Privacy Policy
Privacy is of utmost priority for us. Protecting your personal data is an important concern for us. This privacy policy explains how Mimir Mentor UG (limited liability) collects, processes, and uses your personal data when you use our website and services. We adhere to the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
1. Collection and Processing of Data When Using Mimir Mentor Products
1.1 Purpose of Processing
- Provision of Contractually Agreed Services: This includes providing and delivering Mimir Mentor services such as plagiarism checks, literature management, AI writing assistance, and text correction.
- Improvement and Development of Mimir Mentor Products and AI Models: Mimir Mentor uses the collected data in an anonymized form as much as possible to train and improve its AI models and algorithms, develop new products and services, and optimize usability.
- Fraud Prevention and IT Security: Mimir Mentor processes personal data to prevent fraudulent activities, ensure the security of its systems, and prevent unauthorized access.
- Statistical Analysis and Market Research: Mimir Mentor may use anonymized data to conduct statistical analyses and market research to better tailor its products and services to the needs of its customers.
1.2 Legal Basis The processing of personal data by Mimir Mentor is based on the following legal grounds:
- Contract Fulfillment (Art. 6(1)(b) GDPR): Mimir Mentor processes the customer’s personal data to provide the contractually agreed services.
- Legitimate Interest (Art. 6(1)(f) GDPR): Mimir Mentor processes personal data based on its legitimate interest in improving and developing its products and underlying AI models, fraud prevention, ensuring IT security, direct marketing, and conducting statistical analysis and market research.
1.3 Storage Duration Mimir Mentor stores personal data only as long as necessary to fulfill the purposes stated in this privacy policy or as required by law.
- Data Related to Contract Fulfillment: Personal data necessary to provide the contractually agreed services will be stored for the duration of the contractual relationship and beyond, for the duration of the statutory retention periods.
- Data for Improvement and Development: Anonymized data that does not allow any conclusions to be drawn about the customer’s identity may also be stored and used by Mimir Mentor for research and development purposes beyond the periods mentioned above.
- Data for Other Purposes: Personal data processed for other purposes, such as fraud prevention or direct marketing, will be deleted once the purpose of the processing ceases, or if the customer withdraws their consent, provided there are no statutory retention obligations.
1.4 Disclosure to Third Parties / Recipients or Categories of Recipients Mimir Mentor may disclose personal data to the following categories of recipients:
- Processors: Service providers who process personal data on behalf of Mimir Mentor, e.g., for hosting, email delivery, or payment processing.
- Payment Service Providers: Companies that handle payment processing for Mimir Mentor.
- IT Service Providers: Companies that support Mimir Mentor in providing and maintaining IT infrastructure.
- Public Authorities: Authorities or courts if Mimir Mentor is legally obliged to do so.
- Research Institutions: Mimir Mentor may share anonymized data with universities or other research institutions for research purposes.
- Partner Companies: Mimir Mentor may share personal data with partner companies to offer joint products or services or to improve Mimir Mentor products, provided the customer has consented or it is necessary for contract fulfillment.
1.5 Transfer to Third Countries Mimir Mentor may transfer personal data to third countries outside the EU/EEA if required to provide the services or to improve and develop Mimir Mentor products. The transfer will be conducted in compliance with applicable data protection regulations, e.g., through the conclusion of standard contractual clauses or based on an adequacy decision by the European Commission. 1.6 Automated Decision-Making Mimir Mentor uses automated processes to process content, including profiling. This serves to provide the contractually agreed services and improve the AI models. Decisions based solely on automated processing that have legal effects or similarly significant impacts on the customer are not made. 1.7 Information Obligations When Collecting Data When registering for a Mimir Mentor account and using the Mimir Mentor Pro services, the following personal data is collected:
- Registration Data: Name, email address, password, and any additional information the customer voluntarily provides.
- Payment Data: For paid subscriptions, payment information such as credit card data or bank account details are collected.
- Usage Data: Information about the use of Mimir Mentor services, e.g., which functions are used, how often, and to what extent.
- Content and Processed Content: The texts and documents entered by the customer and the resulting outputs of the Mimir Mentor services.
