Privacy Policy

1. Introduction

This privacy policy (Policy) relates to your personal information in connection with your use of and access to the Skinscreener website (www.skinscreener.com/en), an accompanying phone and tablet application, and any platform, portal or interface provided by us (the Skinscreener Platform) and any services provided by Skinscreener (the Skinscreener Platform and services together forming the Skinscreener Services).

We are committed to protecting your information and your right to privacy. If you have any questions or concerns about our Policy, or our practices with regards to your personal information, please contact us via datenschutz@skinscreener.at .

When you use the Skinscreener Services, you trust us with your information and we take your privacy very seriously. We seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this Policy that you do not agree with, please discontinue your use of the Skinscreener Services.

2. Changes to this Policy or your personal information

We review this Policy regularly and it is your responsibility to check regularly and determine whether you still agree to comply with the Policy. If you do not agree to any changes to this Policy then you must immediately stop using the Skinscreener Services. In the event we make any significant changes to this Policy we will use our reasonable endeavours to inform you of such changes in advance in writing.

It is important that the personal information we hold about you is true, complete, accurate and current. Accordingly, you must notify us of any changes to your personal information (for example, if you change your email address).

3. About us

The Skinscreener Services are owned and operated by medaia GmbH (trading as “Skinscreener”), a company registered in Austria with company number 524691f and whose registered office is situated at Am Eisernen Tor 5/1/12, 8010 Graz, Austria (Skinscreener/we/us/our). Skinscreener is the controller (also known as a data controller) of, and is responsible for, your personal information. The term “you” refers to the user wishing to access and/or use the Skinscreener Services.

The Skinscreener Platform provides a platform for you to access software tools that are designed to support and monitor your skin health, perform risk assessments of skin lesions, to provide information about further steps in skin healthcare based on the risk assessments and to increase awareness of skin health.

4. Information we may collect about you

4.1 Personal information you disclose to us

(a) Where and how we collect personal information

We collect personal information that you voluntarily provide to us when registering to use and actually using the Skinscreener Services, or otherwise contacting us.
More particularly, the personal information that we collect depends on the context of your interactions with us, the choices you make and the products and features you use. For example:

  • We collect personal information via our website, mobile applications and other technical systems.
  • We collect personal information when you use our website or mobile applications to sign up to, participate in or receive a service from us, for example where you contact us, request information online, report an issue, provide feedback or enter a live chat.
  • Our website also uses cookies and collects IP addresses (for more information on this, see our Cookie Policy).
  • We may monitor and record communications with you (such as telephone conversations and emails). We may do this for a number of reasons, such as to check the quality of our customer service, for training purposes, to prevent fraud or to make sure we are complying with legal requirements.

(b) The types of personal information we may collect

When you use the Skinscreener Services and/or when you otherwise deal with us, we may collect the following information about you (the Information):

  • Identity Data, which includes your first name, last name and sex at birth .
  • Contact Data, which means the data we use to contact you including your billing address, delivery address, email address and contact number.
  • Financial Data, which means the payment method and card association used to process your payments for your subscription to our Services. We do not store or process your card details ourselves, they are processed and stored via one of our contracted third-party service providers. We encrypt your payment card details in your browser and securely transfer this data to our relevant third-party payment provider to process a payment.
  • Transaction Data, which means details about transactions you have made in connection with the Skinscreener Services, including the payments to and from you along with other details of products you have purchased from us.
  • Profile Data, which includes your username, email address and log-in data, details of any purchases or orders made by you, and your interests, preferences, feedback and survey or questionnaire responses.
  • Usage Data, which includes Information about how you use the Skinscreener Services. This includes your browsing patterns and Information such as how long you might spend on one of our webpages on the Skinscreener Platform and what you look at and for, the page that referred you to the Skinscreener Platform and the click stream during your visit to our website, page response times, and page interaction Information (for example, clicks you make on a page).
  • Health Data which includes information on your health including your skin health, moles or other skin lesions.
  • Marketing and Communications Data, which includes your preferences with regards to receiving marketing from us and your other communication preferences.
  • Other Information relevant to services, customer surveys, questionnaires and/or offers.

