1. General remarks
This privacy statement informs you about the type, the scope of and the purposes for the collection and use of personal data on this website.
The responsible party is context.A Research GmbH, Luise-Ullrich-Strasse 20, 80636 Munich, Germany registered at the Munich Local Court under HRB 248045, represented by the managing director Philipp Otto („context.A“ or „we/us/our“) as the operator of a website at www.context-a.com („website“) and its related offerings and services.
Should you have any questions about privacy protection, please contact us by telephone at +49 (0) 89 2620 368 20 (during regular business hours, Monday to Friday from 9am to 6pm) as well as by e-mail at firstname.lastname@example.org.
2. Personal data
Personal information is any data with which you could be personally identified. For example, this can include name, e-mail address or phone number which you enter into a contact form. Personal data can also include information about your education, professional experience or industry expertise. In addition, technical data, such as browser type or operating system, are collected automatically by our IT systems or the systems of our web space providers when you access this website.
We only collect, use or transfer personal data provided to us if permitted by law or if users consent to the data collection.
3. Type of personal data collected when accessing our website and using our offerings and services
Our website uses so-called cookies, specific text files that are stored via the browser on the access device of the website visitor. Cookies help to make our offerings and services and our website more user friendly and secure. Cookies also allow for statistical analyses of the website usage that help us improving our offerings and services.
Most of the cookies used by us are so-called session cookies. They will be automatically deleted from the website visitor’s access device after the browser window is closed. Session cookies are needed to assign successive access to the site to users accessing the website at the same time.
Other cookies remain on your access device until you delete them. These cookies make it possible to recognize your browser when you next visit the website and to enhance the user friendliness and security.
Most browsers can be configured to partly or completely restrict or prevent cookies from being saved. However, please note that the user friendliness of the website will be limited by this.
Storage and processing of cookies that are related to the visit our website and to our offerings and services takes place in accordance Art. 6 (1) c. GDPR and Art. 6 (1) f. GDPR. context.A and its third-party providers have a legitimate interest in enhancing the user friendliness, security and quality assurance.
We or the web space provider collect and store data on every visit of our website, so-called server log files. This includes:
- Date and time of access
- Browser type and browser version
- Operating system
- Referrer URL (last visited page)
- IP address
- Requesting provider and host name of accessing device
- When using a mobile access device: country code, language, device name
We will use these server-log-files only for statistical analyses with the objective of improving our offerings and services and optimizing user friendliness, security and quality of context.A. We store and process server-log-files on the basis of Art. 6 (1) c. GDPR and Art. 6 (1) f. GDPR, whereas context.A and its third-party providers have a legitimate interest in the aspects mentioned above.
We reserve the right to subsequently review access data if specific indications create justified suspicions of unlawful use.
c) Contact form / contacting us
When you send an inquiry to us via our contact form or via other channels (e.g. by telephone or by e-mail), your data will be saved to process your inquiry and for any subsequent questions. We do not share this information without your permission.
In this regard, storage and processing takes place on the basis of your consent (Art. 6 (1) a. GDPR) or to take steps to enter into a contract, to perform a contract or to execute your request (Art. 6 (1) b. GDPR).
When registering on our website as a customer or expert, we store and process certain user information, such as your contact details, to provide our offerings and services.
In addition, when registering as an expert, further profile data will be collected. In particular, this profile data comprises information about your education, professional experience or industry expertise. Users have the option to change, correct or complete this information any time.
User and profile data collected as part of the registration will be used to provide our offerings and services and to operate this website.
Any user and profile data collected by us will only be used or published by us as set out in our expert terms and conditions and/or this privacy statement. The storage, processing and transmission of personal data in this regard takes place to take steps to enter into a contract, to perform a contract or to execute a request (Art. 6 (1) b. GDPR) or on the basis of your consent (Art. 6 (1) a. GDPR).
e) Payment information
After a successful consultation between the client and the expert, we collect the certain payment data of the expert in order to process payments to the expert. Storage and processing of this information takes place based on the contract between context.A and the expert (Art. 6 (1) b. GDPR) and particularly comprises: name of the account holder, IBAN or account number, bank code and BIC.
