Privacy policy.

When you use our website, we process your personal data. The protection of this data is just as important to us as it is to you, which is why we adhere to all relevant laws, in particular the General Data Protection Regulation (GDPR). In this data protection information you will find all important information about the basis, purposes and length of time we process your data.

Name and contact details of the controller and the data protection officer

The person responsible for processing your data via www.diligencex.de within the meaning of the GDPR is:

DiligenceX GmbH

Voßstraße 34

10117 Berlin

info@diligencex.de

+4915224045670


Cookies and similar; Cookie banner

We use cookies or similar technologies such as pixels, tags or web beacons (hereinafter collectively referred to as "cookies") on www.diligencex.de. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device and do not contain any viruses, Trojans or other malware. Pixels are small graphics that are integrated via the HTML code of our website. The pixel tag itself does not store or change any information on your device, so pixels do not cause any damage to your device and do not contain any viruses, Trojans or other malware.

Information is stored in the cookie that is related to the specific device used. However, this does not mean that we receive direct knowledge of your identity. Cookies send your IP address, the referrer URL of the website visited, the time at which the website was viewed, the browser used and previously set cookie information to a web server. This enables us to carry out and offer the services described in this privacy policy.

The use of cookies serves, on the one hand, to technically offer you the basic use of our offer.

For example, we use so-called session cookies or transient cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site. The data processed by these cookies are required for the aforementioned purposes to protect our legitimate interests in accordance with Art. 6 Para. 1 Clause 1 Letter f of GDPR and technically in accordance with Section 25 Para. 2 No. 2 TDDDG in order to offer a service you have requested.

In addition, to optimize user-friendliness, we use temporary cookies or persistent cookies that are stored on your device for a specific period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made. The data processed by these cookies are required for the aforementioned purposes to protect our legitimate interests in accordance with Art. 6 Para. 1 Clause 1 Letter f of GDPR and technically in accordance with Section 25 Para. 2 No. 2 TDDDG in order to offer a service you have requested.

We also use third-party tools based on cookies to statistically record the use of our website and for the purpose of optimizing our offering. The cookies are set if you have explicitly consented to the cookies when accessing our website, Art. 6 Para. 1 Clause 1 Letter a of GDPR and Section 25 Para. 1 TDDDG.

If you visit our website for the first time or want to change your previous decision, you can make your settings using our cookie banner. You can find the cookie banner in the footer of our page at any time. We save your settings based on Art. 6 Paragraph 1 Clause 1 Letter f of GDPR. We have a legitimate interest in a functioning consent management system. We base the technical use on Section 25 Paragraph 2 No. 2 TDDDG, as this is necessary for the functionality of the website. We use the cookie banner of our service provider Squarespace Ireland Limited.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website. You can prevent the use of cookies on our pages using appropriate tools or browser add-ons (e.g. using the "AdBlock" add-on for the Firefox browser).

The cookies are automatically deleted after a defined period of time. You can find more detailed information in the relevant data processing.

Third-country transfer

In connection with data processing, data may be transferred to third countries, i.e. to recipients outside the EU or the European Economic Area (EEA). If there is a decision by the European Commission regarding the existence of an adequate level of protection (see Art. 45 Para. 3 GDPR) with regard to the third country, no additional measures are required for the data transfer. In the event of data being transferred to recipients based in the USA, this will be done on the basis of the so-called Transatlantic Data Privacy Framework (DPF) of July 10, 2023, provided that the recipient has the appropriate certification. A list of the currently certified companies can be found here. In other cases, as well as when data is transferred to other so-called non-secure third countries, data will only be transferred if the requirements of Art. 46 ff. GDPR are met. In concrete terms, this means that data will only be transferred to third countries if

  • the recipient provides sufficient so-called guarantees pursuant to Art. 46 GDPR for the protection of personal data,

  • you have expressly consented to the transmission after we have informed you of the risks in accordance with Art. 49 para. 1 lit. a GDPR,

  • the transmission is necessary for the performance of contractual obligations between you and us or

  • another exception pursuant to Art. 49 GDPR applies.

Which of the above-mentioned principles applies in each individual case will be explained to you during the respective processing.

Data transfers to recipients based in the USA who do not have DPF certification and for whom an adequate level of data protection cannot be established through guarantees within the meaning of Art. 46 GDPR only take place with your consent within the meaning of Art. 49 Paragraph 1 Letter a of GDPR. We would like to point out that for recipients based in the USA without DPF certification, an adequate level of data protection comparable to that in the EU cannot be guaranteed. The following risks therefore exist when personal data is transferred in this way: There is a risk that US authorities may gain access to the personal data due to the PRISM and UPSTREAM surveillance programs based on Section 702 of the FISA (Foreign Intelligence Surveillance Act) and on the basis of Executive Order 12333 or Presidential Police Directive 28. EU citizens have no effective legal protection against this access in the USA or the EU.

Further information and a copy or reference to the relevant appropriate safeguards can be found in the description of the relevant service.

