Controller

The Controller for the data processing operations described below is the office named in the imprint.

Usage Data

When you visit our websites, so-called usage data are temporarily analyzed on our web server for statistical purposes as a log in order to improve the quality of our websites. This data record consists of:

• The name and address of the requested content.
• The date and time of the request.
• The amount of data transferred.
• The access status (content transferred, content not found).
• The description of the web browser and operating system used.
• The referral link, which indicates the page from which you came to ours.
• The IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.

Storage of IP Addresses for Security Purposes

We store the complete IP address transmitted by your web browser for a period of seven days in the interest of detecting, limiting and eliminating attacks on our web pages. After this period, we delete or anonymize the IP address.

The legal basis for this processing is Art. 6 (1) (f) GDPR.

Data Security

We take technical and organizational measures to protect your data as comprehensively as possible from unwanted access. These measures include encryption procedures on our web pages. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption.

You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.

Necessary Cookies

On our website, we use cookies which are necessary in order for the site to function.

Cookies are small text files that can be placed on your computer or mobile device by websites that you visit.

A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking or advertising purposes.

In some cases, these cookies only contain information on certain settings and cannot be linked to a person. They may also be necessary to enable user guidance, security and implementation of the site.

The legal basis for using these cookies is our legitimate interest according to Art. 6 (1) (f) GDPR.

You can set your browser to inform you about the placement of cookies. This is in order to make the use of cookies transparent for you.

You can also delete cookies or prevent the setting of new cookies at any time by using the appropriate browser settings.

Please note that if you delete certain cookies, our web pages may not be displayed correctly and some functions may no longer be available.

Google Analytics

We use the web analysis tool "Google Analytics" to design our websites according to your needs. Google Analytics creates user profiles based on pseudonyms. For this purpose, permanent cookies are stored on your end device and accessed out by us. In this way we are able to recognize and measure returning visitors.

The Google Analytics tool is provided by Google Ireland Limited and Google LLC. (USA) who support us as processors according to Art. 28 GDPR. The data processing can therefore also take place outside the EU or EEA. With regard to Google LLC (USA), no adequate level of data protection can be assumed due to the processing in the USA. There is a risk that authorities may access the data for security and surveillance purposes without you being informed or having the right to appeal.

Please take this into account if you decide to give your consent to our use of Google Analytics.

The legal basis for this data processing is your consent if you have given your consent via our consent banner.

The transfer to a third country takes place on the basis of Art. 49 (1) (a) GDPR.

You can withdraw your consent at any time.

To withdraw your consent, please click on "Consent" in the footer of this page and then I DISAGREE.

Third Party Tracking Technologies for Advertising Purposes

We use cross-device tracking technologies to help us show you targeted advertising on other websites based on your visit to our websites and to help us determine how effective our advertising efforts have been.

The legal basis for this data processing is your consent if you have given your consent via our consent banner.

Your consent is voluntary and can be withdrawn at any time.

To withdraw your consent, please click on "Consent" in the footer of this page and then I DISAGREE.

How Does Tracking Work?

When you visit our websites, it is possible that the third-party providers listed below may retrieve identification characteristics of your browser or terminal device (e.g. a browser fingerprint), evaluate your IP address, save or extract identification characteristics on your terminal device (e.g. cookies) or gain access to individual tracking pixels.

The individual characteristics can be used by these third parties to identify your terminal device on other websites. We may commission these third-party providers to show you advertisements based on the pages visited on our website.

What Does Cross-Device Tracking Mean?

If you log on to the third-party provider with your user data, the respective identification characteristics of different browsers and end devices can be linked with each other. For example, if the third-party provider has created a unique identifier for each laptop, desktop personal computer, smartphone or tablet you use, these individual identifiers can be associated with each other as soon as you log in to a third-party service using your login credentials. This allows the third party to target our advertising campaigns across multiple devices.

Which Third-Party Providers Do We Use in This Context?

The third-party providers with whom we work for advertising purposes are listed below. If the data is processed outside the EU or EEA in this context, please note that there is a risk that local authorities may access the data for security and monitoring purposes without you being informed or having the right to appeal. Where we use providers in third countries without an adequate level of protection and you give your consent, the transfer to this third country is based on Art. 49 (1) (a) GDPR.

Provider	Maximum Storage Period	Adequate Level of Data Protection	Withdrawal of Consent
Google LLC (USA)	Until you withdraw your consent.	No adequate level of data protection. The data is transmitted on the basis of Art. 49 (1) (a) GDPR.	Please click on "Consent" in the footer of this page and then I DISAGREE.
DeskPro (UK)	Until you withdraw your consent.	We have a Data Processing Agreement (DPA) in place with this partner.	Please click on "Consent" in the footer of this page and then I DISAGREE.
Amazon Web Services EMEA SARL (Luxembourg)	Until you withdraw your consent to receive newsletters.	We have a Data Processing Agreement (DPA) in place with this partner.	Please unsubscribe from the newsletter to revoke your consent.
Stripe Payments Europe Ltd. (Ireland)	Until you withdraw your consent.	We have a Data Processing Agreement (DPA) in place with this partner.	Please contact us to withdraw your consent.

Contact Form

You may contact us via our contact form. In order to use our contact form, we will require you to provide the data marked as mandatory.

