Please note that this content has been automatically translated. The original German version can be found here.
1. Basics to protect your data at EARSandEYES
We adhere strictly to the legal requirements for the protection of personal data and commit ourselves as a market research institute to the quality standards of the professional associations (BVM, ADM, ESOMAR).
We use the latest technical and organizational security measures to protect your privacy.
Type and scope of data processing
In principle, we process personal data of our users only insofar as this is necessary to provide a functioning website as well as our content and services. Personal data is all data that personally identifies you.
Other information is collected as you voluntarily share it with us. Some functions on this website, such as contact forms and newsletter subscription require the submission of certain personal data in order to provide you with the respective function.
All data collection will be explained separately in detail below.
We will never knowingly collect personal information from anyone under the age of 16 without the consent of the legal guardian. We ask persons under the age of 16 not to provide us with any personal information without the consent of their legal guardians.
Use and disclosure of data
Personal data will be stored and processed solely for the specified purposes and will not be passed on to third parties without your express consent, unless we are required to do so by law or by court order.
We reserve the right to transfer your personal data to authorized sources without your consent, if necessary, in order to defend ourselves against attacks which constitute criminal offenses or which are likely to impair or cancel the functionality of our website.
Deletion of data
We only store your personal data for as long as necessary. We will delete the personal data relating to you or restrict its processing if the purpose for storage no longer applies, or at your request.
If deletion conflicts with statutory retention periods (such as commercial or tax obligations), the data will be kept locked as required and will not be processed for other purposes. After expiration of the deadline, the data will be deleted, unless there is a need for further storage of the data for a contract or fulfillment of the contract.
2. Persons responsible and Data Protection Officer
For questions we are happy to help.
The responsible body for the collection and processing of your personal data on this website is EARSandEYES GmbH, represented by Susanne Maisch and Frank Lüttschwager, Oberstraße 14 B, 20144 Hamburg, phone: +49 40/822 240-0, e-mail: email@example.com.
Responsible body is the natural or legal person who, alone or in concert with others, decides on the purposes and means of processing personal data.
Data Protection Commissioner
We have appointed a legally required data protection officer for our company:
Oberstraße 14 B
Phone: +49 40/822 240 – 0
3. Your rights
Your rights as a user
If personal data is processed by you, you are the person concerned within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the person responsible.
To exercise your rights or if you have any questions, you can contact the responsible person at any time. Simply send an e-mail to firstname.lastname@example.org . Or use our other contact channels; you can find them directly here above under 2. and in the imprint.
Right to information (Art. 15 GDPR):
You have the right to free information about your stored personal data, their origin and recipient and the purpose of the data processing at any time within the scope of the valid legal regulations.
Right to rectification (Art. 16 GDPR):
You have the right to have incorrect personal data corrected.
Right to deletion (Art. 17 GDPR):
You have the right to delete your data in particular after expiry of the legally prescribed retention periods.
Right to limitation of processing (Art. 18 GDPR):
You have the right to request the restriction of the processing of your personal data if the data processing is unlawful, if you dispute the accuracy of the data collected or if you have lodged an objection to the processing. You may also request a limitation of the processing if the data are subject to a deletion obligation due to the purpose for which they were collected, but you need them to assert legal claims.
Right of revocation (Art. 7 GDPR):
If you give us your consent, you can revoke it at any time. For this purpose, an informal e-mail notification to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right of objection (Art. 21 GDPR):
You have the right to object to the future processing of your personal data if such processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR. If you file an objection, we will no longer process your affected personal data unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal claims.
Right to data transferability (Art. 20 GDPR):
You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible.
Right of appeal (Art. 77 GDPR):
In the event of infringements of data protection law, the data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, workplace or the place where the alleged infringement is suspected.
