Axel Springer Teaser Ad GmbH
1. Data controller and general notes
Your data is processed by Axel Springer Teaser GmbH, Axel-Springer-Str., 65, 10969 D-Berlin, phone: +49 (40) 3501 698 -199, email (service provider within the meaning of the Telemedia Act (TMG) and data controller within the meaning of the General Data Protection Regulation (GDPR)). We are also referring to Axel Springer Teaser GmbH when we use phrases like "we" or "us". By "AS Teaser Ad", we mean the website referred to in this document www.adup-tech.com, including all available sub-pages, contents and features (e.g. Internet forums, competitions etc.). Individual parts of AS Teaser Ad are also referred to as "online services" below. We also mean the same when a website is mentioned below. Our services are intended for the general public and not for children. We do not knowingly collect personal information from users who are considered children under their respective national laws. In addition to AS Teaser Ad, this document also applies to technologies that we embed within the framework of our marketing services on third-party websites and through which we receive information about you (see Sec. 5 below).
2. Collecting and processing personal data
In certain cases we process the personal data listed in Sec. 3. In principle, this only happens if it is necessary for providing a functioning website and our content and services. Furthermore, we process personal data in connection with the use of AS Teaser Ad, if you provide it to us, such as when you register with us, make an enquiry to us, apply for a job with us or because another legal basis exists (see Sec. 4). Unfortunately, if you do not want this to happen, it means you cannot use our services or not in full.
3. Categories of data processed
As soon as you use AS Teaser Ad, our system automatically collects information from the computer system on the accessing computer. The following data may be collected here, amongst other data:
Information about the browser type and version used
The user's operating system
The date and time of access
Web analysis data/pseudonymous usage profiles (cookie ID, ad ID etc.)
Websites where the user accessed our website from
Websites the user accesses through our website
We also process the following personal data if you are a business customer, a contractual relationship exists between you and us or you have transferred the data to us in other ways, e.g. in the course of applying for employment:
Personal master data (name, address, date of birth)
Communication data (telephone number, email address)
For sending newsletters or product information
Contract master data (contractual relationship, product interest or interest in establishing a contract, order history)
Billing and payment data
Employee data (name, address and communication data, contract master and billing data, date of birth, marital status, nationality, denomination, field of work, social benefits, payroll data, social data, bank details, personnel management and control data, access and access control data)
Applicant data (name, address and communication data, application-relevant data)
4. What type of advertising does AdUp display?
AdUp displays ads from various partners. These can be neutral or specially tailored. We anonymously collect data about the pages/products you have viewed over certain websites from our advertising partners that are approved explicitly for these services. Then we display advertisements on our clients' websites for a certain period of time that match the data collected.
5. Information that we collect and use over third party websites
We allow the following companies to collect user data in order to optimise advertising for you based on your interests. You can activate the corresponding opt-out link if you do not want these companies to analyse your user behaviour. You will find more information on data protection and how these companies process your data for each service on the websites from the companies mentioned:
Click here to find a list of these service providers.
6. Legal basis and purpose of processing
We process your data solely on the basis of one or more of the possible legal foundations. According to the GDPR, personal data can specifically be processed as part of our marketing services on the basis of a contract, in order to perform pre-contractual measures, in the presence of consent, on the basis of a legitimate interest or law and to protect vital or public interests. On the Internet, each device needs a unique address (IP address) for transferring data. The, at least, temporary storage of the IP address is a technical necessity in order to allow the website to be delivered to the user's computer. We shorten IP addresses before any processing takes place and only process them anonymously. No storage or further processing of unabridged IP addresses takes place. They merely allow us to display regional content on all our websites accessed from a specific region. This form of geo-localisation, i.e. the assignment of a website call to the call location, takes place exclusively on the basis of the anonymised IP address and only up to the geographical level for the respective federal state/region. In no way can conclusions be drawn about a user's specific location from the geographical information obtained in this way. Our servers also store your IP address for 14 days for our own security and fraud prevention purposes. Processing operations that are covered by one or more of the aforementioned legal bases are processed if they are required to safeguard a legitimate interest and, as a result of a comprehensive weighing of interests, do not outweigh your interests, fundamental rights and fundamental freedoms (Sec 6. (1) (f) GDPR). A legitimate interest is to be assumed if the data subject is one of the data controller's customers. If personal data is processed on the basis of this, our legitimate interest, in particular, lies in conducting our business for the benefit of all our employees and shareholders. Our legitimate interest in being able to offer you bespoke products, inform you about our products, innovations and quality features, and constantly improve our services and products and thereby also increase our sales, form the legal basis for processing big data, user-based online advertising, web/app analysis and advertising scoring (merging different selection criteria for targeted advertising). For more information of the individual web analysis services, see Sec. 9. Our legitimate interest in preventing fraud, network and information security, and the reliability of our services or products, also serve as a legal basis for processing certain data. You can object to processing based on a legitimate interest at any time (see Sec 11.). In the event that data is processed for a purpose other than the one specified during data collection, a compatibility check takes place in accordance with Sec 6. (4) GDPR. Further processing is only permitted if the original purpose is compatible with the new purpose or is permitted based on a separate legal basis. Recognised compatible purposes include the assertion, exercise and defence of civil claims, unless the data subject has an overriding interest. In this case, we will inform you about the change in purpose. If the new purpose is incompatible with the purpose stated during collection, new collection will take place based on a new legal basis. Again, we will inform you about the change of purpose in this case.
