elastic.io Privacy Policy

elastic.io Privacy Policy

Last updated 7th of March 2023


The responsible body as defined by the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

elastic.io GmbH
Prinzenstrasse 2a
42697 Solingen
Germany

Represented by:
Kevin Mobbs and Pascal Lauria, Managing Directors
Jörg Uhrmacher, CPO

1. Your rights

If you are a “data subject” under applicable data protection law (in particular, GDPR), you can exercise the following rights at any time by contacting our data protection officer:

  • Right to request information about your data stored by us and how we process these data (Art. 15 GDPR),
  • Right to request that your personal data be rectified if it is incorrect or incomplete (Art. 16 GDPR),
  • Right to request that your data we store be deleted (Art. 17 GDPR),
  • Right to request restriction of processing your personal data if we are not yet allowed to delete them due to legal obligations (Art. 18 GDPR),
  • Right to object to processing of your personal data by us (Art. 21 GDPR) and
  • Right to request that we provide a copy of your personal data to you in a structured, commonly used and machine-readable format, provided you have consented to the data processing or have signed a contract with us (Art. 20 GDPR)

If you have given us your consent, you can revoke it at any time with future effect. In addition, you have the right to complain to a supervisory authority at any time.

The competent authority is:

North Rhine-Westphalia (NRW) State Commissioner for the Protection of Data and Freedom of Information
Kavalleriestrasse 2-4
40213 Dusseldorf
Phone number: +49 211 38424-0
Fax: +49 211 38424-10
E-mail: [email protected]


2. Collection of general information when you visit our website

Nature and purpose of processing:

In the case of a purely informative use of the website, in other words if you do not submit your data via one of our contact forms or otherwise provide us with your personal data, we will only collect general data transmitted by your browser (legal basis is Article 6 Paragraph 1 Sentence 1 (f) GDPR). These data include, for example, the type of web browser, the operating system, your IP address, and the like.

In particular, these data are processed for the following purposes:

  • Ensuring a successful access to the website,
  • Ensuring a smooth use of our website,
  • Evaluation of system security and stability, and
  • Optimization of our website

We do not use these data to identify you personally. Information of this character is anonymous and statistically evaluated by us in order to optimize our own online presence and the technology behind our website.

Legal basis and legitimate interest:

The processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website.

Recipients:

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

Recipients of the data may be our parent company mVISE AG and its subsidiaries in order to offer customized solutions to our customers, as well as technical service providers who act as processors for the operation and maintenance of our integration platform.

Third country transfer:

Standard contractual clauses have been agreed with the providers who process data outside the EU.

Storage time:

The data will be deleted as soon as it is no longer required for the purpose of its collection. For the data that is necessary to ensure a successful access to the website, this is generally the case when a given session has ended. If the data is stored in log files, this is the case after 14 days at the latest. A longer storage period is possible. In this case, the users' IP addresses are anonymised and can no longer be assigned to a corresponding user.

Provision required or mandatory:

Providing the aforementioned personal data is not required by law or contract. However, without the IP address the service and functionality of our website cannot be guaranteed. In addition, individual services may be limited or not available. For this reason, an objection is excluded.


3. Cookies

Like many other websites, we also use so-called "cookies". Cookies are small text files that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website.

You can delete individual cookies or the entire set of cookies. In addition, you will receive information and instructions on how these cookies can be deleted or their storage blocked in advance. Depending on your browser’ provider, you will find the necessary information under the following links:

  • Mozilla Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
  • Internet Explorer: https://support.microsoft.com/en-us/topic/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
  • Google Chrome: https://support.google.com/accounts/answer/32050
  • Opera: https://www.opera.com/de/case-studies/clean-browser-and-remove-trackers
  • Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Storage duration and cookies used:

If through your browser settings and/or consent you allow us to use cookies, then our website will contain the following cookies:

  • Google Analytics (2 years)
  • Cookiebot consent (Persistent)
  • LinkedIn (29 days)
  • Google Ads (90 days)
  • Heap Analytics (1 day)
  • G2Crowd (13 days)
  • YouTube (179 days)

Technically necessary cookies

Nature and purpose of processing:

The purpose of using technically necessary cookies is to simplify the use of websites for users. And so we use cookies to make our website more user-friendly. Some elements of our website require that your browser is recognised even after you changed between individual pages.

Legal basis and legitimate interest:

The processing of your data for this purpose is in accordance with Art. 6 Para. 1 lit. f GDPR and based on our legitimate interest to provide you with a user-friendly design of our website.

