DignativeX

Privacy Policy

1. Data Protection at a Glance

The following provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can personally identify you.

2. Responsible Party

DignativeX GmbH

Hofheimerstr. 6

65830 Kriftel, Deutschland

Phone: +49 151 58001564

Email: office@dignativeX.com

3. General Information on Data Processing

We collect, process, and use personal data only to the extent necessary for establishing, structuring, or modifying the legal relationship (inventory data). This is done on the basis of Art. 6 Para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

4. What Data Do We Collect?

When using this website, the following data is collected:

  • Technical data (IP address, browser type, operating system)
  • Access data (date and time of access, pages visited)
  • Contact data you provide through contact forms (name, email, phone number, message)
  • Usage data to improve our website

5. What Do We Use Your Data For?

  • Provision and technical administration of the website
  • Responding to your inquiries via contact forms
  • Improving our services and user experience

6. Legal Basis

Processing is based on Art. 6 Para. 1 lit. a GDPR (consent), Art. 6 Para. 1 lit. b GDPR (contract fulfillment), and Art. 6 Para. 1 lit. f GDPR (legitimate interest in providing a functional website).

7. How Long Do We Store Your Data?

We store personal data only for as long as necessary for the respective purpose or as required by legal retention obligations. Contact inquiries are deleted after processing, unless legal retention obligations require otherwise.

8. SSL/TLS Encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the browser address line changing from 'http://' to 'https://' and the lock symbol in your browser bar.

9. Hosting and Data Processing

Hosting Provider

This website is hosted on Microsoft Azure servers located in Germany (Frankfurt region). Azure processes technical data necessary for providing and securing the website on our behalf.

Microsoft Azure

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

Data processed by Azure includes:

  • Server logs (IP addresses, browser information, access times)
  • Technical data for website operation and security
  • User account data (encrypted)
  • Form submissions and database content

Legal Basis:

The hosting is based on Art. 6 Para. 1 lit. f GDPR (legitimate interest in secure and efficient provision of our website). Microsoft Azure acts as a data processor according to Art. 28 GDPR. A Data Processing Agreement (DPA) exists between us and Microsoft Azure.

Data Location:

All data is stored exclusively on Azure servers in Germany (Frankfurt region) and remains within the European Union. Microsoft Azure complies with GDPR requirements and provides appropriate technical and organizational measures to protect personal data.

For more information about Microsoft Azure's data protection practices:

Microsoft Privacy Statement

10. Contact Form

If you send us inquiries via contact form, your information from the inquiry form, including the contact data you provide there, will be temporarily processed on our server for validation purposes and then sent via your own email client (mailto function). We do not use third-party email service providers for contact form submissions. The data is logged on our server for technical purposes and is not shared with any third parties without your consent.

11. Cookies

This website uses session cookies that are necessary for the functionality of the website. These cookies are automatically deleted when you close your browser.

12. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google LLC ('Google'). Google Analytics uses cookies to help analyze how users use the site.

Google LLC

1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Data collected by Google Analytics includes:

  • Pages visited and time spent on pages
  • Browser type, device type, and screen resolution
  • Geographic location (country, city)
  • Referrer (which website you came from)
  • Anonymized IP addresses (IP anonymization activated)

Legal Basis:

Data processing is based on your consent according to Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time by adjusting your cookie settings.

Data Transfer to USA:

Google Analytics may transfer data to servers in the USA. Google is certified under the EU-US Data Privacy Framework, ensuring an adequate level of data protection.

Data Retention:

We have configured Google Analytics to automatically delete user data after 14 months.

Opt-Out:

You can prevent Google Analytics from collecting data by installing the Google Analytics Opt-out Browser Add-on or by declining analytics cookies in our cookie consent banner.

Google Analytics Opt-out Browser Add-on

Google Privacy Policy:

Google Privacy Policy

13. Payment Processing (Stripe)

Payment Service Provider

We use Stripe for payment processing. Stripe is a payment service provider that handles credit card and other payment transactions securely.

Stripe Payments Europe, Ltd.

1 Grand Canal Street Lower, Dublin 2, Ireland

Data processed by Stripe includes:

  • Name and email address
  • Billing address
  • Payment card details (processed directly by Stripe, not stored by us)
  • Transaction data (amount, currency, timestamp)
  • Device and browser information for fraud prevention

Legal Basis:

Payment processing is based on Art. 6 Para. 1 lit. b GDPR (contract fulfillment). For fraud prevention, Stripe may process additional data based on Art. 6 Para. 1 lit. f GDPR (legitimate interest in preventing fraudulent transactions).

