Privacy policy Escort You
Privacy policy
Content
I. Privacy policy brief overview
III. General notes and mandatory information
IV. Data collection on this website
IV.1 Provision of the website and creation of log files
IV.3 Newsletter (Fluent CRM) and electronic notification
IV.4 Forms, contact, booking, casting, telephone and e-mail contact
IV.6 Advertisements / advertising profiles
I. Privacy policy: brief overview
General information
Thank you for visiting our website. In the following, we would like to give you a simple overview of what happens to your personal data when you visit our website. Personal data is any information that can be used to identify you personally. For detailed information on the subject of data protection, please refer to our privacy policy below.
Status: November 21, 2023
Data collection on this website
Who is responsible for data collection on this website?
The website operator is responsible for data processing on this website. You can find the relevant contact details in the “Information on the responsible party” section of this privacy policy.
How do we collect data?
We collect your data in two ways. Both through your direct communication, for example when filling out a contact form, and automatically or after your consent during your visit to the website through our information technology systems. This is mainly technical information such as your internet browser, operating system or the time at which you accessed the page. Automatic data collection begins as soon as you enter our website.
You can reject this analysis or prevent it by not using certain tools.
For what purpose do we use your data?
Some of the data is collected to ensure that the website is provided without disruption. Other data may be used to analyze your user behavior.
What rights do you have in relation to your data?
You have the right to receive information about the origin, recipients and purpose of your stored personal data free of charge at any time (Art. 15 GDPR). In addition, you have the right to request the rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) of this data. If you have consented to the processing of your data, you can revoke this consent at any time. Under certain conditions, you also have the right to restrict the processing of your personal data (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR).
You have the right to revoke your consent to the processing under the legal requirements (Art. 21 GDPR). You also have the right to lodge a complaint with the competent supervisory authority (Art. 77 GDPR). Further details on your rights can be found in Chapter 3 of the GDPR and in Section VIII “Your rights in detail” of this privacy policy. If you have any questions about this or other questions about data protection, you can contact us at any time.
Analysis tools and tools from third-party providers
When you visit this website, your surfing behavior may be statistically evaluated. This is mainly done using cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you.
You can reject this analysis or prevent it by not using certain tools. You can find detailed information about these tools and your options for objecting in the following privacy policy.
Change privacy settings
When you visited this website for the first time, you saw a consent dialog. You can view the settings made there, change your consent or revoke it:
II. Hosting
External hosting
This website uses the services of an external service provider (hoster) for its provision. The personal data collected, such as IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other information generated by the website, are stored on the hoster’s servers.
The host is used to fulfill contracts with potential and existing contractual partners and for the efficient provision of our online offer by a professional provider (Art. 6 para. 1 GDPR). The legal basis for the processing of personal data can be found in the section “General information on the legal basis for the processing of personal data” Your consent can be revoked at any time.
The hoster commissioned by us processes your data exclusively to the extent necessary to fulfill its performance obligations and follows our instructions with regard to this data.
We use the following hoster:
manitu GmbH
Welvertstraße 2
66606 St. Wendel
Germany
Data processing
We have concluded a data processing agreement (DPA) with our hoster for the use of the above-mentioned service. The agreement complies with data protection regulations and ensures that the host processes the personal data of our website visitors exclusively in accordance with our instructions and in compliance with the GDPR.
III. General notes and mandatory information
Privacy policy
The persons responsible for these pages attach great importance to the protection of your personal data. We treat your personal information confidentially and in accordance with the applicable data protection regulations and the information in this privacy policy.
When you use this website, various types of personal data are collected. Personal data is information that can make you personally identifiable. This privacy policy explains what data we collect, how we use it and for what purpose.
We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. It is not possible to guarantee complete security of data against access by third parties.
Note on the responsible party
The responsible party for data processing on this website is:
ESYOU Connect
Drostestraße 2
30161 Hannover
Telefon: 0163 1770170
E-Mail: info@escort-you.com
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
General information on the legal basis for the processing of personal data
Insofar as we obtain your consent for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis for the processing of your personal data. If the consent includes the storage of cookies or access to information in the end device of the user (e.g. device fingerprinting) within the meaning of the TTDSG, Section 25 (1) TTDSG applies.
If your data is required to fulfill the contract or to carry out pre-contractual measures, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR. In addition, your data will be processed in accordance with Art. 6 para. 1 lit. c GDPR if this is necessary to fulfill a legal obligation. If the processing is necessary to safeguard our legitimate interests or those of a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis.