Payment data entered in connection with the registration process can be updated or deleted by the expert anytime. Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
4. Usage of personal data when visiting this website and using our offerings and services
Generally, data that we collect from you or data that you provide to us will be used to allow us to perform our offerings and services, to communicate with you and to answer your inquiries and to optimize our offerings and services.
Processing of personal data takes place on basis of your consent (Art. 6 (1) a. GDPR) or to take steps to enter into a contract, to perform a contract or to execute your request (Art. 6 (1) b. GDPR) and also on the basis of a legitimate interest in enhancing the user friendliness, security and quality assurance (Art. 6 (1) f. GDPR).
Your data may be processed if processing is required for the fulfillment of legal obligations to which we or other controller are subject (Art. 6 (1) c. GDPR). Your data may also be processed if processing is required for the performance of a task in the public interest, the responsibility of which has been transferred to us or respectively to the controller (Art. 6 (1) e. GDPR).
Your data may be transferred to service providers who have been contracted for data processing. Service providers include, among others, IT service providers creating and maintaining the website, providers of hosting and server services, providers of data base services or newsletter service providers. Data processing agreements are concluded with service providers or they are subject to the US-EU Privacy Shield agreement.
When using our offerings and services, no “profiling” and automated decision-making in accordance with Art. 22 GDPR takes place. However, third-party providers featured by us may perform such profiling in individual cases. Profiling is performed on the legal basis of Art. 22 GDPR and is permitted for the conclusion or performance of a contract or on the basis of legal regulations. In particular, the use of Google, XING and LinkedIn through respective accounts may lead to automated decision-making or profiling. On XING and LinkedIn, these settings can be controlled in your account. When using Google, you may object to profiling by activating the following link: https://adssettings.google.com/authenticated
a) Right to information
You have, any time and free of charge, a legal right to information about the origin, recipient and purpose of your personal data stored. To exercise this right to information, please contact us at email@example.com.
However, the right to information especially does not apply to data saved only because it may not be deleted due to legal or statutory storage requirements. The right to information does further not apply to data that is only used for data protection or data protection control purposes and where providing this information would require disproportionate effort or to processing for other purposes excluded by suitable technical and organizational measures.
b) Right to revoke
Many data processing operations are only possible with your express consent. You have, any time and free of charge, a legal right to revoke your consent for the future use, processing and transfer of your personal data. To exercise this right to revoke, please contact us at firstname.lastname@example.org.
You may revoke your consent at any time with future effect. The data processed before we receive your request may still be legally processed.
In case of revocation, we will immediately delete your personal data.
This does not apply if we can demonstrate reasons for the processing that outweigh your interests, rights and freedoms or if the processing serves the establishment, exercise or defense of legal claims. We will therefore continue to use this data (e.g. to execute a contractual relationship).
c) Right to deletion („right to be forgotten“)
You have any time a legal right to the deletion of your personal data stored. To exercise this right to deletion, please contact us at email@example.com.
d) Right to correction and completion
You have any time a legal right to demand the correction of inaccurate personal data stored and to demand the completion of incomplete personal data stored. To exercise this right to correction and completion, please contact us at firstname.lastname@example.org.
e) Right to data portability
You have the right to have the personal data which you provided to us delivered to you in a standard, machine-readable format. You also have the right to have the personal data which you provided to us delivered to another responsible party to the extent technically feasible. To exercise this right to data portability, please contact us at email@example.com.
f) Processing restriction
You have the right to restriction of the processing of your personal data stored. To exercise this right to processing restriction, please contact us at firstname.lastname@example.org.
For exercising this right, one of the following requirements have to be met:
- The correctness of the personal data is denied. A restriction takes place for a duration that allows the responsible party to review the accuracy of the personal data.
- Processing of the personal data is unlawful and the data subject rejects the deletion of the personal data. Instead, the data subject demands its restriction.
- The data subject objects to the processing before it has been determined whether the responsible party’s legitimate interests outweigh those of the data subject.