- Technical Data: IP address, browser type, operating system, device information, etc.
These data are processed for the purposes mentioned above. 1.8 Right to Object You have the right to object at any time to the processing of your personal data based on Art. 6(1)(e) or (f) GDPR for reasons arising from your particular situation. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.
2. Data Security
Mimir Mentor takes appropriate technical and organizational measures to ensure the security of the customer’s personal data and to protect it from unauthorized access, loss, destruction, or misuse. All employees and contractors of Mimir Mentor are obligated to confidentiality and receive regular training on data protection.
3. Disclaimer of Liability
Mimir Mentor assumes no liability for the accuracy, completeness, or timeliness of the content entered by the customer or the results generated by Mimir Mentor. The customer is solely responsible for reviewing and evaluating the results before using them. Mimir Mentor’s liability for damages not resulting from injury to life, body, or health is excluded unless the damage was caused intentionally or by gross negligence. This also applies to damages caused by errors or failures of Mimir Mentor products or the use of content generated by Mimir Mentor.
4. Changes to the Privacy Policy
Mimir Mentor reserves the right to change or supplement this privacy policy at any time. Changes will be communicated to the customer in an appropriate manner, e.g., via email or by notice on the website. If the customer continues to use the Mimir Mentor Pro services after the changes come into effect, the amended privacy policy is considered accepted.
5. Rights of Data Subjects
The customer has the following rights concerning their personal data:
- Right of Access: The customer can request information from Mimir Mentor about whether and which personal data concerning them is being processed.
- Right to Rectification: The customer can request the correction of inaccurate personal data from Mimir Mentor.
- Right to Erasure: The customer can request the deletion of their personal data from Mimir Mentor, provided the legal requirements for this are met.
- Right to Restriction of Processing: The customer can request Mimir Mentor to restrict the processing of their personal data, provided the legal requirements for this are met.
- Right to Data Portability: The customer has the right to receive the personal data concerning them, which they have provided to Mimir Mentor, in a structured, commonly used, and machine-readable format, and to transmit this data to another controller.
- Right to Object: The customer has the right to object at any time to the processing of their personal data if the processing is based on Art. 6(1)(e) or (f) GDPR.
To exercise their rights, the customer can contact the Data Protection Officer of Mimir Mentor at any time: Robin Schmitt from Mimir Mentor Deutschhausplatz 1A 55116 Mainz Phone: +491726146889 Email: robin@mimir-mentor.com
6. Processing of Personal Data During Informational Use of Our Website
6.1 When you visit our website without registering or providing us with information in any other way (“informational use”), we only collect the personal data that your web browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and ensure its stability and security: IP address, date and time of the request, time zone difference to GMT, content of the website, access status (HTTP status), referring website, web browser, operating system, language, and version of the browser.
6.2 The aforementioned data is also stored in log files on our servers. This data is not stored together with any other personal data from you.
6.3 The storage of the above data in log files is used to ensure the functionality and optimization of our website, as well as to ensure the security of our information technology systems.
6.4 There is no evaluation of this data for marketing purposes. Our legitimate interest in data processing lies in the purposes mentioned above. The legal basis for the collection and temporary storage of the aforementioned data and log files is Art. 6(1) sentence 1(f) GDPR. The above data, required to provide our website, is deleted when the respective session ends. The collection of the aforementioned data for the provision of our website is mandatory for the operation of our website. There is no option to object.
7. Processing of Personal Data Through Cookies
7.1 We use cookies on our website. Cookies are small text files that are stored on your device’s storage medium, such as a hard drive, and allow us to receive certain information from the entity that sets the cookie. Cookies cannot run programs or transmit viruses to your device. This website uses the following types of cookies, which are explained in detail below.
7.2 Cookies stored in association with your web browser:
- Transient Cookies: These cookies are automatically deleted when you close your web browser. These include, in particular, session cookies. They store a session ID, which allows various requests from your web browser to be assigned to the same session. This enables your device to be recognized when you return to our website. Session cookies are deleted as soon as you log out or close the web browser.
- Persistent Cookies: These cookies are automatically deleted after a specified duration, which may vary depending on the cookie. You can delete these cookies at any time in the settings of your web browser.
