Privacy policy

1. Preamble

DataGuardians GmbH, based in 9494 Schaan, Im Gapetsch 9a (hereinafter “DataGuardians”), processes information and personal data relating to you (hereinafter “data subject”). In principle, this information processing is carried out by DataGuardians in the context of existing or prospective business relationships, including the use of the website.

DataGuardians endeavors to protect your personal data in the best possiblea way.

The controller within the meaning of the EU General Data Protection Regulation (hereinafter “GDPR”) is DataGuardians.

This privacy policy describes the processing of personal data in connection with the provision of services by DataGuardians and its website. This privacy policy is based on the GDPR, the Data Protection Act (DSG) and the relevant special legal regulations.

DataGuardians reserves the right to amend the privacy policy if necessary. You should regularly check whether you agree with the changes made.

2. Personal data

Personal data is any information that can be used to directly or indirectly identify a natural person. This includes, for example, name, address, e-mail address, telephone number, date of birth, age, gender, tax identification number. Sensitive data (a specially protected category of data), such as health data or data in connection with criminal proceedings, is also included.

DataGuardians collects, processes and uses your personal data exclusively in accordance with the provisions of Art. 5 and 6 GDPR (contract, legal obligation, legitimate interest or consent of the data subject).

Only those personal data are collected that are necessary for the performance and processing of DataGuardians' services or that you have provided voluntarily.

3. Use of personal data

DataGuardians is subject to confidentiality and secrecy obligations that can be derived from data protection law, contract law or the DataGuardians Code of Conduct. DataGuardians is bound by these obligations when processing personal data. Personal data is processed (i) to fulfill a contract, (ii) to comply with legal or regulatory obligations, (iii) to pursue legitimate interests and (iv) to fulfill obligations in the public interest (e.g. to prevent or detect criminal offenses).

As a rule, personal data is processed on the basis of a contractual relationship, i.e. to establish, manage and implement the contractual relationship. In addition, data processing takes place for the purpose of maintaining and upholding customer relationships and for self-promotion purposes.

The following data is processed:

• Inventory data (e.g. names, addresses, dates of birth, nationality, marital status, title, gender)
• Contact details (e.g. e-mail addresses, telephone numbers, billing address)
• Usage data (e.g. websites visited, interest in content, access times)
• Meta/communication data (e.g. device information, IP addresses)
• Technical data (e.g. Internet service provider, browser type, browser fingerprint, time zone settings, location, operating system, information on the mobile network)
• Identification features that are assigned to you (e.g. customer number)

3.1 Newsletter

You have the option of subscribing to a newsletter via the DataGuardians website. To do this, we require your e-mail address and your declaration that you agree to receive the newsletter and to the storage, processing and retention of the data.

You can cancel your subscription to the newsletter at any time.

We send our newsletter with Mailchimp and use functions of the newsletter service Mailchimp of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA, on this website to record newsletter registrations.

General information about Mailchimp: Rocket Science Group LLC (Mailchimp) maintains online platforms that allow its users to stay in touch with their subscribers, primarily via email. It allows users to upload email addresses and other subscriber profile information, such as name, physical address and other demographic information, to the Mailchimp database. This information is used to send emails and enable the use of certain other Mailchimp features for those users. In accordance with its published privacy policy, Mailchimp shares some information with third parties to provide and support the services that Mailchimp offers to users. Mailchimp also shares some information with third-party advertising partners to better understand users' needs and interests in order to provide more relevant content and targeted advertising to those users and others.

Newsletter registration

If you register for our newsletter on our website, the data you enter will be stored by Mailchimp.

Deletion of your data

You can revoke your consent to receive our newsletter at any time by clicking on the link at the bottom of the newsletter. If you have unsubscribed by clicking on the unsubscribe link, your data will be deleted from Mailchimp.

Newsletter evaluation

When you receive a newsletter via Mailchimp, information such as IP address, browser type and email program is stored in order to provide us with information on the performance of our newsletter. Mailchimp can determine whether the email has arrived, whether it has been opened and whether links have been clicked by means of the images integrated in the HTML emails called web beacons (more information can be found at https://kb.mailchimp.com/reports/about-open-tracking). All this information is stored on Mailchimp's servers, not on this website.

Information on data protection at Mailchimp (Privacy) can be found at https://mailchimp.com/legal/privacy/ nachlesen.

