Introduction
We are pleased that you are interested in Paia Intelligence GmbH (hereinafter “We”, “Us”) and that you are visiting our website.
With the information presented below, we give you an overview of the processing of your personal data on our website https://www.paia-intelligence.com/ (hereinafter “website”).
We also want to inform you about your rights under data protection laws. We will always process your personal data in accordance with the General Data Protection Regulation (hereinafter “GDPR”), the Act on Data Protection and Protection of Privacy in Telecommunications and Telemedia (hereinafter “TTDSG”) and all applicable country-specific data protection regulations.
1 Responsibility
Responsible within the meaning of the GDPR is the
Paia Intelligence GmbH
Grünberger Str. 60
10245 Berlin
Email: info@paia-intelligence.com
2 data protection officer
You can reach our data protection officers as follows:
Robert W. Schönholz
You can contact our data protection officer directly at any time with any questions or suggestions regarding data protection or to exercise your rights.
3 Definition
This data protection declaration is based on the terms of the GDPR. To make things easier, we would like to explain some important terms in this context in more detail:
Personal data: Personal data is any information relating to an identified or identifiable natural person. A natural person is considered to be identifiable if he or she can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
Data subject: Data subject is any identified or identifiable natural person whose personal data is processed by the data controller.
Processing: Processing is any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data, such as the collection, recording, organization, structuring, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or other form of provision, alignment or combination, restriction, deletion or destruction.
Recipient: Recipient is a natural or legal person, public authority, agency or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, public authorities which may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
Third party: Third party is a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.
Consent: Consent is any voluntary, informed and unambiguous expression of wishes given by the data subject for a specific case in the form of a statement or other unambiguous confirmatory act by which the data subject indicates that he or she consents to the processing of personal data concerning him or her data is agreed.
4 Origin of personal data
We may receive personal information in the following ways:
4.1 Information You Provide
You have the opportunity to provide information (e.g. contact details) about yourself on our website.
4.2 Automatically collected and generated data
When you use our website, data is automatically collected and generated.
4.3 Data collected by third parties
To the extent that we maintain a presence on social and professional networks, we may receive data from you via these (e.g. if you contact us via a social or professional network or respond to one of our content shared there).
5 Scope, purpose, legal basis, storage period and, if applicable, recipient and third country transfer of the respective processing of personal data
5.1 General information
Below we will give you an overview of which personal data we process. For this purpose, we explain to what extent, for what purposes and on what legal basis we process personal data.
We will not pass on your personal data to third parties without your consent, unless this is permitted by law (e.g. because this is necessary for the performance of the contract).
The processing of your personal data may be based in particular on the following legal bases:
6 Para. 1, S. 1 lit. a) GDPR serves as the legal basis for processing operations in which we obtain consent for specific processing.
If the processing of personal data is necessary to fulfill a contract to which you are a party, the processing is based on Article 6 Paragraph 1 Sentence 1 Letter b) GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures.
If we are subject to a legal obligation that requires the processing of personal data, the processing is based on Art. 6 Paragraph 1 Sentence 1 Letter c) GDPR.
Furthermore, processing operations can be based on Article 6 Paragraph 1 Sentence 1 Letter f) GDPR. Processing operations are based on this legal basis if the processing is necessary to protect our legitimate interests, provided that the interests, fundamental rights and freedoms of the person concerned do not outweigh them.
5.2 Deletion of data
Unless a specific storage period is specified within this data protection notice, the data processed by us will be deleted in accordance with the legal requirements as soon as their consent for processing is revoked or other permissions no longer apply (e.g. if the purpose for processing this data no longer applies or they are not required for the purpose). Unless the data is deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies e.g. B. for data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.
5.3 Security measures
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, disclosure, ensuring availability and its separation. We have also set up procedures to ensure that the rights of those affected are exercised, data are deleted and responses are made to data threats. We also take the protection of personal data into account when developing or selecting hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
5.4 Transfer of personal data
As part of our processing of personal data, the data may be transmitted to or disclosed to other bodies, companies, legally independent organizational units or persons. The recipients of this data can include: B. include service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.
