Privacy Statement Mindbreeze

Contact Data Privacy Team

Mindbreeze has a data security team (“Privacy Team”) entrusted with legal data security issues. You can contact the Privacy Team as follows:

privacy@mindbreeze.com
Mindbreeze GmbH, c/o Privacy Team, Honauerstrasse 2, 4020 Linz, Austria


If required by EU-GDPR or national regulations, Mindbreeze has appointed data protection officers whom you can contact directly using the contact data below:

  • Austria:
    Dr. Rainer Knyrim, dpo-at@mindbreeze.com
    Mindbreeze GmbH, c/o Data Protection Officer AT, Honauerstrasse 2, 4020 Linz, Austria

Data protection is of particularly high importance to the Fabasoft Group. Fabasoft AG and its subsidiary companies (known as: “Fabasoft”) have dedicated themselves to the protection of data and, in particular, of personal data. Mindbreeze GmbH is a subsidiary of Fabasoft AG (in the following referred to as “Mindbreeze”). Exactly how Mindbreeze uses and protects personal data, such as first and surnames, email addresses or telephone numbers, will be outlined in more detail in this privacy statement. The use of personal data complies with the requirements of the EU’s General Data Protection Regulation and the relevant country-specific data protection regulations. The transfer of data for processing, both within and outside Mindbreeze, for the purpose of job processing, is exclusively based on data processing agreements.

Date November 2018 | PDF Download of the Mindbreeze Privacy Statement (423 KB)

1. General Information

1.1 Who is responsible for data processing? - The Group’s Structure

Mindbreeze is a subsidiary of Fabasoft AG who is responsible for all privacy concerns if there is a legal relationship with Mindbreeze GmbH.

You will find all Fabasoft companies listed here:

Companies

Country

Location

Fabasoft AG (parent company)

Austria

Honauerstrasse 4
4020 Linz

Mindbreeze GmbH *

Austria

Honauerstrasse 2
4020 Linz

Mindbreeze Corporation *

USA

180 N. Stetson, Suite 3500
Chicago, IL 60601

Fabasoft International Services GmbH

Austria

Honauerstrasse 4
4020 Linz

Fabasoft R&D GmbH

Austria

Honauerstrasse 4
4020 Linz

Fabasoft Austria GmbH

Austria

Honauerstrasse 4
4020 Linz

Fabasoft Deutschland GmbH

Germany

THE SQUAIRE 14, Am Flughafen
60549 Frankfurt am Main

Fabasoft Schweiz AG

Switzerland

Spitalgasse 36
3011 Bern

*Additional Information: Mindbreeze GmbH and its subsidiary company, the Mindbreeze Corporation, belong to the Fabasoft Group, but they have their own website, available at: www.mindbreeze.com and have their own public corporate design.

The current privacy statement provides information about how Mindbreeze handles personal data within its business operations, in particular with regard to the Mindbreeze website (www.mindbreeze.com). Due to its particular characteristics, there are a number of additional, separate privacy statements for the following areas:

  • for the products and services offered by Mindbreeze.
  • for applicants during the application process
  • for employees
  • for other, specific processing areas, further privacy statements may exist and those affected by this will be notified separately.

With this privacy statement, Mindbreeze is informing the data subjects of the nature, scope and purpose of the data they process, as well as informing them of their legal rights with regard to this. Since the technical and legal frameworks for processing personal data undergo continuous and progressive development, Mindbreeze is committed to adhering to these changes.

The current version of this privacy statement is available at: https://www.mindbreeze.com/privacy and is also available to download for free as a PDF.

1.2 Which data are processed? Where does the data come from (the data sources)?

Mindbreeze processes personal data that has been collected directly from the data subject.

  • Mindbreeze processes personal data that it obtains through its business relations (with customers, suppliers, partners or support requests) in order to fulfil a contract or to implement pre-contract procedures.
  • Mindbreeze processes personal data supplied directly by the customers.
  • Mindbreeze processes personal data that are required in order to fulfil a legal obligation.
  • Mindbreeze processes personal data for which consent has been granted, for various reasons, by the data subject.

Personal data includes: title, first name(s), surname, email address(es), home address(es), telephone number(s), fax number, date of birth (if provided), contract details (incl. contact details of the contracting parties as well as contact persons), company details, other relevant information (correspondence history and contact details etc).

