Legal & Privacy
TANGANY – PRIVACY POLICY
Information according to Art. 13 and 14 GDPR on the processing of your personal data
Tangany GmbH hereby informs you about the processing of your personal data and the rights to which you are entitled under data protection law.
1. Name and address of the person responsible
Tangany GmbH
Brienner Str. 53
80333 Munich
Germany
Tel.: +49 89 9982095-70
Email: info@tangany.com
2. Name and contact of the data protection officer
DP Dock DPO Services GmbH
Wolfgang von Sandersleben
Grüffkamp 10
24159 Kiel
Germany
Email: privacy@tangany.com
3. Categories of data collected
3.1 Provision of the website
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The type and amount of data transmitted and processed depend on the Internet browser you are using and its configuration and typically includes:
the accessed website,
source/reference from where you got to the page,
the browser used,
the operating system used,
the IP address used and
the language you prefer.
Of this data, the following are stored in the log files of our web server:
the accessed website,
source/reference from where you got to the page,
the browser used,
the operating system used,
the IP address used
as well as
in the case of authenticated access, the login name used,
date and time of the access,
success or error status of the retrieval and
the amount of response data transmitted.
This data is not stored together with other personal data of the user. The temporary storage of the IP address by the system is necessary to enable the provision of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session, after which it is deleted. The storage in log files is done to ensure the functionality of the website. In addition, we use the data to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
3.2 Provision of our services and products
The subject matter of the commissioned processing of Personal Data under this policy comprises the following data categories:
Personal master data (key personal data)
Contact data
Key contract data (contractual/legal relationships, contractual or product interest)
Customer history with Tangany (incl. transaction history)
Information about the assets stored with Tangany
Disclosed information (from third parties, e.g. credit reference agencies or from public directories)
The legal basis for this is Art. 6 (1) (b) GDPR, i.e. you provide us with the data on the basis of the contractual relationship between you and us. Insofar as we do not use your contact details for advertising purposes, we save the data collected for processing the contract.
4. Data transfer
Within Tangany, your data will be passed on to those departments that need them to fulfill our contractual and legal obligations. Processors used by Tangany can also receive data for the same purposes. These are companies to which Tangany outsources services. These can be assigned to the categories of financial services, IT services, logistics, printing services and debt collection, among others.
You may find the list of our sub-processors here:
Cloud hosting
Microsoft Ireland Operations Limited
Block B, Carmanhall Road, Sandyford Business Estate, Dublin 18
256796
Ireland
Accounting
sevDesk GmbH
Hauptstraße115 77652 Offenburg
Freiburg HRB710506
Germany
Digital contracts based on eIDAS
DocuSign Germany GmbH
Neue Rothofstrasse 13-19 60313 Frankfurt
HRB 111200
Germany
Newsletter
Mailchimp, c/o The Rocket Science Group, LLC
675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA
EU372008134
USA
Sales
Pipedrive OU
Mustamäe tee 3a, Tallinn, Harjumaa 10615
11958539
Estonia
Video-ident verification
Deutsche Post AG
Charles-de-Gaulle-Straße 20, 53113 Bonn
Bonn HRB 6792
Germany
Client support desk
Freshworks GmbH
Neue Grünstraße 17 10179 Berlin
HRB 176669 B
Germany
Webhosting
Neue Medien Münnich GmbH
Hauptstraße 68 | D-02742 Friedersdorf
Dresden HRB 21708
Germany
VoIP phone
BroadSoft Germany GmbH
Lothringer Straße 56 D-50677 Köln
Köln HRB 80257
Germany
5. Data retention
If necessary, Tangany will process and store your personal data for the duration of the business relationship, which includes, for example, the initiation and execution of a contract.
Tangany processes and stores personal data only as long as it is necessary for the fulfilment of contractual and legal obligations. In other words, if the data is no longer necessary for the fulfilment of contractual or legal obligations, it is regularly deleted, unless further processing is necessary for the following purposes, for example: a) Fulfilment of the retention periods under commercial and tax law, as defined by the following laws: Commercial Code (HGB), Fiscal Code (AO), Banking Act (KWG), Money Laundering Act (GWG) and Securities Trading Act (WpHG). The periods of retention or documentation stipulated there are between two to ten years. b) Preservation of evidence within the scope of the statute of limitations. According to Paragraphs§§ 195 et sqq.ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years. The legal basis for this arises from Art. 17 (3) (e) GDPR and Art. 6 (1) (f) GDPR.