5.5 Website in general
5.5.1 Provision of the website, server log files
5.5.1.1 Scope of processing
To provide our website, we use storage space, computing capacity and software that we rent from a corresponding server provider (web host). These services also include sending, receiving and storing emails. In addition, when you visit our website, data that your browser transmits to our server is automatically processed. This general data and information is stored in the log files of the server (in so-called “server log files”). Can be recorded:
Browser type and browser version
operating system used
Referrer URL (previously visited website)
Host name of the accessing computer
Date and time of the server request
IP Address
5.5.1.2 Purpose of processing
When using this data and information, we do not draw any conclusions about you personally. The purposes we pursue include in particular:
Provision of our website
Provision of our online offering and user-friendliness
Operation and provision of information systems
Content Delivery Network (CDN)
Provision of contractual services
Customer service
Providing email communication
Ensuring a smooth connection to the website
Clarification of acts of abuse or fraud,
Problem analysis in the network
Evaluation of system security and stability.
5.5.1.3 Legal basis
The legal basis for data processing is our legitimate interest within the meaning of Art. 6 Para. 1, S. 1 lit. f) GDPR. We have a legitimate interest in being able to provide our website in a technically flawless manner.
5.5.1.4 Recipients of personal data
Our website uses services from Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA (hereinafter referred to as “Cloudflare”). Cloudflare offers a globally distributed content delivery network with DNS. Technically, the information transfer between your browser and our website is routed via the Cloudflare network. This enables Cloudflare to analyze the traffic between your browser and our website and act as a filter between our servers and potentially harmful traffic from the Internet.
We use Cloudflare to provide our website efficiently and securely. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR.
The information collected is usually transferred by Cloudflare to a server in the USA and stored there. Cloudflare's privacy policy applies here: https://www.cloudflare.com/privacypolicy/
Cloudflare is a certified participant of the EU-U.S. Data Privacy Framework, which ensures the correct and secure data transmission of personal data. More information can be found at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnZKAA0&status=Active
Information about the data protection regulations and further information on data collection and processing by Cloudflare can be found here: https://www.cloudflare.com/security-policy.
5.5.2 Use of cookies
5.5.2.1 General information
We use cookies on our website.
These are text files that your browser automatically creates and that are stored on your IT system when you visit our site. Through cookies, certain information flows to the location that sets the cookie. By using cookies, it is not possible to run programs or transfer viruses to your device.
If you do not want cookies to be used, you can switch them off in the settings.
When you visit our website or a sub-website for the first time and it contains cookies, you will be shown a “cookie banner”. There you will be informed about the individual cookies we use. You can find out more about each individual cookie regarding the name, provider, purpose of processing and storage period. You can also allow us to use non-essential cookies and reverse this decision there.
From a legal perspective, a distinction must be made between necessary and non-necessary cookies.
5.5.2.2 Necessary cookies
We use necessary cookies. These are cookies that are technically necessary to provide all functions of our website. The legal basis for data processing is our legitimate interest within the meaning of Art. 6 Para. 1, S. 1 lit. f) GDPR. We have an overriding legitimate interest in being able to offer our offering in a technically flawless manner. The legal basis for the use of cookies towards our contractual partners who use contractual services owed to us via our website is Art. 6 Paragraph I lit. b) GDPR, the provision of our contractual services.
5.5.2.3 Non-essential cookies
We also use non-essential cookies (e.g. analysis and marketing cookies). These are cookies that are not technically necessary. We use this to understand your behavior on our website and to improve our offering. The legal basis for data processing is your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a) GDPR. The cookies are only set after you have given your consent via our “cookie banner”.
5.5.2.4 Storage period
With regard to the storage period, the following types of cookies are distinguished:
Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their device (e.g. browser or mobile application).
Permanent cookies: Permanent cookies remain stored even after the device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. User data collected using cookies can also be used to measure reach. Unless we provide users with explicit information about the type and storage period of cookies (e.g. when obtaining consent), users should assume that cookies are permanent and that the storage period can be up to two years.
5.5.3 Cookie-Banner
5.5.3.1 Scope of processing
We use Cookiebot, a service provided by Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany (hereinafter referred to as “Cookiebot”), to obtain and manage consent to the use of cookies and similar technologies on our website.
Cookiebot allows us to offer visitors to our website clear and user-friendly cookie consent management. Information about the cookies and similar technologies used on our website is provided, and the user can specifically give or revoke their consent to the use of these technologies.