When you make use of our support, we process data about your support inquiry (problem description, log files, attachments, screenshots, communication, documentation of troubleshooting, contact details of the involved persons).

In addition, Mindbreeze processes personal data that is not directly obtained from the data subject. Furthermore, information such as telephone numbers, job titles, gender, company, size of the company, titles, industry, street, post code, locations and country are retrieved from public sources, such as from a company register, land register, business register, the German Federal Gazette, as well as information published by individuals on the company’s website or on social media platforms.

1.3 Why is personal data processed and what is the legal basis for doing this?

  1. The fulfilment of contractual and pre-contractual obligations.
  2. Processing personal data is important for providing products and services that are appropriate for the required/commissioned scope of the project. The purpose of data processing is strictly aligned with the commissioned product or service.

  3. The fulfilment of legal obligations.
  4. As far as the processing of personal data is necessary to fulfil a legal obligation that is subject to our company, Art. 6 para. 1 lit. c DSGVO applies as the legal basis for data processing.

  5. Data processing and consent
  6. If Mindbreeze is granted the permission to process personal data, the processing is carried out in accordance with the established objectives. Consent can be withdrawn at any time. Until it is withdrawn, the consequent data processing is considered legal.

  7. Safeguarding legitimate interests
  8. It is in Mindbreeze’s interest to continuously improve its products and services. In order to obtain feedback, Mindbreeze encourages voluntary participation in surveys. Participation in the survey can take place without the disclosure of personal data. Should personal data nonetheless be disclosed, such disclosure is voluntary and is not necessary for participation in the survey. The results of the survey serve to further improve Mindbreeze’s products and services.

    It is in the interest of Mindbreeze customers and interested persons/companies to provide the best possible information about market trends and market developments. Mindbreeze also makes comprehensive research papers available for download free of charge in which Mindbreeze products and services have been evaluated by renowned analyst firms. In addition, Mindbreeze strives to provide the best possible support and advice for customers and interested persons/companies. In this context, Mindbreeze or a responsible Mindbreeze partner will contact you by e-mail, provided that you have given your consent (this consent can be revoked at any time; the data processing that has been carried out until such time remains lawful).

In the interest of Mindbreeze customers (contractual relationship) and potential customers (pre-contractual measures), it is important for Mindbreeze to provide regular information on the ongoing development of their products and services as well as on trends in this sector and topics that are relevant to the market. Mindbreeze also hosts their own events, presents the company at events, holds webinars, and provides information by means of e-mail newsletters.

Those data received by Mindbreeze in the course of its contractual relationship with the customer, will be processed by Mindbreeze in order to send emails, letters or advertising brochures to customers for the purpose of depicting and presenting Mindbreeze products (Art. 6 (1)(f) GDPR). The customer has the right to object to this processing of the customer's data for the purpose of direct advertising, said right can be exercised at any time without giving reasons by means of letter to Mindbreeze c/o Privacy or email to privacy@mindbreeze.com. Mindbreeze will process the customer data for this purpose for as long as the customer lodges no objection, however, up to a maximum of 3 years after termination of the contract. Where other forms of direct advertising are concerned, Mindbreeze will only process the customer data if the customer has expressly given its express consent to the processing of its data (Art. 6 (1)(a) GDPR). If the customer has given its consent to the data processing, it can revoke this consent without giving reasons by means of letter to Mindbreeze or email to privacy@mindbreeze.com. The processing of the personal data of the customer for the purpose of direct advertising is not necessary for the execution of the contractual relationship. The processing performed until objection is made against such processing or until consent is revoked shall remain lawful.

1.4 Who receives the personal data?

The individual employees, departments or Fabasoft companies, that require it in order to fulfil contractual or legal obligations, such as legitimate interests, receive the personal data.

Furthermore, if necessary, Mindbreeze will transfer your data to tax consultants and auditors for purposes of tax consultancy and auditing and, in individual cases, to lawyers and courts, if necessary for legal advice or law enforcement purposes. In individual cases, we also forward your data to our data protection officer in Austria or Germany in order to obtain advice on the implementation of data protection regulations, e.g. if you assert claims against us. In addition, Mindbreeze employs various sub-contractors, to whom personal data is transferred to enable them to effectively carry out their respective services.