7.3 The processing of personal data through the above cookies is intended to make the overall offering of our website more user-friendly and efficient for you. Some features of our website cannot be offered without the use of these cookies. In particular, some features of our website require that your web browser can still be identified after a page change. If you have an account, we use cookies to identify you for future visits. This avoids the need for you to log in again each time you visit our website. The data processed by cookies that are necessary for providing the features of our website are not used to create user profiles. Cookies used for analysis purposes help to improve the quality and user-friendliness of our website, its content, and features. They allow us to understand how the website and its functions are used and how frequently. This enables us to continually optimize our offerings.
7.4 Insofar as cookies are not technically necessary, we only use them with your prior consent, which you can revoke at any time. The legal basis for this is Art. 6(1)(a) GDPR.
7.5 The aforementioned cookies are stored on your device and transmitted to our server from there. You can therefore configure the processing of data and information through cookies yourself. You can make the appropriate settings in your web browser, for example, to refuse third-party cookies or cookies altogether. In this context, we would like to point out that you may not be able to use all the functions of our website properly if you do so. Additionally, we recommend regular manual deletion of cookies and your browser history.
8. Other Features and Offers on Our Website
8.1 In addition to the informational use of our website, we offer various services that you can use if you are interested. For this, you generally need to provide additional personal data. We need this data to provide the respective service. The principles of data processing outlined above apply to this data.
8.2 To some extent, we use external service providers for the processing of this data, who have been carefully selected and commissioned by us. These service providers are bound by our instructions and are regularly monitored by us. If personal data is passed on to third parties in the course of services that we offer together with partners, you can find more information in the following descriptions of the individual services. If these third parties are based in a country outside the European Economic Area, you can find more information about the implications of this in the following descriptions of the individual services.
9. Contacting Us
9.1 If you contact us via email, the personal data you provide with your email will be stored.
9.2 We also provide a contact form on our website that you can use to reach out to us. The data you enter into the input form will be transmitted to us and stored: salutation, first name, last name, and email address.
9.3 The data is used exclusively to respond to your inquiries. Unless explicitly stated otherwise in this privacy policy, the data will not be shared with third parties. We also collect your IP address and the time of submission.
9.4 The processing of the aforementioned personal data is solely for handling your inquiries.
9.5 The processing of additional personal data collected through the use of the contact form on our website serves to prevent misuse and ensure the security of our IT systems.
9.6 This is also our legitimate interest in processing your personal data. If you have given us consent for this, the legal basis for processing this data is Art. 6(1)(a) GDPR. Otherwise, the legal basis for processing this data is Art. 6(1)(f) GDPR, particularly if the data is transmitted to us by you via email. If you wish to initiate a contract through your email, Art. 6(1)(b) GDPR provides an additional legal basis.
9.7 The data will be deleted once we have fully processed your inquiry, subject to statutory retention periods. If you contact us by email, you can object to the storage of your personal data at any time. Please note that in this case, we may not be able to continue processing your inquiry. You can declare your revocation or objection by sending an email to the email address provided in our legal notice.
10. Mimir Mentor Newsletter
10.1 Product Newsletter
If you have signed up for a Mimir Mentor account or subscribed to Mimir Mentor Pro, we will occasionally inform you by email about product news at Mimir Mentor, such as the introduction of new features, improvements to existing features, or the availability of new services. This also includes information and tips on the optimal use of Mimir Mentor Pro. We are authorized to use your email address for this purpose under the legal requirements of § 7(3) UWG (German Act Against Unfair Competition). Given the existing contractual relationship, it is also in our legitimate interest to inform you accordingly (Art. 6(1)(f) GDPR). If you do not wish to receive such emails from us, you can object to the use of your email address for this purpose at any time by sending an email to [removed email address] or using the unsubscribe link at the end of each email.
10.2 Marketing Newsletter and Other Marketing Communication
You will receive more detailed information about our company, products, and services if you sign up for our marketing newsletter or consent to receive marketing communications in another context. We will then periodically send you information about offers, special deals, promotions, marketing campaigns, and other news from Mimir Mentor within the scope of your consent or contact you to discuss specific products or services. The processing of your data is based on your consent (Art. 6(1)(a) GDPR). You can revoke your consent at any time with effect for the future by sending an email to [removed email address] or using the unsubscribe link at the end of each email.