4.2 Sensitive personal information

Due to the nature of the Platform and the Services, you will be asked to provide sensitive personal information. When we request such information, we will explain why we are requesting it and how we will use it, either in this Policy or separately. Your name, sex assigned at birth and year of birth are only used for statistical and post-market surveillance reasons.

4.3 Information automatically collected

We automatically collect certain Information when you visit, use or navigate the Skinscreener Platform. This Information does not reveal your specific identity (unless your device name is the same as your name) but may include device and usage Information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, Information about how and when you use the Skinscreener Platform and other technical Information. This Information is primarily needed to maintain the security and operation of the Skinscreener Platform, and for our internal analytics and reporting purposes.

Like many businesses, we also collect Information through cookies and similar technologies. You can find out more about this in our Cookie Policy.

5. How do we use your Information?

We use your Information collected via the Skinscreener Services for a variety of business purposes described below. We process your Information for these purposes in reliance on our legitimate business interests (Business Purposes), in order to enter into or perform a contract with you (Contractual Reasons), with your consent (Consent), and/or for compliance with our legal obligations (Legal Reasons). We indicate the specific processing grounds we rely on next to each purpose listed below.

We may process your Information for the following purposes:

  • To take steps towards entering into a contract with you, to provide the Skinscreener Services and to claim any right to be paid under our Terms & Conditions (Contractual Reasons). This includes collecting and using your personal information to:
    • Prepare an agreement with you;
    • Manage any accounts you hold with us;
    • Contact you for reasons related to the Skinscreener Services;
    • Enable us to follow up on enquiries made by you in relation to the Skinscreener Services and/or to provide information you have requested;
    • Deal with payment for the Skinscreener Services;
    • Notify you of any changes to our Platform or to the Skinscreener Services that may affect you; and
    • Resolve disputes or collect overdue payments.
  • To fulfill and manage any orders, payments or refunds in connection with the Skinscreener Services (Contractual Reasons).
  • To pass it onto our brand partners in connection with the fulfilment and management of your orders, payments, returns, and exchanges (Contractual Reasons).
  • To contact you regarding enquiries you have made in relation to the Skinscreener Services.
  • To send administrative Information to you for Business Purposes, Legal Reasons and/or possibly Contractual Reasons. We may use your Information to send you product, service and new feature information and/or information about changes to our Terms & Conditions and policies, as may be in place from time to time.
  • To send you marketing and promotional communications for Business Purposes and/or with your Consent. We and/or our brand partners may use your Information for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of our push notifications in your account settings (see below for further details).
  • To facilitate account creation and the log-in process with your Consent. If you choose to link your account with us to a third party account (such as your Google or Apple account), we use the Information we are consequently allowed to collect from those third parties to facilitate account creation and the log-in process. See the section below headed “How Do We Handle Your Social Media Log-ins” for further information.
  • To administer promotions or trials for the Platform for our Legitimate Interests and/or with your Consent.
  • To request feedback for our Business Purposes and/or with your Consent. For example, we may use your Information to request feedback and to contact you about your use of the Skinscreener Platform.
  • To protect the Skinscreener Services for Business Purposes and/or Legal Reasons. We may use your Information as part of our efforts to keep the Skinscreener Services safe and secure (for example, for the purposes of monitoring and/or preventing fraud).
  • To enforce our Terms & Conditions and policies for Business Purposes, Legal Reasons and/or possibly Contractual Reasons.
  • To respond to legal requests and prevent harm for Legal Reasons. For example, if we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
  • We may use your Information for other Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve the Skinscreener Services, our products and services, our marketing and your experience.

