Valida a partire dal 29.09.2023

The following data protection information is intended to give you an overview of what happens to your personal data (hereinafter also referred to as "data") in our company and to inform you of the data protection claims and rights to which you are entitled in line with the European General Data Protection Regulation ("GDPR") and national data protection legislation, for example the German Federal Data Protection Act (Bundesdatenschutzgesetz "BDSG") and the Telecommunications Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutzgesetz "TTDSG"). We therefore ask you to take note of this Privacy Policy and if necessary, to print it out or save it.

Personal data is all data with which you can be personally identified. Your personal data may be processed for various purposes. Essentially, Hummingbird Systems GmbH (hereinafter also referred to as " Hummingbird Systems" or "We") can divide the data processing operations into the following areas of application:

  • In connection with the website www.hummingbird-systems.com and other internet presences of which we link to this Privacy Policy (hereinafter referred to as "Website"), we process visitor data exchanged between their internet-enabled-devices and the server operated by us, as well as data communicated to us in connection with the use of the Website. For details, please refer to Part B.
  • For the purpose of processing or initiating contracts, we process the necessary data of our customers and interested parties. You will find more information on this under Part C.
  • Our business partners' and suppliers' data are used exclusively for the direct placing, processing and execution of orders. You will find more information on this under Part C.


Please visit each section for quick and contextual information on specific processing situations.

General information on data protection, data processing procedures and data subject rights, which applies to all data processing procedures carried out for us, can be found in Part A below.

A. General information on data protection and data subject rights


I. Who is responsible for data processing and who can you contact if you have any questions?

“Controller” according to the GDPR and other national data protection laws of the member states as well as other provisions of data protection law are:

Hummingbird Systems GmbH
Geschäftsführerin Gabriela Zwicker
Frankenstraße 152
90461 Nürnberg

Tel.: +49 911 2379460

www.hummingbird-systems.com
E-Mail: info@misaificahummingbird-systems.com


II. What rights do you have with regard to your personal data?

If your personal data is processed, you are the "data subject" as defined by the GDPR, which means that you may be entitled to the rights described below. If you assert any rights against Hummingbird Systems as the responsible party, we recommend that you direct them to the following address:

Hummingbird Systems GmbH
Frankenstraße 152
90461 Nürnberg
datenschutz@misaificahummingbird-systems.com

1. Right of access
In accordance with Art. 15 GDPR, you can request confirmation from us as to whether personal data relating to you is being processed by us and to what extent we are processing your data.

2. Right to rectification
If personal data concerning you is incorrect or incomplete, you have a right to correction and/or completion pursuant to Art. 16 GDPR.

3. Right to erasure
If the legal requirements of Art. 17 GDPR are met, you can demand that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent an immediate erasure, e.g. in the case of legally regulated storage obligations.
Irrespective of the exercise of your right to erasure, we will immediately and completely erase your data in order to fulfil our statutory obligations to erase after the processing purpose has ceased to apply, provided there is no legal or statutory retention period to the contrary.

4. The right to restriction of processing
In the cases specified in Art. 18 GDPR, you may request us to restrict the processing of your data. If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a member state.

5. Right to data portability
Pursuant to Art. 20 GDPR, you have the right to have data provided by you, which we process automatically on the basis of your consent or in fulfilment of a contract, transferred to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible. The right to data transfer does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority assigned to the person responsible.

6. Right to object
If we process your data on the basis of a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you may object to this data processing at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions (see Art. 21 GDPR). If you file an objection, we will no longer process your personal data concerned unless we can prove compelling legitimate grounds for the processing which override your interests as a data subject or for the establishment, exercise or defence of legal claims.
Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes; this also applies to profiling insofar as it is connected with such direct advertising. If you object, your personal data will no longer be used for direct marketing purposes. You can object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

7. Right to withdraw consent under data protection law
Some data processing operations are only possible with your express consent pursuant to Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Please note that even after withdrawing your consent, it may still be possible to process the data concerned in whole or in part on the basis of other legal principles.

8. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes upon GDPR (Art. 77 GDPR in conjunction with § 19 BDSG). A list of data protection authorities in Germany and their contact details can be found at the following link: www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html.

If you are of the opinion that we violate German or European data protection law when processing your data, please contact us in order to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for our company headquarters:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach
E-Mail: poststelle@misaificalda.bayern.de


III. Which personal data are processed and from which sources?

1. The origin of the personal data
We mainly process the data that we receive directly from the data subjects as part of a business relationship (see also Part C).
In addition, we process - to the extent necessary for the provision of our services or the fulfilment of a contract with you - data that we have received from other companies in our group of companies or partner companies or locally responsible companies integrated into our sales system with which we have a long-term business relationship (see www.hummingbird-systems.com/en/privacy/partners/).

In individual cases, we also process data that we have received or acquired from other third parties such as credit agencies, creditor protection associations or authorities, or that we have obtained, received or acquired from publicly accessible sources (e.g. telephone directories, company registers, press, Internet or other media).
Via our Website, we process data that we receive during your visit to the Website or that you actively communicate to us when using the Website, e.g. when using our contact form. Other data is automatically collected by our IT systems when you visit the Website. These are mainly technical data (e.g. Internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter our Website. Details can be found under Part B.

2. Categories of personal data
Among the personal data that we regularly process are personal master/contact data such as: First and last name, address, e-mail address, telephone number, fax, position in the company.
In addition, we also process the following additional personal data depending on the order/service:

  • information on the type and content of our business relationship such as contract data, order data, sales and document data, customer and supplier history, consulting documents.
  • information on financial status (for example, creditworthiness data)
  • advertising and sales data,
  • documentation data (e.g. consultation protocols, data from service meetings or support cases)
  • information from your electronic dealings with us (e.g. IP address, log-in data),
  • other data that we have received from you in the context of our business relationship (e.g. in discussions with customers),
  • the documentation of declarations of consent
  • photos taken at public events

IV. For which purposes and on what legal basis are data processed?

We process your data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) as amended, in particular on the following basis:

1. Fulfilment of (pre-)contractual obligations (Art. 6 para. 1 lit. b GDPR)
Personal data is processed on the basis of Art. 6 para. 1 lit. B GDPR in order to fulfil Hummingbird Systems's contractual obligations, in particular in connection with the sale and distribution of our goods and services as well as all activities customary in the industry for the operation or administration of Hummingbird Systems (e.g. customer administration). The data may also be processed on a pre-contractual level as part of initiating business with Hummingbird Systems or in the course of other contractual relationships with Hummingbird Systems.
Art. 6 para. 1 lit. b GDPR, for example, is the legal basis in the following cases:

  • creating and maintaining a customer account or a supplier account
  • keeping customer/prospect files or our customer/prospect database
  • sending information
  • offering and selling Hummingbird Systems Software products
  • offering and implementing our services (e.g. training, consulting and support services)

Details on the purpose of this data processing can be found in the respective contract documents and terms and conditions.