10.3 Email Service Provider
We use an email service provider to send product and marketing newsletters as well as other marketing emails. As part of this, your data may be transferred to third countries. We have a data processing agreement with the email service provider, and they are only allowed to process the data according to our instructions and not for their purposes. More information about handling personal data by the email service provider can be found in their privacy policy.
Through the email service provider, we also track which emails you open and which links you click in our emails (so-called open and click rates). This allows us to understand which content is interesting to our users and, based on this, optimize our newsletter and email communication, which is in our legitimate interest according to Art. 6(1)(f) GDPR.
11. User Studies and Surveys
11.1 User Surveys
Users have the opportunity to participate in surveys via the web and app interface of our services. Participation in the surveys is voluntary. To properly analyze the survey results obtained, we match your survey responses with your product interactions that we record when you use our Mimir Mentor products. This allows us to gain better insights into users’ reactions to our services, which helps us improve our Mimir Mentor product offerings and services based on the collected survey data. Your personal data is not collected or processed during the entire process. We will not ask you to provide personal data when you participate in the survey. Additionally, your IP address is not collected or processed when recording your product interaction data. To obtain this data from you, we will assign you a user ID when you confirm your participation in the survey. This user ID—in the form of a cookie—does not reveal any personal data about the individual behind the interaction data and is therefore anonymized.
Your survey results and product interaction data (if any) will be stored and processed by Mimir Mentor for up to 2 years.
If personal data is nevertheless collected or processed during the aforementioned process—which we do not anticipate—we justify this under Art. 6(1)(f) GDPR, as this constitutes the least intrusive method for the user’s rights compared to an opt-in and is consistent with the principle of data minimization. You can withdraw your consent to the cookie at any time with effect for the future by clearing your browser cache.
11.2 Customer Surveys
We encourage our customers to share their experiences with our products. Mimir Mentor may occasionally ask you via email or other communication channels about your experiences and/or satisfaction with our products. Participation in these surveys is voluntary, and most surveys can be answered anonymously. However, in some cases, you may be asked to provide your name and/or email address, either optionally or as a condition for responding to the survey. If you provide us with your email address, we may follow up with you (e.g., to invite you to participate in research studies or to share your experiences in a conversation with our team).
The processing of your data is in line with our legitimate interests according to Art. 6(1)(f) GDPR, to improve our products and further develop them according to customer needs. If you provide your name and/or email address in the survey, we justify the processing of your data based on your consent under Art. 6(1)(a) GDPR. You can withdraw this consent at any time with effect for the future.
12. Blog
12.1 We offer a blog on our website where we publish articles on various topics.
12.2 If you have given us consent to store data, you can revoke it at any time. You can object to the storage of the aforementioned data at any time.
13. Online Application
13.1 We offer you the opportunity to apply online via our website. To participate in the application process, it is necessary to provide personal data. This data may include, among others, personal information such as first name, last name, address, date of birth, contact details like phone number or email address, as well as information related to your educational and/or professional background, such as school and work certificates, data on education, internships, or previous employers. These data may come from an online application form you fill out on the application platform or from documents you provide, such as a cover letter, resume, application photo, certificates, or other job-related qualifications. Data that is mandatory for participation in the application process is marked as such. Unless otherwise specified in this privacy policy or unless a third-party provider is mentioned whose service we use to provide the online application function, no data is passed on to third parties.
13.2 We process the aforementioned data for the purpose of conducting the application process. If you have given us your consent, the legal basis for the processing of the data is Art. 6(1)(a) GDPR. If the processing of the aforementioned data is for the initiation of contractual relationships, the legal basis is Art. 6(1)(b) GDPR.
13.3 The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. If the application process leads to an employment relationship, apprenticeship, internship, or other service relationship, the data will initially continue to be stored and transferred to the personnel file. Otherwise, the application process ends with the receipt of a rejection. In this case, the data will be deleted after four weeks. Data will not be deleted if further processing and storage of your personal data is necessary in individual cases for the assertion, exercise, or defense of legal claims. In this case, we have a legitimate interest in further processing and storing your personal data. The legal basis is Art. 6(1)(f) GDPR. Data will also not be deleted if we are legally required to continue storing your personal data.
