General Data Protection Regulation (GDPR)

  1. Collection and storage of personal data as well as the nature and purpose of their use

a) When visiting the website:

When you visit our website www.steffenschraegle.com, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:

  • IP address of the requesting computer
  • date and time of access
  • name and URL of the retrieved file
  • website from which access is made (referrer URL)
  • the browser used and, if applicable, the operating system of your computer as well as the name of your access provider

The data mentioned are processed by us for the following purposes:

  • ensuring a smooth connection of the website
  • ensuring comfortable use of our website
  • evaluation of system security and stability
  • for further administrative purposes

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case will we use the collected data for the purpose of drawing conclusions about you.

In addition, we use cookies and analysis services when visiting our website. Further details can be found under no. 4 and 5 of this privacy policy

b) When registering for our Newsletter:

If, in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR have expressly consented, we use your e-mail address to regularly send you our newsletter. For the receipt of the newsletter the indication of an e-mail address is sufficient.
The deregistration is possible at any time, for example via a link at the end of each newsletter. Alternatively, you can send your unsubscribe request at any time to info@thirdfloorcompany.com by e-mail

c) By using our contact form

For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. It is necessary to provide a valid e-mail address so that we know who the request came from and to answer it. Further information can be provided voluntarily.
The data processing for the purpose of contacting us is in accordance with Art. 6 para. 1 p. 1 lit. a GDPR based on your voluntarily granted consent. The personal data collected by us for the use of the contact form will be automatically deleted after completion of the request made by you.

d) Blog

You have the opportunity to post questions, answers, opinions or ratings (contributions) on our website. In this case, we process your contribution and publish it on our website. A substantive examination does not take place. The legal basis here is that you, according to Art. 6 para. 1 lit. a) GDPR, grant consent. The consent can be withdrawn at any time in accordance with Art. 7 para. 3 GDPR. Furthermore, the date and time of submission, a possibly used pseudonym, IP and e-mail address are processed. The legal basis results from Art. 6 para. 1 lit. f. GDPR. Our predominant legitimate interest is to initiate or support further action if your contribution is unlawful.
The data given in the context of the contributions will be stored by us until the objection by the user.

  1. Disclosure of data

A transfer of your personal data to third parties for purposes other than those listed below does not take place.  We only share your personal information with third parties if:

  • You, according to Art. 6 para. 1 sentence 1 lit. a GDPR, have given express consent to this
  • Disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data
  • In the event that disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO is a legal obligation
  • This is legally permissible and according to Art. 6 para. 1 sentence 1 lit. b DSGVO, is required for the settlement of contractual relationships with you
  1. Cookies

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device, do not contain viruses, Trojans or other malicious software.

In the cookie, information is stored; each resulting in connection with the specific terminal used. However, this does not mean that we are immediately aware of your identity.

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our page.

In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, it will automatically recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.

We use cookies to statistically record the use of our website and for the purpose of optimizing our offerTop of FormBottom of Form to evaluate it for you (see point 5). These cookies allow us to automatically recognize when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined period of time.

The data processed by cookies are for the purposes mentioned in order to safeguard our legitimate interests as well as the third party pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO required.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or always a hint appears before a new cookie is created. However, completely disabling cookies may mean that you can not use all features of our website. 

  1. Analysis tools

a) Tracking tools

The tracking measures listed below and used by us are based on Art. 6 para. 1 sentence 1 lit. f GDPR. With the tracking measures to be used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offer for you.

These interests are to be considered as justified within the meaning of the above provision. The respective data processing purposes and data categories are to be taken from the corresponding tracking tools.

b) Google Analytics1

For the purpose of the needs-oriented design and continuous optimization of our pages, we use Google Analytics, a web analysis service of Google Inc https://www.google.de/intl/de/about/ (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereafter “Google”). In this context, pseudonymised usage profiles are created and cookies (see point 4) are used. The information generated by the cookie about your use of this website, such as:

  • Browser type / version
  • Operating system used
  • Referrer URL (the previously visited page)
  • Host name of the accessing computer (IP address)
  • Time of server request

are transmitted to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third parties if required by law or if third parties process this data in the order. Under no circumstances will your IP address be merged with any other data provided by Google. The IP addresses are anonymized, so that an assignment is not possible (IP masking).

