Data Protection

Thank you for showing an interest in our website. Protecting your privacy is very important to us. portagon GmbH takes great care in protecting your data and keeping it confidential. Your personal data are exclusively collected and processed in compliance with the statutory provisions, in particular the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other national data protection laws of the Member States, as well as other data protection laws.

portagon GmbH
Baseler Str. 10
60329 Frankfurt am Main
Germany

www.portagon.com
kontakt@portagon.com

Tel: +49 (0) 69 / 2547 413 0
Fax: +49 (0) 69 / 2547 413 90

Directors: Jamal El Mallouki, Johannes Laub

Contact details for the data protection officer

Dr Jörg Buschbaum
datenschutz@portagon.com

Personal data

Personal data are specific details about the personal or factual circumstances of an identified or identifiable natural person. Examples include your name, address, date of birth, username, password, email address and payment details. Below is an explanation of how we process your personal data.

Provision of the website and creation of log files

You can visit our website at any time without having to register or provide personal details. However, each time you visit our website, our system automatically collects data and information from the computer system of the device you are using.

Description and scope of data processing: The following data are collected automatically when a page is opened:

  • browser type and version,
  • operating system used,
  • the website from which you were referred (referrer URL),
  • the website you are visiting,
  • the date and time of access,
  • your Internet Protocol (IP) address.

The collection of data for the provision of the website and the storage of that data in log files is essential for the website’s operation.

Legal basis for data processing: Article 6(1)(f) GDPR represents the legal basis for temporary storage of data and log files.

Purpose of data processing: The system needs to temporarily store the IP address in order to allow the user’s computer to access the website. For this reason, the user’s IP address must remain stored for the entire session. The purpose of storage in log files is to ensure that the website remains functional and stable. The data also help us to optimise the website and to ensure that our information technology systems remain secure. The data are not assessed for marketing purposes in this context. These purposes also account for our legitimate interests in data processing according to Article 6(1)(f) GDPR.

Storage period: The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. As regards collection of data for the provision of the website, this is the case when the session in question has ended. The data stored in log files will be deleted after three days have elapsed, at the latest.

Contact form and email contact

Description and scope of data processing: By sending a contact request via our contact form, the data entered in the input screen will be sent to us and stored. Your consent to processing of the data is obtained in the process of sending a contact request, and you will be referred to this privacy policy.

You are not legally or contractually obliged to provide this personal data, nor it is necessary for the purposes of entering into a contract. You are not obliged to provide us with personal data. However, failure to provide mandatory personal data will prevent us from being able to contact you via the contact form.

Alternatively, you can contact us using the given email address, in which case the user’s personal data that are sent with the email are stored.

Your data will not be passed on to third parties.

Legal basis for data processing: Your consent provides the legal basis for processing of the data that are sent via the contact form (Article 6(1)(a) GDPR). The legal basis for processing of the data that are sent in the course of submitting an email is Article 6(1)(f) GDPR. Our legitimate interest lies in responding to the sender’s contact request. If the email contact is for the purpose of entering into a contract, an additional legal basis for the processing is Article 6(1)(b) GDPR.

Purpose of data processing: Personal data from the input screen or from an email are processed solely in order to help us process the contact request.

Storage period: The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. As regards the personal data from the contact form input screen and those sent by email, this is the case when the respective conversation with you has ended. The conversation is over when it is clear from the circumstances that the situation in question has been fully resolved. This does not apply if deletion would breach legal or contractual obligations, in particular regarding retention periods.

Participation in the Partner Programme

Description and scope of data processing: You can register for our Partner Programme via our website. We will receive and process the data requested via the registration screen. At the time of registration, the system also automatically collects and saves the date and time of your registration in order to record the confirmation of the inclusion of portagon’s Terms and Conditions in the partner contract.

During the Partner Programme, we will also process the following data pertaining to you:

  • Bank details
  • Partner status
  • Date of completion of portagon training courses
  • Number of contacts provided, details of contacts provided (names, contact details of potential customers, additional information provided)
  • Commission paid out, outstanding commission claims.

