Privacy

Privacy Policy

Data protection and data security are a high priority for our company, as we take the protection of your personal data very seriously. Accordingly, we have carried out technical and organisational measures to ensure that the requirements of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act are fulfilled.

Compliance with the data protection requirements relating to the use of our website toa.berlin (hereinafter referred to as “Website”) is a central concern to us. When you visit and use our website, personal data shall be processed by us as the controller and stored for the duration necessary to fulfil the stated purposes and legal obligations. In this Privacy Policy, we shall inform you concerning the data, the way in which they are processed and the rights you are entitled to.

Personal data (hereinafter also “data” or “information”) are pursuant to Article 4 no. 1 of the General Data Protection Regulation (GDPR) all information relating to an identified or identifiable natural person.

Name and contact data of the controller and the company data protection officer

This privacy policy applies to the data processing on our website www.toa.berlin by the controller

tech open GmbH
Wattstraße 1,
13355 Berlin

(hereinafter „tech open“)

Email: hi@toaberlin.com

The data protection officer of tech open can be contacted at the address, FAO Data protection officer, or at privacy@toaberlin.com.

Processing of personal data and purposes of processing

When visiting the website

You can visit our website www.toa.berlin without disclosing information regarding your identity. In the context of any access to our website, however, it is essential that certain personal data is stored on the server of our provider in order to enable the connection to the website. This includes information such as:

  • Client IP address,
  • Date and time of access,
  • Name and the URL of the file requested,
  • Referrer-URL,
  • Operating system of the requesting computer,
  • Name and the description of the internet browser you are using,
  • Access-Provider.

The information is processed for technical and administrative purposes

  • To establish and to ensure the stability of the connection
  • In order to ensure the security and functionality of our website
  • In order to detect any illegal attacks if necessary

The information is furthermore used

  • To evaluate the use of our website,
  • To compile reports on website activity, and
  • To provide other services related to website activity and internet usage for the purpose of market research and needs based website design.

The information is stored in a so-called log file on the server of our website and is automatically deleted there after 4 weeks.

The legal basis for processing the IP address and other information from the log file is Article 6 para.1 S.1 lit. f of the GDPR. Our legitimate interest arises from the security interest mentioned and the need for a trouble free and user-friendly provision of our website. From the processing of the IP address and other information in the log file, we can not draw any direct conclusions about your identity.

In addition, we use cookies and analysis services when visiting our website. Further details can be found in sections 4 and 5 of this privacy policy.

When purchasing a Ticket

When you purchase a festival ticket for the Tech Open Air (hereinafter TOA) through our website, we will process your name and a valid email address from you. Additionally, you can enter information about your company and VAT number. Finally we require payment details from you,depending on the selected payment method. The information is processed  

  • to identify you as a contractor;
  • for payment processing;
  • to send you your ticket by e-mail;
  • to provide you with information related to the festival and your participation.

The data processing is initiated by your request and is based on Article 6 para. 1 subpar. 1 lit. b GDPR as necessary for the performance of a contract with you.

The processing is carried out by our service provider, Tito Limited (“Tito”), 64 Dame Street, Dublin 2 as a processor (rather joint controller) We have an agreement with Tito where Tito assures, that the service is GDPR-compliant.

The personal data collected by us in connection with the purchase of a ticket will be stored until the expiry of the statutory period of limitation (3 years from 1 January of the following year) and then automatically deleted, unless we are under Article 6 para 1 lit. c GDPR obliged to retain the information for a longer period of time due to tax and commercial requirements for storage and documentation (HGB, StGB or AO) or you have explicitly consented to store them further in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

When registering for the TOA Festival after purchasing a ticket

Once you have purchased a ticket, you will be asked in a questionnaire to provide further information on your personal and professional background (eg your age, nationality, place of habitual residence, name of your company and your position and the sector in which you work), your interests as well as your expectations and experiences to and with TOA. In addition, you can provide other voluntary information, for example, your self-understood sex.

In addition to planning purposes, the processing of this data primarily serves to carry out the event itself. Your information will be used, for example, to provide you with information about the event and its participants during and after the event, and to help us plan and ensure a smooth execution. TOA sees itself as a networking event and as such offers its participants numerous offers for networking and other exchanges.