6. Will your Information be shared with anyone?

We only share and disclose your Information in the following situations:

  • Contractual. We may share Information with brand providers and partners to enable any orders for products or services, or obligations arising out of any such orders, to be fulfilled.
  • Compliance with Legal Obligations. We may disclose your Information where we are legally required to do so in order to comply with applicable laws, governmental requests, judicial proceedings, court orders, or legal processes, such as in response to a court order or a subpoena (including in response to requests from public authorities in order to meet national security or law enforcement requirements).
  • Vital Interests. We may disclose your Information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, illegal activities or situations involving potential threats to the safety of any person, or where we believe it is necessary for the purpose of providing evidence in connection with litigation proceedings in which we are involved.
  • Third Party Service Providers. We may share your Information with third party vendors, service providers, credit reference agencies, trade associations of which we are a member, credit card associations, contractors or agents who perform services and require access to such Information to carry out that work. Examples include: Google Cloud, Google Firebase, Stripe, Denovo GmbH ]. Such third parties will only have access to your Information to the extent that they need to perform those services. They are required to keep your Information confidential and may not use it other than as we ask them to and always in accordance with this Policy.
  • Business Transfers. We may share or transfer your Information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Third Party Advertisers. We may use third party advertising companies to serve ads when you visit the Skinscreener Platform. These companies may use Information about your visits to the Skinscreener Platform and other websites that are contained in web cookies and other tracking technologies in order to provide personalised advertisements about goods and services that may be of interest to you. See our Cookie Policy for further Information.
  • Training: We are going to use your anonymized images for training purposes of our algorithm.
  • With your Consent. We may disclose your Information for any other purpose with your Consent, including with any person who you have named as a person we can contact to discuss your account and any agent or representative of yours .

We may disclose aggregated, anonymous Information (i.e. Information from which you cannot be personally identified), or insights based on such anonymous Information, to selected third parties, including (without limitation) analytics and search engine providers to assist us in the improvement and optimisation of the Skinscreener Services. In such circumstances we will not disclose any Information which can identify you personally.

7. Is your Information transferred internationally?

Whenever we transfer your Information outside of the UK, we will take all reasonably practicable measures to protect your Information in accordance with this Policy and applicable laws. To the extent that any transfer requires approved safeguards to be in place we will only transfer your Information to countries that have been deemed to provide an adequate level of protection for personal data. Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK. Please contact us if you want further information on the specific mechanism(s) used by us when transferring your personal data out of the UK.

8. Third party websites

The Skinscreener Platform may feature links to third party websites or social media channels, or contain advertisements from third parties that are not affiliated with us and which may link to other websites, online services or mobile applications. We cannot guarantee the safety and privacy of data you provide to any third parties. Any data collected by third parties is not covered by this Policy.

We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services or applications that may be linked to or from the Skinscreener Platform. You should review the policies of such third parties and contact them directly if you have any related questions.

9. For How long do we keep your Information?

We will only keep your Information for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law (such as tax law, accounting requirements or other legal or regulatory requirements).

When we have no ongoing Business Purpose to justify the processing of your Information, we will either delete or anonymise it, or, if this is not possible (for example, because your Information has been stored in backup archives), then we will securely store your Information and isolate it from any further processing until deletion is possible.

10. How do we keep your Information safe?

We have implemented appropriate technical and organisational security measures designed to protect the security of any Information we process. For example, we store your personal data on secure servers and company data is stored on separate secure encrypted disks when not in use.

We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable supervisory body of a suspected data breach where we are legally required to do so.

However, please also remember that we cannot guarantee that the Internet itself is 100% secure. Although we will use our reasonable endeavours to protect your Information, we cannot guarantee the security or integrity of personal Information that is transferred from you or to you via the Internet. Transmission of personal Information to and from the Skinscreener Platform is therefore at your own risk. You should only access our services within a secure environment.

11. Do we collect Information from minors?

We do not knowingly solicit data from or market to children under 18 years of age. By using the Skinscreener Services, you represent that you are at least 18 years of age. If we learn that Information from users less than 18 years of age has been collected, we will deactivate the relevant account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under 18 years of age, please contact us immediately via datenschutz@skinscreener.at.

12. How do we handle your Social MEDIA Log-ins

Summary: If you choose to register or log into our website using a social media account, we may have access to certain Information about you.

The Skinscreener Platform may offer you the ability to register and log-in using your third-party social media account details (e.g. Facebook, Twitter etc). Where you choose to do this, we will receive certain Information from your social media provider. The Information we receive may vary depending on the social media provider concerned, but will often include your name, e-mail address, friends list, profile picture and other Information that you choose to make public. If you log-in using Facebook, we may also request access to other information related to your account, such as friends, check-ins and likes, and you may choose to grant or deny us access to each individual permission.

