• EN
  • Privacy Policy

Privacy Policy and Consent to Use of Data

Intershop is committed to the responsible use of personal data. We have a particular obligation to protect and maintain the privacy of our customers and partners. We would therefore like to inform you about how we use your personal data.

We reserve the right to amend this Privacy Policy at any time. You are therefore advised to review this Privacy Policy at regular intervals.

1. Data Controller

The data controller as defined by the General Data Protection Regulation (GDPR) is:

Intershop Communications AG
Intershop Tower
07740 Jena
Germany
Tel.: +49 3641 50-0
Fax: +49 3641 50-1002
E-Mail: info@intershop.com

2. Data Protection Officer

If you have any questions or comments regarding data protection, please contact our data protection officer:
DatenschutzBeauftragter@intershop.de

3. Purpose of and Legal Basis for the Processing of Personal Data

a. When you use our website

Apart from the data collected by cookies and web analytics services, you can use our website without sharing any personal data with us. For information on the cookies and web analytics services used on our website, see Section 7 onwards.

b. When you inquire by email

If you have any questions about our products or services, we provide the option of contacting our customer service team (by phone or email) in accordance with point (f) of Article 6(1) of the GDPR. Sharing your personal data with us is always voluntary. The purpose of collecting your personal data (title, first name, last name, company email address, company name) is to identify you and to respond to your inquiry. Our legitimate interest here is the commercial necessity of being able to contact potential new customers. Any personal data you share with us when inquiring by email will be automatically deleted within 24 months unless longer statutory retention periods apply.

c. When you request a free white paper

You can also request any of our free white papers on digitization and Intershop products and services. These will be sent to you by email in accordance with point (f) of Article 6(1) of the GDPR. To receive a white paper, you will have to provide your title, first name, last name, email address, and company name. You can also provide your phone number if you would like us to contact you that way. The purpose of collecting your personal data is to identify you and to send you the requested white papers. Our legitimate interest here is the commercial necessity of being able to contact potential new customers. Any personal data you share with us via the contact form or phone will be automatically deleted within 24 months unless longer statutory retention periods apply.

d. When you request an online demo or on-site presentation

If you have any questions about our products or services, we provide the option of contacting our cus-tomer service team (by phone or email) in accordance with point (f) of Article 6(1) of the GDPR in order to arrange an online demo or on-site presentation. Sharing your personal data with us is always voluntary. The purpose of collecting your personal data (name, email address, company) is to identify you and to arrange a date for an online demo or on-site presentation. Our legitimate interest here is the commercial necessity of being able to contact potential new customers. Any personal data you share with us via the contact form or phone will be automatically deleted within 24 months unless longer statutory retention periods apply.

e. When you register for an event

To help you lay the foundations for your digital business, we periodically host events on topics relating to digitization of business models. To enable you to participate in these events, we provide the option of registering through our website in accordance with point (f) of Article 6(1) of the GDPR. Sharing your per-sonal data with us is always voluntary. The purpose of collecting your personal data (first name, last name, company email address, position) is to identify you and to process your registration for the event. Our legitimate interest here is the commercial necessity of being able to contact potential new customers. Any personal data you share with us via the contact form or phone will be automatically deleted within 24 months unless longer statutory retention periods apply.

f. When you subscribe to our newsletter

When you subscribe to our newsletter, we will use your email address to send you the regular editions of the newsletter and information on events, industry news, e-commerce reports and other publications in accordance with point (a) of Article 6(1) of the GDPR. To subscribe to and receive the newsletter, the only information you need to share with us is your email address. At the end of each newsletter is an unsubscribe link, which you can use at any time. You can also cancel your subscription by sending an email to info@intershop.com. Our newsletter is published with the help of a third-party provider, HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 („HubSpot“). When you subscribe to the newsletter, the data you enter will be shared with this provider. If you do not want this data to be shared, you should not subscribe to the newsletter. You can unsubscribe from our newsletters at any time using the email address specified for this purpose when subscribing. If you do not subscribe to our newsletter or email services, no personal data will be shared. HubSpot is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. Additionally, HubSpot is subject to the EU-US Privacy-Shield (certificate available at: https://www.privacyshield.gov/participant?id=a2zt0000000TN8pAAG). For information on how HubSpot uses your personal data, you can view their privacy policy here: https://legal.hubspot.com/privacy-policy. The personal data you share with us when subscribing to the newsletter will be stored until you unsubscribe and then automatically deleted within 24 months unless longer statutory retention periods apply.