The processing is in accordance with Article 6 para. 1 subpar. 1 lit. b GDPR necessary for the performance of a contract we have with you  and in order to take steps at your request prior to entering into a contract and is necessary on the basis of our legitimate interests for the aforementioned purposes, Art. 6 para. 1 subpar. 1 1 lit. f GDPR.

The processing is carried out by our service provider, Tito Limited (“Tito”), 64 Dame Street, Dublin 2 as a processor (rather joint controller) We have an agreement with Tito where Tito assures full GDPR compliance.

We use HubSpot, a service of HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA. This is an integrated software solution use HubSpot as a customer relationship management tool (CRM) to process the data you have provided. The processing is carried out on our behalf, based on a data processing agreement we have with HubSpot. In this agreement HubSpot ensures that HubSpot processes the data in accordance with the GDPR and ensures the protection of the data subject’s rights. HubSpot is a US-based software company with a representative in Ireland. However, it cannot be ruled out that the information is transmitted to and stored by a server of HubSpot in the USA. HubSpot is certified under the terms of the EU-US Privacy Shield Framework and is governed by the TRUSTe’s Privacy Seal and the US-Swiss Safe Harbor Framework, which ensures the security of your data.

When applying for a workshop or a Satellite event

When applying to participate in a workshop or a Satellite event, we will collect your name, email, company name and position and pass the information on to the host or speakers of the events for the purpose of selecting the attendees to the event.  In addition to planning purposes, the processing of this data primarily serves to carry out the event itself.

The processing is in accordance with Article 6 para. 1 subpar. 1 lit. b GDPR necessary for the performance of a contract with you and in order to take steps at your request prior to entering into a contract and is necessary on the basis of our legitimate interests for the aforementioned purposes, Art. 6 para. 1 subpar. 1 1 lit. f GDPR.

When applying for Open Circle

When applying for Open Circle we will collect the following mandatory information from you:

  • Name;
  • Email;
  • Nationality;
  • Current Country of residence;
  • Gender;
  • Age-Group;
  • Company Name;
  • Company Website;
  • Type of Company;
  • Field of Company;
  • Job Title;
  • Position in Company;
  • Department you work in;
  • Whether you have attended TOA before;
  • Your reason for attending Open Circle.

In addition to planning purposes, the processing of this data primarily serves to carry out the event itself. Your information will be used, for example, to provide you with information about the event and its participants during and after the event, and to help us plan and ensure a smooth expiration. TOA sees itself as a networking event and as such offers its participants numerous offers for networking and other exchanges.

The processing is in accordance with Article 6 para. 1 subpar. 1 lit. b GDPR necessary for the performance of a contract we have with you  and in order to take steps at your request prior to entering into a contract and is necessary on the basis of our legitimate interests for the aforementioned purposes, Art. 6 para. 1 subpar. 1 1 lit. f GDPR.

When registering for an event via our web forms, we work together with the service provider TYPEFORM S.L., Carrer Bac de Roda 163, 08018 Barcelona, Spain (“Typeform”). The purpose of the cooperation is the professional administration of online registrations. For this purpose, the data collected are stored on the servers of Typeform within the EU.

We have signed a data processing agreement with Typeform. By this contract the Typeform assures that they process the data on our behalf in accordance with the GDPR and guarantee the protection of the rights of the persons concerned.

We use HubSpot, a service of HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA. This is an integrated software solution use HubSpot as a customer relationship management tool (CRM) to process the data you have provided. The processing is carried out on our behalf, based on a data processing agreement we have with HubSpot. In this agreement HubSpot ensures that HubSpot processes the data in accordance with the GDPR and ensures the protection of the data subject’s rights. HubSpot is a US-based software company with a representative in Ireland. However, it cannot be ruled out that the information is transmitted to and stored by a server of HubSpot in the USA or elsewhere outside the EEA. HubSpot is certified under the terms of the EU-US Privacy Shield Framework and is governed by the TRUSTe’s Privacy Seal and the US-Swiss Safe Harbor Framework, which ensures the security of your data. Hubspot uses Standard Contractual Clauses that apply with respect to Personal Data that is transferred outside the EEA, either directly or via onward transfer, to any country not recognized by the European Commission as providing an adequate level of protection for personal data (as described in the Data Protection Law).

Photos and Video-Footage during the events

To document our event visually, photos and videos will be made. It cannot be ruled out that you may be directly or indirectly identified on the photographs or videos, thus the data concerned may be personal data.