Recipients:

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

Provision required or mandatory:

Providing the aforementioned personal data is not required by law or contract. However, without these data, the service and functionality of our website cannot be guaranteed. In addition, individual services may be limited or not available.

Objection:

Please read the information below about your right to object according to Art. 21 GDPR.

Technically unnecessary cookies

We also use cookies to better tailor the offer on our website to the interests of our visitors or to improve it in general on the basis of statistical evaluations. Please refer to the information below regarding the display, tracking, remarketing and web analysis technologies used to find out which providers you can expect to set cookies on our website.

Legal basis:

The legal basis for the processing of your data for this purpose is your consent, Art. 6 Para. 1 lit. a GDPR.

Recipients:

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website. To learn about other further recipients, please refer to the information below on the display, tracking, remarketing and web analysis technologies used on our website.

Third country transfer:

Please refer to the information below on the individual providers of display, tracking, remarketing or web analysis technologies used on our website. Standard contractual clauses have been agreed with the providers who process your data outside the EU.

Provision required or mandatory:

Of course, you can also view our website without the technically unnecessary cookies. In general, you can disable cookies at any time in the settings of your browser (see revocation of consent below). Please note, though, that individual functions of our website may not work if you have disabled cookies.

Revocation of consent:

You can revoke your consent at any time using our cookie consent tool.


4. Profiling

Please refer to the information below on the display, tracking, remarketing and web analysis technologies used on our website in order to learn to what extent we analyze the behavior of website visitors with pseudonymized user profiles.


5. Newsletter

We use the MailChimp service from Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA to send newsletters.

Nature and purpose of processing:

To ensure the delivery of our newsletter, we collect personal data that is shared with us through one of the contact forms.

We need a valid email address for the newsletter signup. In order to check that the signup was actually made by the owner of an email address, we use the "double opt-in" procedure. For this purpose, we log the registration for the newsletter, the sending of a confirmation email and the receipt of the requested response. Further data is not collected.

Legal basis:

On the basis of your expressly given consent (Art. 6 Para. 1 lit. a GDPR), we will regularly send you our newsletters or comparable information by email to the email address you shared with us.

You can revoke your consent to the storage of your personal data and its use for sending the newsletters at any time with future effect. There is a special link for that in every newsletter. You can also inform us of your revocation at any time using the contact option given at the end of this privacy policy notice.

Recipient:

The recipients of the data may be contract processors.

Storage time:

In this context, the data will only be processed as long as the relevant consent is available. Then they will be deleted.

Provision required or mandatory:

Providing your personal data for this purpose is voluntary, based solely on your consent. Unfortunately, we cannot send you our newsletters without your consent.

Revocation of consent:

You can revoke your consent to the storage of your personal data and its use for sending you our newsletters at any time with future effect. The revocation can be made via the link contained in every email or requested from the data protection officer listed below or the person responsible for data protection.


6. Contact forms

We use Hubspot Forms module of the Hubspot CMS solution on this website. Provider is HubSpot that is a software company from the USA with a branch office in Ireland, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland (hereinafter “Hubspot”).

Nature and purpose of processing:

The data you submit through our contact forms will be stored for the purpose of individual communication with you. For this, we require your valid email address and your name. This is used to associate your request with you and then to answer it. The submission of other data is optional.

Data submitted through contact forms is transferred directly to Hubspot CRM module and stored there. Hubspot CRM helps us manage contact data of our customers and prospects and organise our sales and communication processes. For more information on terms of use and data protection, see Hubspot’s privacy policy https://legal.hubspot.com/privacy-policy. As part of HubSpot’s processing, data may be transmitted into the USA. In such cases,  transmission security is protected by so-called standard contractual clauses. These standard contractual clauses should guarantee that processing of personal data is subject to a level of security comparable to that outlined in the GDPR.

Legal basis:

The processing of the data submitted through the contact forms takes place on the basis of a legitimate interest (Art. 6 Paragraph 1 lit. f GDPR). By providing the contact forms, we would like to make it easy for you to contact us. The information you provide will be stored for the purpose of processing your request and for possible follow-up questions. If you contact us to request a quote, the data you submit through the contact forms will be processed in order to carry out pre-contractual measures (Art. 6 Para. 1 lit. b GDPR).

Recipients:

The recipients of the data may be contract processors.

Storage time:

Data will be deleted no later than 6 months after processing the request. If there is a contractual relationship, we are subject to the statutory retention periods according to the German Commercial Code and delete your data after these periods have expired.