5.5.3.2 Purpose of processing
We process your personal data for the following purposes:
Informing the user about the cookies we use
Enable you to consent to cookies that are not technically necessary
5.5.3.3 Legal basis for processing
The legal basis for the use of the cookie banner is Art. 6 Para. 1, S. 1 lit. f) GDPR. We have an overriding legitimate interest in using the cookie banner, which enables us to obtain the legally required consent for the use of non-essential cookies and to fulfill our obligation to provide information regarding cookies.
5.5.3.4 Storage period
The cookie banner stores the preferences until you reset or adjust them.
5.5.3.5 Recipients of personal data
Your data will be passed on to a service provider for cookie banners as part of order processing to the extent necessary.
5.6 Contact options
5.6.1 Scope of processing
You have the option of contacting us via email via our website.
As part of contacting you and answering your query, we process the following personal data from you:
First and Last Name
Email-Address
Telephone number
Address details
Date and time of the request
IP Address
Communication content
5.6.2 Purpose of processing
We process your data to answer your inquiry and other resulting matters.
5.6.3 Legal basis
If your request is based on pre-contractual measures or an existing contract with us, the legal basis is the fulfillment of the contract and implementation of pre-contractual measures in accordance with Article 6 Paragraph 1 Sentence 1 Letter b) GDPR.
If your request is made independently of pre-contractual measures or existing contracts with us, our overriding legitimate interests in accordance with Article 6 Paragraph 1 Sentence 1 Letter f) GDPR constitute the legal basis. We have an overriding legitimate interest in providing visitors to our Website to provide an option whereby you can contact us.
5.6.4 Storage period
We delete your personal data as soon as they are no longer necessary to achieve the purpose for which they were collected. In the context of contact inquiries, this is generally the case if the circumstances indicate that the specific matter has been finally dealt with.
5.7 Google Analytics
5.7.1 Scope and purpose of processing
This website uses functions of the web analysis service Google Analytics. We use Google Analytics to analyze your user behavior in order to make decisions regarding product and marketing optimization based on the results. Through Google Analytics we process, among other things, the following personal data:
Time of request
The IP address
Online labels
Device identifiers
Technical characteristics of users (e.g. browser type and version, device type, operating system)
Measurement of usage behavior (e.g. views of individual pages/content, views of content in different areas, session duration/dwell time, bounce rate
Use of individual functionalities of the website (e.g. search queries, downloads)
eCommerce activity (e.g. products purchased, sales)
Referral URL (the previously visited page)
5.7.2 Legal basis
The legal basis for the use of Google Analytics is the voluntary and revocable consent you have given in accordance with Article 6 (1) (a) GDPR. You can revoke your consent at any time with future effect by making the appropriate changes or adjustments in your cookie settings.
5.7.3 Storage period
Personal data will be anonymized by Google 14 months after your last activity, unless there are legal obligations to retain it.
5.8 Social media appearances
5.8.1 General information
We use third-party platforms to provide you with information about our company and our products and services. Interactions such as messages, likes and content on our social media channels are processed.
In addition, we receive non-personal data from third-party platforms, such as the total number of measures played by the platform operator or preferred visiting and posting times. We have no influence on the creation and provision of this data. The legal basis for processing is Article 6 Paragraph 1 Letter f of the GDPR; our legitimate interest lies in improving our marketing measures.
The associated personal data processing takes place exclusively under the responsibility of the platform operator. Further information on data processing can be found in the data protection declarations of the respective providers:
Instagram: https://de-de.facebook.com/help/instagram/519522125107875
YouTube:https://policies.google.com/privacy
LinkedIn:https://www.linkedin.com/legal/privacy-policy?_l=de_DE
TikTok: https://www.tiktok.com/legal/page/eea/privacy-policy/en
5.9 Integration of third-party services and content
5.9.1 General information
We use content or service offerings from third-party providers within our online offering to provide their content and services, such as: B. to integrate videos or fonts (hereinafter referred to as “content”).
This always assumes that the third party providers of this content are aware of the user's IP address, as without the IP address they would not be able to send the content to their browser. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offering, as well as being linked to such information from other sources.
5.10 Adobe Fonts
To display fonts on our website, we use Adobe Fonts, a service provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland (hereinafter referred to as “Adobe Fonts”). When the website loads, your web browser loads the required fonts directly from Adobe Fonts' servers to ensure a consistent and attractive display.
By using Adobe Fonts, Adobe may collect information about the use of the fonts, including IP address, browser type, device type, operating system, date and time of access, and information about the website from which access was made. This information is used for quality assurance and statistical evaluation of the use of Adobe Fonts.