The Information that you post, transmit, or otherwise make available on such social media platforms may be viewed and/or used by other users of those networks and we have no control over that viewing and use and cannot prevent further use of that Information by third parties.

If you choose to link your Skinscreener profile to a social media account, Information that you provide to us in the process may be included on your Skinscreener profile. Additionally, your contacts on the social media platform(s) (Friends) may be able to see your activity on the Skinscreener Platform. A link to your public profile on the social media site may be added to your Skinscreener profile and other members and users of the Skinscreener Services may be able to see any Friends or links (e.g. friends of Friends) via the social network(s) that you have in common with them.

When you interact with us through social media networks, you acknowledge that we may access your Information that is held by that account, solely in accordance with your social media privacy settings. Any links to social media are not under our control and remain solely your responsibility. You acknowledge that any Information posted via social media through the Skinscreener Platform, or via any third party which you allow to access your content, is posted entirely at your own risk and that by posting to a public platform you make that Information visible to third parties who can use that Information at their discretion.

Please note that we do not control, and are not responsible for, other uses of your Information by your third-party social media provider(s). We recommend that you review their privacy policies to understand how they collect, use and share your Information, and how you can set your privacy preferences on their sites and apps.

13. Your Consent to processing

You will be required to give Consent to certain processing activities before we can process your Information. Where applicable, we will seek Consent from you when you first submit Information to or through the Skinscreener Services.

If you have previously given your Consent you may freely withdraw such Consent at any time. You can do this by emailing datenschutz@skinscreener.at or, where applicable, clicking the ‘Unsubscribe’ button that appears in mailing list communications.

If you withdraw your Consent, and if we do not have another legal basis for processing your Information, then we will stop processing your Information. If we do have another legal basis for processing your Information, then we may continue to do so subject to your legal rights.

Please note that if we need to process your Information in order for you to use the Skinscreener Services and you object or do not provide Consent to us processing your Information, you accept that the Skinscreener Services will no longer be available to you.

14. Marketing and opting out

If you have given Consent to marketing we may contact you about our products, services, promotions and special offers. If you no longer wish to receive such Information, you can withdraw your Consent at any time by sending an email to datenschutz@skinscreener.at or unsubscribing from the communications.

If you have given Consent, we may share your Information with carefully selected third party organisations and business partners and they may contact you directly. If you would prefer to no longer receive direct marketing communications from third parties and partners after previously giving your Consent, please contact those third parties and partners directly to withdraw the Consent.

Where you opt out of receiving marketing messages, this will not apply to personal data provided to us in connection with [your purchase of a product or service or your involvement in other related transactions].

15. Account Information

You may at any time review or change the Information in your account by logging into your Skinscreener account.

If you wish to terminate your Skinscreener account, please contact us via datenschutz@skinscreener.at and we can arrange this for you. Some Information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms & Conditions and/or comply with legal requirements.

16. What are your privacy rights?

You have certain rights in relation to the Information that we hold about you. Details of these rights and how to exercise them are set out below. Please note that we will require evidence of your identity before we are able to respond to any requests. This is a security measure to ensure that your Information is not disclosed to a person who does not have the right to receive it. We may also contact you to ask you for further Information in relation to your request to speed up our response. To exercise or discuss any of your rights, please contact us via datenschutz@skinscreener.at

You may also review and edit some of the Personal Information you have submitted to us through the appropriate functionality on the apps.

  • Right of Access. You have the right at any time to ask us for a copy of the Information that we hold about you and to check that we are lawfully processing it. Where we have good reason, and where data protection law permits, we can refuse your request for a copy of your Information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reason(s) for doing so.
  • Right of Correction or Completion. If Information we hold about you is not accurate or is out of date and requires amendment or correction, you have a right to have the data rectified or completed.
  • Right of Erasure. In certain circumstances, you have the right to request that the Information we hold about you is erased (for example, if the Information is no longer necessary for the purposes for which it was collected or processed or our processing of the Information is based only on your Consent and there are no other legal grounds on which we may process the Information).
  • Right to Object to or Restrict Processing. In certain circumstances, you have the right to object to our processing of your Information (for example, if we are processing your Information on the basis of our legitimate interests but there are no longer any compelling legitimate grounds to justify our processing overriding your rights and interests).