3.2 Cookies

DataGuardians uses cookies on its website to obtain information about the use of the website. Cookies are small files that are stored on your computer and are used to save page settings. This means that certain information does not have to be repeated when you visit the website again. You can prevent the installation of cookies by setting your browser software accordingly and delete any cookies that have been set by a company website. By not taking these measures, you consent to the use of cookies when using the company website.

When the company's website is used, access data (e.g. log files, IP address, date and time of access, name of the file accessed, access status, top-level domain, web browser used, operating system used) is stored. DataGuardians uses this data for statistical purposes and for technical evaluations, to optimize the server infrastructure, to determine access frequencies and, finally, to be able to draw conclusions for improving user-friendliness and functionalities.

A distinction is made between the following cookie types and functions:

• Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online service and closed his/her browser.
• Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. The interests of users that are used for reach measurement or marketing purposes can also be stored in such a cookie.
• First-party cookies: First-party cookies are set by DataGuardians itself.
• Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called “third parties”) to process user information.
• Necessary (also “essential” or “absolutely necessary”) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to save logins or other user input) or for security reasons).
• Statistical, marketing and personalization cookies: Furthermore, cookies are generally also used in the context of reach measurement and when the interests of a user or his/her behavior (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This process is also referred to as “tracking”, i.e. tracking the potential interests of users.

If we use cookies or “tracking” technologies, we will inform you separately in our privacy policy or when obtaining consent.

Notes on the legal basis

The legal basis on which we process your personal data using cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is the declared consent. Otherwise, the data processed using cookies will be processed on the basis of our legitimate interests (e.g. in the business operation of our online offering and its improvement) or, if the use of cookies is necessary to fulfill our contractual obligations.

General information on revocation and objection (“opt-out”)

Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can also declare your objection by means of your browser settings, for example by deactivating the use of cookies (although this may also restrict the functionality of our online offer).

Processing of cookie data on the basis of consent

Before we process or have data processed in the context of the use of cookies, we ask users for their consent, which can be revoked at any time. Before this consent has not been given, cookies that are necessary for the operation of our online offer may be used. They are used on the basis of our interest and the interest of users in the expected functionality of our online offering.ookie data on the basis of consent

• Processed data types: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Affected persons: Users (e.g. website visitors, users of online services).
• Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR), Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

3.3 LinkedIn

A component of the LinkedIn Corporation is integrated on this website. LinkedIn is an internet-based social network that enables users to connect with existing business contacts and make new business contacts. Over 400 million registered people use LinkedIn in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside the USA.

Each time the DataGuardians website is accessed, which is equipped with a LinkedIn plugin (LinkedIn button), this causes the browser used by the data subject to download a corresponding representation of the LinkedIn plugin. Further information about the LinkedIn plugins can be found at https://developer.linkedin.com/plugins can be retrieved. During the course of this technical procedure, LinkedIn gains knowledge of what specific sub-page of the DataGuardians website was visited by the data subject.

If the data subject is logged in to LinkedIn at the same time, LinkedIn recognizes which specific subpage the data subject is visiting each time the data subject accesses the DataGuardians website and for the entire duration of their stay on the website. This information is collected by the LinkedIn plugin and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks on a LinkedIn button integrated on the website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn always receives information via the LinkedIn plugin that the data subject has visited the website if the data subject is logged in to LinkedIn at the same time as accessing the DataGuardians website; this takes place regardless of whether the data subject clicks on the LinkedIn plugin or not. If the data subject does not want this information to be transmitted to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before accessing our website.

LinkedIn offers the option to unsubscribe from email messages, SMS messages and targeted ads and to manage ad settings at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which can set cookies. Such cookies can be stored under https://www.linkedin.com/legal/cookie-policy be rejected. The applicable data protection provisions of LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy available.The LinkedIn cookie policy is available at https://www.linkedin.com/legal/cookie-policy available.

3.4 Google Maps

For our website, we use Google Maps to display our location and to provide directions. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.

If you call up the Google Maps component integrated into our website, Google stores a cookie on your end device via your Internet browser. Your user settings and data are processed in order to display our location and create directions. We cannot rule out the possibility that Google uses servers in the USA.

The legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in optimizing the functionality of our website.

This connection to Google enables Google to determine from which website your request has been sent and to which IP address the directions are to be sent.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. Details on this can be found above under “Cookies”.