Note on the transfer of data to third countries without adequate data protection standards and on the transfer of data to US companies without DPF certification
Among other things, we use tools from companies based in third countries that are not secure under data protection law, as well as US tools whose providers are not certified in accordance with the EU-US Data Privacy Framework (DPF). If these tools are active, there is a possibility that your personal data will be transferred to these countries and processed there. We would like to point out that in third countries without adequate data protection standards, a level of data protection comparable to that in the EU cannot be guaranteed.
It should be noted that the USA is generally regarded as a safe third country with a level of data protection comparable to that of the EU. The transfer of data to the USA is therefore permitted if the recipient is certified under the “EU-US Data Privacy Framework” (DPF) or has suitable additional guarantees. Further details on data transfers to third countries, including the recipients of data, can be found in this privacy policy.
Recipients of personal data
As part of our business activities, we work together with various external bodies. In some cases, it is necessary to pass on personal data to these external parties. We transfer personal data to external bodies exclusively under the following conditions: in the context of contract fulfillment, if legal obligations require this, if there is a legitimate interest in the transfer pursuant to Art. 6 para. 1 lit. f GDPR, or if another legal basis permits the data transfer.
When using processors, we only pass on the personal data of our users on the basis of a valid contract for order processing. In the case of joint processing, a joint processing agreement is concluded.
Storage period and data erasure
Your personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if the prescribed storage period in accordance with the aforementioned standards has expired. This does not apply if continued data storage is necessary for the conclusion or fulfillment of a contract.
SSL or TLS encryption
SSL or TLS encryption is used on this website to protect your transmitted data in the best possible way. You can recognize such encrypted connections by the prefix “https://” in the page link in the address bar of your browser and by the lock symbol in the browser line. Unencrypted pages are marked with “http://”.
All data that you transmit to this website cannot be read by third parties thanks to SSL encryption.
Encrypted payment transactions on this website
If there is an obligation to provide us with your payment details (e.g. account number) after the conclusion of a fee-based contract, this data is required for payment processing.
Payment transactions using common payment methods (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection. You can recognize such encrypted connections by the prefix “https://” in the page link in the address bar of your browser and by the lock symbol in the browser line.
Encrypted communication prevents third parties from reading your transmitted payment data.
IV. Data collection on this website
IV.1 Provision of the website and creation of log files
Description and scope of data processing
Each time you visit our website, the provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version used
- Operating system used
- Amount of data sent in bytes
- IP address
- Referrer URL (the previously visited page)
- Access time
The data collected is stored anonymously for analysis purposes beyond the user’s visit to the website and deleted after a short retention period.
Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
Purpose of the data processing
Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s device. For this purpose, the user’s IP address must be stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. The data is not analyzed for marketing purposes in this context. These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.
Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is usually the case after one month at the latest.
Possibility of objection
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Therefore, there is no possibility of objection.
IV.4 Forms, contact, booking, casting, telephone and e-mail contact
Data submitted via forms (e.g. contact form, casting form), including your contact details, will be stored in order to process your request or to be available for follow-up questions. If you contact us by e-mail or telephone, we will store and process your request, including all personal data resulting from it (e.g. name, request) for the purpose of processing your request. This data will not be passed on without your consent.
If you contact us via the booking form, you are generally required to consent to the transfer of your data to third parties. As soon as you consent to the transfer and send the booking request, your details from the request form, including the contact details you provided there, will be sent to us and directly to the contact you requested (third party) and stored for the purpose of processing the request and in the event of follow-up questions.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested. You can revoke your consent at any time.
We will retain the data you provide on forms or other contact requests until you request its deletion, revoke your consent to its storage or until there is no longer any need to store the data. Mandatory statutory provisions – in particular retention periods – remain unaffected.
IV.5 Ratings
Description and scope of data processing
For the comment or evaluation form on this page, in addition to your details, information on the IP address, browser, operating system, time of creation and, if you are not posting anonymously, the name you have chosen will be stored.
Storage of the IP address and purpose
Our comment and rating function also stores the IP addresses of people who write a rating. As we check comments and ratings on this website for authenticity before activating and anonymizing them, we need this data for the plausibility check. In doing so, we check whether the posting and comment or rating are related to each other in terms of time and space and whether there are any contradictions.
