Privacy Policy

General 

Data protection is of a particularly high priority for the daitastack GmbH ("daitastack"). The use of www.daitastack.com ("The daitastack Website) is possible without any indication of personal data. However, if a Data Subject wants to use specific services daitastack provides via The daitastack Website, the processing of personal data could become necessary.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a Data Subject shall always be in line with the country-specific data protection regulations applicable to the daitastack. By means of this data protection declaration, our company would like to inform the public about the nature, scope and purpose of the personal data we collect, use and process. Furthermore, Data Subjects are informed of their rights by means of this data protection declaration.

As the Controller, daitastack has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can always be subject to security vulnerabilities, so that absolute protection cannot be guaranteed. For this reason, every Data Subject is free to transmit personal data to us by alternative means, for example by telephone.

Legal Notice

Definitions

The Privacy Policy of daitastack is based on the terms used by the European Legislators and Regulators when issuing the General Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance. Inter alia we use the following terms in this Privacy Policy:

Personal Data
Personal data means any information relating to an identified or identifiable natural person (hereinafter "Data Subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data Subject
Data Subject is any identified or identifiable natural person whose personal data are processed by the Controller.

Processing
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of Processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

Profiling
Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific Data Subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

Controller or Data Controller
The Controller or person responsible for processing is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the Controller or the specific criteria for its designation may be provided for under Union or Member State law.

Processor
A Processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the Controller.

Recipient
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a Third Party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as Recipients.

Third Party
Third Party means a natural or legal person, public authority, agency or other body other than the Data Subject, the Controller, the Processor and the persons authorized to process the personal data under the direct responsibility of the Controller or the Processor.

Consent
Consent shall mean any freely given indication of the Data Subject 's wishes for the specific case in an informed and unambiguous manner, in the form of a statement or any other unambiguous affirmative act, by which the Data Subject indicates that he or she consents to the processing of personal data relating to him or her.

Name and address of the CONTROLLER

The responsible party within the meaning of the General Data Protection Regulation and the data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is the contact mentioned in the Legal Notice. Any Data Subject may contact the mentioned contact directly at any time with any questions or suggestions regarding data protection.

Legal basis of the processing

Article (Art.) 6 1. (a) GDPR serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose. This is the case for marketing measures.

If the processing of personal data is necessary for the performance of a contract to which the Data Subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 1. (b) GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.

If our company is subject to a legal obligation by which the processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 1. (c) GDPR.

Ultimately, processing operations could be based on Art. 6 1. (f) GDPR. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary for the protection of a legitimate interest of our company or a Third Party, provided that the interests, fundamental rights and freedoms of the Data Subject are not overridden. If the processing of personal data is based on Art. 6 1. (f) GDPR, the Controller sees the implementation as its legitimate interest. Here, action is taken for the benefit of the business, the welfare of all our employees and all other stakeholder.

Collection of general data and information

The website of daitastack collects a series of general data and information each time a Data Subject or automated system accesses the website. This general data and information is stored in the server log files. The following data may be collected: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites that are accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

When using these general data and information, daitastack does not draw any conclusions about the Data Subject. Rather, this information is needed (1) to deliver the content of our website correctly, (2) to optimize the content of our website, (3) to ensure the long-term functionality of our information technology systems and the technology of our website, and (4) to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber-attack. This anonymously collected data and information is therefore evaluated by daitastack on one hand, statistically and on the other hand, with the aim of increasing data protection and data security in our company, and ultimately ensuring an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from any personal data provided by a Data Subject.

Contact possibility via the website through contact form

www.daitastack.com ("The daitastack Website") provides the option of using website contact forms to contact daitastack.  

The Controller shall provide any Data Subject at any time upon request with information about what personal data is stored about the Data Subject. Furthermore, the Controller shall correct or delete personal data at the request or indication of the Data Subject, provided that this does not conflict with any statutory retention obligations. The entire staff of the Controller shall be available to the Data Subject as contact persons in this context.

Routine deletion and blocking of personal data

The criterion for the duration of storage of personal data is the respective statutory retention period. If no retention periods apply, the respective deletion periods defined by the responsible party apply. After expiry of the period, the corresponding data is routinely deleted, provided that it is no longer required for the fulfillment or initiation of the contract or for any other purpose.

