Here’s some more info…
we’ll try and keep it as “plain English” as we can:
Your personal data (which we’ll refer to as “data” from here on) will only be processed to the extent that’s required to provide you with a functional and reader-friendly website (which includes contents, services, etc.).
Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (or “GDPR”), “processing” refers to pretty much anything we could do to your data, more specifically: any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.
And here’s the fine print:
Info about us, the “controller of your data”
The party responsible for this website and its contents (“the controller”) for purposes of data protection law is:
client friendly marketing consulting GmbH
60313 Frankfurt am Main
Florian also serves as the controller’s data protection officer.
Info about your (“the user’s”) and other “data subjects'” rights.
With regard to the data processing to be described in more detail below, users and data subjects have the right…
… to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
… to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
… to the immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
… to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
… to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).
In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.
Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller’s future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.
Info about our data processing
The data that’s processed when you’re using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations – or unless otherwise stipulated below:
Web analytics – Matomo
We, too, use Matomo on our website. That’s is a web analytics service provided by the Matomo open source project.
With the help of Matomo, we are able to collect and analyze data on how you use our website. This enables us, among other things, to find out when which region you come from, which pages you’ve viewed, etc. We also collect various log files (e.g. on your IP address, referrer, browser and the operating system you use) and can measure whether you perform certain actions on our site (e.g. clicks, purchases, etc.).
But: We do use IP anonymization when analyzing with Matomo. Which means that your IP address will be shortened before the analysis, and can therefore no longer be clearly linked to you.
Oh, and: we host Matomo on our own server (using their wordpress plugin), which means that all our analysis data remain with us and are not passed on.
We use Matomo on the basis of Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in the anonymous analysis of user behavior in order to optimize both this website and its advertising (should we ever do any…). If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be withdrawn at any time.
Newsletter service – Mailchimp
Important: We use Mailchimp, a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA, hereinafter referred to as “The Rocket Science Group”.
Through certification according to the EU-US Privacy Shield, the Rocket Science Group guarantees that it will follow the EU’s data protection regulations when processing data in the United States. In addition, the Rocket Science Group offers further information about its data protection practices here.
When The Rocket Science Group sends you an e-mail from us, said e-mail will also contain a tracking pixel called a web beacon. This pixel helps us evaluate whether and when you have read our newsletter and whether you have clicked any links contained therein. In addition to further technical data, such as data about your computer hardware and your IP address, the data processed will be stored so that we can optimize our newsletters and respond to the wishes of our readers. The data will therefore increase the quality and attractiveness of the newsletter (if we don’t misinterpret the data, that is… ahem).
The legal basis for sending our newsletters and running the analyses described above is Art. 6 Para. 1 lit. a) GDPR.
You may revoke your prior consent to receive this/these newsletter(s) under Art. 7 Para. 3 GDPR with future effect. All you have to do is inform us that you are revoking your consent or click on the unsubscribe link contained in each newsletter.
In case not, don’t hesitate to reach out to client friendly’s data protection officer at firstname.lastname@example.org.