3. analysis services
Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. (1600 Amphitheater Parkway, Mountainview, California 94043, USA; hereinafter: "Google"). Google is heroal's processor in this context. We have concluded a corresponding order agreement with Google in accordance with Art. 28 GDPR.
Google Analytics enables us to analyze how users interact with the content provided on the website. On this basis, we can optimize our offers on the website. When Google Analytics is used, the following data is collected and transmitted to Google in the USA Data on the device and browser (host name, browser type, referrer, language), IP address and the respective user interaction on the website (e.g. which page a user accesses). In addition, a cookie is used to assign a random, pseudonymous ID to a user, to which the aforementioned information is assigned. This is usually a cookie ID. This is linked to the identifier of the cookie set by Google Analytics for the specific device. In addition, we set a user ID for cross-device tracking. We have also activated the anonymization function for IP addresses. This means that as soon as the IP packet arrives on Google's servers, the data is completely anonymized by Google.
The legal basis for the processing of the data collected is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent Google from collecting your data by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, you can click on the following link. An opt-out cookie will be set to prevent the future collection of your data when you visit this website: Click here to deactivate Google Analytics.
Further information on terms of use and data protection can be found at http://www.google.com/analytics/terms/de.html or at www.google.com/intl/de/analytics/privacyoverview.html.
Matomo (formerly Piwik)
The heroal Communicator uses the web analysis service Matomo, a service of InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand (hereinafter: "InnoCraft"), to analyze and regularly improve the use of our website. InnoCraft is heroal's processor in this context.
Cookies are stored on your computer for this analysis. We store the information collected in this way exclusively on our server in Germany.
The heroal Communicator uses Matomo with the "AnonymizeIP" extension. This means that IP addresses are further processed in abbreviated form, so that they cannot be directly linked to individuals. The IP address transmitted by your browser using Matomo is not merged with other data collected by us.
The legal basis for the processing of the collected data is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent InnoCraft from collecting your data by refusing your consent or revoking it at a later date in the cookie settings .
The Matomo program is an open source project. Information from the third-party provider on data protection can be found at http://Matomo.org/privacy/policy.
Hotjar
We use Hotjar, an analysis tool of Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta (hereinafter "Hotjar"), to better understand the needs of our users and to optimize the offer on this website. Hotjar is heroal's processor in this context
Hotjar's technology gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and dislike, etc.) and helps us to tailor our offering to our users' feedback. Hotjar works with cookies and other technologies to collect information about the behavior of our users and their devices (in particular IP address of the device (only collected and stored in anonymized form), screen size, device type (Unique Device Identifiers), information about the browser used, location (country only), preferred language for displaying our website). Hotjar stores this information in a pseudonymized user profile. The information is not used by Hotjar or by us to identify individual users or merged with other data about individual users. Further information can be found in Hotjar's privacy policy here.
The legal basis for the processing of the collected data is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent Hotjar from collecting your data by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, you can object to the processing by clicking on this opt-out link.
4. marketing services
Google Remarketing
We use Google Remarketing from Google Ads, a service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter: "Google"). Google is heroal's processor in this context.
The purpose of the remarketing function is to be able to show you our advertisements when you continue to use the Internet after visiting our website. This is done by means of cookies stored in your browser, which are used by Google to record and evaluate your usage behavior when you visit various websites. This enables Google to determine your previous visit to our website. When Google AdServices is used, the following data is collected and transmitted to Google in the USA Data on the device and browser (host name, browser type, referrer, language), IP address and the respective user interaction on our website as well as on other websites on which our ads are placed (e.g. which page a user visits, which products the user selects and purchases, which ads a user clicks on. In addition, a cookie is used to assign a random, pseudonymous ID to a user, to which the aforementioned information is assigned.
The legal basis for the processing of the data collected is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent Google from collecting your data by refusing your consent or revoking it at a later date in the cookie settings .
Further information on data protection when using Google Remarketing can be found at https://policies.google.com/technologies/ads.