2. Safeguarding legitimate interests (Art. 6 para. 1 lit.f GDPR)
On the basis of a weighing of interests, data processing may take place beyond the actual fulfilment of a contract in order to safeguard the legitimate interests of Hummingbird Systems or third parties. That is permissible except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Data processing to safeguard legitimate interests is carried out in the following cases, for example:

  • transmission of data to companies affiliated with us (see www.hummingbird-systems.com/en/privacy/partners/)
  • consultation of and data exchange with credit bureaus and creditor protection associations to determine creditworthiness data and maintenance of a group-wide creditworthiness database to identify financial default risks in specific business transactions
  • execution of payment transactions via external service providers
  • use of debt collection service providers and lawyers to collect receivables and/or enforce them in court
  • assertion of other legal claims and defence in legal disputes
  • advertising or marketing
  • market and opinion surveys
  • image and sound recordings at public events (e.g. trade fairs, open days, workshops, industry events)
  • measures for business management and further development of our services;
  • maintaining databases on customers/prospects and service providers to improve our offering
  • carrying out a risk assessment (due diligence) in the context of any company restructuring or a company acquisition or sale
  • ensuring the IT security and IT operations of our company
  • measures for building and plant safety

3. Fulfilment of legal obligations (Art. 6 para. 1 lit.c GDPR)
The processing of your data may be necessary in part for the purpose of fulfilling various legal obligations and requirements to which we are subject, e.g. from the German Commercial Code (Handelsgesetzbuch “HGB”) or the German Tax Code (Abgabenordnung “AO”).

4. Consent (Art. 6 para. 1 lit.a GDPR)
If, in individual cases, you have given us your consent to process your data, it will be processed in accordance with the purposes and to the extent agreed in the declaration of consent. Consent given, e.g. for sending a newsletter, can be revoked at any time with effect for the future. For this purpose, please contact the contact data listed under A. No. I or No. II. Please note that processing which took place before the withdrawal is not affected by the withdrawal and under certain circumstances data processing may continue to be possible at least partially on the grounds of some other legal basis.
For this we use your data for the following purposes:

  • quality assurance: In order to continuously improve our services, our products and our services for you, we conduct surveys to your satisfaction, as well as your experiences from your contractual relationship.
  • general and personalised advertising by e-mail, fax or telephone.
  • if you have given us a SEPA Direct Debit Mandate, we will use your bank details. We collect open amounts via the SEPA Direct Debit Mandate in accordance with the contractual agreements.

V. Who receives my data?

At Hummingbird Systems, those employees or organizational units who need your data to fulfil our contractual and legal obligations or to process or pursue our legitimate interests receive it.

Your data will be forwarded to companies for the initiation or execution of a contractual relationship (e.g. provision of a service or sale of goods) in accordance with Art. 6 para. 1 lit. b GDPR or - depending on the type of concrete contractual relationship - and on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR, in particular to companies which we regularly use in connection with the provision of our service or the execution of the contract. This applies to the following recipients or recipient categories:

  • IT service providers (e.g. e-mail service providers, web hosting companies)
  • affiliated companies and partner companies (see www.hummingbird-systems.com/en/privacy/partners/)
  • sales partners
  • advertising partners
  • Vinsurances
  • banks
  • communication provider (telephone provider, fax provider)
  • payment service providers
  • shipping and logistics service providers
  • credit bureaus
  • chartered accountant
  • tax and legal advisors

If we use a service provider in the sense of order processing in accordance with Art. 28 GDPR, we shall nevertheless remain responsible for the protection of your data. Insofar as required by law, contract processors are contractually obliged by means of an order processing agreement to treat your data confidentially and to process it only within the scope of providing the service. The processors commissioned by us will receive your data insofar as they require the data to perform their respective services.

Your data will only be transferred to state institutions and authorities or collected for this purpose within the framework of mandatory national legal provisions or if you have commissioned us to do so.


VI. How long will my data be stored?

Your personal data will only be used for the purpose for which you provided it to us or for which you gave us your consent and will be stored until this specific purpose has been fulfilled. After complete processing of the purpose, or as soon as you request us to delete your data, your data will only be stored as long as it is necessary due to statutory limitation periods or retention periods (in particular tax and commercial law nature).

However, the data will be deleted at the latest after expiry of all time limits unless you have expressly consented to further or other use. You can also assert rights during the retention periods, such as blocking your data. See A. Point II. Your data will be erased or blocked by us as soon as the purpose of storage no longer applies or you request us to erase it.

We process and in particular store your data in principle at most only until the termination of the business relationship or until the expiry of the applicable guarantee, warranty and limitation periods. For example, the statute of limitations according to §§ 195 ff. of the German Civil Code (BGB) is generally three years, but in certain cases also up to thirty years. In addition, it may be necessary for data to be retained until the legally binding termination of any legal disputes for which the data is required as evidence.

We are also subject to statutory documentation and storage periods (e.g. from the German Commercial Code (Handelsgesetzbuch, “HGB”) (e.g. § 257 HGB), the German Money Laundering Act or the German Tax Code (Abgabenordnung “AO”) (e.g. § 147 AO)). The time limits specified there for storage or documentation are two to ten years. For example, even after termination of a contract with you, we would be required to store your data for a period of time until the completion of the tax audit of the last calendar year in which you were our customer.


VII. Will personal data be transferred to a third country?

As part of our processing activities, in certain business transactions or areas of activity, personal data may also be transferred to locations in so-called third countries outside the EU or the EEA to which the EU Commission has not yet attested an adequate level of data protection, for example in the USA. If such data transfer should become necessary in individual cases, this will only be done on the basis of an adequacy decision of the European Commission, standard contractual clauses, suitable guarantees for compliance with data protection or your express consent.

Our affiliated companies and partners in third countries can be found in the overview under this link www.hummingbird-systems.com/en/privacy/partners/.

If you accept Cookies from US service providers such as Google, Facebook, LinkedIn, Twitter or YouTube, by clicking on the “Allow all" button when you enter our website you also agree, in accordance with Art. 49 para. 1 sentence 1 letter a GDPR that your data may be processed in the US, as mentioned above. If you click on the button "Deny”, this transfer will not take place.