The recordings will be used in print, digital or online for news in connection with the event as well as for internal reporting. Furthermore, the footage is published on our media platforms such as Facebook, Instagram or our website for post-event reporting. This processing is particularly necessary in order to document and advertise our event. The data processing is based on Art. 6 Para. 1 S. 1 lit. f DSGVO. The mentioned purposes are legitimate interests in the sense of the mentioned regulation.

The recordings are stored for 5 years.

When subscribing to our newsletter

When you subscribe to our newsletter we process your email address based on your explicit consent Article 6 para. 1 subpar. 1 lit. a GDPR to provide you with regular information about us, our partners (https: //toa.berlin/partners-2018/) and the Tech Open Air Festival.

To send and personalize our newsletters, we use HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA (“HubSpot”).

HubSpot enables us to measure and evaluate the behavior of our newsletter recipients. This includes the opening, click, bounce, delivery, unsubscription and conversion rates. This evaluation is carried out through pixel-tags, which collect information such as the IP address, browser type/version, email client and time of retrieval. In this way, it is also possible to track who opens the email and clicks on the links it contains. The evaluation of the user behaviour is carried out for the purpose of measuring the success of the email campaigns and improving our our offer.

The data you provide will be transferred to a HubSpot server in the USA and stored there.

For more information about privacy related to HubSpot, please refer to their Privacy Policy.

The revocation of your consent is possible at any time, e.g. via a link at the end of each newsletter. Alternatively you can send us an email with your revocation request.

When contacting us through the contact form

For general inquiries, we offer you the possibility to contact us via a form provided on the website. The following information is required as mandatory information:

  • Name;
  • Email address;
  • Subject;
  • Your message.

We process this information to determine who has made the request and to be able to answer it. The processing is initiated by you and is necessary for the purposes of our legitimate interest in answering a contact request, Article 6 para. 1 subpar. 1 lit. f GDPR.

The personal data collected by us when contacting us will be deleted after the request has been completed.

When applying for a job through our website

In the “Jobs” section on our website, you have the opportunity to apply for vacancies. When applying we will process your name, email address and phone, your experience with TOA and visa requirements for Germany. You will be also asked to upload your CV /Resume as PDF, DOC, DOCX, JPG or PNG file and insert a cover letter in the designated field.

The processing of your personal data is necessary to identify you as an applicant, estimate whether your application meets our requirements and to contact you during the application process. The processing initiated by your request and is based on Article 88 para. 1 GDPR in conjunction with § 26 para. 1 German Federal Data Protection Act, respectively on Article 6 para. 1 subpar. 1 lit. b GDPR as steps at your request prior to entering into a contract and on Article 6 para. 1 subpar. 1 lit. f GDPR for the purposes of the legitimate interests pursued by us. Unsuccessful applications will be deleted after 3 months at the latest, unless you have explicitly consented based on Article 6 para. 1 subpar. 1 lit. a GDPR to a longer retention period.

Disclosure of personal information

Except in the aforementioned cases of processing on behalf of us, we shall disclose your personal data to third parties only in the following cases:

Web hosting

Our website is hosted by WordPress (hereinafter “Wordpress”)

Based on Art. 6 Subs. 1 Sentence 1 lit. f GDPR and due to our legitimate economic interest to run this website wordpress processes on our behalf data in connection with the use of this website. In a data processing agreement we have with WordPress, WordPress assures to be GDPR-compliant and to protect the data subject’s rights. WordPress is a US-based company so that the information is transmitted to and stored on a server in the USA based on EU Standard Contractual Clauses, we have entered with WordPress.

Other transfer

Otherwise, we shall only pass on your personal data to third parties if:

  • you have given your explicit consent pursuant to Article 6 Para. 1 S. 1 lit a of the GDPR;
  • pursuant to Article 6 para. 1 S. 1 lit. b of the GDPR necessary for the performance of a contract with you (e.g. when you apply to a workshop);  
  • pursuant to Article 6 para. 1 S. 1 lit. c of the GDPR necessary for compliance with a legal obligation.

The third party may only use the data transferred for pre-determined purposes.

Cookies and Pixel-Tags

We use cookies and pixel tags on our website. Cookies are small files that your browser automatically creates and are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not harm your device; do not contain viruses, Trojans or other malicious software.