g. When you subscribe to our investor newsletter

When you subscribe to our newsletter, we will use your email address to send you the regular editions of the newsletter and other information in accordance with point (a) of Article 6(1) of the GDPR. To subscribe to and receive the newsletter, the only information you need to share with us is your email address. At the end of each newsletter is an unsubscribe link, which you can use at any time. You can also cancel your subscription by sending an email to info@intershop.com. Our newsletter is published with the help of a third-party provider, HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 („HubSpot“). When you subscribe to the newsletter, the data you enter will be shared with this provider. If you do not want this data to be shared, you should not subscribe to the newsletter. You can unsubscribe from our newsletters at any time using the email address specified for this purpose when subscribing. If you do not subscribe to our newsletter or email services, no personal data will be shared. HubSpot is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. Additionally, HubSpot is subject to the EU-US Privacy-Shield (certificate available at: https://www.privacyshield.gov/participant?id=a2zt0000000TN8pAAG). For information on how HubSpot uses your personal data, you can view their privacy policy here: https://legal.hubspot.com/privacy-policy. The personal data you share with us when subscribing to the newsletter will be stored until you unsubscribe and then automatically deleted within 24 months unless longer statutory retention periods apply.

h. When you apply for a job

You can also use our website to apply for a job. If you do so, we will manage your application using software provided by Rexx Systems GMBH, Süderstrasse 75–79, 20097 Hamburg, Germany (“Rexx”). Rexx is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. We will only use the personal data you share with us in your application to process that application in accordance with points (b) and (c) of Article 6(1) of the GDPR. Your personal data will be treated in the strictest confidence in accordance with the law. Your personal data will be accessible to the relevant staff in our HR department and may be shared with management and employee representatives in some cases. When applying for a job, you must complete all the mandatory fields on the application form. If you do not provide this information, you will not be able to apply. Unless you ask us to delete it, we will store your personal data for a maximum of six months after the application process is completed. If we want to retain your application beyond that time because a suitable position is expected to become available at a later date, we will request your consent in writing. If your application is successful, we will generally store your application data in accordance with the scope of your employment contract and in compliance with the retention periods for personal data specified in the relevant commercial, tax, and social security legislation.

i. When you register on our partner portal

You can register as a partner at https://synaptic.intershop.com and access a range of partner offerings. For the  creation of a customer account we use the social plugin „Sign-In with LinkedIn“, provided by LinkedIn Ireland Unlimited Company, Wilton Place 2, Irland („LinkedIn“). By using this blue LinkedIn button you can register with your LinkedIn user data on our partner portal. We will only process the personal data you share with us when registering to process your registration and to facilitate your use of the partner portal in accordance with point (b) of Article 6 (1) of the GDPR. Using this sign-in procedure connects to your LinkedIn account. As a result, LinkedIn finds out  that you are visiting our website, and we receive various data  depending on the privacy settings in your LinkedIn account: User ID, first and last name, email address, gender, date of birth, company name, profile link and, if applicable, profile pictures, user IDs of  friends, friends list if they marked as public. We only store the necessary data (first and last name, email address) to create a user account for the partner portal. For information on the purpose and scope of data collection and processing by LinkedIn, please refer to LinkedIn’s privacy policy (https://www.linkedin.com/legal/privacy-policy) and user agreement (https://www.linkedin.com/legal/user-agreement). If you do not want LinkedIn receive data collected via our partner portal, you should sign out of LinkedIn before visiting our website. If you do not ask us to delete the personal data you share with us, we will store it for a maximum of ten years.

j. When you register for a webinar

We periodically host webinars on topics relating news to our software, the increase of your online success or other topics. To enable you to participate in these webinars, we provide the option of registering through our website. We will only use the personal data you share with us when registering to process your registration, the provision of the webinar as well as communication in the pre- and after field and to facilitate your participation in the webinar in accordance with point (b) of Article 6(1) of the GDPR. For this we make use of a third-party provider, LogMeIn Inc., 333 Summer Street, Boston, Massachusetts 02210 (“LogMeIn”), based in the USA. Your personal data will be shared with this provider. If you do not want your personal data to be shared, you should not register to our online-webinars. LogMeIn is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. For information on how LogMeIn uses your personal data, you can view their privacy policy here: https://www.logmeininc.com/de/gdpr/resource-center. Additionally, LogMeIn is subject to the EU-US Privacy-Shield (certificate available at: https://www.privacyshield.gov/participant?id=a2zt0000000013fAAA). All relevant personal data you share with us for the purpose of the participating in the webinar via the contact form and if necessary any related documents (e.g. commercial letters, invoices) will be stored for a maximum of six to ten years after the completion of the webinar in accordance with legal requirements and regulations. If we host a webinar in cooperation with a partner, your contact details can be forwarded to the partner (e.g. for further communication after the webinar). 

