Please note that this content has been automatically translated. The original German version can be found here.
1. Basics to protect your data at EARSandEYES
We adhere strictly to the legal requirements for the protection of personal data and commit ourselves as a market research institute to the quality standards of the professional associations (BVM, ADM, ESOMAR).
We use the latest technical and organizational security measures to protect your privacy.
Type and scope of data processing
In principle, we process personal data of our users only insofar as this is necessary to provide a functioning website as well as our content and services. Personal data is all data that personally identifies you.
Other information is collected as you voluntarily share it with us. Some functions on this website, such as contact forms and newsletter subscription require the submission of certain personal data in order to provide you with the respective function.
All data collection will be explained separately in detail below.
We will never knowingly collect personal information from anyone under the age of 16 without the consent of the legal guardian. We ask persons under the age of 16 not to provide us with any personal information without the consent of their legal guardians.
Use and disclosure of data
Personal data will be stored and processed solely for the specified purposes and will not be passed on to third parties without your express consent, unless we are required to do so by law or by court order.
We reserve the right to transfer your personal data to authorized sources without your consent, if necessary, in order to defend ourselves against attacks which constitute criminal offenses or which are likely to impair or cancel the functionality of our website.
Deletion of data
We only store your personal data for as long as necessary. We will delete the personal data relating to you or restrict its processing if the purpose for storage no longer applies, or at your request.
If deletion conflicts with statutory retention periods (such as commercial or tax obligations), the data will be kept locked as required and will not be processed for other purposes. After expiration of the deadline, the data will be deleted, unless there is a need for further storage of the data for a contract or fulfillment of the contract.
Note on data transfer to the USA
Among other things, our website includes tools from companies based in the USA. If these tools are active, your personal data may be transferred to the US servers of these companies. We would like to point out that the USA is not a safe third country in terms of EU data protection law. US companies are obliged to release personal data to security authorities without you as the person concerned being able to take legal action against this. Therefore, it cannot be excluded that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities. For specific information on the tools used, please refer to 7. “Cookies and third-party functions used”.
2. Persons responsible and Data Protection Officer
For questions we are happy to help.
The responsible body for the collection and processing of your personal data on this website is EARSandEYES GmbH, represented by Susanne Maisch and Frank Lüttschwager, Oberstraße 14 B, 20144 Hamburg, phone: +49 40/822 240-0, e-mail: firstname.lastname@example.org.
Responsible body is the natural or legal person who, alone or in concert with others, decides on the purposes and means of processing personal data.
External Data Protection Officer
We have appointed a legally required data protection officer for our company:
Shared IT Professional
3. Your rights
Your rights as a user
If personal data is processed by you, you are the person concerned within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the person responsible.
To exercise your rights or if you have any questions, you can contact the responsible person at any time. Simply send an e-mail to email@example.com . Or use our other contact channels; you can find them directly here above under 2. and in the imprint.
Right to information (Art. 15 GDPR):
You have the right to free information about your stored personal data, their origin and recipient and the purpose of the data processing at any time within the scope of the valid legal regulations.
Right to rectification (Art. 16 GDPR):
You have the right to have incorrect personal data corrected.
Right to deletion (Art. 17 GDPR):
You have the right to delete your data in particular after expiry of the legally prescribed retention periods.
Right to limitation of processing (Art. 18 GDPR):
You have the right to request the restriction of the processing of your personal data if the data processing is unlawful, if you dispute the accuracy of the data collected or if you have lodged an objection to the processing. You may also request a limitation of the processing if the data are subject to a deletion obligation due to the purpose for which they were collected, but you need them to assert legal claims.
Right of revocation (Art. 7 GDPR):
If you give us your consent, you can revoke it at any time. For this purpose, an informal e-mail notification to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right of objection (Art. 21 GDPR):
You have the right to object to the future processing of your personal data if such processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR. If you file an objection, we will no longer process your affected personal data unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal claims.
Right to data transferability (Art. 20 GDPR):
You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible.
