VERSION: APRIL 2021
The way we process your data at Tradebyte is similar for most of our offers. Diese Datenschutzerklärung gilt daher für alle Dienste und Leistungen, die wir unseren Kunden in Europa anbieten. Und zwar unabhängig davon, ob wir das über eine Webseite, telefonisch, auf Veranstaltungen oder über andere Kanäle tun. . In order to increase the comprehensibility, we use the term “services” in summary for this “standard case”.
- What data is stored by Tradebyte.
- What we do with this data and what they are needed for.
- Which data protection rights and options you have.
- What technologies and data we use for advertising.
1. Which data does Tradebyte process?
In addition, we primarily collect data when you interact with our websites (for example, information about which device you use), at events carried out by Tradebyte (e.g. ECD), as well as in business relationships with or applications to Tradebyte.
When we talk about “your data,” we mean personal information. This is all information that we could use to identify you directly or in combination with other information. Examples: Your name, your telephone number, your customer number, order numbers or your email address. Any information we cannot identify you with, including through combination with other information, is considered non-personal information. Non-personal data is also referred to as anonymous data. When we combine your personal information with anonymous data, all data in that data set will be considered personal information. If we delete personal information from any information or record relating to you, then the remaining data in that data set will cease to be personal information. This procedure is called anonymization. Basically, if we ask you to provide certain personal information, you can of course choose not to do so. You decide what information you disclose to us. However, we may in some cases not (or not optimally) be able to provide you with the desired services. This may for example be the case in the context of the presentation of the website.
1.1. Contact data
If you contact us, e.g. to express your interest, to register for a training or webinar, we collect your contact data. Your contact details may include your name, affiliation, postal addresses, telephone numbers, fax numbers, email addresses, and similar contact details, depending on how you contact us (e.g. by contact form, telephone, or email).
1.2. Conversation subjects, contact forms and Infocenter (log-in)
When you communicate with us or other users by telephone, post, social media, contact forms or otherwise, we collect the content of your messages. In this context, we process data solely for the purpose of communicating with you or to enable you to communicate with other users. We use a cookie from our service provider Hubspot as part of the contact form to collect individual personal data for the purposes of user analysis on the website. For more information, see below “3.6 Hubspot”.
1.3. Social network data
Tradebyte maintains profile pages (also called “fanpages”) in various social networks. Additionally, Tradebyte services may incorporate social networking features. These can be messenger services and social plug-ins. If you are in direct contact with us through our social media profiles or if you use social networking features integrated into our services and you are a member of the respective social network, we may receive data from the social network operator that identifies you. As a rule, we can see the following data:Tradebyte maintains profile pages (also called “fanpages”) in various social networks. Additionally, Tradebyte services may incorporate social networking features. These can be messenger services and social plug-ins. If you are in direct contact with us through our social media profiles or if you use social networking features integrated into our services and you are a member of the respective social network, we may receive data from the social network operator that identifies you. As a rule, we can see the following data:
- Your public profile information stored in the respective social network (e.g. name, profile picture).
- Information about the type of device you are using (e.g. your laptop or mobile phone).
- The account ID of your profile in the respective network (e.g. Facebook ID).
Please also refer to the information for processing social network data related to social network features in “Information on Websites” and “Information on Social Media Fan Pages”.
Tradebyte currently uses the messenger service of Facebook, Instagram and LinkedIn as well as social plug-ins / logins from the following social networks:
1.4. Application Data
For the purposes of administering your online application, we collect, process and use the personal information that you provide to us in the online application form by sending us your CV or by contacting our recruiter directly. Basically, you decide for yourself which data you want to enter and pass on to us. The mandatory information includes your first and last name, email address, resumé and qualifications. However, if you do not provide us with personal information relevant to the application process, such as your education or employment history, we may not be able to process or properly evaluate your application. In your application you can provide us with a link to your profile on LinkedIn, XING or similar professional websites or social media websites. We also receive personally identifiable information from you when we discuss your background and profile with you.
Unless we explicitly ask you for such information, we do not recommend to provide personal information that can be considered sensitive personal information, such as racial or ethnic origin, marital status, political affiliation, religion or belief, health, criminal records or union membership. Under certain circumstances, such sensitive information may result in our inability to process your application data and your application to be (wholly or partly) not processed. We do not require you to attach a photo to your resumé, however, we do not explicitly ask you not to do so, either. If it is necessary for a particular position and it complies with the law, we may also ask you to provide information about your health or provide other sensitive information. If you provide us with such information, we will use it responsibly and obtain your express consent for the processing of the information.