The use of Adobe Fonts is in the interest of a uniform and attractive presentation of our website and represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.
Further information about Adobe Fonts' privacy policy can be found at: https://www.adobe.com/privacy/policies/adobe-fonts.html
Please note that when using Adobe Fonts, personal data may be transferred from servers in the USA and stored there. Adobe Fonts has committed to the EU-U.S. Data Privacy Framework to ensure appropriate data protection standards for transfers of personal data from the EU to the USA. For more information, visit: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TNo9AAG&status=Active
You can prevent Adobe Fonts from collecting and processing your data by deactivating JavaScript in your browser or using a script blocker. Please note, however, that this may affect the display of our website.
5.11 YouTube
On our website we include videos from the YouTube platform, which are provided by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter referred to as “YouTube”). The integration takes place in extended data protection mode, which only allows data to be transferred to YouTube when you play the video.
By playing the embedded YouTube videos, YouTube and Google receive information that you have visited our website. Among other things, your IP address, browser type, operating system, referrer URL and other device-related information may be recorded and transmitted to YouTube servers in the USA. This transfer occurs regardless of whether you have a YouTube account or are logged in there. If you are logged into your YouTube account while playing a YouTube video, YouTube and Google can also assign this information to your user account.
YouTube videos are integrated to provide you with multimedia content on our website. Personal data will only be transmitted to YouTube based on your consent, Article 6 Paragraph 1 Sentence 1 Letter a) GDPR.
Further information about YouTube's privacy policy can be found at: https://policies.google.com/privacy
Please note that YouTube may process personal data on servers in the USA. YouTube has joined the EU-U.S. Data Privacy Framework to ensure appropriate data protection standards for transfers of personal data from the EU to the USA. For more information, visit: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
If you would like to prevent the transmission of data to YouTube when playing embedded videos on our website, we recommend that you activate the appropriate data protection settings in your browser before playing the video.
6 Your rights
In this section we inform you about what rights you have regarding the processing of your data. The exact scope of the respective right can be found in the corresponding article of the GDPR. If you want to exercise any of your rights, please contact us via email (info@paia-intelligence.com).
6.1 Right to Confirmation
You have the right to request confirmation from us as to whether we are processing personal data relating to you.
6.2 Information (Article 15 GDPR)
You have the right to receive free information from us at any time about the personal data stored about you as well as a copy of this data in accordance with the statutory provisions.
6.3 Correction (Article 16 GDPR)
You have the right to request that inaccurate personal data concerning you be corrected. You also have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.
6.4 Deletion (Article 17 GDPR)
You have the right to request that personal data concerning you be deleted immediately if one of the reasons provided for by law applies and to the extent that processing or storage is not necessary.
6.5 Restriction of processing (Article 18 GDPR)
You have the right to request that we restrict processing if one of the legal requirements is met.
6.6 Data portability (Article 20 GDPR)
You have the right to receive the personal data relating to you that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another person responsible without hindrance from us to whom the personal data has been provided, provided that the processing is based on consent in accordance with Article 6 Paragraph 1, Sentence 1 Letter a) GDPR or 9 Para. 2 lit. a) GDPR or on a contract in accordance with Art. 6 Para. 1 Sentence 1 lit which is in the public interest or in the exercise of official authority vested in us.
In addition, when exercising your right to data portability in accordance with Article 20 Para. 1 GDPR, you have the right to have the personal data transmitted directly from one person responsible to another person responsible, to the extent that this is technically feasible and provided that this does not apply Rights and freedoms of other people are impaired.
6.7 Objection (Article 21 GDPR)
You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you, which is based on data processing in the public interest in accordance with Article 6 Paragraph 1 Sentence 1 Letter e) GDPR or The basis for our legitimate interest in accordance with Article 6 Paragraph 1 Sentence 1 Letter f) GDPR is to lodge an objection.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
6.8 Revocation of data protection consent
You have the right to revoke your consent to the processing of personal data at any time with future effect.
6.9 Complaint to a supervisory authority
You have the right to complain about our processing of personal data to a supervisory authority responsible for data protection.
7 Currentness and changes to the data protection information
This data protection notice is currently valid and has the following status: July 2024.
If we further develop our website and our offerings or if legal or regulatory requirements change, it may be necessary to change this data protection notice. You can access the current data protection information here at any time.