Google DoubleClick
This website uses the online marketing tool DoubleClick, a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter: "Google"). Google is heroal's processor in this context.
DoubleClick uses cookies to display ads that are relevant to users, to improve campaign performance reports or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed more than once. In addition, DoubleClick can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a DoubleClick ad and later visits the advertiser's website with the same browser and makes a purchase there. According to Google, DoubleClick cookies do not contain any personal information.
Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool. By integrating DoubleClick, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out your IP address and store it.
The legal basis for the processing of the data collected is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent Google from collecting your data by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, you can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular by suppressing third-party cookies so that you do not receive any ads from third-party providers; b) by deactivating cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com" domain, whereby this setting will be deleted when you delete your cookies; c) by deactivating the interest-based ads of the providers that are part of the "About Ads" self-regulation campaign via the link http://www.aboutads.info/choices, whereby this setting will be deleted when you delete your cookies; d) by permanently deactivating them in your browsers under the link http://www.google.com/settings/ads/plugin.
Further information on DoubleClick by Google can be found at https://www.google.de/doubleclick and http://support.google.com/adsense/answer/2839090, as well as on data protection at Google in general: https://www.google.de/intl/de/policies/privacy.
Facebook Custom Audiences
Furthermore, the website uses the remarketing function "Custom Audiences" of Facebook Inc (1601 S California Ave, Palo Alto, California 94304, USA; hereinafter: "Facebook"). Facebook acts as a processor of heroal in accordance with Art. 28 GDPR, insofar as data is processed in the context of the use of Facebook Business Tools for the presentation of interest-based advertisements and for reach measurement. Facebook acts as joint controller with heroal insofar as data is processed in the context of the use of Facebook Business Tools to target ads and improve ad delivery.
The service enables us to show you interest-based advertisements ("Facebook ads") when you visit the Facebook social network or other websites that also use the process. The following personal data is collected for this purpose: pages you have viewed, topic pages visited, use of a Facebook ad, use of search terms, IP address.
If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a possibility that the provider will find out and store your IP address and other identifying features.
The legal basis for the processing of the data collected is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent Google from collecting your data by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, as a logged-in user, you can deactivate the cookie under the following link: https://www.facebook.com/settings/?tab=ads#_
Further information on data processing by Facebook can be found at https://www.facebook.com/about/privacy.
Adform A/S
Cookies from Adform A/S, Wildersgade 10B, 1, 1408 Copenhagen K, Denmark (hereinafter: "Adform") are used to place interest-based advertising. Adform acts as a processor for heroal in accordance with Art. 28 GDPR.
Adform is used to store information on the operating system, browser version, IP addresses, geographical location and number of clicks or views in pseudonymous user profiles. This data is used for the following purposes:
-
Recording the number of visitors to our websites
-
Determining the order in which a visitor visits the various pages of our website
-
Assessment of which parts of our website need to be adapted
-
Optimization of the website
The legal basis for the processing of the data collected is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent the collection of your data by Adform by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, you can use the following link to set an opt-out cookie that prevents any further data collection: https://site.adform.com/datenschutz-opt-out/
Microsoft Advertising
We use the remarketing and conversion tracking of Microsoft Advertising (formerly Bing Ads) on our website. This is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 - 6399, USA (hereinafter: "Microsoft"). In this context, Microsoft acts as its own controller for your data.
This solution enables us to place advertisements and track the user action for these advertisements. For this purpose, Microsoft sets a cookie when you click on an ad placed via Microsoft Advertising for which the advertiser has opted for conversion tracking. The cookie collects the following data and forwards it to Microsoft: user ID, ad data, i.e. data on access to ads placed and their use.
Microsoft uses this collected information to provide us with statistics on website visitors. This includes, among other things, information about the number of hits on our Bing advertising and about our websites that were subsequently accessed. Through cross-device tracking, Microsoft may also be able to track your user behavior across multiple devices. This allows Microsoft to show you personalized advertising across devices.