Legal basis for data processing
The comments are stored on the basis of your consent (Art. 6 para. 1 lit. a GDPR).
Duration of storage
The comments or ratings and the associated data are stored and remain on this website until the commented content has been completely deleted.
Possibility of revocation
You can withdraw your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
IV.6 Advertisements / advertising profiles
The procedure for placing an advertisement with us requires that you provide us with the data necessary for your assessment and selection. The information required can be found on the casting form and on the profile form that must be completed in addition to the profile creation.
In principle, the required information includes personal details such as name, address, a contact option, a profile text, bank details in the case of using the fiduciary service, as well as other data in order to be able to present an effective advertising profile.
In the event of a successful advertisement, the data provided by you may be used for the purposes of profile creation, publication on the website, profile search, contact by third parties, notifications by us, ensuring successful payment transactions and for other matters where the further processing of your data is based on our legitimate interest.
You have the option of sending us the data via the casting form and by e-mail. Please note that e-mails on the Internet are generally not sent in encrypted form. As a rule, e-mails are encrypted in transit, but not on the servers from which they are sent and received. We can therefore accept no responsibility for the transmission of information between the sender and the recipient.
Legal basis
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested. You can revoke your consent at any time.
Deletion of data:
If the application for an advertisement is not successful, your data will be deleted. If a contract is concluded, the transmitted data will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need to store the data (e.g. termination of the contract). Mandatory statutory provisions – in particular retention periods – remain unaffected.
V. Analysis tools and advertising
V.1 Google Analytics
If you have given your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St., Dublin, D04 E5W5, Ireland (“Google”).
Type and purpose of processing
Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.
We use the User ID function. With the help of the user ID, we can assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and analyze user behavior across devices.
In Google Analytics, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. According to Google, the IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.
During your visit to the website, your user behavior is recorded in the form of “events”. Events can be:
- Page views
- First visit to the website
- Start of the session
- Visited web pages
- Your “click path”, interaction with the website
- Scrolls (whenever a user scrolls to the end of the page (90%))
- Clicks on external links
- internal search queries
- Interaction with videos
- File downloads
- viewed/clicked ads
- language setting
Also recorded:
- Your approximate location (region)
- Date and time of your visit
- Your IP address (in abbreviated form)
- Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
- your internet provider
- the referrer URL (via which website/advertising medium you came to this website)
Purposes of the processing
On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website.
Recipients
Recipients of the data are/may be
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor pursuant to Art. 28 GDPR)
- Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
- Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
Third country transfer
The European Commission adopted its adequacy decision for the USA on July 10, 2023. Google LLC is certified under the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider.
Storage period
The data sent by us and linked to cookies is automatically deleted after 14 months. The maximum lifespan of Google Analytics cookies is 2 years. Data whose retention period has been reached is automatically deleted once a month.
Legal basis
The legal basis for this data processing is your consent in accordance with. Art.6 para. 1 sentence 1 lit. a GDPR and § 25 para. 1 sentence 1 TTDSG.
Withdrawal of consent
You can revoke your consent at any time with effect for the future by accessing the cookie privacy settings and changing your selection there. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may limit the functionality of this and other websites. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by
- not giving your consent to the setting of cookies or
- downloading and installing the browser add-on to deactivate Google Analytics here.
You can find more information on the terms of use of Google Analytics and on data protection at Google athttps://marketingplatform.google.com/about/analytics/terms/de/and athttps://policies.google.com/?hl=de.
Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that your personal data will only be processed in accordance with our instructions and in compliance with the GDPR.
VI. Plugins and embedded functions and content
This website may include functional and content elements that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These may be, for example, videos, images, graphics, texts, maps, etc. (hereinafter uniformly referred to as “content”).
The integration always requires that the third-party providers of this content process the IP address of the user, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content or function. We endeavor to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags can be used to analyze information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our website, as well as being linked to such information from other sources.
Processed data types:
Usage data (e.g. websites visited, interest in content, access times); meta, communication and process data (e.g. IP addresses, time data, identification numbers, consent status); inventory data (e.g. names, addresses); contact data (e.g. email, telephone numbers). Content data (e.g. entries in online forms).
Purposes of processing: Provision of our online offer and user-friendliness; provision of contractual services and fulfillment of contractual obligations. Security measures.
Legal basis: Legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.