- The responsible party no longer needs the personal data for processing purposes. The data subject, however, needs the personal data for the establishment, exercise or defense of legal claims.
g) Right to object at the competent supervisory authority
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which the company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Our competent supervisory authority is:
Der Bayerische Landesbeauftragte für den Datenschutz
Telephone: 089/21 26 72-0
h) Duration of storage of personal data
Overall, we will only save your personal data as long as it is required for the performance of the contract or respective purposes. We limit the storage duration to the absolutely necessary minimum.
When using our offerings and services, long-term contractual relationships are common. Storage periods may vary, but are generally limited to the duration of the contractual relationship or to the legally required storage periods for inventory data.
6. Third-party websites
Please note that the regulations of this privacy statement do not apply to external websites and their content. Similarly, the regulations of this privacy statement do not apply to personal data or anonymous data that may be collected by another provider when following a link to an external websites. We do not monitor or review these external websites or their contents and shall not be liable for them or their contents.
7. Links to and integration of social networks
This information refers to personal data that can be viewed on your user profile on the respective social network. In particular, this can include information about your education, professional experience or industry expertise. The transmission of such data requires your explicit consent.
This information may be added to or combined with other personal data of you that we collected through other channels (e.g. via E-mail)
This information will be stored and used by us to provide our offerings and services. This data processing is performed on the basis of your consent (Art. 6 (1) a. GDPR) or on the basis of performing a contract with us (Art. 6 (1) b. GDPR).
In addition, the website of context.A is connected to various social networks via links. Aside from LinkedIn and XING, this includes Facebook and Twitter.
By following these links, you will be forwarded to the page of context.A of the respective social network. Data will then only be processed by the servers of the respective social network.
8. Google Analytics
This website uses Google Analytics, a web analysis service. Service provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“).
Google Analytics uses so-called “cookies,” text files stored on the access device and that allow for the analysis of the usage of our website by you. The information generated by the cookie about the usage of this website is generally transmitted to a Google server in the US where it is stored.
We activated the IP anonymization on this website, i.e. IP addresses will be shortened by Google within member states of the European Union or in other states party to the European Economic Area Agreement. Only in exceptional cases, will the full IP address be transferred to a Google server in the US and shortened there. On behalf of us, Google will leverage this information to assess the use of this website by its users, compile reports about website activity and to provide additional services related to our offerings and services. In case IP anonymization is not activated, data will be processed on the legal basis of Art. 6 (1) f. GDPR and TMG, whereas we will pursue our legitimate interests (or those of third parties commissioned by us) in quality assurance or statistical analyses of user behavior. Your browser’s IP address that is transmitted through Google Analytics will not be merged with other Google data. You can prevent cookie storage by managing your browser settings. However, please note that this may prevent you from using all functions of this website.
Furthermore, you can prevent the collection of cookie-generated data (including your IP address) on your use of the website and the processing of this data by Google by downloading and installing the browser plugin provided under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
9. Data transfer to countries outside of the EU
When using our website as well as our services and offerings, your data may be transferred to third countries, i.e., states outside of the EU, due to the featured third-party service providers.
This especially applies to services of Google. The US companies that offer Google services are certified under the EU-US Privacy Shield agreement and therefore guarantee adherence to data protection in accordance with EU standards.
If you registered on our website as an expert or a client, data will be transferred outside of the EU, e.g., due to the use of cloud and hosting services, CRM services and further external service partners acting on our behalf and who support us with the performance of our offerings and services and with the providing of our website (Art. 6 (1) b. and f. GDPR).
We use the newsletter tool Mailchimp to send you information by e-mail. Mailchimp is certified under the EU-US Privacy Shield agreement. In addition, we concluded a data processing addendum to ensure adherence to EU data protection regulations.
10. Data protection
context.A takes the protection of your personal data very seriously. For security reasons and to protect the transmission of confidential information and personal data, this website uses several standard industry security technologies and procedures.
In particular, when transmitting sensitive information, such as payment details, we use the encryption via Secure Sockets Layer (SSL) technology.
11. Applicability and changes
Our privacy statement may be viewed on our website at any time at: www.context-a.com/en/privacy-statement
We may change this Privacy Statement under adherence to applicable regulations.
Last revised: April 30, 2019