k. Data processing for direct advertising

Based on our general economic and legitimate interest to send personalized direct mails to potential new customers, we reserve the right, in accordance with point (f) of Article 6 (1) of the GDPR, to store your email address and to use it to send you product information by email or to use your telephone number to contact you. We use a variety of data to provide you with information that is as individual as possible: receipt and read notifications, date and time you visited our website, products you viewed. You can object to the processing of your data for this purpose at any time by sending a corresponding e-mail to info@intershop.com. All personal data for the purpose of direct advertising will be stored until objection is received and in accordance with the legal requirements. Possible interests warranting particular protection do not prevail, as there is the possibility at any time to object to the data processing and to delete the data. 

l. When you register to our online training

We host online trainings on topics relating to the usage, the administration and/or the customization of our software. To enable you to participate in these trainings, we provide the option of registering through our website. You can register as organizer or participant for trainings at https://intershopacademy.talentlms.com/catalog/index
We will only use the personal data you share with us when registering to process your registration, to send you a weekly reminder email and to use our trainings and certification programs in accordance with point (b) of Article 6(1) of the GDPR. If you do not want to share the personal data required when registering, you will not be able to use our trainings or certification programs. Sharing your personal data with us is always voluntary. The purpose of collecting your personal data (first name, last name, telephone number, business email address, payment information: name of the company, contact person, address of the company, email address, telephone number, telefax) is to identify you and to arrange a date for an online training respectively regular training and to process your registration for the event. For this we use the elarning service TalentLMS from the third-party provide Epignosis LCC, 315 Montgomery Street, 9th Floor, San Francisco, CA 94104, USA and Epignosis UK LtD, 1 Buckwell Road, Kingsbridge, South Hams, United Kingdom, TQ7 1NQ (“TalentLMS”). Your personal data will be shared with this provider. If you do not want your personal data to be shared, you should not register to our online-trainings. TalentLMS is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. For information on how TalentLMS uses your personal data, you can view their privacy policy here: https://de.talentlms.com/privacy. All relevant personal data you share with us for the purpose of the participating in the online training and if necessary any related documents (e.g. commercial letters, invoices) will be stored for a maximum of six to ten years after the completion of the training in accordance with legal requirements and regulations.

4. Consent

If you wish, you can give us the following consent in accordance with point (a) of Article 6(1) of the GDPR. We will log your consent and make it available for you to review at any time on this page (Privacy Policy and Consent to Use of Data).
Yes, I would like to be kept up to date by email about events, industry news, reports, and publications related to Intershop Communications AG. Intershop’s short newsletter is usually published every two weeks. I can withdraw this consent at any time by sending an email to info@intershop.com or by clicking the unsubscribe link at the end of any newsletter.

5. Right of Withdrawal and Right to Object

You may withdraw your consent for us to use your personal data as shown in Section 4 (including declarations of consent you may not have given) either entirely or for selected processes only, free of charge. Withdrawal of consent does not affect the lawfulness of any prior processing of data to which you had consented. If you withdraw your consent, you will no longer receive our newsletter. You have the right, in accordance with Article 21 of the GDPR, to object to the processing of your personal data in pursuit of the legitimate interests of Intershop or a third party if your reasons for ob-jection relate to your particular situation or if your objection concerns general or personalized direct marketing. In the latter case, you have a general right to object and you do not need to provide details of your particular situation. If you would like to use your right of withdrawal or right to object, please send an email to info@intershop.com or contact the data controller in some other way (see Section 1).

6. Disclosing Data to Third Parties / Recipients of Data

Subject to the above provisions we do not disclose your personal data to third parties. When providing our services, we may use technical service providers as processors in accordance with Article 28 of the GDPR, e.g., Microsoft Azure for hosting.

7. Cookies

What are cookies and what are they used for?

To improve the design of our website and to provide certain features (e.g., user-friendliness, readability, arrangement of content, and delivery of personalized content and functionality), we use “cookies” on a number of pages in accordance with point (f) of Article 6(1) of the GDPR. Cookies are small text files, which your browser downloads when you visit a website. Some of the cookies we use are deleted at the end of your browser session, i.e., after you close your browser (“session cookies”). Other cookies remain on your device and enable us to recognize your browser the next time you visit (“persistent cookies”).

Cookie settings

Which cookies do we use?

We use so-called "first-party cookies", which are set by us as controller, as well as "third-party cookies", which are used by other providers.

Strictly Necessary Cookies

These cookies are essential to navigate the website and use its functions, for example for changing your privacy policy settings, for signing in or for filling in forms. Without these cookies, the website might not operate properly. According to applicable legislation, these cookies do not require agreement by the user. You can configure your browser in a way that it blocks necessary cookies, however, then, you might not be able to properly use the website.

