Service
PRIVACY POLICY
Below we inform you about the processing of your personal data when using our online services.
1. CONTROLLER
IMAGO Technologies GmbH
Strassheimer Str. 45
61169 Friedberg, Germany
Phone: +49 (0)6031-68426-11
Fax: +49 (0)6031-7779986
Email: info@imago-technologies.com
2. CONTACT PERSON
If you have any questions regarding data protection, please contact us using the contact details provided above.
3. STORAGE DURATION
We generally delete your personal data when they are no longer necessary for the purposes for which they were collected or otherwise processed.
If we have requested your consent and you have given it, we will delete your personal data if you withdraw your consent and there is no other legal basis for processing.
We also delete your personal data if you object to the processing and no overriding legitimate grounds for the processing exist, or if you object to the processing for direct marketing purposes or related profiling.
If deletion is not possible because the processing is still required to fulfill a legal obligation (e.g. statutory retention periods) or to assert, exercise, or defend legal claims, we will restrict the processing of your personal data.
Further information on storage periods can be found in the following sections.
4. YOUR RIGHTS
You have the following rights concerning your personal data:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to object to processing
- Right to data portability
YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON ARTICLE 6(1)(E) OR (F) GDPR, INCLUDING PROFILING BASED ON THOSE PROVISIONS.
WE WILL THEN NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING SERVES TO ESTABLISH, EXERCISE, OR DEFEND LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING, INCLUDING PROFILING TO THE EXTENT IT IS RELATED TO SUCH DIRECT MARKETING.
WE WILL THEN NO LONGER PROCESS YOUR PERSONAL DATA FOR THESE PURPOSES.
You have the right to withdraw any consent you have given us at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You also have the right to lodge a complaint with a supervisory authority regarding the processing of your personal data by us.
5. PROVISION OF YOUR PERSONAL DATA
The provision of your personal data is generally not required by law or contract and is not necessary for the conclusion of a contract. You are generally not obliged to provide your personal data. If there is an exception, we will inform you separately when collecting your data (e.g., by marking mandatory fields in input forms).
Not providing your data usually means we cannot process your data for the purposes described below, and you may not be able to access certain services (e.g., if you do not provide your email address, we cannot send you our newsletter).
6. WEB HOSTING
We use external service providers for web hosting. These providers may have access to personal data that is processed as part of the use of our online services.
7. WEBSERVER LOG FILES
We process your personal data to display our online services and to ensure the stability and security of our website. In doing so, information such as the requested resource, accessed URL, operating system, date and time of the request, browser type and version, IP address, protocol used, amount of data transferred, user agent, referrer URL, time zone difference to Greenwich Mean Time (GMT), and/or HTTP status code may be stored in so-called log files (e.g., access logs, error logs, etc.).
If we have asked for your consent and you have given it, the legal basis for processing is Art. 6 (1) (a) GDPR. If we have not asked for your consent, the legal basis for processing is Art. 6 (1) (f) GDPR. Our legitimate interest in this case lies in the proper display of our online services and in ensuring the stability and security of our website.
8. SECURITY
To protect the transmission of your personal data and other confidential content, we use encryption (such as SSL/TLS) on our website. You can recognize this by the “https://” prefix in your browser’s address bar and the lock icon.
9. CONTACT
If you contact us, we will process your personal data in order to respond to your inquiry.
If we have asked for your consent and you have given it, the legal basis is Article 6(1)(a) GDPR. If no consent was requested, the legal basis is Article 6(1)(f) GDPR. Our legitimate interest is responding to your contact request.
If the processing is necessary to fulfill a contract with you or to carry out pre-contractual measures based on your inquiry, the legal basis is also Article 6(1)(b) GDPR.
10. COOKIES & SIMILAR TECHNOLOGIES
We use cookies, which are text files stored on your device. We distinguish between session cookies (deleted after your browser is closed) and persistent cookies (deleted after a set period).
Similar technologies such as tracking pixels or web beacons may also be used. The statements below on cookies also apply to such technologies and to related data processing (e.g., analytics, marketing).
Cookies may be necessary for the functioning of certain features, for measuring reach, and for personalizing and optimizing our services and marketing efforts. Cookies may be set by us or by external service providers.
