ARTICLE 1 – GENERAL PROVISIONS
|Underlying right||The data protection declaration is based on the European Union’s Basic Data Protection Regulation No. 2016/679 (“DSGVO”), supplemented by the Federal Data Protection Act.|
|Privacy and protection of minors||Our services are not intended for minors and are reserved exclusively for persons over 18 years of age. We do not collect or process any personal data of minors through our services. If we are informed about the processing of personal data of minors, we will take appropriate measures to permanently delete such data from our servers.|
ARTICLE 2 – THE PERSONAL DATA WE COLLECT
BARC Services and Events
Depending on how you use BARC’s resources, services and products and the purpose for which you contact BARC, we may collect various types of personal information about you (your “Personal Information”) in connection with events, market research or consulting.
- Personally identifiable information (Name, company, address, email address)
- Use of event services (areas of interest in the topics covered by BARC, history of participation in BARC events, history of your subscriptions, etc.)
- Comments and interactions with BARC’s Customer Relationship Management Services;
- Payment information (if you use BARC services or paid products).
- Information provided as part of market studies.
- BARC newsletter subscriptions;
- Receiving and sending emails, text messages and other electronic communications between BARC and you.
If you use the Website for informational purposes only (i.e., if you do not register or otherwise provide us with information), we only collect the personal data that your browser sends to our server. If you wish to view our Website, we collect the following data, which is technically necessary for us to display the Website and to ensure its stability and security (legal basis is Art. 6 Para. 1 S. 1 lit. f DS-GVO)
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transmitted in each case
- Website from which the request comes
- Operating system and its interface
- Language and version of the browser software.
In addition to the data mentioned above, cookies are stored on your computer when you use the Website. Cookies are small text files that are stored on your hard disk assigned to the browser you are using and through which certain information flows to the site that sets the cookie (here by us). Cookies cannot execute programs or transfer viruses to your computer. They serve to make your internet experience more user-friendly and effective.
a) This website uses the following types of cookies, the scope and function of which are explained below:
- Transient cookies (see b)
- Persistent cookies (see c).
b) Transient cookies are automatically deleted when you close the browser. This includes in particular session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This allows your computer to be recognized when you return to the Website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all the functions of the Website.
f) The Flash cookies used are not registered by your browser, but by your Flash plug-in. We also use HTML5 storage objects, which are stored on your end device. These objects store the required data regardless of the browser you use and have no automatic expiration date. If you do not want Flash cookies to be processed, you must install an appropriate add-on (e.g., the Adobe Flash Killer cookie for Google Chrome). You can prevent the use of HTML5 storage objects by setting your browser to private mode. We also recommend that you regularly delete your cookies and browser history manually.
Orders and registrations through the Website
(1) If you want to order or make use of paid services via the Website (e.g., registration for a seminar), it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order or registration. Mandatory data necessary for the processing of contracts is marked separately, further information is voluntary. We process the data provided by you to process your order or registration. For this purpose we can pass on your payment data to our house bank. The legal basis for this is Art. 6 para. 1 p. 1 lit. b DS-GVO. We may also process the data you provide in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information.
(2) We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years.
(3) To prevent unauthorized access by third parties to your personal data, in particular financial data, the ordering process is encrypted using TLS technology.
ARTICLE 3 – USE OF YOUR PERSONAL DATA BY BARC
We collect and use your personal data only if this is permitted by law or if you consent to the collection of data. Personal data is defined as all information which serves to determine your person and which can be traced back to you – such as your name, e-mail address and telephone number.
Data is processed for the purpose of providing and arranging our services within the framework of the execution of our contracts or for the implementation of pre-contractual measures, which are carried out on request. The purposes of data processing are primarily based on the specific service (e.g., implementation of events).
Furthermore, the processing of personal data is based on our legitimate interest in fulfilling our contractually agreed services and optimizing our offer.
Use of analysis tools on the Website
– Use of Google Analytics
a) This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the Website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, in the event that IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the Website, to compile reports on the Website activities and to provide further services to the Website operator in connection with the use of the Website and the Internet.
b) The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google.
d) This website uses Google Analytics with the extension “_anonymizeIp()”. This allows IP addresses to be processed in a shortened form, thus excluding the possibility of personal references. If the data collected about you contains a personal reference, this is immediately excluded and the personal data is therefore deleted immediately.
e) We use Google Analytics to analyse and regularly improve the use of the Website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has subjected itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f DS-GVO.
f) Information provided by the third party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User conditions: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, and the data protection declaration: http://www.google.de/intl/de/policies/privacy.
– Use of HubSpot
We use HubSpot for our online marketing activities. This is an integrated software solution with which we cover various aspects of our online marketing.
These include among others:
- Content management (Website and blog)
- E-mail marketing (newsletters and automated mailings, e.g., to provide downloads)
- Social Media Publishing & Reporting
- Reporting (e.g., traffic sources, accesses, etc. …)
- Contact management (e.g., user segmentation and CRM)
- Landing pages and contact forms
Our registration service allows visitors to the Website to learn more about our company, download content, and provide their contact information and other demographic information.
This information, as well as the content of the Website, is stored on servers of our software partner HubSpot. We may use this information to contact visitors to the Website and to determine what services of our company are of interest to them.
HubSpot is a software company based in the USA with an office in Ireland. The address is:
2nd Floor 30 North Wall Quay
Dublin 1, Ireland,
Phone: +353 1 5187500.
HubSpot is certified under the “EU – U.S. Privacy Shield Framework” and is subject to TRUSTe’s Privacy Seal and the “U.S. – Swiss Safe Harbor” framework.
- More information from HubSpot regarding the EU data protection regulations
- More information about the cookies used by HubSpot
– Use of Social Media Plugins
On the Website, so-called social media plugins (“plugins”) from social networks are used. These services are provided by the following companies:
LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”).
Facebook is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
Twitter is operated by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland (“Twitter”).
XING is operated by XING AG, Dammtorstraße 30, 20354 Hamburg, Germany.
If you call up a page on the Website that contains such a plugin, your browser establishes a direct connection to the servers of the respective provider. The content of the plugin is transmitted directly to your browser by the respective provider and integrated into the page. Through the integration of the plugin, the providers receive the information that your browser has called up the corresponding page of the Website, even if you do not have a profile or are not currently logged in. This information (including your IP address) is transmitted by your browser directly to a server of the respective provider in the USA, Ireland or Germany and stored there. If you are logged in to one of the Services, the providers can directly assign the visit to the Website to your profile on Facebook and YouTube. If you interact with the plugins and press the corresponding buttons, the corresponding information is also transmitted directly to a server of the providers and stored there. The information is also published on Facebook or YouTube and displayed to your contacts.
For the purpose and scope of data collection and the further processing and use of the data by the providers as well as your rights and settings options for the protection of your privacy, please also refer to the providers’ data protection notices:
- Data protection information from Facebook: http://www.facebook.com/policy.php
If you do not want Facebook, Twitter, Xing or LinkedIn to associate the information collected via the Website directly with your profile in the relevant service, you must log out of the relevant service before visiting the Website. You can also completely prevent the loading of the plugins with add-ons for your browser (e.g., with the script blocker “NoScript” (http://noscript.net/).
ARTICLE 4 – BARC NEWSLETTER
(1) With your consent you can subscribe to our newsletter, with which we inform you about our current offers.
(2) For registrations to our newsletter, we use the so-called double-opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address provided, in which we ask you to confirm that you wish to receive the newsletter. In addition, we store your IP address and the time of registration and confirmation. The purpose of this procedure is to be able to verify your registration and, if necessary, to clarify any possible misuse of your personal data.
(4) We would like to point out that we evaluate your user behavior when sending the newsletter. For the evaluations, we link the data mentioned in article 2 and the newsletter. With the data thus obtained, we create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletter, which links you click on, and deduce your personal interests. We link this data to actions you take on the Website. You can object to this tracking at any time by contacting us by email.
ARTICLE 5 – DATA TRANSMISSION
We undertake not to sell, exchange, rent or otherwise transfer your personal data without your consent, which will be given after prior notification, except in the following cases:
With third parties: We may share your personal data with third parties within or outside the European Union to the extent necessary to fulfil our contractual or pre-contractual obligations or to protect our legitimate interests (e.g., when providing services jointly with third parties).
With third parties for legal reasons: In the event that BARC is required to comply with laws and regulations and/or legal requirements and orders to disclose the data or where legally permissible (e.g., to protect and defend rights, life-threatening, health or safety situations, etc.).
We always require these third parties to provide sufficient guarantees of confidentiality and security and to take the necessary physical, organizational and technical measures to protect and secure your personal data in accordance with the applicable legal provisions. The possible transfer of your personal data outside the European Union is subject to the mechanisms recognized by the European Commission or the competent authorities.
ARTICLE 6 – HOW WE PROTECT YOUR PERSONAL DATA
BARC safeguards your personal information through appropriate physical, organizational, and technical measures to prevent unauthorized access, alteration, use, disclosure, modification or destruction in accordance with applicable law.
These measures include, but are not limited to, storage on servers within the European Union. Only our employees and contractors who are required to process your personal data in accordance with the purposes described in Article 3 are authorized to access it under strict conditions of confidentiality and security.
Although BARC takes all possible measures to protect your personal data, we cannot guarantee the security of the information transmitted on the Website during transmission over the Internet using an insecure protocol.
ARTICLE 7 – YOUR RIGHTS TO YOUR PERSONAL DATA
Access, rectification, updating and deletion of your personal data
In the cases provided for by applicable law, you may request access to your personal data held and processed by BARC, consult it, obtain a paper or electronic copy and request its correction, updating or deletion. You may exercise these rights by sending a written request, together with a copy of your identity card, to the contact persons mentioned in Article 9 “Contact”. We will endeavor to reply to your requests as soon as possible and under the conditions laid down by applicable law. However, in some cases we may not be able to respond positively in order to comply with our legal or contractual obligations.
You can request at any time to no longer receive information or offers by either writing to us at one of the addresses mentioned in article 10 “Contact” or by following the unsubscribe procedure described in the messages received. In some cases, the exercise of your right of objection may lead to a change in the way we provide our services, if your personal data is required as part of this change.
In the cases provided for by applicable law, you may also exercise your right to data transferability by writing to us at the address indicated in article 10 “Contact”. We will endeavor to answer your requests as soon as possible and under the conditions provided for by applicable law. In some cases, however, we may not be able to respond positively in order to fulfill our legal or contractual obligations.
Complaint to a regulatory authority
Without prejudice to other remedies, you have the right to file a complaint with the regulatory authority of the European Union country in which you live, work or believe that your rights have been violated.
ARTICLE 8 – TIME LIMITS FOR THE STORAGE OF DATA COLLECTED
We only store your personal data for as long as necessary to fulfil the various purposes mentioned in Article 3, unless we are legally entitled or obliged to store it for a longer period of time.
ARTICLE 10 – CONTACT
The Data Protection Officer
Berliner Platz 7