All sub-contractors are required to use the data solely for the purpose of providing the service that has been clearly defined by Mindbreeze.

Through contractual agreements, Mindbreeze collaborates with the following providers when dealing with marketing and communication:

  • Act-on Software, located in Portland, Oregon, USA.
    Service: The forwarding of marketing information material, for example newsletters, webinar invitations and product information, as well as product information concerning client relations (for example, tips on new releases)
    The forwarding (conducted via email) is carried out by Act-on in the USA.
    Data storage: The Data Centre in Frankfurt
    EU-US-Privacy Shield Framework: https://www.privacyshield.gov/participant?id=a2zt0000000KzMNAA0&status=Active
  • LogMeIn. Inc, located in Boston, Massachusetts, USA
    Service: Platform for the organisation and implementation of webinars.
    Information on compliance with the GDPR: https://www.logmeininc.com/gdpr/gdpr-compliance
    Swiss-US-Privacy Shield Framework and EU-US-Privacy Shield Framework: https://www.privacyshield.gov/participant?id=a2zt0000000013fAAA&status=Active
  • Lewis Communications GmbH, located in Düsseldorf, Germany.
  • Service: The agency provides services for Mindbreeze concerning public relations
  • Fabasoft Austria GmbH
    Service: Fabasoft Austria GmbH provides the customer support services for Fabasoft products.

Provided that personal data is sent to the USA, Mindbreeze can ensure that there is a suitable level of data protection in place.  

Mindbreeeze’s partner network

Mindbreeze maintains an extensive partner network and places a high value on exclusivity and quality; there are only a small number of partners in each country or area who ideally complement Mindbreeze, in particular in terms of technological expertise and sales strength. In order to provide the best possible service to international customers and potential customers in their national language and in their own time zone, Mindbreeze recruits partners in the respective country or region and provides them with the necessary voluntarily provided personal data such as first name, last name, e-mail address, business address, telephone number, and company name in a separate secure system. The data will only be disclosed to these select partners with your prior consent. In this case, we always ask you for a consent. Personal data will only be processed to the extent that is contractually agreed with our partners. All partners of Mindbreeze are contractually obliged to use this data for the specific intended purpose(s) only (contact on behalf of Mindbreeze and its products) and not to disclose it to third parties. An overview of all current Mindbreeze partners is available at: https://www.mindbreeze.com/our-partner.html

1.5 For how long is data stored?

Mindbreeze stores personal data for as long as is necessary for the duration of the business relationship, from the initiation, to the execution and until the termination of the contract. In addition, it complies with the records management, retention and disposal policy, which stems from the legal business and fiscal retention requirement (usually a period of 10 years) or from the limitation periods outlined in the German Civil Code (up to 30 years).

Personal information (for example for a newsletter, announcement, webinar etc) that is submitted to Mindbreeze with consent will be stored for a maximum of three years after its last use, provided that it is not withdrawn before this period ends.
 

1.6 Where is the data stored?

Mindbreeze stores data on hardware owned by Fabasoft in highly secure, external data centres in Germany, Austria and Switzerland.

1.7 What are the data subject’s data protection rights?

You have the right to disclosure, correction, removal or restriction in the processing of the stored information. You have the right to object to the use of your personal information as well as the right to data portability in accordance with the requirements of the data protection law.

In the event that you withdraw consent to use your personal information, Mindbreeze will immediately stop using this data, provided that the use of this data is solely based on your consent. Exceptions arise as a result of legal or contractual obligations, which render storing data necessary, but this is only in the event of the aforementioned obligations. The legitimacy of the processing, for which consent was granted, remains intact until the consent is withdrawn.

All rights listed above can be claimed through the following channels.

By email:      privacy@mindbreeze.com
By post:       Mindbreeze GmbH, c/o Privacy, Honauerstrasse 2, 4020 Linz, Austria

All queries about rights should be addressed to Mindbreeze in writing. In order to prevent any unauthorized persons from abusing these rights, you must prove your identity to Mindbreeze in an appropriate manner. Everyone has the right to information.

Mindbreeze may make further use of relevant personal information, provided that it is anonymized in advance and that it is not possible to relate this information to a particular or identifiable individual.