When you access the online application platform, your Internet browser sends user data stored in so-called server log files. The stored information includes the date and time of the visit, the name of the page visited, your IP address, the referrer URL (the URL used to access the Tradebyte application page), the amount of data submitted, and the product and version information of your browser.
Your IP address will be deleted or anonymized immediately after the visit ends so that it will no longer be associated with you or any identified or identifiable natural person. Then, we anonymize these log files to improve the quality and usability of our online job applications and to manage our server capacity.
From time to time, we actively search for candidates for vacancies online and may then source your personal information from sources such as LinkedIn or XING or from other websites where you have posted a profile, from developer platforms, or a general Internet search. We may then store some of your information (such as name, contact details, link to your profile) in our database and contact you to inform you about vacancies.
If there is no suitable position at the time of your application, we ask you if you would like us to save your data in our Talent Pool (see also “Application Process”) and if we can contact you in the future for vacancies that could fit your profile.
1.5. Devices and Access Data
When using online services, it is inevitable that technical data will be generated and processed in order to provide the features and content offered and to display them on your device. We refer to this data as “device and access data”. Device and access data is generated with every use of an online service. It does not matter who the provider is. For example, device and access data are generated by using:
- Email newsletters (i.e. when your newsletter interaction is detected)
- Social media fan pages
- Location-based services
Tradebyte captures device and access data from online services offered by Tradebyte itself (e.g. the Tradebyte website). On the other hand, Tradebyte can obtain device and access data from online services of other companies, provided that they are Tradebyte’s social media partners. For more information, see “Information on Social Media Fan Pages.”
Device and access data include the following categories:
- General device information, such as device type information, operating system version, configuration settings (e.g. language settings, system permissions), Internet connection information (e.g. mobile network name, connection speed).
- Identification data (IDs), such as session IDs, cookie IDs, unique device ID numbers (e.g. Google Advertising ID, Apple Ad ID), third-party account IDs (if you use social plug-ins), and other common Internet technologies to recognize your web browser or device.
- Access data that is automatically transmitted by web browsers each time the web server and databases are accessed online (as part of so-called HTTP requests). These are standardized information about the requested content (such as the name and file type of a file being accessed) as well as additional server access information (such as transmitted data volume and error codes) to your device (e.g. device type, operating system, software versions, device IDs, IP address, the previously visited page and the time of access).
1.6. Photography and filming
When you participate in events organized by Tradebyte (e.g. ECD, Global Game Jam, Franconia Game Jam, etc.), you may be depicted on film and photographs used for public relations. Further information can be found in the section “Filming and Photography at events”.
2. What is Tradebyte using my data for?
In this chapter, we also inform you on what legal basis we process data for the individual purposes. Depending on the legal basis on which we process your data, you may be entitled to special data protection rights in addition to your existing data protection rights such as the right to information. For example, in some cases, you have the right to object to the processing of your data.
2.1. Data processing in connection with business relations
Within the business relationship with Tradebyte we also process personal data of you or your employees.
Customer and business partner management
In order to manage our business contacts, we process information about your company (in particular address, branches, authorized representatives and their contact details) as well as information about the respective contact person (in particular name, position and professional contact information) and any communication with you. We use this data in order to be able to reach the appropriate contact person when contacting you, to process your inquiries properly and to cultivate our business relationship. This data will also be used to arrange an initial consultation with you for the preparation of an offer. Furthermore, we use the above mentioned data as well as the associated communication history for purposes of technical support.
Contract and billing Management
As part of billing, we collect information on offers, orders / services rendered and invoice items, as well as bank details. Also in this context, contact details of the contact persons can be processed.
For the provision of the customer portal TB.Community we process your master and contact data. TB.Community serves the purpose of integrating and connecting Tradebyte customers to a specific platform or marketplace (channel) as well as the interaction between project partners.
If we publish the results of work and / or records in fulfillment of the contract concluded with you, we reserve the right, to publish not only the results/ records but beyond that, the name and biographical or other personal data (with the exception of contact details) of the contact persons of our contractual partners for commercial purposes.