B. Use of our Websites

In principle, you can visit our Websites and use them for information purposes without having to provide any personal details (e.g. register, place orders or otherwise provide information about yourself). In this case, we process personal data of our users only to the extent necessary to provide a functional Website and our content and services or to the extent that cookies used on the Website provide us with personal information when visiting the Website. For information on our own cookies used by us, please refer to B Section II. Other cookies enable our partner companies or third parties to recognise your browser on your next visit, if applicable. For information on such third party cookies, please refer to B Section III.

In addition, the processing of personal data of our users is carried out regularly only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by statutory provisions.


I. Provision of the Website and creation of log files

Description of data processing
Each time you access our Website, our system automatically collects data and information from the computer system of the accessing computer, which your Internet browser automatically transmits to us or our web host (so-called log files). These server logfiles contain IP addresses or other data that enable an assignment to a user. This could be the case, for example, if the link to the Website from which the user accesses the Website or the link to the Website to which the user switches contains personal data. The following information is collected:

  • information about the browser type and version used
  • the user's operating system
  • the Internet service provider of the user
  • the IP address of the user
  • date and time of access
  • Websites from which the user's system accesses our Website
  • Websites accessed by the user's system through our Website

These data are not stored together with other personal data of the user.

Legal basis and purpose of data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.

The temporary storage of the IP address by the system is necessary to enable delivery of the Website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

The data is stored in log files in order to ensure the functionality of the Website. The data is also used to optimise the Website and to ensure the security of our information technology systems.

Duration of storage / right of objection and elimination
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the purpose of providing the Website, this is the case when the session in question has ended.

When data is stored in log files, this is the case after 24 hours at the latest. Storage going beyond this is possible. In this event, the IP addresses of the users will be erased or alienated so that an assignment of the accessing client is no longer possible. After 24 hours, anonymous data will be available from our provider for 3 months.

The collection of data for the provision of the Website and the storage of data in log files is mandatory for the operation of the Website. Consequently, there is no possibility for the user to object.


II. Cookies and Similar Technologies

Use of cookies

Description of data processing
Our Website uses cookies or similar methods and collects, processes and uses usage data (e.g. access times, visited websites) or meta and communication data (IP address, device information). Cookies are text files with a characteristic string of characters that are stored in the Internet browser or by the Internet browser on the user's computer system and which enable the browser to be uniquely identified when the offer is called up again. If a user calls up a Website, a cookie can be stored on the user's operating system. A cookie contains a characteristic string of characters. The use of these cookies serves to make a website more user-friendly, effective and secure. When you visit a website on which a cookie is embedded, the data you enter is stored exclusively in the cookie on your computer. In this case, data will only be transmitted to the servers of our offer when a page request is made.

Some cookies are deleted after the end of the browser session when your browser is closed (so-called session cookies). These cookies are technically necessary, e.g. so that you can log in to the application and also remain logged in across pages during your visit to our Website.

Other cookies remain on your end device for a specified period of time and enable us to recognize your browser during your next visit (so-called persistent or protocol cookies). The purpose of using these cookies is to provide you with optimal user guidance, to "recognize" you and to present you with as varied a Website and new content as possible when you repeatedly use it.

Cookies from partner companies or third parties may be used, for example, to collect information for advertising, custom content or statistics ("Third Party Cookies"). Unless we identify cookies as originating from third parties, the cookies originate from our offering ("First Party Cookies"). We will inform you separately about third party cookies or tracking technologies that we use in the following sections of our Privacy Policy.

Flash cookies are stored on your computer as data elements of web pages when they are operated with Adobe Flash. Flash cookies have no time limit.

Further information on the individual cookies we use, can be accessed via our Cookie Consent-Tool by clicking the button "Change your consent" and browsing the function groups listed under "Details".

Legal basis and purpose of data processing
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality and security of the Website and a customer-friendly and effective design of the site visit, unless we ask you for consent under Art. 6 para. 1 lit. a GDPR.

The purpose of using technically necessary cookies is to simplify the use of Websites for users. Some functions of our Website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized also after a page change.

On our Website we have included the cookie consent tool "Cookiebot" to obtain consent for the use of certain categories of cookies. This tool blocks all categories of cookies that are not essential for the proper operation of the Website, unless you give your consent to the use of cookies beyond these categories.

Storage duration / right of objection and elimination
Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically.

Thus, an objection to the use of cookies for online marketing purposes may be made by using serveral services, particularly in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ or generally at http://optout.aboutads.info.

However, you can also use the functionalities of the cookie consent tool we have integrated to change or revoke your consent at any time on our website.

If cookies are deactivated for our Website, it is possible that all functions of the Website can no longer be used to their full extent.

2. Cookiebot (Cookie Consent Tool)

Description of data processing
We use the cookie consent tool "Cookiebot" from Cybot A/S, 1058 Copenhagen, Denmark (hereinafter referred to as "Cookiebot"). When you access our website, Cookiebot uses a pop-up window to show you a functional group Cookie list, explains the purpose of the cookie functional groups and the individual cookies and their storage period.You can then switch on the cookies divided into functional groups by ticking the appropriate box and indicate your consent to the use of the cookies, or your consent altogether for all Explain cookies Please note that the technical cookies are already stored when you enter our website and the corresponding field is preset.

Legal basis and purpose of data processing
The legal basis for the processing of personal data using cookies in the Cookiebot is Art. 6 Para. 1 Letter f GDPR to safeguard our legitimate interests in the best possible functionality and security of the website and a customer-friendly and effective design of the site visit. For this purpose, Cookiebot uses technically necessary cookies in order to save the content of the consent you have given for your next visit. The use of such essential cookies serves to simplify the use of websites for users and is therefore required to provide the service. We cannot offer some functions of our website without the use of cookies. For these it is necessary that the browser is recognized even after leaving the page.

Duration of storage / right of objection and elimination
Cookies are stored on the user's device and transmitted to our site by the user. Therefore, as a user, you have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the appropriate settings in your internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically.

However, if you want to check or change your cookie settings, you can call up Cookiebot by clicking the gray button embedded at the bottom left of the website and then clicking the "Change consent" button and reviewing the function groups listed there under "Details". Alternatively, clear your cache and reload the website to make the appropriate settings in Cookiebot.


III. Statistical analysis of the Website / increase of reach

1. Google Analytics

Description of data processing
For our website we used functions of the web analytics service Google Analytics. The provider in Europe is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google") a subsidiary of Google LLC Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics also uses cookies. The information generated by a Google cookie about your use of this website is usually transferred to a Google server in the USA and stored there. Google processes the data and we receive reports about your user behavior. These reports may include, but are not limited to, the following:

  • Target group reports: via target group reports, we get to know our users better and know more precisely who is interested in our service.
  • Behavioral reports: This tells us how you interact with our website. We can track the paths you take on our site and the links you click.
  • Real-time reports: Here we always know immediately what is happening on our website. For example, we can see how many users are reading this text.

