of trendig technology services GmbH
Every day, we do all we can to ensure that you are satisfied. Therefore, we also take the protection of your personal data very seriously. Thank you for your confidence in us!
trendig technology services GmbH
In this document, we would like to explain to you, as quickly and clearly as possible, where and how we collect your data, why we do so and what happens to it after we have fulfilled your wishes and orders. If you have any questions or would like to make an objection, write to us and our appointed external data protection officer at:
Or contact us by email at
What terminology do we use?
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
Processing means any operation which is performed on personal data - whether or not by automated means - such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of limiting its processing in the future.
e) Controller or party responsible for the processing
The controller or the party responsible for the processing means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or another body to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
h) Third party
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
As a general rule, it is possible to use our website without entering personal data. However, we would advise that data transfer over the Internet (e.g. when communicating by email) can be subject to security breaches. It is not possible to completely protect data against access by third parties. We run our website using the security protocol HTTPS, via which all data is transferred encrypted. Where the website provides an option to enter personal or business data (e.g. email addresses, names, addresses), you provide this data on a purely voluntary basis.
Does personal data have to be supplied to use the website?
As a general rule, it is possible to use our website without entering personal data. However, we would advise that data transfer over the Internet (e.g. when communicating by email) can be subject to security breaches. It is not possible to completely protect data against access by third parties. We run our website using the security protocol HTTPS, via which all data is transferred encrypted.
Where the website provides an option to enter personal or business data (e.g. email addresses, names, addresses), you provide this data on a purely voluntary basis.
What personal data do we collect?
When you (or your employer) get(s) in touch with us as a prospective customer, customer or applicant and you contact us about our online services by letter, email or telephone, we process personal data where necessary for our services. Personal data is also supplied to us by third parties to which you have given your consent to do so (your employer, training organisation or conference portals, exams providers).
We collect the following personal data for personal identification: First name and surname, telephone number, email address, address, gender, photo, biographical data, employment history, IP address and other information of interest related to event registrations, billing information, user name and password.
What do we use your data for and on what basis?
We have to process your data to fulfil your wishes and our contractual obligations. The basis for the processing is point (b) of Article 6(1) GDPR. The purposes of the data processing are primarily determined by our relevant service or the relevant product. We need your personal data so that we can check whether we can and may offer a product or service.
We also like to write letters or emails with a personal touch to provide offers in keeping with the service or product already purchased from us. We always ask for your explicit consent to do this too and you do of course have the right to prohibit us from sending you further offers besides the actual service.
Who receives your data and why?
Within trendig technology services GmbH, the only employees who receive your data are those that need it to fulfil our contractual obligations and to protect our legitimate interests.
Outside trendig technology services GmbH, we have concluded so-called data processing agreements with all partners who process data on our behalf or on whose behalf we process data. In the case of third parties outside the European Economic Area, we make sure that special contractual clauses are in place to protect your personal data with the same level of care as in the European Economic Area (e.g. Privacy Shield framework or standard contractual clauses).
To fulfil our contractual obligations, we work with subcontractors such as:
- Concardis: We work with Concardis GmbH (Helfmann Park 7, D-65760 Eschborn) in connection with on-site card payments (direct debits/Girocard/credit cards). Card details as well as the amount of the sale and the date are transmitted in this context. All payment details and details of any refunds are only stored for as long as necessary to process the payment (including to process possible refunds and for debt collection) and to prevent misuse. The data is usually erased 13 months after collection at the latest. It may be stored for longer if and as long as necessary to comply with a statutory retention obligation or to investigate a specific case of misuse.
- Other service providers: related to website use are listed below.
We only have a statutory duty to share your personal data with external bodies in line with legal obligations and requirements.