4. Collection and use of data
Automatic data collection in server log files
When visiting this website, the provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits. These are:
- Browser type and browser version
- Operating system used
- Used terminal
- Visited pages and content
- Transferred datasets
- Referring page (Referrer URL)
- Date and time of your access
- Host name of the accessing computer (IP address)
Storage in log files is done to ensure the functionality of the website. In addition, we use this data in aggregated form for general statistical analysis and optimization of our website. The data is not linked to other data sources and can not be assigned to specific persons.
The basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the technically error-free presentation and optimisation of our website – for this purpose, the server log files must be recorded.
Contact via e-mail, telephone, mail
You have the possibility to contact us via our contact data, e.g. by e-mail or telephone. Unless otherwise agreed, we store and use the data transmitted by you in these ways (e.g. name, e-mail address) exclusively for processing your enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The data remains with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory legal provisions – in particular retention periods – remain unaffected. Also contractual obligations remain unaffected if the data are necessary for the fulfilment of a contract or for the implementation of pre-contractual measures.
The processing of the data transmitted when you contact us is based on Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR). Your consent may be revoked at any time.
If you send us an application, we process your associated personal data (e.g. contact data, application documents, notes taken during job interviews, etc.) insofar as this is necessary for a decision on the establishment of an employment relationship.
The legal basis for this is § 26 BDSG-neu according to German law (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. Consent may be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in the processing of your application.
If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG-neu and Art. 6 Para. 1 lit. b GDPR for the purpose of carrying out the employment relationship.
If we are unable to make you a job offer, you reject a job offer, withdraw your application, revoke your consent to data processing or request us to delete the data, the data transmitted by you, including any remaining physical application documents, will be stored for a maximum of 6 months after completion of the application process (retention period) in order to be able to trace the details of the application process in the event of discrepancies (Art. 6 Para. 1 lit. f GDPR). You may object to this storage if you have legitimate interests that outweigh our interests.
After expiry of the retention period, the data will be deleted unless there is a legal obligation to retain or any other legal reason for further storage. If it is evident that the retention of your data will be necessary after the expiry of the retention period (e.g. due to an impending or pending legal dispute), deletion will only take place when the data has become irrelevant. Other legal storage obligations remain unaffected.
Marketing / Newsletter data
On our website you have the possibility to request documents (e.g. study results, whitepapers or guides) as downloads. The prerequisite for obtaining these materials is usually the subscription to our e-mail newsletter. Our free newsletter informs you at least once a month about our activities, current studies and other topics related to market research. You also have the option of registering for the newsletter using the appropriate forms without downloading.
To sign up for the newsletter, we need a valid e-mail address from you, as well as information that allows us to verify that you are the owner of the e-mail address provided and agree to receive our e-mails (“Double opt-in method”). At the same time, we store your current IP address as well as the date and time of registration in case of misuse. Further data are not collected or only on a voluntary basis. We use this data solely for the stated purpose, namely the sending of the newsletter and, if necessary, the requested download document, and do not pass it on to third parties without your consent.
Use of the newsletter service provider CleverReach
For subscribing to and sending newsletters and download offers, we use CleverReach, a service with which newsletter delivery can be organized and analyzed. Provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede.
The data transmitted by you for the purpose of download request and newsletter subscription (e.g. e-mail address) will be stored on CleverReach’s servers in Germany or Ireland.
Note: There are cases where we forward the newsletter recipients to pages on the CleverReach website, such as when opening the newsletter in the web browser. In this context, we point out that CleverReach websites may use web analytics tools that we have no control over.
Reception of personalized content
When subscribing to the newsletter, you have the additional opportunity to give us consent to receive personalized content. In the event of your consent, you allow us to collect and analyze certain data relating to your use of our newsletter offer. These are:
- e-mails opened by you
- Time of opening
- used e-mail client
- Links clicked in newsletter emails
- if applicable, actions taken after the click on our website (e.g. downloads)
The collected data serve us to tailor newsletter content to your individual interests. The processing of this information is largely automated; a disclosure to third parties does not occur.