Google Analytics uses a tracking code to create a random, unique ID associated with your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our site, you will be recognized as a "returning" user. All collected data is stored together with this user ID. This makes it possible to evaluate pseudonymous user profiles. Through identifiers such as cookies, your interactions on our website are measured. Interactions are all kinds of actions you perform on our website. If you also use other Google systems (such as a Google account), data generated via Google Analytics may be linked to third-party cookies. Google does not share Google Analytics data unless we, as the website operator, authorize it. Exceptions may occur if required by law. The cookies used by Google Analytics can be found in the detailed information of our cookie management tool, which you can view there under the "Change consent" button and then in the function groups listed under "Details" there.

Our website uses Google Analytics exclusively with the extension "anonymizeIp()". Your IP address is thus not stored in full and is shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. The identification of the visitor to the website is excluded. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Incidentally, below we show you an overview of the most important data collected by Google Analytics:

  • Heatmaps: Google creates so-called heatmaps. Heatmaps allow you to see exactly those areas that you click on. This gives us information about where you are "on the move" on our site.
  • Session duration: Google defines session duration as the time you spend on our site without leaving. If you have been inactive for 20 minutes, the session ends automatically.
  • Bounce rate: A bounce is when you view only one page on our site and then leave our site. Account creation: when you create an account or make an order on our website, Google Analytics collects this data.
  • Location: The IP address can be used to determine the country and your approximate location. This process is also known as IP- location determination.
  • Technical information: Technical information includes, but is not limited to, your browser type, internet service provider, or screen resolution.
  • Source of origin: Google Analytics, or us, is of course also interested in which website or which advertising you came to our site from.

This list does not claim to be complete and only serves as a general orientation of the data storage by Google Analytics. For more information about the processing of data by Google, please read the privacy policy of Google: https://policies.google.com/privacy?hl=en.

Legal basis and purpose of data processing
We use Google Analytics to evaluate the use of our website and services, to compile reports on the activities on our website and services and to provide us with other services related to the use of our website and services and internet usage. We also use Google Analytics to analyze data from AdWords and the Double Click cookie for statistical purposes. Since we as website and service operators have a great interest in this analysis of user behavior in order to optimize both our website and services, as well as our offers placed there and our advertising, we ask you to give your consent to the use of Google Analytics and the storage of Google Analytics cookies on the basis of Section 25 (2) TTDSG.

The information generated by the cookie about your use of our website or our services will be transmitted to and stored by Google on servers in the United States. In the event that IP anonymization is activated, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Nevertheless, in exceptional cases, the full IP address may be transmitted to a Google server in the USA and shortened there. By consenting to the activation of cookies used by Google Analytics, you also agree, pursuant to Art. 49 (1) p. 1 lit. a DSGVO, that your data may be processed in the USA, unless the data transfer is secured on the basis of EU standard contractual clauses. The USA is considered by the European Court of Justice to be a country with an insufficient level of data protection according to EU standards. In particular, there is a risk that your data will be processed by U.S. authorities for control and monitoring purposes, possibly without the possibility of legal redress. If you click the "Decline" button in our cookie consent tool or make a limited selection without cookies from Google, the described transfer to Google will not take place. You can revoke the consent you have given at any time with effect for the future.

Google will use this information for the purpose of evaluating your use of the website or services, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. According to its own information, Google may also transfer this information to third parties on its own responsibility if this is required by law or if third parties process this data on behalf of Google. Google has contractually agreed not to associate your IP address with any other data held by Google. In order to safeguard this and the data processing carried out for us, we have concluded a contract with Google for the processing of data on behalf of Google. 

Duration of storage / right of objection and elimination
Cookies are stored on the user's computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.

By installing the browser add-on to deactivate Google Analytics (https://tools.google.com/dlpage/gaoptout?hl=en), you can object to its use. By doing so, you inform Google Analytics that no information about the Website visit should be transmitted to Google Analytics.

Furthermore, you can install an opt-out cookie on your device via this link https://developers.google.com/analytics/devguides/collection/gajs/#disable, in particular for browsers of mobile devices, so that the collection of data by Google Analytics on our Website is prevented in the future. Please note that if you delete cookies from your end device, you must also reinstall the opt-out cookie.

Alternatively, you can also set your cookie preferences via the Cookie Consent Tool we have embedded.

2. Google Tag Manager

Description of data processing
The Google Tag Manager is a solution from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") that allows marketers to manage Website tags through a single interface. The Google Tag Manager itself (which implements the tags) is a domain without cookies and does not collect personally identifiable information. The Google Tag Manager triggers other tags that may themselves collect data. For details of these third parties, please refer to this privacy statement. The Google Tag Manager does not access this information. If you have set cookies to be disabled or otherwise set cookies to be disabled, this will be applied to all tracking tags used with Google Tag Manager, so the tool will not change your cookie settings.

For more information about the Google Tag Manager, see: https://www.google.com/analytics/terms/tag-manager/.

Duration of storage / right of objection and elimination
We use the Tag Manager for the Google services Google Analytics and GA Audience. If you have deactivated these services, the Google Tag Manager will take this into account. See B.III.1 for details on Google Analytics.

3. Double Click

Description of data processing
We use Double Click, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), to place ads on the Google Advertising Network (e.g., in search results, videos, Websites, etc.). Double Click allows us to target users who have already visited our sites and are interested in the service by targeting them on the Google Partner Network pages. For this so-called remarketing, a code from Google is executed directly by Google when calling up our and other Websites on which the Google Advertising Network is active, and so-called (re)marketing tags (invisible graphics or code, also referred to as "web beacons") are integrated into the Website. With the help of this function, individual small text files (so-called cookies) are used which are stored on your computer but do not contain any personal information other than your IP address. The Google Display Network uses these cookies to deliver our advertising material to you in the form of text or image ads. In this file it is noted which Websites the user visits, which contents he is interested in and which offers the user has clicked, furthermore technical information about the browser and operating system, referring Websites, visiting time as well as further information about the use of the online offer.

The IP address of the user recorded by the users is recorded, whereby this is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases completely transferred to a Google server in the USA and shortened there (pseudonymised). Google may also link the above information to such information from other sources. If the user subsequently visits other Websites, ads tailored to the user's profile may be displayed according to the user's presumed interests.

The explanations on Google Analytics apply accordingly.

Further information on the use of data by Google, setting and objection options can be found in Google's data protection declaration (https://policies.google.com/technologies/ads)

Legal basis and purpose of data processing
The use of Double Click is based on our justified interest in the analysis, optimisation and economic operation of our online services.

Duration of storage / right of objection and elimination
You can find out more about possible objections in Google's privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).

4. Facebook Custom Audience

Description of data processing
Our Website uses the visitor action pixel ("Facebook pixel") of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook") to measure conversion.

This allows us to track the behaviour of site visitors after they have been directed to the provider's Website by clicking on a Facebook ad. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes ("Conversion") and future advertising measures to be optimised, for example by identifying visitors to our online offering as a target group for the display of advertisements ("Facebook Ads"). In particular, we may subsequently determine that the Facebook ads placed by us are only displayed to Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products that are determined on the basis of the Websites visited) that we transmit to Facebook (so-called "custom audiences").

The data collected is anonymous to us as the operator of this Website and we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Guidelines (https://www.facebook.com/policy). As a result, Facebook may allow advertisements to be placed on Facebook pages and outside Facebook. This use of data cannot be influenced by us as the site operator.

Please refer to Facebook's Privacy Notice for more information on protecting your privacy https://www.facebook.com/about/privacy/.

Legal basis and purpose of data processing
We use Facebook Custom Audience on the basis of our legitimate interests in the analysis, optimisation and economic operation of our online offering in the sense of Art. 6 Para. 1 lit. f. GDPR, as well as the interest of our users who are already interested in our Website, or who have certain characteristics (e.g. interests in certain topics or products, which are determined on the basis of the visited websites), to specifically address with advertising. Studies have shown that such user-related advertising is more interesting for users than advertising without a personal reference.

Duration of storage / right of objection and elimination
You can deactivate the remarketing function "Custom Audiences" at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook to do this. You can find more information at https://www.facebook.com/settings?tab=ads.

If you do not have a Facebook account, you can disable Facebook's usage-based advertising on the European Interactive Digital Advertising Alliance Website: http://www.youronlinechoices.com/de/praferenzmanagement

5. LinkedIn Analytics

Description of data processing
We use on our Website the LinkedIn Analytics conversion tracking technology of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, offered in Europe and operated by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland ("LinkedIn").
LinkedIn Analytics collects and processes information about user behaviour on our Website. LinkedIn Analytics also uses cookies for this purpose, among other similar technologies, which enable an analysis of your use of our Website. Furthermore, a so-called LinkedIn Insight tag is integrated into the Website, which establishes a connection to LinkedIn servers and informs LinkedIn that you have visited one of our internet presences with your current IP address. If you click on LinkedIn's "Recommend Button" and are logged in  your LinkedIn account, LinkedIn will be able to track your visit to our Website back to you and your account. LinkedIn Analytics also allows us to analyse our own profiles on LinkedIn (e.g. how often downloads by individual registrations have taken place).
For more information about LinkedIn's privacy policy, please visit: https://www.linkedin.com/legal/privacy-policy

Legal basis and purpose of data processing
We use LinkedIn Analytics for marketing and optimisation purposes, in particular to analyse the use of our Website and in order to continuously improve individual functions and offers, as well as the user experience. By statistically evaluating user behaviour, we can improve our services and make them more interesting for our users. This is also our legitimate interest in the processing of the aforementioned data by a third party provider in accordance with Art. 6 para. 1 lit. f GDPR, unless we ask you for your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Duration of storage / right of objection and elimination
Cookies are stored on the user's computer and transmitted by the user to our Website. Therefore you as a user have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies for our Website are deactivated, it may not be possible to use all the functions of the Website to their full extent.
If you are logged in to LinkedIn, you may opt out of LinkedIn's collection of data at any time by following this link: https://www.linkedin.com/psettings/enhanced-advertising

6. Pardot Marketing Automation System (“Pardot MAS”)

Description of data processing
We use the Pardot Marketing Automation System (“Pardot MAS”) provided by PardotLLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA (“Pardot”). Pardot is a salesforce software module for recording and evaluating the use of a website by website visitors. We also use Pardot to control our email campaigns. We use Pardot to measure usage of emails sent using Pardot. For example, it is possible for us to understand the opening rates in e-mails and, for example, to determine which links the recipients of our e-mails click on.

Personal data provided voluntarily is first stored in Pardot to then be processed with the Salesforce CRM system for the purpose of contacting and/or sending information. Salesforce does not store IP addresses, but uses the individual assignment characteristics "unique visitor ID" and "unique identifier".

When visiting this website, the Pardot MAS records the click path of the website visitor and creates an individual user profile using a pseudonym. Cookies are used for this purpose, which enable your browser to be recognized.

Emails sent using Pardot use web beacons as tracking technologies. Web beacons are tiny graphics that allow user behavior, such as opening and reading e-mails and clicking on links, to be analyzed. We use this data to find out what topics are of interest to recipients by tracking whether our emails are opened and which links recipients click on. We will then use this information in the future to improve the emails we send you and the services we provide. This enables us to make the content we offer more relevant and interesting for you.

Legal basis and purpose of data processing
The legal basis is your consent, Art. 6 lit. a GDPR. In order to send you an offer or product information that is as interesting as possible, and if you actively consent to this, it is possible to combine your personal data with the data of a pseudonymised usage profile via the cookies set, if you provide personal data by filling out a form.

Duration of storage / right of objection and elimination
However, you can deactivate the creation of pseudonymised usage profiles at any time by configuring your Internet browser so that cookies from the “pardot.com” domain are not accepted. However, this can lead to certain limitations in the functions and user-friendliness of our offer. You can object to the use of your personal data, such as name and address information, at any time in writing or by email to datenschutz@misaificahummingbird-systems.com. You can revoke your consent at any time with effect for the future.


IV. Further information on procedures, plug-ins and tools used to design the Website

1. SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

2. YouTube

Description of data processing
We may from time to time use content or services provided by YouTube LLC, 901 Cherry Ave on our Website. San Bruno, California, CA 94066, United States (hereinafter referred to as "YouTube"), to include video content on our Website using a plugin. YouTube is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States, a subsidiary of Alphabet, Inc. If you want to play the embedded videos using this plugin (by clicking the Play button), your IP address will be sent to YouTube because YouTube cannot send the video content to your browser without the IP address. The IP address is therefore required for the display. The YouTube server also receives information about which subpage of our Website you have visited. If you are logged into your YouTube account as a YouTube member, you will also be able to assign your usage behaviour directly to your personal profile when playing our videos. For more information about YouTube's data processing practices, please refer to the YouTube section: https://policies.google.com/privacy?hl=en&%3Bgl=de

Legal basis and purpose of data processing
Facebook Connect is used on the basis of our legitimate interests under Art. 6 para. 1 lit. f GDPR to make video content available on our Website.

Duration of storage / right of objection and elimination
To prevent this assignment, please log out of your YouTube profile before playing our video content.


V. Online presences on social networks and platforms

Description of data processing
Hummingbird Systems maintains further online presences within social networks and/or industry networks (LinkedIn, Facebook, XING, Instagram, IndustryArea) (hereinafter also "SN") and platforms (e.g. Youtube) and links to them from our Website. By clicking on the respective buttons (recognizable by the respective logos of the social networks or platforms) you get to the respective online presence of the SN. The purpose of these online presences is to communicate with active customers, interested parties and users and to inform them about our services.

When calling up the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

Legal basis and purpose of data processing
Unless otherwise stated in our data protection declaration, we process user data on the basis of our legitimate interests pursuant to Art. 6 Para. 1 lit. f GDPR effective information of users and communication only if they communicate with us within social networks and platforms (e.g. if users write articles on our online presences or send us messages).

In some cases, the SN maintain servers in the USA to which your data may be forwarded. Details are given in the list below.

Duration of storage / right of objection and elimination
If you are a member of one of the SN on which we maintain online presences and do not want the SN to collect data about you via our service and link it to your data on the SN, you must log out of your SN before visiting our service. For a detailed description of the respective processing operations, information on the duration of the storage of data by the respective SN and the opt-out options, please refer to the information provided by the providers linked below.

Also in the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and give information. Should you nevertheless need help, you can contact us.

Facebook
We maintain a Facebook Company Page ("Fanpage") on the SN of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).

Facebook Ireland is jointly responsible with us for the collection of data from visitors to our Fanpage, which is why we have concluded an agreement with Facebook on the joint processing of personal data in accordance with Art. 26 GDPR, as well as additional data processing conditions:
Controller Addendum: https://www.facebook.com/legal/controller_addendum
Data processing conditions: https://www.facebook.com/legal/terms/dataprocessing/update

We are responsible for providing the data subjects with at least the above and subsequent information on shared responsibility with Facebook. The information from Facebook required under Article 13 para. 1 lit. a) and lit. b) GDPR can be found in the Privacy Policy of Facebook Ireland at https://www.facebook.com/about/privacy.

Facebook Inc, Menlo Park, California, USA (hereinafter: Facebook Inc.) also collects and uses so-called Page Insights for analytical purposes. Page Insights is a compilation of data that allows both us and Facebook Inc. to understand how our users interact with our site. Page Insights may be based on personal information collected in connection with our users' visits or interactions with our Fanpage. For this purpose, we have concluded a Controller Addendum with Facebook (see above), which regulates in particular, which security measures Facebook takes in the context of the Page Insights and how Facebook answers user requests. The purposes for which the collection and transmission of personal data, which constitutes a joint processing of data, is carried, out are described in detail in the Terms of Use referred to in the Controller Addendum above.

Data collected, when users visit our Fanpage otherwise includes information about the types of content users view or interact with, or the actions they take (see "Things you and others do and provide" in Facebook's Privacy Policy: https://www.facebook.com/policy), and information about the devices used by users (e.g., IP addresses, operating system, browser type, language settings, cookie data described in detail in "Device Information" in the Facebook Privacy Policy: https://www.facebook.com/policy)).

However, we share responsibility for the Page Insights by maintaining the Facebook Fanpage and we have therefore agreed with Facebook Ireland, that Facebook Ireland is responsible for complying with the rights of data subjects under Articles 15-20 of the GDPR in respect of personal data held by Facebook Ireland following joint processing. We therefore have an obligation to notify Facebook when we receive data protection enquiries about Pages Insights. Please note, that we will forward requests for Page-Insights to Facebook Ireland. For further information on how Facebook Ireland processes personal data, including the legal basis on which Facebook Ireland operates and the ways in which data subjects can exercise their rights against Facebook Ireland, please refer to the Facebook Ireland Privacy Policy at https://www.facebook.com/about/privacy

The evaluation of the data collected via Page Insights serves to improve our internet presence and for advertising purposes. We maintain our Facebook Fanpage for the purpose of communication with and simple channeling of contact requests from Facebook users. The collection of this data and its further processing is in our legitimate interest and in the legitimate interest of Facebook Inc. in accordance with Art. 6 para. 1 lit. f GDPR.

We would like to point, out that we cannot switch the Page Insights technology on and off. We must therefore largely forward corresponding requests to Facebook-Ireland, unless we have collected data ourselves. If you do not want Facebook Inc. to collect your data, please do not use our Facebook company page and/or set your browser to prevent cookies from being set and/or log out from Facebook while you are using our page.

Privacy Policy:
https://www.facebook.com/about/privacy/, https://www.facebook.com/legal/terms/information_about_page_insights_data
Right of objection:
https://www.facebook.com/settings?tab=ads und http://www.youronlinechoices.com

Instagram
Instagram is a service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Privacy policy/Right of objection:
https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram-Hilfebereich&bc[1]=Privatsph%C3%A4re%20und%20Sicherheit

IndustryArena
IndustryArena GmbH, Katzbergstraße 3, 40764 Langenfeld, Deutschland
Datenschutzerklärung/Widerspruchsmöglichkeit:
https://en.industryarena.com/privacy

Linkedin
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland
Privacy policy:
https://www.linkedin.com/legal/privacy-policy,
Right of objection:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Viadeo
Viadeo is a service of FIGARO CLASSIFIEDS, Siege social, 14 Boulevard Haussmann, 75009 PARIS, France
Privacy policy:
https://www.viadeo.com/en/politique-de-confidentialite
Right of objection:
http://www.viadeo.com/en/politique-cookies

YouTube
Youtube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy:
https://policies.google.com/privacy?hl=en&%3Bgl=de
Right of objection:
https://adssettings.google.com/authenticated

XING
XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland („XING“)
Privacy policy/right of objection:
https://privacy.xing.com/en/privacy-policy


VI. Links to Websites of other providers

Our Website may contain links to other websites. We have no influence whatsoever on the content or design of other providers' websites. The statements in this data protection declaration therefore do not apply to external providers to whose offers or content we merely link with.

If you are forwarded via links from our Website to other websites, please inform yourself there about the respective handling of your data.


VII. Active use of our Website

1. Contact form and e-mail contact

Description of data processing
A contact form is available on our Website, which can be used for electronic contact. If a user makes use of this possibility, the data entered in the respective input mask will be transmitted to us and stored.