Name Expiration Provider Description Category
_cfduid 1 year hubspot.com, hs-analytics.net, hs-scripts.com (https://legal.hubspot.com/privacy-policy) The Cloudflare-Cookie, set by HubSpot, is used to identify individual clients behind a shared IP address. Third Party
__cfduid 29 days blog.intershop.com Set by the content network Cloudflare to identify trusted web traffic. Third Party
__cfduid 30 days info.intershop.com Set by the content network Cloudflare to identify trusted web traffic. Third Party
__cfruid Session blog.intershop.com,  info.intershop.com, revenueriver.co This cookie is part of the Cloudflare services - including load balancing, provision of website content and provision of a DNS connection for website operators. Third Party
PHPSESSID Session intershop.com Maintains the user's state for all page requests. First Party
CookieConsent 1 year Cookiebot Saves the user's consent status for cookies on the current domain. Third Party
local_storage_support_test Persistent Twitter This cookie is used in connection with the local storage function in the browser. This function enables the website to load faster by preloading certain procedures. Third Party
.ASPXANONYMOUS 1 year intershop.com This cookie is used by websites that use the Microsoft .NET technology platform. First Party
apiToken 1 year Intershop PWA The API token used by the Intershop Commerce Management REST API. First Party
cookieLawSeen 1 year Intershop PWA Saves the user's consent to accept cookies on the current domain. First Party
TiPMix 1 hour Azure Cookie for "Testing in Production" (TipMix) on Azure websites. Third Party
x-ms-routing-name 1 hour Azure Additional cookie for "Testing in Production" (TipMix) on Azure websites. Third Party
_GPSLSC Session Apache PageSpeed (nginx) Cookie for the Local Storage Cache filter. Its value is a list of hashes of the URLs of resources stored in local storage. Third Party
pk_id.13.ce58 1 year intershop.com Used to recognize visitors and hold their various properties. First Party
sid 1 hour intershop.com Contains an anonymous user ID so that multiple requests from a user can be assigned to the same HTTP session. First Party
cookieconsent_status Session intershop.com This cookie stores your cookie settings for this website. First Party

 

Marketing Cookies

Marketing cookies (synonymously called targeting or advertising cookies) are used to display advertisements on third-party websites, which are relevant for the user and his interests. They are also used to limit the frequency of an ad and to measure and control the effectiveness of advertising campaigns.

The legal basis for the processing of personal data that may be processed with the help of marketing cookies is the consent of the user. You can configure your browser in a way that it  also blocks strickly necessary cookies, however, then, you might not be able to properly use the website.

Name Expiration Provider Description Category
__widgetsettings Persistent Twitter This cookie is set by Twitter and enables the user to share content from the website on his twitter profile. Third Party
_lfa 24 months Leadfeeder (https://www.leadfeeder.com/cookies-and-tracking/) This cookie is only set for the website domain. Third Party
BizoID
bcookie
bscookie
lang
lidc
UserMatchHistory
30 days
2 years
2 years
Session
1 day
30 days
linkedin.com (https://www.linkedin.com/legal/cookie-table) Set by the social networking service LinkedIn to track the use of embedded services. Third Party
hssc 30 Min Hubspot This cookie tracks sessions. It is used to determine if the HubSpot software needs to increase the session count and timestamps in the __hstc cookie. Third Party
__hssc 1 day intershop.com Records statistical information about the user's visits to the website, such as the number of visits, average time spent on the website, and which pages were loaded. Third Party
hsscr End of session Hubspot Whenever the HubSpot software changes the session cookie, this cookie is also set. Third Party
__hssrc Session intershop.com Collects statistical data concerning the user’s website visits, such as the number of visits, average time spent on the website, and which pages were loaded. Third Party
__hstc 1 year intershop.com Collects statistical data concerning the user’s website visits, such as the number of visits, average time spent on the website, and which pages were loaded. Third Party
hstc 13 months intershop.app4.hubspot.com Main cookie for visitor tracking. Third Party
hubspotutk 1 year Hubspot,intershop.com This cookie is used to record the user’s identity. This cookie is transferred to the HubSpot software when a form is submitted and is used when contacts are de-duplicated. Third Party
__ptq.gif Session Hubspot Sends data about the device and user behaviour to the marketing platform Hubspot. Tracks visitors across devices and marketing channels. Third Party
IDE 1 year Google / doubleclick.net Set by Google DoubleClick to record and report the actions of the user on the website after viewing or clicking on one of the provider's ads for the purpose of measuring the effectiveness of an advertisement and displaying targeted advertising to the user. Third Party
test_cookie 1 day / 2 days Google / doubleclick.net Set to verify whether the user’s browser supports cookies. Third Party
ads/ga-audiences Session Google Cookie used by Google AdWords to reconnect visitors who are likely to become customers based on their online behavior on various websites. Third Party
ajs_anonymous_id Persistent typeform.com Cookie used to count how often a website is visited by different users. Third Party
__tld__ Session typeform.com Cookie used to track users on multiple websites for the purpose of placing relevant ads based on the user preferences. Third Party
attribution_user_id 1 year typeform.com Is used in connection with the pop-up questionnaires and the website. Third Party
li_oatml 1 month Linkedin This cookies are used to Enable ad delivery or retargeting. Third Party

 

Statistical/Tracking and Performance Cookies

These cookies collect information about the use of the website, such as which pages are visited most often and how users navigate the website. These cookies are to help us increase the website’s usability, to then ameliorate the user experience.

