rr

Privacy Policy and Legal Notice

Content of Data Protection Statement

1. About us
2. Responsible company
3. Data Protection Officer
4. Data security
5. Personal data
6. Protection of minors
7. Data processing when visiting our website
8. Data processing when using our contact form
9. Data processing of contacts by letter
10. Data processing of contacts by telephone
11. Data processing when making personal contact
12. Data processing in connection with the use of social networks
13. Deletion of data and storage period
14. Legal basis for the processing of personal data
15. Transmission of data
16. Cookies
17. Analysis tools
18. Rights of the data subject
19. Right of objection
20. The data protection authority
21. Currency and amendment of this Data Protection Statement

1. About us

We are IfaD, the institute for applied data analysis. service and software for market researchers, marketing experts and business consultants. Our primary focus is on market research. For this purpose we principally process the data (personal and non-personal) of survey respondents under contract.

ADABOX is an online tool that we developed specifically for market researchers and is geared towards the requirements of everyday analysis. Included are unique tools for market simulations, causal/driver analyses, price research, TURF analyses, mapping methods and segmentations, which are characterized by easy handling and efficient and innovative algorithms. The processing of person-al data with ADABOX is technically possible, but unusual in everyday market research.

2. Responsible company

This data protection information applies to data processing by the responsible company:

IfaD Institut für angewandte Datenanalyse GmbH
Uhlandstraße 68
22087 Hamburg
Germany

E-Mail: info@ifad.de
Tel.: +49 (0) 40 25 17 13-0

3. Data Protection Officer

The company’s Data Protection Officer can be contacted at the above address or at datenschutz@ifad.de

4. Data security

Within the website visit we use the widely-used SSL procedure (Secure Socket Layer) in connection with the highest respective encryption level that your browser supports. As a rule this is 256-Bit encryption. If your browser does not support 256-Bit encryption, we fall back on 128-Bit v3 technology. You can recognise if an individual page of our internet presentation has been transmitted in encrypted form by means of the closed key or lock symbol in the lower status line of your browser.

Beyond this we employ suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, damage or the unauthorised access by third parties. Our security measures are constantly being improved in line with technological development.

5. Personal data

Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier.

6. Protection of minors

Persons under 16 years of age should not transmit any personal data to us with-out the agreement of their parent or legal guardian. If such data should be required for a visit to ifad.de, the data will not be further transmitted to any third party.

7. Data processing when visiting our website

When accessing our website https://www.ifad.de, information is automatically sent to the server of our website by the browser that is running on your end device. This information is temporarily stored in a so-called logfile. The following information is collected without any action on your part and is stored until its automatic deletion:

  • IP address of the accessing computer
  • Date and time of access
  • Name and URL of the accessed file
  • Website from which the access was referred (Referrer URL)
  • The browser used and if necessary the operating system your computer as well as the name of your access provider

The data listed above is processed by us for the following purposes:

  • To ensure the smooth establishment of a connection to our website,
  • To ensure the convenient use of our website,
  • To analyse system security and stability, as well as
  • For further administrative purposes

The legal basis for data processing is Art. 6 Para. 1 Sentence 1 Letter (f) GDPR. Our legitimate interest follows from the purposes of data collection listed above. In no case do we use the data that is collected for the purpose of drawing conclusions about your person.

For visits to our website we also employ analysis services, but no cookies.

8. Data processing when using our contact form

For enquiries of all kinds we give you the possibility of contacting us through a contact form provided on our website. For this purpose, provision of a valid e-mail address is necessary so that we know from whom the enquiry comes and in order to be able to answer it. Name can be provided on a voluntary basis.

The data processing for the purpose of contacting us takes place according to Art. 6 Para. 1 Sentence 1 Letter (a) GDPR on the basis of your freely expressed consent. You have the right to withdraw this consent at any time with effect for the future. Should you wish to make use of this right of withdrawal, an email to datenschutz@ifad.de will suffice.
The personal data collected by us when you use the contact form is automatically deleted after your enquiry has been dealt with.

9. Data processing of contacts by letter

If you send a letter to IfaD, the data that you transmit to us (e.g. name, first name, address) and the information contained in the letter (which may include personal data provided by you) is stored for the purpose of establishing contact and dealing with your concern in accordance with the retention periods applicable for the retention of documents.
We draw your attention to the fact that the processing of data is carried out on the basis of Art. 6 Para. 1 Letter (f) GDPR. The processing of the personal data transmitted by you is necessary for the purpose of dealing with your concern.

10. Data processing of contacts by telephone

If you contact a member of IfaD’s staff by telephone, your personal data will be processed insofar as it is necessary for dealing with your concern.

11. Data processing when making personal contact

If you contact an IfaD employee personally and you give us your business card, your personal data will be recorded in our CRM to the extent necessary and processed to process your request.

12. Data processing in connection with the use of social networks

We provide online offerings on various social media platforms in order to provide information there and to be able to come into contact with you. We have no influence on the processing of personal data by the respective platform opera-tors. As a rule, when visiting our social media offerings, cookies from the plat-form operator are stored in your browser in which your usage behaviour or interests are stored for the purposes of market research and advertising. The us-age profiles obtained in this way – usually across all devices – are used by the platform operators in order to display personalised advertising to you. The processing of the data can also affect persons who are not registered as users of the respective social media platform. In some circumstances your data is processed outside the territory of the European Union, which can make it harder for you to assert your rights. However, in our choice of social media platforms, we take care to ensure that the operators commit themselves to complying with the data protection standards of the EU.
The processing of your personal data when visiting one of our social media offerings takes place on the basis of our legitimate interest in a diverse external presentation of our company and the utilisation of effective means of information and communication with you. The legal basis for this is Art. 6 Para. 1 Let-ter (f) GDPR. It may be that you have given your consent to a platform operator to process the data, in which case the legal basis is Art. 6 Para. 1 Letter (a) GDPR.