We also reserve the right to publish a statement made by you as a business customer in connection with your name, position, if necessary a photo of you and naming your employer / company or even a photo stating your name, your position and your company / employer (e.g. in connection with a lecture at one of our events) (e.g. on our website or in social networks).
Insofar as the above-mentioned purposes is the performance of a contract entered into between Tradebte and you or the provision of a service requested by you, the legal basis is Art. 6 para. 1 lit. b GDPR Otherwise, the legal basis is Art. 6 para. 1 lit. f GDPR, where our legitimate interests lie in the above-mentioned purposes. If you have agreed in writing (e.g. by email) to the publication of a statement or other data, your legal basis is your consent in accordance with. Art. 6 para. 1 lit. a GDPR.
If you participate in one of our surveys, we will use your statements for the purposes of market and opinion research. We evaluate the data anonymously for internal purposes. Providing your name and email address at the end of a survey is optional. Unless surveys are exceptionally evaluated anonymously, we base this processing on our legitimate interest.
The provisions of GDPR are not applicable to anonymous surveys and in the case of exceptionally personal evaluations, the legal basis is the aforementioned legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. If you voluntarily state your name and email address at the end of a survey, the legal basis is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
2.3. Organization of events
Contact and ticket purchase
If you register for the E-Channel Day (ECD) or other events organized by Tradebyte (e.g. Global Game Jam, Franken Game Jam, DevNight), we will process the information and personal details that are shown in the entry fields of the ticket purchase data (such as name and email address) for the provision of your tickets as well as the processing and organization of the ECD or the respective event.
In addition, with a ticket purchase, you will automatically be included in the so-called “Matchmaking Service” of the ECD platform, which will be activated a few weeks before the ECD and through which you can contact other participants and arrange meetings at the ECD. In the “Matchmaking Service”, your contact details (e.g. name, email address, if applicable telephone number, address (business), job position) as well as any other data that you can provide will be made visible to other participants. The “Matchmaking Service” is a mandatory part of the ECD.
If you have registered for the ECD or other events organized by Tradebyte (including Global Game Jam, Franken Game Jam, DevNight), we may notify you by email about comparable, future events or offers from us. You can object to receiving such emails anytime for free or unsubscribe. A corresponding link to unsubscribe can be found in every mailing. A message to us is also sufficient.
The legal basis of this data processing is the fulfillment of the contract pursuant to Art. 6 para. 1 sentence 1 lit. b DSGVO. Otherwise, the legal basis is Art. 6 para. 1 lit. f DSGVO, where our legitimate interests lie in the above-mentioned purposes.
Filming and photography at events
We hereby inform you that we create film and photo shoots on the ECD and on any other events organized by Tradebyte (e.g. Global Game Jam, Franconia Game Jam, DevNight). We intend to use these for the purpose of external representation in our advertising media, on our websites, social media pages and in newsletters as well as in other media (e.g. fair presentations, annuals / reports, chronicles, annual reports, catalogs, etc.) unlimited in time and content and without geographic restrictions.
The legal basis of this data processing is our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, for pictures in which persons are to be seen only as an accessory or as a participant in a meeting Section 23 para. 1 no. 2, 3 KunstUrhG (German Law on the Protection of Copyright in Works of Art and Photography), and if applicable, your consent pursuant to Art. 6 para. 1 sent. 1 lit. a GDPR, Section 22 KunstUrhG. We will inform you about the creation of film and photo shoots during the registration for or at the event itself (e.g. by an appropriately marked sign or a message).
For training purposes and to improve user knowledge, we regularly offer our customers webinars. You need to register to participate in the webinars. For this we need the following data from you:
- First and Last Name
- Email address
- Account number (optional)
We need this data in order to send you the access data for the webinars and to identify you as our customer.
We will only use your email address for registration and not for other advertising purposes. The monthly newsletter with the announcement of upcoming webinars will be sent to all of our customers who are registered with an email address. If you no longer wish to receive this, you can of course unsubscribe from it at any time.
Your registration data will be deleted after the end of the webinar and will not be processed for other purposes. However, we note your participation in a webinar in our customer database. We do this in order to be able to understand which of our customers have already participated in a training course and to have an overview of the level of knowledge of our customers.
During a webinar you may have the opportunity to enter the so-called “stage”. In this way you can get in direct contact with the moderator, for example to ask a question. Please note that in this case other participants can hear and also see you when your camera is activated.