Name Expiration Provider Description Category
_ga 2 years Google Google Analytics Tracking – to distinguish visitors Third Party
_gat 1 day Google / Hubspot Set by Google Analytics to throttle the request rate. Third Party
__gat_UA-2576504-4 1 day Google Google Analytics Tracking – contains the unambiguous Google Analytics Account Third Party
_gid 1 day Google Registers an unambiguous ID, at the help of which statistical data about the user’s use of the website is generated. Third Party
hs_ab_test Session info.intershop.com This cookie is used by the owner of the website in connection with tests with several variations. Third Party
ajs_anonymous_id Persistent typeform.com Used to count how often a website is visited by different visitors. Third Party
_lfa 1 day Leadfeeder This cookie is only set for the website domain. Third Party
{"words":[-1317697669,-588749710,
571290733,862537362,
1410965909],"sigBytes":20}
Persistent Vidyard This cookie is used to store a hashed value that combines the embed location of the video and the account ID the video belongs to. Third Party
_gat_UA-132322452-1
1 day Google Google Analytics Tracking (Intershop PWA) – contains the unambiguous Google Analytics Account Third Party
_gat
2 years Google / Intershop / PWA Set by Google Analytics to throttle the request rate. Third Party
lissc
1 year LinkedIn Used by the social networking service, LinkedIn, for tracking the use of embedded services. Third Party

 

Preference Cookies/ Functional Cookies

Preference cookies allow the website to remember information that influences the way a website looks or behaves, such as your preferred language or the region in which you are located.

Name Expiration Provider Description Category
lang [x2] Session LinkedIn Set by LinkedIn, when a website contains an embedded „Follow us“ window. Third Party

 

Use of CookieBot

On some of our websites, we use a cookie banner with a selection function from cookiebot, which enables us to obtain consent to the use of cookies. The use of this technology is based with point (c) of Article 6 (1) of the GDPR.

 We use the service provider Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark („Cookiebot“).

 When you visit our website, you will be informed about the use of cookies and you can decide on the extent of the use of cookies. Technically required cookies are set in the browser to be able to store your consent. In addition, the following data is automatically logged at Cybot to prove consent: anonymized IP address, date and time of consent, type of browser, URL, an anonymous, random and encrypted key, the status of the consent, which serves as evidence.

 The technically necessary cookies of Cookiebot are automatically deleted after 12 months unless you delete them beforehand using your browser settings.

 For information on how Cookiebot uses your personal data, you can view their privacy policy here: https://www.cookiebot.com/de/privacy-policy/ .
  

How can I deactivate cookies in my browser?

You can configure your browser in a way that you are informed about the placement of cookies, and that you can individually decide the acceptance of cookies, or refuse the acceptance of cookies in certain cases – or generally. If cookies are not accepted, the functionality of our website may be limited.

The following hyperlinks provide notes about how the use of cookies can be deactivated in certain browsers and/or how cookies can be deleted.

  • Internet Explorer (https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies)
  • Firefox (https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer)
  • Google Chrome (https://support.google.com/chrome/answer/95647?hl=en)
  • Safari (https://support.apple.com/en-us/HT201265)

 

8. Using Anonymized User Profiles for Web Analytics

This website uses Google Analytics, a web analytics service from Google, Inc. (“Google”), in accordance with point (f) of Article 6(1) of the GDPR. We have  signed a data processing agreement with Google. Additionally, Google is subject to the EU-US Privacy-Shield (certificate available at: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ). Google Analytics uses “cookies”—small text files, which your browser downloads to your device and which enable us to analyze how you use this website. The infor-mation generated by the cookie about your use of the website is generally transferred to and saved on a Google server in the United States. However, if IP anonymization is activated on this website, Google will shorten your IP address within a Member State of the European Union or in another Contracting Party to the European Economic Area Agreement. Only in exceptional circumstances will your entire IP address be transmitted to, and shortened on, a Google server in the United States. We have authorized Google to use this data to evaluate your use of this website, to compile reports on your activity on this website, and to provide us with additional services relating to the use of this website and the Internet. The IP address transferred from your browser by Google Analytics will not be merged with any other Google data. You can prevent your browser from downloading cookies by changing your browser settings accordingly; if you do this, however, please note that some features of the website may not be available. You can prevent Google Analytics from collecting and processing data relating to your use of this website (including your IP address), by downloading and installing the Google Analytics opt-out browser add-on here: https://tools.google.com/dlpage/gaoptout?hl=en. To view Google’s terms of service and privacy policy, go to https://policies.google.com/?hl=us. Please note that the Google Analytics “anonymizeIp” function is active on this website, i.e., IP addresses are anonymized (“masked”). Our legitimate interests lie in the analysis, optimization, and efficient operation of our website. The personal data will be automatically deleted in Google Analytics after 26 months.

