We as the data controller within the meaning of the GDPR are responsible for the processing of your personal data, which we collect in connection with your use of our website or a contact initiated by either yourself or us.
"Personal data" means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific factors.
"Processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission or transfer, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
"Controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
"Processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Visiting our website
When you visit our website www.neory.com, the browser on your device automatically sends information to the server hosting our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted, typically after one week:
- - IP address of the requesting computer,
- - Date and time of access,
- - Name and URL of the accessed file,
- - Website used to access our website (referrer URL),
- - User agent of your browser (typically specifies the browser and operating system).
We process this data for the following purposes:
- - Ensure a smooth connection to the website,
- - Make our website more user-friendly,
- - Evaluate the security and stability of the system
- - Investigate any possible unlawful access to our website (DoS/DDoS attacks, etc.) and
- - Other administrative purposes.
The legal basis for this data processing is Article 6 (1) (f) GDPR. The purposes listed above constitute legitimate interests as defined by GDPR. We will not typically use the data collected to identify you. However, we reserve the right to do so if this becomes necessary to investigate unlawful access to our website.
If you have any questions, you can contact us by telephone or by email. If you provide us with personal data through these channels or our website (e.g. by using the contact form), we will store and use this data on the basis of Article 6 (1) (a) GDPR solely to process your query or on the basis of Article 6 (1) (b) GDPR to take steps at your request prior to entering into a contract. You may revoke your consent to the processing of your personal data at any time. All you need to do is send an email to email@example.com. We will erase your data insofar as this does not conflict with statutory retention requirements (for example, if you send us a pre-contractual message using the contact form and we then establish a contractual relationship with you, or if your message refers to an existing contractual relationship).
On this website we use the Google Maps API to display an interactive map and a route planner. Google Maps is a mapping service developed by Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
By using Google Maps, information about your use of the website (including your IP address) may be transmitted to and stored by Google on servers in the US. Google may also pass this information collected by Google Maps on to third parties where this is required by law or if third parties process the data on Google's behalf. To cover cases where personal data are transmitted to the US, Google has submitted to the EU-US Privacy Shield.
We use Google Maps to enhance the appeal of our website and to make locations specified on our website easier to find. This constitutes a legitimate interest within the meaning of Article 6 (1) (f) GDPR.
Links to third-party services
The website contains links to social media platforms or other providers operated by third parties. However, a link to such a third-party provider will only be established after you have clicked on the corresponding button (link) on the website. We have no influence over the processing of personal data by these providers. For this reason, we refer you to the privacy policies of the respective operators:
- - XING (XING SE): https://www.xing.com/privacy
- - Facebook (Facebook Ireland Ltd.): https://www.facebook.com/privacy/explanation
Routine erasure and blocking of personal data
We process and store your personal data only for the period necessary to achieve the purpose of the storage or as provided by the European directives and regulations or other laws or regulations to which we are subject. If the data is no longer required for the purpose for which it was originally stored, or if the storage period prescribed by the European directives and regulations or any other relevant laws expires, the personal data will be routinely erased or blocked in accordance with the statutory requirements.
Any data that we store on the basis of your consent will only be stored until you withdraw your consent. Data which we need for the performance of a contract will be stored only for the duration of our contractual relationship or to comply with statutory retention requirements. We will only store data we use on the basis of our legitimate interests for as long as our interests are not overridden by your interests to have the data erased or anonymised.
Rights of data subjects
You have the right:
- - to obtain information about your personal data we process in accordance with Article 15 GDPR. In particular, you may obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint, the source of data not collected by us, and the existence of automated decision-making, including profiling and, where appropriate, meaningful information about the details involved;
- - to obtain from us without undue delay the rectification of inaccurate personal data we store on you in accordance with Article 16 GDPR;
- - to obtain from us the erasure of personal data we store on you without undue delay in accordance with Article 17 GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
- - to obtain from us a restriction on processing in accordance with Article 18 GDPR if you contest the accuracy of the personal data, the processing is unlawful and you oppose the erasure of the personal data and we no longer need the personal data, but you require the data for establishment, exercise or defence of legal claims or if you have objected to processing pursuant to Article 21 GDPR;
- - to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller in accordance with Article 20 GDPR and
- - to lodge a complaint with a supervisory authority in accordance with Article 77 GDPR. As a general rule, you can contact the supervisory authority of your habitual residence or place of work or our company's registered office.