Legal basis for data processing: Data processing as part of registration and under an existing partner contract is required to create and execute the partner contract between you and portagon. The legal basis for data processing is therefore letter (b) of the second sentence of Article 6(1) GDPR. We also process the system data relating to your registration on the basis of letter (f) of the first sentence of Article 6(1) GDPR. Our legitimate interest lies in maintaining the functionality and security of the website and our IT systems.

Purpose of data processing: Data processing serves to establish and fulfil the partner contract between you and ourselves and – with regard to the data collected automatically by the system – to ensure that the website and our IT systems remain secure and functional.

Storage period: If you choose not to enter into a partner contract after registering, we will delete the data collected from you via the registration screen within six months of your decision to reject the partner contract. If a partner contract exists, the data are retained for as long as is necessary to create, fulfil and process the partner contract, i.e. at least for the duration of the partner contract. After termination of the partner contract, the data will be deleted if deletion does not breach legal retention obligations such as those in the German Commercial Code and the German Fiscal Code. These legal obligations provide for a retention period of six or ten years.

Data obtained by portagon through a partner referral

Description and scope of data processing: We receive contact data of interested parties and potential customers from partners. Depending on which data you, as an interested party/potential customer, have provided to a partner, this may include:

  • Name of your company
  • Contact details (name, email address, telephone number, company address)
  • Amount of capital required
  • Planned use for the capital
  • Partner’s assessment of the interested party/potential customer’s understanding of crowdinvesting
  • Confirmation that a demo/on-site appointment has been carried out
  • Name of the referring partner
  • Signed consent form for data processing.

Legal basis for data processing: By signing a relevant declaration from us, you have given your consent to the referring partner to be contacted and for your data to be processed as described. The legal basis is therefore letter (a) of the first sentence of Article 6(1) GDPR. If the contact process is also used to establish a contract between you and ourselves and to implement the relevant pre-contractual measures, letter (b) of the first sentence of Article 6(1) GDPR provides an additional legal basis for data processing.

Purpose of data processing: The purpose of data processing is to fulfil your request for information about portagon’s offers and services and possible use of our services.

Storage period: We will store your data until you withdraw your consent to being contacted by portagon. In the event of withdrawal, we will block your contact details if you no longer wish us to contact you. If you do not enter into a contract with portagon and we have no contact with you for over 18 months, we will delete your data.

Application procedure

Description and scope of data processing: You can apply online via our website. When you send the application form, the data entered in the input screen and any attachments (e.g. CV) are sent to us, saved and processed. Depending on your details, these may also include a special category of personal data within the meaning of Article 9(1) GDPR (e.g. information on any existing severe disability). We use the applicant management system Recruitee, a service provided by Recruitee B.V., Keizersgracht 313, 1016 EE Amsterdam, the Netherlands (“Recruitee”) to organise and process the applications. For this purpose, your personal data will be stored and processed on servers in the Netherlands. Recruitee has been carefully selected and considers compliance with applicable data protection regulations to be a high priority. Recruitee processes your personal data on the basis of an order processing contract with us. Recruitee may only process the data in line with our instructions and not for its own purposes. You can find more information about Recruitee’s privacy policy here: https://recruitee.com/privacy.

Legal basis for data processing: The legal basis for the processing of personal data is the implementation of pre-contractual measures required to establish an employment relationship and, provided that you enter into an employment relationship with us, the establishment and implementation thereof in accordance with Article 6(1)(b) GDPR. Should the specific categories of data be communicated voluntarily, they will be processed on the basis of Article 9(2)(a) GDPR.

Purpose of data processing: The processing of personal data assists the application and personnel selection processes and is used to establish and realise any employment relationships.