9. Google Tag Manager

Google Tag Manager is used on this website. Google Tag Manager allows marketers and webmasters to deploy website tags all in one place. The Tag Manager tool (which deploys the tags) is a cookieless domain. It is used to manage other tags, which may collect data under certain circumstances. Google Tag Manager does not access this data. If recording is deactivated on the domain or cookie level, this setting will apply for all tracking tags that are deployed using Google Tag Manager. For more information, go to https://www.google.com/intl/de/tagmanager/faq.html.

10. Google Maps

This website uses Google Maps, an online map service from Google, Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043 USA (“Google Maps”), in accordance with point (f) of Article 6(1) of the GDPR. We have signed a data processing agreement with Google. Additionally, Google is subject to the EU-US Privacy-Shield (certificate available at: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ). Google Maps uses “cookies”—small text files, which your browser downloads to your device and which enable us to analyze how you use this website. The information generated by the cookie about your use of the website (e.g. route planning, IP adress) is generally transferred to and saved on a Google server in the United States. When you access a page on our website that contains, which contains a map from Google Maps, the map content is transmitted directly to your browser and integrated into the website. Our legitimate interests lie in the optimization and, efficient operation of our website. For information on how Google uses your personal data, you can view their privacy policy here: https://policies.google.com/privacy.

11. Hotjar

To improve the user experience, this website uses the Hotjar web analytics service in accordance with point (f) of Article 6(1) of the GDPR. A tracking code-based tool, Hotjar is provided by Hotjar Ltd., Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta, Europe, http://www.hotjar.com (“Hotjar”). Hotjar enables us to record and analyze user behavior on our website (clicks, cursor movements, scrolling, etc.). Hotjar uses “cookies”—small text files, which your browser downloads to your device and which enable us to analyze how you use this website. In order to prevent information being directly linked to a particular individual, IP addresses are anonymized before they are saved and processed. In addition, information on your operating system, browser, inbound and outbound links, geographical origin, and the resolution and type of device is analyzed for statistical purposes. This information is anonymous and is not shared with third parties, either by us or by Hotjar. If you want to stop Hotjar from collecting data on all websites that use the service, you can opt out of Hotjar on your browser here via the Do Not Track header: https://www.hotjar.com/opt-out.

12. SalesFeed

For the direct marketing and the statistical analysis of visitors to our website, we use the service provider SalesFeed Nederland B.V., ‘s-Gravelandseweg 46D, 1211 BT Hilversum, Netherlands (“SalesFeed”) in accordance with point (f) of Article 6 (1) of the GDPR. SalesFeed processes the IP addresses of visitors to identify companies when the page request is from the Benelux countries. SalesFeed is contractually obligated to use and store your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. For information on how Salesfeed uses your personal data, you can view their privacy policy here: https://www.salesfeed.com/privacy-verklaring/.

13. Leadfeeder

For the analysis of visitors to our website we use service provider Liidio OY, Mikonkatu 17 C, 00100, Helsinki, Finland („Leadfeeder“) in accordance with point (f) of Article 6(1) of the GDPR. Our legitimate interest here is the commercial necessity of being able to contact potential new customers. Leadfeeder is contractually obligated to use and store your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. Leadfeeder records the visitor's IP address to determine the company and geographical location. The personal data will be automatically deleted in Leadfeeder after 24 months. For information on how Leadfeeder uses your personal data, you can view their privacy policy here: https://www.leadfeeder.com/privacy/.