Provision required or mandatory:

Providing your personal data for this purpose is voluntary. However, we can only process your request if you share with us your name, your email address and the reason for the request.


7. Use of analytics tools

Google Analytics

On this website, we use Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA (hereinafter: "Google"). Google Analytics uses so-called "cookies", i.e. text files that are stored on a visitor’s computer to help analyse how visitors use our website. The information generated by the cookie about your use of our website is generally transferred to a Google server in the USA and stored there. However, due to the activation of IP anonymization function on this website, your IP address will be truncated within the area of the member states of the European Union or other parties to the agreement on the European Economic Area. Only in exceptional cases will a full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser within the scope of Google Analytics will not be associated with any other data held by Google.

You can find more information on the terms of use and data protection at https://www.google.com/analytics/terms/us.html and at https://policies.google.com/privacy.

On behalf of the operator of this website (i.e. elastic.io), Google will utilize this information to evaluate how you use the website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The data that is sent by us and linked to cookies, user IDs or advertising IDs are automatically deleted after 12 months. The deletion of data which retention period has expired takes place automatically once a month.

Revocation of consent:

You can prevent the storage of cookies through your browser’s settings; however, please note that in this case, you may not be able to use all the website’s functions to their full extent.

You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) as well as from processing this data by downloading and installing a special browser plug-in, which is provided by Google and is available under the following link: Browser add-on to deactivate Google Analytics.

Heap analytics

We also use Heap Analytics, a web analysis service from Heap Inc., 225 Bush Street, Suite 200, San Francisco, CA 94104, USA (hereinafter: "Heap Analytics"). This service is used to carry out retrospective analysis of user behavior on our website, to create user journey funnels and, above all, to carry out a general event-based analysis of website usage. Heap Analytics uses "cookies" that are stored on your computer. The information generated by the cookies about your use of our website is generally transferred to a Heap Inc server in the USA and stored there. Heap Analytics does not collect any emails, surnames or first names. It is therefore not possible to associate any website activity with specific website visitors. In addition to that, IP anonymization function was activated for Heap Analytics. The data on the browser type, session length, operating system or device are also anonymized.

For more information on terms of use and data protection, see https://heap.io/terms and https://heap.io/privacy.

Revocation of consent:

The provider currently does not offer a straightforward way for opting out of or blocking data transfer. If you want to prevent anonymous tracking of your activities on our website, you can prevent the storage of cookies through your browser’ settings; however, please note that in this case, you may not be able to use all the website’s functions to their full extent.

Hotjar

Additionally, we use Hotjar, a web analysis service from Hotjar Inc. with registered office at Level 2, St. Julian’s Business Centre, 3, Elia Zammit Street, St. Julian’s STJ 1000, Malta (hereinafter: “Hotjar”) on a few specific webpages. The main purpose of this service is to record the so-called heatmaps and clickmaps of individual pages on the elastic.io website in order to evaluate and adjust the function of the individual elements and to improve the user experience. Hotjar uses "cookies" that are stored on your computer. The information generated by the cookies about your use of our website is generally transferred to a Hotjar Inc. server in Ireland and stored there. Hotjar does not collect any emails, surnames or first names. It is therefore not possible to associate any website activity with specific website visitors. In addition to that, IP anonymization function was activated for Hotjar. The data on the browser type, session length, operating system, etc. are also anonymized.

You can find more information on the terms of use and data protection at https://www.hotjar.com/legal/policies/privacy/.

Revocation of consent:

You can prevent Hotjar from tracking your activity on our website by activating the default function “Do not Track” in your browser. Follow this link to find an explanation of how to activate the “Do not Track” function. In addition to that, the cookies will be placed only if you give your consent via our Cookies manager. If you opt out of any cookies but the necessary ones, the Hotjar cookies won't be placed in your browser. 
You can also prevent the storage of cookies through your browser’s settings; however, please note that in this case you may not be able to use all the website’s functions to their full extent.


8. Use of script libraries (Google Web Fonts)

In order to present our content correctly and make them graphically appealing across all browsers, we use script libraries and font libraries such as Google Web Fonts from Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; hereinafter “Google”).

Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's data protection declaration: https://www.google.com/policies/privacy/.