13.4 You can revoke any consent you have given us at any time. You may object to the processing of your personal data at any time. In particular, you have the option to withdraw your application at any time. During the application process, you should only provide us with the personal data that is necessary for participation in the application process and its execution. There is no legal or contractual obligation to provide data. However, we would like to point out that we cannot conduct the application process and cannot consider your application without this data. The same applies in the event of an objection to the processing of your data. You can have the data stored about you changed at any time.
14. Registration
14.1 To use additional features of our website, we offer the option to register by providing personal data. The data is entered into an input form, transmitted to us, and stored. The data is not passed on to third parties. Mandatory fields required for registration are marked as such and must be fully completed; otherwise, we will reject the registration. The following data is collected during the registration process: first name, last name, and email address.
14.2 At the time of registration, the IP address and date and time of registration are also stored. As part of the registration process, user consent for the processing of this data is obtained.
14.3 Registration is necessary for providing certain content and services on our website. The data entered for this purpose is used solely for using the respective offer or service or for providing the services for which you have registered. In the event of significant changes to our offers, services, or features, such as changes in the scope of the offer or technical modifications, we will use the email address provided during registration to inform you. The legal basis for data processing is Art. 6(1)(a) GDPR. If registration serves the conclusion or performance of a contract, Art. 6(1)(b) GDPR provides an additional legal basis.
14.4 You may revoke any consent you have given us at any time. The legality of the data processing that has already taken place remains unaffected by the revocation.
14.5 The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case if the registration on our website is canceled or modified. You have the option to cancel the registration at any time. You can also change the data stored about you at any time. Statutory retention periods remain unaffected.
14.6 We only transfer personal data to third parties if it is necessary for contract processing. Any further transmission of data does not occur or only if you have expressly agreed to the transmission. Your data will not be shared with third parties without explicit consent, such as for advertising purposes.
14.7 If you have given us consent, the legal basis for data processing is Art. 6(1)(a) GDPR. Otherwise, the legal basis is Art. 6(1)(b) GDPR.
15. Purchase or Order
15.1 We offer paid services on our website. For this purpose, we process the personal data you provide.
15.2 The processing is carried out to establish and perform a contractual relationship with you. If you have given us your consent, the legal basis for the processing is Art. 6(1)(a) GDPR. Otherwise, the legal basis for processing is Art. 6(1)(b) GDPR.
15.3 You may revoke any consent you have given us at any time. You can object to the processing of your personal data at any time. However, we would like to point out that a contract cannot be concluded without this data.
15.4 The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case if we no longer need your personal data to perform the contractual relationship or to improve our services. Data will not be deleted if we are legally obliged to continue storing your personal data.
16. Payment Service Providers
16.1 For payment processing, we transmit the payment data you provide to us to Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA.
16.2 The transmission of payment data and its processing by the aforementioned payment service provider(s) is carried out for the purpose of payment processing. The use of external payment service providers allows us to offer you a selection of different payment methods, making payment processing more flexible for both you and us. This also constitutes our legitimate interest. If you have given us your consent, the legal basis for processing the data is Art. 6(1)(a) GDPR. If the processing of the aforementioned data is necessary for the handling and performance of the contractual relationship, the legal basis is Art. 6(1)(b) GDPR. Additionally, the legal basis is Art. 6(1)(f) GDPR.
16.3 You may revoke any consent you have given us at any time. You can object to the processing of your personal data at any time. However, we would like to point out that without the transmission of payment data and/or processing by the payment service provider, not all payment methods may be available to you, and the execution of the contract may not be possible.
16.4 Your payment data is transmitted to and processed on the servers of our payment service provider in the USA. The payment service provider has committed to the Privacy Shield agreement between the European Union and the USA, is certified, and has thereby pledged to comply with the standards and regulations of European data protection law.
17. Facebook Pixel
We use the service on our website.
