The protection of your data matters to us

Here you can find our privacy policy

 

Privacy Policy COYO Cloud and COYO Engage

By using COYO you entrust us with your data. Their protection is paramount. Hence, the objective of this privacy policy is to transparently inform you, as a user of COYO software, about

– what kind of data will be processed,
– why it is processed,
– how we use the data,
– how and when the data is deleted,
– what rights you have,

so you can assess the legitimacy of the data processing and exercise your rights.


I. Scope and definitions

COYO offers companies a social intranet as a service for internal information provision, communication and networking.
This privacy policy applies to COYO customers and their employees, as well as any other end users identified by the customer. It includes all associated services (COYO services), among others the use of the COYO software as a social intranet on the desktop, as webview app or mobile app. The term "customer" refers to those companies that use the COYO software and have concluded corresponding contracts or maintain pre-contractual relationships with us, the COYO GmbH.

"End users" are primarily the employees of such companies, but possibly also their suppliers, sales representatives, etc. who actively use the COYO software and thus implement an individual social intranet. COYO is not in a direct contractual relationship with the end users, we only stipulated a contract with the customer. Customers choose between COYO Cloud and COYO Enterprise (on premise) versions. Note that Enterprise customers operate the COYO software in their own data centres or at the host of their choice and process data there. End users of such a customer should therefore additionally take into account the privacy policy of their company. Once the customer opts for COYO Cloud for its internal corporate intranet, we will act on its behalf and process the personal data provided to us according to its instructions. The customer decides why and how personal data of its end users are processed. It is responsible for data processing in the context the COYO software use.


II. Contact

The contract for the use of the COYO software is in place with our customer. In case of any questions regarding data protection, please contact them. General questions about the app, including privacy law aspects, can also be directed to our own data protection officer at dpo@coyoapp.com or by mail to the following address, to the attention of the “data protection officer":

COYO GmbH, Gasstraße 6a, 22761 Hamburg

If, in exceptional cases, you do not go through your company, but directly write to us by e-mail or mail, we will store your name, e-mail or postal address and telephone number, if you provided them, so that we can reply to you. Once the correspondence with you is completed, thus the storage of the data is no longer necessary, we will delete the data or limit the processing.


III. Reservation to change

The circumstances and purposes of the data processing may change. Should your rights or freedoms be affected in such cases, we will inform you about the adjustment of our privacy policy in good time and detail.


IV. Data processing when using COYO services

By using the COYO services, connection data can be collected automatically in addition to the data you provide yourself. The information that are relevant to you and therefore particularly worthy of protection for us are those by means of which you can be personally identified, e.g. name, e-mail address, telephone number – so-called "personal data". We process these only to the extent that we have been instructed to do so by the responsible customer or to the extent it is necessary in order to provide you with an optimal user experience of COYO as the digital home of your company.

 

1. Automatically processed data
a) Access data

By using the COYO Services your device automatically transmits information to our server, which are stored temporally, so-called logfiles. These include:

– IP address,
– Browser,
– Operating system and device,
– Network,
– Date and time of request,
– The website making the request,
– Respective volume of data transferred


This data is technically necessary for us to display you our services and guarantee stability and security. Our interest in the collection of such data lies in the improvement of data protection as well as the network- and information security. The data is stored up to seven days and deleted afterwards, except a threat from the user has been discovered.


b) Cookies and Local Storage

For statistical evaluation and reach measurement we use cookies and local storage technology. Cookies are small text files that are stored on your hard disk in association with the browser you’re using and by which the body which sets the cookie (in this case, us) transmits certain information. Cookies cannot run programs our deliver viruses to your computer. They serve to make our services more user-friendly and effective.

Local storage stores data locally in the cache of your browser. This data is stored persistently, thus also remains stored after closing your browser window or the program. You may erase them by deleting your browser’s history. Local storage enables us to save your preferences when using COYO on your device, so they will be accessible the next time you visit. Following data may be stored locally:

– Your last login name,
– User language,
– If messaging sidebar is open,
– Your filter settings.

Third parties do not have access to the data stored in local storage. The data will neither be transmitted to third parties nor used for advertisement. We us this technology as well as the storage of cookies out of legitimate interest (Art. 6 (1) f) GDPR), to present you a user-friendly COYO.

You can configure your browser settings as desired and refuse to accept any cookies or delete them. You also receive an overview of all stored cookies and local data. On mobile devices identifier can be deactivated accordingly. You can figure out how that works in the help-menu of your device or browser settings. Please note that you may not be able to use all functions of our services.


