OpenRad InLine White

Privacy Policy

OpenRad Data Protection Notice

Please scroll down for German version.

OpenRad Germany GmbH (“we”, “our”, “us”) processes personal data only as provided by law, in particular the EU General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the German Data Protection Act (Bundesdatenschutzgesetz, “BDSG”). This data protection notice (the “Notice”) provides information about the processing of personal data relating to you when using our website and its functions at www.openrad.com (our “Website”).

Personal data refers to any information relating to an identified or identifiable natural person (“Data Subjects”), such as our Website visitors, and may include their name, contact details or technical identifiers.

 

1. Who We Are and How You Can Reach Our Data Protection Officer

 

1.1 Our Identity as Data Controller / Our Data Protection Officer 

We process personal data relating to you as data controller. You can contact us in a number of ways: 

Postal address: OpenRad Germany GmbH, c/o Marcol, Charlottenstr. 24, 10117 Berlin, Germany
Telephone: 0049 (0)177 4114618
Email:  

Our Data Protection Officer can be contacted via email to . 

 

2. How We Process Personal Data When You Visit This Website

 

2.1 Personal Data Processing By Our Web Servers 

When you visit our Website without providing any other personal data that is technically necessary for establishing a connection to our web servers and for displaying our Website, your browser will automatically send certain information to our web servers. The following categories of personal data are collected automatically: 

  • Public IP address of the requesting entity or of your end user device; 
  • Date and time of the request, time zone included; 
  • Requested URL, including query parameters and request headers; 
  • Access status/HTTP status code; 
  • Amount of data transferred in each case;
  • Website from which the request originates (so-called referrer URL); 
  • HTTP headers (including your browser type, version and language; your operating system and interface; name of your Internet Service Provider). 

 

The legal basis we rely on to process your personal data is Art. 6(1), sentence 1, lit. f GDPR, which allows us to process personal data when it is necessary for our legitimate interests. In particular, we process the abovementioned categories of personal data for ensuring the continuity of our business by letting you access our Website without disruptions and maintain the integrity of our IT systems (e.g., for preventing server overload through distributed denial-of-service (DDoS) attacks). Such personal data will be temporarily stored in server log files for as long as necessary to maintain and improve the security and stability of our IT systems over a period of 90 days.Seitenumbruch 

 

2.2 Use of Host Europe GmbH as Our Hosting Services Provider 

We are using hosting services provided by Host Europe GmbH (“Host Europe”). You can find Host Europe’s privacy policy at www.hosteurope.de/en/terms-and-conditions/privacy. We have signed a data processing agreement with Host Europe, which is acting as data processor and processes personal data of Website visitors on our behalf and instructions on servers that are located in France. 

With regard to personal data transfers by Host Europe GmbH to a country outside of the European Union or the European Economic Area, including the United States of America, we have entered into Standard Contractual Clauses (Module 2: Transfer controller to processor) as appropriate safeguards with Host Europe GmbH. You can find a copy of the Standard Contractual Clauses at www.hosteurope.de/en/terms-and-conditions. 

 

2.3 Use of Google Analytics to Get Insights into How Visitors Use Our Website 

Our Website uses the web analytics service Google Analytics 4 (“Google Analytics”) to allow us to analyze and regularly improve the use of our Website. Google Analytics is a web analytics service provided by Google LLC. The responsible service provider in the EU is [Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

 For analyzing the use of our Website, cookies are stored on your computer (please refer to section ‎4 for more information in this regard).  

IP address anonymization is enabled by default when using Google Analytics on our Website. This means your IP address will be shortened by Google within Member States of the European Union or in other states party to the Agreement on the European Economic Area, before any storage or processing takes place. Only in exceptional cases the whole IP address will first be transferred to a server in the United States and truncated there.  

We use the “User ID” feature when using Google Analytics on our Website. The User ID feature allows us to assign a unique, persistent ID to one or more user sessions (and user activities within sessions) and analyse your behaviour across different devices.  

We use the “Google Signals” feature when using Google Analytics on our Website. If you have activated personalized ads (e.g., interests and demographics), Google will collect additional information about you and ads can be delivered to you in the course of cross-device re-marketing campaigns.  

When using our Website, the following personal data will be collected:  

  • the pages you call up, your “click behavior“
  • achievement of “website goals” (conversions, e.g., newsletter registrations, downloads)
  • your user behavior (e.g., clicks, time spent, bounce rates) 
  • your approximate location (region) 
  • your IP address (in abbreviated form) 
  • technical information about your browser and the end devices you use (e.g., language settings, screen resolution) 
  • your internet provider 
  • the referrer URL (via which website/advertising medium you came to our Website) 

 

Google will use this information on our behalf to evaluate your use of our Website and to compile reports on the activities. The reports provided by Google are used to analyse the performance of our Website and the success of our marketing campaigns. We have concluded a data processing agreement with Google for this purpose. 

Access by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and/or US authorities to the data stored by Google cannot be ruled out.  

To the extent personal data is processed in a country outside the European Economic Area that does not provide for an adequate level of data protection, such as for example currently the USA, we have entered into contractual safeguards based on EU Standard Contractual Clauses with Google.   

More information about the contractual arrangements for the processing of personal data with Google and the implemented safeguards can be found at privacy.google.com/businesses/processorterms and privacy.google.com/businesses/controllerterms   

The personal data sent by us to Google and associated with these cookies is deleted after 14 months.

The legal basis for such processing is your consent pursuant to Art. 6(1), sentence 1, lit. a GDPR, which you can withdraw at any time, without however affecting the lawfulness of processing based on consent before its withdrawal. There are no consequences for you if you choose not to give us consent for the aforementioned purposes.   

You can prevent the collection of personal data generated by the cookies and related to your use of our Website (including your IP address) and the processing of this personal data by Google by 

  • not giving your consent to the setting of the cookie in our cookie management tool;  
  • by rejecting the Google Analytics or all cookies in our cookie management tool, which is shown upon opening our Website for the first time, and can always be reopened by clicking on the shield symbol in the lower left corner of your browser window, enabling you to withdraw any consent given with effect for the future by changing your selection or 
  • for website-based use, downloading and installing the browser add-on to disable Google Analytics. (see tool). 

Furthermore, you can prevent the storage of cookies when using our Website by configuring your browser software accordingly to reject (all) cookies. However, if you configure your browser to reject all cookies, this may limit functionality on this and other websites. You can also activate the “Do Not Track” option in your browser.   

For more information about Google Analytics terms of use and Google’s privacy policy, please visit marketingplatform.google.com/about/analytics/terms/gb and policies.google.com/?hl=en. 

 

3. How We Process Personal Data When You Contact Us

 

3.1 Personal Data Processing Related to Email Correspondence 

When you contact us by email, we will collect, use and store personal data you provide (such as your name, your email address, your contact details and further information provided by you) to process and answer your enquiry adequately. 

We will erase such data when storage is no longer necessary according to the circumstances (e.g., when we have provided a final response to your enquiry). Alternatively, we will restrict the processing, if there are any applicable legal retention obligations, in particular where federal German laws require us to store our electronic correspondence containing commercial letters and other business and/or tax-related documents for a period of up to six or ten years (see, Sec. 147 of the German Tax Code, Sec. 257 of the German Commercial Code). 

The legal basis for such processing is Art. 6(1), sentence 1, lit. f GDPR, unless your enquiry is intended to take steps prior to entering into, to perform or to terminate a contract with us. In this case, the legal basis follows from Art. 6(1), sentence 1, lit. b GDPR. 

 

3.2 Personal Data Processing Related to the Use of Our Contact Forms 

We use the form service providers Mailchimp of Intuit Inc. (“Mailchimp”) and Zoho Corporation Pvt. Ltd. (“Zoho”) for including an easy-to-use contact form on our Website. Personal Data sent through our contact forms is transmitted and stored using TLS encryption to Mailchimp’s and Zoho’s servers located in the United States of America. Such data can only be accessed with a decryption key. We have signed a data processing agreement with Mailchimp and Zoho, which is acting as data processor and processes personal data of Website visitors on our behalf and instructions. Mailchimp and Zoho provide more information on its efforts to comply with the GDPR and its technical and organizational measures at https://mailchimp.com/en-gb/gdpr/ and https://www.zoho.com/gdpr.html. 

Where Mailchimp and Zoho transfer personal data to a country outside of the European Union or the European Economic Area that does not provide for an essentially equivalent level of data protection, including the United States of America, we have entered into Standard Contractual Clauses (Module 2: Transfer controller to processor) as appropriate safeguards with Mailchimp and Zoho. 

Please note that you are not required to use the contact form provided on our Website. You are also welcome to contact us by any other means. 

The legal basis for such processing is Art. 6(1), sentence 1, lit. f GDPR, unless your enquiry is intended to take steps prior to entering into, to perform or to terminate a contract with us. In this case, the legal basis follows from Art. 6(1), sentence 1, lit. b GDPR 

 

Important note: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you based on Art. 6(1), sentence 1, lit. f GDPR (Art. 21(1) GDPR), including to sharing your personal data with our aforementioned partners. 

Data retention and erasure takes place according to the criteria we explain under section 3.1 above. 

 

4. Use of Cookies on Our Website

 

Cookies are small text files that are stored by your web browser when you visit a Website and may contain certain information such as your IP address, information about the content you view or your preferences and settings. Cookies also help us provide you with customized content, speed navigation through our Website, and allow us to learn about your visit and your use of online services. 

When entering our Website, we ask you to consent to the use of our (first-party) cookies that will be stored on your device by our Website. This will happen through our cookies consent tool Axeptio. All cookies will be displayed there and you can even opt out of indivdual ones.

 

5. International Data Transfers

 

Countries outside the European Economic Area (“EEA”) treat the protection of personal data differently than countries in the EEA.  

Where we transfer personal data to countries outside the EEA, in particular to the United Kingdom and the United States of America, that do not provide for an adequate level of data protection, we implement safeguards to ensure the safety of processing of your personal data in such third countries. For the protection of your personal data, we enter into the standard contractual clauses issued by the European Commission of the European Union (“EU”) with service providers located outside the EEA that do not provide for an adequate level of data protection as determined by the EU Commission. 

For more information about international data transfers and the implemented safeguards, please contact us at . 

 

6. Your Rights as a Data Subject

 

To the extent required and permitted by applicable data protection laws (including namely the GDPR), you have the right to  

  • obtain confirmation as to whether personal data concerning you are being processed by us and, where that is the case, the right to access the personal data and receive a copy thereof (Art. 15(1) and (3) GDPR). 
  • rectify personal data concerning you, if we process inaccurate personal data (Art. 16 GDPR). 
  • request the erasure or restrict the processing of personal data concerning you (Art. 17 and 18 GDPR). 
  • withdraw your consent at any time (Art. 7(3) GDPR) with effect for the future, if processing is based on your consent within the meaning of Art. 6(1), sentence 1, lit. f) GDPR and/or Art. 9(2), lit. a) GDPR. 
  • receive the personal data concerning you in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (Art. 20 GDPR), if processing is based on your consent within the meaning of Art. 6(1), sentence 1, lit. a) GDPR and/or Art. 9(2), lit.a) GDPR and the data processing is carried out by automated means. 
  • object, on grounds relating to your particular situation, at any time to processing of personal data concerning you based on Art. 6(1), sentence 1, lit. e) or f) GDPR (Art. 21(1) GDPR). You may object to the processing of your personal data on the basis of on Art. 6(1), sentence 1, lit. f) GDPR for direct marketing purposes at any time (Art. 21(2) GDPR), without stating grounds relating to your particular situation. However, we would like to point out that we do not process your personal data for this purpose.

 

Furthermore, you have the right to lodge a complaint with the competent data protection supervisory authority. You can for example contact the supervisory authority in the EU Member State of your habitual residence, place of work or place of the alleged infringement. The data protection supervisory authority responsible for us is the Federal Commissioner for Data Protection and Freedom of Information BfDI (contact via https://www.bfdi.bund.de/EN/Service/Kontakt/contact_node.html).  

However, if you have any questions or complaints about how we process your personal data, we would like to ask you to contact us first (see the contact details under section 1.1 above).

 

7. We Refrain from Automated Individual Decision-making

 

We do not make any automated decisions based solely on automated processing, including profiling, which produce legal effects concerning the visitors of our Website or similarly significantly affects them.

 

8. General Technical and Organizational Measures

 

We have taken appropriate technical and organizational measures to protect the personal data you provide against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. For instance, XY and GDPR trainings. To protect the personal data of our users, we also use a secure online transfer protocol, the so-called “Transport Layer Security” (TLS) transmission. You can recognize this by a final “s” appended to the URL (“https://”) or a closed lock symbol in your browser. Clicking on the symbol provides you with further information about the TLS certificate used. Symbols and explanations may vary according to the browser you are using. TLS encryption ensures the encrypted and complete transmission of your data. 

 

9. Changes to this Data Protection Notice

 

New legal requirements, corporate decisions or technical developments may lead to changes to this Notice and require us to adapt this Notice accordingly. You will always find the current version on our Website www.openrad.com. Please note that external links to third-party websites or their contact information may change over time. If you find any information that is outdated, please let us know.