You can prevent the installation of cookies by a corresponding setting of the browser software; however, we point out that in this case not all features of this website may be fully utilized. You may also record the data generated by the cookie and related to your use of the website (including your IP address) and prevent Google from processing this data by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).

Alternative to the browser add-on, especially for browsers Mobile devices, you can also prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set that will prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

For more information about data protection in connection with Google Analytics, see the Google Analytics Help Center (https://support.google.com/analytics/ answer / 6004245? hl = DE).

c) Google Adwords Conversion Tracking

To statistically record the use of our website and to evaluate it for the purpose of optimizing our website, we also use Google Conversion Tracking. In this case, Google Adwords sets a cookie (see section 4) on your computer, provided that you have reached our website via a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer’s website and the cookie has not yet expired, Google and the customer may recognize that the user clicked on the ad and was redirected to that page.

Each Adwords customer will receive a different cookie. Cookies can not be tracked via the websites of Adwords customers.  The auxiliary Conversion-Cookie information is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers hear the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, you do not receive any information that personally identifies users.

If you do not want to participate in the tracking process, you can also opt out of setting a cookie, such as a browser setting that generally disables automatic cookies.  You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain “http://www.googleadservices.com/“. Google’s privacy policy on conversion tracking can be found here (https://services.google.com/sitestats/en.html).

d) WordPress Stats

We use “WordPress Stats” on our website. This is a web analytics service provided by Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA.
Auttomattic Inc. is certified under the EU-US Privacy Shield and guarantees Automattic that EU data protection standards will be met when processing data in the United States
https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active
Amongst other things, WordPress Stats uses cookies that are stored on your computer and that allow an analysis of the use of the website. As part of the use of data, in particular the IP address and activities of the users are processed and transmitted to a server of the company Automattic, Inc. and stored there. However, your IP address will be anonymized before it is saved.
WordPress Stats is used to analyze user behavior. The legal basis results from Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis and optimization of the website.
If you do not agree with this processing, you have the option to prevent the storage of cookies by a setting in your Internet browser. For more information on privacy when using WordPress Stats, please visit the following link: http://automattic.com/privacy/.

  1. Social Media Plug-ins

On our website we rely on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO social plug-ins from the social networks Facebook, Twitter and Instagram to make our company better known. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for the operation compliant with data protection is to be guaranteed by their respective providers. The integration of these plug-ins by us takes place in the way of the so-called two-click method to best protect visitors to our website.

a) Facebook

On our website social media plugins from Facebook are used to make their use more personal. For this we use the “LIKE” or “SHARE” button. This is an offer from Facebook.

If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and incorporated by the latter into the website.

By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or just not logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the US and stored there.

If you are logged in to Facebook, Facebook can directly link your visit to our website to your Facebook account. If you interact with the plugins, for example by pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on Facebook and displayed to your Facebook friends.

Facebook can use this information for the purpose of advertising, market research and tailor-made Facebook pages. For this purpose, Facebook uses user, interest and relationship profiles, etc. For example, to evaluate your use of our website in relation to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.

For the purpose and scope of data collection and the further processing and use of data by Facebook and their rights and options to protect your privacy, please refer to the privacy policy (https://www.facebook.com/about/privacy/) of Facebook.

b) Twitter

On our website are plugins of the short message network of Twitter Inc. (Twitter) integrated. The Twitter plugins (tweet button) can be recognized by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons).

When you visit a page of our website that contains such a plugin, a direct connection between your browser and the Twitter Server is made. Twitter receives the information that you have visited our site with your IP address. If you click on the Twitter “tweet button” while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We point out that we as the provider of the pages do not receive knowledge of the content of the transmitted data as well as their use by Twitter.