Right of appeal (Art. 77 GDPR):
In the event of infringements of data protection law, the data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, workplace or the place where the alleged infringement is suspected.
4. Collection and use of data
Automatic data collection in server log files
When visiting this website, the provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits. These are:
- Browser type and browser version
- Operating system used
- Used terminal
- Visited pages and content
- Transferred datasets
- Referring page (Referrer URL)
- Date and time of your access
- Host name of the accessing computer (IP address)
Storage in log files is done to ensure the functionality of the website. In addition, we use this data in aggregated form for general statistical analysis and optimization of our website. The data is not linked to other data sources and can not be assigned to specific persons.
The basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the technically error-free presentation and optimisation of our website – for this purpose, the server log files must be recorded.
Contact via e-mail, telephone, mail
You have the possibility to contact us via our contact data, e.g. by e-mail or telephone. Unless otherwise agreed, we store and use the data transmitted by you in these ways (e.g. name, e-mail address) exclusively for processing your enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The data remains with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory legal provisions – in particular retention periods – remain unaffected. Also contractual obligations remain unaffected if the data are necessary for the fulfilment of a contract or for the implementation of pre-contractual measures.
The processing of the data transmitted when you contact us is based on Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR). Your consent may be revoked at any time.
If you send us an application, we process your associated personal data (e.g. contact data, application documents, notes taken during job interviews, etc.) insofar as this is necessary for a decision on the establishment of an employment relationship.
The legal basis for this is § 26 BDSG-neu according to German law (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. Consent may be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in the processing of your application.
If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG-neu and Art. 6 Para. 1 lit. b GDPR for the purpose of carrying out the employment relationship.
If we are unable to offer you a job, if you reject a job offer or if we withdraw your application, we reserve the right to keep the data you have submitted with us for up to 6 months from the end of the application procedure (rejection or withdrawal of the application) on the basis of our legitimate interests (Art. 6 para. 1 letter f DSGVO). Afterwards, the data will be deleted and the physical application documents destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an imminent or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies.
A longer storage period can also take place if you have given your consent (Art. 6 para. 1 lit. a DSGVO) or if legal storage obligations prevent deletion.
Marketing / Newsletter data
On our website you have the possibility to request documents (e.g. study results, whitepapers or guides) as downloads. The prerequisite for obtaining these materials is usually the subscription to our e-mail newsletter. Our free newsletter informs you at least once a month about our activities, current studies and other topics related to market research. You also have the option of registering for the newsletter using the appropriate forms without downloading.
To sign up for the newsletter, we need a valid e-mail address from you, as well as information that allows us to verify that you are the owner of the e-mail address provided and agree to receive our e-mails (“Double opt-in method”). At the same time, we store your current IP address as well as the date and time of registration in case of misuse. Further data are not collected or only on a voluntary basis. We use this data solely for the stated purpose, namely the sending of the newsletter and, if necessary, the requested download document, and do not pass it on to third parties without your consent.
Use of the newsletter service provider CleverReach
For subscribing to and sending newsletters and download offers, we use CleverReach, a service with which newsletter delivery can be organized and analyzed. Provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede.
The data transmitted by you for the purpose of download request and newsletter subscription (e.g. e-mail address) will be stored on CleverReach’s servers in Germany or Ireland.
Note: There are cases where we forward the newsletter recipients to pages on the CleverReach website, such as when opening the newsletter in the web browser. In this context, we point out that CleverReach websites may use web analytics tools that we have no control over.
Reception of personalized content
When subscribing to the newsletter, you have the additional opportunity to give us consent to receive personalized content. In the event of your consent, you allow us to collect and analyze certain data relating to your use of our newsletter offer. These are:
- e-mails opened by you
- Time of opening
- used e-mail client
- Links clicked in newsletter emails
- if applicable, actions taken after the click on our website (e.g. downloads)
The collected data serve us to tailor newsletter content to your individual interests. The processing of this information is largely automated; a disclosure to third parties does not occur.