If you want to ask questions without entering the stage, you should use the chat function.
We use the service of Livestorm, SAS., A company based in France (24 rue Rodier, 75009 Paris, France) for the webinar. We have concluded a Data Processing Agreement (DPA) with Livestorm. In this contract, Livestorm guarantees to comply with the applicable data protection regulations.
You can find more information on data protection at Livestorm here.
The legal basis of this data processing is the fulfillment of the contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR. Otherwise, the legal basis is Art. 6 para. 1 lit. f GDPR, where our legitimate interests lie in the above-mentioned purposes.
We use your data, also in the context of data analysis and for advertising purposes. In particular, we pursue the following purposes:
- The implementation of existing customer advertising.
- The implementation of direct mail, e.g. in the form of newsletters.
- The planning, implementation and success control of advertising that meets the interests of the targeted audiences (personalized advertising).
- Insights into how our services are used (usage analysis).
Depending on the purpose, we use the data stored by us for data analyzes.
As far as the data processing for the purposes described above are based on your consent, the legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR. For the remaining processing activities, data processing is based on Art. 6 para. 1 sentence 1 lit. f GDPR, where we process your data on the basis of a balance of interests in order to safeguard the legitimate interests of us. Tradebyte’s legitimate interest in data processing arises from its purposes and, unless otherwise stated, is competitive and economic in nature. You can disable the processing of your data for personalized advertising and usage analysis at any time.
If you click on the following links an opt-out cookie is placed, which prevents the future collection of your data when visiting this website:
2.6. Application process
We collect and process the personal information about you in order to process your application and match it with our vacancies. This includes the use of the data to contact you.
We are interested in finding the right candidates for our business, and assume that if you have publicly disclosed your information, for example, on a job website, you agree to be notified of vacancies that could potentially fit your profile.
Your data will be transmitted in encrypted form to our HR department.
For the storage and processing of your application, we use service providers such as Greenhouse (for more information see under “Service providers in the application process”). Your application will be automatically deleted after six months beginning with the end of the application process. If you have consented to the storage of your data in the Talent Pool, your data will be stored for twelve months. After these deadlines your data will be deleted. You can always ask us to delete your data by sending an email to firstname.lastname@example.org. Please note that this will end all current application processes.
Within the Zalando Group, those companies and departments have access to your applicant data that need it to fulfill their contractual and legal obligations or to fulfill their respective administrative functions within the Zalando Group.
Trial working day
In certain cases, we may invite you to a trial working day as part of the application process. Since you can use our IT systems on this day, we will set up a user account for you. The following data is processed for this purpose: name, team membership, date of the trial working day and access data. After completion of the trial working day, the user account will be blocked and all associated data will be deleted.
The legal basis of data processing in the application process and as part of the personal file are Article 88 (1) GDPR in conjunction with Section 26 para. 1 sentence 1 BDSG (German Federal Data Protection Act) and Article 6 para. 1 (1) lit. b GDPR and insofar as you have given your consent, for example by sending information that is not required for the application procedure or consent for admission to the Talent Pool, Art. 6 para. 1 sentence 1 lit. a GDPR. If you have provided us with sensitive information, we require your consent to the processing of this information in accordance with Art. 9 para. 2 lit. a GDPR. In the other cases, the legal basis is Art. 6 para. 1 lit. f GDPR, based on our legitimate interest (e.g. to exercise or defend legal claims and to improve or change our services).
2.7. Based on your consent
If you have given us consent to the processing of personal data, your consent (Article 6 para. 1 sentence 1 lit. a GDPR) is the basis of our data processing in the first place. Which of your data we process based on your consent depends on the purpose of your consent. Typical purposes include:
- Ordering a newsletter.
- Participation in the service ECD Gate and “Matchmaking”.
- Entering data in contact forms.
- The transmission of your data to third parties or to a country outside the European Union.
Information on Withdrawal
You can withdraw a consent previously given at any time with effect for the future, e.g. by email, post, letter or fax. In addition, there is also a corresponding opt-out link in each newsletter.
2.8. Other purposes
If data protection law permits, we may also use your information for new purposes without your consent, such as conducting data analysis and developing our services and content. The prerequisite for this is that these new purposes for which the data are to be used were not yet established or foreseeable at the time the data was collected, and the new purposes are compatible with those purposes for which the data in question were originally collected. For example, new legal or technical developments and new business models and services may lead to new processing.
