Data protection declaration

Logoshuffle GmbH

Status: July 2018

Preface

We at Logoshuffle GmbH consider the protection of our stakeholders’ and customers’ personal data to be an important matter. This data protection declaration serves to inform you about the manner, scope and purpose of our collecting your personal data. Those responsible for data processing in accordance with the basic data protection regulation (« GDPR » as amended) and other national data protection laws of the member states as well as other data protection regulations, are we:

Logoshuffle GmbH Münzgrabenstrasse 92/4,
A-8010 Graz, Austria

Tel.: +43 316 22 84 09

Email: privacy@logoshuffle.com

Contact details of our data protection officer:

Tel.: +43 316 22 84 09

Email: privacy@logoshuffle.com

What is personal data?

Personal data means information relating to persons who are personally identifiable or have been identified (such as name, address, email address, telephone number, etc.). Which of your personal data do we process and where do we get these data from? We process those of your personal data that we receive in the course our business relationship with you. Personal data include details of your person (name, address, contact details, etc.) and your credentials (such as ID data). In addition, this may include order data (e.g. payment orders), advertising and sales data, documentation data (e.g. consulting protocols), offers, and data for the fulfilment of legal obligations. These data are either obtained directly from you or provided to us by third parties, such as our partner companies.

For what purpose and on what legal basis are the data processed?

We either process your data for

  • the implementation of pre-contractual measures or for the fulfilment of our contractual obligations (Art 6 Para. 1 lit. b GDPR) in the context of our business relationship.
  • on basis of your consent (Art 6 Para. 1 lit. a GDPR),if you have given us your consent for contacting you to send offers, advertisements (promotional purposes) or for the transfer of data to the manufacturer/importer

or for the

  • fulfilment of our legal obligations (Art 6 Para. 1 lit. c GDPR) or
  • due to rightful interest in data processing (Art. 6 Para. 1 lit. f GDPR).

Processing of your data supports the establishment and implementation of our business relationship or the execution of the corresponding order. If you don’t provide us with data, we generally have to refuse to sign a contract or implement an order or we can no longer execute an existing contract and consequently have to terminate it.

Should consent be required for data processing, we will ask for it. In any case, consents are voluntary. If you have given us consent for the processing of your personal data for specific purposes, processing based on this consent will be carried out in accordance with what was specified in the consent declaration and to the extent agreed therein. A granted consent can be revoked at any time with effect for the future in writing or by email. This will not adversely affect the legality of any processing of data till that time.

You are not obliged to give consent to processing of those data that are not relevant or required for the fulfilment of the contract or the corresponding commission.

Furthermore we inform you that we do not use automated decisions, according to Art 22 GDPR, to reach decisions regarding the establishment and conduct of a business relationship.

Will your data be passed on?

We will only pass on your data to the extent necessary for the fulfilment of the objective of the agreement. Within our company only those departments or employees will receive your data who need them for the fulfilment of contractual and/or legal obligations. Furthermore we pass on your data within our group only to the extent required for the fulfilment of contractual and/or legal obligations, for instance because a certain brand is only available from a certain company of our group. In order to fulfil the purpose, it might be necessary that your personal data have to be disclosed to the following recipients.

This disclosure might be by means of transfer, dissemination or any other kind of provision.

  • IT companies for provision, maintenance and support of our IT system as well as for IT-based implementation for the purpose of data processing,
  • related group companies,
  • tax advisers and public accountants for the purpose of, and as support for the fulfilment of our fiscal obligations (Austrian Commercial Code, Federal Fiscal Code, etc.),
  • insurance companies or request portals for insurance damage, for the purpose of claims settlement and billing vis-à-vis the latter as well as for the settlement of our insurance cases,
  • marketing partners (graphic designers, advertising agencies, printing houses, shipping companies, phone-marketing, newspaper publishers), for forwarding advertising material, should you have given your consent,
  • after-sales partners
  • legal representation, safety authorities, competent courts or authorities for prosecution.

How long do we store your data?

We will store your data only for as long as necessary for the purpose for which we collected your data. In any case, we will store your data for as long as there are legal retention times (Austrian Commercial Code, Federal Fiscal Code, among others) or periods of limitation for potential legal claims have not yet expired (in certain cases up to 30 years).

What are your rights regarding data processing?

According to the applicable law, amongst other considerations you are entitled to

  • verify whether and which personal date we are processing and to receive copies of these data,
  • require correction, amendment or deletion of personal data that are being processed wrongly or not in conformity with the law,
  • require that we limit the processing of data,
  • disagree with the processing of personal data,
  • require data portability and
  • be informed about the identity of third parties to whom personal data are passed.

Provided we process your data on the basis of your consent, you have the right to recall this consent at any time via email or postal letter. However, this will not compromise the legality of data processing till that date.

Furthermore you have the right to make a complaint to the Austrian data protection authority or to another data protection supervisory authority in the EU, in particular at your place of residence or place of work.