Storage period: If we unfortunately have to reject your application, we will delete your data no later than six months after doing so. If an employment relationship is established, we will store personal data for at least the duration of the existing employment relationship and for any legal retention periods (e.g. from the Working Time Act) or contractual retention periods (e.g. when using a company pension scheme as a form of deferred compensation while in receipt of the benefits) that extend beyond this. Data that are no longer necessary for the respective purpose will be deleted immediately.

Admission to the talent pool: If you cannot be offered a suitable position at the time of your application, the data that you have provided and submitted during the application process may still be collected, processed and used in the talent pool even after the process is complete. We do this so that we can contact you for professional purposes and potentially consider you for a future appointment. Your explicit consent is required to use your data in this way.

Storage period of data in the talent pool: If you expressly wish to be included in our talent pool, we will store your data until further notice, but for no longer than 12 months. After this period expires, your data will be deleted automatically and you will not receive a separate notification about this.

Indeed

You can also apply to us via Indeed. To enable the “Apply via Indeed” feature, your personal user data must be processed by Indeed Ireland Operations Limited, 124 St. Stephen’s Green, Dublin 2, Ireland (referred to here as “Indeed”). If you apply for one of our vacancies via the Indeed portal, Indeed will collect your CV and other application documents and information that you provide voluntarily. This data will be made available to us for checking. You can therefore share your data stored at Indeed with us and, for example, make the CV you uploaded to Indeed available to us. To enable you to use this function, we have included an “Apply via Indeed button” on our careers website. Even if you do not use this function, Indeed will process personal data because your IP address needs to be provided to Indeed to enable the button to be displayed. Indeed may also use cookies. You can find more information about Indeed’s terms of use here: https://de.indeed.com/legal and you can find Indeed’s privacy policy here: https://hrtechprivacy.com/de/brands/about-indeed#privacypolicy.

Cookies

Use of strictly necessary cookies

Description and scope of data processing: We use cookies on various pages to make our website attractive and to enable certain functions. These are small text files that are stored on your device.

You can change your browser settings so that you are informed about the placement of cookies and can decide whether to accept each of them or to refuse certain cookies or all cookies. Our website’s functionality may be restricted if you do not accept cookies. The following links show you how to change the settings in the following popular browsers:

Chrome: https://support.google.com/chrome/answer/95647?hl=en
Firefox: https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox
Internet Explorer: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Safari: https://support.apple.com/en-gb/HT201265

Legal basis for data processing: If personal data are processed using cookies, the legal basis is Article 6(1)(f) GDPR.

Purpose of data processing: The processing is designed to make our website attractive to visitors and to enable certain functions. Some of the functions on our website are not available without the use of cookies. These require the browser to be recognised even after you click through to a different page.

The user data collected by cookies are not used to create user profiles.

Storage period: “Transient cookies” are automatically deleted when you close the browser. These include session cookies in particular. They save a “session ID”, which can be used to assign various queries from your browser to the shared session. This will allow your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close your browser. Permanent cookies are automatically deleted after a specific period of time, which may vary depending on the cookie. You can delete cookies in your browser’s security settings at any time.

Consent to the use of cookies that are not strictly necessary

Our website uses the consent technology of ConsentManager to obtain your consent to store certain cookies on your device or to use certain technologies and to record these in compliance with data protection regulations. This technology is provided by Jaohawi AB, Håltegelvägen 1b, 72348 Västerås, Sweden, website: https://www.consentmanager.de (hereinafter referred to as “ConsentManager”).

When you access our website, a connection is made to the ConsentManager servers to obtain your consent and other declarations regarding the use of cookies. ConsentManager then saves a cookie in your browser so that it can assign the given or withdrawn consent to you. The data collected in this way will be stored until you ask us to delete it, you delete the ConsentManager provider cookie yourself or otherwise the reason for storing the data ceases to apply. Mandatory legal retention obligations remain unaffected.

ConsentManager is used to obtain the legally required consent to the use of cookies. The legal basis for this is Article 6(1)(c) GDPR.