Your right of access, to rectification, to erasure, to restriction of processing
You can object to the analysis and use of your data at any time. You also have the right of access, free of charge, to your stored personal data, its source and recipients, and the purpose of the data processing, as well as the right to the rectification, blocking or erasure of this data. Please note that whether or not you have the right to full erasure depends on whether or not there are legitimate grounds on which it is necessary to process the data.
a) Right of access
You can exercise your right in accordance with Article 15 GDPR at any time and obtain information on which personal data concerning you we are processing.
b) Right to rectification
You can exercise your right in accordance with Article 16 GDPR at any time and obtain the rectification of inaccurate personal data concerning you.
c) Right to erasure
You can exercise your right in accordance with Article 17 GDPR at any time and obtain the erasure of personal data concerning you without undue delay if this data is no longer necessary for the purposes for which it was collected and being processed. Your right to erasure may conflict with other statutory duties (e.g. retention obligations).
d) Right to restriction of processing
You can exercise your right to restriction of processing in accordance with Article 18 GDPR at any time and obtain the restriction of processing provided that the legal requirements for this are met.
e) Right to information
You can exercise your right in accordance with Article 19 GDPR at any time: When you exercise your right to the erasure, rectification or restriction of processing of personal data concerning you, we are obliged to communicate the rectification or erasure of the data or the restriction of processing to each recipient to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.
f) Right to data portability
You can exercise the right to data portability in accordance with Article 20 at any time. You will then receive your personal data in a structured, commonly used and machine-readable format and/or we will transmit this to a third party in line with your instructions, where technically possible.
g) Right to object
You have the right to object to the processing of personal data concerning you, which is carried out on the basis of points (e) or (f) of Article 6(1) GDPR, at any time.
In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. We also reserve the right to continue processing to establish, exercise or defend legal claims.
Where we process personal data for direct marketing purposes, you have the right to object to the processing of your personal data for the purpose of such marketing at any time.
h) Right to withdraw consent given under data protection law
You have the right to withdraw consent you have given under data protection law for the processing of personal data at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
i) Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR.
How long do we store your data for?
We only process and store your personal data for the period necessary to fulfil the purpose of the storage or for as long as provided for in the laws and regulations which our responsible team members are subject to.
If the purpose of the storage ceases to apply or a storage period prescribed by another legislator lapses, the personal data will be blocked or erased in accordance with legal requirements.
Based on our legitimate interests (i.e. interest in the analysis, optimisation and efficient running of our website in accordance with point (f) of Article 6(1) GDPR), our website gives users the option to integrate third-party content and services such as videos or typefaces (hereinafter referred to collectively as “Content”). To do so, the third-party providers always need to obtain users’ IP addresses because without IP addresses, they cannot transmit the Content to users’ browsers. An IP address is therefore necessary to display this Content. We endeavour to only use Content from providers who use IP addresses solely to supply the Content. Third-party providers may also use so-called pixel tags (transparent graphic images which are also called “web beacons”) for statistical or marketing purposes. “Pixel tags” enable information such as the number of visitors to the pages of the website to be analysed. The pseudonymous information may also be stored in cookies on users’ devices and may include things such as technical information on the browser and operating system, referrer sites, the time of the visit and other details of use of our website, and it may be combined with such information from other sources.
The description below provides an overview of the third-party providers and their content as well as links to their privacy policies, which contain further information on data processing and, as already mentioned here in some cases, possibilities to object (“opt out”).
Collection of access data and log files
Based on our legitimate interests in accordance with point (f) of Article 6(1) GDPR, we collect data on all access to the server (so-called server log files). The access data includes the name of the website visited, the file, date and time of the visit, volume of data transferred, notification of successful data retrieval, the browser type and version, the user’s operating system, the referrer URL (of the website visited before), the IP address and the requesting provider. For security reasons (e.g. to investigate misuse or fraud), log file information is stored for a maximum of seven days and then deleted. Data that must be stored for longer as evidence is exempt from erasure until the relevant incident has been conclusively resolved.
If you do not wish cookies to be saved on your computer, please disable the appropriate option in your browser’s system settings. Saved cookies can be deleted in the browser’s system settings. Disabling cookies can result in our website’s functions being restricted.
Google is certified under the Privacy Shield framework and therefore guarantees that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google uses this information on our behalf to analyse use of our website by users, to compile reports on activities within this website and to provide other services to us related to the use of this website and the Internet. As part of this process, pseudonymous usage profiles of users may be generated using the data processed.
We use Google Analytics so that the advertisements placed as part of Google’s advertising services and those of its partners are only displayed to users who have also showed interest in our online content or who exhibit certain features (e.g. interest in certain topics or products, based on the websites visited), which we transmit to Google (so-called “remarketing”, or “Google Analytics audiences”). Using the remarketing audiences, we also hope to ensure that our advertisements reflect users’ interests and are not annoying.