You may also have the right to restrict our use of your Information, for example during a period in which we are verifying the accuracy of your Information in circumstances where you have challenged the accuracy of that Information.

  • Right of Data Portability. In certain instances, you have a right to receive the Information that we hold about you (or a portion thereof) in a structured, commonly used and machine-readable format.

In such circumstances, you can ask us to transmit your Information to you or directly to a third-party organisation on your behalf.

While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third-party organisation’s systems. We are also unable to comply with requests that relate to personal Information of others without their consent.

If we are relying on Consent to process your Information, you have the right to withdraw your Consent at any time. Please note however that this will not affect the lawfulness of the processing that occurred before the withdrawal of such Consent. Due to the confidential nature of data processing we may ask you to provide proof of identity when exercising the above rights. This can be done by providing a scanned copy of a valid identity document or a signed photocopy of a valid identity document.

17. Contact us

We welcome your feedback and questions on this Policy. If you wish to contact us about this Policy or have any other questions, please email us via datenschutz@skinscreener.at .

You have the right to make a complaint at any time to the Information Commissioner’s Office (the ICO), the UK supervisory authority for data protection issues (https://ico.org.uk/concerns). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

18. Website

The website is operated by medaia GmbH as the controller under data protection law. In this notice, we inform you which personal data we process in the context of this website. It is generally possible to use the website without providing personal data.

Visiting our website

Legitimate interest pursuant to Art 6 para 1 lit f GDPR:
medaia GmbH processes the data within the scope of its predominantly legitimate interest in accordance with Art. 6 para. 1 lit f GDPR to achieve the stated purposes, in particular the provision of the website.

Purposes of the processing::
The processing of your data serves the provision, as well as system security and the improvement of the website and thus the external appearance of medaia GmbH.

Data categories:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved data
  • Amount of data transferred
  • Message whether the call was successful
  • Recognition data of the browser and operating system used
  • Website from which the access is made
  • Name of your Internet access provider

Cookies

Our website uses so-called cookies. These are small text files that are stored on your end device with the help of the browser. They do not cause any damage. We use cookies to make our website more user-friendly. Some cookies remain stored on your end device until you delete them. They enable us to recognise your browser on your next visit. You can control the setting of cookies and their storage duration via your browser settings. If cookies are deactivated, the functionality of our website may be limited. You can find a list of the cookies used by our website and more detailed information in our cookie banner.

Functional cookies

We process functional cookies (session cookies and permanent cookies) on the basis of the exemption provision in Section 96 (3) TKG. Your consent is not required.

Session cookies are used to display our website content to you. Session cookies are deleted after the session is closed.

Permanent cookies are used to improve user-friendliness, e.g. to save the language you have selected and to be able to display our website in the language you have selected when you visit it again.

Analysis tools

Legal basis

We process the data within the scope of your express consent in accordance with Section 96 (3) TKG to achieve the stated purposes for improving the website. You can give your consent to the use of the analysis tools via our cookie banner.

You can withdraw your consent at any time via our cookie banner or by deleting all or individual cookies in your browser settings. If you withdraw your consent or change your browser settings so that cookies are no longer stored, we will no longer be able to recognise you when you return to our website.

In the event of cancellation, we would like to point out that not all functions and contents of the website may be able to be used to their full extent.

Purposes of the processing:

The processing of your data is used to analyse web usage, in particular to compile reports on website activities and thus improve our website.

Transfer of your data to third countries:

As part of the website analysis, your data is transferred to third countries. We would like to point out that the transfer of your data to providers in the USA and worldwide, such as Google or YouTube, takes place without the existence of an adequacy decision and without suitable guarantees. This transfer takes place on the basis of your consent in accordance with the exemption provision of Article 49(1)(a) GDPR.

Website analysis with Google Analytics

We use Google Analytics to analyse and regularly improve the use of our website.