9. Embedded YouTube Videos

We embed YouTube videos on our website. . YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter "YouTube"), is a subsidiary of Google LLC, 1600 Amphitheater Pkwy, Mountain View, CA 94043, USA (hereinafter “Google”). When you visit a page with an embedded YouTube video and play this video, a connection to YouTube servers is established. It will also be likely communicated to YouTube which pages you visited. If you are logged into your YouTube account, YouTube can associate your surfing behavior with you. You can prevent this by logging out of your YouTube account before playing an embedded video.

If an embedded YouTube video is started, the provider places cookies that collect information about user behavior.

Further information on the purpose and scope of data collection and its processing by YouTube can be found in the provider's data protection declaration, where you will also find further information on your rights in this regard and on how to protect your privacy though specific settings (https://policies.google.com/privacy) .

Revocation of consent:

The provider currently does not offer a straightforward way for opting out of or blocking data transfer. If you want to prevent tracking of your activities on our website, you can prevent the storage of cookies through your browser’s settings; however, please note that in this case, you may not be able to use all the website’s functions to their full extent.


10. Use of LinkedIn Insight Tag and LinkedIn Remarketing

We also use the LinkedIn Insight Tag on our website. The LinkedIn Insight Tag enables the collection of data on visits to this website, including the URL, referrer URL, IP address, device and browser properties (user agent), and time stamp. The IP addresses are shortened or (if they are used to reach members across devices) hashed. The direct IDs of the members are removed within seven days in order to pseudonymise the data. This remaining pseudonymized data will then be deleted within 180 days. LinkedIn does not share any personal data with the website owner (i.e. elastic.io), it only provides reports (in which no user is identified in person) about the website target audience and ad performance.

Legal basis

The legal basis for the integration of LinkedIn remarketing and the associated data transfer to LinkedIn is your consent (Art. 6 Para. 1 lit. a GDPR).

Revocation of consent

Members of LinkedIn can control the use of their personal data for advertising purposes in their account settings: https://www.linkedin.com/psettings/advertising/actions-that-showed-interest

11. Use of Google Ads (previously Google AdWords), Remarketing, Conversion tracking

We also use the Google Ads on our website provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). This enables the collection of data on visits to this website, including the cookie ID, visited pages, IP addresses, visit duration, referrer URL, browser type, and browser language. This service's main function is conversion tracking, which allows us to determine what happened when you clicked on one of our ads. Cookies are set for this purpose, however their validity is just temporary as their lifespan is only 90 days. Occasionally, depending on the ad type that is currently live, we will employ Google remarketing (only for the search ads type).

The data gathered is utilized to target the visitor directly in a subsequent search query and for statistical analysis to optimize the advertisement. We don't get any data that would let us identify a website visitor. Since we use Google's IP masking on our website in the context of Google Analytics, your IP address is communicated to Google and anonymized there.

Legal basis

The legal basis for the integration of Google Ads remarketing and the associated data transfer to Google is your explicit consent (Art. 6 Para. 1 lit. a GDPR).

Revocation of consent

You can disable cookies in your browser settings if you do not want your data to be processed. If you do this, your visit won't be counted in the user statistics. Through your own ad settings (https://adssettings.google.com/authenticated?hl=en), you may also choose the different sorts of Google ads or disable interest-related advertisements on Google. Alternately, you can use the network advertising initiative's deactivation assistance to disable the use of cookies by third-party providers. However, statistics on the number of visitors who visited this site and when are still sent to Google and us. You can prevent this from happening with the use of extra browser settings, for example by using the add-on Privacy Badger.


12. Social plugins

To enable visitors to share our content on the selected social networks, we use the MashShare solution on our website (René Hermenau, Braamkamp 52, 22297 Hamburg). Personal data is only transferred to the social networks after you have clicked on a share button. These personal data are not determined by us, but by the respective social network.

We do not collect any personal data ourselves through this plugin. The plugin itself does not process any personal data either.

We have no influence on which data the plugin collects and how it is then used by the respective network. It must currently be assumed that a direct connection to the provider's services will be established and that at least the IP address and device-related information will be recorded and used. There is also the possibility that the respective service provider will try to save cookies on your computer. It can also be assumed that the collected data will be used to associate the shared content to your social media account and thereby identify you as a visitor of a particular page. Please refer to the data protection information of the respective service provider to find out which specific data is recorded and how it is used.

The plugin that we use on our website connects to the following social media networks:

LinkedIn
Twitter
Facebook
WhatsApp


13. Collection of general information when you visit our integration platform

Nature and purpose of processing:

In the case of a purely informative use of our integration platform, in other words if you do not register on our platform, we will only collect general data transmitted by your browser (legal basis is Article 6 Paragraph 1 Sentence 1 (f) GDPR). These data include, for example, the type of web browser, the operating system, your IP address, and the like.