Personal data such as IP addresses can be stored in a cookie. However, that does not mean that we are able to identify you as a natural person through cookies.

Pixel tags (also called web-beacon or tracking pixel) are small graphics that are integrated into the HTML code of our website. The pixel tag itself does not store or change any information on your device, so pixel-tags on your device do not cause any damage, do not contain viruses, Trojans or other malware.

The pixel-tags send IP address, the referrer URL of the visited website, the time the pixel was viewed, the browser used and previously set cookie information to a web server. This enables us to carry out reach measurements and other statistical evaluations, which serve to optimize our offer.

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website. In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period. If you visit our website again to use our services, it will automatically recognize that you have already been with what settings you have made and us, so you do not have to re-enter them.

On the other hand, we use cookies and pixel-tags to statistically track the use of our website and to evaluate it for the purpose of optimizing our offer (see Section V). These cookies allow us to automatically recognize when you visit or come back to our website.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a popup appears before a new cookie is created. However, disabling cookies completely may mean that you cannot use all features of our website. You can use appropriate tools or browser add-ons, to stop pixel-tags from firing information, (for example, by the add-on “AdBlock” for the Firefox browser).

Further opt-out options can be found in the following information about the tools we use on our website.

Web analysis, Tracking and Targeting

The web analysis, tracking and targeting tools listed below are necessary for the purposes of our legitimate interests in accordance with Article 6 para. 1 subpar. 1 lit. f GDPR.

Through web analysis, we aim to ensure a needs-based design and the continuous optimisation of our website. At the same time web analysis enables us to statistically track the use of our website and evaluate it for the purposes of optimizing our offer for you.

Conversion tracking tools allow us to measure and analyse the effectiveness of certain measures on our website and on third-party platforms. We have a legitimate interest in making such measurements to target our customer communications. In this context, the user behaviour in connection with marketing measures are recorded and tracked, without disclosing the identity of the user tracked.

Through targeting tools we want to ensure that only certain advertising, based on your actual or assumed interests are displayed to you.

These interests are legitimate within the meaning of Article 6 para. 1 subpar. 1 lit. f GDPR.

The respective catagories of data processed, specific purposes and specific options to opt-out can be found in the corresponding targeting tools, listed hereinafter.

Google Analytics

Our website uses Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google”). Google uses cookies and in this context creates pseudonymous user-profiles.

The information generated by the cookies about the use of our website (e.g. IP address of the accessing computer, time of access, referrer URL and information on the browser and operating system used) are generally transferred to servers of Google in the USA and processed there. Google complies with the privacy regulations of the EU-US Privacy Shield and is registered with the US Department of Commerce’s Privacy Shield Program. Thus Google provides guarantees to comply with EU data protection law.

We use Google Analytics based on our legitimate interests (Art. 6 Para. 1 Sentence 1 lit. f DSGVO) in the analysis and optimisation of our online services and the economic operation of this website. Google therefore processes the information on our behalf in order to evaluate the use of the website, compile reports on website activity and provide us with other services relating to website activity and internet usage for market research purposes and to tailor this website to meet our needs.

We have entered into a processor agreement with Google for the use of Google Analytics. Through this agreement, Google assures that it processes the data in accordance with the General Data Protection Regulation and guarantees the protection of the rights of the data subject.

We Google Analytics exclusively with IP anonymization enabled. This means that Google shortens the IP address of users within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is transmitted to a Google server in the USA and shortened there. The IP address is, by no means, merged with other data held by Google.

We do not use the Universal Analytics with User ID offered by Google.

If necessary, the collected data will be transferred to third parties, if this is required by law or if third parties process the data on behalf of third parties.

The user data collected via cookies will be automatically deleted after 14 months.

You can prevent the installation of cookies by setting the browser software accordingly. However, we would like to point out that in this case not all functions of this website can be used fully.

You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on.

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from capturing data by clicking on the following link.

Analytics Opt-Out

An opt-out cookie will be set to prevent your data from being collected in the future when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

For more information about privacy in connection with Google Analytics, see the Google Analytics Help. For information on Google’s use of data, please see Google’s privacy policy.