Cookie type: B
Data collected: see “Data collected by Google Analytics”
Legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR
Storage period: up to 60 days

This website uses Google Analytics with the extension that anonymises IP addresses. This means that your IP address is transmitted to Google in abbreviated form, so that it cannot be linked to you personally. If the data collected about you is personally identifiable, it is immediately excluded. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-U.S. Data Privacy Framework.

You can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available here.

If you visit our website via a mobile device (e.g. smartphone or tablet), you can prevent Google Analytics from collecting data by clicking on the following link. In this case, a special opt-out cookie will be set. If you delete your cookies, this link must be clicked again.

Social media plugins

We work together with various social networks. When you use these services, your browser is automatically connected to the relevant network. It transmits your IP address and other information, such as cookies, if you have previously visited the platform in question.

We do not collect any personal data via the plugins integrated on our website. The processing of your personal data in the context of the plugins is based on your express consent in accordance with Section 96 (3) TKG via our cookie banner. The purpose of these plugins is to provide you with more information about our services.

If you give your consent by actively clicking on “I agree” in the cookie banner when you visit our website, your personal data (IP address) may be transmitted to the social network. This happens regardless of whether you have a user account with the social network. If you have a user account with one of the social networks and are logged into your user account when you click on the cookie banner on our website, the data collected via the respective plugin will be linked directly to your account. If you do not wish to be linked to your user account, you must log out of your social media account before activating the plugin. We have no influence on the extent to which and for what purpose the social networks actually collect personal data via the plugins.

Consent can be revoked at any time by deleting all or individual cookies in the browser settings.

In the event of cancellation, we would like to point out that not all functions and contents of the website may be able to be used to their full extent.

Facebook
This website uses social media plugins from the social network facebook.com, which is operated by Facebook Inc, 1601 South California Avenue, Palo Alto, CA 94304, USA. After activating the plugin, a direct connection is established between your browser and the Facebook server. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook’s privacy policy at http://de-de.facebook.com/policy.php. If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.

Twitter
This website uses the Twitter feed and a follow plugin of the Twitter network (https://twitter.com/about/resources/buttons). The feed is provided by Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. In addition, a follow plugin is used, which is integrated below the Twitter feed. The plugin makes it possible to follow us on Twitter. When you visit one of our websites that contains such a plugin, your browser establishes a direct connection to the Twitter server. The content of the plugin is transmitted by Twitter directly to your browser. We have no influence on the scope of the data that Twitter collects. The user’s IP address and the URL of the respective website are transmitted to Twitter when the plugin is clicked on, but are only used for the purpose of displaying the plugin. Further information about the plugin can be found here (https://twitter.com/about/resources/buttons). Information on data protection can be found in Twitter’s privacy policy (https://twitter.com/privacy).

Interaction with social networks

We work together with various social networks. When you use this service, your browser is automatically connected to the relevant network. It transmits your IP address and other information, such as cookies, if you have previously visited the platform in question.

As far as possible, we avoid this type of data transfer until you actually interact with one of the platforms. By clicking on the relevant icon (e.g. Facebook logo), you indicate that you are willing to communicate with the selected platform and that information about you, such as your IP address, will be transmitted to this social network.

Storage period

We generally store your personal data for a period of 3 months. Longer storage only takes place if this is necessary to investigate attacks on our website.

Web design privacy policy

Summary:
👥 Data subject: Visitors to the website
🤝 Purpose: Improvement of the user experience
📓 Processed data: Which data is processed depends heavily on the services used. This usually involves the IP address, technical data, language settings, browser version, screen resolution and browser name. You can find more details on this in the respective web design tools used.
📅 Storage duration: depending on the tools used
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is web design?

We use various tools on our website that serve our web design. Web design is not, as is often assumed, just about making our website look pretty, but also about functionality and performance. But of course the right look of a website is also one of the major goals of professional web design. Web design is a branch of media design and deals with the visual as well as the structural and functional design of a website. The aim of web design is to improve your experience on our website. In web design jargon, this is referred to as user experience (UX) and usability. User experience refers to all the impressions and experiences that website visitors have on a website. Usability is a sub-item of user experience. This refers to the user-friendliness of a website. The main focus here is on ensuring that content, subpages or products are clearly structured and that you can find what you are looking for quickly and easily. In order to offer you the best possible experience on our website, we also use third-party web design tools. In this privacy policy, the category “web design” therefore includes all services that improve the design of our website. These can be, for example, fonts, various plugins or other integrated web design functions.