Cookies

The internet pages of daitastack use cookies. Cookies are text files that are stored on a computer system via an internet browser. Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the Data Subject from other Internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, daitastack can provide the users of The daitastack Website with more user-friendly services that would not be possible without the cookie setting. Through the use of cookies, the information and offers on our website can be optimized for the benefit of the user. As already mentioned, cookies enable us to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter his or her access data each time he or she visits the website, because this is done by the website and the cookie stored on the user's computer system.

Essential cookies ensure functions without which Data Subjects cannot use the daitastack websites as intended. These cookies are used exclusively by daitastack and are therefore first party cookies. This means that all information stored in the cookies is returned to daitastack website. Essential cookies are used, for example, to ensure that a Data Subject as a logged-in user, always remain logged in when accessing various subpages of the daitastack website and thus do not have to re-enter login data each time Data Subject call up a new page. The use of essential cookies on the daitastack website is possible without the consent of a Data Subject. For this reason, essential cookies cannot be individually disabled or enabled.

Analytics cookies allow us to analyze user behavior based in part on personal information to understand how visitors interact with the website.

Third-party cookies are integrated on the websites of daitastack, which provide their services on their own responsibility. For example Google, LinkedIn.

Use of external tools

Hubspot CRM Suite

daitastack uses the Hubspot Marketing CRM Suite to manage its CRM, Marketing and Content activities. Such activities include:

E-mail communications

daitastack uses Hubspot CRM Suite to communicate with persons whose contact details have been provided with prior consent, this include but not limited to Hubspot Form submissions via The daitastack Website,  subscription to the daitastack Newsletter, and previous communications via Email or LinkedIn Messages where consent to marketing communications have been given.

The collection of form submissions

daitastack uses the Hubspot Form tool in the Hubspot CRM Suite to collect data via the daitastack website for the purposes of general inquiry, event registration, as well as sales, and online marketing activities. For more information regarding Hubspot Form, please refer to topic below.

The use of tracking technologies

daitastack uses the HubSpot tracking code and pixels to detect visits to The daitastack Website. This data is used to help optimize ads, measure ads' results, and for creating website visitor ad audiences.

The operating company of the Hubspot CRM Suite is:

HubSpot, Inc.
25 First Street, 2nd Floor
Cambridge
MA 02141
USA

For more information on Hubspot Inc.'s Privacy Policy, please visit: https://legal.hubspot.com/privacy-policy.

Hubspot Form

The daitastack Website uses Hubspot Form for general inquiry, event registration, as well as sales and online marketing activities. This is a component of the Hubspot CRM Suite with which the person responsible covers the various aspects of online marketing. These include:

Contact forms  
This information and parts of the content of our website are stored on servers of our software partner. It can be used by us to contact visitors to our website and to determine which of our company's services are of interest to them. We use all collected information exclusively to optimize our marketing.

Registration on our website for an event
The Data Subject has the opportunity to register on The daitastack Website by providing personal data. Which personal data is transmitted to the Controller and its Processor Hubspot Inc. in the process results from the respective input mask used for the registration. The personal data entered by the Data Subject is collected and stored exclusively for internal use by the Controller for its own purposes. The Controller may arrange for the data to be transferred to one or more Processors, for example a parcel service provider or a call center, which will also use the personal data exclusively for an internal use attributable to the Controller.

By registering on The daitastack Website, the IP address assigned by the Internet service provider (ISP) of the Data Subject, the date and the time of registration are also stored. The storage of this data takes place against the background that only in this way can the misuse of our services be prevented and, if necessary, this data makes it possible to clarify committed crimes. In this respect, the storage of this data is necessary for the protection of the data Controller. As a matter of principle, this data is not passed on to third parties unless there is a legal obligation to pass it on or the passing on serves the purpose of criminal prosecution.

The registration of the Data Subject by voluntarily providing personal data serves the purpose of the Controller to offer the Data Subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to modify the personal data provided during registration at any time or to have it completely deleted from the data stock of the Controller.