2. Data provided by the user

The sharing of content and information by users lies within the nature of a social intranet. In addition to your registration, you also provide data by posting and commenting. The contracts with our customers or your company prevent us from using this content, unless it is necessary for the provision and optimization of our services or legally required. This is therefore not processed by us beyond the mere storage on the servers of our service providers. We also have no control over the content of this data, which is rather the responsibility of the customers instructing us. We also generally delete such data only at the request of the responsible person/customer or after the end of our contractual relationship with them.


a) Registration data

In order to be able to use COYO services, a user account must be created. Your name and e-mail address must be entered (mandatory information). In principle, there is no obligation to use a real name, which means that you are not forced to reveal your true identity, but you may also choose a pseudonym ("nickname"). Note that your company may require you to register with a real name. You may also voluntarily provide additional information to personalize your profile, such as date of birth, cell phone number, address, job title or department. The registration data is therefore collected so that you can register for the COYO services and use them. If – within the context of registration at your company (customer) – you give your consent to the use of COYO, the data will be processed on the basis of Art. 6 (1) a) GDPR. If COYO is used in your company without consent, the processing takes place on the basis of legitimate interests in accordance with Art. 6 (1) 1 f) GDPR. The responsible body is the customer in each case.

A complete deletion of the user account is not feasible, also in order to enable a reactivation on demand. However, in the event of an account being deleted by the end user, the customer has the option of setting a deadline after which the personal data is automatically anonymised. After this period of time, identification of the user is no longer possible, also a recovery is then excluded.


b) Communication data

The COYO services offer you the possibility to post your own content, to comment on others’ or to communicate with your employees via chat (see your company's internal terms of use). These are core functions of a social intranet, the data processing is therefore carried out for the purpose of providing our services. This in turn takes place on the basis of Art. 6 (1) 1 a) GDPR with express consent (see paragraph a) above) and otherwise according to Art. 6 (1) 1 f) GDPR. Your photos or camera will never be accessed without first obtaining your consent. Even with consent, only the photo you select will be accessed, never your entire library. You can later revoke or renew your consent at any time using the contact details listed in section II or directly in the settings of your device.

If you decide to delete your account, your posted content and comments will be retained for the time being - they belong to our customers, i.e. your company. However, your user name will be anonymized under each post or comment and usually displayed as "deleted user". If you would like to have specific content shared by you deleted, please contact your company's internal responsible superadmin.


c) Automatic translation function

With the automatic translation function, COYO offers its customers the possibility to integrate third-party translation software into their social intranet. If a customer signs a contract with such a provider for the use of its translation software, end users will be able to click and have individual posts automatically translated into the desired language, provided that this language is also included in the software. The text to be translated will necessarily be transmitted to the third-party provider. The providers of the translation software that can be imported via COYO guarantee without exception that the content of the text will not be used for purposes other than those of the translation service and will be deleted either immediately thereafter or after a short period of time. Please note that COYO only provides the option of an automatic translation function. The concrete contracts are concluded by the customer and the translation software provider. Accordingly, your company is responsible, the third party is data processor and their agreements apply. You can find out about the data security of possible providers here:
 https://www.deepl.com/pro-faq.html
 https://cloud.google.com/translate/data-usage


d) Analysis Tools Function

In addition, COYO customers have the opportunity to integrate third-party analysis tools into their social intranet. These tools help to collect, organize and analyse data in order to make relevant information available and e.g. improve performance or internal communication. A possible integration will be contractually made by the customer himself with the third-party provider. The extent to which personal data is processed in this context is therefore determined by this relationship and lies outside COYO's sphere of influence. If your company has integrated analysis tools, the corresponding data protection requests should be addressed to your internal company managers.


V. Data processing when using the COYO Engage and WebView App

In addition to using COYO on your desktop, we provide the corresponding webview app as well as the COYO mobile app "COYO Engage" (together, the "apps"), which you can download to your mobile device from the app store.


1. When downloading

Data transmitted by you to the app store, e.g. your payment information or customer number, will be collected and processed by the respective store operator. We are not responsible for this. To find out about this data processing, please check the corresponding privacy policy of the store operator.

