The website is provided by the company constellr GmbH with business address at Heinrich-von-Stephan-Straße 5C, 79100 Freiburg im Breisgau, Germany. This privacy policy will explain how we use the personal data we collect from you when you use our website. Furthermore, data subjects are informed, by means of this privacy policy, of the rights to which they are entitled. We use your personal data strictly in accordance with the applicable data protection provisions, including without limitation the European General Data Protection Regulation (GDPR).
1. Data Controller
The data controller in accordance with the purpose of the GDPR and other data protection regulation is:
constellr GmbHHeinrich-von-Stephan-Str. 5C
79100 Freiburg im Breisgau
Phone: +49 (0) 152 0804 4678
Email: dpo@constellr.com
Website: constellr.com
2. General information on data processing
In general, we only process the personal data of our users to the extent necessary in order to provide a functioning website with our content and services. The processing of personal data regularly only takes place with the consent of the user. Exceptions include cases where prior consent technically cannot be obtained and where the processing of the data is permitted by law.
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) (a) GDPR serves as the legal basis.
As for the processing of personal data required for the performance of a contract of which the data subject is party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual activities.
When it is necessary to process personal data in order to fulfil a legal obligation to which our company is subject, Art. 6 (1) (c) GDPR serves as the legal basis.
If vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis.
If the processing of data is necessary to safeguard the legitimate interests of our company or that of a third party, and the fundamental rights and freedoms of the data subject do not outweigh the interest, Art. 6 (1) (f) GDPR will serve as the legal basis for the processing of data.
The personal data of the data subject will be erased or restricted as soon as the purpose of its storage has been accomplished. Additional storage may occur if it was provided for by the European or national legislator within the EU regulations, law, or other relevant regulations to which the data controller is subject. Restriction or erasure of the data also takes place when the storage period stipulated by the aforementioned standards expires, unless there is a need to prolong the storage of the data for the purpose of concluding or fulfilling the respective contract.
3. Rights of the data subject
If we as a company process personal data as data controller, then you as the data subject have certain rights derived from Chapter III GDPR, which depend on the legal basis and the purpose of the processing. These rights include the following:
a) Right of access |
In accordance with Art. 15 GDPR, each data subject has the right to request from the controller the information about the data stored about him or her. |
b) Right to rectification |
In accordance with Art. 16 GDPR, each data subject has a right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. |
c) Right to erasure |
In accordance with Art. 17 GDPR, each data subject can obtain from the controller the erasure of personal data concerning him or her. |
d) Right of restriction of processing |
In accordance with Art. 18 GDPR, each data subject has the right to obtain from the controller the restriction of the processing under the circumstances if one of the circumstances mentioned in Art. 18 (1) (a) through (d) GDPR applies. |
e) Right of access |
In accordance with Art. 20 GDPR, each data subject has the right to receive the personal data concerning him or her that he or she has provided to the controller in a structured, common and machine-readable format. |
f) Right to data portability |
To the extent your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR on grounds relating to your particular situation. To exercise this right to object, it is sufficient to contact us. We will then no longer process your data unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing is for the establishment, exercise or defence of legal claims. |
g) Right to lodge a complaint with a supervisory authority |
Pursuant to Art. 77 GDPR, each data subject has the right to lodge a complaint with a supervisory authority. You can generally contact the supervisory authority at your usual place of residence or workplace or at our seat for this purpose. The address of the supervisory authority responsible for our company is: |
h) Right to withdraw data protection consent |
Each data subject has the right to withdraw his or her consent to process his or her personal data at any time. |
4. Provision of the website and creation of log files
This website collects a series of data and information when a data subject or automated system calls up the website. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the internet service provider of the user, (4) the internet protocol address (IP address), (5) the date and time of access, (6) Web pages from which the user’s system accessed our website, (7) Web pages accessed by the user’s system through our website. This data and information are stored in the log files of our system. The data is not stored with the user’s other personal data.
When using these general data and information, we do not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, we analyze anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
The processing of this data is carried out in accordance with Art. 6 (1) (f) GDPR due to our legitimate interest in being able to properly display the website to you as well for the purpose of the security of our systems.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The session is complete when the collection of data for the provision of the website is accomplished. In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Therefore, there is no possibility of objection.
5. Use of cookies
Our website uses cookies. Cookies are small text files that are stored in a computer system via an internet browser when visiting a website. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
We use cookies in order to make our website more functional. It is a technical requirement of certain elements of our website that the accessing browser can also be identified after a page change. Furthermore, we use cookies on our website that enable an analysis of the user's surfing behavior. The following data can be transmitted:
- Search terms entered,
- Frequency of page views
- Use of website functions
The legal basis for the processing of personal data using technically necessary cookies within the meaning of Section 25 (2) TTDSG is Article 6 (1) (f) GDPR.
The legal basis for the processing of personal data using cookies for analysis purposes, if the user has given his consent in this regard, is Art. 6 (1) (a) GDPR. The legal basis for the processing of personal data using technically necessary cookies is otherwise Art. 6 (1) (f) GDPR.
The purpose of using technically necessary cookies is to enable the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change. The user data collected through technically necessary cookies are not used to create user profiles.
Cookies for analysis purposes are used to improve the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our offer.