VI.1 Fonts (local Hosting)
This site uses so-called web fonts for the uniform display of fonts. The fonts are installed locally. There is no connection to Google servers.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy:https://policies.google.com/privacy?hl=de.
VI.2 Real Cookie Banner
Our website uses the consent technology of Real Cookie Banner to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies (tracking pixels, web beacons, etc.) and to document these in compliance with data protection regulations. The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling (hereinafter referred to as devowl.io). Details on how “Real Cookie Banner” works can be found athttps://devowl.io/de/rcb/datenverarbeitung/.
When you enter our website, a cookie is stored in your browser in which the consent you have given or the revocation of this consent is stored. This data is not passed on to the provider of Real Cookie Banner.
The data collected will be stored until you ask us to delete it or delete the Real Cookie Banner cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected.
The legal basis for the processing of personal data in this context is Art. 6 para. 1 lit. c GDPR and Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.
Change privacy settings
History of privacy settings
Revoke consent
VI.3 Fluent Forms
Data is collected via all forms displayed on our website using the Fluent Forms plugin. The “Fluent Forms” plugin is from the company WPManageNinja LLC, 2035 Sunset Lake Road, Suite B-2, Newark, 19702 USA. The data that is not forwarded by email when the form is sent is stored locally (i.e. with our hoster). The data that is not forwarded by email when the form is sent is stored locally (i.e. with our hoster). All further details on data processing can be found in section IV.4 “Forms, contact, booking, casting, telephone and e-mail contact” in this privacy policy.
VI.4 Appointment booking
You can book an appointment for a non-binding casting, interview or other questions via our website. For this purpose, we use the “FluentBooking” service from WPManageNinja LLC, 2035 Sunset Lake Road, Suite B-2, Newark, 19702 USA. We use FluentBooking to enable you to book appointments automatically. FluentBooking uses cookies for this purpose.
In addition to the desired date and name, the following personal data is also processed by FluentBooking:
- E-mail address
- telephone number
No data is passed on to third parties in this context. The legal basis for the processing of the data is our legitimate interest in the effective processing of the requests addressed to us in accordance with Art. 6 para. 1 lit. f GDPR and, if applicable, Art. 6 para. 1 lit. b GDPR, if your request is aimed at the conclusion of a contract.
The personal data collected for consultation will be erased as soon as we have contacted you in a timely manner or have been unsuccessful. Continued processing will only take place if it is necessary in the context of the initiation and execution of a contract or for the fulfillment of contractual purposes. In the case of Art. 6 para. 1 lit. f GDPR, you can object to the processing of your personal data at any time.
You can prevent the collection and processing of your personal data by FluentBooking by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker, such as NoScript or Ghostery, in your browser.
Further information on the processing of data by FluentBooking can be found here: https://fluentbooking.com/privacy-policy/
VI.5 Google Maps
This site uses the map service Google Maps via an API. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
By using websites in which Google Maps is integrated, information about the use of this website is transmitted to Google (e.g. IP address, website accessed, date and time, location data if applicable).
Google Maps cookies are stored on the basis of your consent in accordance with Art. 6 para. 1 f GDPR. Our legitimate interest lies in optimizing the functionality of our website.
The provider of this site has no influence on this data transfer, further processing and use of the data by Google and can therefore assume no responsibility for this. Insofar as Google transmits data to servers in the USA, their protection is guaranteed by the Transatlantic Data Privacy Framework Agreement.
If you are logged in to Google, Google can assign your data directly to your Google account. If you do not want this assignment, you must log out of Google before using our website. To the best of our knowledge, Google uses the data (even from users who are not logged in) for the purposes of advertising, market research and/or the needs-based design of its websites. You can exercise your right to object directly against Google.
You can also set your browser to prevent the storage of cookies and deactivate JavaScript. In this case, however, the map display may not be fully usable.
The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this regard and setting options to protect your privacy can be found in Google’s data protection information:https://policies.google.com/privacy?hl=de
VI.6 Youtube
Videos from the video platform YouTube (Google Inc.) are integrated or embedded on our website. YouTube is a service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Details on the handling of your personal data can be found in YouTube’s privacy policy: https://policies.google.com/privacy?hl=de.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every DPF-certified company undertakes to comply with these data protection standards.
In order to be able to watch an embedded YouTube video, you must give your active consent. This is ensured by the Consent Management Tool.
