-rockstars-conference
SoundCloud: https://soundcloud.com/omrpodcast
Spotify: https://open.spotify.com/show/4rION5Qm2nPvDbzIB1wUiH
iTunes: https://itunes.apple.com/de/podcast/omr-podcast-channel-i-askomr-omr-podcast-i-by-online/id1056312052
Podigee: https://omr.podigee.io/

If you communicate with us via these online platforms, we process the information contained in your messages and posts—depending on their content and the purposes of the communication—either on the basis of Article 6(1)(b) of the GDPR or Article 6(1)(f) of the GDPR. Your data will be deleted, to the extent permitted by the online platform, as soon as it is no longer necessary for the respective purpose.

Facebook
Facebook (Meta Platforms, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (www.facebook.com) and Meta Platforms Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (www.facebook.de)) enables us to obtain your anonymized data on so-called fan pages using the Facebook Insights feature, which is available as an integral part of the user relationship. This data is collected using cookies, each of which contains a unique user code. The user code can be linked to your Facebook login credentials if you are registered with Facebook and is collected and processed when you visit the fan page. Facebook provides further information on this at the following link: http://de-de.facebook.com/help/pages/insights.

Facebook does not conclusively and clearly specify how it uses data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are attributed to individual users, how long Facebook stores this data, or whether data from a visit to the Facebook page is shared with third parties, and we are not aware of this information. When accessing a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for “German” IP addresses).

Facebook also stores information about its users’ devices (e.g., as part of the “login notification” feature); in some cases, this may allow Facebook to associate IP addresses with individual users. If you are currently logged into Facebook as a user, a cookie containing your Facebook ID is stored on your device. This enables Facebook to track that you have visited this page and how you used it. This also applies to all other Facebook pages. Through Facebook buttons embedded in websites, Facebook can track your visits to these websites and associate them with your Facebook profile. Based on this data, content or advertising tailored to you may be offered . If you wish to make it more difficult for Facebook to track you, you should log out of Facebook or disable the “stay logged in” feature, delete the cookies stored on your device, and close and restart your browser. This will delete Facebook information that can be used to directly identify you. This allows you to use our Facebook page without Facebook being able to identify you via your cookies.

When you access interactive features on the page (Like, Comment, Share, Messages, etc.), a Facebook login screen will appear. After logging in, you will be directly recognizable to Facebook as a specific user.

Information on how to manage or delete information Facebook has about you can be found on the following Facebook Support pages: https://de-de.facebook.com/about/privacy#.

As the provider of the information service, we also collect and process the following data from your use of our service:

Data	Purpose	Legal basis
User interactions (posts, likes, etc.)	User communication	Art. 6(1)(f) GDPR
Facebook-Cookies*	Targeted advertising	Art. 6(1)(a) GDPR
Demographic data (e.g., based on age, location, language, or gender)	Targeted advertising	Art. 6(1)(f) GDPR
Aggregated statistical data on user interactions, i.e., data that cannot be linked to specific individuals (e.g., page activity, page views, page previews, likes, recommendations, posts, videos, page subscriptions, including source and time of day)	Targeted advertising	Art. 6(1)(f) GDPR

Xing
Information on data protection at Xing (Xing AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) can be found here: https://www.xing.com/app/share?op=data_protection

YouTube
Information on data protection at YouTube (YouTube LLC, 901 Cherry Ave., 94066 San Bruno, CA, USA, a subsidiary of Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA) can be found here: For users who have their habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland, is the data controller responsible for your data.) can be found here: https://policies.google.com/privacy?hl=de

Instagram
Information on data protection at Instagram (Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA) and an option to object can be found here: http://instagram.com/about/legal/privacy/

LinkedIn
Information on data protection at LinkedIn (LinkedIn Ireland Unlimited Company
Wilton Place, Dublin 2, Ireland) can be found here: https://de.linkedin.com/legal/privacy-policy

SoundCloud
Information on data protection at SoundCloud (SoundCloud Global Limited & Co. KG, Rheinsberger Str. 76/77, 10115 Berlin) can be found here: https://soundcloud.com/pages/privacy

Spotify
Information on data protection at SoundCloud (Spotify AB, Regeringsgatan 19, SE-111 53 Stockholm, Sweden) can be found here: https://www.spotify.com/de/legal/privacy-policy/

iTunes
Information on data protection at Apple (Apple, One Apple Park Way, Cupertino, CA 95014) can be found here: https://www.apple.com/legal/privacy/de-ww/

Podigee
Information regarding data protection at Podigee (Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany) can be found at https://www.podigee.com/de/about/privacy.

IV. Data Processing in Connection with Job Applications

If you send us data about yourself as part of a job application (in particular your name, contact information, resume, cover letter, references, etc.), we will store and process this data exclusively for the duration and purpose of the application process. The legal basis for this is Article 6(1)(b) of the GDPR. Once the application process is complete, your data will be securely deleted. We do not disclose this data to third parties. Internally, only those persons who need to know in the context of conducting the application process or the employment relationship will have access to it.