The Controller shall provide any Data Subject at any time, upon request, with information about what personal data is stored about the Data Subject. Furthermore, the Controller shall correct or delete personal data at the request or indication of the Data Subject, provided that this does not conflict with any statutory retention obligations. The entire staff of the Controller shall be available to the Data Subject as contact persons in this context.

Possibility of contacting us via the website by means of a contact form
The daitastack Website contains, on the basis of statutory provisions, data that enables a quick electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a Data Subject contacts the Controller by e-mail or by using a contact form, the personal data transmitted by the Data Subject will be stored automatically. Such personal data transmitted on a voluntary basis by a Data Subject to the Controller will be stored for the purpose of processing or contacting the Data Subject.

Registration to download information material
The Data Subject has the possibility to download information material on The daitastack Website by providing personal data on specific topics, after registration. Which personal data are transmitted to the Controller and its Processor in the process results from the respective input mask used for the registration. The personal data entered by the Data Subject is collected and stored exclusively for internal use by the Controller for its own purposes. The Controller may arrange for the data to be transferred to one or more Processors, for example a parcel service provider, who will also use the personal data exclusively for an internal use attributable to the Controller.

By registering on The daitastack Website, the IP address assigned by the Internet service provider (ISP) of the Data Subject, the date and the time of registration are also stored. The storage of this data takes place against the background that only in this way can the misuse of our services be prevented and, if necessary, this data makes it possible to clarify committed crimes. In this respect, the storage of this data is necessary for the protection of the data Controller. As a matter of principle, this data is not passed on to third parties unless there is a legal obligation to pass it on or the passing on serves the purpose of criminal prosecution.

The registration of the Data Subject by voluntarily providing personal data serves the purpose of the Controller to offer the Data Subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to modify the personal data provided during registration at any time or to have it completely deleted from the data stock of the Controller.

The Controller shall provide any Data Subject at any time, upon request, with information about what personal data is stored about the Data Subject. Furthermore, the Controller shall correct or delete personal data at the request or indication of the Data Subject, provided that this does not conflict with any statutory retention obligations. The entire staff of the Controller shall be available to the Data Subject as contact persons in this context.

Subscription to our newsletter

Data Subjects are given the opportunity to subscribe to newsletters on The daitastack Website. The personal data transmitted to the Controller and to the order Processor when the newsletter is ordered is specified in the input mask used for this purpose.

daitastack informs its customers and business partners at regular intervals by means of a newsletter about offers of the company. In principle, the newsletter of our company can only be received by the Data Subject if (1) the Data Subject has a valid e-mail address and (2) the Data Subject accepts the storage of the data through the registration process.

For legal reasons, a confirmation e-mail will be sent to the e-mail address provided by a Data Subject for the first time for newsletter dispatch using the confirmed opt-in procedure. This confirmation e-mail serves to verify whether the owner of the e-mail address as the Data Subject has authorized the receipt of the newsletter.

When registering for the newsletter, we also store the IP address of the computer system used by the Data Subject at the time of registration, as assigned by the Internet service provider (ISP), as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a Data Subject at a later point in time and therefore serves the legal safeguarding of the Controller.

Legal or contractual requirements to provide personal data

We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a Data Subject to provide us with personal data that must subsequently be processed by us. For example, the Data Subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide the personal data would mean that the contract with the Data Subject could not be concluded. Before providing personal data by the Data Subject, the Data Subject may contact legalcontact@daitastack.com.

Data Subject rights

Every Data Subject has the right to information pursuant to Art. 15 of the GDPR, the right to rectification pursuant to Art. 16 of the GDPR, the right to erasure pursuant to Art. 17 of the GDPR, the right to restriction of processing pursuant to Art. 18 of the GDPR, the right to data portability pursuant to Art. 20 of the GDPR, the right to object pursuant to Art. 21 of the GDPR, and the right to withdraw consent at any time without stating reasons. In addition, the restrictions of the respective national data protection laws apply to the Data Subject rights. The rights can be asserted via legalcontact@daitastack.com.

In addition, there is a right of appeal to a data protection supervisory authority (Art. 77 GDPR).