联系我们 致电我们
隐私政策
首页 » 隐私政策

隐私政策

序言

通过以下隐私政策,我们希望告知您我们出于何种目的在何种范围内处理您的哪些类型的个人数据(以下也简称为 “数据”)。本隐私声明适用于我们在提供服务时对个人数据的所有处理,尤其是在我们的网站、移动应用程序和外部在线存在(如我们的社交媒体资料,以下统称为 “在线服务”)中。
所用术语不分性别。
最后更新: 28. 2020 年 10 月

目录

– Preamble
– Controller
– Overview of processing operations
– Legal Bases for the Processing
– Security Precautions
– Transmission and Disclosure of Personal Data
– Data Processing in Third Countries
– Provision of online services and web hosting
– Special Notes on Applications (Apps)
– Contacting us
– Newsletter and Electronic Communications
– Commercial communication by E-Mail, Postal Mail, Fax or Telephone
– Web Analysis, Monitoring and Optimization
– Profiles in Social Networks (Social Media)
– Plugins and embedded functions and content
– Changes and Updates to the Privacy Policy
– Rights of Data Subjects
– Terminology and Definitions

控制器

Audivo GmbH
Erich Böhm
Irrenloher Damm 30
92521 Schwarzenfeld
德国
电子邮件地址: erich.boehm@audivo.com

加工操作概述

下表概述了所处理数据的类型、处理目的和相关数据主体。

Categories of Processed Data
– Inventory data (e.g. names, addresses).
– Content data (e.g. text input, photographs, videos).
– Contact data (e.g. e-mail, telephone numbers).
– Meta/communication data (e.g. device information, IP addresses).
– Usage data (e.g. websites visited, interest in content, access times).

Categories of Data Subjects
– Communication partner (Recipients of e-mails, letters, etc.).
– Users (e.g. website visitors, users of online services).

Purposes of Processing
– Provision of our online services and usability.
– Conversion tracking (Measurement of the effectiveness of marketing activities).
– Direct marketing (e.g. by e-mail or postal).
– Contact requests and communication.
– Profiling (Creating user profiles).
– Remarketing.
– Web Analytics (e.g. access statistics, recognition of returning visitors).
– Targeting (e.g. profiling based on interests and behaviour, use of cookies).
– Provision of contractual services and customer support.

Legal Bases for the Processing
在下文中,我们将向您介绍《一般数据保护条例》(GDPR)的法律依据,以及我们处理个人数据的依据。请注意,除了 GDPR 的规定外,您的国家或我们的居住国或住所国可能也适用国家数据保护规定。此外,如果在个别情况下适用更具体的法律依据,我们将在数据保护声明中告知您。

– Consent (Article 6 (1) (a) GDPR) – The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
– Performance of a contract and prior requests (Article 6 (1) (b) GDPR) – Performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
– Legitimate Interests (Article 6 (1) (f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

安全防范措施

我们根据法律要求采取适当的技术和组织措施,同时考虑到技术水平、实施成本、处理的性质、范围、背景和目的,以及对自然人的权利和自由造成的不同可能性和严重程度的风险,以确保与风险相适应的安全水平。

这些措施尤其包括通过控制对数据的物理和电子访问,以及对数据的访问、输入、传输、保护和分离,来保障数据的保密性、完整性和可用性。此外,我们还制定了相关程序,确保数据主体的权利得到尊重,数据被删除,并做好迅速应对数据威胁的准备。此外,我们在开发或选择硬件、软件和服务提供商时,就按照 “设计即隐私 ”和 “默认即隐私 ”的原则,考虑到了个人数据的保护问题。

个人数据的传输和披露

在我们处理个人数据的过程中,可能会将数据传输到其他地方、公司或个人,或向他们披露。例如,这些数据的接收方可能包括支付交易范围内的支付机构、受托执行 IT 任务的服务提供商或嵌入网站的服务和内容提供商。在这种情况下,我们将遵守法律规定,特别是与您的数据接收方签订相应的合同或协议,以保护您的数据。

第三国的数据处理

如果我们在第三国(即欧盟(EU)、欧洲经济区(EEA)以外)处理数据,或在使用第三方服务或向其他个人、机构或公司披露或转让数据的情况下处理数据,则只能按照法律要求进行。

在征得明确同意或根据合同或法律要求进行转移的情况下,我们仅在数据保护水平得到认可的第三国处理或已经处理的数据,并以特殊保障为基础,例如通过欧盟委员会所谓的标准保护条款履行合同义务,或者如果认证或具有约束力的内部数据保护法规证明处理是合理的(GDPR 第 44 至 49 条,欧盟委员会信息页面:https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en)。