Note: Even without your consent to receiving personalized content, CleverReach may, for technical reasons, be able to identify certain characteristics of your newsletter usage behavior. We have no influence on this.
For more information on how CleverReach analyzes newsletter data, visit https://www.cleverreach.com/en/features/reporting-tracking/.
Unsubscribe newsletter (revocation of consent)
If you want to completely prevent a data analysis by CleverReach, you must unsubscribe from the e-mail newsletter. For this we provide in each newsletter message a corresponding link. Alternatively, you may revoke your consent to the reception of the newsletter or the collection of data for sending personalized content at any time for the future by sending an informal e-mail to us or by posting a message through our contact form free of charge. In this way, you can also exercise your right of opposition if the processing takes place on the basis of our legitimate interests.
The data entered in the newsletter registration form will be processed on the basis of your consent (Art. 6 para. 1 lit. a GDPR). The processing of your data for sending personalised content is based on your additional consent (Art. 6 para. 1 lit. a GDPR). The use of the newsletter service provider CleverReach, the performance of statistical surveys and analyses as well as the logging of the registration procedure are based on Art. 6 para. 1 lit. f GDPR. Our legitimate interests are to use a user-friendly and secure newsletter and e-mail system that serves our business interests as well as the users’ expectations.
If you purchase services on our website, your e-mail address may be used by us to send a newsletter. In such a case, the newsletter will only consist of direct advertisement for our own similar services. The legal basis for sending the newsletter as a result of the sale of goods or services is para. 7 lit. 3 UWG. You can object to receiving direct mail at any time by sending us an informal e-mail.
Data Processing: We have entered into an agreement with CleverReach for the processing of personal data and fully implement the strict requirements of the German data protection authorities when using CleverReach.
When using this website, so-called “cookies” are set. Cookies are small text files that are stored on your computer by your browser. Cookies do not harm your computer and do not contain viruses. Cookies are designed to allow the visitor a more personalized presentation of the site, to make our offer more user-friendly, effective and secure.
Most of the cookies we use are so-called “session cookies”. After leaving the page and closing your browser, these cookies are usually automatically deleted. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies and enable the automatic deletion of cookies when closing the browser. However, you may not be able to access the full functionality of our website. For information on the cookie settings of your browser, please refer to the corresponding help / info pages of your browser.
Cookies that are required to carry out the electronic communication process or to provide certain functions that you wish to use are based on Art. 6 para. 1 lit. f GDPR saved. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
5. Organizational and technical safety precautions
Our safety precautions are state-of-the-art and comply with high, recognized industry standards. Our servers are located in Germany and are subject to the strict German standards for data protection and security.
To ensure that the data that you wish to transmit to us (e.g. via the contact form) is not read by third parties, we have activated TLS encryption on our site. An encrypted connection can be recognized by the “https://” and the lock symbol in your browser bar. We point out, however, that complete protection against access by third parties in internet-based data transmission is not possible.
This website is hosted by an external service provider (hoster). Personal data collected on this website is stored on the host’s servers. This may include IP addresses, contact requests, meta and communication information, contract information, contact information, names, web page views, and other information generated by a website.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent that this is necessary to fulfil its performance obligations and to follow our instructions with regard to this data.
In order to guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our hoster.
6. Links to other websites
Our website contains links to other websites to which this privacy statement does not extend. The linked external sites each have their own privacy policies and procedures that we have no control over.
Our website links to social networking services such as LinkedIn, Twitter, and XING. We have not integrated any social plugins of the service providers, therefore no data is transmitted to the social media providers when visiting our website. Only when you click on one of the links or linked graphics, data is transmitted to the respective service provider and stored by them. If you do not want social media providers to collect data about and associate them with your membership data, please log out of your social media account before clicking social media links. For more information on collection, processing, use and your rights and protections, please refer to the privacy statements of each social media service provider.