The service allows the provider to display our ads on Facebook, known as “Facebook Ads,” only to Facebook users who have visited our website, especially those who have shown interest in our online offerings or specific topics or products. The service enables us to check whether a user was redirected to our website after clicking on our Facebook Ads. The service uses cookies, which are small text files stored locally in the cache of your web browser on your device. If you are logged into Facebook with your user account, visiting our online offerings is recorded in your user account. The data collected about you is anonymous to us, meaning we cannot draw any conclusions about the identity of the users. However, this data may be linked by the provider to your user account. We have no control over the extent and further use of data collected by the provider through the use of the service. According to our knowledge, the provider receives the information that you have accessed the corresponding part of our website or clicked on an ad from us. If you have a user account with Facebook and are registered, the provider can assign the visit to your user account. Even if you are not registered with Facebook or are not logged in, the provider may be able to find out and store your IP address and possibly other identification characteristics.
We use the service for marketing and optimization purposes, particularly to deliver relevant and interesting ads for you and thus improve our offering, making it more interesting for you as a user and avoiding annoying ads.
The legal basis is Art. 6(1)(a) GDPR (consent).
Provider: Meta Platforms Ireland Limited
4 Grand Canal Square
Grand Canal Harbour
Dublin 2, Ireland
Facebook
18. Google Ads
We use the service on our website.
The service allows us to draw attention to our offers on external websites using advertising materials. This helps us determine how successful individual advertising measures are. These advertising materials are delivered by the provider through so-called “AdServers.” For this purpose, we use AdServer cookies that measure certain parameters for success, such as the display of ads or clicks by users. If you reach our website via an advertisement, the service stores a cookie on your computer. These cookies are not intended to identify you personally. Typically, the following information is stored in this cookie for analysis: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wishes to be addressed). These cookies allow the provider to recognize your web browser. If a user visits certain pages on the website and the cookie stored on their computer has not expired, the provider and the website operator can recognize that the user clicked on the ad and was redirected to this page. Each website operator is assigned a different cookie. Thus, cookies cannot be tracked across the websites of other site operators. We do not collect or process any personal data in these advertising measures. We only receive statistical evaluations from the provider. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising materials; in particular, we cannot identify users based on this information. Due to the marketing tools used, your browser automatically establishes a direct connection to the provider’s server. We have no control over the extent and further use of data collected by the provider through the use of the service. According to our knowledge, the provider receives the information that you have accessed the corresponding part of our website or clicked on an ad from us. If you have a user account with the provider and are registered, the provider can assign the visit to your user account. Even if you are not registered with the provider or are not logged in, the provider may be able to find out and store your IP address.
We use the service for marketing and optimization purposes, particularly to deliver relevant and interesting ads for you and thus improve our offering, making it more interesting for you as a user and avoiding annoying ads.
The legal basis is Art. 6(1)(a) GDPR (consent).
Provider: Google Ireland Limited
Google Building Gordon House
Barrow St
Dublin 4, Ireland
Tel. +353 1 543 1000
Fax +353 1 686 5660
Google
Google Privacy Policy
19. Google Fonts
We use the service on our website. The service allows us to use external fonts. When our website is accessed, the required font is loaded from your web browser into the browser cache. This is necessary for your browser to display our texts in an optimized way. If your browser does not support this function, a standard font from your computer will be used for display. The integration of these fonts occurs via a server request to a server of the provider. This communicates to the server which of our web pages you have visited. The IP address of the browser of your device is also stored by the provider. We have no control over the extent and further use of the data collected and processed by the provider through the use of the service. We use the service for optimization purposes, particularly to improve the usability of our website for you and to make its design more user-friendly. The legal basis is Art. 6(1)(f) GDPR.
Provider: Google Ireland Limited
Google Building Gordon House
Barrow St
Dublin 4, Ireland
Tel. +353 1 543 1000
Fax +353 1 686 5660
Google
Google Fonts
20. Google Tag Manager
We use the service on our website. The service allows us, as marketers, to manage website tags via an interface. The tool that implements the tags is a cookie-less domain and does not itself collect any personal data. The service triggers other tags, which may collect data. The service does not access this data. If deactivation has been carried out at the domain or cookie level, it remains in effect for all tracking tags implemented with the service.