Data of visitors to our customers' websites
When you visit the websites of our customers who are using the NEORY Marketing Cloud, our technology will be used to process your data. As part of providing and maintaining the service (support) for our customers, we may gain insight into or access personal data that is entered by users of the service or which is recorded by the system when using the services (e.g. IP address of the requesting computer, date and time of access, browser used and, if applicable, your computer's operating system and the name of your access provider). In this respect, we process the data on behalf of our customer, who is responsible to you for processing your data in compliance with data protection laws and regulations. Please refer to the respective privacy policies of our customers, which also apply to the use of the technology, for details regarding the processing of your data.
In order to be able to provide our services to our customers, we use third companies that provide services we are obliged to provide on our behalf or support us in the provision of services and who we may engage to process your personal data in this context (processors). In particular, we make use of providers of infrastructure and platform services to provide our services. Processors who process data on our behalf use only servers located in Germany.
Data protection officer
You can contact our data protection officer Mr Georg Hesse by email at firstname.lastname@example.org.
You can use the following details to contact us:
We will answer your questions regarding data protection promptly in German or English.
Last updated: 26/11/2019
The NEORY Marketing Cloud (technology) is used to deliver digital advertising, manage digital advertising campaigns, conduct effective market research/analysis, collect statistical data for campaign tracking as well as to make our website more user friendly. In addition, the technology enables our customers to collect and store data about internet users (devices) and to use this data for analysis and marketing purposes. In this respect, we process the data on behalf of the respective customer, who is responsible for data processing in accordance with the terms of the contract. Please refer to the respective privacy policies of our customers for more information about their use of this technology.
The NEORY Marketing Cloud can be reached under the standard domain ad-srv.net. However, it can also be operated for its customers under individual domains:
- - The Reach Group GmbH (Domain: redintelligence.net)
Data processing in the European Union
We process data only in the Member States of the European Union (EU). In particular, the internet servers we use for data processing are located within the territory of the member states of the EU. As a principle, we do not transfer data to third countries or international organisations.
Usage-based online advertising / OBA
We have voluntarily submitted to the principles of the EDAA OBA Framework. For more information, please visit:http://www.edaa.eu/
In addition, we voluntarily comply with the self-regulation of the German Data Protection Council for Online Advertising (DDOW). Please click on the following link for the latest version of self-regulation codex and further information:http://meine-cookies.org/DDOW/die_kodizies/index.html
On the following page, you have the option of disabling usage-based advertising with the help of the preference manager:
- - Germany: http://www.youronlinechoices.com/de/praferenzmanagement/
- - United Kingdom: http://www.youronlinechoices.com/uk/your-ad-choices/
For more information on behavioural advertising from the European Interactive Digital Advertising Alliance, please visit:http://www.youronlinechoices.com/
Data protection measures
Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with statutory requirements. Those measures shall be implemented taking into account the state of the art and include, in particular, encryption. The equipment and systems used to process data are protected against unauthorised access, both physically and digitally. In particular, our servers and the servers of our contractors are password-protected and encrypted. Only employees have access to personal data to the extent necessary to perform their duties. Our employees receive data processing training before commencing work and are obliged to maintain confidentiality. Regular backups protect the data from loss and can be restored at any time. The default system settings ensure that only personal data needed for the respective processing purpose is processed. In this way, we apply data protection principles such as data minimisation. In addition, we use technical and organisational measures to ensure the confidentiality, integrity, availability and resilience of the systems. Compliance with data protection regulations is routinely monitored and the measures are updated as and when necessary.