Complaints should be directed to the Austrian Data Protection Authority or to another data protection authority within the European Union or Switzerland, preferably where you live or work.

1.8 Contact with Data Protection Officers

Mindbreeze has a data security team at its disposal that is dedicated to data protection issues (“Privacy Team”) The contact details for this privacy team are available at: https://www.mindbreeze.com/privacy The privacy team can be contacted at: privacy@mindbreeze.com

As far as the GDPR, or rather national regulations, require, a data protection officer will be appointed. The contact details of this data protection officer are available at: https://www.mindbreeze.com/privacy

1.9 Compulsory provision of personal information 

In the context of the business contract or pre-contractual procedures, personal data necessary for the execution of the business contract, and to which Mindbreeze is legally obliged to collect, must be provided. If this information is not provided, the delivery of products and service, for example, will not be possible.

2. Additional Information About the Mindbreeze Website

2.1 Data collection

The Mindbreeze website collects general information with every visit. Such information includes, for example: the IP address, the type of browser used, the language, the login pages, the device used, the volume of data transmitted, the browsing history as well as the HTTP referrer.

Mindbreeze does not use this data to draw any conclusions about the data subject. This information will be needed in order to successfully deliver the content of the website, to guarantee the website is always functioning or to provide relevant information to the authorities.

In addition, the Mindbreeze website offers many opportunities to register your personal information or to get in contact with the company through the email addresses provided. The Mindbreeze GmbH is responsible for your data protection for the purposes listed in the tabular below:

For a better overview, the ways in which you can register will be outlined separately:     

Ways to register

The purpose of data collection

To register for the Mindbreeze newsletter

To send information about Mindbreeze and the products such as Release Notes, approx. 1x/month

Register for webinars

To send information about webinars, access details for webinar participants, check the status of registrations, as well as progress reports,

access to the webinar records archive and information about similar webinars

Register for Mindbreeze events

To send information about events, communicate the status of registrations, as well as progress reports and to distribute information about similar events

Register for participation in the affiliate program

Contact (legitimate interest) in the context of the collected personal data, transmission of further information about the Mindbreeze Partner Program

Register for Try & Buy

To provide Mindbreeze InSpire for a 28-day trial period

Register for software updates

To provide software updates in the context of a contractual relationship

Registration for developers

To provide SDK (Software Development Kit) for Mindbreeze InSpire

Online application

See separate privacy statement “Data protection for applicants during the application process”

Request help from sales or support team

 

Contact the support team

Further contact (via contact field on the right))

If you send a message via the contact field, it will be forwarded to the responsible persons for the purpose of processing your request.

 

Sign up for fee-based trainings

To send information about training, communicate the registration status, and to send information about similar trainings

 

Register for the download of selected information materials. After registration, documents such as case studies and research papers of analysts are available.

To transmit the download link for the requested document by e-mail. Contact by Mindbreeze or a Mindbreeze partner within the voluntarily provided data. See Partner network of Mindbreeze.

 

Providing information about products and services

To receive information about the technical advancements of products such as Release Notes, Software Product Information (SPI), Knowledge Base on a regular basis

When registering for one or more of the purposes mentioned above, personal data will only be collected in the form of first name(s), surname(s), email address, company, job title, gender, telephone number, street, postcode, location and country. This information contributes to providing an efficient service and will be processed if consent is granted.

2.2 Sending requests to general email addresses 

On the Mindbreeze website, to contact Mindbreeze additional general email addresses will be provided. When you send us an email, it is automatically directed to the relevant person so that you query can be processed.

2.3 The use of cookies

Mindbreeze uses cookies to collect the following information: 

File name

Purpose

has_js

This cookie is used if the web browser supports JavaScript.

_utma

Google analytics cookie

_utmb

Google analytics cookie

_utmc

Google analytics cookie

_utmz

Google analytics cookie

_utmt

Google analytics cookie

wp6806

Act-On Tracking Cookie

cookie-agreed

Cookie Einverständniserklärung

JSESSIONID

Sitzungsbezeichner für die Mindbreeze Suche

Cookies are small text files that are saved by the website server onto the user’s device hard drive (for example computer, notebook, tablet, smartphone etc) via your internet browser. This information may be called upon at later visits to the website and enables the website to recognise your device. Cookies can save both personal and non-personal information. Through the use of cookies, user profiles can be created.