Google Ads

On our website we use Google Ads (Conversion Tracking and Remarketing) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google”). The service enables us to design, statistically record, optimize and display advertising content according to our needs. In order to ensure the visibility of our offer, we are dependent on such advertising content. Google Ads places a cookie on your computer if you have accessed our website via a Google advertisement. These cookies lose their validity after 90 days. If you visit certain sections of our website and the cookie has not yet expired, Google may recognize that you have clicked on the ad and have been directed to that page.

In addition, we use remarketing pixels to collect and evaluate information about your use of our website. This enables us to address you on other websites with content relevant to you. According to Google, the data collected during remarketing is not merged with any personal data stored by Google. In addition, Google pseudonymises this data. Remarketing data based on tags are stored for 90 days.

The information generated by the cookie and pixel tag about your use of this website, such as click performance on texts and products or interactions with videos, are transmitted to a Google server in the USA and stored there. Google complies with the EU-US Privacy Shield regulations and is registered with the US Department of Commerce’s “US Privacy Shield” program.

Each ads customer receives a different cookie. As a result, cookies cannot be traced beyond the respective ads customer websites. The information collected using the conversion cookie is used to generate conversion statistics for ads customers who have opted for conversion tracking. As an ads customer, we see the total number of users who have clicked on an ad and been directed to a site with a conversion tracking tag. However, we do not receive any information that personally identifies you.

If you do not wish to participate in the tracking method, you can also decline to set a cookie as required for this – for example, by setting your browser to disable the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”. You can opt out to the use of the remarketing pixel here.

Remarketing Opt-Out

Google’s privacy policy can be found here.

Google Tag Manager

Our website uses the Google Tag Manager tool from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Tag Manager is used to manage the Google tools described in this privacy statement. For details regarding these tools, please refer to the information regarding the specific tool.

The Tag Manager tool itself (which implements the tags) is a cookie-free domain. The tool however, triggers other tags that may collect data. Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it will apply to all tracking tags implemented with Google Tag Manager.

For more information about Google Tag Manager, see the terms of use for this product.

Google’s privacy policy can be found here.

d) LinkedIn Analytics and LinkedIn Ads

We use the marketing services “LinkedIn Ads” and “LinkedIn Analytics” of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter “Linkedin”). The service enables us to obtain statistical information about visitors to our website. This enables us to tailor and place our content and advertising to meet your needs. The following personal data is usually transmitted to a server in the USA through a pixel tag embedded in our website (so-called LinkedIn Insight Tag):

  • IP addresses,
  • LinkedIn User ID/Cookie ID
  • Information on the browser and operating system used as well as
  • Information about the use of our website.

LinkedIn complies with the EU-US Privacy Shield and is registered with the US Department of Commerce’s US Privacy Shield Program.

The data processed using the embedded insight tag is stored in a cookie. The purpose of the cookie is to enable you to see relevant offers and recommendations that may be of interest to you after you have informed yourself on the website about certain services, information and offers.

You may opt out of LinkedIn’s analysis of your usage patterns and the display of interest-based recommendations here:

LinkedIn opt-Out

An opt-out cookie is set to prevent your information from being collected in the future when you visit this site. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

LinkedIn members can also edit their advertising preferences here. For more information about LinkedIn’s privacy practices, see the LinkedIn Privacy Policy and LinkedIn Cookie Policy.

HubSpot

We use HubSpot, a service of HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA. This is an integrated software solution use HubSpot as a customer relationship management tool (CRM). At the same time, HubSpot produces various reports on our behalf in order to optimize our website. HubSpot uses Cookies and automatically generated information about your use of our website.  These cookies lose their validity after XX days.

The processing is carried out on our behalf, based on a data processing agreement we have with HubSpot. This ensures that HubSpot processes the data in accordance with the GDPR and ensures the protection of the data subject’s rights. HubSpot is a US-based software company with a representative in Ireland. However, it cannot be ruled out that the information generated by the cookie about your use of this website is transmitted to and stored by a server of HubSpot in the USA. Therefore, HubSpot is certified under the terms of the EU-US Privacy Shield Framework and is governed by the TRUSTe’s Privacy Seal and the US-Swiss Safe Harbor Framework, which ensures the security of your data.

If you do not want this, you can reject the processing of your data at any time.

Hubspot Opt-Out

For more information on privacy at HubSpot, please refer to their Privacy Policy.