These purposes also justify our legitimate interest in the following processing of personal data according to Art. 6 (1) (f) GDPR.
Cookies are stored on the user's computer system and transmitted from it to our website. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the storage of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.
6. Contact possibility via the contact form or by email
Our website contains a contact form that can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. These data are: (1) Name, (2) Email, (3) Telephone Number, (4) Name of Organization, (5) Country). In this case the personal data transmitted on a voluntary basis are stored for the purpose of the processing of the conversation.
For the processing of data, your consent is obtained during the submission process and reference is made to this privacy policy.
Alternatively, it is possible to contact us via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be stored. The data will be used exclusively for the processing of the conversation. There is no transfer of this personal data to third parties.
The legal basis for the processing of the data is Art. 6 (1) (a) GDPR if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 (1)(f) GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR.
The processing of the personal data from the contact form serves us solely to process the contact. In the case of contact by email, this also constitutes the legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data from the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be concluded from the circumstances that the matter in question has been conclusively resolved.
The user has the possibility to withdraw his consent to the processing of personal data at any time. If the user contacts us by e-mail (dpo@constellr.com), he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued. In this case, all personal data stored in the course of establishing contact will be deleted.
7. Use of third-party services
In order to provide and continuously improve our services, we are using the services of the following third parties which may also process personal data. These third-party providers have been selected diligently and in line with the requirements of the GDPR:
-
Google
Unless otherwise stated in this privacy policy, the operator of all Google services mentioned here is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
-
Google Analytics
This website uses the service of “Google Analytics”. This is a tool to analyze the use and to increase the efficiency of our website. For this purpose, cookies are set so that we receive information about the use of our website by users. Google processes the transmitted information on our behalf to evaluate the use and interaction of the user with our website, to compile reports on the activities on our website and to provide us with other services related to the use. We use this data to perform user-oriented improvements to the design of our online services.
Data will also regularly be transmitted to Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA as part of the processing described below. Google has adopted the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework, and thereby, ensures that the level of data protection is adequate even when data is processed in the United States.
The use of this tool is based on Art. 6 (1) (f) GDPR. We have a legitimate interest in analyzing user behavior in order to optimize both our website and our advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time via the settings in the cookie management tool.
The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.
You can find further information on: http://www.google.com/analytics/terms/en.html or https://www.google.de/intl/de/policies/.
-
Google Tag Manager
This website uses the service of “Google Tag Manager”. This is a tool for managing so-called tags that are used during tracking in online marketing. It allows us to define user actions that we would like to record and report in other tools like Google Analytics. Google Tag Manager does not process any personal data, since it only serves to manage other services – i.e., Google Analytics.
You can find further information on: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy/
-
-
Jotform
This website uses the service of Jotform of the operator Jotform Inc., 4 Embarcadero Center, Suite 780, San Francisco CA 94111, USA. This is a tool which allows us to manage the creation, deployment, administration, distribution and analysis of online forms and surveys in order to collect, save and reuse data from any responding users. When you enter text in the input mask of the contact form on our website and click the SEND button, the data entered in the input mask as mentioned above is transmitted to JotForm and stored on the European servers of JotForm Inc.
The legal basis for the use of Jotform is Art. 6 (1) (f) GDPR – a legitimate interest. Our legitimate interest for the usage of Jotform is an appealing presentation of website to create an opportunity for individuals and companies to request information directly.
You can find further information on: https://www.jotform.com/gdpr-compliance/ or https://www.jotform.com/privacy/
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data from the contact form, this is the case when the respective conversation with the user has ended. The conversation ends when it can be concluded from the circumstances that the matter in question has been conclusively resolved.
-
Pipedrive
This website uses the service of Pipedrive of the operator Pipedrive OÜ, Paldiski mnt 80, Mustamäe tee 3a, Tallinn 10615, Estonia. Pipedrive is a customer-relationship-management-tool (“CRM-tool”) for processing and storing contact data. When contacting us (via contact form or e-mail), the user’s details are recorded and processed in Pipedrive. The user’s details are limited to name and company e-mail. It allows us to process and answer requests and messages faster. For this purpose, data is transferred to Pipedrive and stored on Pipedrive servers.
The legal basis for the use Pipedrive is Art. 6 (1) (f) GDPR – a legitimate interest. Our legitimate interest for the usage of Pipedrive is a fast and effective processing of contact requests and organizing our CRM.
You can find further information on: https://www.pipedrive.com/en/privacy and https://support.pipedrive.com/de/article/pipedrive-and-gdpr.
-
Recruitee
We use the services of Recruitee by Recruitee B.V. Keizersgracht 313, 1016EE Amsterdam, The Netherlands. Recruitee is a recruiting tool for the organization and processing of the application process. We maintain the additional specific career website (https://constellr.recruitee.com) for our online application process. Please find the specific privacy policy for the online application process on Recruitee here: https://constellr.recruitee.com/data-privacy-policy-constellr
You can also find further information on: https://recruitee.com/de/privacy-policy.
8. Links to external websites and to our social media presences
This website may contain links to external websites that are not operated by us. If you click on a third party link, you will be directed to that third party’s website. We strongly advise you to review the privacy policy of every website you visit.
9. Final clauses
We reserve the right to adjust this privacy policy at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced, or modifications are made on the website.