You can find detailed information about data processing in connection with the use of our social media offerings, opt-out possibilities and the assertion of your disclosure rights in the data protection statements of the relevant platform operators.

Twitter: Provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
Data protection statement: https://twitter.com/de/privacy
Opt-Out: https://twitter.com/personalization

LinkedIn: Provider: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland
Data protection statement: https://www.linkedin.com/legal/privacy-policy
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Xing: Provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany
Data protection statement: https://privacy.xing.com/de/datenschutzerklaerung
Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung

Data processing when making personal contact If you contact an IfaD employee personally and you give us your business card, your personal data will be recorded in our CRM to the extent necessary and processed to process your request.
No social media plug-ins are used while the user is working with ADABOX.

13. Deletion of data and storage period

The personal data of the data subject will be deleted or locked as soon as the purpose of storage ceases to apply. Further storage can take place when this is provided for by European Union or Member State laws, statutes or other regulations to which the responsible entity is subject. The locking or deletion of the data also takes place on expiry of a retention period under the above-mentioned rules, unless there is a requirement for the further storage of the data for the conclusion or performance of a contact.

14. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 Para. 1 letter (a) of the EU General Data Protection Regulation (German: DSGVO) serves as the legal basis for the processing of personal data.

For the processing of personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 Para. 1 letter (b) GDPR serves as the legal basis. This also applies to processing that is necessary for the implementation of steps prior to entering into a contract.

Insofar as the processing of personal data is required for compliance with a legal obligation to which our company is subject, Art. 6 Para. 1 Letter (c) GDPR serves as the legal basis. In the event that the vital interests of the data subject or of another natural person make the processing of personal data necessary, Art. 6 Para. 1 Letter (d) GDPR serves as the legal basis.

If the processing is necessary for the protection of a legitimate interest by our company or a third party and the interests and fundamental rights and freedoms of the data subject do not override the first-named interest, Art. 6 Para. 1 Letter (f) GDPR serves as the legal basis for the processing.

15. Transmission of data

No transmission of your personal data to third parties takes place other than for the purposes listed below.
We only give your personal data to third parties when:

  • You have given your express consent according to Art. 6 Para. 1 Sentence 1 Letter (a) GDPR
  • The transmission is required according to Art. 6 Para. 1 Sentence 1 Letter (f) GDPR for the establishment, exercise or defence of legal claims and there is no reason to believe that you have an overriding protected interest in the non-transmission of your data
  • In the event that a legal obligation exists for the transmission according to Art. 6 Para. 1 Sentence 1 Letter (c) GDPR, as well as
  • When this is necessary and permissible under statute according to Art. 6 Para. 1 Sentence 1 Letter (b) GDPR for the pursuance of contractual relations with you.

16. Cookies

IfaD does not use cookies on adabox.de.

17. Analysis tools

We use the open-source software Matomo to analyze and statistically evaluate the use of the website. We do not use cookies for this. Information about web-site usage is summarized in pseudonymous usage profiles.

18. Rights of the data subject

You have the right:

  • According to Art. 15 GDPR, to obtain information about your personal data that is stored by us. In particular you can obtain information about the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data has been or will be disclosed, the envisaged storage period, the existence of a right to rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing, the right to lodge a complaint, the source of your data insofar as it was not collected by us, as well as the existence of automated decision-making including profiling, and where relevant meaningful information about the processes involved;
  • According to Art. 16 GDPR, to obtain without undue delay the rectification of inaccurate personal data or the completion of incomplete personal data that is stored by us;
  • According to Art. 17 GDPR, to obtain the erasure of your personal data that is stored by us, insofar as the processing is not required for the exercise of the right to free expression of opinion and Information, for the fulfilment of a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • According to Art. 18 GDPR, to obtain the restriction of the processing of your personal data, insofar as the correctness of the data is disputed by you, the processing is unlawful and you oppose its erasure, and we no longer require the data but you require it for the establishment, exercise or defence of legal claims or you have lodged an objection against its processing in accordance with Art. 21 GDPR;
  • According to Art. 20 GDPR, to receive or to transfer to another responsible controller your personal data that you have made available to us in a structured, commonly-used and machine-readable format;
  • According to Art. 7 Para. 3 GDPR, to withdraw your previously expressed consent to us at any time. This has the consequence that in the future we can no longer continue the data processing to which this consent referred, and
  • According to Art. 77 GDPR, to lodge a complaint to a supervisory authority. For this purpose, as a rule you can approach the data protection authority (see number 20) responsible for your usual place of work or residence, or our company office.

19. Right of objection

Insofar as your personal data is processed on the basis of legitimate interests according to Art. 6 Para. 1 Sentence 1 Letter (f) GDPR, you have the right in accordance with Art. 21 GDPR to lodge an objection against the processing of your personal data, when grounds for this can be shown to arise out of your special situation or if your objection is directed against direct advertising. In the latter case you have a general right of objection, which will be implemented by us without showing a special situation.

If you wish to make use of your or right of withdrawal or objection, an e-mail to datenschutz@ifad.de will suffice.

 

20. The data protection authority

Should you have a complaint about the manner in which we process your data, you have the possibility of lodging a complaint with any data protection authority. For us this is:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Str 22, 7. OG
20459 Hamburg
Tel.: +49 (0) 40 / 428 54 – 4040
Fax: +49 (0) 40 / 428 54 – 4000
E-Mail: mailbox@datenschutz.hamburg.de

21. Currency and amendment of this Data Protection Statement

This data protection declaration is currently valid and has the status of December 2023. It may be necessary to amend this Data Protection Statement on account of the further development of our website and offerings or for reasons of changing statutory or official requirements.