Use of Google Analytics

Description and scope of data processing: Provided that you have given us your consent, we use Google Analytics, a web analysis service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter “Google”), on our website. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonym user ID and thus analyse a user’s activities across different devices. Google Analytics uses cookies – text files which are stored on your computer and which enable analysis of your use of the website. This includes the following cookies in particular:

Name Provider Purpose Use time
_ga Google Contains a randomly generated user ID to map the data relating to the website’s use by recurring visitors and to collate data from previous visits 2 years
_gat Google Prevention of data transfers during use 1 day
_gid Google Contains a randomly generated user ID to map the data relating to the website’s use by recurring visitors and to collate data from previous visits 1 day

The information generated by the cookies, such as the time, location and frequency of your visits to the website, including your IP address, is sent to Google and stored there. This website uses Google Analytics with the extension “_gat._anonymizeIp”, which means that Google truncates your IP address in Member States of the European Union or in other signatory states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser through Google Analytics is not combined with other data from Google, according to information provided by the latter. On behalf of this website’s operator, Google will use this information to evaluate your use of the website, compile reports on website activities and provide the website operator with other services related to use of the website and the Internet. Google may also transfer this information to third parties if this is required by law or if third parties process this data on Google’s behalf.

You can block the storage of cookies by adjusting your browser software settings. However, we should point out that doing so may prevent you from using all of the features on this website to their fullest extent.

Google also offers a deactivation add-on for the most popular browsers, which gives you more control over which data Google will collect concerning the websites you visit. The add-on informs Google Analytics’ JavaScript (ga.js) that no information about website visits should be sent to Google Analytics. However, the Google Analytics deactivation add-on for browsers does not prevent information from being sent to us or to other web analysis services that we may use. For more information about installing the browser add-on, please click on the following link: https://tools.google.com/dlpage/gaoptout?hl=de. Opt-out cookies prevent your data from being collected when you visit this website in future. To prevent data from being collected by Universal Analytics across different devices, you must opt out on all systems used.

Legal basis for data processing: The legal basis for the use of Google Analytics is your consent (Article 6(1)(a) GDPR).

Purpose of data processing: The purpose of data processing is to analyse the behaviour of our users anonymously and to improve our website on the basis of these findings.

Storage period: The data provided by us and linked to cookies, user IDs or advertising IDs will be automatically deleted after 14 months. Data for which the retention period has expired are automatically deleted once a month. For more information on terms of use and privacy, visit https://www.google.com/analytics/terms/gb.html and https://policies.google.com/privacy?hl=gb&gl=gb.

Use of Google Dynamic Remarketing

Description and scope of data processing: Provided that you have given your consent, we use Google’s remarketing function on our website. The application is used to analyse the behaviour and interests of visitors to our website in order to display targeted advertising related to their interests. Google uses cookies that can recognise visitors to a website when they visit other websites belonging to Google’s advertising network. These websites can then show users advertisements that relate to content that they have previously accessed on websites that use Google’s remarketing function.

Google uses the following cookies for this purpose:

Name Provider Purpose Use time
IDE Google (DoubleClick) Contains a randomly generated user ID to recognise visitors across different websites and to show personalised advertising 1 Year
test_cookie Google (DoubleClick) Test of whether the user’s browser allows cookies to be enabled 15 minutes
ads/ga audiences Google (AdWords) Used to re-engage visitors who might switch to the customer’s website based on their online behaviour Session

You can disable personalised advertisements from Google via your device settings. Go to https://support.google.com/ads/answer/1660762#mob for instructions on how to do this. More information about privacy related to personalised advertisements can be found at https://support.google.com/adspolicy/answer/143465.

Legal basis for data processing: The legal basis for the use of Google Analytics is your consent (Article 6(1)(a) GDPR).

Purpose of data processing: The purpose of the data processing is to show visitors to our website targeted ads that reflect their interests.

Storage period: 14 months

Use of HubSpot

Description and scope of data processing: On our website, we use a customer relationship management system provided by HubSpot Germany GmbH (c/o Design Offices, Koppenstraße 93, 10243 Berlin, Germany), hereinafter referred to as “HubSpot”.