Processing activities and services

In the following we inform you about the processing by this website , which is related to the use.

a) General

This website is hosted by Squarespace. Squarespace collects anonymized personal data when you visit this website, including:

  • Information about your browser, network, and device

  • Web pages you visited before coming to this website

  • Web pages you view on this website

  • Your IP address

Squarespace needs the data to operate this website and to protect and improve its platform and services. Squarespace analyzes the data in a depersonalized form.

Legal basis for processing: The processing of this data is based on our legitimate interest, as outlined in Article 6(1)(f) of the GDPR.

For further details, please refer to Squarespace’s privacy policy: https://www.squarespace.com/privacy.

b) Analytics

This website collects anonymized personal data for our website analytics, including:

  • Information about your browser, network and device

  • Websites you visited before visiting this website

  • Your IP address

This information may also include details about your use of this website, including:

  • Clicks

  • Internal Links

  • Visited pages

  • Scroll

  • Searches

  • Timestamp

We share this information with Squarespace, our website analytics provider, to learn more about site traffic and site activity.

Purpose of processing: This data is used to assess website performance, identify trends, and enhance the user experience.

Legal basis for processing: The processing of this data is based on our legitimate interest, as outlined in Article 6(1)(f) of the GDPR, to analyze and improve the website.

For further details, please refer to Squarespace’s privacy policy: https://www.squarespace.com/privacy.

c) Text field entries

When you submit information to this website through a web form, we collect the data requested in the web form in order to track and respond to your submissions. We share this information with Squarespace, our online store hosting provider, so that they can provide website services to us.

d) Fonts

This website provides font files from Google Fonts and Adobe Fonts and renders fonts using these programs. In order to display this website correctly, these third parties may receive personal information about you, including:

  • Information about your browser, network or device

  • Information about this website and the page you view there

  • Your IP address

e) Security Measures and Data Encryption

To protect the security of your data during transmission, we use SSL/TLS encryption. This encryption ensures that data you transmit to us, such as inquiries or login details, cannot be intercepted or accessed by unauthorized third parties. You can recognize an encrypted connection by the "https://" in your browser’s address bar and the lock symbol displayed in most browsers.

Rights of those affected

You have certain rights under the GDPR. These are:

Right to information

According to Art. 15 GDPR, you have the right at any time to request information from us about all data that we store about you. This includes in particular information about

  • the purposes for which we process your data,

  • the categories of data we process from you,

  • the specific recipients or, if these are not known, the categories of recipients to whom we transmit your data,

  • the period for which we store your data or, if this cannot be determined, the criteria under which we store your data and

  • if applicable, the origin of the data if we did not collect it from you.

Right to rectification

If your data that we process is incorrect or incomplete, you can request that we correct or complete this data at any time in accordance with Art. 16 GDPR.

Right to erasure (to be forgotten)

If the original legal basis for data processing no longer applies or if you have withdrawn your consent or objected to the processing or if we are not permitted to further process your data for any of the other reasons stated in Art. 17 (1) GDPR, you can request that we delete the personal data concerning you in accordance with Art. 17 GDPR.

You do not have this right if the processing is necessary to exercise freedom of expression and information or to safeguard public interests, if there is a legal obligation to do so or if it is necessary to assert, exercise or defend legal claims.

Right to restriction

According to Art. 18 GDPR, you can also request that processing be restricted. You have this right if you dispute the accuracy of the data, the processing is unlawful, we no longer need the data for the stated purposes or you have objected to the processing and in the latter two cases we are not permitted to process the data in any other lawful manner.

Right to data portability

In addition, according to Art. 20 GDPR, you can request that we transfer your data to yourself or to another responsible party in a structured, common and machine-readable format.

Right to withdraw consent

If you have given your consent as the legal basis for us processing your data, for example in accordance with Art. 6 Paragraph 1 Clause 1 Letter a or Art. 9 Paragraph 2 Letter a of GDPR, you can revoke this consent at any time in accordance with Art. 7 Paragraph 3 GDPR. If you do this, we will stop processing your data, but the legality of the processing up to the time of revocation will remain unaffected by the revocation.

Right to lodge a complaint with a supervisory authority

In accordance with Art. 77 GDPR, you can also lodge a complaint with a supervisory authority. As a rule, this should be the supervisory authority of your usual place of residence or place of work; alternatively, you can also address your complaint to the supervisory authority of our company headquarters.

RIGHT OF OBJECTION

ACCORDING TO ART. 21 GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA IF WE PROCESS YOUR PERSONAL DATA ONLY ON THE BASIS OF OUR LEGITIMATE INTERESTS AND THERE ARE REASONS FOR DOING SO FROM YOUR PARTICULAR SITUATION. IF YOUR OBJECTION IS DIRECTLY TO DIRECT MARKETING, YOU HAVE A GENERAL RIGHT TO OBJECT WITHOUT GIVING ANY SPECIFIC REASONS.

YOU CAN EXPRESS YOUR OBJECTION BY E-MAIL TO INFO@DILIGENCEX.DE.