14. HubSpot

For our online marketing activities, we use HubSpot on our website in accordance with point (f) of Article 6(1) of the GDPR, an integrated software solution from HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 ("HubSpot"). We use HubSpot for the following purposes: content management (landing pages, contact forms), e-mail marketing (mailings), social media publishing, reporting (access, traffic sources, etc. ...). HubSpot uses "cookies", text files, which your browser downloads to your device and which enable us to analyze how you use this website. In order to prevent information being directly linked to a particular individual, IP addresses are anonymized before they are saved and processed. In addition, information on your operating system, browser, inbound and outbound links, geographical origin, and the resolution and type of device is analyzed for statistical purposes. This information is anonymous and is not shared with third parties, either by us or by HubSpot. If you want to stop HubSpot from collecting data on all websites that use the service, you can opt out of HubSpot on your browser via the Do Not Track header. HubSpot is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. Additionally, HubSpot is subject to the EU-US Privacy-Shield (certificate available at: https://www.privacyshield.gov/participant?id=a2zt0000000013fAAA). For information on how HubSpot uses your personal data, you can view their privacy policy here: https://legal.hubspot.com/privacy-policy.

15. Use of Social Plugins (Facebook, Twitter, LinkedIn, Xing, YouTube)

15.1 Facebook social

This website uses plugins for the Facebook social networking service operated by Facebook, Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA (“Facebook”). You can recognize these plugins by the Facebook logo or the phrase “social plugin from Facebook” or “Facebook social plugin.” You can see the Facebook plugins here: https://developers.facebook.com/docs/plugins. When you access a page on our website that contains a Facebook plugin, your browser will create a direct link to the Facebook servers. The plugin content is then transferred directly from Facebook to your browser and integrated into the page. This informs Facebook that your browser has visited the respective page on our website, even if you do not have a Facebook account or if you are not currently logged in to one. This information (including your IP address) is transferred by your browser directly to a Facebook server in the United States, where it is stored. If you are logged in to your Facebook account at the same time, Facebook will associate your visit to our website with your Facebook account. If you interact with the Facebook plugin, e.g., click the Like button or leave a comment, this information will also be transferred directly to a Facebook server and stored. It will also be published on your Facebook page and displayed to your Facebook friends. Facebook may use this information for the purpose of advertising, market research, and personalization of your Facebook page. To do this, Facebook creates usage, interest, and relationship profiles, for example to analyze your use of our website with regard to targeted Facebook ads, to inform other Facebook users about your activities on our website, and to provide other services associated with using Facebook. If you do not want Facebook to associate the data it collects via our website with your Facebook account, you should log out of Facebook before visiting our website. For information on the purpose and scope of data collection and processing by Facebook as well as your rights and options for protecting your privacy, please refer to Facebook’s privacy policy: https://www.facebook.com/policy.

15.2 Twitter

This website uses plugins for the Twitter social networking service operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (“Twitter”), in accordance with point (f) of Article 6(1) of the GDPR. You can recognize these plugins by the Twitter Bird logo. You can see the Twitter plugins here: https://about.twitter.com/en_us/company/brand-resources.html. When you access a page on our website that contains a Twitter plugin, your browser will create a direct link to the Twitter servers. The plugin content is then transferred directly from Twitter to your browser and integrated into the page. This informs Twitter that your browser has visited the respective page on our website, even if you do not have a Twitter account or if you are not currently logged in to one. This information (including your IP address) is transferred by your browser directly to a Twitter server in the United States, where it is stored. If you are logged in to your Twitter account at the same time, Twitter will associate your visit to our website with your Twitter account. If you interact with the Twitter plugin, e.g., click the Tweet button, this information will also be transferred directly to a Twitter server and stored. The Tweet will appear on your Twitter timeline and be visible to your Twitter followers and, if your Tweets are public, to other users. For information on the purpose and scope of data collection and processing by Twitter, as well as your rights and options for protecting your privacy, please refer to Twitter’s privacy policy: https://twitter.com/privacy. If you do not want Twitter to associate the data it collects via our website with your Twitter account, you should log out of Twitter before visiting our website.

15.3 LinkedIn

This website uses the LinkedIn button for the LinkedIn social networking service operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). The LinkedIn button features the white LinkedIn logo (“in”). When you click on the LinkedIn button on one of our website pages, your browser will create a direct link to the LinkedIn servers. The plugin content is then transferred directly from LinkedIn to your browser and integrated into the page. This informs LinkedIn that your browser has visited the respective page on our website. If you are signed in to your LinkedIn account at the same time, LinkedIn will associate your visit to our website with your LinkedIn account. If you do not want LinkedIn to associate this information with your LinkedIn account, you should sign out of LinkedIn before visiting our website. For information on the purpose and scope of data collection and processing by LinkedIn, please refer to LinkedIn’s privacy policy (https://www.linkedin.com/legal/privacy-policy) and user agreement (https://www.linkedin.com/legal/user-agreement).

15.4 Xing

We’d also like to tell you how your personal data is handled in relation to the XING share button, which is also used on this website. When you visit this website, your browser connects briefly with the XING SE (“XING”) servers, which provide the XING share button functionality (including the visitor counter). XING does not save any of your personal data when you visit this website. In particular, it does not save your IP address, nor does it use cookies to monitor how you use the XING share button. To view the latest privacy policy for the XING share button, go to: https://www.xing.com/app/share?op=data_protection.