We only use Google Analytics with IP anonymisation activated. This means that users’ IP addresses are first truncated by Google within the Member States of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and truncated there.
The IP address transmitted by your browser is not merged with other data by Google. You can prevent cookies being saved via the appropriate setting in your browser software. Users can also prevent Google obtaining and processing the data generated by the cookie related to their use of the website by downloading and installing the browser plug-in available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
You can find further information on the use of data by Google and on configuration options and possibilities to object on Google’s website: https://www.google.com/intl/de/policies/privacy/partners (“How Google uses data when you use our partners’ websites or apps”), https://policies.google.com/technologies/ads (“How data is used for advertising purposes”), https://adssettings.google.com/authenticated (“Manage the information that Google uses to show you ads”).
Google (re)marketing services
Based on our legitimate interests (i.e. interests in the analysis, optimisation and efficient running of our website in accordance with point (f) of Article 6(1) GDPR), we use the marketing and remarketing services (“Google Marketing Services”) provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).
Google is certified under the Privacy Shield framework and therefore guarantees that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google Marketing Services enable us to target the advertisements we display for and on our website so that we only display to users advertisements that potentially reflect their interests. For example, when a user is shown advertisements for products that they have shown an interest in our website, this is called “remarketing”. For this purpose, when the user visits our website and other websites on which Google Marketing Services are activated, Google immediately executes a code and so-called (re)marketing tags (transparent graphic images or codes, also called “web beacons”) are integrated into the website. In this way, an individual cookie, i.e. a small file, is saved on the user’s device (technology similar to cookies can also be used). Cookies can be used by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which websites you have visited, which content you are interested in and which content you have clicked on, as well as technical information on your browser and operating system, referrer websites, the time of your visit and other details of your use of the website. Your IP address is also recorded, although we state that within the context of Google Analytics, your IP address is first truncated within the Member States of the European Union or in other states that are party to the Agreement on the European Economic Area and only sent to a Google server in the USA and truncated there in exceptional cases. Your IP address is not merged with other data from you as part of other Google services. The aforementioned information can also be merged by Google with such information from other sources. If you have subsequently visited other websites, you may be shown customised advertisements based on your interests.
User data is processed pseudonymously in the context of Google Marketing Services. This means that Google does not save and process users’ names or email addresses, for example, but processes the relevant data based on cookies within pseudonymous user profiles instead. This means that from Google’s perspective, advertisements are not managed and displayed for a specifically identified person but for the cookie owner, regardless of who this cookie owner is. This does not apply if a user has given their explicit consent for Google to process the data without being pseudonymised. The information about users collected by Google Marketing Services is transferred to Google and stored on Google’s servers in the USA.
The Google Marketing Services we use include the online advertising service “Google AdWords”. In the case of Google AdWords, every AdWords customer is given a different “conversion cookie”. Therefore, cookies cannot be tracked via AdWords customers’ websites. The information obtained using cookies is used to generate conversion statistics for AdWords customers that have opted in to conversion tracking. AdWords customers are told the total number of users that have clicked on their advertisements and been redirected to a page with a conversion tracking tag. However, we do not obtain any information that enables us to identify users personally.
We may also use the “Google Optimizer” service. Google Optimizer enables us to see the effects of various changes to a website (e.g. changes to input fields, the design, etc.) in so-called “A/B tests”. Cookies are placed on users’ devices for the purpose of these tests. Only users’ pseudonymous data is used when doing so.
We also use “Google Tag Manager” to integrate Google’s analytics and marketing services into our website and to manage them.
If you wish to object to interest-related advertising using Google Marketing Services, you can make use of the configuration and opt-out options provided by Google: https://adssettings.google.com/authenticated.
Other Google services
We use the Hotjar, analytics software from Hotjar Ltd. (Ireland), for our website. Hotjar enables user behaviour (clicks, mouse movements, scrolls, etc.) on our website to be measures and analysed. When doing so, information generated by the tracking code and cookies is transferred to the Hotjar server in Ireland and stored there. The tracking code enables device-related data recorded by the device used and the associated browser and log files, which are automatically generated by our server, to be recorded.