The legal basis for this processing is Art. 6 (1) (f) GDPR, being our legitimate interest to respond to your request.

You can decide whether you would like to provide us with further information. This information is provided voluntarily and is not required to contact us.

We process your voluntary details on the basis of your consent in accordance with Art. 6 (1) (a) GDPR.

Your data will only be processed to process your request. We will delete your data if they are no longer required and there are no legal obligations to retain them.

Where the processing of your data which is transmitted via the contact form is based on legitimate interest in accordance with Art. 6 (1) (f) GDPR, you have the right to object to that processing at any time. To do so, please use the email address provided in the imprint.

In addition, you can withdraw your consent to the processing of your voluntarily provided information at any time. To do so, please use the email address provided in the imprint.

Newsletter Registration and Delivery

You may register to receive our newsletter on our website. Please note that we require certain data (your e-mail address at the minimum) to complete the newsletter registration.

We will only send you the newsletter if you have given us your express consent. After you have completed the newsletter registration on our website, you will receive a confirmation e-mail at the e-mail address you provided (double opt-in).

You may withdraw your consent at any time. An easy way to withdraw your consent is, for example, to use the unsubscribe link provided in every newsletter.

As part of the newsletter registration process, we store certain data in addition to the above-mentioned data, as far as it is necessary to prove so that you have registered for our newsletter. This may include storing the complete IP address at the time of the registration or confirmation of the newsletter, as well as a copy of the confirmation mail sent by us.

The legal basis for the data processing is our legitimate interest to be able to account for the legality of the newsletter delivery according to Art. 6 (1) (f) GDPR.

Access Protected Area

If you wish to use our access-protected area, your prior registration is required. We only collect the data required for registration.

The legal basis for the data processing is our legitimate interest to be able to provide you with the services and information available in the access-protected area according to Art. 6 (1) (f) GDPR.

If we collect additional data during this process, these will be marked as voluntary and the processing is based on your consent in accordance with Art. 6 (1) (a) GDPR.

If you would like to permanently log out of our access-protected area, please use the logout option which we make available within the area.

Payment Processing

We process payments for one-time and subscription products via the payment service provider "Stripe". This is in line with our legitimate interest in providing an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we share the following data with Stripe to the extent necessary for the performance of the contract (Art. 6 para. 1 lit. b GDPR).

We provide the following information to Stripe:

We are not required by law or contract to process the information provided in this section. We cannot process a payment through Stripe without the submission of the above information. If you do not want Stripe to process this information, you can call or email us, and we can offer you alternative payment methods (bank transfer, check, etc.)

Stripe has a dual role in data processing activities as a controller and a processor.

As a controller, Stripe uses the data you submit to comply with legal obligations. This is in accordance with Stripe's legitimate interest (pursuant to Art. 6(1)(f) GDPR) and serves the performance of the contract (pursuant to Art. 6(1)(b) GDPR). We have no control over this process.

Stripe acts as a processor to process transactions within the payment networks. In the context of the order processing relationship, Stripe acts solely on our instructions and is contractually bound to comply with the data protection provisions pursuant to Art. 28 GDPR.

Stripe has implemented compliance measures for international data transfers. These measures apply to all global operations where Stripe processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).

For more information about Stripe's opt-in and opt-out practices, visit the Stripe Privacy Center.

Your data will be retained by Stripe for the duration of your relationship with Text Control and, in some cases, depending on the jurisdiction, beyond.

Contact Details of Stripe

Storage Period

Unless otherwise specified, we will delete your personal data if they are no longer required for the relevant processing purposes and no legal retention obligations oppose deletion.

Your Rights as a Data Subject

When processing your personal data, the GDPR grants you certain rights as a data subject:

Right of Access by the Data Subject (Art. 15 GDPR)

You have the right to obtain confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to be informed of this personal data and to receive the information specified in Art. 15 GDPR.

Right to Rectification (Art. 16 GDPR)

You have the right to rectification of inaccurate personal data concerning you and, taking into account the purposes of the processing, the right to have incomplete personal data completed, including by means of providing a supplementary statement without delay.

Right to Erasure (Art. 17 GDPR)

You have the right to obtain the erasure of personal data concerning you without undue delay if one of the reasons listed in Art. 17 GDPR applies.

Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have objected to the processing, for the duration of our examination.

Right to Data Portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, or to request that this data be transferred to a third party.

Right to Withdraw Consent (Art. 7 GDPR)

If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the withdrawal is only effective for the future. Processing that took place before the withdrawal is not affected.

Right to Object (Art. 21 GDPR)

If data is collected on the basis of Art. 6 (1) 1 f GDPR (data processing for the purpose of our legitimate interests) or on the basis of Art. 6 (1) 1 e GDPR (data processing for the purpose of protecting public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or if data is still needed for the establishment, exercise or defence of legal claims.

Right to Lodge a Complaint With a Supervisory Authority (Art. 77 GDPR)

According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates data protection regulations. This right may be asserted in particular with a supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement.

Asserting Your Rights

Unless otherwise described above, please contact us to assert your rights. You will find our contact details in our imprint.

Contact Details of Our Data Protection Officer

Our data protection officer is available to provide further information on data protection.

If anything in this privacy policy is unclear, please do not hesitate to contact us.