Privacy Policy for Adserving via advolution.control

Person responsible:

Name:                                                   Digital Control GmbH & Co. KG

Street, house number:                       Kaistraße 16a

Post code, town/city, country:           40221 Düsseldorf, Deutschland

Commercial Register, no.:                Amtsgericht Düsseldorf, HRA 24347

Managing Director:                            Dominik Heck

Telephone number:                           +49 211 9753208 - 0

E-mail address:                                   info@digital-control.biz

Data Protection Officer:

Name:                                                   Julia Epp

Street, house number:                       Kaistraße 16a

Post code, town/city, country:           40221 Düsseldorf, Deutschland

Telephone number:                           +49 211 9753208 - 0

E-mail address:                                  datenschutz@digital-control.biz

1.     Fundamental information on data processing and legal basis

1.1.      This Privacy Policy describes how we process personal data collected in context of our adserving (delivery, measurement and optimisation of digital advertisement – product name “advolution.control) and describes the scope and purpose of these activities. We are therefore in compliance with our information duties in accordance with Articles 12, 13 and 14 of the EU General Data Protection Regulation (GDPR) and Sections 32, 33 and 55 of the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). This Privacy Policy applies to all situations, regardless of which domain, system, platform or device (e.g. desktop or mobile) the websites are accessed on.

1.2.      With respect to the terminology used, e.g. ‘personal data’ or the ‘use’ of such data, please refer to the definitions given in Article 4 of the GDPR.

1.3.      Data processed within the scope of our online presence includes pseudonymised usage data (e.g. the advertising medium visited, the number of AdImpressions, the number of clicks and actions on the website of the advertiser, i.e. filling in a web form or a sale) and their characteristics (e.g. revenue, number of sales). We avoid processing data that is directly related to a natural person.

1.4.      The term ‘user’ includes all categories of persons affected by data processing. This includes mainly users who visited advertising media and business partners, customers, interested parties. The terminology used is intended to be gender-neutral.

1.5.      We process the personal data of users exclusively in compliance with the relevant data protection provisions. This means that user data is processed only where this is permissible by law.

In particular, this refers to where data processing is required by law or is required for us to provide contractual services (e.g. processing orders), or for our online services, where the user has provided his or her consent, or where this is based on our legitimate interests (i.e. interests in the analysis, optimisation and economical operation and security within the meaning of Article 6 Paragraph 1 Letter f. of the GDPR for our customers, with particular reference to measuring reach, creating profiles for advertising and marketing purposes, collecting access data and using services from third-party providers).

1.6.      Please note that the legal basis of consent is Article 6 Paragraph 1 Letter a. and Article 7 of the GDPR, the legal basis for processing to fulfil our services and carry out contractual measures is Article 6 Paragraph 1 Letter b. of the GDPR, the legal basis for processing to meet our legal obligations is Article 6 Paragraph 1 Letter c. of the GDPR, and the legal basis for processing to safeguard our legitimate interests is Article 6 Paragraph 1 Letter f. of the GDPR.

2.     Security measures

2.1.      We take organisational, contractual and technical security measures that are up-to-date to ensure that we comply with the provisions of data protection laws, thus safeguarding the data processed by us against accidental or intentional manipulation, loss and destruction, and against access by unauthorised persons.

2.2.      In particular, security measures include the encrypted transmission of data between your browser and our server.

3.     Sharing data with third parties and third-party providers

3.1.      Data is only shared with third parties and third party providers in accordance with legal provisions. Even then, we only share user data with third parties if this is required for contractual purposes, e.g. based on Article 6 Paragraph 1 Letter b) of the GDPR, or for the economic and effective operation of our business based on our legitimate interests in accordance with Article 6 Paragraph 1 Letter f of the GDPR.

3.2.      If we use subcontractors to provide our services, we make suitable legal arrangements and take appropriate technical and organisational steps to ensure that the personal data is safeguarded in line with the relevant legal provisions.

3.3.      If, as part of this Privacy Policy, content, tools or other means are used by other providers (hereinafter referred to together as ‘third-party providers’ and their registered office is located in a third country, it is assumed that data is transferred to the country in which the third-party providers have their registered offices. Third countries are considered to be those in which the GDPR does not have direct effect in law, i.e. mainly countries outside the EU, or outside the European Economic Area. Data is sent to third countries either where there is an appropriate level of data protection, or where user consent or another legal permission is in place.

4.     Contact

4.1.      If you contact us (via the contact form or by e-mail), user information is used to process the contact request and then settle it in accordance with Article 6 Paragraph 1 Letter b) of the GDPR, and is saved in our website’s content management system in case there are any follow-up questions.

5.     Collecting access data and log files

5.1.      We, and/or our technical service provider, shall collect data based on our legitimate interests within the meaning of Article 6 Paragraph 1 Letter f. of the GDPR by accessing the server for the website on which you find this service (‘server log files’). Access data includes the name of the website accessed, the file, date and time of access, data volume transferred, a successful access alert, browser type including version, the user’s operating system, the referrer URL (the site visited immediately before), the IP address and the requesting provider.

5.2.      For security reasons (e.g. to assist in resolving cases of misuse or fraud), log file information is saved for a maximum of one year before being deleted. If data must be stored for evidence purposes, deletion is excluded until the incident has been fully resolved.