Note: Even without your consent to receiving personalized content, CleverReach may, for technical reasons, be able to identify certain characteristics of your newsletter usage behavior. We have no influence on this.
For more information on how CleverReach analyzes newsletter data, visit https://www.cleverreach.com/en/features/reporting-tracking/.
Unsubscribe newsletter (revocation of consent)
If you want to completely prevent a data analysis by CleverReach, you must unsubscribe from the e-mail newsletter. For this we provide in each newsletter message a corresponding link. Alternatively, you may revoke your consent to the reception of the newsletter or the collection of data for sending personalized content at any time for the future by sending an informal e-mail to us or by posting a message through our contact form free of charge. In this way, you can also exercise your right of opposition if the processing takes place on the basis of our legitimate interests.
The data entered in the newsletter registration form will be processed on the basis of your consent (Art. 6 para. 1 lit. a GDPR). The processing of your data for sending personalised content is based on your additional consent (Art. 6 para. 1 lit. a GDPR). The use of the newsletter service provider CleverReach, the performance of statistical surveys and analyses as well as the logging of the registration procedure are based on Art. 6 para. 1 lit. f GDPR. Our legitimate interests are to use a user-friendly and secure newsletter and e-mail system that serves our business interests as well as the users’ expectations.
If you purchase services on our website, your e-mail address may be used by us to send a newsletter. In such a case, the newsletter will only consist of direct advertisement for our own similar services. The legal basis for sending the newsletter as a result of the sale of goods or services is para. 7 lit. 3 UWG. You can object to receiving direct mail at any time by sending us an informal e-mail.
Data Processing: We have entered into an agreement with CleverReach for the processing of personal data and fully implement the strict requirements of the German data protection authorities when using CleverReach.
When using this website, so-called “cookies” are set. Cookies are small text files that are stored on your computer by your browser. Cookies do not harm your computer and do not contain viruses. Cookies are designed to allow the visitor a more personalized presentation of the site, to make our offer more user-friendly, effective and secure.
Most of the cookies we use are so-called “session cookies”. After leaving the page and closing your browser, these cookies are usually automatically deleted. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies and enable the automatic deletion of cookies when closing the browser. However, you may not be able to access the full functionality of our website. For information on the cookie settings of your browser, please refer to the corresponding help / info pages of your browser.
Cookies that are required to carry out the electronic communication process or to provide certain functions that you wish to use are based on Art. 6 para. 1 lit. f GDPR saved. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
You can customize the selection of cookies you accept using the following link: Change Cookie Preferences
5. Organizational and technical safety precautions
Our safety precautions are state-of-the-art and comply with high, recognized industry standards. Our servers are located in Germany and are subject to the strict German standards for data protection and security.
To ensure that the data that you wish to transmit to us (e.g. via the contact form) is not read by third parties, we have activated TLS encryption on our site. An encrypted connection can be recognized by the “https://” and the lock symbol in your browser bar. We point out, however, that complete protection against access by third parties in internet-based data transmission is not possible.
This website is hosted by an external service provider (hoster). Personal data collected on this website is stored on the host’s servers. This may include IP addresses, contact requests, meta and communication information, contract information, contact information, names, web page views, and other information generated by a website.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent that this is necessary to fulfil its performance obligations and to follow our instructions with regard to this data.
In order to guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our hoster.
6. Links to other websites
Our website contains links to other websites to which this privacy statement does not extend. The linked external sites each have their own privacy policies and procedures that we have no control over.
Our website links to social networking services such as LinkedIn, Twitter, and XING. We have not integrated any social plugins of the service providers, therefore no data is transmitted to the social media providers when visiting our website. Only when you click on one of the links or linked graphics, data is transmitted to the respective service provider and stored by them. If you do not want social media providers to collect data about and associate them with your membership data, please log out of your social media account before clicking social media links. For further information on the collection, processing, use as well as your rights and protection options, please refer to the privacy statements of the individual social media providers under 9. “Online Presence in Social Media”.