Information about services we are using on our website

Cookies

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the computer system of the user. When a user visits a website, a cookie can be stored on the operation system of the user. This cookie contains a characteristic series of symbols that enable clear identification of the browser when visiting the website again. Cookies that are already in the computer can be deleted at any time. You will find information about how to do this in your browser menu under the item ‘help’.

We use cookies to make our website more user-friendly. Some elements of our website require that the visiting browser can be identified after having switched site.

This involves the following data being stored and passed on in the cookies:

  1. language setting
  2. Selected currency
  3. ID number
  4. Server affinity (loadbalancing)

Furthermore, on our website we use cookies that allow the temporary storage of user actions covering several individual pages for the duration of a user session.

In this way following data can be passed on:

  1. frequency of page views
  2. use of website functions

User data collected in this way will be pseudonymised by means of technical procedures. This makes it impossible to associate data with a visiting user. Data are not stored with other personal data of users.

When users access our website, they are informed by an info banner about the use of cookies for analysis purposes and referred to this data protection declaration. In connection with this, there is also a notification as to how the storage of cookies can be prevented by means of the browser settings.

Server Log File

For each visit to our website, our system automatically collects data and information about the computer system of the visiting computer.

The following data is collected:

  1. information about the browser type and version in use
  2. User’s operating system
  3. User’s Internet service provider
  4. date and time of visit
  5. Websites from which the user’s system has reached our website
  6. Websites accessed by the user’s system via our website
  7. Log information in the event of errors
  8. Technical telemetry data for the evaluation of performance and frequency of use
  9. IP Address used to access our service

Data is also stored in the log files of our system. There is no storage of these data together with other personal data of the user.

Web analysis

To increase efficiency, on our website we use the services of Google Analytics, a Web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. (« Google »). Google Analytics uses so-called « Cookies », text files that are stored on your computer and enable analysis of your use of the website. Information about your use of the website (including your IP address) that is created by means of the cookie is transmitted to a server in the US and stored there. To protect the interests of users regarding protection of their personal data, this is done by anonymising the data, meaning that your IP address will be unrecognisable when passed on to Google.

You can prevent the storage of cookies by means of a corresponding setting on your browser software; however, we draw your attention to the fact that, in this case, you might not be able to use all of the functions of this website to the full extent. Furthermore, you can prevent transmission of data created by the cookie and referring to your use of the website (including your IP address) to Google as well as the processing of these data by Google, by downloading and installing the browser plug-in available via following link: tools.google.com/dlpage/gaoptout This website also uses cookies to address visitors via remarketing-campaigns with online advertising at a later time in the Google advertising network. In order to place remarketing advertisements, third-party providers like Google use cookies based on a visit to our website.

As a user, you have the facility to deactivate Google’s use of cookies by accessing this Google deactivation page: www.google.com/ads/preferences.

The following data iscollected during the registration process:

  1. User’s IP address
  2. Date and time of access
  3. Frequency of page visits
  4. Use of website functions
  5. User’s operating system
  6. User’s Internet service provider
  7. Websites from which the user’s system has reached our website
  8. Websites accessed by the user’s system via our website
  9. Operating systems used by user devices
  10. Age, gender, language, interests, country of origin, city (this data is supplied by Google)

Social Media plug-ins

This website uses social plug-ins (“plug-ins”) of the facebook.com social network, operated by Facebook Inc., CA 94304, USA (“Facebook”). The plug-ins can be recognised by the Facebook logo (white “f” on blue background or a “thumbs-up” sign), or are labelled with the endorsement “Facebook Social Plugin”. The list of and appearance of Facebook social plug-ins can be viewed here: developers.facebook.com/docs/plugins.

If you access a website that is part of our Internet presence and contains such a plug-in, your browser makes a direct connection to Facebook servers. The plug-in content is passed by Facebook directly to your browser, which embeds it in the website. We therefore have no influence over the scope of data collected by Facebook with the aid of this plug-in and consequently offer the information below according to our state of knowledge As a result of integration of the plug-ins, Facebook receives the information that you have accessed the corresponding page of our Internet presence.

If you are logged into Facebook, it is possible for Facebook to link your visit to your Facebook account. If you interact with the plug-ins, for example by clicking the Like button or adding a comment, the corresponding information is passed from your browser directly to Facebook and stored there. If you are not a Facebook member, it is nevertheless possible that Facebook determines and stores your IP address. For details of the purpose and scope of data collection and subsequent processing and use of the data by Facebook as well as your rights in this connection and options for settings to protect your privacy, please consult Facebook’s data protection information on: www.facebook.com/policy.php. If you are a Facebook member and do not want Facebook to collect data about you via our Internet presence and link them with your membership data stored at Facebook, you have to log out of Facebook before visiting our Internet presence. It is also possible to block Facebook social plug-ins using add-ons for your browser, with Facebook Blocker for example.