Provided that you have given us your consent, HubSpot uses cookies and “web beacons” which are stored on your computer and make it possible to analyse how you use the website. This includes the following tools:

Name Provider Purpose Use time
_hstc HubSpot Contains the domain, user token, timestamps of first, last, and current visits, current session count 13 months
hupspotutk HubSpot Records user identities when using web forms to de-duplicate contacts 13 months
_hssc HubSpot Tracks sessions and contains the domain, the number of page views per session and session start timestamps to determine whether the session count and timestamps in the _hstc cookie need to be increased 30 minutes
_hssrc HubSpot Identifying browser session restarts Session
_ptq.gif HubSpot Recording of devices and marketing channels used by users Session

The information generated by these cookies and web beacons, such as the time, location and frequency of your visit to the website, including your IP address and the pages accessed, is sent to HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA) and stored there. HubSpot also reserves the right to forward data to other HubSpot Group companies.

Furthermore, HubSpot collects the data you enter when you fill out information request and appointment coordination forms (except if you use the aforementioned contact form or the email contact) or you agree to receive marketing communications via email (newsletters and automated emails, e.g. providing downloads).

HubSpot will use this information to evaluate your use of our website, compile reports on website activities for us and provide other services related to use of the website and the Internet. HubSpot may also transfer this information to third parties if this is required by law or if third parties process this data on HubSpot’s behalf.

The companies in the HubSpot Group are subject to the standard contractual clauses.

If you generally do not wish for your data to be collected by HubSpot, you can disable the storage of cookies at any time via your browser settings.

Legal basis for data processing: The legal basis for the use of HubSpot’s cookies and web beacons is your consent (Article 6(1)(a) GDPR).

Purpose of data processing: The purpose of data processing is to improve our website and to provide users with targeted email marketing communications.

Storage period: The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. As regards the personal data from forms and data sent via email in connection with email marketing communications, this is the case when the respective conversation with you has ended. The conversation is over when it is clear from the circumstances that the situation in question has been fully resolved or the user’s subscription has been deactivated. This does not apply if deletion would breach legal or contractual obligations, in particular regarding retention periods.

For more information on terms of use and privacy, visit https://legal.hubspot.com/privacy-policy.

Use of Demodesk

Scope of processing of personal data

A videoconferencing tool and an automated appointment tool from Demodesk are used on this website. These tools are provided by Demodesk GmbH, Franz-Joseph Straße 9, 80801 Munich, Germany (hereinafter: “Demodesk”). We use Demodesk to enable interested parties and existing customers to automatically book appointments for product demos or welcome meetings and to conduct these appointments via video conferences. Demodesk uses cookies for this purpose.

The following personal data will be processed by Demodesk:

  • Desired appointment
  • Address
  • Name
  • Email address
  • Phone number
  • Contract billing and payment data
  • Technical data (session URL, screen resolution, etc.)
  • Audio and video transmissions
  • Personal calendar data (e.g. data concerning the host and guest)

 

You can find more information about data processing by Demodesk here: https://demodesk.com/legal/privacy-policy

 

Provision of your personal data is voluntary. However, if you do not provide us with the data marked as mandatory, we will not be able to offer you the aforementioned services and, in particular, we will not be able to hold video conferences using the tool. If you would prefer not to schedule appointments with us via Demodesk, you can contact us by email or phone.

Purposes of data processing

The use of Demodesk is intended to allow interested parties and existing customers to book an appointment online for a presentation of our product and to receive a product demo via video conference.

Legal basis for the processing of personal data

The legal basis for data processing is letter f) of the first sentence of Article 6(1) GDPR. Our legitimate interest lies in the purposes for data processing listed under point 2. If we enter into a contract with you, the legal basis for the processing of your data is letter (b) of the first sentence of Article 6(1) GDPR.

