(1) We inform you hereunder about the personal data collected when you use our website. Personal data are all data referring to you, e.g. name, address, email address(es), user behavior.
(2) Pursuant to article 4 section 7 of the EU General Data Protection Regulation (GDPR), kreuzwerker GmbH, Ritterstr. 12-14, 10969 Berlin, Germany, firstname.lastname@example.org is responsible for the collection of said data (see legal notice). You can contact our data protection officer at email@example.com or by post postal address for the attention of the “data protection officer”.
(3) When you contact us by email, we will store the data provided (your email address, your name and your telephone number, if applicable) in order to answer your questions. We delete the data collected once such data does not need to be stored anymore, or we limit the processing thereof in the event of statutory storage obligations.
(4) If we use contracted service providers for individual features of our offers, or if we wish to use your data for advertising purposes, we will inform you in detail about the respective processes involved as laid down below. We will also specify the criteria applicable to the period of storage.
(1) With regard to your personal data, you have the following rights vis-à-vis us:
(2) Furthermore, you have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data.
(1) When using our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data, and/or person-related data that your browser transmits to our server. If you wish to view our website, we will collect the following data, which are required for technical reasons, so we may present our website to you and optimize our offer, and can also ensure stability and security (the legal basis is article 6 section 1 S. 1 lit. b and lit. f DS-GVO):
(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on the hard disk of your device by your browser and allow for storage, retrieval and transmission of information to the system (and in extension the organization) responsible for originally setting the cookie (i.e. us, when using our website). Cookies cannot run programs on or transmit viruses to your computer. They serve to make our website as a whole more user-friendly and effective.
a) The following types of cookies are used on our website, the scope and function of which are explained below:
b) Transient cookies are automatically deleted when you close your browser; this applies in particular to session cookies. Such cookies store a so-called session ID, which assigns different requests generated by your browser to a common session. This helps recognize your computer when you return to our website. Session cookies are deleted when you log out or close your browser.
c) Persistent cookies are automatically deleted after a specified period that may vary depending on the cookie concerned. You can delete cookies at any time by referring to the security settings of your browser.
d) You can configure your browser settings as desired and can, for example, refuse that third-party cookies or any cookies are set. We would like to point out that you may not be able to use all features of our website in this case.
(4) The connection is encrypted by TLS technology to prevent the unauthorized access to your personal data by third parties during transmission.
(1) If you are interested, you can avail yourself of the various services we offer in addition to your using our website for purely informational reasons only. To do so, you generally have to provide further personal data, so we may provide the respective service; such data are subject to the aforementioned data processing principles.
(2) We sometimes use external service providers to process your data. They have been carefully chosen and commissioned by us, they must follow our instructions and are regularly checked.
(3) Furthermore, we may pass your personal data on to third parties if, for example, campaigns, sweepstakes, the conclusion of contracts, or similar services are jointly offered by us and our partners. For further information, please provide your personal data, or refer to the information pertaining to such offers below.
(4) In the event that our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the respective ramifications in the offer concerned.
(1) If you wish to use our customer service portal (‘Service Desk’ at https://support.kreuzwerker.de/), you have to register by entering your email address, a password of your choice and your name. There is no obligation to provide your real name, as you may use our service under a pseudonym. It is, however, mandatory to provide the above-mentioned data, and you may voluntarily provide further information when using our customer service portal.
(2) When you use our customer service portal, we store all the data required for fulfilling your request or contract until such time that you delete your account at our customer service portal for good, unless statutory retention periods apply. Furthermore, we store the data voluntarily provided by you for the duration of the existence of your account at customer service portal. You can manage and change any personal user account data (your ‘Profile’) provided in the protected customer area. The legal basis for the above is article 6 section 1 sentence 1 lit. b, and/or lit. f DS-GVO.
(3) When you use our customer service portal, your information may be shared with others consulting our customer service portal, who are associated with, and/or belong to the same organizations, as well as with our customer service personnel, depending on the contractual service to be provided, and/or requested. Neither unregistered members nor those of other organizations will obtain any information about you. If your account is not assigned to any organization, access to your data is restricted to our customer service personnel. All registered members having access to your data can see your name and avatar in the context of your request.
(4) To prevent unauthorized access to your personal data by third parties, the connection is encrypted by TLS technology.
(1) If you have given your consent to the processing of your data, you may revoke your consent at any time. Once you revoke your consent, such revocation has an impact on the permissibility of processing your personal data.
(2) If we base the processing of your personal data on a balance of interests, you may object to the processing of your data. This is the case if such processing is not specifically necessary for fulfilling a contract that we may have with you, as explained in the description of features hereunder. When objecting to the processing of your data, we would ask you to state the reasons as to why we should no longer process your personal data as before. If your objection is justified, we will examine the facts and will either stop, and/or adjust the processing of your data accordingly, or we will point out to you any compelling legitimate reasons for us to continue processing your data.
(3) You may, of course, object to the processing of your personal data for advertising, and/or data analysis purposes at any time. You can inform us about your objection to advertisements at the address mentioned in § 1 section 2.