3. Information on websites
We use your data for the provision of Tradebyte websites. In addition to the device and access data associated with each use of these services, the nature of the data processed and the purposes of processing will depend in particular on how you use the features and services provided through our services. We also use the information we collect during the visit of our websites to find out how our online offer is used. We basically record all data that you provide us directly via our services.
3.1. Device and access data
Every access to our servers and databases generates device and access data, which is logged in so-called server log files. The IP address contained therein will be anonymized at the end of the respective access at short notice, as soon as the storage is no longer necessary for maintaining the functionality of the respective website.
If available and enabled on your device, we will also collect a device-specific identification number (for example, a so-called “promotional ID” if you use an Android device or “Ad-ID” if you use an Apple device). This device identifier is issued by the manufacturer of your device’s operating system and can be read by websites and apps and used to present content based on your usage habits. If you do not want this, you can always disable it in your device’s browser settings or system settings.
3.2. Login: Infocenter
If you are a Tradebyte customer, you have the possibility to place a call to the Infocenter as part of the functionality of the product (e.g. TB.One). There you can make various product-related settings. These settings are saved.
3.3. Adobe fonts
Our website uses the Adobe Fonts (formerly Adobe Typekit) service offered by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland (“Adobe”). When you visit a website, your browser loads the required fonts to display texts correctly and appealingly. To do this, your browser must connect to the Adobe servers. This tells Adobe that your website has been accessed through your IP address. The server to which the connection is established may be in the United States. You can also configure your browser settings so that the fonts are not loaded from the Adobe server (e.g. by installing add-ons). If your browser does not support Adobe Fonts or does not allow access to the Adobe servers, the text will be displayed in the standard font of the system
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO, based on our interest in a uniform and appealing presentation of our online presence.
3.4. Social links
Social links from Facebook
Social links from LinkedIn
Social links from Twitter
Social links from XING
3.5. Online advertising / retargeting
The legal basis for the data processing described in the following section is Art. 6 para. 1 sentence 1 lit. f GDPR based on our legitimate interest in promoting our products and services in a personalized manner.
In the following section, we would like to explain more about these technologies and their providers.
In particular, the data collected may include
- The IP address of the device,
- The date and time of access,
- The identification number of a cookie,
- The mobile device ID
- Technical information about the browser and the operating system
However, the collected data is stored exclusively pseudonymously, so that no direct identification of the persons is possible.
In the following descriptions of the technologies we use, you will also find information on the possibilities of objection to our analysis and advertising measures by means of a so-called opt-out cookie. Alternatively, you can exercise your objection by appropriate settings on the websites using the Trust Arc opportunities or Your Online Choices, which provide bundled objections in relation to many advertisers. Both sites allow opt-out cookies to deactivate all advertisements at once for the providers listed, or alternatively to individually set your preferences with regards to every provider. Please note that after deleting all cookies in your browser or later using another browser and / or profile an opt-out cookie must be placed again.
Google Ads Conversion tracking and remarketing
If you use a Google Account, Google may associate your web and app browsing history with your Google Account and use information from your Google Account to personalize your ads, based on the settings stored in your Google Account. If you do not want this mapping to your Google Account, you’ll need to log out of Google before you visit our website.
You can configure your browser to reject cookies. You can also in the Google Ads Settings disable the Personalized Advertising button. In that case, Google will only show general advertising that has not been selected based on the information collected about you.
Google Ads and Google Marketing Platform
Our website is using Google Ads and Google Marketing Platform, services that are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) for users from the European Economic Area, Switzerland and Liechtenstein and by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”) to all other users. This services are using cookies and similar technologies to present advertisements relevant to you. Use of the services enables Google and its affiliate websites to serve ads based on previous visits to our or other websites on the Internet. The data collected in this context can be transmitted by Google for evaluation to a server in the USA and stored there. In the event that personal information is transferred to the US, we have stipulated Standard Contractual Clauses with Google.
You can prevent the placement of cookies by setting your browser accordingly (as described above); however, we point out that in this case you may not be able to use all the functions of the website to the fullest extent. You may also prevent the collection of the data generated by the cookies and related to your use of the website by Google and the processing of this data by Google by downloading and installing the browser plug-in to deactivate personalized advertisements. Alternatively to the browser plug-in, or when using browsers on mobile devices, you can disable the “Personalized Advertising” button in the Google ads settings. In that case, Google will only show general advertising that has not been selected based on the information collected about you.
