Privacy Policy 2018-10-30T15:44:44+00:00

Terms of privacy, 13.09.2018

Data Privacy Statement for commercetools.com

1. Responsible body

commercetools GmbH
Adams-Lehmann-Str. 44
80797 Munich
Email: info@commercetools.com
Telephone: +49 (89) 99 82 996-0

commercetools GmbH, Adams-Lehmann-Strasse 44, 80797 Munich (hereinafter only “commercetools”) operates the website commercetools.com and wants to inform you in the following data privacy statement of the extent to which data is gathered for our website commercetools.com and the purposes for which this data is used.

This data privacy statement applies to the website commercetools.com as well as to various sub-domains (for instance dev.commercetools.com) or other domains, insofar as these refer to this data privacy statement. In the case of websites which do not refer to this data privacy statement, their own respective data protection provisions apply

2. Processing of personal data

Personal data are individual pieces of information which make a person identifiable directly or indirectly, such as a name or a postal address. Processing of personal data can occur in the following cases:

a, Access data/ server log files

For technical reasons, commercetools processes a limited number of data for every access to the website (so-called connection data). These data are technically required in order to establish and execute a connection between your end device and our servers. The processing is carried out on the basis of Sections 13 (1) and 15 (3) TMG [the German law pertaining to telemedia]. In doing so, the following data or data categories can be collected:

  • Name of the website or file accessed
  • Date and time of access
  • Volume of data transferred
  • Access status (file transferred, file not found)
  • Browser type and version
  • The user’s operating system
  • Referrer URL (the website visited previously)
  • IP address.

After the connection has ended, these data are erased or made anonymous and shall therefore not be used to generate user profiles.

b, Processing for advertising purposes

Below are further details on how we process your data for the purposes of advertising. Unless stated otherwise, all processing described below is carried out on the basis of Art. 6 (1)(a) GDPR, that is to say your explicit and voluntary consent. Any consents granted electronically to sending the newsletter shall always be in the form of a double opt-in, while written consents (that is to say, confirmed with your signature) shall regularly be made in the form of a single opt-in.

Mailshots: We use your name and your postal address as well as other information assigned to you (professional, industry, business description, name, title, academic level, address and year of birth) in order to send you advertising by post. This processing is carried out on the basis of Art. 6 (1)(f) GDPR. Pursuant to Art. 21 (2) GDPR, you have the right to object to the processing for the purposes of mail advertising at any time and without stating reasons. You will then receive no further mail advertising from us in future. Please send your objection via email or post to the responsible body mentioned in Section 1.

Personalised offers: We want to provide you with offers that are as individual as possible. Therefore, we use the information automatically generated when you visit our website and transmitted to us in order to provide you with advertising that is tailored to you and your interests. For this we use available information, such as your purchase history, email receipts and read confirmations, the date and time of your visit to our website and the products you have viewed. We use this information purely in pseudonym form. By analysing and evaluating this information, we can provide you with advertising that is individually tailored to your interests. We want to make our advertising as useful and interesting as possible. Therefore you will receive advertising such as newsletters and product recommendations that match your interests, by email or direct mail. This processing is carried out on the basis of Sections 13 (1), 15 (3) TMG, unless you have consented to this pursuant to Art. 6 (1)(a) GDPR. You have the right to object to the processing of data for the purpose of individualised advertising at any time and without stating reasons. To exercise your right to object, click here. From the time of receipt of your objection, you will not receive any personalised advertising from us.

Newsletter: On our website as well as in the web applications offered by us, you have the option to subscribe to our newsletter at various places. The newsletter informs of current commercetools events, new products and new clients and partners. You can find the data required to subscribe as well as other details in the subscription form linked in the data privacy statement. You can revoke the consent to the newsletter at any time and without stating reasons with effect for the future. Please send your objections to the responsible body mentioned in Section 1 or use the unsubscribe function in the newsletter email. If you revoke your consent, you will no longer receive any newsletters from us in future.

c, Cookies

Cookies are text files which enable all device-specific information to be stored on the end device used. This information is necessary in order to offer the products of the information society on our website as well as to be able to guarantee error-free functioning of the website. This includes the localisation of errors as well as their correction. The processing is carried out on the basis of Sections 13 (1) and 15 (3) TMG [the German law pertaining to telemedia]. If you would like to stop the use of cookies, all current browsers offer corresponding settings to block and erase cookies. Blocking cookies can however mean that the website cannot be used or cannot be used in full.

d, Google Analytics 

For the needs-based design of our website, we create pseudonymous user profiles with the aid of Google Analytics. Google Analytics uses cookies, text files stored on your computer that enable analysis of your use of the website. Normally, the information generated by the cookie about your use of this website is transmitted to a Google server in the United States and stored there. Since we have activated IP anonymization on this website, your IP address will however be abbreviated beforehand within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is the complete IP address conveyed to a Google server in the United States and only abbreviated there. Google uses this information to evaluate your use of our website for us, to compile reports on the activities of website operators and to provide us with other services in conjunction with the use of websites and the Internet. The processing is carried out on the basis of Sections 13 (1) and 15 (3) TMG [the German law pertaining to telemedia]. You may object to the creation of user profiles using a pseudonym at any time.