15.5 YouTube

This website uses plugins for the YouTube video-sharing service operated by YouTube, LLC, headquar-tered at 901 Cherry Avenue, San Bruno, CA 94066, USA (“YouTube”). YouTube is represented by Google, Inc., based at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you access a page on our website that contains a YouTube plugin, your browser will create a direct link to the YouTube servers and download the plugin content. This also tells YouTube which of our web pages you are currently viewing. If you are signed in to YouTube, it will associate this information with your account. If you interact with the YouTube plugin, e.g., click the start button on a video, this information will also be associated with your account. If you do not want YouTube to associate this information with your account, you should sign out of all YouTube and Google accounts and delete all YouTube and Google cookies before visiting our website. For more information on how YouTube (Google) processes and protects your personal data, please refer to Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

16. Intercom

Our website also has a live chat function where we provide one-on-one customer advice. The platform is provided by Intercom, Inc., based at 55 2nd Street, 4th Floor, San Francisco, CA 94105, United States. Intercom will only collect and process the data it requires to facilitate the live chat function in accordance with point (b) of Article 6(1) of the GDPR. Intercom is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. For more information on how Intercom handles personal data, go to: https://www.intercom.com/legal/terms-and-policies.

17. Vidyard

For our online marketing activities, we use Vidyard plugins on our website and in our email services in accordance with point (f) of Article 6 (1) of the GDPR, to involve and analyse videos. We use the service provider Buildscale, Inc., 8 Queen St. N, Unit #1, Kitchener, ON, Canada N2H 2G8 (“Vidyard”). Vidyard is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. In addition, a European Commission adequacy decision is available for Canada (2002/2/EG). When you visit a website with a plugin, your browser will create a direct link to the vidyard servers and transferred, which websites you have visited and whether you have clicked the start button. Our legitimate interests lie in the analyses, optimization and, efficient operation of our website. The personal data will be automatically deleted in Vidyard after 24 months. If you want to stop Vidyard from collecting data on all websites that use the service, you can opt out of Vidyard on your browser via the Do Not Track header. For information on how Vidyard uses your personal data, you can view their privacy policy here: https://www.vidyard.com/privacy/.

18. Typeform

For our online marketing activities, we use typeform plugins and links on our website and in our email services in accordance with point (f) of Article 6 (1) of the GDPR, to conduct of surveys. We use the service provider Typeform S.L., Inc., Carrer de Bac de Roda 163, 08018 Barcelona, Spain (“Typeform”). Our legitimate interests lie in the analyses of prospect interests, optimization of our offer and, efficient operation of our website. Typeform is contractually obligated to use your personal data in accordance with European data protection standards, strictly as instructed, not for its own purposes, and in compliance with the relevant security standards. When you access a web page with a Typeform plug-in or a link to a survey, you will be redirected to the survey. When a survey is filled out, the user's IP address, information on the time and duration of the survey, and the user's details provided in the survey are transferred to Typeform. If you do not want your data to be processed by Typeform, you should not participate in surveys and should not fill out appropriately marked forms. Data from surveys can be statistically evaluated by us and processed and used for marketing purposes. Of course, the data will be made anonymous for this purpose, so that no conclusions can be drawn about individuals. The personal data will be automatically deleted in Typeform after 24 months. For information on how Typeform uses your personal data, you can view their privacy policy here: https://admin.typeform.com/to/dwk6gt.

19. General Data Retention Period

The length of time we store your personal data depends on what we need to use it for. Generally, we will delete your personal data when it is no longer required unless longer statutory retention periods apply. For more information on our data retention periods, see the respective sections in this Privacy Policy.

20. Rights of Data Subjects

You have the following rights regarding your personal data processed by us:

  • The right of access to information on your personal data stored by us in accordance with Article 15 of the GDPR
  • The right to rectification of inaccurate or incomplete personal data stored by us in accordance with Article 16 of the GDPR
  • The right to erasure of your personal data stored by us (“right to be forgotten”) in accordance with Article 17 of the GDPR
  • The right to restriction of processing of your personal data in accordance with Article 18 of the GDPR
  • The right to data portability in accordance with Article 20 of the GDPR
  • The right to object to processing of your personal data in accordance with Article 21 of the GDPR
  • The right of withdrawal of consent in accordance with Article 7(3) of the GDPR
  • The right to lodge a complaint with a supervisory authority in accordance with Article 77 of the GDPR

If you have any questions on how your personal data is processed or how to exercise your rights as a data subject, please send an email to info@intershop.com.