(1) Amazon Webservices, Inc. (“AWS”) is an external service provider (contract processor in accordance with Art. 28 GDPR), as referred to in § 4 section 2, to operate our website and to ensure that the web content presented to you is of optimal quality. In doing so, the data specified in § 3 section 1 are disclosed to AWS. Depending on the place from where you access our website, such data may also be transferred to an AWS data center in a third country, which is geographically closest to you. However, your data are not permanently recorded or stored, neither by AWS nor by us.
(2) Mapbox, Inc. (“Mapbox”) is an external service provider (contract processor in accordance with Art. 28 GDPR), as referred to in § 4 section 2. Details about Mapbox provided services used in the context of our website are laid out in §10 below.
(3) Intercom, Inc. (“Intercom”) is an external service provider (contract processor in accordance with Art. 28 GDPR), as referred to in § 4 section 2. Details about Intercom provided services used in the context of our website are laid out in § 8.2 below.
(4) Contentful GmbH is an external service provider, as referred to in § 4 section 2, to create, maintain and operate our website, and to ensure that the web content presented to you is of optimal quality. In doing so, certain contents, e.g. images, of Contentful are sent to you via the infrastructure of Amazon Webservices Inc. (AWS), whereby they are processed as described in § 8 section 1.
(5) Some of our web analytics and communications are delivered using a technology platform supplied by Zift Solutions 30 Montgomery St, Suite 1210, Jersey City, NJ 07302, USA.
(1) We use MapBox on our website. For your convenience we can thus directly show you on a digital map on our website where our company is located. (the legal basis is article 6 section 1 S. 1 lit. f DS-GVO).
(1) To improve the communication and user experience in our applications, we use the Intercom Messenger service from Intercom Inc. of San Francisco, CA 94105, United States for sending messages by e-mail and for live chats. During the chat connection, the location, IP address, browser and website visited are displayed, stored and forwarded to us for analysis, evaluation, optimization and operational purposes on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offerings in accordance with Art. 6 para. 1 lit. f. GDPR).
(2) Intercom also maintains server locations outside the scope of national and European data protection law, especially in the USA, to which data as described above may be transferred. As Intercom is certified under the EU-U.S. Privacy Shield Framework, the company offers a guarantee that European data protection law is complied with. You can verify the certification status via the following link: https://www.privacyshield.gov/participant?id=a2zt0000000TNQvAAO&status=Active
(3) In addition, we have concluded a data processing agreement with Intercom for processing personal data in accordance with the European data protection regulations (GDPR).
Some of our web analytics and communications are delivered using a technology platform supplied by Zift Solutions 30 Montgomery St, Suite 1210, Jersey City, NJ 07302, USA.
Zift Solutions is a data processor and will use your personal data on behalf of the site operator to send you communications and engage in related data processing, such as analytics to evaluate your engagement with the site and email or social media interaction with the site operator. The data processed typically include your contact information, device identifiers, website activity, and internet usage related to your engagement with the site operator.
You may stop communications using the opt out feature included in the messages and prevent storage of cookies using browser settings.
(1) We use Google Adwords to draw attention to our offers on external websites by means of advertising (so-called Google Adwords). This service is an offer of Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Dublin. We can determine the success of individual advertising measures in relation to the data generated by such advertising campaigns. It is our intention to present advertisements that are of interest to you, and to make our website more interesting for you, whereby we also want to achieve a fair calculation of advertising costs.
(2) Such advertisements are transmitted by Google via so-called “Ad Servers”. To this effect, we use ad server cookies that measure certain parameters for success, such as flash ads or clicks by users. If you access our website via a Google ad, Google Adwords stores a cookie on your PC. These cookies usually expire after 30 days and are not intended to personally identify you. With regard to such cookies, a unique cookie ID, the number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (a mark indicating that the user no longer wishes to be addressed) are usually stored for analysis.
(3) These cookies enable Google to recognize your Internet browser. If a user visits certain pages of the website of an Adwords customer, and if the cookie stored on the user’s computer has not expired, Google and the customer can see that the user has clicked on the ad and has been redirected to the page concerned. Each Adwords customer is assigned a different cookie. Cookies can therefore not be traced via the websites of Adwords customers. We do not collect and process any personal data relating to the aforementioned advertising campaigns. Google only provides us with statistical evaluations. On the basis of such evaluations we can see, which of the advertisements placed is particularly effective. We do not receive any further data relating to such advertisements; in particular, we cannot identify users on the basis of such information.
(4) Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. As we have no influence on the extent and the further use of the data collected by Google by way of this tool, we can only provide information based on our state of knowledge: due to the integration of AdWords Conversion, Google gets the information that you assessed the respective feature of our website or clicked on an advertisement of ours. If you are registered with a service provided by Google, Google may assign your visit to your account. Even if you are not registered with Google, and/or have not logged into Google, it is possible for the provider to obtain and store your IP address.