Data Transfer:

Stripe may transfer data to servers in the USA. Stripe is certified under the EU-US Data Privacy Framework, ensuring an adequate level of data protection. Stripe also uses Standard Contractual Clauses according to Art. 46 GDPR.

Data Retention:

Payment data is retained by Stripe in accordance with legal retention requirements and their privacy policy. We retain transaction records for accounting and tax purposes as required by German law (typically 10 years).

Stripe Privacy Policy:

Stripe Privacy Policy

14. External Links

Our website contains links to external websites of third parties over whose content we have no influence. Therefore, we cannot assume any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of a legal violation. If we become aware of legal violations, we will remove such links immediately.

15. Copyright and Related Rights

The content and works on these pages created by the site operators are subject to German copyright law. The duplication, processing, distribution, and any kind of exploitation outside the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this site are only permitted for private, non-commercial use. Insofar as the content on this site was not created by the operator, the copyrights of third parties are observed. In particular, third-party content is marked as such. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. If we become aware of legal violations, we will remove such content immediately.

16. Social Media Plugins and External Media

Use of Social Media Plugins

This website will use plugins from social networks to enable social sharing and interaction. We plan to integrate the following services:

  • LinkedIn (LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA)
  • YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
  • Twitter/X (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland)
  • Xing (New Work SE, Am Strandkai 1, 20457 Hamburg, Germany)
  • Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland)
  • WhatsApp (WhatsApp Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland)

Legal Basis:

The use of social media plugins is based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in the widest possible visibility in social media. When you visit a page with such plugins, your browser may establish a direct connection to the servers of the respective provider. This allows the provider to see that you accessed our website from your IP address.

We will implement these plugins with your consent only (Art. 6 Para. 1 lit. a GDPR). You can manage your preferences in our cookie consent banner.

Data Transfer to Third Countries:

Some of these services are based in the USA. Data transfers to the USA are covered by the EU-US Data Privacy Framework or standard contractual clauses according to Art. 46 GDPR.

Opt-Out:

You can prevent the loading of social media plugins by declining them in our cookie consent settings.

17. Google Maps

Use of Google Maps

We plan to use Google Maps to display interactive maps and enable easy location finding. Google Maps is operated by Google Ireland Limited ('Google'), Gordon House, Barrow Street, Dublin 4, Ireland.

When you use Google Maps, the following data may be processed:

  • IP address
  • Location data (if GPS is enabled)
  • Search queries and interactions with the map
  • Browser and device information

Legal Basis:

The use of Google Maps is based on Art. 6 Para. 1 lit. f GDPR (legitimate interest in user-friendly presentation of our location). When Google Maps is activated, you will be asked for your consent (Art. 6 Para. 1 lit. a GDPR).

Data Transfer to USA:

Google may transfer data to servers in the USA. Google is certified under the EU-US Data Privacy Framework.

For more information about Google's data protection practices:

Google Privacy Policy

Opt-Out:

You can prevent the loading of Google Maps by declining it in our cookie settings or by disabling JavaScript in your browser.

18. Your Rights

You have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR)You have the right to request information about your personal data processed by us.
  • Right to Rectification (Art. 16 GDPR)You have the right to immediately request the correction of incorrect personal data.
  • Right to Erasure (Art. 17 GDPR)You have the right to request the deletion of your personal data.
  • Right to Restriction of Processing (Art. 18 GDPR)You have the right to request the restriction of processing of your personal data.
  • Right to Data Portability (Art. 20 GDPR)You have the right to receive your data in a structured, commonly used, and machine-readable format.
  • Right to Object (Art. 21 GDPR)You have the right to object at any time to the processing of your personal data for reasons arising from your particular situation.

19. Right to Lodge a Complaint with Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data.

Competent Supervisory Authority:
The Hessian Commissioner for Data Protection and Freedom of Information
P.O. Box 3163, 65021 Wiesbaden, Germany
Website: www.datenschutz.hessen.de

20. Changes to This Privacy Policy

We reserve the right to occasionally update this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services. The new privacy policy will then apply to your subsequent visit.

Digitalization for Mid-Market | HR Technology Consulting | DignativeX