Why do we use web design tools?

How you absorb information on a website depends very much on the structure, functionality and visual perception of the website. This is why good and professional web design has become increasingly important for us. We are constantly working on improving our website and also see this as an extended service for you as a website visitor. Furthermore, a beautiful and functioning website also has economic advantages for us. After all, you will only visit us and make use of our services if you feel completely at ease.

What data is stored by web design tools?

When you visit our website, web design elements may be integrated into our pages that can also process data. Exactly what data is involved naturally depends heavily on the tools used. Below you can see exactly which tools we use for our website. For more detailed information about data processing, we recommend that you also read the respective data privacy statements of the tools used. In most cases, this will tell you what data is processed, whether cookies are used and how long the data is stored. Fonts such as Google Fonts also automatically transmit information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers.

Duration of data processing

How long data is processed is very individual and depends on the web design elements used. If cookies are used, for example, the storage period can be as short as one minute or as long as a few years. Please find out more about this. We recommend that you read our general text section on cookies as well as the privacy policies of the tools used. There you can usually find out exactly which cookies are used and what information is stored in them. Google font files, for example, are stored for one year. This is to improve the loading time of a website. In principle, data is only stored for as long as is necessary to provide the service. Data can also be stored for longer if required by law.

Right of objection

You also have the right and the option to withdraw your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. You can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. Under web design elements (mostly fonts), however, there is also data that cannot be deleted quite so easily. This is the case when data is automatically collected directly when a page is accessed and transmitted to a third-party provider (such as Google). In this case, please contact the support of the relevant provider. In the case of Google, you can contact support at https://support.google.com/?hl=de.

Legal basis

If you have consented to the use of web design tools, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when it is collected by web design tools. We also have a legitimate interest in improving the web design on our website. After all, only then can we provide you with an attractive and professional website. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use web design tools if you have given your consent. We would like to emphasise this again here in any case.

Information on special web design tools – if available – can be found in the following sections.

Font Awesome Privacy Policy

Summary:

👥 Data subject: Visitors to the website
🤝 Purpose: Optimisation of our service performance
📓Processed data: such as IP address and which icon files are loaded. You can find more details below in this privacy policy.
📅 Storage duration: Files in identifiable form are stored for a few weeks
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What is Font Awesome?

We use Font Awesome from the American company Fonticons (307 S. Main St., Suite 202, Bentonville, AR 72712, USA) on our website. When you call up one of our websites, the Font Awesome web font (in particular icons) is loaded via the Font Awesome Content Delivery Network (CDN). This ensures that the texts, fonts and icons are displayed appropriately on every end device. In this privacy policy, we go into more detail about data storage and data processing by this service.

Icons are playing an increasingly important role for websites. Font Awesome is a web font that has been specially developed for web designers and web developers. With Font Awesome, icons can be scaled and coloured as desired using the CSS style sheet language. They thus replace old image icons. Font Awesome CDN is the easiest way to load icons or fonts onto your website. All we had to do was add a small line of code to our website.

Why do we use Font Awesome on our website?

Font Awesome allows content on our website to be better organised. This makes it easier for you to find your way around our website and grasp the content more easily. The icons can sometimes even be used to replace entire words and save space. This is particularly practical when we optimise content specifically for smartphones.  These icons are inserted as HMTL code instead of images. This allows us to edit the icons with CSS exactly as we want. At the same time, we also improve our loading speed with Font Awesome because it only involves HTML elements and not icon images. All these advantages help us to make the website even clearer, fresher and faster for you.

What data is stored by Font Awesome?

The Font Awesome Content Delivery Network (CDN) is used to load icons and symbols. CDNs are networks of servers that are distributed worldwide and make it possible to quickly load files from nearby. Thus, as soon as you call up one of our pages, the corresponding icons are provided by Font Awesome.