提供在线服务和网络托管

为了安全有效地提供在线服务,我们使用一个或多个网络托管服务提供商的服务,通过其服务器(或其管理的服务器)可以访问在线服务。为此,我们可能会使用基础设施和平台服务、计算能力、存储空间和数据库服务,以及安全和技术维护服务。

在提供托管服务框架内处理的数据可能包括在使用和交流过程中收集到的与我们在线服务用户有关的所有信息。这通常包括 IP 地址(向浏览器提供在线服务内容所必需的)以及在我们的在线服务中或从网站上进行的所有输入。

电子邮件发送和托管:我们使用的虚拟主机服务还包括发送、接收和存储电子邮件。为此,我们会处理收件人和发件人的地址,以及与发送电子邮件有关的其他信息(如相关提供商)和相关电子邮件的内容。上述数据还可能用于垃圾邮件检测目的。请注意,互联网上的电子邮件一般不以加密形式发送。通常情况下,电子邮件在传输过程中会加密,但在发送和接收电子邮件的服务器上不会加密(除非使用了所谓的端到端加密方法)。因此,我们对电子邮件从发件人到我们服务器接收之间的传输路径不承担任何责任。

访问数据和日志文件的收集:我们或我们的网站托管商会收集每次访问服务器的数据(即所谓的服务器日志文件)。服务器日志文件可能包括访问的网页和文件的地址和名称、访问日期和时间、传输的数据量、成功访问通知、浏览器类型和版本、用户的操作系统、推荐 URL(之前访问过的页面),以及一般情况下的 IP 地址和请求提供商。

服务器日志文件可用于安全目的,例如避免服务器过载(特别是在滥用攻击,即所谓的 DDoS 攻击的情况下),并确保服务器的稳定性和最佳负载平衡。

处理的数据类型:内容数据(如文本输入、照片、视频)、使用数据(如访问过的网站、对内容的兴趣、访问时间)、元/通信数据(如设备信息、IP 地址)。
数据主体:用户(如网站访问者、在线服务用户)。
法律依据:合法权益(《个人数据保护法》第 6 (1) (f) 条)。

应用程序(Apps)特别说明

We process the data of the users of our application to the extent necessary to provide the users with the application and its functionalities, to monitor its security and to develop it further. Furthermore, we may contact users in compliance with the statutory provisions if communication is necessary for the purposes of administration or use of the application. In addition, we refer to the data protection information in this privacy policy with regard to the processing of user data.

Legal basis: The processing of data necessary for the provision of the functionalities of the application serves to fulfil contractual obligations. This also applies if the provision of the functions requires user authorisation (e.g. release of device functions). If the processing of data is not necessary for the provision of the functionalities of the application, but serves the security of the application or our business interests (e.g. collection of data for the purpose of optimising the application or security purposes), it is carried out on the basis of our legitimate interests. If users are expressly requested to give their consent to the processing of their data, the data covered by the consent is processed on the basis of the consent.

Device authorizations for access to functions and data: The use of certain functions of our application may require access to the camera and the stored recordings of the users. By default, these authorizations must be granted by the user and can be revoked at any time in the settings of the respective devices. The exact procedure for controlling app permissions may depend on the user’s device and software. Users can contact us if they require further explanation. We would like to point out that the refusal or revocation of the respective authorizations can affect the functionality of our application.

– Processed data types: Inventory data (e.g. names, addresses), Meta/communication data (e.g. device information, IP addresses).
– Purposes of Processing: Provision of contractual services and customer support.
– Legal Basis: Consent (Article 6 (1) (a) GDPR), Performance of a contract and prior requests (Article 6 (1) (b) GDPR), Legitimate Interests (Article 6 (1) (f) GDPR).

联系我们

When contacting us (e.g. by contact form, e-mail, telephone or via social media), the data of the inquiring persons are processed insofar as this is necessary to answer the contact enquiries and any requested activities.

The response to contact enquiries within the framework of contractual or pre-contractual relationships is made in order to fulfil our contractual obligations or to respond to (pre)contractual enquiries and otherwise on the basis of the legitimate interests in responding to the enquiries.

– Processed data types: Inventory data (e.g. names, addresses), Contact data (e.g. e-mail, telephone numbers), Content data (e.g. text input, photographs, videos).
– Data subjects: Communication partner (Recipients of e-mails, letters, etc.).
Purposes of Processing: Contact requests and communication.
Legal Basis: Performance of a contract and prior requests (Article 6 (1) (b) GDPR), Legitimate Interests (Article 6 (1) (f) GDPR).

通讯和电子通信

We send newsletters, e-mails and other electronic communications (hereinafter referred to as „newsletters“) only with the consent of the recipient or a legal permission. Insofar as the contents of the newsletter are specifically described within the framework of registration, they are decisive for the consent of the user. Otherwise, our newsletters contain information about our services and us.