In addition, the use of Google Maps and the information obtained via Google Maps is subject to the Google Terms of Use: https://policies.google.com/terms?gl=DE&hl=de and the terms and conditions for Google Maps https://www.google.com/intl/de_de/help/terms_maps/.

In addition, Google provides information in particular on the options for preventing the use of data at: https://adssettings.google.com/authenticated und unter https://policies.google.com/privacy further data protection information.

3.5 Google Tag-Manager

For our website, we use the Google Tag Manager from Google Inc. Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for the European region. The Google Tag Manager serves as a tool for managing and controlling cookies, conversion pixels or tracking codes of programs. The information collected on the website via cookies is forwarded directly to the relevant tools for further processing. Working with Tag Manager is efficient and simplifies the management of tracking and cookies. In addition, Tag Manager offers support for third-party tag organization and version control and community-developed tag templates, as well as enterprise collaboration and security features.

3.6 Integration of third-party software, scripts or frameworks

We integrate software into our online offering that we retrieve from servers of other providers (e.g. function libraries that we use for the purpose of displaying or user-friendliness of our online offering). The respective providers collect the IP addresses of the users and can process them for the purpose of transmitting data to the users' browsers as well as for security purposes and for the evaluation and optimization of their offer.

Processed data types: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), contact data (e.g. email addresses, telephone numbers), content data (e.g. text input, photographs, videos).

Persons concerned: Users (e.g. website visitors, users of online services), communication partners.

Purposes of the processing: Provision of our online services and user-friendliness, Contact requests and communication, Direct marketing (e.g. by e-mail or post), Tracking (e.g. interest/behavioral profiling, use of cookies), Interest-based and behavioral marketing, Profiling (Creating user profiles), Contractual services and support.

Legal basis: Consent (Art. 6 para. 1 lit. a GDPR), Legitimate interests (Art. 6 para. 1 lit. f. GDPR).

The following third-party software, scripts or frameworks are used:

• Google Font API: We use Google Fonts on our website. These are the “Google Fonts” of Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. You can find more information at https://fonts.google.com/ or https://developers.google.com/fonts/faq/. No cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. You can find the privacy policy at https://www.google.com/intl/de/policies/privacy/.
• Contact Form 7: Contact Form 7 can manage numerous contact forms. Forms and email content can be flexibly customized with simple markup. The form allows Ajax-supported sending, CAPTCHA, Akismet spam filtering and so on. Further information can be found at https://de.wordpress.org/plugins/contact-form-7/.

The websites may be linked to the websites of other operators or to content on the websites of other operators. The Group companies have no influence on the websites of other operators (hereinafter referred to as “third-party websites”) and therefore cannot assume any responsibility or liability for the accuracy, completeness, timeliness or legality of the content of third-party websites or for their data processing practices. Please therefore also note the data protection declarations of the respective third-party websites.

Data transmission over the Internet may be subject to security vulnerabilities. Therefore, absolute data protection (e.g. against access by third parties) cannot be guaranteed.

4. Collection of data

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:

• Information about the browser type and version used
• Operating system used
• Terminal device type
• Referral URL (the previously visited website)
• Host name of the accessing computer (IP address)
• The identification number of your end device (UDID)
• Date and time of the server request
• Amount of data transferred
• Notification of successful retrieval

We store this information for a maximum period of six months. It is stored for data security reasons in order to ensure the stability and operational security of our system. The data is used internally for forensic investigations in the event of hacking attacks or for other security-related analyses. In this way, we guarantee the security of your data on our systems and ensure that countermeasures can be taken quickly to protect your data in suspected cases. Otherwise, the aforementioned visitor and usage data is not analyzed. This data is also not merged with other data.

The legal basis for data processing is Art. 6 para. 1 lit. b GDPR, as we need the automatically collected data in the course of the pre-contractual legal relationship with regard to the effective provision of the website, as well as Art. 6 para. 1 lit. f GDPR, as the storage serves the legitimate interest of DataGuardians to ensure the stability and security of the website.

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. You can tell whether an individual page is transmitted in encrypted form by the closed display of the key or lock symbol in the address bar of your browser. We also use other suitable technical and organizational security measures (e.g. encryption, access restrictions, access restrictions and checks, confidentiality agreements, employee training) to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

5. Transfer of personal data to third parties

The personal data collected in the course of DataGuardians' business activities is generally not passed on to third parties.