3.6. Usage analysis
The legal basis for the data processing described in the following section is Art. 6 para. 1 sentence 1 lit. f GDPR, based on our legitimate interest in the optimal design and continuous optimization of our website.
In the following list of the technologies we use, you will also find information on the possibilities of objecting to our analysis measures by means of an opt-out cookie. Please note that after deleting all cookies in your browser or later using another browser and / or profile an opt-out cookie must be set again.
Google will process the information obtained through the cookies in order to analyse your use of the respective website, to compile reports on website activity for website operators and to provide other services related to website activity and internet usage. Google also calculates statistically aggregated demographic data and user interests, which are determined by Google on the basis of user behavior on the websites of third parties. Statistical expectations about the demographic characteristics or interests of a single user are not processed by us.
The data collected in this context can be transmitted by Google for evaluation to a server in the USA and stored there. In the event that personal information is transferred to the US, we have stipulated Standard Contractual Clauses with Google. However, your IP address will be truncated before the usage statistics are evaluated, so that no inference can be made about your identity. For this purpose, Google Analytics has been enhanced on our websites and product sites with the code “anonymizeIP” to ensure an anonymous collection of IP addresses.
You can, as shown above, configure your browser to reject cookies, or you can prevent the collection of data generated by cookies and related to your use of this website (including your IP address) and the processing of this data by Google by downloading and installing the browser add-on provided by Google. As an alternative to the browser add-on or if you access our websites from a mobile device, please use this opt-out link. This will prevent the data collection by Google Analytics within this website in the future (the opt-out works only in the browser and only for this domain). If you delete your cookies in this browser, you must click this link again.
Our website uses Hubspot, a marketing solution with usage analysis from Hubspot, Inc. 25 First Street, 2nd Floor, Cambridge, MA 02141 USA (“Hubspot”). Hubspot helps to recognize users who contact us through contact forms or registration forms (events, newsletters) on our website. For this purpose, a cookie is placed in your browser when you submit further personal information via the contact form (e.g., name, e-mail address), which allows us to add the following interactions to a user profile when you return to the website, to analyze your use of the site, and to analyze your interaction with the newsletter.
Data collected in this context is transferred to a server in the USA and stored there. Ee have stipulated Standard Contractual Clauses with Hubspot to ensure a high standard of protection of your personal data.
You may configure your browser to reject cookies, as described above, or you may prevent the collection of data generated by cookies and related to your use of this Site (including your IP address) and Hubspot’s processing of such data by using this opt-out link. This will prevent Hubspot from collecting any data within this site in the future (the opt-out works only in the browser and only for this domain). If you delete your cookies in this browser, you will need to click this link again.
3.7. Integrating YouTube videos
We have videos in our website that are stored on YouTube and are directly playable from our websites. YouTube is a multimedia service of YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”), a group company of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). In the event that personal data is transferred to the US, we have we have stipulated Standard Contractual Clauses with Google and the affiliate YouTube. The legal basis of data processing is Art. 6 para. 1 sentence 1 lit. f GDPR, based on our legitimate interest in the integration of video and image content.
By visiting our website, YouTube and Google receive the information that you have accessed the corresponding subpage of our website. This happens regardless of whether you are logged in to YouTube or Google or not. YouTube and Google use this data for the purposes of advertising, market research and customization of their websites. If you visit YouTube on our website while logged in to your YouTube or Google profile, YouTube and Google may also associate this event with their respective profiles. If you do not want the mapping, you will need to log out of Google before visiting our website.
4. Information on social media fan pages
Tradebyte maintains social media profiles on the social networks of Facebook and Instagram (so-called “fan pages”). On our fan pages we regularly publish and share content, offers and product recommendations. With every interaction on our fan pages or other Facebook or Instagram websites, the operators of the social networks record your usage behavior with cookies and similar technologies. Fan page operators can view general statistics on the interests and demographics (such as age, gender, region) of the fan page audience. When you use social networks, the nature, scope and purposes of processing the data in social networks are determined primarily by the social network operators.
4.1. Provider / Responsible person for fan page
The responsible Tradebyte company, which acts as the content provider of a fan page, can be found in the imprint information on the respective fan page.