Hotjar uses this information to analyse your use of our website and to compile reports on use. To provide its service, Hotjar also makes use of services from third-party companies, such as Google Analytics and Optimizely. These third-party companies may store information that your browser transmits when you visit the website, such as cookies or IP requests. For more detailed information on how Google Analytics and Optimizely store and use data, please see their relevant privacy policies.
The cookies that Hotjar uses have various life spans: Some only remain valid during your current visit, others for up to 365 days.
You can prevent Hotjar collecting data by clicking on the following link and following the instructions there: https://www.hotjar.com/legal/compliance/opt-out
The chat feature on our website gives you the option to contact our training team directly, so that we can answer your questions in real time. To provide this service, we work with LiveChat, Inc. (One International Place, Suite 1400, Boston, MA 02110-2619). You do not have to enter any personal data to use the real-time chat. However, when you use this feature, a chat log containing your anonymised IP address and your DNS entry as well as the information you have shared with us during the conversation is automatically created. We can forward this chat log on to you and delete it on request.
LiveChat has committed itself to the EU-US Privacy Shield framework and the Swiss-US Privacy Shield framework and therefore guarantees that it complies with European data protection law.
Online presence on social media
We maintain an online presence on social media networks and platforms to communicate with our customers, prospective customers and users active on them and to enable us to give them information on our services. The relevant providers’ terms and conditions and data processing guidelines apply when using these networks and platforms.
Facebook: Custom Audiences and Facebook marketing services
Based on our legitimate interests in analysing, optimising and efficiently running our website and for these purposes, the so-called “Facebook pixel” from the social media network Facebook, which is run by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA or, if you are resident in the EU, by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) is used on our website.
Facebook is certified under the Privacy Shield framework and therefore guarantees that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
The Facebook pixel enables Facebook to define users of our website as a target group for advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel so that the Facebook ads we place are only displayed to Facebook users who have also showed interest in our online content or who exhibit certain features (e.g. interest in certain topics or products, based on the websites visited), which we transmit to Facebook (so-called “Custom Audiences”). Using the Facebook pixel, we also hope to ensure that our Facebook ads reflect users’ interests and are not annoying. Using the Facebook pixel, we can also monitor the efficiency of Facebook ads for statistical and market research purposes by seeing whether users have been redirected to our website after clicking on a Facebook ad (so-called “conversions”).
Facebook processes data in accordance with its Data Policy: https://www.facebook.com/policy.php. You can find specific information and details on the Facebook pixel and how it works in Facebook’s Help Centre: https://www.facebook.com/business/help/651294705016616.
You can object to the recording of data using the Facebook pixel and the use of your data to display Facebook ads. To determine the types of advertisements that are displayed to you on Facebook, visit the page set up by Facebook and follow the instructions on adjusting usage-based advertising settings there: https://www.facebook.com/settings?tab=ads. The settings are adjusted across all platforms, i.e. they are applied for all devices such as desktop computers or mobile devices.
We have integrated components from Twitter on our website. The company that runs Twitter is Twitter, Inc. (1355 Market Street, Suite 900, San Francisco, CA 94103, USA). Twitter is a multilingual, publicly accessible microblogging service on which users can publish and share so-called Tweets (short messages with a maximum of 280 characters). These short messages are accessible to everyone, i.e. also for individuals not signed up to Twitter, and are displayed to the relevant user’s so-called “followers” on Twitter. Using hashtags, links and retweets, Twitter enables a wider range of users to be reached.
When you click the integrated Twitter symbol on our website, your web browser is automatically triggered to open Twitter. As a result, Twitter is informed of which specific sub-page you are visiting. The purpose of integrating the Twitter components is to enable our content to be spread further and to increase the number of visitors to our website.
If you are signed into Twitter at the same time, Twitter recognises our website and which sub-pages you are visiting every time you visit, for the entire duration of your visit. This information is gathered by the Twitter components and allocated to your account by Twitter. If you click on one of the Twitter buttons integrated into our website, the data and information provided is allocated to your personal Twitter user account and stored and processed by Twitter.
Via the Twitter components, Twitter is always informed that you have visited our website if you are signed into Twitter at the same time as visiting our website. This occurs regardless of whether you click on our integrated Twitter components or not. If you do not wish this information to be transmitted to Twitter in this way, you can prevent it being transmitted by signing out of your Twitter account before visiting our website.