6. Data transfer to third countries
A transfer of personal data to third countries (countries outside the European Economic Area (EEA)) only takes place if the EU Commission has confirmed an adequate level of data protection in the third country or if other appropriate data protection guarantees (e.g. binding internal company data protection regulations) are in place.
As a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed Standard Contractual Clauses with the provider in accordance with Art. 46 (2) (c) GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. Whether the conclusion of standard contractual clauses is sufficient or whether additional measures are necessary in the sense of the "Schrems II" decision of the European Court of Justice, we evaluate in the context of an ongoing review and ensure an adequate level of data protection through further measures if necessary.
7. Automated decision making and profiling
We do not use automated decision-making or profiling.
8. Right to Object
If the data processing is based on Art. 6 (1) lit. e or lit. f GDPR, you have the right to object to the processing of your personal data for reasons that arise from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you object, we will no longer process your personal data concerned, unless we can prove compelling reasons worthy of protection for the processing that outweigh your interests, rights and freedom or the processing serves to assert, exercise or defend legal claims (right to object according to Art. 21 (1) GDPR)
If your personal data is are processed in order to operate direct mail, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail. If you object, your personal data will be
subsequently no longer used for the purpose of direct mail (objection according to Art. 21 (2) GDPR).
If you are of the opinion that the processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence or the place of the alleged violation.
9. Data subject’s rights
You have the following rights according to the GDPR:
Right of access about to your personal data stored by us in accordance with Art. 15 GDPR; In particular, you can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, if it was not col-lected directly from you,
Right to correct incorrect data or to complete correct data in accordance with Art. 16 GDPR,
Right to deletion of your data stored by us in accordance with Art. 17 GDPR as long as no statutory or contractual retention periods or other statutory obligations or rights for further storage are to be observed,
Right to restriction of the processing of your data in accordance with Article 18 GDPR, insofar as the accuracy of the data is disputed by you and the processing by us is unlaw-ful, but you refuse allowance for deletion; the person responsible no longer needs the data, but you need them to assert, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR,
Right to data portability in accordance with Article 20 GDPR, the right to receive select-ed data stored by us about you in a common, machine-readable format, or to re-quest transmission to another person responsible,
Right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
10. Functions and offers on our website
10.1 Cookies
Our websites and pages use what the industry refers to as “cookies.”. Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.
In some cases, it is possible that third-party cookies are stored on your device once you enter our site (third-party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g., cookies for the processing of payment services).
Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g., the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.
Cookies, which are required for the performance of electronic communication transactions (required cookies) or for the provision of certain functions you want to use (functional cookies, e.g., for the shopping cart function) or those that are necessary for the optimization of the website (e.g., cookies that provide measurable insights into the web audience), shall be stored on the basis of Art. 6 (1) lit. (f) GDPR, unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of cookies to ensure the technically error free and optimized provision of the operator’s services. If your consent to the storage of non-essential cookies has been requested, the respective cookies are stored exclusively on the basis of the consent obtained (Art. 6 (1) lit. (a) GDPR); this consent may be revoked at any time.
You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.
In the event that third-party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Privacy Policy and, if applicable, ask for your consent.
11.2 Hosting with All-Inkl
We host our website with All-Inkl. The Provider is the ALL-INKL.COM – Neue Medien Münnich, owner: René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany (hereinafter “All-Inkl”). For details, please visit the privacy policy of All-Inkl: https://all-inkl.com/datenschutzinformationen/.
The use of All-Inkl is based on Art. 6 ((1)) lit. (f) GDPR. We have a legitimate interest in the most reliable representation of our website. If a corresponding consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 (1) lit. (a) GDPR; the consent can be revoked at any time.
11.2.1 Data processing
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
11.3 Contact form
If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.
The processing of these data is based on Art. 6 (1) lit. (b) GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) lit. (f) GDPR) or on your agreement (Art. 6 (1) lit. (a) GDPR) if this has been requested.
The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data or if the purpose for which the information is being archived no longer exists (e.g., after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions, in particular retention periods.
11.4 Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.
The Google Tag Manager is used on the basis of Art. 6 (1) lit. (f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If the relevant consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) lit. (a) GDPR; the consent can be revoked at any time.
11.5 Google Analytics
Our website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called cookies.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
We only use Google Analytics with IP anonymisation activated. This means that the IP address of the user is shortened.
The processing of Google Analytics is carried out in accordance with Art. 6 (1) lit. (a) GDPR on the basis of your consent. We have concluded an order processing agreement with the service provider, in which we oblige him to protect our customers' data and not to pass it on to third parties.
As a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. (c) GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the USA.
The terms of use of Google Analytics and information on data protection can be accessed via the following links: https://marketingplatform.google.com/about/analytics/terms/en/ as well as at https://www.google.de/intl/en/policies/.