7. Place of processing
We do not ourselves transfer your personal data to countries outside the European Economic Area, except in cases where it is permitted under the GDPR. Whether third parties who you have a separate contractual relationship with (such as with Facebook, if you have a Facebook account) transfer data to countries outside the European Economic Area is beyond our knowledge and sphere of influence. We also process data in countries outside the European Economic Area ("EEA"). In order to ensure that your personal rights are also protected as a part of these data transfers, we use the EU Commission's standard contractual clauses in structuring the contractual relationships with the recipients based in third countries in accordance with Sec. 46 (2) (c) GDPR. These can be called up at any time under http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF. Alternatively, you can ask us to supply you with these documents using the contact options indicated below. By resolution of 12/07/2016, the European Commission decided that an appropriate level of privacy exists for the US (adequacy decision, Sec. 45 GDPR) under the EU-US Privacy Shield regulations. Further information – also concerning the certification of service providers we use – is available under https://www.privacyshield.gov. We only use US service providers that are certified under the EU-US Privacy Shield.
8. Origin of the data
In certain cases, we also receive data because you have consented to it being transferred to us.
9. Disclosure of your data to third parties
We only transfer your personal data to third parties if it is required for fulfilling our contractual obligations towards you and this evidently takes place at or together with another provider (e.g. for example, in the scope of co-operations), or we are otherwise entitled or obliged by law to disclose your personal data or you have given us you consent to do so. Selected personal data may be shared with certain departments in our company in order to provide our services. This includes staff in the Bookkeeping, Accounting, Product Management, Marketing and IT departments. In certain cases, we also use external service providers or affiliated companies that we have instructed to process data on our behalf. We contractually bind these service providers according to the strict requirements of the GDPR as a data processing company and they are not permitted to re-use your data for any other purpose. Data processing companies we employ provide us with the following services in particular: hosting, maintenance and support and web/app analysis. The transfer of data to data processing companies takes place based on Sec 28 (1) GDPR, or, alternatively, based on our legitimate interest in the commercial and technical advantages associated with the use of specialised data processing companies (Sec 6. (1) (f) GDPR). If we are legally obliged to do so or if it is permitted under data protection law, we transfer personal data to authorities, for example, the police or public prosecutor (Sec 6 (1) (c) GDPR). Disclosure of this data is based on our legitimate interest in fighting abuse, prosecuting criminal offences and protecting, asserting and enforcing claims and that your rights and interests in protecting your personal data do not predominate (Sec 6 (1) (f) GDPR).
10. Cookies and similar technologies
If you would like to subscribe to the newsletter we offer on this website, we need an email address from you, and need information that confirms that you are the owner of the email address you have provided and wish to opt in to receive the newsletter.
To ensure that the newsletter is sent with your consent, we use what is known as the double opt-in procedure. The course of the double opt-in procedure allows the potential recipient to be included in a mailing list. Subsequently, the user receives a confirmation email with the option of confirming his subscription in a legally certain manner. Only when the user does so, is the address is included in the mailing list as an active address.
We use this data exclusively for delivering the requested information and offers.
We use the newsletter software. Your data is transmitted to Newsletter2Go GmbH as part of the newsletter mailing procedure. Newsletter2Go is prohibited from selling your data and using it for purposes other than mailing out our newsletter. Newsletter2Go is a certified German service provider selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.
You can find more information on this topic here: https://www.newsletter2go.de/informationen-newsletter-empfaenger/
You can revoke the consent you have given to the data, email address and use of the same being stored for mailing the newsletter at any time, for example, by clicking on the "Unsubscribe" link in the newsletter.
