60322 Frankfurt am Main
CEO: Uwe A. Kohrs.
Link to imprint: https://impact.ag/en/impressum/
Form of processed data
- Inventory data (i.e. names, addresses)
- Contact data (i.e. mail addresses, phone numbers)
- Content data (i.e. text entries, photos, videos)
- Usage data (i.e. visited websites, interest in content, access times)
- Meta- / Communication data (i.e. device information, IP-addresses)
Categories of people concerned
Visitors and users of our website and social media channels (consecutively described as “users”)
Purpose of processing
- Deployment of our online presence, its tools and contents
- Processing of contact requests and communication with users
- Security measures
- Reach measurement / marketing
The term “personal data” combines all information that refers to an identified or identifiable natural person (consecutively ‘person concerned’). Identifiability is defined, as the assignment of a natural person to an identifier such as a name, code number, location data, online identifiers (i.e. cookies) or one or more features that reflect the physical, physiological, genetic, psychological, economic, cultural or social identity of said natural person.
The term “processing” is defined as all automated and non-automated procedures and set of operations that are used in connection with personal data. The term comprises practically all handlings of personal data.
The term “accountable party” describes the natural or legal person, authority or institution that decides over the aim and means of personal data processing, with or without the help of third parties.
Cooperation with data processors and third parties
We only ever share or authorize the use of personal data for another person or corporation (processors or third parties) in cases that are unprohibited by law, (i.e. if the transmission of data to a third party, i.e a payment service provider is necessary for contractual performance. Art. 6 para.1 lit.b GDPR applies), you have consented to, are required by legal obligations or are part of the protection of our legitimate interests (i.e. when using agents, webhosts, etc.). If we instruct the processing of personal data by a third party as part of an order processing contract Art.28 GDPR applies.
Transmission to third countries
If we process data in a third country (ie outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure or transmission of data to third parties, this will only be done if it is to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special requirements of Art. 44 et seq. GDPR. This means that the processing is e.g. on the basis of specific guarantees, such as the officially recognized level of data protection (eg for the US through the Privacy Shield) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
- You have the right to request a confirmation as to whether the data in question is being processed and for information about this data as well as for further information and a copy of the data in accordance with Art. 15 GDPR.
- According to Art. 16 GDPR you have the right to demand the completion of your personal data or the correction of incorrect data that concerns you.
- In accordance with Art.17 GDPR you have the right to demand the immediate deletion of your data or, alternatively, demand a restriction of the processing of data in accordance with Art. 18 GDPR
- In accordance to Art.20 GDPR you have the right to demand the provision of the data in question as well as the transmission of the data to another responsible party.
- Furthermore, you have the right to file a complaint with the responsible supervisory authorities in accordance with Art.77 GDPR.
In accordance to Art.7 para.3. GDPR you have the right to withdraw your issued consent with effect for the future.
You may at any time object to the future processing of your data in accordance with Art. 21 GDPR. The objection may in particular be made against processing for direct marketing purposes.
Cookies and cancellation rights concerning direct advertising
“Cookies” are little pieces of data that are saved on the users device. Within the cookies various data and information can be saved. They primarily function as a memory tool, that saves information about the individual user (or the device on which the cookie is saved) while or after the website is used. Temporary cookies that are deleted immediately after the user leaves a website and closes his browser are also called “Session Cookies” or “Transient Cookies”. In these cookies information like shopping basket contents or log in statuses can be saved. “Permanent” or “Persistent” cookies save information even after the user closes an application. This way a login status can be saved even if the user revisits the website days after his initial log in. Permanent cookies can also save individual interests of the user. The gathered data is used for reach measurements and marketing/advertising purposes. “Third-Party-Cookies” are, as the name implies, cookies of a third party that is not the website operator (first party).
If users do not wish to have cookies saved on their device they are advised to deactivate the correlating option in their browser settings. Saved cookies can also be deleted in the browser settings. The rejection of cookies can lead to limited website function and access.
A general withdrawal from cookie applications for marketing purposes can be declared via the US-website http://www.aboutads.info/choices/ Or the EU-Website http://www.youronlinechoices.com . This especially applies for tracking cookies. Furthermore, the saving of cookies can be deactivated permanently in the browser settings. Please note, that in this case not all website functions can be used.
According to legal requirements in Germany, data is saved for six years according to § 257 para. 1 HGB (German commercial code) (trading books, inventories, opening balance sheets, annual accounts, trade letters, accounting documents, etc.) and for 10 years according to § 147 para. 1 AO (books, records , Management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
The hosting services utilized by us are used to provide the following services: infrastructure and platform services, computing capacity, storage space as well as database services, securities and technical maintenance services we use to operate this website.
Our hosting provider is ALL-INKL.COM – Neue Medien Munich – Hauptstraße 68 – 02742 Friedersdorf
We, or our hosting provider, process inventory data, contact information, content data, contract data, usage data, meta-and communication data from customers, prospective customers and visitors of this website based on our legitimate interests in making this website available in an efficient and secure manner.
Collection of access data and log files
We, or our hosting provider, collect data on every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR. The access data includes the name of the retrieved web page, file, date and time of retrieval, amount of data transferred, notification of successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Logfile information is stored for security purposes (for example, to investigate abusive or fraudulent activities) for a maximum of 7 days and then deleted. Data whose further retention is required for evidential purposes are excluded from deletion until the final clarification of the incident.