Storage period

Your personal data will be stored for as long as is necessary to fulfil the aims described in this Privacy Policy or as is required by law, e.g. for tax and accounting purposes.

If you do not enter into a contract with us, we will store your data for a maximum of 6 months after the scheduled appointment. If you do enter into a contract with us, we will store your data for the duration of the contractual relationship.

 

Use of Meta Pixel (formerly Facebook Pixel)

 

We use the Meta Pixel (Facebook Pixel) service on our website.

The service allows us to display our ads on Facebook, so-called “Facebook Ads”, only to those Facebook users who have visited our website – in particular those who have showed an interest in our online content or in certain topics or products. The service allows us to check whether a user was redirected to our website after clicking on our Facebook Ads. Among other things, the service uses cookies, i.e. small text files that are stored locally in the cache of your device’s web browser. If you are logged in to Facebook with your user account, the visit to our online content will be noted in your user account and compared with your user account data. For us, the data collected about you are anonymous, which means that we are unable to infer the identity of any users. However, Facebook can link this data to your user account on its platform. We have no influence on the scope and further use of data collected through the service by Facebook. As far as we are aware, Facebook receives the information that you have accessed the corresponding section of our website or clicked on one of our advertisements. To the best of our knowledge, your personal data will be transferred to the USA. There is at least a risk of your data being transferred to the USA, even though Facebook servers may be located in the EU. We would like to explicitly point out that the USA does not offer a level of data protection comparable to European data protection law. If you have a Facebook user account and are registered, Facebook can link the visit to your user account. Even if you are not registered with Facebook or have not logged in, Facebook may find out and store your IP address and any other identifying features. We use the service for marketing and optimisation purposes and in particular to show you relevant and interesting advertisements and thus improve our service.

 

The legal basis is letter (a) of the first sentence of Article 6(1) GDPR (consent).

If you are registered with Facebook, you can change your ad settings at https://en-gb.facebook.com/ads/settings.

If you are not a Facebook user, you can generally manage your usage-based online advertising preferences at https://www.youronlinechoices.com/uk/your-ad-choices. This gives you the option of deactivating or activating the services of various providers.

 

Shared responsibility: We share responsibility with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (Facebook) for collecting and transferring data as part of this process.

The contact details for the company and the Facebook data protection officer can be found here: https://www.facebook.com/about/privacy. Our contact details can be found at the following link: https://www.portagon.com/en/legal-notice/

You can exercise your rights as a data subject against Facebook or against us.

Further information, in particular about how Facebook processes personal data, including its legal basis, and further information about the rights of data subjects can be found here: https://www.facebook.com/about/privacy. We transfer the data under joint responsibility on the basis of the legitimate interest pursuant to Article 6(1)(f) GDPR.

 

Information about the data security terms can be found here: https://www.facebook.com/legal/terms/data_security_terms and information about processing based on standard contractual clauses can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum.

 

Other recipients:

We pass on the data collected for processing to the respective internal offices as well as to other affiliated companies or external service providers depending on the required purposes (display of ads and analysis). Platform/hosting service providers receive access to personal data from a third country (countries outside the European Economic Area). Standard contractual clauses have been agreed with these service providers as an appropriate safeguard pursuant to Article 46 GDPR. Further information about this can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_en.

 

Deletion/withdrawal:

Meta Pixel can be disabled at https://www.portagon.com/#cmpscreen and for logged-in users at https://www.facebook.com/settings/?tab=ads#. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

Duration of cookies: up to 180 days after the last interaction (this applies only to cookies enabled through this website).

Using Google Tag Manager

Google Tag Manager is used on this website. Google Tag Manager is a Google system that manages the JavaScript and HTML tags used to implement the services referred to above. In particular, the system controls which tags are to be executed and when, based on your consent. The Tag Manager does not enable cookies itself and does not collect any data or other information about you or your device. The services it controls enable the cookies listed above.