The data is deleted after two months. Deletion of data at user and event level linked to cookies, user identifiers (e.g. user ID) and advertising IDs is not possible.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at URL https://tools.google.com/dlpage/gaoptout?hl=de.
For information on how Google Analytics handles user data, please see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de
11.6 Google Ads
The website operator uses Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display ads in the Google search engine or on third-party websites, if the user enters certain search terms into Google (keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g., location data and interests; target group targeting). As the website operator, we can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks.
The use of Google Ads is based on Art. 6 (1) lit. (f) GDPR. The website operator has a legitimate interest in marketing the operator’s services and products as effectively as possible.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:
https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.
11.7 Re-targeting
This website uses the functions of Google Analytics Remarketing. The provider of these solutions is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Remarketing analyzes your user patterns on our website (e.g., clicks on specific products), to allocate a certain advertising target groups to you and to subsequently display matching online offers to you when you visit other online offers (remarketing or retargeting).
Moreover, it is possible to link the advertising target groups generated with Google Remarketing to device encompassing functions of Google. This makes it possible to display interest-based customized advertising messages, depending on your prior usage and browsing patterns on a device (e.g., cell phone) in a manner tailored to you as well as on any of your devices (e.g., tablet or PC).
If you have a Google account, you have the option to object to personalized advertising under the following link: https://www.google.com/settings/ads/onweb/.
The use of Google Remarketing is based on Art. 6 (1) lit. (f) GDPR. The website operator has a legitimate interest in the marketing of the operator’s products that is as effective as possible. If a respective declaration of consent was requested, processing shall occur exclusively on the basis of Art. 6 (1) lit. (a) GDPR; the given consent may be revoked at any time.
For further information and the pertinent data protection regulations, please consult the Data Privacy. Policies of Google at: https://policies.google.com/technologies/ads?hl=en.
Formation of Target Groups with Customer Reconciliation
For the formation of target groups, we use, among other things, the Google Remarketing customer reconciliation feature. To achieve this, we transfer certain customer data (e.g., email addresses) from our customer lists to Google. If the respective customers are Google users and are logged into their Google accounts, matching advertising messages within the Google network (e.g., YouTube, Gmail or in a search engine) are displayed for them to view.
11.8 Facebook plugins
To measure conversion rates, this website uses the visitor activity pixel of Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.
This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.
For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data.
The use of Facebook Pixel is based on Art. 6 (1) lit. (f) GDPR. The operator of the website has a legitimate interest in effective advertising campaigns, which also include social media. If a corresponding agreement has been requested (e.g., an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 (1) lit. (a) GDPR; the agreement can be revoked at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.
In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: https://www.facebook.com/about/privacy/.
You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.
If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
11.9 Twitter plugin
We have integrated functions of the social media platform Twitter into this website. These functions are provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. While you use Twitter and the “Re-Tweet” function, websites you visit are linked to your Twitter account and disclosed to other users. During this process, data are transferred to Twitter as well. We must point out, that we, the providers of the website and its pages do not know anything about the content of the data transferred and the use of this information by Twitter. For more details, please consult Twitter’s Data Privacy Declaration at: https://twitter.com/en/privacy.
The use of Twitter plug-ins is based on Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. If a respective declaration of consent has been obtained, the data shall be processed exclusively on the basis of Art. 6 (1) lit. (a) GDPR. This declaration of consent may be revoked at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
You have the option to reset your data protection settings on Twitter under the account settings at https://twitter.com/account/settings.
11.10 Newsletter
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletter we use newsletter service providers, which are described below.
11.11 Mailchimp
This website uses the services of MailChimp to send out its newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
Among other things, MailChimp is a service that can be deployed to organize and analyze the sending of newsletters. Whenever you enter data for the purpose of subscribing to a newsletter (e.g. your e-mail address), the information is stored on MailChimp servers in the United States.
With the assistance of the MailChimp tool, we can analyze the performance of our newsletter campaigns. If you open an e-mail that has been sent through the MailChimp tool, a file that has been integrated into the email (a so-called web-beacon) connects to MailChimp’s servers in the United States. As a result, it can be determined whether a newsletter message has been opened and which links the recipient possibly clicked on. Technical information is also recorded at that time (e.g. the time of access, the IP address, type of browser and operating system). This information cannot be allocated to the respective newsletter recipient.
Their sole purpose is the performance of statistical analyses of newsletter campaigns. The results of such analyses can be used to tailor future newsletters to the interests of their recipients more effectively.