Mindbreeze uses cookies in order to make the website more user-friendly, to continuously improve the performance of its website for its users and to learn more about how the website is used. However, the website can also be viewed without cookies. All internet browsers allow you to choose whether to use cookies or which ones to use. Most browsers accept all cookies as their basic setting. If you do not wish to accept all cookies, you should change your browser settings accordingly. To do this, you can use your browser’s help page or check the cookie settings on your browser.

The two main types of cookies are session cookies and permanent cookies, which are separated into first-party and third-party cookies.

Session cookies are deleted at the end of the session (when you close your browser). They record navigation through the website so that the website “remembers” your entries. These session cookies are normally used to temporarily save the user’s entries when filling in online forms that span several pages or to temporarily save the information entered by the user when adding items to online shopping baskets. Examples of typical entries could be: Entering information when ordering online, choosing currency, whether the user is registered or simply when navigating the site.

Permanent cookies remain after the browser is closed and are automatically deleted two years after their last use at the latest. The information gathered by these cookies is still available to you after your session has ended, if you return to this website. In this instance, the information is related to language settings, layout preferences, login settings and preferred settings.

First-party cookies are the cookies set by Mindbreeze and will only be used by Mindbreeze, or you. Mindbreeze mainly uses session cookies; meaning cookies that are deleted after one month at the latest. On the other hand, third-party cookies are not used directly by Mindbreeze, but by third-parties. These can help third-parties track your overall navigation of the website and calculate the number of visits to and the length of time spent on the website.

2.4 The use of analytics services

Internet analytics service Google Analytics

We use Google Analytics, an internet analytics service by Google Inc. (“Google”), 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Google uses cookies. The information collected by cookies from the users about their use of online offers is normally sent to a Google server in the USA, where it is saved.
At our request, Google will use this information to assess how users respond to online offers, to compile reports on the activity surrounding these online offers and to provide us with further information regarding the use of these online offers and services related to internet use. Through this, we can use this processed information to generate pseudonym profiles for users.

We only use Google Analytics when IP anonymization is in place. This means that, within other European Union Member States or countries in the European Economic Area, Google will ensure that only part of the user’s IP address is shown. Only in exceptional circumstances will the full IP address be sent to a Google server in the USA, where it is shortened. The IP address of the user’s browser will not be merged with other information collected by Google.

You can prevent cookies from being stored by changing the settings on your internet browser. In addition, you can prevent Google from collecting or processing information from your cookies and about your use of online offers by downloading and installing the following browser plugin at this link: http://tools.google.com/dlpage/gaoptout?hl=de.

You can learn more about Google’s use of data for advertising purposes, the different ways to adjust your settings or to oppose the use of this information on Google’s website: https://www.google.com/intl/de/policies/privacy/partners/ (“Google’s use of the data collected from your visits to partner websites or Apps”), http://www.google.com/policies/technologies/ads (Using data for advertisement purposes”), http://www.google.de/settings/ads (“Managing the information that Google uses to show you advertisements”) and http://www.google.com/ads/preferences/ (“Determine which advertisements Google shows you”).

You can prevent Google Analytics from collecting information by clicking on the following link. An opt-out cookie will be available, which prevents the collection of further information when visiting the website. Deactivate Google Analytics

Privacy policy regarding the employment and use of Google AdWords

Mindbreeze has integrated Google AdWords into its website. Google AdWords is an internet advertising service that permits advertisers to change the advertisements both on Google’s search engine results page and on Google’s Display Network. Google AdWords enables advertisers to specify certain key words in advance that will trigger the display of specific advertisements on Google’s search engine page if the user searches for a relevant key word in the search engine. On Google’s Display Network, advertisements are filtered by an automatic algorithm and taking into account key words that have been entered on similar internet sites.

The operating company that provides the Google AdWords service is Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of using Google AdWords is to advertise our website by placing interesting and relevant advertisements on third-party companies’ websites, onto Google’s search engine results page and to display third-party advertisements on our own website.

If one of Google’s advertisements succeeds in directing someone to our website, Google will file a so-called conversion cookie on this person’s device. Cookies have already been defined above.