Provider: Google Ireland Limited
Google Building Gordon House
Barrow St
Dublin 4, Ireland
Tel. +353 1 543 1000
Fax +353 1 686 5660
Google
Google Privacy Policy
21. Hotjar
We use the service on our website. The service stores and processes information about your user behavior on our website. For this purpose, the service uses cookies, which are small text files stored locally in the cache of your web browser on your device, allowing for an analysis of your use of our website. We use the service to analyze the use of our website and to continuously improve individual functions, offers, and the user experience. The statistical evaluation of user behavior allows us to improve our offerings and make them more interesting for you as a user. The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. The legal basis is Art. 6(1)(a) GDPR (consent). You can prevent the storage of cookies generated by this service by making the appropriate settings in your web browser. Please note that you may not be able to use all functions of our website in this case.
Provider: Hotjar Ltd.
Dragonara Business Centre, 5th Floor
Dragonara Road, St Julian’s STJ 3141
Paceville, Malta
Tel. +1 855 464-6788
Hotjar
Hotjar Company Details
22. PostHog
This website uses features from the PostHog service to analyze and optimize user behavior and the user-friendliness of our site. These features are provided by PostHog Inc, 965 Mission Street, San Francisco, CA 94103, USA. PostHog can record and replay your behavior on our website. The storage of this data is limited in time and is used exclusively to improve our service based on your needs. For more information, please refer to PostHog’s privacy policy: PostHog Privacy Policy. The legal basis is Art. 6(1)(a) GDPR (consent).
Provider: PostHog Inc
965 Mission Street
San Francisco, CA 94103, USA
PostHog
23. Mailchimp
We use the service on our website. The service stores and processes information about your user behavior on our website. For this purpose, the service uses cookies, which are small text files stored locally in the cache of your web browser on your device, allowing for an analysis of your use of our website. We use the service to analyze the use of our website and to continuously improve individual functions, offers, and the user experience. The statistical evaluation of user behavior allows us to improve our offerings and make them more interesting for you as a user. The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. The legal basis is Art. 6(1)(a) GDPR (consent).
Provider: The Rocket Science Group, LLC
675 Ponce de Leon Ave NE, Suite 5000
GA 30308, Atlanta, United States
Tel. +1 678 9990141
Mailchimp
24. YouTube
We use the service on our website. When accessing a webpage that has embedded media content from the provider, data is transferred to a server of the provider and stored there. If you have a user account with the provider and are registered, the provider can assign the visit to your user account. The provider stores this data as usage profiles and uses it for advertising, market research, and/or the demand-oriented design of its websites. Such an evaluation is carried out in particular (also for non-logged-in users) to display demand-oriented advertising and to inform other users about your activities on our website. You have the right to object to the creation of these user profiles. Please contact the provider directly for this purpose. We integrate content from the provider on the pages of our online presence to make this content directly available to you without requiring you to retrieve the content separately on the provider’s pages. This allows us to improve and make our offering more interesting for you. The legal basis is Art. 6(1)(a) GDPR (consent).
Provider: Google Ireland Limited
Google Building Gordon House
Barrow St
Dublin 4, Ireland
Tel. +353 1 543 1000
Fax +353 1 686 5660
Google
Google Privacy Policy
25. Firebase
Type, Purpose, and Scope of Data Processing
The web hosting and backend services used by Paragon from Firebase are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. These types of services are used to host data and files to enable the management and use of this application. Additionally, these services provide a pre-built infrastructure that handles specific functions or entire components for Paragon. Firebase services can share data with other tools provided by Firebase, such as Crash Reporting, Authentication, Remote Config, or Notifications. Paragon uses identifiers for mobile devices and cookie-like technologies to execute Firebase services.
Processed Personal Data: Usage data; various types of data as described in the service’s privacy policy.
Privacy Policy: Firebase Privacy Policy
Legal Basis for Processing: Legitimate interest according to Art. 6(1)(f) GDPR and contract according to Art. 6(1)(b) GDPR.