In order to subscribe to our newsletters, it is generally sufficient to enter your e-mail address. We may, however, ask you to provide a name for the purpose of contacting you personally in the newsletter or to provide further information if this is required for the purposes of the newsletter.

Double opt-in procedure: The registration to our newsletter takes place in general in a so-called Double-Opt-In procedure. This means that you will receive an e-mail after registration asking you to confirm your registration. This confirmation is necessary so that no one can register with external e-mail addresses.

The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes storing the login and confirmation times as well as the IP address. Likewise the changes of your data stored with the dispatch service provider are logged.

Deletion and restriction of processing: We may store the unsubscribed email addresses for up to three years based on our legitimate interests before deleting them to provide evidence of prior consent. The processing of these data is limited to the purpose of a possible defense against claims. An individual deletion request is possible at any time, provided that the former existence of a consent is confirmed at the same time. In the case of an obligation to permanently observe an objection, we reserve the right to store the e-mail address solely for this purpose in a blocklist.

Information on legal bases: The sending of the newsletter is based on the consent of the recipients or, if consent is not required, on the basis of our legitimate interests in direct marketing. Insofar as we engage a service provider for sending e-mails, this is done on the basis of our legitimate interests. The registration procedure is recorded on the basis of our legitimate interests for the purpose of demonstrating that it has been conducted in accordance with the law.

Contents: Information about us, our services, promotions and offers.

Processed data types: Inventory data (e.g. names, addresses), Contact data (e.g. e-mail, telephone numbers), Meta/communication data (e.g. device information, IP addresses), Usage data (e.g. websites visited, interest in content, access times).
Data subjects: Communication partner (Recipients of e-mails, letters, etc.).
Purposes of Processing: Direct marketing (e.g. by e-mail or postal).
Legal Basis: Consent (Article 6 (1) (a) GDPR), Legitimate Interests (Article 6 (1) (f) GDPR).
Opt-Out: You can cancel the receipt of our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can otherwise use one of the contact options listed above, preferably e-mail.

通过电子邮件、邮政信件、传真或电话进行的商业通信

We process personal data for the purposes of promotional communication, which may be carried out via various channels, such as e-mail, telephone, post or fax, in accordance with the legal requirements.

The recipients have the right to withdraw their consent at any time or to object to the advertising communication at any time.

After withdrawal or objection, we may store the data required to prove consent for up to three years on the basis of our legitimate interests before we delete them. The processing of these data is limited to the purpose of a possible defense against claims. An individual deletion request is possible at any time, provided that the former existence of a consent is affirmed.

– Processed data types: Inventory data (e.g. names, addresses), Contact data (e.g. e-mail, telephone numbers).
Data subjects: Communication partner (Recipients of e-mails, letters, etc.).
Purposes of Processing: Direct marketing (e.g. by e-mail or postal).
Legal Basis: Consent (Article 6 (1) (a) GDPR), Legitimate Interests (Article 6 (1) (f) GDPR).

网络分析、监控和优化

Web analysis is used to evaluate the visitor traffic on our website and may include the behaviour, interests or demographic information of users, such as age or gender, as pseudonymous values. With the help of web analysis we can e.g. recognize, at which time our online services or their functions or contents are most frequently used or requested for repeatedly, as well as which areas require optimization.

In addition to web analysis, we can also use test procedures, e.g. to test and optimize different versions of our online services or their components.

For these purposes, so-called user profiles can be created and stored in a file (so-called „cookie“) or similar procedures in which the relevant user information for the aforementioned analyses is stored. This information may include, for example, content viewed, web pages visited and elements and technical data used there, such as the browser used, computer system used and information on times of use. If users have consented to the collection of their location data, these may also be processed, depending on the provider.

The IP addresses of the users are also stored. However, we use any existing IP masking procedure (i.e. pseudonymisation by shortening the IP address) to protect the user. In general, within the framework of web analysis, A/B testing and optimisation, no user data (such as e-mail addresses or names) is stored, but pseudonyms. This means that we, as well as the providers of the software used, do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective processes.

Information on legal basis: If we ask the users for their consent to the use of third party providers, the legal basis of the processing is consent. Furthermore, the processing can be a component of our (pre)contractual services, provided that the use of the third party was agreed within this context. Otherwise, user data will be processed on the basis of our legitimate interests (i.e. interest in efficient, economic and recipient friendly services). In this context, we would also like to refer you to the information on the use of cookies in this privacy policy.

– Data subjects: Users (e.g. website visitors, users of online services).
Purposes of Processing: Web Analytics (e.g. access statistics, recognition of returning visitors), Targeting (e.g. profiling based on interests and behaviour, use of cookies), Conversion tracking (Measurement of the effectiveness of marketing activities), Profiling (Creating user profiles).
Security measures: IP Masking (Pseudonymization of the IP address).
– Legal Basis: Consent (Article 6 (1) (a) GDPR), Legitimate Interests (Article 6 (1) (f) GDPR).