There are several ways to do this:

  1. One way to object to web analysis by Google Analytics is to set an opt-out cookie that tells Google not to store or use your data for the purpose of web analysis. Please note that with this solution, web analysis is blocked only for as long as the opt-out cookie is stored in the browser. If you would like to set the opt-out cookie now, please click here.
  2. You can block the storage of cookies used to create profiles by means of an appropriate setting on your browser software.
  3. Depending on the browser you use, you can install a browser plug-in that blocks tracking. For this purpose, please click here and install the browser plug-in that can be downloaded from there.

e, Hubspot

On this website we use HubSpot for our online marketing activities. HubSpot is a US-based software company with a presence in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.

This is an integrated software solution that covers various aspects of our online marketing.

These include: E-mail marketing (newsletters and automated mailings, eg for the provision of event details), social media publishing & reporting, reporting (eg traffic sources, access, etc. …), contact management (eg user segmentation & CRM), landing pages and contact forms.

Our website enables visitors to learn more about our business, download content, and provide us with their contact information and other demographic information. This information and contents of our website are stored on servers of our software partner HubSpot. They can be used by us to connect with visitors of website and to determine what services of our company they are interested in. All information we collect is subject to this Privacy Policy. We use all information collected solely to optimize our marketing activities.

The legal basis for the use of the services of Hubspot is Art. 6 I f GDPR – legitimate interest. Our legitimate interest in using this service is the optimization of our marketing efforts and the improvement of our service quality on the website.

HubSpot is certified under the terms of the “EU – US. Privacy Shield Frameworks ” and governed by the TRUSTe’s Privacy Seal as well as the  “U.S. – Swiss Safe Harbor“ Framework.

More about the HubSpot Privacy Policy

More information from HubSpot regarding the EU Privacy Policy More information about the cookies used by HubSpot can be found here.

If you generally do not want to be registered by HubSpot, you can prevent the storage of cookies at any time by your browser settings or use the following opt-out link: Hubspot Opt-Out Link.

f, Usage-based online advertising

At this point we wish to inform you in detail about usage-based online advertising. Our website, or the website from which you have just been directed, records and processes your user behaviour anonymously. As a user, you benefit from this because you receive advertising that matches your fields of interest and thus, less random advertising is delivered to you. To record your user behavior, a cookie is stored on your computer. Cookies are small text files that are installed on the hard drive of your computer, enabling you to be recognised, but preventing you from being personally identified. The processing is carried out on the basis of Sections 13 (1) and 15 (3) TMG [the German law pertaining to telemedia].

To improve advertising according to your interests, we use the following tools:

  • Google AdWords Conversion,
  • Google Dynamic Remarketing,
  • Twitter Advertising,
  • Facebook Advertising,
  • LinkedIn Advertising,
  • Hubspot,
  • Google Analytics, Google Tag Manager, Google Ad Manager

Information on your activities on this website (e.g. surfing behavior, the sub-pages of the internet offer that you visited) is recorded. Generally, you can stop cookies from being stored on your hard drive by choosing the browser setting “block cookies”. You can set up your browser so that it asks you whether you wish to accept cookies before it is installed. Ultimately, you can delete installed cookies at any time. To see how this works, please consult your browser’s help pages. If you block all cookies, this can restrict some of the website’s functions. Please note that if you delete cookies, you may have to re-activate previously installed opt-out cookies. We use the following tools to record data to deliver usage-based online advertising:

Tool Provider’s data privacy information Opt-out option Opt-in option
Google Analytics https://support.google.com/analytics/answer/6004245?hl=en Opt-out https://adssettings.google.com/authenticated?hl=de
Google AdWords Conversion http://bit.ly/1HZJvvQ http://bit.ly/1Q6YkQI http://bit.ly/1Q6YkQI
Google Dynamic Remarketing http://bit.ly/1JT8n5o http://bit.ly/1GFNqdS http://bit.ly/1GFNqdS
Google Ad Manager, Doubleclick, Google Tag Manager https://policies.google.com/privacy?hl=en https://adssettings.google.com/authenticated?hl=de https://adssettings.google.com/authenticated?hl=de
Twitter Advertising https://twitter.com/en/privacy https://twitter.com/personalization https://twitter.com/personalization
Linkedin Advertising https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy https://www.linkedin.com/psettings/guest-controls?trk= https://www.linkedin.com/psettings/guest-controls?trk=
Hubspot https://legal.hubspot.com/privacy-policy Opt-out https://knowledge.hubspot.com/articles/kcs_article/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser
Facebook https://www.facebook.com/full_data_use_policy https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Oktopost https://www.oktopost.com/privacy https://www.oktopost.com/tracking-opt-out https://www.oktopost.com/tracking-opt-out

On the website youronlinechoices.com you can find further information about cookies and individual providers. There you can also block usage-based online advertising with individual tools or all of them. To reach the preference manager directly, please click here.

g, Facebook Custom Audiences:

We also use Facebook communications tools for usage-based online advertising, especially Custom Audiences and Website Custom Audiences. Basically, a non-reversible and non-personal related hash value is generated from your user data, which can be conveyed to Facebook for analysis and marketing purposes. The Facebook cookie is targeted for Website Custom Audiences. The processing is carried out on the basis of Sections 13 (1) and 15 (3) TMG [the German law pertaining to telemedia]. You will find more information on the purpose and scope of data collection and on the further processing and use of data by Facebook, as well as about the possible settings options to protect your privacy, from Facebook’s data privacy guidelines which you may review here. If you wish to opt out of Facebook Website Custom Audiences, you can do so here.

3. Categories of Data Recipients

Personal data can be transferred to the following categories of recipients, where applicable:

  • Public bodies, on the basis of legal requirements.

  • Affiliated companies, for the purpose of fulfilling the contract or to provide the products of the information society.

  • The data processor within the meaning of Art. 28 GDPR in the course of data processing.

  • Other third parties in the course of transfer of function.

4. Transfer to third countries

A transfer of personal data to countries outside of the European Union or the EEA is carried out on the basis of:

  • an adequacy decision of the European Commission within the meaning of Art. 45 GDPR.

  • an approved certification mechanism pursuant to Art. 42 GDPR, together with legally binding and enforceable obligations of the controller or the data processor in the third country.

  • standard data clauses which have been issued by the Commission pursuant to the review procedure under Art. 93 (2) GDPR.

5. Scoring

Your personal data shall not be processed to execute automated case-to-case decisions, including profiling pursuant to Art. 22 (1) and (4) GDPR.

6. Security

commercetools takes the legally required technical and organisational measures in order to protect personal data from loss, destruction, manipulation and unauthorised access.

7. Safekeeping period of the data

Personal data shall only be kept safe for as long as is necessary to satisfy the purposes mentioned here, or as stipulated by the safekeeping periods provided by the legislator. After the purpose no longer applies or after the expiry of the safekeeping periods, the data shall be erased in accordance with the statutory provisions.

8. Rights of data subjects

You have the option to make use of your “data subject rights” at any time:

  • Right to information pursuant to Art. 15 GDPR.

  • Right to rectification pursuant to Art. 16 GDPR.

  • Right to erasure pursuant to Art. 17 GDPR.

  • Right to restriction of processing pursuant to Art. 18 GDPR.

  • Right to data portability pursuant to Art. 20 GDPR.

  • Right to object pursuant to Art. 21 GDPR.

If you would like to make use of your rights, please address your concerns via email to privacy@commercetools.com or by post to the address mentioned in Section 1. Besides that, pursuant to Art. 77 (1) GDPR you have a right to complain to a supervisory authority. You can receive further information from the supervisory authority which is locally competent for you.

9. Data protection officer

Martin Holzhofer
Holzhofer Consulting GmbH
Lochhamer Str. 31
82152 Munich – Planegg
datenschutzbeauftragter@holzhofer-consulting.de
Web: https://www.holzhofer-consulting.de/

Cookies are important to the proper functioning of a site. To improve your experience, we use cookies to remember log-in details and provide secure log-in, collect statistics to optimize site functionality, and deliver content tailored to your interests. Click "Accept" to accept cookies or click on more information to see the types of cookies and choose whether to accept certain cookies while on the site. More information can be found on our Privacy Policy.

Die Cookie-Einstellungen auf dieser Website sind auf "Cookies zulassen" eingestellt, um das beste Surferlebnis zu ermöglichen. Wenn du diese Website ohne Änderung der Cookie-Einstellungen verwendest oder auf "Akzeptieren" klickst, erklärst du sich damit einverstanden.

Close