Use of the Smartlook tracking tool

This page uses the Smartlook tracking tool from Smartsupp.com, s.r.o. Lidická 20, Brno, 602 00, Czech Republic (“Smartlook”) to record randomly selected individual visits, solely by means of an anonymous IP address. This tracking tool allows us to use cookies to evaluate the way you use the website (e.g. which content is clicked on). A user profile is displayed for this purpose. User profiles are only created using pseudonyms. The legal basis for the processing of your data is the consent you have given (letter (a) of the first sentence of Article 6(1) GDPR).

You can revoke your consent at any time with future effect via the cookie settings. You can find more information about Smartlook’s privacy policy at https://www.smartlook.com/help/privacy-statement/

You can disable Smartlook data collection by clicking the following link: https://www.smartlook.com/de/opt-out

Use of the newsletter distribution tool SendinBlue

This website uses SendinBlue to send newsletters. The provider is SendinBlue SAS, 55 rue d’Amsterdam, 75008 Paris, France. SendinBlue is a service that can be used to organise and analyse newsletter distribution. The data you enter for receipt of the newsletter (e.g. email address) are stored on SendinBlue’s servers.

Our newsletters, sent with SendinBlue, enable us to analyse the behaviour of our newsletter recipients. Among other things, it is possible to analyse how many recipients have opened the newsletter message and how often each link in the newsletter has been clicked. All the links in the email are tracking links that can be used to count your clicks.

If you do not want SendinBlue to analyse your data, you must unsubscribe from the newsletter. We provide an unsubscribe link in every newsletter message. You can also revoke your consent at any time, effective going forward, by sending an email to the address given in our legal notice.

We will store the data you have provided to us for receipt of the newsletter until you unsubscribe from the newsletter. After you have unsubscribed from the newsletter, your data will be deleted from our servers and from SendinBlue’s servers. Data that have been stored by us for other purposes (e.g. email addresses for the members’ area) will remain unaffected.

For more information, see the SendinBlue Privacy Policy at: https://de.sendinblue.com/legal/privacypolicy/.

Our Facebook pages

Whenever you use our Facebook page, Facebook Inc., Menlo Park, USA (“Facebook”) collects, processes and uses personal data for profiling purposes whether you have a Facebook account or not. Facebook also provides us with evaluations of how our Facebook page is being used, in anonymised form. These include the following evaluations in particular:

Overview: Number of “likes” for the page: The total and new “likes” for the Facebook page; post reach: The total number of individuals who have visited the Facebook page and seen its posts; interaction: The total number of individuals who have interacted with the Facebook page, broken down by interaction type.

Number of “likes”: Number of “likes” for the page: The total number of “likes” for each day, for a period of 28 days; “number of ‘likes’ (net)”: The number of new “likes” after deducting the removed “likes”; the location of the individuals liking the Facebook page: Here you can see how often the Facebook page has been liked, broken down by the origin of the “likes”.

Reach: Post reach: The number of people who saw a post, broken down by paid and organic reach; number of “likes”, comments and shared content; hidden posts reported as spam, “unlikes”: Negative interactions that reduce the number of people reached; total reach: The number of people who viewed a specific activity on the Facebook page.

Visits: Page and tab views: Specifies how often each tab on a Facebook page was viewed; external references: Indicates how often people visited the Facebook page from a website outside of Facebook.

Posts: When Facebook page fans are online: Shows when the people who like the Facebook page are on Facebook; types of post: Shows the success of each type of post based on average reach and interaction; the most popular posts from pages we monitor: Shows interactions with posts from the pages we monitor.

Video: Video views: How many times the videos on the Facebook page were viewed for more than 3 seconds; 30-second views: How many times the videos on the Facebook page were viewed for more than 30 seconds. If the video is shorter than 30 seconds, this counts the people who viewed at least 97% of the video; top videos: The videos on the Facebook page which have been viewed the most, for at least 3 seconds.