You can change your cookie settings at any time here.

社交网络(社交媒体)中的简介

We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.

We would like to point out that user data may be processed outside the European Union. This may entail risks for users, e.g. by making it more difficult to enforce users‘ rights.

In addition, user data is usually processed within social networks for market research and advertising purposes. For example, user profiles can be created on the basis of user behaviour and the associated interests of users. The user profiles can then be used, for example, to place advertisements within and outside the networks which are presumed to correspond to the interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the user’s usage behaviour and interests are stored. Furthermore, data can be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective networs or will become members later on).

For a detailed description of the respective processing operations and the opt-out options, please refer to the respective data protection declarations and information provided by the providers of the respective networks.

Also in the case of requests for information and the exercise of rights of data subjects, we point out that these can be most effectively pursued with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, please do not hesitate to contact us.

– Processed data types: Inventory data (e.g. names, addresses), Contact data (e.g. e-mail, telephone numbers), Content data (e.g. text input, photographs, videos), Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
Data subjects: Users (e.g. website visitors, users of online services).
– Purposes of Processing: Contact requests and communication, Targeting (e.g. profiling based on interests and behaviour, use of cookies), Remarketing.
Legal Basis: Legitimate Interests (Article 6 (1) (f) GDPR).

Services and service providers being used:
LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

插件和嵌入式功能及内容

Within our online services, we integrate functional and content elements that are obtained from the servers of their respective providers (hereinafter referred to as „third-party providers“). These may, for example, be graphics, videos or social media buttons as well as contributions (hereinafter uniformly referred to as „Content“).

The integration always presupposes that the third-party providers of this content process the IP address of the user, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of these contents or functions. We strive to use only those contents, whose respective offerers use the IP address only for the distribution of the contents. Third parties may also use so-called pixel tags (invisible graphics, also known as „web beacons“) for statistical or marketing purposes. The „pixel tags“ can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, visit times and other information about the use of our website, as well as may be linked to such information from other sources.

Information on legal basis: If we ask users for their consent (e.g. in the context of a so-called „cookie banner consent“), the legal basis for processing is this consent. Otherwise, user data will be processed on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online services. We refer you to the note on the use of cookies in this privacy policy.

– Processed data types: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
– Data subjects: Users (e.g. website visitors, users of online services).
– Purposes of Processing: Provision of our online services and usability, Provision of contractual services and customer support.
Legal Basis: Legitimate Interests (Article 6 (1) (f) GDPR).

Services and service providers being used:
You can find all services and service providers used in your privacy settings.

Controller: „Controller“ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Conversion tracking: Conversion tracking is a method used to evaluate the effectiveness of marketing measures. For this purpose, a cookie is usually stored on the devices of the users within the websites on which the marketing measures take place and then called up again on the target website (e.g. we can thus trace whether the advertisements placed by us on other websites were successful).
IP Masking: IP masking is a method by which the last octet, i.e. the last two numbers of an IP address, are deleted so that the IP address alone can no longer be used to uniquely identify a person. IP masking is therefore a means of pseudonymising processing methods, particularly in online marketing.
Personal Data: „personal data“ means any information relating to an identified or identifiable natural person („data subject“); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing: The term „processing“ covers a wide range and practically every handling of data, be it collection, evaluation, storage, transmission or erasure.
Profiling: „Profiling“ means any automated processing of personal data consisting in the use of such personal data to analyse, evaluate or predict certain personal aspects relating to a natural person (depending on the type of profiling, this includes information regarding age, gender, location and movement data, interaction with websites and their contents, shopping behaviour, social interactions with other people) (e.g. interests in certain contents or products, click behaviour on a website or the location). Cookies and web beacons are often used for profiling purposes.
Remarketing: Remarketing“ or „retargeting“ is the term used, for example, to indicate for advertising purposes which products a user is interested in on a website in order to remind the user of these products on other websites, e.g. in advertisements.
Targeting: Tracking“ is the term used when the behaviour of users can be traced across several websites. As a rule, behavior and interest information with regard to the websites used is stored in cookies or on the servers of the tracking technology providers (so-called profiling). This information can then be used, for example, to display advertisements to users presumably corresponding to their interests.
Web Analytics: Web Analytics serves the evaluation of visitor traffic of online services and can determine their behavior or interests in certain information, such as content of websites. With the help of web analytics, website owners, for example, can recognize at what time visitors visit their website and what content they are interested in. This allows them, for example, to optimize the content of the website to better meet the needs of their visitors. For purposes of web analytics, pseudonymous cookies and web beacons are frequently used in order to recognise returning visitors and thus obtain more precise analyses of the use of an online service.

To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/.

The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.