To manage cookies and consents, we use a consent management tool. For details on individual cookies (purpose, duration, third-party provider, etc.) and the consent tool, please refer to the relevant sections and the tool itself.
If we have asked for your consent and you have given it, the legal basis is Article 6(1)(a) GDPR. If not, the legal basis is Article 6(1)(f) GDPR. Our legitimate interest is managing the use of cookies and associated consents. Further legitimate interests depend on the purpose and are explained below.
You can prevent cookie storage by adjusting your browser settings. Below are links to instructions for managing cookies in common browsers:
You can find additional opt-out options here:
- https://www.youronlinechoices.eu/
- https://youradchoices.ca/en/tools
- https://optout.aboutads.info/?c=2&lang=EN
- https://optout.networkadvertising.org/?c=1
Blocking cookies may impair the functionality of our website. Deleting cookies will also delete saved preferences, which may need to be reset.
You may also enable the “Do-Not-Track” feature in your browser to signal that you do not wish to be tracked. Instructions for typical browsers:
- Firefox
- Chrome
- Internet Explorer / Edge
- Opera
- Safari no longer supports Do-Not-Track as of February 2019. However, cross-site tracking can be disabled: Safari Tracking Settings
- Yandex
You can also manage or revoke your cookie consents in the consent tool used on our website.
11. NEWSLETTER
If we have requested your consent and you have granted it, we process your email address for email marketing purposes and, if applicable, other personal data in order to address you personally. The legal basis for this processing is Art. 6(1)(a) GDPR. The content of the email marketing is specifically described when we request your consent. Otherwise, our email marketing contains information about us, our products, and services.
We use the so-called double opt-in procedure to prevent any misuse of your personal data. After collecting your email address, we will send you an email asking you to confirm that you indeed wish to receive email marketing. The legal basis for this processing is Art. 6(1)(f) GDPR. Our legitimate interest lies in the lawful implementation of email marketing.
We log the time at which you give your consent and the time of your confirmation, as well as your IP address and the content of your declaration of consent, in order to be able to prove that your consent was lawfully obtained. The legal basis for this processing is Art. 6(1)(f) GDPR. Our legitimate interest lies in the lawful implementation of email marketing.
We use external services for email marketing. More information on the services used, the scope of data processing, and the technologies and procedures applied by each service provider can be found in the detailed information at the end of this section and in the links provided there.
You can withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. You may withdraw your consent by using the link provided in the emails or by contacting us via the contact details provided above.
If you have withdrawn your consent, we reserve the right to process your personal data in a so-called blacklist/block list to ensure that no further email marketing is sent in connection with these personal data. The legal basis for this processing is Art. 6(1)(f) GDPR. Our legitimate interest lies in the avoidance of unwanted email marketing.
Mailchimp
Provider: The Rocket Science Group, LLC, United States of America. The Rocket Science Group, LLC is a subsidiary of Intuit Inc., United States of America.
Website: https://mailchimp.com
More information & privacy: https://www.intuit.com/privacy/statement/
Guarantee: EU Standard Contractual Clauses. A copy of the EU Standard Contractual Clauses can be requested from us. The provider has joined the EU-U.S. Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures an adequate level of data protection based on a decision by the European Commission.
12. ANALYTICS & MARKETING
We process your personal data to measure the reach of our online offering, tailor it to needs and interests, and thereby optimize our online offering and marketing.
If we have asked for and you have granted your consent, the legal basis for this processing is Art. 6(1)(a) GDPR. If we did not ask for your consent, the legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in optimizing our online offering and marketing.
We use external services for analytics and marketing, which may include profiling (for advertising, personalized information, etc.). Profiling may also occur across services and devices. Further information about the services used, the scope of data processing, and the technologies and methods applied by the services—along with whether profiling occurs, and if applicable, details on the logic involved and potential consequences—can be found in the additional information at the end of this section and in the links provided.
More information about cookies and similar technologies can be found above.
Matomo – On-Premise
Provider: Self-hosted
Website: https://matomo.org/
More information & privacy: https://matomo.org/gdpr-analytics and https://matomo.org/privacy-policy/
13. SOCIAL MEDIA CONTENT/PLUGINS
We use social media content/plugins from external services to display content and functionalities from those services and thereby optimize our online offering and marketing.