Twitter’s applicable data protection provisions are available at https://twitter.com/privacy?lang=de abrufbar.
We have integrated components from Instagram on our website. The company that runs Instagram is Instagram LLC (1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA). Instagram is an audiovisual platform that enables its users to share photos and videos, including on other social media networks.
When you click the integrated Instagram symbol on our website, your web browser is automatically triggered to open Instagram. As a result, Instagram is informed of which specific sub-page you are visiting. The purpose of integrating the Instagram components on our website is to enable our content to be spread further and to increase the number of visitors to our website.
If you are signed into Instagram at the same time, Instagram recognises our website and which sub-pages you are visiting every time you visit, for the entire duration of your visit. This information is gathered by the Instagram components and allocated to your account by Instagram. If you click on one of the Instagram buttons integrated into our website, the data and information provided is allocated to your personal Instagram user account and stored and processed by Instagram.
Via the Instagram components, Instagram is always informed that you have visited our website if you are signed into Instagram at the same time as visiting our website. This occurs regardless of whether you click on our integrated Instagram components or not. If you do not wish this information to be transmitted to Instagram in this way, you can prevent it being transmitted by signing out of your Instagram account before visiting our website.
You can find further information and Instagram’s applicable data protection provisions at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.
We have integrated components from YouTube on our website. The company that runs YouTube is YouTube, LLC (901 Cherry Ave., San Bruno, CA 94066, USA). YouTube, LLC is a subsidiary of Google Inc. (1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA). YouTube is an Internet video portal that enables video clips to be posted, viewed, rated and commented on.
When you click the integrated YouTube symbol or element on our website, your web browser is automatically triggered to open YouTube. As a result, YouTube and Google are informed of which specific sub-page you are visiting. The purpose of integrating the YouTube components on our website is to enable our content to be spread further and to increase the number of visitors to our website.
When you are signed into YouTube at the same time, YouTube recognises which specific sub-page of our website you are visiting when you visit a page that contains a YouTube video. This information is collected by YouTube and Google and allocated to your YouTube account. This occurs regardless of whether you click on a YouTube video or not. If you do not wish this information to be transmitted to YouTube and Google in this way, you can prevent it being transmitted by signing out of your Instagram account before visiting our website.
We have integrated components from Xing on our website. The company that runs Xing is XING SE (Dammtorstraße 30, 20354 Hamburg, Germany). Xing is a web-based social media network that enables you to network with existing business contacts and to make new contacts. Users can set up a personal profile on Xing. Companies can create company profiles and post articles, job vacancies and news, among other things.
Every time you visit one of our pages that contains an integrated Xing component, your web browser automatically opens XING. During this technical process, Xing is informed of which specific sub-page of our website you are visiting.
If you are signed into Xing at the same time, Xing recognises our website and which sub-pages you are visiting every time you visit, for the entire duration of your visit. This information is gathered by the Xing components and allocated to your account by Xing. If you click on a Xing button integrated into our website, e.g. the “Share” button, Xing allocates this information to your personal user account and stores this personal data.
Via the Xing components, Xing is always informed that you have visited our website if you are signed into Xing at the same time as visiting our website, regardless of whether you have clicked on the Xing component or not. If you do not wish this information to be transmitted in this way, you can prevent this by signing out of your Xing account before visiting our website.
Every time you visit one of our pages that contains an integrated LinkedIn component, this component triggers your web browser to download LinkedIn automatically. LinkedIn is then informed of which specific sub-page of our website you are visiting.
If you are signed into LinkedIn at the same time, LinkedIn recognises our website and which sub-page of our website you are visiting every time you visit, for the entire duration of your visit. This information is gathered by the LinkedIn components and allocated to your account. If you click on a LinkedIn button integrated into our website, LinkedIn allocates this information to your personal user account and stores this personal data.
Via the components, LinkedIn is always informed that you have visited our website if you are signed into LinkedIn at the same time as visiting our website. This occurs regardless of whether you click on the LinkedIn component or not. If you do not wish this information to be transmitted in this way, you can prevent this by signing out of your LinkedIn account before visiting our website.
We also use the network’s marketing functions (so-called “LinkedIn Insight Tag”) on our website. In particular, the LinkedIn Insight Tag enables us to analyse the success of our campaigns on LinkedIn or define target groups for these based on users’ interactions with our website. If you have registered with LinkedIn, LinkedIn can allocate your interaction with our website to your user account. LinkedIn can also allocate your visit to our website to you and your user account if you click LinkedIn’s “Recommend” button and are signed into your LinkedIn account.