A conversion cookie expires after thirty days and does not serve to identify the data subject. Provided that it has not yet expired, conversion cookies can be used to establish whether certain sub-sites, for example the basket in online shopping systems, are visited on our website.

Through conversion cookies, both we and Google can establish whether a data subject, who is directed to our website via an AdWords advertisement, generates revenue, for example by making purchases in the basket or if they cancel them.

Google uses the data and information collected by conversion cookies in order to generate statistics on the number of visits to our website.

On the other hand, we use these statistics to determine the total number of people using our website and how many of them are directed to us by AdWords advertisements. Therefore, we use this information to evaluate how successful various AdWords advertisements are at directing people to our site and in order to streamline our AdWords advertisements in the future. Neither our company nor Google AdWords’ other advertisement customers receive information from Google that would enable a data subject to be identified.

Through conversion cookies, personal information, for example internet sites visited by the data subject, will be stored. With each visit to our website, personal information will therefore be sent to Google in the USA, including the IP address of the data subject’s Internet connection. This personal information will be stored by Google in the USA. Google will pass on the personal information collected through online activity to third-parties if necessary.

The data subject can prevent the use of cookies on our website, at any time by changing the relevant settings of the internet browser and thus permanently reject the use of cookies, as explained above.

This setting on the internet browser would also prevent Google from creating a conversion cookie on the data subject’s computer system. In addition, cookies that have been already established by Google AdWords can be deleted via the internet browser, or other software programmes, at any time.

Furthermore, the data subject may reject personalised advertising from Google. To do so, the data subject must use the following link to remove the internet browsers they used and to set their desired settings: www.google.de/settings/ads

Additional information and Google’s current privacy policy can be found at this link: https://www.google.de/intl/de/policies/privacy/

Google Maps

This page uses the Google Maps map service via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. It is necessary to save your IP address in order to use the functions of Google Maps. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. Google Maps is used in the interest of presenting our online offers in an appealing manner and making it easier to find the locations we have indicated on the website. This constitutes a legitimate interest within the context of Art. 6 (1) (f) GDPR. You can find more information on the handling of user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.

Internet analytics service Act-On

In order to analyse user access, information for marketing purposes and for identifying different companies, is collected using the tool Act-On, processed and stored in Act-On Software Inc’s data centre. In Germany. Act-On carries out checks on an address based on this information, but only if it has been established that it involves a company and not an individual. Cookies are also used here. In addition, Act-On collects information on the browsing activity of anyone who has submitted a form or registered for an email service. The following information is collected: which webpages are visited on www.mindbreeze.com, which emails from Mindbreeze are opened, which documents from Mindbreeze are downloaded and which forms are completed. This information will be collected as long as it is processed for a clearly specified purpose. This information will be used in order to continuously improve our services and to enhance the browsing experience.
Information on Act-On’s EU-U.S. Privacy Shield Framework.


2.5 Social Media Icons

Mindbreeze also provides links on this website to the following social media sites: Twitter, Facebook, YouTube, Xing, LinkedIn, Google+. Some of these links are displayed as icons. When you click on these social media icons (links) you will be subsequently redirected from the Mindbreeze website to the respective social media site.

When you click on one of these links, you will be redirected to the respective website and are thus allowing the respective site operator to access your personal information. This collection of data is the sole responsibility of the respective provider and not of Mindbreeze.

3. Data protection information for visitors to our Facebook Fan Page

If you visit our Fan Page (https://www.facebook.com/Mindbreeze/) on Facebook, we will process personal data in connection with this visit, regardless of whether you are registered on Facebook or whether you are logged in or not. Fan Pages are user accounts that can be set up by private individuals or companies on Facebook. This Fan Page allows us to present our company to Facebook users and individuals who visit our Fan Page, and also to communicate with these people.

Facebook provides the “Facebook Insights” function to Fan Page administrators. This function allows us to collect anonymised statistical data about the users and visitors to our Fan Page. This data is gathered using cookies. These are small text files that are saved by Facebook onto the hard drive of the visitor’s end device (for example computer, notebook, tablet, smartphone, etc.) via your internet browser. This information may be called up again during subsequent visits to the website and enables the website to recognise your device. The information stored in these cookies is received, recorded and processed by Facebook in a personalised form.