The legal basis for the processing of the data collected is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent the collection of your data by Microsoft by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, you can prevent the collection of data by making the appropriate settings in your Internet browser. If you have a Microsoft account, you can also adjust the settings for personalized advertising at https://choice.microsoft.com/de-de/opt-out .
For more information on Microsoft Advertising, data collection and use, and background information on protecting your privacy, please visit: https://help.bingads.microsoft.com/#apex/3/de/53056/2.
LinkedIn Insights and conversion tracking
We use the LinkedIn Insight Tag for this website, a service of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (hereinafter: "LinkedIn"). acts as a processor of heroal in accordance with Art. 28 GDPR.
The LinkedIn Insight Tag creates a cookie in your web browser that collects the following data: IP address, timestamp, page activity, demographic data from LinkedIn if the user is an active LinkedIn member.
This technology allows us to generate reports on the performance of our advertisements and information on website interaction. For this purpose, the LinkedIn Insight tag is integrated on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged into your LinkedIn account at the same time. We process your data to evaluate campaigns and collect information about website visitors who may have reached us via our campaigns on LinkedIn.
The legal basis for the processing of the data collected is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent LinkedIn from collecting your data by refusing your consent or revoking it at a later date in the cookie settings .
Further information on data protection at LinkedIn can be found here.
Pinterest Pixel (Pinterest Tag)
Furthermore, the so-called "Pinterest tag" of Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland ("Pinterest") is integrated on our website, which serves to analyze and optimize our online offer.
This allows Pinterest to determine the website visitor as a target group for the display of ads. Pinterest receives the information that the user has accessed the website and which offers they were interested in. If the website visitor is also a Pinterest member, corresponding advertisements and offers can also be displayed on Pinterest (via so-called "Custom Audiences").
We want to use the Pinterest tag to ensure that our Pinterest ads correspond to the potential interest of users and are not annoying. With the help of the Pinterest tag, we can track the effectiveness of Pinterest ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Pinterest ad (so-called "conversion").
The following information is processed during use: Device information, operating system used, IP address, time of access to our website. In this context, personal data is transferred to the USA.
The legal basis for the associated data processing is Art. 6 para. 1 a) or Art. 49 para. 1 a) GDPR in conjunction with your consent.
Revocation: You can revoke your consent to the use of marketing cookies and smart pixels at any time with effect for the future. You can find the link to the cookie settings in the footer.
Taboola
This website uses Taboola's content discovery technology to recommend other online content that may be of interest to you. To drive these recommendations, Taboola collects information about your device and your behavior on this website (and other partner sites) through cookies and similar technologies. For more information, please see Taboola's Privacy Policy or click here to opt-out.
5. integrated services from third-party providers
Google Maps
This website uses the product Google Maps. Google Maps is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google").
Google Maps is integrated using the two-click solution. If you give your consent pursuant to Art. 6 (1) (a) GDPR to activate Google Maps by clicking on the plug-in on a sub-page in which Google Maps is embedded, Google receives the information that you have accessed the corresponding sub-page of our website. In addition, data is collected that your browser transmits to Google. This includes, for example, IP address, date and time of the request, amount of data transferred, operating system and its interface, language and version of the browser software.
This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as user profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website.
You can find more information on the processing of your personal data by Google here: https://policies.google.com/privacy?hl=de.
YouTube
We have integrated YouTube videos into our online offering, which are stored on www.youtube.com and can be played directly from our website. YouTube is a service of Google LLC, 1600 Amphitheater Parkway, Mountainview, California 94043, USA (hereinafter referred to as "Google").
The videos are integrated in "extended data protection mode", i.e. no data about you as a user is transmitted to Google if you do not play the videos. Only when you play a video does Google receive the information that you have accessed the corresponding subpage of our website. In addition, data is collected that your browser transmits to YouTube. This includes, for example, IP address, date and time of the request, amount of data transferred, operating system and its interface, language and version of the browser software.
This takes place regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. The legal basis for the processing of this data is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you give when you click on the video.