The social networks Facebook and Instagram are each offered by Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”).
If you communicate directly with us through our fan pages or share personal content with us, Tradebyte is responsible (Data Controller) for the processing of your data. An exception applies to the data processing described in the usage analysis (page insights); for this we are jointly responsible (Joint Controllers) with Facebook.
Processing of your data by Facebook
4.2. Which data is collected?
When you visit our fan pages, Tradebyte collects all communications, content and other information that you provide to us directly, such as when you post something on a fan page or send us a private message. Of course, if you have an account on the social network, we can also see your public information, such as your username, information in your public profile, and content that you share with a public audience. For more information, see “What data does Tradebyte process?”.
Usage analysis (Page Insights)
With the help of site insights, we gain insights into how our fan pages are used, what interests the visitors of our fanpages have, and what topics and content are particularly popular. This allows us to optimize our fanpage activities, for example, by better tailoring and selecting our content in accordance with the interests and usage habits of our audience.
Tradebyte and Facebook are jointly responsible for processing your data for the provision of site insights. For this purpose, we and Facebook have defined in an agreement which company fulfills the data protection obligations under the GDPR with regard to the processing of site insights data.
Learn more about Pages Insights
The agreement with Facebook can be viewed here: Pages Insights supplement relating to the responsible
Facebook has summarized the main contents of this Agreement (including a list of pages Insights data) here for you: Information on Page Insights Data
As far as you have consented to the above-described creation of page insights vis-à-vis Facebook, the legal basis is Art. 6 para. 1 lit. a GDPR (consent). Otherwise, the legal basis is Art. 6 para. 1 lit. f GDPR, where our legitimate interests lie in the above-mentioned purposes.
4.3. What privacy rights do I have?
The rights as described in section “What Privacy Rights Do I Have?” do, of course also apply to the processing of your data in connection with our fan pages.
For the purposes of processing your Site Insights data with Facebook, we have agreed with Facebook that Facebook has a primary responsibility to provide you with information about the processing of your Page Insights data and to enable you to exercise the privacy rights under GDPR (e.g. right of objection). You can find more information on your privacy rights in connection with Page Insights and how you can exercise them directly vis-à–vis Facebook here: Information on Page Insights data
You can also address your inquiries to us. We will then forward your request to Facebook.
We offer various newsletter services. For information on the topics covered by each newsletter and other tips, sign up for a newsletter service. When using our newsletter, we also collect device and access data.
5.1. How do I sign up?
For sending our newsletters we use the so-called double opt-in procedure, i.e. we will only send you a newsletter if you have previously expressly agreed that we should activate the newsletter service. You must also have confirmed that the email address you have provided is yours. For this purpose, we will send you a notification email and ask you to confirm that you are the owner of the provided email address by clicking on a link contained in this email.
5.2. How do I unsubscribe?
If you no longer wish to receive newsletters from us, you can object at any time without incurring any costs other than the transmission costs according to the basic rates of the respective provider. A message in text form (e.g. email, fax, letter) is sufficient. Of course, you will also find an unsubscribe link in every newsletter.
5.3. Which data is collected?
When you sign up for a newsletter, we automatically save your IP address and the times of registration and confirmation. In this way, we can prove that you have actually registered and, if necessary, recognize the misuse of your email address.
We collect device and access data that is generated by your interaction with a newsletter. For this analysis, the newsletters contain references to image files stored on our web server. When you open a newsletter, your email program loads these image files from our web server. We collect the resulting device and access data in a pseudonymized form under a randomly generated identification number (newsletter ID), which we will not use for your identification without your consent. So we can understand if and when you have opened which issues of a newsletter. The links contained in the newsletters also contain your newsletter ID, so that we can record which content is of interest for you.
Furthermore, we collect data on you user behaviour on our website when you browse our website after visiting a link in the newsletter.
You can object to the newsletter and behavioural analysis at any time by unsubscribing from the respective newsletter service. Of course, you will also find an unsubscribe link in each issue of our newsletter. Further information can be found under “What Privacy Rights Do I have?”.
Alternatively, you can disable the display of images in your email program. In this case, however, you will not be able to view the newsletter completely.