5.3.      We use log data exclusively for statistical evaluation for operational, security and website optimisation purposes. However, we reserve the right to subsequently review log data if there is a justified suspicion of unlawful use based on concrete evidence.

6.     Cookies and reach measurement

6.1.      The term ‘cookies’ refers to information that is sent from our web server or from third-party web servers to the user’s web browser and stored there for later use. Cookies may be small files or may constitute other forms of information storage.

Cookies are small files that make it possible for specific information about the device to be saved on the user’s accessing device (PC, tablet, smartphone, etc.) They are used to make websites more user-friendly, thus helping users (e.g. by storing log-in details). They are also used for collecting statistical data relating to website use and advertising contacts, which can then be analysed for the purposes of digital advertising, campaign and website improvement. The user can change how cookies are used.

6.2.      The user is informed of the use of cookies within the scope of pseudonymous reach measurement as part of this Privacy Policy.

6.3.      We utilise cookies to manage and optimise the display of advertising media placed by advolution.control’s clients for the user. For instance, this affects the maximum display frequency of advertising media that a user gets to see. In addition, advolution.control uses stored cookie information for statistical purposes.

6.4.      Advolution.control does not store any personal data such as name, email addresses or other personal information with cookies. All information is purely anonymous or pseudonymous and contains technical information such as the display frequency and display date of advertising media, the browser used, or even the operating system installed.

6.5.      Cookie opt-out/ how can I disable advolution.control’s data collection?

a.     Enable Do Not Track in your browser. Advolution.control will respect this setting and not collect data from this browser.

b.     Data collection is stopped by clicking on the link below:

In this case, advolution replaces the current cookie with an opt-out cookie. This opt-out cookie deletes previously stored information and prevents further data collection by advolution.control.

IMPORTANT: if this opt-out cookie is deleted, advolution.control can no longer determine whether an opt-out has taken place. The process must be repeated in this case.
Please click here to create the cookie!

Existant cookie data has been deleted and an opt-out cookie was set. No data of this browser will be collected by advolution.control.

c.     Our ad serving may load additional services for measuring digital advertising that enable our customers to optimise their digital advertising or track performance. We do not provide any information to these services which enable them to identify natural persons.. If you would like to oppose the setting of other marketing- or advertising-related cookies in addition to the cookies set by advolution.control, you can set this up via the Network Advertising Initiative’s opt-out page (http://optout.networkadvertising.org), the Digital Advertising Alliance’s US site (http://www.aboutads.info/choices) or the European Interactive Digital Advertising Alliance’s European site (http://www.youronlinechoices.com/uk/your-ad-choices).

Further on you can oppose -amongst others- the following services on the following web pages:

https://www.exactag.com/datenschutz/
http://theadex.com/opt-out
http://www.nielsen.com/de/de/privacy-policy.html
http://www.adsrvr.org/
https://policies.google.com/privacy?hl=en
http://www.gfk.com/de/datenschutz/
https://www.ingenioustechnologies.com/de/privacy-policy/

d.     If users do not want cookies to be stored on their computer, they will be asked to disable the option in their browser's system settings. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

7.     User rights

7.1.      Users have the right to obtain information free of charge on the personal data we have collected about them.

7.2.      In addition, users have the right to correct any inaccurate data, restrict the processing of their personal data or delete it, and, where applicable, assert their right to data portability. Users also have the right to submit a complaint to the relevant supervisory authorities if they suspect that data has been processed unlawfully.

7.3.      Users may also withdraw their consent, generally with effect for the future.

8.     Deletion of data

8.1.      The data stored by us is deleted once it is no longer required for the designated purpose and provided that we have no statutory obligation to retain said data. In the event user data is not deleted because it is required for other purposes permitted by law, then its processing shall be restricted accordingly, i.e. the data shall be blocked and no longer processed for other purposes. This applies, for example to user data that must be retained due to commercial or tax requirements.

8.2.      According to statutory regulations, documents must be retained for 6 years as per Section 257 Paragraph 1 of the German Commercial Code (Handelsgesetzbuch, HGB) (accounting ledgers, inventories, opening balance sheets, annual financial statements, trade letters, accounting records, etc.) and for 10 years as per Section 147 Paragraph 1 of the German Fiscal Code (Abgabenordnung, AO) (accounts and records, situation reports, accounting records, trade and business letters, other documents of relevance for taxation, etc.).

9.     Right to object

Users can object to the future processing of their personal data at any time in accordance with statutory provisions. This right to object applies in particular to the processing of data for the purposes of direct advertising.

10.   Amendments to this Privacy Policy

10.1.   We reserve the right to amend this Privacy Policy at any time to reflect changes in the legal situation or changes relating to the service or data processing. This only applies to declarations concerning data processing, however. If user consent is required or if the Privacy Policy contains provisions for the contractual relationship with the users, the changes shall only be made with the consent of the users.

10.2.   Users are requested to check the Privacy Policy on a regular basis to keep up-to-date with its content.

 

This Privacy Policy has been prepared by the Data Protection Officer of Digital Control GmbH &. Co. KG, based on a template provided by the lawyer D. Thomas Schwenke https://drschwenke.de/dsgvo-guide.

Düsseldorf, April 2018