The purpose of using cookies is partly to improve Facebook’s marketing systems, but it also allows Facebook to provide us with statistics which we can use to manage and improve the commercialisation of our activities.

By creating the Fan Page, we are contributing to the processing of personal data belonging to visitors to our Fan Page, regardless of whether these visitors are registered with Facebook or not. Although Facebook provides the data collected using cookies to us solely in an anonymised form, the production of these statistics relies on the prior processing of personal data. For this reason, we, as administrators of the Fan Page, are involved in deciding the purposes and means of processing the personal data of visitors to our Fan Page, and as such, we are joint data controllers with Facebook as defined by Article 26 of the GDPR with regard to this processing. The main content of the agreement between the joint controllers is provided by Facebook Ireland./p>

If you are registered with Facebook, you consent to the processing of your personal data by Facebook (Article 6 (1) (a) GDPR) in accordance with Facebook’s relevant terms of use and provisions regarding data privacy and cookies. We draw your attention to the fact that we have no influence over Facebook’s terms of use or provisions regarding data privacy and cookies. If you are not registered with Facebook, you give your consent to the processing and statistical analysis of your personal data by Facebook and to the transfer of these anonymised statistics (Article 6 (1) (a) GDPR) by clicking on a subpage within our Fan Page. If you do not click on any subpages, your personal data will not be collected via cookies.

Cookies placed by Facebook are stored for up to two years after being placed or updated. Cookies that are already being stored can be deleted at any time. In addition to this, you can prevent installation of cookies using your browser settings.

We have no access to the data stored in cookies in a personalised form and can therefore also not transfer this to third parties in a personalised form. Please find information about any possible recipients or any possible transfers of your data by Facebook to third countries in Facebook’s Data Policy (https://www.facebook.com/privacy/explanation) and Facebook’s cookie guidelines (https://www.facebook.com/policies/cookies/).

In particular, we receive the following data categories from Facebook in an anonymised form:

Information about individuals:

  • Individuals who “Like” our Fan Page: Gender, age, location and language,
  • Individuals reached: Individuals for whom our post has been activated in the last 28 days,
  • Interacting individuals: Individuals who have “Liked”, commented, shared or otherwise interacted with our posts in the last 28 days.

Information about “Likes”:

  • Total number of “Likes” for the Fan Page,
  • Number of new “Likes”,
  • Breakdown of “Likes” according to origin (country, city/town), gender, age and language.

Reach:

  • Reach of posts: Number of individuals for whom our posts are made available, broken down according to paid and organic reach,
  • Positive interactions: Details about “Likes”, comments, shared content and recommendations,
  • Negative interactions: Posts hidden from timelines, marked as spam, “Disliked”,
  • Number of Fan Page subscribers,
  • Total reach: Number of individuals who are shown any action on our page.

Information about visits:

  • Page and tab clicks: Information on how often each tab and each button (e.g. website, phone number, plan route buttons) on our Fan Page is viewed or clicked,
  • Visitor behaviour: Information on whether the visitor hovers over the name or profile picture on the Fan Page to see a preview of the page content and information on whether visitors to the Fan Page are using a computer or a mobile device,
  • External links: Information on how frequently individuals are directed to our Fan Page via a link on a website outside Facebook.

Information about posts:

  • Online behaviour of our “fans”: Information about when the individuals who “Like” our page are on Facebook,
  • Types of post: Information about the success of individual types of post, based on the average reach and interaction,
  • Most popular posts from pages on our list of pages to watch: Display of interactions with posts on pages on our list of pages to watch.

Information about videos:

  • Video views: Information about how often the videos on our Fan Page are viewed for more than three seconds,
  • 30 second views: Information about how often the videos on our Fan Page are viewed for more than 30 seconds. If our video is less than 30 seconds long, individuals who watch at least 95% of the video will be counted,
  • Top videos: Information about the videos on our Fan Page that are most frequently viewed for at least three seconds.

For requests to exercise your rights as data subject, or to withdraw your consent, please use the form linked in Facebook’s Data Policy for Page Insights Data ( https://dede.facebook.com/legal/terms/information_about_page_insights_data) or contact Facebook Ireland by post at Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.