Irrespective of the playback of the video, YouTube already sets cookies when you access the page in which the YouTube video is embedded, which send data from you (in particular IP address and pages visited) to the Google Double-Click network. The legal basis for the processing of this data is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you give in the cookie settings.
Further information on the purpose and scope of data collection and processing by YouTube can be found in Google's privacy policy at: https://www.google.de/intl/de/policies/privacy.
Vimeo
We use plugins from Vimeo, Inc. 555 West 18th Street, New York, New York 10011, USA on our website to make our company better known and to integrate videos with further information for you into the website.
The plugins are marked with a Vimeo logo.
We integrate these plug-ins using the so-called two-click method in order to protect visitors to our website in the best possible way. This means that your personal data (in particular your IP address) is not transmitted to Vimeo as soon as you access the website. Instead, you must first activate the embedded videos by clicking on them. With this click, you give your consent in accordance with Art. 6 para. 1 lit. a GDPR that a connection is established with the Vimeo servers.
Through this integration, Vimeo receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Vimeo profile or are not currently logged in.
This information (including your IP address) is transmitted directly from your browser to a Vimeo server in the USA and stored there. If you are logged in to Vimeo, Vimeo can directly associate your visit to our website with your account. If you interact with the plugins, for example by starting the video, this information is also transmitted directly to a Vimeo server and stored there.
If you do not want Vimeo to assign the data collected via our website directly to your account, you must log out of Vimeo before activating the plugins.
The data will be transferred to the USA as a third country in accordance with Art. 49 para. 1 lit. a) GDPR with your consent if you have given us this consent after we have informed you about the possible lack of or limited legal protection options and the lower level of data protection in the USA in contrast to the EU. Further information can be found in Vimeo's privacy policy: https://vimeo.com/privacy.
AddSearch
The search function on our website is provided by AddSearch Oy, Töölönkatu 4, FI-00100 Helsinki, Finland ("AddSearch"). When you use the search function (search field) on our website, data is transmitted to AddSearch. The search terms you enter and your IP address are transmitted.
AddSearch uses "Amazon Web Services" (AWS), based in the USA, as a processor. This means that some data processing may also take place outside the EU or the European Economic Area (EEA). By using standard contractual clauses of the EU Commission (Art. 46 para. 2 lit. C GDPR), security measures are taken to protect your personal data in the event of a possible transfer to the USA initiated by AWS. Further information on the standard contractual clauses can be found here .
Your personal data is transmitted on the basis of our legitimate interest in improving the user experience on our website through a search function, Art. 6 para. 1 lit. f GDPR. Information is only transmitted once at least three characters have been entered in the search function. No data is transmitted to AddSearch before this.
Further information can be found in the privacy policy of AddSearch.
Friendly Captcha
Friendly Captcha is an innovative, privacy-friendly protection solution from Friendly Captcha GmbH (Am Anger 3-5, 82237 Wörthsee, Germany, hereinafter "Friendly Captcha") to make it more difficult for automated programs and scripts (so-called "bots") to use websites. Friendly Captcha thus protects websites from misuse.
The service user integrates a program code from Friendly Captcha in certain areas of its website (for example, in a contact form). This causes the visitor's end device to establish a connection to the Friendly Captcha servers in connection with the protected area (for example, when submitting a contact form).
The visitor's browser receives a calculation task from Friendly Captcha. Its complexity depends on various risk factors. The visitor's end device solves the calculation task, which takes up certain system resources, and sends the calculation result to the service user's web server. This contacts the Friendly Captcha server via an interface and receives a response as to whether the puzzle has been solved correctly by the end device.
In addition, the visitor's browser transmits connection data, environmental data, interaction data and functional data to Friendly Captcha. Friendly Captcha evaluates this data and determines how likely it is that it is a human user or bot and sends the result to the service user.
Depending on this, the service user can treat access to their website or individual functions as human or potentially machine-based.
-
All data is used exclusively for the detection and treatment of potential bots and risks as described above. The purpose of the processing is therefore to ensure the security and functionality of websites.