Please note that we do not request any information regarding race, ethnic origin, gender, religion or belief, disability, age, or sexual identity, illnesses, pregnancy, political views, philosophical or religious convictions, trade union membership, physical or mental health, or sex life as part of your application.

V. Your Rights

As a data subject (Article 4(1) of the GDPR), you have numerous rights vis-à-vis us, about which we would like to inform you below. Further details can also be found in Articles 15 to 21 of the GDPR.

To exercise your rights, please contact the following office (informal correspondence is also welcome):

Email: datenschutz@omr.com

1 Right of Access

You have the right to receive information from us regarding whether and what data we process about you. This includes, among other things, details on how long and for what purpose we process the data, where it originates from, and to which recipients or categories of recipients we disclose it. Additionally, you may request that we provide you with a copy of this data.

2 Right to rectification

You have the right to have us immediately correct any information about you that is inaccurate or no longer accurate. You may also request that we complete any incomplete personal data. If required by law, we will also inform third parties of this correction if we have shared your data with them.

3 Right to erasure (“right to be forgotten”)

You have the right to request that we immediately erase your personal data if any of the following reasons apply:

Your data is no longer necessary for the purposes for which it was collected or otherwise processed, or the purpose has been achieved;
You withdraw your consent and there is no other legal basis for the processing;
You object to the processing and there are no overriding legitimate grounds for the processing; when personal data is used for direct marketing, a simple objection on your part to the processing is sufficient;
Your personal data has been processed unlawfully;
The erasure of your personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which we are subject.

Please note that your right to erasure may be restricted by legal provisions. These include, in particular, the restrictions listed in Article 17 of the GDPR and Section 35 of the German Federal Data Protection Act (in the version applicable as of May 25, 2018).

4 Right to Restriction of Processing (Blocking)

You have the right to request that we restrict the processing of your personal data if one of the following conditions is met:

You contest the accuracy of your personal data, for a period that allows us to verify the accuracy of the personal data;
the processing is unlawful and you object to the erasure of the personal data and instead request the restriction of the use of your personal data;
we no longer need your personal data for the purposes of processing, but you need it to assert, exercise, or defend legal claims; or
You have objected to the processing, and it has not yet been determined whether our legitimate grounds override yours.

If you have obtained a restriction of processing pursuant to the above list, we will notify you before the restriction is lifted.

5 Right to Withdraw Consent

You may withdraw the consents you have granted to us at any time with future effect. This withdrawal may be made by sending an informal notice to the contact addresses listed above. This also applies to consents you granted to us prior to the GDPR coming into effect (i.e., before May 25, 2018). If you withdraw your consent, this does not affect the lawfulness of the data processing that took place up to that point. As a rule, the consequence of a withdrawal is that you will no longer be able to use our service—or will no longer be able to use it in full—for which we requested your consent.

6 Right to Data Portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format and to transmit this data to others. Details and restrictions can be found in Article 20 of the GDPR. Exercising this right does not affect your right to erasure.

7 Right to lodge a complaint with a supervisory authority

If you believe that our processing of your data violates applicable data protection law, you have the right to lodge a complaint with one of the competent supervisory authorities, i.e., in particular, the Hamburg Commissioner for Data Protection and Freedom of Information (Hamburgischen Beauftragten für Datenschutz und Informationsfreiheit) or the relevant supervisory authority in the Member State of your residence, your workplace, or the location of the alleged data protection violation.

8 Right to object under Article 21 of the GDPR

Under Article 21 of the GDPR, you have the right, in particular, to object at any time to the processing of your data on grounds relating to your specific situation, if we base this processing on legitimate interests pursuant to Article 6(1)(f) of the GDPR. If you object, we will no longer process your personal data, except in two cases:

we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or

the processing is necessary for the establishment, exercise, or defense of legal claims.

In particular, if we process your personal data for direct marketing purposes (e.g., as part of our newsletter), you have the right to object at any time to the processing of your data for such marketing purposes. If you object to the processing of your data for direct marketing purposes, we will no longer use your personal data for that purpose.

VI. Security

We implement technical and organizational security measures to protect your personal data against misuse, loss, destruction, or access by unauthorized persons. Our security measures are state-of-the-art.

VII. Validity and Changes to the Privacy Policy

This Privacy Policy was last updated in February 2026.

Due to the further development of our website or the implementation of new technologies, it may become necessary to amend this Privacy Policy. We reserve the right to make such changes at any time.

VIII. Your Questions About Data Protection

If you have any questions regarding this Privacy Policy or your rights, please contact: datenschutz@omr.com

Contents:

⁠I. Data Processing in Connection with Your Visit to Our Website

II. Data Processing in Connection with Events

III. Data Processing in Connection with Our Online Presence

IV. Data Processing in Connection with Job Applications

V. Your Rights

VI. Security

VII. Validity and Changes to the Privacy Policy

VIII. Your Questions About Data Protection