If you do not want Twitter to be able to allocate the visit to our pages, please log out of your Twitter user account.

Further information can be found in the Privacy Statement of Twitter (https://twitter.com/privacy).

c) Instagram

Our website also uses so-called social plugins (“plugins”) from Instagram, published by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).

The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. When you visit a page of our website that contains such a plugin, your browser connects directly to Instagram’s servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in to Instagram.

This information (including your IP address) is sent from your browser directly to an Instagram server in the US and stored there. If you’re logged in to Instagram, Instagram can instantly associate your visit to our website with your Instagram account. If you interact with the plugins, for example, press the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there.

The information will also be published on your Instagram account and displayed there to your contacts. If you do not want Instagram to directly associate the data collected through our website with your Instagram account, you must log out of Instagram before visiting our website. 

For more information, please read the privacy policy https://help.instagram.com/155833707900388 from Instagram.

d) YouTube

Our online offer includes YouTube videos stored on http://www.YouTube.com. These can be played directly from our website. The videos are all integrated in the “extended privacy mode”. This will not transfer data to YouTube if you are not playing the videos. Only when you play the videos, the following data will be transmitted. However, we have no influence on this data transfer.

When you visit the website, YouTube receives the information that you have accessed the corresponding sub-page. In addition, the data mentioned under (Google module) will be transmitted. This is done regardless of whether a user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to associate with your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and/or custom design of its website. Such an evaluation is done in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right to object to the creation of these User Profiles, and you must be directed to YouTube to use them.
Further information on the purpose and extent of the data collection and its processing by YouTube can be found in the Privacy Policy. It also gives you more information about your rights and how to set your privacy preferences: https://www.google.com/intl/en/policies/privacy. Google also processes your personal information in the US and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US Framework.

e) Use of Vimeo plugins

We use for example, the integration of videos through the provider Vimeo.  Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, NY, New York 10011.
On some of our websites we use plugins of the provider Vimeo. If you pull up the Internet pages of our Internet presence provided with such a plugin – for example our media library – a connection to the Vimeo servers will be established and the plugin will be displayed. This will be transmitted to the Vimeo server–which of our websites you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. When using the plugin for example to click on the start button of a video, it also assigns this information to your user account. You can prevent this association by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.
For more information about data processing and privacy by Vimeo, see https://vimeo.com/privacy.

  1. Affected rights

You have the right:

  • to request information about your personal data processed by us pursuant to Art. 15 DSGVO. In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a Complaint right, the origin of their data, if they were not collected from us, as well as the existence of an automated decision-making including profiling and possibly informative information about their details
  • in accordance with Art. 16 DSGVO, to immediately demand the correction of incorrect or completed personal data stored by us
  • in accordance with Art. 17 DSGVO, to demand the deletion of your personal data stored by us, unless the processing for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of Legal claims is required;
  • to demand the restriction of the processing of your personal data according to Art. 18 GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you assert this exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 DSGVO, to receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another person responsible;
  • according to Art. 7 para. 3 DSGVO, to revoke your once given consent to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future and
  • to complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
  1. Right to objection

If your personal data based on legitimate interests in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO are processed, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 DSGVO, provided that there are reasons for this arising from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which is implemented by us without specifying a special situation. If you would like to exercise your right of revocation or objection, please send an e-mail to ISO@thirdfloorcompany.com.

  1. Data Security

We use the popular SSL (Secure Socket Layer) method within the site visit, in conjunction with the highest level of encryption supported by your browser. In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we’ll use 128-bit v3 technology instead. Whether a single page of our website is encrypted is shown by the closed representation of the key or lock icon in the lower status bar of your browser.

We also take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

  1. Up-to-dateness and change of this data protection explanation

This privacy policy is currently valid and is valid as of May 2018.

1Data protection authorities require the use of Google Analytics for the completion of a contract data processing agreement. A template will be available at http://www.google.com/analytics/terms/en.pdf from Google.