-
Friendly Captcha does not use the data to identify a natural person or for marketing purposes.
-
Friendly Captcha does not store any personal data of the visitor. Data that could identify the visitor (such as IP addresses) is anonymized using one-way hashing.
-
Friendly Captcha does not use HTTP cookies and does not store any data in the persistent browser memory.
The legal basis for the data processing in this regard is Art. 6 para. 1 lit. a GDPR, insofar as you have consented to the use of Friendly Captcha. Otherwise, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing. We have a legitimate interest in ensuring the security and functionality of the website. By using Friendly Captcha, only the data absolutely necessary for this purpose is processed.
7. heroal Communicator
As a user of the heroal Communicator, you have the opportunity to view and/or download and/or otherwise use content related to our products, such as catalogs, design drawings and various software tools and software for managing and displaying content and data. On the other hand, you can communicate with us electronically via the heroal Communicator.
When you register for the heroal Communicator, we collect your personal data (mandatory fields: Title, first name, surname, address, company, e-mail address, telephone number, language; voluntary information: customer number, position in the company, fax number, website, products of interest to you) and your request. We store this inventory data in our customer relationship management system and, if necessary, merge it with contact data already stored there. Your usage data is analyzed anonymously to improve the heroal Communicator.
Personal data is processed on the basis of Article 6(1)(b) and (f) GDPR. The purpose of data processing and our legitimate interest lie in customer care, providing the aforementioned content, initiating contracts and being able to respond to messages sent to us.
8. making contact
You will find contact forms on our website that can be used to contact us electronically (e.g. specialist partner search). Alternatively, you can contact us via the e-mail addresses provided. If you contact us via one of these channels, we will collect the personal data entered and transmitted.
When using the contact form, the personal data processed consists of the master data entered there (mandatory fields: First name, last name, e-mail address, address; optional fields: Telephone number, the products you are interested in). If you contact us directly by e-mail, we will process your e-mail address and any personal data resulting from the text of the e-mail.
Processing is carried out on the basis of Article 6(1)(f) GDPR. The purpose of data processing and our legitimate interest lie in customer care and in being able to respond to messages sent to us.
9th Newsletter
heroal sends newsletters, e-mails and other electronic notifications (hereinafter "newsletter") on the basis of the consent of the recipient or legal permission. In our newsletter we inform you about current topics and news about heroal and the heroal product range.
We use the so-called double opt-in procedure to subscribe to our newsletter. After registering, an e-mail will be sent to the e-mail address provided asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 60 days, your information will be deleted. In addition, we store the IP addresses used and the times of registration and confirmation. The double opt-in procedure serves the purpose of being able to prove your registration and, if necessary, investigate any possible misuse of your personal data.
The only mandatory information for sending the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and is used to address you personally. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. (Legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR)
For the technical improvement of our newsletter, information on opening and click behavior is recorded. A separate revocation of the performance measurement is not possible.
You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter e-mail, by e-mail to info@heroal.de or by sending a message to the contact details given in the imprint.
We use the email marketing platform Mailchimp to send newsletters:
Email marketing platform; Service provider: "Mailchimp" - Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA; Website: https://mailchimp.com; Privacy Policy: https://mailchimp.com/legal/privacy/.
10. google web fonts
This website uses Google Web Fonts for the uniform presentation of content. When you access the website, fonts are retrieved from external Google servers in the USA. For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address.
The legal basis for the processing of the data collected is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can prevent Google from collecting your data by refusing your consent. You can also revoke your consent at any time later in the cookie settings . You can find information about Google Fonts here: https://developers.google.com/fonts/faq?hl=de-DE&csw=1
Information about your right to object in accordance with Art. 21 General Data Protection Regulation (GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR (data processing on the basis of a balancing of interests); this also applies to any profiling based on this provision within the meaning of Article 4(4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.
In individual cases, we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
The objection can be made in any form and should, if possible, be addressed to the offices named in the data protection declaration in the first section - general part under points 1 and 2.