7. Used cookies and third-party features
Web analytics by Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We have activated the function IP anonymization on this website. As a result, your IP address will be truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. According to Google, the IP address provided by Google Analytics within the scope of Google Analytics will not be merged with other data provided by Google.
Prevention of data collection by Google Analytics
In principle, you can prevent the storage of cookies by setting your browser software accordingly; however, we point out that in this case you may not be able to fully use all features of this website. You may also prevent the transmission to Google of the data generated by Google Analytics cookies and related to your use of the Website (including your IP address) as well as the processing of such data by Google by using the browser add-on available at the following link. Download and install plugin: http://tools.google.com/dlpage/gaoptout?hl=en
Objection to data collection
You can prevent Google Analytics from collecting data by clicking on the following link. An opt-out cookie is set to prevent your information from being collected on future visits to this website: Disable Google Analytics. This is the recommended course of action for visits to mobile devices. Please note that if you remove cookies from your browser, you will need to opt out of the collection process again.
You can find more information about how Google Analytics uses user data at https://support.google.com/analytics/answer/6004245?hl=de and https://policies.google.com/privacy?hl=de.
Data stored by Google at the user and event level that is linked to cookies, user IDs (e.g. UserID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymised or deleted after 14 months. Details can be found under the following link: https://support.google.com/analytics/answer/7667196?hl=d
Google is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European data protection law: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google Analytics cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a justified interest in analysing user behaviour in order to optimise both his website and his advertising.
We’ve signed a data processing agreement with Google and are fully implementing the strict requirements of German data protection authorities when using Google Analytics.
We use “Google reCAPTCHA” (hereafter “reCAPTCHA”) on our websites. Provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Irland.
With reCAPTCHA we want to check whether the data entry is done in a contact form on our website by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor according to various characteristics as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (for example, the IP address, the website visitor’s visit time on the website, or user mouse movements). The data collected during the analysis will be forwarded to Google.
Data processing is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting his web offers from abusive automated spying and from SPAM.
Video offers from YouTube
Our website uses plugins from YouTube. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
EARSandEYES uses the “extended privacy mode” when integrating the videos. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they view the video. However, YouTube’s advanced privacy mode does not necessarily preclude the sharing of information with YouTube partners. YouTube connects to the Google DoubleClick network whether or not you’re watching a video.
When you start a YouTube video on our site, it connects to YouTube’s servers. This will tell the YouTube server which of our pages you’ve visited. If you are logged in to your YouTube account, you can allow YouTube to associate your surfing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube can also store various cookies on your device after you start a video. YouTube can use these cookies to obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve usability and prevent fraud. The cookies remain on your device until you delete them.
YouTube is used in the interest of an appealing presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If a corresponding consent has been requested (e.g. a consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Google Web Fonts
This site uses so-called web fonts provided by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland) for consistent font representation. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. To do this, the browser you use must connect to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. If your browser does not support web fonts, a default font will be used by your computer.
The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
9. Online presence in Social Media
We maintain publicly accessible profiles on social networks. The social networks we use in detail can be found below.
Social networks such as Facebook, Google+ etc. can usually analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). When you visit our social media sites, numerous data protection-relevant processing processes are triggered. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-related advertising can be displayed inside and outside the respective social media presence. If you have an account with the respective social network, interest-related advertising can be displayed on all devices on which you are logged in or were logged in.
Our social media appearances are intended to guarantee the most comprehensive possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).
Person responsible and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing processes triggered during this visit. You can assert your rights (information, correction, deletion, restriction of processing, data transferability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that despite our joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely based on the corporate policy of the respective provider.
The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete, your consent to storage revoke or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
Social networks in detail
We use the Twitter text messaging service. The provider is Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Twitter is certified according to the EU-US Privacy Shield.
You can customize your Twitter privacy settings in your user account. Click on the following link and log in:
We have a profile at LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies.
If you would like to disable LinkedIn advertising cookies, please use the following link: