Hosting and E-Mail distribution
The web services of Tilda Publishing used by us serve the provision of the following services: Infrastructure and platform services, computing capacity, storage space and database services, e-mail delivery, security services and technical maintenance services that we use for the purpose of operating this website.
We, or our hosting provider, collect the following data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO/GDPR data on each access to the server on which this service is located (so-called server log files). Access data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for a maximum of 7 days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.
An order processing contract has been signed with the provider. You can find the provider's data protection declaration here: https://tilda.cc/privacy/
Marketing measures and data collection
On the basis of our legitimate interests pursuant to Art. 6 (1) (f) DSGVO/GDPR and an order processing contract with the respective companies pursuant to Art. 28 (3) (1) DSGVO/GDPR, pseudonymous data is collected, as far as technically feasible by us, which serves us for the evaluation and optimisation of our services.
Google Analytics, Google Tag Manager
Google will use this information on our behalf to evaluate the use of our website by users, to compile reports on activities within this website and to provide us with other services associated with the use of this website and the Internet. Pseudonymous user profiles of the users can be created from the processed data.
We use Google Analytics only with activated IP anonymisation. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The IP address transmitted by the user's browser is not merged with other Google data.
Further information on the use of data for advertising purposes by Google, setting and objection options can be found on the websites of Google: https://www.google.com/intl/de/policies/privacy/partners/ ("Use of data by Google for your use of websites or apps of our partners"), http://www.google.com/policies/technologies/ads ("Use of data for advertising purposes"), http://www.google.de/settings/ads ("Manage information that Google uses to show you advertising") and http://www.google.com/ads/preferences/ ("Determine which advertising Google shows you").
We send newsletters via the mail order service "MailChimp", a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The data protection regulations of the shipping service provider can be viewed here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection level: (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active).
The shipping service provider can use the recipient's data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes. However, the shipping service does not use the data of our newsletter recipients to write them down itself or to pass the data on to third parties.
A success measurement is also implemented via Mailchimp, which is possible via a tracking pixel that is retrieved from our server when the newsletter is opened or, if we use a shipping service provider, from their server. Within the scope of this retrieval, information about the browser and your system, as well as your IP address and time of retrieval, is collected.
This information is used to technically improve the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined using the IP address) or access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our endeavour, nor, if used, that of the shipping service provider, to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.
A separate revocation of the success measurement is unfortunately not possible, in this case the entire newsletter subscription must be cancelled.
Within our online offer, we use the "Facebook pixel" of the social network Facebook, which is provided by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").
The Facebook pixel enables Facebook, on the one hand, to determine the visitors of our online offering as the target group for the presentation of ads ("Facebook ads"). Accordingly, we use Facebook pixels to display Facebook ads placed by us only to those Facebook users who have shown an interest in our online offering or who have certain features (e.g., interests in certain topics or products that are determined on the basis of the websites visited) that we transmit to Facebook (so-called "custom audiences"). Using Facebook pixels, we also want to ensure that our Facebook ads match the potential interest of users and are not annoying. Using Facebook pixels, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing if users were referred to our website after clicking on a Facebook ad (known as "conversion").
Facebook processes the data in accordance with Facebook's data usage policy. Accordingly, general information on the presentation of Facebook ads is provided in Facebook's data usage policy: https://www.facebook.com/policy. Specific information and details about Facebook pixels and how they work can be found in the Facebook help section: https://www.facebook.com/business/help/651294705016616.
If we ask users for their consent (e.g. in the context of a cookie agreement), the legal basis for this processing is Art. 6 para. 1 lit. a. DSGVO/GDPR. Otherwise, the personal data of the user will be processed on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online service within the meaning of Art. 6 Para. 1 lit. f. of the German Data Protection Act). DSGVO/GDPR).
Facebook is certified under the Privacy Shield Agreement and thereby assures that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
You may object to the Facebook pixel collection and use of your data to display Facebook ads. To set what types of ads you see within Facebook, you can go to the page set up by Facebook and follow the instructions on how to set up usage-based ads: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
Basically, you have the rights to information, correction, deletion, restriction, data transferability, revocation and objection. If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority. In Austria, this is the data protection authority.