(5) There are various ways to prevent being tracked: a) by adjusting your browser settings accordingly; disabling third-party cookies in particular will ensure that you do not get any ads from third-party providers; b) by deactivating cookies for conversion tracking, i.e. by setting your browser in a way to ensure that cookies installed by the “googleadservices.com” domain, https://adssettings.google.com/ are blocked, whereby these settings are also deleted when you delete cookies; c) by deactivating the interest-based ads of those providers that participate in the “About Ads” self-regulation campaign via the link http://www.aboutads.info/choices, whereby this setting is also deleted once you delete cookies; d) by permanently deactivating Firefox, Internet Explorer or Google Chrome via http://www.google.com/settings/ads/plugin. We would like to point out that you may not be able to use all features of our website in this case.
(6) The legal basis for processing your data is article 6 section1 sentence 1 lit. f DS-GVO. For further information on the protection of data by Google, please refer to: https://policies.google.com/privacy and https://services.google.com/sitestats/en.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org. Google has adopted the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
(1) We use Google Maps on our website. This service is an offer of Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Dublin. This enables us to present interactive maps directly on our website for your convenience. We primarily present this map feature, so you may find and navigate locations more easily, e.g. venues of events that we help organize or visit.
(1) This website uses Google Analytics for web analysis. This service is an offer of Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Dublin.
(3) Google Analytics is initialised on our websites with the setting “anonymizeIp”, so that the last part of the IP address is masked (i.e. shortened) in order to ensure anonymous web tracking.
(4) You can also prevent Google from collecting the data provided by the cookie and relating it to your use of the website (including your IP address) and from processing this data by following the link http://tools.google.com/dlpage/gaoptout?hl=download and installing the provided respective browser plugin.
(1) No functionalities and contents of the service Twitter, Twitter Inc. 795 Folsom Street, Suite 600, San Francisco, CA 94107 or 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, are currently integrated into the online offerings of kreuzwerker GmbH. Twitter channels are only accessible via an external link.
(2) If you, as a visitor to our websites, are a member of the Twitter platform, Twitter can link your access of Twitter channels to your profile if you visit our Twitter profiles when logged in to Twitter. Twitter is certified under the EU-U.S. Privacy Shield Framework and thus offers a guarantee to comply with European data protection regulations.
(3) We point out that we have no influence on the content, nature and extent of use of the data collected by Twitter Inc. For further information in this regard we refer to the respective information provided by Twitter Inc. at http://twitter.com/privacy. Furthermore, we would like to point out that you can make appropriate changes in your Twitter account settings to protect your privacy.
(1) No functionalities and contents of the service Xing, XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, are currently integrated into online offerings of kreuzwerker GmbH. If you, as a visitor to our website, are a member of the Xing platform, Xing can link your access of the Xing platform to your profile, if you visit our Xing profiles / company profiles when logged in to Xing.
(2) We point out that we have no influence on the content, nature and extent of use of the data collected by Xing. For further information in this regard we refer to the respective information provided by Xing: https://www.xing.com/app/share?op=data_protection
(1) Facebook stores the data of its users (e.g. personal information, IP address, etc.) in accordance with its data usage guidelines and also uses these for business purposes. Facebook provides information on how and to what extent this data is processed on the “Privacy” page at https://www.facebook.com/policy.php. We have no influence on data collection and its further usage by Facebook. Furthermore, we do not know to what extent, where and for how long the data is stored, to what extent Facebook fulfils existing deletion obligations, what evaluations are conducted with your data and what kinds of links are established between data points and to whom the data is transferred.
(1) Our website uses LinkedIn’s plug-ins. The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States.
(2) Once logged into your LinkedIn user account, if you click on the LinkedIn “share-button” (plug-in), you will be forwarded to a separate browser window where you can share your post with a comment. The plug-in establishes a direct connection between your browser and the LinkedIn server. LinkedIn receives your IP address and a notice that you have visited our website. In addition, LinkedIn will be able to associate your visit to our website with you and your user account.
(3) Outside the European Union, your user data may be processed by LinkedIn. Users’ data are usually processed for market research and advertising purposes.
(4) We’d like to point out that we have no knowledge of the transmitted (personal) content, nor how LinkedIn uses this data. If you’d like more information, please read LinkedIn’s privacy statement at:
(1) Our website uses plug-ins from the Google Inc. YouTube site. The site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
(2) We host videos that you can view directly through our website. They are in the extended data protection mode from the YouTube website. A data connection to YouTube will be established by clicking on the video, and at this time only data, such as your IP address, will be transmitted. However, we have no control over which and how YouTube collects data with this plug-in. Therefore, we cannot rule out that if you visit one of our sites containing a YouTube plug-in that there will not be a connection to the YouTube servers, nor that the YouTube server will not know which of our pages you have visited. This data would most likely be stored in the United States, or at least outside the European Union.
(3) If you have a YouTube account and are logged in to this account while using our website, YouTube allows you to associate your surfing behavior directly to your personal profile. It is possible to prevent this however by logging out of your YouTube account. YouTube most probably uses your user profile for advertising, marketing and other purposes. Your activities on our site may also be made available to other YouTube users. YouTube does give you the right to opt out of this usage by YouTube.
Last updated: 27-02-2019