People: Facebook page fans: Shows information about the people who like the Facebook page: Gender, age, place of residence and language; persons reached: Shows the people who have viewed a post in the last 28 days; persons interacting: Shows the people (anonymised) who have liked, commented on or shared posts or interacted on the Facebook page within the last 28 days.

When you visit our Facebook page, we and Facebook are jointly responsible for the data processing operations triggered during your visit. In principle, you can assert your rights (of access, rectification, deletion and restriction of processing, and to data portability and to lodge a complaint) against us and against Facebook. We have entered into an agreement with Facebook to share responsibility for data processing (Controller Addendum). This agreement defines the data processing operations that we and/or Facebook are responsible for when you visit our Facebook page. You can view this agreement by visiting the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can change your advertising settings yourself via your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.

For information about which data Facebook collects from you, refer to Facebook’s Data Policy, namely the “What kinds of information do we collect?” section https://www.facebook.com/privacy/explanation.

When you use our Facebook page, Facebook stores cookies on your computer or smartphone. For more information, see Facebook’s Cookie Policy at https://www.facebook.com/policies/cookies/.

For more information, see https://www.facebook.com/business/a/page/page-insights.

Transfer of personal data

portagon GmbH will not share your data with third parties unless you have given your express consent to such disclosure beforehand or the transfer is required or permitted by law. The exception to this is portagon GmbH’s service partners, which are required to execute the contractual relationship and have been commissioned by us to process personal data in accordance with our instructions under an order processing contract. portagon GmbH will not sell your data to third parties or otherwise pass it on to third parties for advertising purposes. portagon GmbH employees are obliged to maintain confidentiality and to comply with data protection regulations.

Automated decision-making, including profiling

Automated decision-making, including profiling, does not take place.

Rights of the data subject

If your personal data are processed, you are a data subject within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the controller:

Right of access: According to Article 15 GDPR, you have the right to request information about your personal data that are being processed by us; in particular, you may request information about the purposes of the processing, the categories of personal data concerned, the categories of recipient to whom your personal data have been or will be disclosed, the envisaged period for which your personal data will be stored, the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing or to object to such processing, the existence of the right to lodge a complaint, the source of your data, where the personal data are not collected by us, and about the existence of automated decision-making, including profiling, and any meaningful information about the details thereof.

Right to rectification: Under Article 16 GDPR, you have the right to obtain, without undue delay, the rectification or completion of inaccurate personal data stored by us.

Right to erasure: Under Article 17 GDPR, you have the right to have your personal data that we store erased, provided that processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.

Right to restriction: Under Article 18 GDPR, you have the right to restrict processing of your personal data, provided that one of the following applies: you contest the accuracy of your personal data, the processing is unlawful and you oppose the erasure of the data, we no longer need the data but you require it for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Article 21 GDPR.

Right to data portability: Under Article 20 GDPR, you have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to request transmission of those data to another controller.

Right to lodge a complaint: Under Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority for your habitual place of residence, your place of work or our registered office for this purpose. In this instance, the competent supervisory authority is: the Hessian Data Protection Commissioner.

Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
If your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing purposes.

Right of withdrawal: You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before withdrawal. You can submit a withdrawal of consent to the email address provided during registration/ordering or to datenschutz@portagon.com or by post using the address given above.

Security of data transfer

We employ the widely used Secure Socket Layer (SSL) process in conjunction with the highest encryption level supported by your browser during your visit to the website. This is usually 256-bit encryption. As soon as encryption is activated, the address bar of the browser turns green.

We also use suitable technical and organisational security measures to protect your data against accidental or intentional tampering, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. All of our employees who may come into contact with personal data give a written undertaking that they will comply with data protection regulations and keep themselves informed about the legal requirements.

Change to our Privacy Policy

We reserve the right to amend this Privacy Policy from time to time to ensure that it always meets current legal requirements or to incorporate changes to our services into the Privacy Policy, such as when new services are introduced. The most up-to-date Privacy Policy applies each time you revisit our website.

Last updated: March 2022

 

Scroll Newsletter Anmeldung