Twitter Conversion Tracking

This website uses the Twitter online advertising program “Conversion Tracking” and the associated pixel tag technology from Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA (hereinafter “Twitter”). This allows us to track your user behaviour when you have viewed or interacted with ads on Twitter.  This gives us a better overview of how successful our campaigns on Twitter are and enables us to continually optimize these campaigns.

The pixel tag is loaded to or from your device when you respond to an ad we place on Twitter, for example by clicking a link to our website. In this context, a pixel ID is created and stored in a cookie so that we can temporarily analyze your user behavior. The pixel tag is not used to identify you personally.

If you do not want us to evaluate your user behaviour in connection with Twitter ads, you can prevent the use of cookies by setting your browser accordingly. As a user of Twitter, you also have the option of configuring your data protection settings to determine how data about you is processed by Twitter. Alternatively, and with a view to processing using pixel tags, you can opt out by clicking on the following button.

Twitter Opt-Out

In connection with the use of Twitter Conversion Tracking, the information collected is also processed on servers of Twitter Inc. in the USA. Twitter is certified under the EU-US “Privacy Shield” data protection agreement and is therefore committed to complying with European data protection regulations.

You can find further information on data protection at Twitter in their Help Center.

Twitter Ads

This website uses Twitter ads from Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107 (USA) (“Twitter”). Twitter Ads enables us by using pixel tags and cookies to implement targeted advertising, re-targeting and conversion measurements for online advertising. In doing so, offers for specific target groups are played out on the basis of a selection of general criteria, such as demographic characteristics, regions or interests. Twitter Ads also allows us to target ads based on your previous website views. For example, advertisements and references to our offers and content may be displayed if you are interested in certain services, information or offers on our website. Only general and technical information about the web sites accessed is evaluated. If you do not wish to be tracked by Twitter in general, you can prevent the storage of cookies at any time by changing your browser settings, which could restrict their function.

Twitter is certified under the EU-US Privacy Shield and is committed to complying with European data protection regulations. Twitter also adheres to the do-not-track setting of your browser. Further information can be found on the Twitter pages.

As a Twitter user, you can also opt out of the data processing described above by unchecking the “Tailor ads based on information shared with advertisers” box next to the “Sponsored Content” heading in your Security and Privacy Settings. More information can also be found on the Twitter’ website.

Alternatively, and with a view to processing using pixel tags, you can opt out by clicking on the following button.

Twitter Opt-Out

You can find further information on data protection at Twitter in their Help Center.

Facebook Pixel

We use the pixel tag of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”). Facebook Pixel allows us to see how you react to our Facebook ads, for example, when you click on a link in the ad that leads to our website. This gives us a better understanding of how successful our Facebook campaigns are and enables us to continually improve them. In this context, a pixel ID is created and stored in a cookie so that we can analyze your user behavior until the pixel count expires. The pixel tag is not used for personal identification.

If you do not want us to evaluate your user behavior in connection with Facebook ads, you can, as a Facebook user, object to the collection by the Facebook pixel in the settings for Facebook ads after logging into your account. If you would like to opt out from the data processing with Facebook’s pixel on our website, click here on the opt-out link:

Facebook pixel opt-out

An opt-out cookie is stored on your device. If you delete your cookies, you must opt out again.

In connection with the use of Facebook Pixel, the information collected may also be processed on Facebook Inc. servers in the United States. Facebook is certified under the EU-US Privacy Shield and is committed to complying with European data protection regulations.

You can find more information about privacy on Facebook in their help section.

Facebook Custom Audiences

This website also uses Facebook Custom Audiences from Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”). This is a Facebook marketing service that allows us to display personalized and targeted advertising on Facebook to certain groups of pseudonymous visitors to our website who also use Facebook.

Our website has an integrated Facebook Custom Audience pixel that stores personal information about the use of the website. This includes your IP address, the browser you are using, and the source and target pages. This information is transferred to Facebook servers in the United States. There it is automatically checked whether your browser has saved a Facebook cookie. The Facebook cookie automatically determines whether you belong to the target group relevant to us. If you belong to the target group, we will display corresponding ads on Facebook. During this process, you will not be personally identified by us or Facebook by comparing the data.

Facebook is subject to the EU-US Privacy Shield to ensure an adequate level of privacy.

You may opt out of using the Custom Audiences service on Facebook’s website. After logging in to your Facebook account, you will be taken to the settings for Facebook ads.  

Facebook Custom Audiences opt-out

An opt-out cookie is stored on your device. If you delete your cookies, you must opt out again.