However, in order to fulfill business orders, it is possible that your data may be forwarded to third parties due to technical processing requirements or legal regulations. Your data will be forwarded in accordance with the provisions of the GDPR.

Furthermore, we inform you that DataGuardians may obtain information about you from third parties as part of its business activities and to fulfill legal due diligence obligations.

DataGuardians only transfers your personal data to countries that have been certified by the EU Commission as having an adequate level of data protection. If DataGuardians transfers your personal data to countries that have not been certified as having an adequate level of data protection, DataGuardians will take measures to ensure the protection of your data by contracting with recipients in these countries in accordance with the standard contractual clauses.

6. Protection of personal data

DataGuardians takes appropriate technical and organizational measures to protect all data from loss, unauthorized access or misuse, both in relation to data processing and data storage and in relation to its website.

Regardless of the measures taken to protect data, you must be aware that data transmission via the internet - this applies to both websites and email services - is uncontrolled and cross-border. Even if the sender and recipient are located in the same country, data may be transmitted across borders. DataGuardians can therefore not guarantee the confidential treatment of data transmitted via the Internet. If you disclose personal data via the Internet, you must be aware of the fact that third parties can access this information, read, change, falsify, monitor, destroy or misuse the data. Data transmission may also be delayed. Furthermore, data may be lost during transmission. Furthermore, third parties could draw conclusions about existing business relationships. Therefore, no responsibility can be assumed for the security of your data during transmission via the Internet. We do not accept any liability for direct or indirect damage.

7. Storage of personal data

The DataGuardians systems required for data processing are located in the EEA. The data transmitted by you will be stored for at least six months and will remain stored for as long as is operationally necessary or required by law.

8. Your rights

Right to information

You have the right to request information about the data concerning you that is stored by DataGuardians. A request for information must be sent to DataGuardians in writing together with proof of identity.

Upon receipt of your request for information, you will be provided with information within the statutory period of 30 days. The information may be refused, restricted or postponed if this is provided for by law or is necessary due to the overriding interest of a third party or DataGuardians.

The request for information can be combined with a request for correction or deletion of data.

Right to rectification or erasure

You have the right to request in writing and free of charge the rectification or erasure of data concerning you if it is incorrect or has been stored or processed unlawfully. A reasoned request for rectification or erasure must be sent to DataGuardians together with proof of identity.

Your request for correction or deletion will be processed within a reasonable period of time after receipt. You will then receive confirmation that your request for correction or deletion has been processed.

Under certain circumstances, legal regulations may prevent deletion. In such a case, DataGuardians will only process the data concerning you to the extent necessary to fulfill its legal obligations.

Right of objection or revocation

You have the right to object in writing to the processing of data concerning you in whole or in part or to withdraw your consent to data processing. An objection or revocation must be sent in writing to DataGuardians together with proof of identification.

The receipt of your objection or revocation will be confirmed to you and the data concerned will subsequently be deleted.

Compliance with an objection or revocation may, under certain circumstances, conflict with statutory provisions. In such a case, DataGuardians will only process the data concerning you to the extent necessary to fulfill its legal obligations.

Blocking right

You have the right to block the data concerning you from being passed on to third parties. A request for blocking must be sent to DataGuardians in writing, enclosing proof of identity.

Receipt of your request for blocking will be confirmed and your request will be processed within a reasonable period of time.

Under certain circumstances, blocking may be prevented by legal regulations. In such a case, DataGuardians will only pass on the data concerning you to third parties to the extent necessary to fulfill its legal obligations.

Right of appeal

You have the right to lodge a complaint with the competent Liechtenstein supervisory authority. You can also contact another supervisory authority of an EU or EEA member state, e.g. at your place of residence or work or at the place of the alleged infringement.

The contact details of the data protection authority responsible in Liechtenstein are as follows:

Liechtenstein Data Protection Authority

Städtle 38
Postfach 684
LI-9490 Vaduz
+423 236 60 90
info.dss@llv.li

9. Contact

If you have any questions about data protection and data processing, please contact DataGuardians in writing. You can reach us as follows:

DataGuardians GmbH
Im Gapetsch 9a
9494 Schaan
Principality of Liechtenstein
datenschutz@dataguardians.li