If you do not want to permit an analysis by MailChimp, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message.
The data is processed based on your consent (Art. 6 (1) lit. (a) GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.
The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:
https://mailchimp.com/eu-us-data-transfer-statement/ and
https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. (f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.
For more details, please consult the Data Privacy Policies of MailChimp at: https://mailchimp.com/legal/terms/.
11.12 Google Web Fonts
To ensure that fonts used on this website are uniform, this website uses so-called Web Fonts provided by Google. When you access a page on our website, your browser will load the required web fonts into your browser cache to correctly display text and fonts.
To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Web Fonts is based on Art.
6(1)(f) GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If a respective declaration of consent has been obtained (e.g., consent to the archiving of cookies), the data will be processed exclusively on the basis of Art. 6 (1) lit. (a) GDPR. Any such consent may be revoked at any time.
If your browser should not support Web Fonts, a standard font installed on your computer will be used.
For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under:
https://policies.google.com/privacy?hl=en.
11.13 Google Maps
This website uses the mapping service Google Maps. The provider is Google Ireland Limited (“Google”), 15 / 18 Gordon House, Barrow Street, Dublin 4, Ireland.
To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer. In case Google Maps has been activated, Google has the option to use Google web fonts for the purpose of the uniform depiction of fonts. When you access Google Maps, your browser will load the required web fonts into your browser cache, to correctly display text and fonts.
We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR. If a respective declaration of consent has been obtained, the data shall be processed exclusively on the basis of Art. 6 (1) lit. (a) GDPR. This declaration of consent may be revoked at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.
11.14 Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to determine whether data entered on this website (e.g., information entered into a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g., IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google.
reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.
Data are stored and analyzed on the basis of Art. 6 (1) lit. (f) GDPR. The website operator has a legitimate interest in the protection of the operator’s websites against abusive automated spying and against SPAM. If a respective declaration of consent has been obtained, the data will be processed exclusively on the basis of Art. 6(1)(a) GDPR. Any such consent may be revoked at any time.
For more information about Google reCAPTCHA please refer to the Google Data Privacy Declaration and Terms Of Use under the following links:
https://policies.google.com/privacy?hl=en and
https://policies.google.com/terms?hl=en.
11.15 Wordfence
We have included Wordfence on this website. The provider is Defiant Inc, Defiant, Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter Wordfence).
Wordfence is designed to protect our website from unwanted access or malicious cyberattacks. To accomplish this, our website establishes a permanent connection with Wordfence’s servers, which check and block their databases against access to our website.
The use of Wordfence is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the most effective protection of his website against cyberattacks. If the appropriate consent has been requested, processing will be carried out exclusively on the basis of Art. 6 (1) lit. (a) GDPR; consent may be revoked at any time.
Data transmission to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:
https://www.wordfence.com/help/general-data-protection-regulation/.
11.16 Microsoft Application Insights
On our Tangany Partner Portal, we use Application Insights, a web analytics service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”).
We use Application Insights to improve our service and to detect issues earlier. Application Insights places a cookie in the browser of the visitor of the web pages which allows for an analysis of your use of the site. The information generated by the cookie about your use of our website are usually transferred to a server of Microsoft in the US or Europe and stored there. On our behalf as a website operator, Microsoft will use this information to evaluate your use of the website, compiling reports on website activity and providing other information on website usage and internet related services to us as a website operator. You can reject the required placing of the cookie – for example by settings in your browser which generally disable the automatic placing of cookies or adjust your browser so that cookies are blocked by Microsoft. However, we would like to point out that in this case you might not be able to use Tangany Partner Portal.
Further information from Microsoft about privacy and Azure can be found at:
https://azure.microsoft.com/en-us/explore/trusted-cloud/privacy/
12. Social Media Links
Social networks (LinkedIn,Twitter and YouTube) are only integrated on our website as links to the corresponding services. After clicking on the embedded text/image link, you will be redirected to the page of the respective provider. User information is only transferred to the respective provider after the forwarding. For information on the handling of your personal data when using these websites, please refer to the respective data protection regulations of the providers you use.
13. Subject to change
We reserve the right to adapt or update this data protection declaration if necessary in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take into account changes to our services, e.g. when introducing new services. The current version applies to your visit.
14. Filing complaints:
You can file a complaint concerning our processing of your personal data with the competent data protection authority.
The competent data protection authority for us is:
The data protection authority responsible for us is the Bavarian state office for data protection supervision:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Telefon: +49 (0) 981 180093-0
Telefax: +49 (0) 981 180093-800
E-Mail: poststelle@lda.bayern.de
Status of this data protection declaration: March 2023