6. Whom are my data shared with?
Tradebyte will only pass on your data if this is permitted under German or European data protection law. We work very closely with some service providers, for example with technical service providers (e.g. operation of computer centers). These service providers may only process your data under special conditions on our behalf. Insofar as we use them as a processor, the service providers will only be able to access your data to the extent and for the period required for the provision of the respective contractually agreed services.
6.1. Zalando group companies
Tradebyte is a Zalando group company that shares many systems and technologies. This allows us to offer you a less expensive, better, safer, more consistent and interesting service. Therefore, those companies and departments within the Zalando Group, which need access to this data to fulfill our contractual and legal obligations or to fulfill their respective functions within the Zalando Group, have access to your data.
6.2 Technical service providers
We work with technical service providers to provide you with our services. These service providers include, for example, Salesforce.com, EMEA Ltd. or Amazon Web Services, Inc. If they process your information outside the European Union, this may result in your information being transferred to a country with lower privacy than in the European Union. Tradebyte will in such cases ensure that the service providers in question, by contract or otherwise, guarantee an equivalent level of data protection.
6.3. Service provider in the application process
We use the sevices of Greenhouse Software Inc., 455 Broadway, New York NY, 10013 USA (“Greenhouse”) for our application management. For this purpose, your data will be stored and processed on Greenhouse servers in the United States.
For all transfers of your personal data from the EEA to countries that, according to the European Commission, do not provide an adequate level of protection (such as the US), we have taken appropriate measures, such as the agreement of standard contractual clauses provided by the European Commission, to protect your personal information. You can request a copy of these safeguards by contacting us using the contact details below.
6.4. Event management
For the planning and organization of our events we use service providers, such as Meetup. We select these service providers carefully to ensure that your personal information is properly stored and processed as part of your registration for one of our events.
6.5. Authorities and other third parties
If we are required by a decision of the authorities or court or in the case of defense of legal claims, we pass on your data to law enforcement authorities or other third parties if necessary.
7. What privacy rights Do I Have?
Under the respective statutory conditions, you have the following data protection rights:
Right to information (Article 15 GDPR), right to erasure (Article 17 GDPR), right to rectification (Article 16 GDPR), right to restriction of processing (Article 18 DSGVO), right to data portability (Article 20 GDPR), right to lodge a complaint with a supervisory authority (Article 77 GDPR), right to withdraw the consent (Article 7 para 3 GDPR) and the right to object to certain data processing activities (Article 21 GDPR). The contact details for exercising your rights can be found under “contact persons”.
- As far as providers of goods use our software solution for the connection to online shops, requests for information and the assertion of other claims by end customers whose data are processed via our software are to be asserted directly to the provider of the goods as the data controller,
- In order to ensure that your data is not disclosed to third parties in the case of requests for information, we always require sufficient proof of identity.
- The competence and jurisdiction of the data protection authorities are determined in accordance with the registered office of the data controller. The Lead Authority responsible for Tradebyte is the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin, Germany. You can also contact the data protection authority at your place of residence, which will then forward your complaint to the appropriate authority.
- If you have given your consent to the processing of your data, you can withdraw it at any time. A withdrawal does not affect the admissibility of the processing of your data carried out before your withdrawal.
- You can object to the processing of your data for advertising purposes, including direct mail (also in the form of data analyzes) at any time without stating reasons.
- If the processing of your data is based on a balance of interests pursuant to Article 6 para. 1 lit. f GDPR, you can object to the processing. If you object, we kindly ask you to explain the reasons why we should not process your data. In the case of your justified objection, we will examine the situation and will either discontinue or adjust the processing or inform you of our compelling reasons worthy of protection, on the basis of which we may continue the processing.
8. When will my data be deleted?
Deletion may be waived in the cases permitted by law, in the case of anonymous or pseudonymised data, which would render the processing impossible or seriously detrimental to scientific research or statistical purposes.
9. How does Tradebyte protect my data?
Your personal data is securely transmitted by encryption. We use the coding system SSL (Secure Socket Layer). Furthermore, we protect our website and other systems by technical and organizational measures against loss, destruction, access, modification or dissemination of your data by unauthorized persons.
You can reach out to our Privacy Team for general questions on privacy and in order to exercise your data protection rights by sending an email to Dataprotection@Tradebyte.com.
In order to directly contact our Data Protection Officer, please send your inquiry to the following postal address indication that it is “for the attention of Data Protection Officer”:
Tradebyte Software GmbH
Telefax: +49 (0)981 20822-222