Alternatively, it is possible to contact us via the e-mail address provided. In this case the personal data of the user transmitted with the e-mail will be stored.

Legal basis and purpose of data processing
Art. 6 para. 1 lit. f GDPR is the legal basis for the processing of data transmitted in the course of sending a contact form request or an e-mail. If the contact form request or the e-mail contact is intended to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

The processing of personal data from the input mask serves us solely to process the establishment of contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

Duration of storage / right of objection and elimination
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the relevant facts have been conclusively clarified and that no legal requirements call for longer storage.

The user has the possibility to withdraw his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

In this event, all personal data stored in the course of contacting us will be deleted unless legal requirements require longer storage.

2. Newsletters, sweepstakes and surveys

2.1. Newsletter

Description of data processing
We would like to inform our customers and interested parties periodically with promotional messages about our products, services, webinars, innovations or news at Hummingbird Systems by e-mail or other electronic notifications (hereinafter referred to as "Newsletter"). To do so, we require your email address. In the respective newsletter registration forms, additional information may be requested in order to provide you with personalized content tailored to your interests.

You can subscribe to our newsletters by using the corresponding function of a subscription form to subscribe to our newsletter, or during a registration process by ticking a box (so-called opt-in). For this purpose, we provide various options on our Websites or in the context of registration or order interfaces to register for our (possibly topic-specific) newsletters. The details to the respective contents of the newsletters are described concretely in the respective registration form. This description is relevant for your consent.

Following your registration, you will receive an e-mail from us in which you will be asked to confirm your newsletter subscription once again (so-called double opt-in procedure). This confirmation is necessary to exclude the possibility that someone else has misused your e-mail address to subscribe to our newsletter at a different address. Only when you activate the hyperlink sent to your email address will the newsletter be sent to your email address.

For verification purposes, the IP address and the registration date ("timestamp") are stored in addition to your e-mail address and name for the newsletter dispatch.

Legal basis and purpose of the data processing / data recipient
The legal basis for the dispatch of newsletters is the consent given by you as the recipient pursuant to (Art. 6 para. 1 lit. a GDPR, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG), or if consent pursuant to § 7 para. 3 UWG is not required for existing customers, on the basis of our legitimate interest in direct marketing measures pursuant to Art. 6 para. 1 lit. f GDPR in conjunction with § 7 para. 3 UWG. § 7 para. 3 UWG.

The logging of the registration procedure is based on our legitimate interests pursuant to Art. 6 Para. 1 lit. f GDPR in a secure and targeted newsletter system that meets both our business sales interests and the ideas and needs of the recipients, as well as the verifiability of the consents given.

Duration of storage / right of objection and elimination
You can object to the dispatch of the newsletter at any time or withdraw your consent to receive the newsletter in whole or in part. You will find an unsubscribe link at the end of each newsletter. This will take you to our Preference Centre where you can unsubscribe from all newsletters by clicking on the link "no more e-mails" or make a topic-specific selection in the event of a partial objection. You can also contact us directly under: datenschutz@misaificahummingbird-systems.com

By unsubscribing the newsletter, the business communication is not affected. Your data will be stored by us for the purpose of contract processing, our support and services, software updates or registration for events. In addition, we reserve the right to store the necessary proofs until the statutory limitation periods have expired in order to provide evidence of a legally compliant newsletter mailing.

2.2 Sweepstakes and surveys

Description of data processing
From time to time we ask users who have agreed to be contacted by e-mail, or customers to participate in surveys (eg; customer satisfaction), possibly with the option to participate in a raffle. Participation in a survey and/or raffle is voluntary.

Anonymous participation: If a user participates anonymously in a survey, the data entered by him will be transmitted to us and stored. In this case, only the usage data (so-called "log files", in particular the IP address, see also the explanations under B.I) collected as visitors to our Website or in the context of the technical provision of the survey are recorded.

Participation in a lottery: If the user wishes to participate in a lottery, he must also enter his contact data in the form (surname, first name, company, address, email address).

Legal basis and purpose of the data processing / data recipient
The legal basis for the processing of the data transmitted to us in the course of sending a survey is our legitimate interest in the optimisation of our products and services and market research, as well as in the associated technical implementation of the survey or prevention of misuse of the survey form and ensuring the security of our information technology systems (Art. 6 para. 1 lit. f GDPR). If you take part in a lottery, the legal relationship arising from your participation is subject to the additional legal basis for the processing of your user and contact data Art. 6 Para. 1 lit. b GDPR for the provision, execution and handling of the lottery.

On the basis of our legitimate interests (Art. 6 para. 1 lit. f DSGO) in conjunction with Art. 28 GDPR, we use the software of the service provider SurveyMonkey Inc., 3050 S. Delaware Street, San Mateo, CA 94403, USA (provided in Europe by SurveyMonkey Europe UC 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland) (hereinafter referred to as "SurveyMonkey") for our online surveys, for sending the survey emails and for the technical implementation of the surveys.

SurveyMonkey uses the information you enter to provide us with reports to analyze customer satisfaction. SurveyMonkey also uses its own cookies to ensure that each respondent can only participate once in a survey, or to track survey completion rates (see help.surveymonkey.com/articles/de/kb/About-the-cookies-we-use for more information). According to SurveyMonkey, it also uses aggregated and anonymized data to optimize or develop its own services through the respondent's use of the online survey and to create industry trends, improve the user experience of surveys, or improve the completion rate of surveys. For more information about SurveyMonkey's privacy practices, please visit: https://www.surveymonkey.de/mp/legal/privacy-policy/#data-controller

Duration of storage / right of objection and elimination
The data will be deleted as soon as the survey or the raffle has been completed and in the latter case the winner has been informed and questions regarding the raffle can no longer be expected. In addition, data of winners of a raffle will be kept for the duration of the legal warranty period in question until the prize has been won and depending on the type of prize (in particular in the case of material prizes or services).

The user has the possibility to revoke the processing of his personal data at any time. Please note that in this case participation in the raffle may no longer be possible. Information on how to remove cookies set by SurveyMonkey can be found at https://help.surveymonkey.com/articles/de/kb/About-the-cookies-we-use

3. Registration for events / courses or seminars

Description of data processing
On our Website you will find registration forms with which you can register for various Hummingbird Systems events, courses or seminars. If a user makes use of this option, the data entered in the respective input mask will be transmitted to us and stored.

In doing so, we process the data that can be seen from the respective input forms (obligatory data are usually marked with the suffix *).