- Purposes of processing: Provision of a comprehensive and professional knowledge offering with videos. User-friendly playback option for video content. Speed of playback of the video content.
- Legal basis: Consent pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO which you can revoke at any time.
- Storage period: anonymized data is stored for a maximum of 14 months. The data is then automatically deleted
- Datenempfänger: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Mutterunternehmen: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA - Option to object (opt-out)
- Third country transfer: Insofar as non-anonymized data is transferred to Google LLC, data processing takes place in the USA.
VI.7 Use of messenger services
When contacting us via messenger services such as WhatsApp or Telegram, the data protection guidelines of the respective providers apply, over which we have no influence. We would like to point out that the messenger services have different data protection standards to us. You can view the privacy policies of these providers here:
Data protection at Telegram:https://telegram.org/privacy
Data protection at WhatsApp:https://www.whatsapp.com/legal/privacy-policy-eea?lang=de_DE
We have no influence on the data protection regulations and settings of these platforms. As far as possible, we handle your data with the utmost sensitivity and are not liable for any damage caused by your use of these messenger services.
The processed data is only and exclusively used for messenger communication with you as part of our offer.
If you use a messenger such as Telegram or WhatApp, it cannot be ruled out that personal data will also be transferred to the USA, as these messengers store data on servers there. According to the findings of the European Court of Justice in the decision on the Privacy Shield (judgment in case C-311/18 “Schrems II”), the level of data protection in the USA is lower than within the scope of the GDPR. However, we do not transfer any of your personal data or initiate such a transfer, as you have consented to corresponding data processing by the service providers on the basis of your registration with them.
VII. Payment services
We integrate third-party payment services on our website. If you use the fiduciary service with us, your payment data (e.g. name, payment amount, account details, credit card number) will be processed by the payment service provider for the purpose of payment processing. The respective contractual and data protection provisions of the respective providers apply to these transactions. The payment service providers are used on the basis of Art. 6 para. 1 lit. b GDPR (contract processing) and in the interest of a smooth, convenient and secure payment process (Art. 6 para. 1 lit. f GDPR). Insofar as your consent is requested for certain actions, Art. 6 para. 1 lit. a GDPR is the legal basis for data processing; consent can be revoked at any time for the future.
We use the following payment services/payment service providers on this website:
In the case of online payment methods, payment is processed via the payment service provider PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).
Detailed information about PayPal’s privacy policy can be found at the following link:https://www.paypal.com/de/legalhub/privacy-full.
VIII. Your rights in detail
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis us pursuant to Articles 15-22 GDPR:
Right of access, rectification and erasure (Articles 15, 16, 17 GDPR)
In accordance with Art. 15, para. 1 GDPR, you can request confirmation as to whether personal data concerning you is being processed. If the processed personal data concerning you is incorrect or incomplete, you have a right to rectification and/or completion in accordance with Art. 16 GDPR.
According to Art. 17 para. 1 GDPR, you have the right to erasure of your personal data. Under certain conditions (Art. 17 (1) (a) to (f)), your data must be erased immediately.
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
Right to restriction of processing (Article 18 GDPR)
Under the following conditions, you can, in accordance with Art. 18 f. GDPR, you may request the restriction of the processing of personal data concerning you:
- If you contest the accuracy of the personal data concerning you for a period enabling us to verify the accuracy of the personal data;
- if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead
- If we no longer need the personal data for the purposes of the processing, but you require it for the establishment, exercise or defense of legal claims; or
- If you have objected to the processing pursuant to Art. 21 para. 1 GDPR and it is not yet certain whether our legitimate reasons outweigh your reasons.
If the processing of personal data concerning you has been restricted, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.
Right to information (Article 19 GDPR)
If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. In accordance with Art. 19 GDPR, you have the right to be informed about these recipients.
Right to data portability (Article 20 GDPR)
In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format. In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible.
Right to object (Art. 21 GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 (1) GDPR. 1 lit. based on point e or f GDPR. This also applies to profiling based on these provisions. The responsible party will no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (objection pursuant to Art. 21 para. 1 GDPR).
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. This also applies to profiling insofar as it is associated with such direct advertising. If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes (objection pursuant to Art. 21 (2) GDPR).
In connection with the use of information society services – notwithstanding Directive 2002/58/EC – you have the option of exercising your right to object by automated means using technical specifications.