Use of Facebook Custom Audiences

Subject to your consent, this website also uses “Custom Audiences from customer lists” of Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Using these, Facebook can target our advertisements at newsletter subscribers who are registered with Facebook. As a result we are able to run targeted advertising for people who have already expressed their interest in our products or our company. These data are passed to Facebook hashed and encrypted. Facebook compares the hash values on the customer list with the hash values of its own stored user data. Facebook then checks the matching data for instances of persons who have not yet liked our Facebook page and delivers our adverts to these Facebook users.

You can get more information about the collection and use of the data, the purpose and scope of data collection and further processing and use of the data by Facebook, as well as your options for settings to protect your privacy and rights, from Facebook’s data protection guidelines, accessible via https://www.facebook.com/ads/website_custom_audiences/ and https://www.facebook.com/privacy/explanation among other links.

These personal data are passed on to the following recipients for the above-mentioned purposes:

Up to Eleven Digital Solutions GmbH, Münzgrabenstrasse 92/4, A-8010 Graz, Austria

Data processor of the Facebook Custom Audiences service

Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA Facebook Custom Audiences service provider

With your consent, we use Facebook Custom Audiences of Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, to place advertising on Facebook.

This involves passing your data to Facebook Inc. in the USA. Facebook Inc. is a company that has had itself registered in the Privacy Shield list. The EU-US Privacy Shield was passed by the European Commission through Implementing Decision C(2016) 4176 final of 12/07/2016. In accordance with this, Facebook Inc. offers corresponding guarantees for data transferred to the USA. You can get more detailed information from the official Privacy Shield website, www.privacyshield.gov.

Inclusion of third-party services and content

We include third-party content and services in our online provision on the basis of our justified interests (i.e. interests in the analysis, optimisation and commercial operation of our online provision in accordance with Art. 6 Para. 1 lit. f GDPR), in order to include their content and services, such as maps and fonts (hereafter summarised as “content”). T

his always requires that the third-party-providers of this content have access to the users’ IP addresses, because without the IP addresses they would not be able to send the content to the users’ browsers. So the IP address is necessary in order to display this content. We take care only to use content whose corresponding providers use the IP address solely for the delivery of content. Furthermore, third-party providers can use so-called pixel-tags (invisible graphics, also called “web beacons”) for statistical marketing purposes. “Pixel-tags” can be used to collect information such as visitor traffic to the pages of a particular website.

Such pseudonymous information can also be stored in cookies on users’ devices, containing technical information such as browser and operating system, referring websites, time of visit and other data about use of our online provision, which are also linked to such information from other sources. The following description offers an overview of third-party providers and their content, along with links to their data protection declarations, which contain further information about the processing of data and possibilities to object (so-called “opt-out”) mentioned to some extent already:

  • In the event that our customers make use of third-party payment services (e.g. Sofort, Paypal, etc.), the terms and conditions and data protection notices of the relevant third-party providers apply, these being available on the corresponding websites and/or payment applications.
  • Web analysis and optimisation with the aid of Hotjar services (http://www.hotjar.com) We use Hotjar in order better to understand our users’ needs and to optimise what is on offer on this website. With the aid of Hotjar technology, we gain a better understanding of our users’ experience (e.g. how much time users spend on which pages, which links they click on, what they do and don’t like, etc.), and that helps us to adjust what we offer in line with our users’ feedback. Hotjar works with cookies and other technologies to collect information about our users’ behaviour and about their devices (specifically IP address of the device (collected and stored only in anonymised form), screen size, type of device (Unique Device Identifiers), information about the browser being used, location (country only), preferred language when viewing our website). Hotjar stores this information in a pseudonymised user profile. The information is not used either by Hotjar or by us to identify individual users, nor is it combined with other data about individual users. You can read more information in Hotjar’s data protection declaration (https://www.hotjar.com/legal/policies/privacy). You can prevent the storing of a user profile and of information about your visit to our website by Hotjar, and the placing of Hotjar tracking cookies on other websites, by clicking on this opt-out link (https://www.hotjar.com/legal/compliance/opt-out).
  • Application monitoring using the Application Insights service is implemented to provide ongoing analysis and monitoring of the application’s functionality, and to leverage this experience to quickly resolve errors and further optimize the entire site. All data collected in this way will be stored according to settings on Cloud Servers in European data centers. For details on how it works and the privacy settings, see this document https://docs.microsoft.com/de-de/azure/application-insights/app-insights-data-retention-privacy
  • Our online service uses Microsoft Corporation´s conversion tracking, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft Bing Ads will create a cookie in your browser if you have accessed our site through a Microsoft Bing ad. We and Microsoft Bing can recognize that someone clicked on an ad, was redirected to our site, and determine if a user had reached a previously specified conversion page. We learn the total number of users who clicked on a Bing ad and were then redirected to the conversion page. For more information about privacy and cookies used by Microsoft Bing, visit the Microsoft Web site.