In order for the web fonts to be loaded, your browser must establish a connection to the servers of Fonticons, Inc. Your IP address is recognised in the process. Font Awesome also collects data about which icon files are downloaded and when. Furthermore, technical data such as your browser version, screen resolution or the time the page was called up is also transmitted.

This data is collected and stored for the following reasons:

  • to optimise content delivery networks
  • to recognise and rectify technical faults
  • to protect CDNs from misuse and attacks
  • to be able to charge fees from Font Awesome Pro customers
  • to find out the popularity of icons
  • to know which computer and software you are using

If your browser does not allow web fonts, a standard font from your PC will be used automatically. As far as we are currently aware, no cookies are set. We are in contact with Font Awesome’s data protection department and will let you know as soon as we find out more.

How long and where is the data stored?

Font Awesome stores data about the use of the Content Delivery Network on servers in the United States of America. However, the CDN servers are located worldwide and store user data wherever you are. The data is usually only stored in identifiable form for a few weeks. Aggregated statistics on the use of the CDNs can also be stored for longer. Personal data is not included here.

How can I delete my data or prevent data storage?

To the best of our knowledge, Font Awesome does not store any personal data about the content delivery networks. If you do not want data about the icons used to be saved, you will unfortunately not be able to visit our website. If your browser does not allow web fonts, no data will be transmitted or stored. In this case, your computer’s default font will simply be used.

Legal basis

If you have consented to Font Awesome being used, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when Font Awesome collects it.

We also have a legitimate interest in using Font Awesome to optimise our online service. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use Font Awesome if you have given your consent.

We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. Data processing is essentially carried out by Font Awesome. This may result in data not being processed and stored in anonymised form. Furthermore, US government authorities may be able to access individual data. It is also possible that this data may be linked to data from other Font Awesome services with which you have a user account.

If you would like to find out more about Font Awesome and how they handle data, we recommend that you read their privacy policy at https://fontawesome.com/privacy and the help page at https://fontawesome.com/support.

Google Fonts privacy policy

Summary:

👥 Data subject: Visitors to the website
🤝 Purpose: Optimisation of our service performance
📓 Processed data: Data such as IP address and CSS and font requests. You can find more details below in this privacy policy.
📅 Storage duration: Font files are stored by Google for one year
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)

What are Google Fonts?

We use Google Fonts on our website. These are the “Google fonts” of Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

You do not need to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at exactly how the data is stored.

Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge.

Many of these fonts are published under the SIL Open Font Licence, while others have been published under the Apache licence. Both are free software licences.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website without having to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimised for the web and this saves data volume and is a great advantage, especially for use on mobile devices. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes visually distort texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible.

What data is stored by Google?

When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google server. In this way, Google also recognises that you or your IP address is visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. Incidentally, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts stores CSS and font requests securely at Google and is therefore protected. Google can use the collected usage figures to determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to analyse and move large amounts of data.

However, it should be noted that every Google Font request also automatically transmits information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. It is not clear whether this data is also stored or whether it is clearly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This allows us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.

The font files are stored by Google for one year. Google’s aim is to fundamentally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Google sometimes updates font files to reduce the file size, increase language coverage and improve the design.

How can I delete my data or prevent data storage?

The data that Google stores for one day or one year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=312109085. In this case, you can only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unrestricted access to all fonts. This means we have unlimited access to a sea of fonts and can therefore get the best out of our website. You can find out more about Google Fonts and other issues at https://developers.google.com/fonts/faq?tid=312109085. Although Google addresses data protection issues there, it does not provide any really detailed information about data storage. It is relatively difficult to get really precise information from Google about stored data.

Legal basis

If you have consented to the use of Google Fonts, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when Google Fonts is used.

We also have a legitimate interest in using Google Font to optimise our online service. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use Google Font if you have given your consent.

Google also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This may entail various risks for the legality and security of data processing.

Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer there. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which also correspond to the standard contractual clauses for Google Fonts, can be found at https://business.safety.google/adsprocessorterms/.

You can also find out which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/. 

All texts are protected by copyright.

Source: Created with the data protection generator from AdSimple