Right to revoke the declaration of consent under data protection law (Art. 7 para. 1 GDPR)
You have the right to withdraw your declaration of consent under data protection law at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
Automated decision in individual cases including profiling (Art. 22 GDPR)
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
- is necessary for the conclusion or performance of a contract between you and the responsible party
- is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
- with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests. With regard to the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
IX. Social networks
Data processing by social networks
We operate publicly accessible profiles in social networks. Our website also contains links that activate the functions of individual social networks (hereinafter simply referred to as “services”). If you click on one of these links, a direct connection is established between your browser and the service, even without you leaving our site. As a result, the service receives the information that you have visited our site with your IP address. These services are:
Facebook, Instagram (Facebook Meta Platforms) Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
X (Twitter International Company), One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland
Links on our site that connect you to Facebook can be recognized by the Facebook logo (“f”), links that connect you to Instagram can be recognized by the Instagram logo. Links that you connect with X can be recognized by the X logo. We share some internal insights into the agency on Facebook, Instagram and X to communicate our company culture to the outside world and to promote our services.
Facebook privacy policy: https://www.facebook.com/privacy/policy/
Instagram privacy policy: https://privacycenter.instagram.com/policy
Privacy policy X: https://x.com/de/privacy
If you click on such a link while you are logged in to the corresponding service, your visit to our pages may be assigned to your user account with this service. You can prevent this by logging out of the relevant account before clicking on the link. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.
Please also note that we cannot track all processing operations on the social media portals. Please also note that we cannot track all processing operations on the social media portals. For details, please refer to the terms of use and data protection provisions of the respective services.
If the advertiser agrees to the use of images, videos or audio files for marketing purposes on social media channels, Escort You may upload this material to selected platforms (Facebook, Instagram, X). By uploading photos to a social network, the advertiser grants the social network a license to use this content.
Legal basis
Our presence on social media platforms aims to ensure the widest possible visibility on the Internet. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. The analysis procedures started by the social networks may be based on different legal bases, which must be specified by the respective operators of the social networks (e.g. consent pursuant to Art. 6 para. 1 lit. a GDPR).
Controller and assertion of rights
If you visit one of our social media sites (e.g. X, Facebook), we are jointly responsible with the operator of the respective social media platform for the data processing processes triggered by this visit. In principle, you can assert your rights (such as information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the corresponding social media portal (e.g. X, Facebook).
Please note that despite our joint responsibility with the operators of the social media portals, we do not have complete influence over their data processing operations. Our scope of action depends largely on the guidelines of the respective provider.
Storage period
The data collected by us directly via our social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose of data storage no longer applies. Stored cookies remain on your end device until you delete them yourself. Mandatory statutory provisions, in particular retention periods, remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For detailed information on this, please contact the operators of the social networks directly (e.g. their privacy policy, see above).
Your rights
You have the right to receive information about the origin, recipients and purpose of your stored personal data free of charge at any time. You also have the right to object, the right to data portability and the right to lodge a complaint with the competent supervisory authority. You can also request the rectification, blocking, erasure and, under certain conditions, the restriction of the processing of your personal data.
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as Meta). According to Meta, the data collected is also transferred to the USA and other third countries.
We have concluded an agreement with Meta on joint processing (Controller Addendum). This agreement defines which data processing operations we or Meta are responsible for when you visit our Facebook page. You can view this agreement under the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings yourself in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendumand https://de-de.facebook.com/help/566994660333381. Details can be found in Facebook’s privacy policy: https://www.facebook.com/privacy/policy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every DPF-certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
X
We use the short message service X. The provider is X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A. For the European region, Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland is responsible for the processing of personal data.
You can adjust your X privacy settings yourself in your user account. Click on the following link and log in: https://x.com/settings/account/personalization.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://gdpr.x.com/en/controller-to-controller-transfers.html. Details can be found in the privacy policy of X: https://x.com/de/privacy.
We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policyandhttps://de-de.facebook.com/help/566994660333381. Details on how they handle your personal data can be found in Instagram’s privacy policy: https://privacycenter.instagram.com/policy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every DPF-certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
X. Amendment and updating of the privacy policy
We ask you to inform yourself regularly about the content of our privacy policy. We will update the privacy policy as soon as changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification.
If we provide addresses and contact information of companies and organizations in this privacy policy, please note that the addresses may change over time and ask you to check the information before contacting us.