Data provided by users by contacting us via contact sheet, e-mail, phone or social media will be processed for the handling and processing of the contact request according to Art.6 para.1 lit.b) GDPR. The information provided by the users can be saved in a Customer Relationship Management System (“CRM System”) or comparable request application.
We delete the requests, if they are no longer required. We check the requirement every two years; Furthermore, the legal archiving obligations apply.
Comments and posts
If users leave comments or other contributions, their IP addresses are saved for 7 days based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR This is for our own safety, if someone leaves illegal content in comments and posts (insults, prohibited political propaganda, etc.). In this case, legal action might be filed against us for the comment or post and we are therefore interested in the identity of the author.
Google is certified under the Privacy Shield Agreement, providing a guarantee to comply with European privacy legislation
Google will use this information on our behalf to evaluate the use of our website by users, to compile reports on the activities within this online offering and to provide us with further services related to the use of this website and internet usage. In this case, pseudonymous user profiles of the processed data can be created.
We only use Google Analytics with an active IP anonymization in place. This means that the IP address of the users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.
The IP address submitted by the user’s browser will not be merged with other data provided by Google. The user can prevent the saving of cookies within their browser settings. Users may also prevent the collection and processing of personal data generated by cookies for website use purposes by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
You can find further information on data use by Google, setting and withdrawal options under the following links:
Opt-Out-Cookies prevent the future gathering of information on this website. To prevent acquisition of data by Universal Analytics on all your devices, you have to apply the Opt-Out option on all used systems. If you click here the Opt-Out Cookie will be activated: deactivate Google Analytics.
We maintain an online presence on social networks and platforms to communicate with active customers, prospective customers and users and to inform about our services. Those are @impact.agentur on Instagram and @impact.agentur on Facebook.
Wie inform you that by using these platforms user data processing outside of the European Union can occur. This may pose some risks for the users as the enforcement of user rights may be complicated. In respect to US providers that are certified by the Privacy-Shield, we inform you, that these providers are obligated to oblige EU data security standards.
Furthermore, user data will be processed for market research and marketing purposes in most cases. By doing so user behavior and resulting user interest may be used to create user profiles. These profiles could then be used to run ads outside of the platforms that speak to individual user interests. For these purposes cookies that save user behavior and interests will be saved on user devices as a rule. Furthermore, data independent from the used user device can be saved in the user profiles. This especially applies if users are members and logged into the platform.
The processing of personal data ensues as a result of our legitimate interest to inform and communicate with users in an effective manner according to Art.6 para. 1 lit.f. GDPR. If users are asked to consent to the before mentioned data processing by the respective platforms Art. 6 para. 1 lit.a., Art. 7 GDPR applies.
For a detailed account of the respective processing and dissent options (Opt-Out) please refer to the following linked provider information.
We also advise to request disclosure and claim user rights with the respective provider for the most effective results. Only the respective provider has access to the individual user data and can therefore initialize needed measures or provide requested information. If you should still need help beyond this, please contact us.
Integration of third party services and contents
On the basis of our legitimate interests (meaning our interest in the analysis, optimization and the economic operation of our website within the meaning of Art.6 para. 1 lit.f. GDPR) we utilize service and content packages of third party providers to integrate their services and contents (consecutively “content” such as Videos or fonts.
This always implies that the third party content provider can view the IP address of the respective user. Otherwise the contents could not be provided to the respective browser. The IP address is therefore required for the presentation of this content. We endeavor to use only content whose respective providers use the IP address only for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes
The “pixel tags” can also be used to evaluate information, such as visitor traffic, on the pages of this website. The pseudonymous information may also be saved in cookies on the user’s device and may include, but are not limited to, technical information about the browser and operating system, referring web pages, time of visit, and other information regarding the use of our online offer.
We utilize the videos of video platform “Vimeo” provided by Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA.
We utilize the videos of video platform “YouTube” provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
We utilize the fonts of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
We use Shariff social sharing buttons on impact.ag. We do so to protect your privacy. Other than regular social media buttons Shariff does not require the automated transmission of user data to the respective social network. Only if the user clicks on the social sharing button contact between the user and the respective social network will be made. Further information on Shariff here.
Word Press Plug-Ins
Limit Login Attempts Reloaded
Security is very important on this website as well. In order to protect this website against hacker attacks, we use the plug-in “Limit Login Attempts Reloaded”, developed by wpchefgadget and obtained via the WordPress plugin repository. For this purpose, IP addresses and other personal data are stored on our server. This is necessary and based on Art. 6 para. 1 lit. f DSGVO also justified. More information at https://en.wordpress.org/plugins/limit-login-attempts-reloaded/.
We use the plug-in Antispam-Bee, which is an open-source software developed by “pluginkollektiv”, developed by Simon Kraft, Friedberger Anlage 8, 60314 Frankfurt am Main, in Germany and Switzerland. The plug-in is used to prevent spam in the comments below the posts. The plug-in can filter out comments sent by a spam bot. The plug-in does not collect user data (e.g., IP address).
More information about the plug-in “Antispam Bee” can be found here https://pluginkollektiv.org/plugins/ and here https://wordpress.org/plugins/antispam-bee/.
We want you to find the information you were looking for on our website. Therefore, we also track requests that go nowhere with the “Redirection” plug-in, developed by John Godley and sourced via the WordPress plugin repository. For this purpose, your IP address is stored anonymously. For more information, visit https://en.wordpress.org/plugins/redirection/ and https://github.com/johngodley/redirection.