In particular, these data are processed for the following purposes:

  • Ensuring a full functionality of our software solution,
  • Evaluation of system security and stability
  • Optimization of your experience with our software solution

We do not use these data to identify you personally. Information of this character is anonymous and statistically evaluated by us in order to optimize our integration platform and the technology behind it.

Legal basis and legitimate interest:

The processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our integration platform.

Recipients:

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our integration platform.

Third country transfer:

Standard contractual clauses have been agreed with the providers who process data outside the EU.

Storage time:

The data will be deleted as soon as they are no longer required for the purpose of its collection. For the data that is necessary to ensure a successful access to the integration platform, this is generally the case when a given session has ended.

If the data is stored in log files, this is the case after 14 days at the latest. A longer storage period is possible. In this case, the users’ IP addresses are anonymized and can no longer be assigned to a corresponding user.

Provision required or mandatory:

Providing the aforementioned personal data is not required by law or contract. However, without the IP address the service and functionality of our integration platform cannot be guaranteed. In addition, individual services may be limited or not available. For this reason, an objection is excluded.


14. Cookies

On our platform, we also use so-called "cookies". Cookies are small text files that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our integration platform.

You can delete individual cookies or the entire set of cookies. In addition, You will receive information and instructions on how to delete these cookies or how to block their storage in advance. Depending on your browser’s provider, you will find the necessary information under the following links:

  • Mozilla Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
  • Internet Explorer: https://support.microsoft.com/en-us/topic/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
  • Google Chrome: https://support.google.com/accounts/answer/32050
  • Opera: https://www.opera.com/de/case-studies/clean-browser-and-remove-trackers
  • Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Storage duration and cookies used:

If through your browser settings and/or consent you allow us to use cookies, then our integration platform will contain the following cookies:

  • Segment (1 year)
  • Intercom (1 year)
  • Google Analytics (2 years)
  • Mixpanel (1 day)
  • In-house cookies (between session and up to 7 days)
  • Kubernetes (session)

Technically necessary cookies

Nature and purpose of processing:

The purpose of using technically necessary cookies is to simplify the use of websites for users. And so we use cookies to make our integration platform more user-friendly. Some elements of our integration platform require that your browser is recognized even after you changed between individual pages.

Legal basis and legitimate interest:

The processing of your data for this purpose is in accordance with Art. 6 Para. 1 lit. f GDPR and based on our legitimate interest to provide you with a user-friendly design of our integration platform.

Recipients:

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our integration platform.

Provision required or mandatory:

The provision of the aforementioned personal data is not required by law or contract. Without this data, however, the service and functionality of our integration platform cannot be guaranteed. In addition, individual services may not be available or restricted.

Objection:

Please read the information below about your right to object according to Art. 21 GDPR.

Technically unnecessary cookies

We also use cookies to generally improve the interaction of users with our integration platform on the basis of statistical evaluations.

Please refer to the information below regarding the display, tracking, remarketing and web analysis technologies used to find out which providers you can expect to set cookies on our website.

Legal basis:

The legal basis for the processing of your data for this purpose is your consent, Art. 6 Para. 1 lit. a GDPR.

Recipients:

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our integration platform.

To learn about other further recipients, please refer to the information below on the display, tracking, remarketing and web analysis technologies used on our integration platform.

Third country transfer:

Please refer to the information below on the individual providers of display, tracking, remarketing or web analysis technologies used on our integration platform. Standard contractual clauses have been agreed with the providers who process your data outside the EU.

Provision required or mandatory:

Of course, you can also view our integration platform without the technically unnecessary cookies. In general, you can disable cookies at any time in the settings of your browser (see Revocation of Consent below). Please note, though, that individual functions of our integration platform may not work if you have disabled cookies.

Revocation of consent:

You can revoke your consent at any time using our cookie consent tool.


15. Profiling

Please refer to the information below on the display, tracking, remarketing and web analysis technologies used on our integration platform in order to learn to what extent we analyze the behavior of integration platform visitors with pseudonymized user profiles.


16. Use of communication tools

Intercom

Communication with customers, partners, and other stakeholders through the elastic.io integration platform is carried out through the Intercom communication tools provided by Intercom, Inc., 55 2nd Street, 4th Floor, San Francisco, CA 94105, United States. For the purpose of this in-app communication, Intercom collects personal data such as e-mail address, last name, first name, geolocation data, etc. These data improve support from our side and optimize the customer experience from the user side. In addition, Intercom tools are used to create onboarding experience for new users and improve interaction with the application using event-based in-app and offline messages as well as the so-called product tours.