For more information about privacy on Facebook, please see Facebook’s Privacy Policy.

Social Media Elements and Plugins

YouTube

We use on our website components (videos) of the company YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA (hereinafter: “YouTube”), a company of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: “Google”), on the basis of our legitimate interests in accordance with Art. 6 para. 1 subpar.. 1 lit. f DSGVO to make our website more attractive for you.

We use the “enhanced privacy mode” option provided by YouTube to do so.

When you visit a page that has an embedded video, YouTube connects to the YouTube servers and displays the content on the website by notifying your browser.

According to YouTube, in “extended data protection mode”, your data – in particular the pages of our website you have visited and device-specific information including your IP address – will only be transmitted to the YouTube server in the USA when you watch the video. By clicking on the video, you consent to this transmission.  

If you are logged in to YouTube at the same time, this information will be assigned to your YouTube member account. You can prevent this by logging out of your account before you visit our website.

Google complies with the US Privacy Shield and is registered with the US Department of Commerce’s US Privacy Shield program.

For more information about YouTube privacy, please see Google’s Privacy Policy.

Your Data Subject Rights

You have the right,

  • pursuant to Article 7 para. 3 of the GDPR, to revoke the consent you have given us at any time. As a consequence of this, we may no longer perform the data processing based on this consent in the future;
  • pursuant to Article 15 of the GDPR, to obtain information about your personal data processed by us. In particular, you can request information about the purpose of processing, the category of the personal data, the categories of recipients, to whom your data were or will be disclosed, the planned duration of storing, the existence of a right to correction, erasure, restriction of processing or objection, existence of the right to complain, the origin of your data insofar as they were not collected by us, as well as the existence of automated decision making including profiling and if required, meaningful information relating to the details of this.
  • pursuant to Article 16 of GDPR, to obtain immediate correction of incorrect data or the completion of your personal data which we have stored;
  • pursuant to Article 17 of the GDPR, you may obtain the erasure of the personal data we have stored, where processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, for the establishment, exercise or defence of legal claims;
  • pursuant to Article 18 of the GDPR, to obtain the restriction of processing, where the accuracy of the personal data is contested by you, the processing is unlawful, however you oppose the erasure of the personal data, and we no longer need the data, however you require them for the establishment, exercise or defence of legal claims, or you have objected to the processing pursuant to Article 21 of the GDPR;
  • pursuant to Article 20 of the GDPR, to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, or to transmit those data to another controller;
  • pursuant to Article 77 of the GDPR, to lodge a complaint to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.

Information regarding your right to object pursuant to Article 21 of the GDPR

You have the right at any time, on grounds relating to your particular situation, to object and prevent the processing of personal data concerning you pursuant to Article 6 para. 1 lit. e of the GDPR (Data processing in the public interest) and Article 6 para. 1 lit. f of the GDPR (Data processing on the basis of a balance of interest); this also applies to profiling based on the provision of Article 4 para. 4 of the GDPR.

If you file an objection, we shall no longer process your data, unless we are able to provide proof of compelling and legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves the purpose of exercising, enforcing or defending of legal rights.

Insofar as your objection is directed against the processing of data for direct marketing purposes, we shall stop processing immediately. In this case, the specification of a particular situation is not required. This also applies to profiling insofar as it is associated with such direct advertising.

If you would like to exercise your data subject rights and right to object, just send an email to privacy@toaberlin.com.

Data security

All personal data transmitted by you shall be encrypted using the generally accepted and secure standard TLS (Transport Layer Security). TLS is a safe and proven standard, which is also used in online banking for example. You can detect a secure TLS connection, among other things from the “s” at the end of the http (i.e. https: // ..) in the address bar of your browser or the padlock icon at the bottom of your browser.

In addition, we use appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continually improved in line with technical developments.

Links to other websites

As the provider of our website, we are responsible for collecting, storing and using personal data in connection with the use of our online offer. However, we do not have any influence over whether the website operators that are linked to us comply with the relevant data protection regulations. The respective website operators are responsible for collecting, storing and using personal data on linked websites. Please ensure that you understand how personal data on these linked websites is handled by these service providers.

Updating of the privacy policy

This privacy policy is currently valid and is dated March 2019.

You can download, save and print the policy at any time from our website at https://toa.berlin/privacy/.