We process and use the data collected here for the purposes of processing registrations and holding the respective events, courses or seminars. Further details on the legal and organisational framework can be found in the underlying conditions of participation.

Legal basis and purpose of data processing
The legal basis for the processing of data sent in the course of an electronic application is Article 6 para. 1 lit. b GDPR, otherwise Article 6 para. 1 lit. f GDPR, based on the intended conclusion of a contract.

The processing of the personal data from the input mask serves us to process the respective registration as well as to plan and carry out the respective events.

Duration of storage / right of objection and elimination
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. This is usually the case for the personal data from the input mask in the registration when the respective event has ended.

All personal data stored in the course of establishing contact will be deleted at the latest if no legal requirements call for longer storage.

4. Trade fairs, courses, seminars or other events ("events")

Description of data processing
If you take part in courses, seminars or other events organized by us or visit us at our stands at trade fairs where we are represented, we ask you to fill out or confirm so-called "lead forms" if you are interested in our services and products for further contact and information. The scope of the data requested and provided by you is specified in the respective form. Business cards are regularly handed out to our employees with the request to be contacted. The data from your lead sheets or business cards can be passed on to our locally or objectively responsible affiliated companies and partners depending on the location of the event or your usual whereabouts and nature of your interests: https://hummingbird-systems.com/privacy/partners.html

We would like to point out that, depending on the type of event, we take photos and film/sound recordings at the venue. The recordings may be published on our Website or other Websites or in the media. In particular, we process recordings for the purpose of advertising, marketing, press and public relations work and reporting in connection with our events through publication and use. This does not involve an identifiable recording of uninvolved persons or the targeted recording of objects that are suitable for the indirect identification of persons by us. We will not publish images that demean, degrade, expose or debase the person depicted, interfere with his or her privacy or violate his or her personal interests in any way.

If, in an individual case, photographs are taken of you as individuals by whom you are clearly identifiable and recognisable, the photographer will, if possible, contact you in advance in order to obtain your verbal consent. Please note that - particularly when participating in public events where photographs or film/sound recordings are usually made - consent can also be implied, for example if you pose for the photographer yourself. No separate permission is required for the depiction of larger groups of people at events where photography does not focus on the individual. If you do not wish to be photographed, please inform the photographer.

Legal basis and purpose of data processing
If you participate in courses, seminars or other events organised by us, the legal basis for the processing of the data processed in the course of specific requests for pre-contractual information is Article 6 para. 1 lit. b GDPR, on the basis of the intended conclusion of a contract your consent pursuant to Article 6 para. 1 lit. a GDPR, otherwise Article 6 para. 1 lit. f GDPR.

Photos, film or sound recordings are produced on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR for the purpose of documentation and advertising of our events. If, in individual cases, we wish to process and use recordings on which individuals are identifiable, we will obtain consent in accordance with Art. 6 para. 1 lit. a GDPR.

Duration of storage / right of objection and elimination
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. This is usually the case for the personal data from the input mask of the registration when the respective event has ended.

All personal data stored in the course of establishing contact will be deleted at the latest if no legal requirements require longer storage.

C. Contractual relationships with customers and business partners


I. Am I obliged to provide data?

Further information on the individual cookies we use, can be accessed via our Cookie Consent-Tool by clicking the button "Open cookie settings" and browsing the function groups listed there.

Legal basis and purpose of data processing
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality and security of the Website and a customer-friendly and effective design of the site visit, unless we ask you for consent under Art. 6 para. 1 lit. a GDPR.

The purpose of using technically necessary cookies is to simplify the use of Websites for users. Some functions of our Website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized also after a page change.

On our Website we have included a tool for obtaining consent for the use of certain categories of cookies ("Cookie Consent-Tool"). This tool blocks all categories of cookies that are not essential for the proper operation of the Website, unless you give your consent to the use of cookies beyond these categories.

Storage duration / right of objection and elimination
Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically.

Thus, an objection to the use of cookies for online marketing purposes may be made by using serveral services, particularly in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ or generally at http://optout.aboutads.info.

If cookies are deactivated for our Website, it is possible that all functions of the Website can no longer be used to their full extent.


II. Communication

In principle, we collect the necessary data from you ourselves through personal contact. Of course, you can also contact us by telephone, fax, post or alternatively via our e-mail address (see Legal Notice) or via the e-mail addresses of our employees provided to you. In the latter case, the personal data transmitted with the e-mail will be stored. Please note that e-mail communication is not encrypted for technical reasons.

Your data will be used for the processing of the conversation and the post-processing of the respective inquiry or meeting contents. Your data will be processed on the basis of Art. 6 para. 1 lit. b GDPR if the communication is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures.

In all other cases, processing is based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) in the effective processing of enquiries addressed to us.

In this context, the data will not be passed on to third parties unless it is necessary to pursue our claims or legitimate interests (Art. 6 para. 1 lit. f GDPR) or there is a legal obligation to do so (Art. 6 para. 1 lit. c GDPR).


III. Data processing within the framework of distribution

Personal data will be processed on the basis of Art. 6 Para. 1 lit. b GDPR in order to provide the service you have commissioned us to provide, in particular to implement our contracts or pre-contractual measures, as well as all activities required for the operation and administration of Hummingbird Systems.

The resulting purposes of data processing shall primarily depend on the activities and individual services specifically agreed with you and may include, but are not limited to, consulting activities or activities within the scope of controlling sales processes (e.g. compiling documents, sending Hummingbird Systems product or event information, providing Hummingbird Systems services) or accompanying sales negotiations and concluding contracts.

Further details on the scope, purpose and recipients of your data can be found in the relevant contractual documents and associated terms and conditions.

To the extent necessary within the framework of our operational processes, we process your data in connection with our services beyond the actual fulfilment of the contract to safeguard our legitimate interests (Art. 6 para. 1 lit. f GDPR).

In connection with the offer or provision of our services, we may be subject to special legal obligations, such as requirements of tax legislation. The purposes of processing your data may therefore include, among other things, compliance with fiscal control and reporting obligations, customs or export regulations and the assessment and control of risks. The data processing required for this is based on Art. 6 para. 1 lit. c GDPR.


IV. Transmission of data

Depending on the scope of the service, your data or documents may be passed on to public authorities or private service providers or persons with whom we cooperate on a regular basis during the enquiry or offer phase as well as during the execution of the contract (see Section A, Section V).

D. Miscellaneous

Due to the further development of our Website or our offers as well as due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access the current data protection declaration on our Website at any time and print it out if necessary.

mobile-s mobile-m mobile-l tablet desktop-s desktop-m desktop-l desktop-xl