11. Soziale Netzwerke
We have embedded components from Xing into this website. Xing is an Internet-based social network that allows users to connect to existing business contacts and also make new business contacts. Individual users can create a personal profile at Xing. Companies can, for example, also create company profiles or publish job offers on Xing. The company that operates Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany. Each time one of the individual pages on this website that we operate on which a Xing plug-in (Xing button) is embedded, is called up, the respective Xing plug-in causes the corresponding Xing plug-in from Xing to be downloaded and displayed automatically on the browser on the IT system used by the data subject. More information about the Xing plug-ins can be called up under: https://dev.xing.com/plugins. As part of this technical process, Xing receives information about the specific sub-page on our website that the data subject has visited. If the data subject is signed into Xing at the same time, Xing recognises which specific sub-page the data subject visits on our website every time they call up our website during the entire duration of their respective visit to our website. The Xing plug-in collects this information and Xing assigns it to the data subject's Xing account. If the data subject clicks on one of the Xing buttons embedded into our website, such as the "Share" button, the data and information transmitted by doing so is assigned to the data subject's personal Xing account and stored and processed by Xing. The Xing plug-in also supplies Xing with information stating that the data subject has visited our website if the data subject simultaneously signs into Xing at the time as calling up our website; this happens regardless of whether or not the data subject clicks on the Xing plug-in or not. If the data subject does not want this information to be such transferred to Xing, he can prevent it from taking place by signing out of his Xing account before calling up our website. The data privacy statements published by Xing, which can be called up under https://www.xing.com/privacy provide information on the collection, processing and use of personal data by Xing. Xing has also published a data privacy statement for the XING Share button under https://www.xing.com/app/share?op=data_protection. The aforementioned services are not frequently implemented by plug-ins on smartphones and tablets. Instead, an internal "sharing" function on the device takes over this function. In line with its settings, information may also be transferred to other social media service providers. For details of this, please refer to your device information.
12. Retention Period
We only store personal data as long a legal basis exists for doing so (such as a statutory retention requirement). Afterwards, your personal Information is deleted as a matter of routine.
13. Contact data and your rights as a data subject
Please contact our data protection officer at any time if you have any questions and suggestions about data protection and the enforcement of your rights as a data subject:
Axel Springer Teaser Ad GmbH
Data Protection Officer: Dr. Olaf Koglin
Right to information and correction
You can receive information from us at any time free of charge about whether we process personal data on your person and specifically which data is stored and also receive a copy of the data stored. You can also have incorrect data corrected and completed.
Deletion, restriction and the right to be forgotten
You can ask for your personal data to be deleted and restricted. Please note that for paid contracts, such as when you purchase a subscription from AS Teaser Ad, statutory storage requirements apply which in any event do not allow us to delete your data in full. In this case, your data is tagged with the aim of limiting its processing in future.
If applicable, you also have the right to have personal information relating to your person transferred to you or another person in a structured, standard and machine-readable format, provided that its processing is based on your consent or a contract and takes place using automated processes. This does not apply if personal data needs to be processed to perform a task that is in the public interest or in exercising an official power which has been delegated to the data controller. Furthermore, you have the right to effect that the personal data is transferred directly from one data controller to another data controller, insofar as this is technically feasible and it this does not affect the rights and freedoms of other persons.
Withdrawal / Objection
You can withdraw your consent at any time with effect for the future by contacting the aforementioned contact address. Furthermore, for reasons arising from your particular situation, you are entitled at any time to object to personal data on your person being processed, which takes place based on a public or legitimate interest. This also applies to profiling based on these provisions. If you object, we will no longer process your personal data unless we can establish compelling legitimate grounds for doing so that outweigh the interests, rights and freedoms of the data subject, or for purposes of asserting, exercising or defending legal claims. If we process your personal data for direct marketing purposes, you are entitled submit an objection at any time to the contact address stated below against processing your personal data for the purpose of such advertising. This also applies to profiling insofar as it is associated with such direct marketing. For reasons of your own particular situation, you also have the right to object to us processing your personal data for scientific or historical research purposes or for statistical purposes unless such processing is required to fulfil an activity that lies in the public interest.
Right to appeal
Furthermore, you have the right to appeal to the supervisory authority responsible as well as the opportunity to appeal. The supervisory authority to which the complaint is submitted will inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy.
Existence of automated decision-making
We refrain from automatic decision-making or profiling pursuant to Sec. 22 GDPR.
Date: 25. Mai 2018