We use Firebase services based on our legitimate interest in providing and optimizing our sites per Art. 6(1)(f) GDPR. Many of the cookies set are technically necessary in the sense of § 25 Abs. 2 TTDSG (e.g., offline functionality). If the services are not technically necessary, we use Firebase services only to fulfill our contractual obligations according to Art. 6(1)(b) GDPR.
Processing Location: United States
We use servers located within the EU whenever possible. However, please be aware that data collected by Firebase may be transferred to and stored on a server in the USA. It is also possible that this data may be shared with Firebase’s (Google’s) contractual partners, third parties, and authorities. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA.
Data Processing Agreement or Joint Responsibility with Google
We have concluded a Data Processing Agreement (DPA) with Firebase, which refers to the so-called Standard Contractual Clauses (SCCs) (Art. 46(2) and (3) GDPR). These are provided by the EU Commission and ensure that the level of data protection in the third country is approximately equivalent to the European standard. By signing these clauses, Firebase has committed to maintaining the European level of data protection in all processing activities concerning Paragon. The Data Processing Agreement with Firebase can be accessed here: Firebase SCCs.
Retention Period:
The session cookies set by Firebase services are partly technically necessary for the operation of Paragon and are deleted after the session ends. The retention period for all data is more precisely described in the provider’s privacy policy: Firebase Privacy Policy.
Deactivation:
Users can opt-out of certain Firebase features via the appropriate device settings of mobile devices, such as through mobile device advertising settings, or by following the instructions in Firebase’s privacy policy. You can also prevent the storage of cookies on the website by adjusting your browser settings accordingly.
Legal Basis for Processing: Legitimate interest.
Legal Basis for Data Transfer: Standard contractual clauses.
According to the CCPA, the processing constitutes a “sale.” In addition to the information contained in this clause, users can find information about the possibility of opting out of the sale in the section on California consumer rights.
Services Used: Firebase Cloud Functions, Firebase Cloud Storage, Firebase Realtime Database, Firebase Performance Monitoring, Google Analytics for Firebase.
Legal Basis: Art. 6(1)(a) GDPR (consent).
Provider: Google Ireland Limited
Google Building Gordon House
Barrow St
Dublin 4, Ireland
Tel. +353 1 543 1000
Fax +353 1 686 5660
Google
Google Privacy Policy
26. TikTok Pixel
We use the “TikTok Pixel” on this website, provided by TikTok (for the EU: TikTok Information Technologies UK Limited, Aviation House, 125 Kingsway Holborn, London, WC2B 6NH). This is a code that we have implemented on our site. With the help of this code, and upon obtaining your explicit consent, a connection with TikTok servers is established when you visit our website to track your behavior on our site. For example, if you purchase a product on our website, the TikTok Pixel is triggered and stores your actions on our site in one or more cookies. You can withdraw your consent at any time with future effect, with no additional costs beyond the base rates.
Personal data such as IP address and other information like device ID, device type, and operating system can also be transmitted to TikTok. TikTok uses email or other login or device information to identify users of our website and associate their actions with a TikTok user account.
TikTok uses this data to display targeted and personalized advertising to its users and to create interest-based user profiles. The data collected is anonymous and not visible to us and is only usable for us within the framework of measuring the effectiveness of advertising campaigns.
Generally, your data is processed within the EU or the EEA. An appropriate data protection agreement has been concluded with TikTok for this purpose. If personal data is transferred to countries outside the EU or the EEA, this is done under the Commission’s standard contractual clauses for the transfer of personal data to third countries (i.e., Standard Contractual Clauses).
You can find TikTok’s privacy policy here: TikTok Privacy Policy.
27. Real Cookie Banner
To manage the cookies and similar technologies (tracking pixels, web beacons, etc.) used on our site and the related consents, we use the consent tool “Real Cookie Banner.” Details on how “Real Cookie Banner” works can be found here: Real Cookie Banner Data Processing. The legal bases for processing personal data in this context are Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR. Our legitimate interest is in managing the cookies and similar technologies used and the consents related to them. Providing personal data is neither contractually required nor necessary for concluding a contract. You are not obliged to provide personal data. However, if you do not provide personal data, we cannot manage your consents.
Last update: September 2024