You can find more information on terms of use and data protection at https://www.intercom.com/legal/privacy.

Revocation of consent:

The provider currently does not offer a straightforward way for opting out of or blocking data transfer. However, under this link you will find the options offered by the Intercom on how you can withdraw your consent.

Freshdesk

Furthermore, we use the Freshdesk system from Freshworks Inc., 1250 Bayhill Drive, Suite 315, San Bruno, CA 94066, USA (hereinafter: “Freshdesk”) to accept and manage technical support requests. For the purpose of these support services, Freshdesk collects personal data such as e-mail address, last name, first name, geolocation data, etc. These data enable us to provide support services in the first place, as answering a particular support request requires association of this request with its sender.

You can find more information on terms of use and data protection at https://www.freshworks.com/privacy/ and at https://www.freshworks.com/terms/

Revocation of consent:

The provider currently does not offer a straightforward way for opting out of or blocking data transfer. However, you can unsubscribe from receiving these communications messages. We would like to point out, though, that in this case and from the moment you unsubscribe, we will no longer be able to provide technical support for you.


17. Use of analytics tools

Google Analytics

On our integration platform, we use Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA (hereinafter: "Google"). Google Analytics uses so-called “cookies”, i.e. text files that are stored on a visitor’s computer to help analyse how visitors use our integration platform. The information generated by the cookie about your use of our integration platform is generally transferred to a Google server in the USA and stored there. However, due to the activation of IP anonymization function on this integration platform, your IP address will be truncated within the area of the member states of the European Union or other parties to the agreement on the European Economic Area. Only in exceptional cases will a full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser within the scope of Google Analytics will not be associated with any other data held by Google.

You can find more information on the terms of use and data protection at https://www.google.com/analytics/terms/us.html and at https://policies.google.com/privacy.

On behalf of the operator of this integration platform (i.e. elastic.io), Google will utilize this information to evaluate how you use the integration platform, to compile reports on activities happening on the integration platform and to provide us with other services related to the use of the integration platform.

The data that is sent by us and linked to cookies, user IDs or advertising IDs are automatically deleted after 14 months. The deletion of data which retention period has expired takes place automatically once a month.

Revocation of consent:

You can prevent the storage of cookies through your browser’s settings; however, please note that in this case, you may not be able to use all the website’s functions to their full extent.

You can also prevent Google from collecting the data generated by the cookie and related to your use of the integration platform (including your IP address) as well as from processing this data by downloading and installing a special browser plugin, which is provided by Google and is available under the following link: Browser add-on to deactivate Google Analytics.

Mixpanel

We also use Mixpanel on our integration platform, an analysis service from Mixpanel Inc., One Front Street, Floor 28, San Francisco, CA 94111, USA (hereinafter: "Mixpanel"). The purpose of this usage is to better understand the user-friendliness and individual functions of our application by analyzing data with the help of the so-called user-behavior funnels, and to continuously improve these functions. Mixpanel also uses "cookies" which are stored on your computer. The information generated by the cookies about your use of our integration platform is generally transferred to a Mixpanel Inc. server in the USA and stored there.

You can find more information on terms of use and data protection at https://mixpanel.com/legal/privacy-policy/.

Revocation of consent:

You can block Mixpanel from tracking your activity on our integration platform by following this link and then following the instructions from Mixpanel.

You can also prevent the storage of cookies through your browser’s settings; however, please note that in this case, you may not be able to use all the functions of this integration platform to their full extent.

18. SSL encryption

In order to protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) over HTTPS.

19. Information about your right to object according to Art. 21 GDPR

Individual right to object

You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data that is based on Art. 6 Para. f GDPR (data processing for the purposes of the legitimate interests); this also applies to profiling that is based on this same provision in the sense of Art. 4 No. 4 GDPR.

If you object, we will no longer process your personal data unless we can prove compelling legitimate reasons for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Recipient of an objection

Joerg Uhrmacher
[email protected]

Change of our data protection regulations

We reserve the right to adapt this privacy policy so that it always complies with the current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply from the moment of your next visit.

20. Questions to the data protection officer

If you have any questions about data protection, please send us an email or contact the person responsible for data protection in our organization directly:

Joerg Uhrmacher
[email protected]