7. Used cookies and third-party features
Web analytics by Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page impressions, length of stay, operating systems used and the origin of the user. This data may be summarized by Google in a profile which is assigned to the respective user or his terminal device.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google on the use of this website is usually transferred to a Google server in the USA and stored there.
For the purpose of providing these functions, Google Analytics stores three cookies on the user’s device:
- _ga (lifetime: 2 years): This cookie is used to distinguish individual website users.
- _gid (lifetime: 24 hours): This cookie is also used to distinguish individual website users.
- _gat (lifetime: 1 minute): This cookie is used to throttle the request rate.
We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the Internet. According to Google, the IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google.
Disable/object to data collection by Google Analytics
You can generally prevent the storage of cookies by adjusting your browser software accordingly.
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link:
You can find more information about how Google Analytics uses user data at https://support.google.com/analytics/answer/6004245?hl=de and https://policies.google.com/privacy?hl=de.
Data stored by Google at the user and event level that is linked to cookies, user IDs (e.g. UserID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymised or deleted after 14 months. Details can be found under the following link: https://support.google.com/analytics/answer/7667196?hl=d
The storage of Google Analytics cookies is based on your consent in the sense of Art. 6 para. 1 lit. a DSGVO. You can revoke your consent for the future at any time. Here under “Stop web analysis by Google Analytics” you can make appropriate settings, i.e. deactivate tracking cookies.
We’ve signed a data processing agreement with Google and are fully implementing the strict requirements of German data protection authorities when using Google Analytics.
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms in Google (keyword targeting). Furthermore, targeted advertisements can be played out on the basis of the user data available at Google (e.g. location data and interests) (target group targeting). We as website operators can evaluate this data quantitatively, for example by analyzing which search terms led to the display of our ads and how many ads led to corresponding clicks.
The use of Google Ads is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in marketing his service products as effectively as possible.
We use “Google reCAPTCHA” (hereafter “reCAPTCHA”) on our websites. Provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Irland.
With reCAPTCHA we want to check whether the data entry is done in a contact form on our website by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor according to various characteristics as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (for example, the IP address, the website visitor’s visit time on the website, or user mouse movements). The data collected during the analysis will be forwarded to Google.
Data processing is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting his web offers from abusive automated spying and from SPAM.
Video offers from YouTube
Our website uses plugins from YouTube. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
EARSandEYES uses the “extended privacy mode” when integrating the videos. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they view the video. However, YouTube’s advanced privacy mode does not necessarily preclude the sharing of information with YouTube partners. YouTube connects to the Google DoubleClick network whether or not you’re watching a video.
When you start a YouTube video on our site, it connects to YouTube’s servers. This will tell the YouTube server which of our pages you’ve visited. If you are logged in to your YouTube account, you can allow YouTube to associate your surfing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube can also store various cookies on your device after you start a video. YouTube can use these cookies to obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve usability and prevent fraud. The cookies remain on your device until you delete them.
The use of YouTube is based on your consent (Art. 6 para. 1 lit. a GDPR) to store cookies. The consent can be revoked at any time for the future.
9. Online presence in Social Media
We maintain publicly accessible profiles on social networks. The social networks we use in detail can be found below.
Social networks such as Facebook, Google+ etc. can usually analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). When you visit our social media sites, numerous data protection-relevant processing processes are triggered. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-related advertising can be displayed inside and outside the respective social media presence. If you have an account with the respective social network, interest-related advertising can be displayed on all devices on which you are logged in or were logged in.
Our social media appearances are intended to guarantee the most comprehensive possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).
Person responsible and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing processes triggered during this visit. You can assert your rights (information, correction, deletion, restriction of processing, data transferability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that despite our joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely based on the corporate policy of the respective provider.
The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete, your consent to storage revoke or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
Social networks in detail
We use the short message service Twitter. The provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
You can customize your Twitter privacy settings in your user account. Click on the following link and log in:
We have a profile at LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
LinkedIn uses advertising cookies. If you would like to disable LinkedIn advertising cookies, please use the following link:
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.