LinkedIn is certified under the Privacy Shield framework and therefore guarantees that it complies with European data protection law. (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active).
Curator (based in Sydney, Australia) is a social media aggregator that enables all social media channels to be combined into one stream. We do not store any personal data in connection with the handling of such processes. You can view Curator’s data protection provisions here: https://curator.io/privacy-policy/
Juicer (Juicer.io, 1515 7th Street, #424, Santa Monica, CA 90403) is a social media aggregator that enables us to combine all social media channels into one stream. We do not store any personal data in connection with the handling of such processes. You can view Juicer’s data protection provisions here: https://www.juicer.io/privacy
Weekly newsletters, bulletins & general mailings
Below is information on the content of our newsletter, the processes of subscription, dispatch and statistical analysis, and your rights to object. By subscribing to our newsletter, you give your consent for it to be sent to you and for the processes described.
We only send newsletters, emails and other electronic notifications with promotional information with recipients’ consent. Where, when subscribing to a newsletter, its content is described in concrete terms, this is decisive for your consent. Our newsletters also contain information on our products, offers, promotions and our company.
We use a so-called double opt-in method for subscription to our newsletter. This means that after subscribing, you receive an email asking you to confirm your subscription. This confirmation is necessary so that nobody can subscribe using unknown email addresses. Subscriptions to newsletters are recorded so that proof of the subscription process can be provided in accordance with legal requirements. This includes recording the date of subscription and confirmation, as well as the IP address. Changes to your data as saved by the dispatch service are also recorded.
The newsletter is sent using “MailChimp”, a newsletter dispatch platform from the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the dispatch service’s data protection provisions here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC t/a MailChimp is certified under the Privacy Shield framework and therefore guarantees that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active).
According to information provided by the dispatch service, it may also use this data is pseudonymised form, i.e. without it being attributed to a user, in order to optimise or improve its own services, e.g. for technical optimisation of the dispatch process and presentation of the newsletter or for statistical purposes, to determine which companies recipients come from. However, the dispatch service does not use our newsletter recipients’ data to write to them itself, nor does it share it with third parties.
To subscribe to the newsletter, we ask you for your name in addition to your email address so that we can address you personally in the newsletter.
The newsletter contains a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from the dispatch service’s server when the newsletter is opened. When it is retrieved, information such as that on your browser and your system is initially collected, as well as your IP address and the date of retrieval. This information is used for technical improvement of the services based on the technical data or the target groups and their reading habits based on the location of retrieval (which can be determined using the IP address) or the times of access. The statistical analysis also includes determining whether the newsletter is opened, when it is opened and which links are clicked on. This information may be attributed to specific newsletter recipients for technical reasons. However, it is neither our nor the dispatch service’s aim to monitor specific users. Instead, the purpose of the analyses is to understand the reading habits of our users as a group and to tailor our content to them or send different content that reflects our users’ interests.
The newsletter is dispatched and its performance is assessed based recipients’ consent in accordance with point (a) of Article 6(1) and Article 7 GDPR in conjunction with no. 3 of Section 7 (2) UWG (Gesetz gegen den unlauteren Wettbewerb [German Protection Against Unfair Competition Act]) and based on the statutory consent in accordance with Section 7 (3) UWG.
General legal bases
In accordance with Article 32, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, appropriate technical and organisational measures are taken to ensure a level of security appropriate to the risk. The measures include the encrypted transmission of data between your browser and our server; safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data as well as access, entry, sharing, safeguarding of availability and separation of data. We have also established procedures that guarantee the safeguarding of data subjects’ rights, the erasure of data and a response to risks to the data. We also take the protection of personal data into account when developing and/or selecting hardware, software and procedures: These must ensure data protection by design and by default (Article 25 GDPR).
||Nature of the amendment
||1 July 2017
||Change of name to trendig
||25 May 2018
||Adapted to GDPR
||21 June 2018
||Additions to third-party providers
||22 June 2018
||Additions to third-party providers
||27 June 2018
||Additions to third-party providers
||07 August 2018
||Additions to third-party providers