If we have asked for and you have granted your consent, the legal basis for this processing is Art. 6(1)(a) GDPR. If we did not ask for your consent, the legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in optimizing our online offering and marketing.
Use of these external services may involve profiling (for advertising, personalized information, etc.) and may occur across services and devices. More details can be found in the information at the end of this section and in the links provided.
Vimeo
Provider: Vimeo, Inc., United States of America
Website: https://vimeo.com
More information & privacy: https://help.vimeo.com/hc/en-us/articles/12426199699985-Overview-of-video-privacy-settings
Guarantee: EU Standard Contractual Clauses. A copy can be requested from us.
YouTube
Provider: In the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.
Website: https://www.youtube.com
More information & privacy: https://policies.google.com and https://business.safety.google/privacy/
Data transfers to third countries occur depending on the specific Google service used and are subject to various EU Standard Contractual Clauses, if provided by Google. More information and details on Google’s responsibilities can be found here: https://business.safety.google/gdpr/. A copy of the EU SCCs can be viewed there. The provider has joined the EU-U.S. Data Privacy Framework.
14. FONTS & SCRIPTS
We use fonts and scripts from external services to display our online offering and ensure up-to-date fonts and scripts.
If we have asked for and you have granted your consent, the legal basis for this processing is Art. 6(1)(a) GDPR. If we did not ask for your consent, the legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the proper display of our online offering and ensuring up-to-date fonts and scripts.
Use of external services may involve profiling (for advertising, personalized information, etc.) and may occur across services and devices. More details can be found at the end of this section.
Adobe Fonts
Provider: If you reside in North America, the service is provided by Adobe Inc., USA. Otherwise, it is provided by Adobe Systems Software Ireland Limited, Ireland.
Website: https://fonts.adobe.com
More information & privacy: https://www.adobe.com/privacy.html
Guarantee: EU Standard Contractual Clauses. A copy can be requested from us. The provider has joined the EU-U.S. Data Privacy Framework.
Font Awesome
Provider: Fonticons, Inc., United States of America
Website: https://www.fontawesome.com
More information & privacy: https://fontawesome.com/privacy
15. MAPS
We use maps from external services to show our location and enable the use of additional functions provided by those services.
If we have asked for and you have granted your consent, the legal basis is Art. 6(1)(a) GDPR. If we did not ask for your consent, the legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in simplifying the use of maps.
Use of external services may involve profiling. More information can be found in the corresponding section below.
OpenStreetMap
Provider: OpenStreetMap Foundation, United Kingdom
Website: https://wiki.osmfoundation.org/wiki/Main_Page
More information & privacy: https://wiki.osmfoundation.org/wiki/Privacy_Policy
Adequate level of data protection for transfers to the UK: EU Commission adequacy decision.
16. APPLICATIONS
If you apply to us, we process your personal data to carry out the application process and make decisions regarding the initiation of an employment relationship. After the application process ends, we restrict the processing of your data and delete or destroy it no later than six months after rejection unless you have consented to further processing.
If we asked for and you granted your consent, the legal basis is Art. 6(1)(a) GDPR. If not, the legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the proper handling of the application process and potential defense against legal claims. If processing is required to make an employment decision, the legal basis is also § 26(1) sentence 1 BDSG.
17. CAPTCHAS
We use captchas to protect our online services from abusive, automated, or robotic input (e.g., in forms) and prevent misuse.
If we asked for and you granted your consent, the legal basis is Art. 6(1)(a) GDPR. If not, the legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in protecting our services and preventing misuse.
We use external services to provide captchas, which may include profiling. More information is provided below.
Google reCAPTCHA
Provider: In the EEA and Switzerland, Google services are provided by Google Ireland Limited, Ireland (a subsidiary of Google LLC, USA).
Website: https://www.google.com/recaptcha/
More information & privacy: https://policies.google.com and https://business.safety.google/privacy/
Transfers to third countries are subject to various EU Standard Contractual Clauses, depending on the service. See: https://business.safety.google/gdpr/. The provider has joined the EU-U.S. Data Privacy Framework.