 

2. Web Analysis Tools

For the apps, we use so-called web analysis tools. Similar to how we were commissioned by our customers to process data, we instruct (analysis) service providers to use data for us. They undertake to comply with the same data protection obligations as COYO GmbH and guarantee an appropriate level of data protection with their technical and organisational measures. They collect data regarding the behaviour of end users and help us to evaluate them in order to optimise our services and your experience with COYO. For example, we want to know how many end users use our apps, which functions they are most interested in and where there is still room for improvement. Hence, the goal of using analysis tools is to maximize usability. Analysis tools could identify individual users. However, as it is a regular collection of purely statistical data, a personal identification is not required. Rather, measures are taken to anonymise personal user data and thus to exclude a specific allocation to individual end users.
Listed below are the tools we use and the data they process exactly:

 

a) Google Analytics

Google Analytics is a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 ("Google"). It uses cookies or mobile identifiers, the collected information from which is transmitted to and stored by a Google server in the United States. Information that could identify you, namely your IP address, is automatically anonymized so that it cannot be traced back to you. Google has committed to applying the EU-US Privacy Shield, which requires to ensure the same level of data protection as required by the European Union and the European Economic Area. Google evaluates this statistical data on our behalf so that we can make our offering more interesting and user-friendly for you. The stored usage processes will be otherwise deleted after 14 months at the latest.

If you would like to learn more about Google Analytics, please visit the following links:
 https://marketingplatform.google.com/about/analytics/terms/us/
 http://www.google.com/intl/de/analytics/learn/privacy.html
 http://www.google.de/intl/de/policies/privacy

 

b) Google Firebase

For our apps we use the "Firebase" tracking service by Google. Firebase uses tracking technologies to analyse your use of our apps, e.g. for performance monitoring, for error logs and for the analysis of user behaviour, e.g. which screens were viewed, and which files were opened how often. The purpose of using Firebase is to analyse the use of our apps, to improve them regularly and thus to be able to operate them more economically. The statistics we collect allow us to improve our service and make it more interesting for you as a user. The legal basis for this data processing is Art. 6 (1) 1 f) GDPR, as we have a legitimate interest in the analysis, optimisation and economic operation of our apps and the data processing is necessary to maintain this interest. Firebase collects information about the use of our apps and transfers it to Google in Ireland or the USA, where it is stored. The data is only collected anonymously and transmitted to Firebase. There is no link to other user data. Google will use this information to evaluate your use of our apps and to provide us with other services related to the use of apps.

More information about Google Firebase and data protection is available at
 www.google.com/policies/privacy
 www.firebase.google.com

 

VI. Your rights

Here you can inform yourself what rights you have and how you can exercise them.

Our customer, i.e. your company is responsible for the processing of your personal data and the safeguard of your rights. We – assigned with the data processing – are committed to support our customer thereby and want to facilitate the exercise of your rights.

If you e.g. want to correct or delete personal data, with which you have registered in the social intranet of your company, please refer to the responsible person in your corporation. Should you contact us directly for this manner, we will forward your request to the responsible customer (i.e. your company) and await his instruction.

 

1. Right to access, Art. 15 GDPR

You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information:

why this is happening, what kind of data categories are being processed, to whom the personal data has been disclosed, how long the data will be stored or the criteria used to determine that period respectively, whether the right to request rectification or erasure of personal data or restriction of processing of personal data concerning you or to object such processing exists, at which supervisory authority you have the right to lodge a complaint and to what extent guarantees for the data transfer to a third country exists.

 

2. Right to rectification, Art. 16 GDPR

Should data concerning you be inaccurate or incomplete, you have the right to obtain rectification or completion respectively.

 

3. Right to data portability, Art. 20 GDPR

You have the right to receive the personal data concerning you and to transmit those data to another controller.

 

4. Right to restriction, Art. 18 GDPR

You have the right to obtain restriction of processing, if you contested the accuracy of the personal data or objected to processing, for a period enabling us to verify the accuracy or whether the legitimate grounds of us override those of you. You may also obtain restriction of processing, if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead or if the data is not needed anymore for the purposes of the processing, but they are required by you subject for the establishment, exercise or defense of legal claims.
We will then subject to the instruction of the customer and ensure, that your data still remains, but is excluded from processing. You will be informed in time, if the restriction is lifted again.

 

5. Right to erasure, Art. 17 GDPR

In case your personal data is no longer necessary in relation to the purposes for which they were collected, you objected to the processing or withdrew consent on which the processing is based or there is no other legal ground for the processing, you have the right to obtain the erasure of personal data concerning you without undue delay (‘right to be forgotten’). The same applies, if the data has been unlawfully processed, except you refuse the erasure and exercise your right to restriction.
Your data will not be erased, if the processing is necessary to fulfil a legal obligation. In such cases we restrict the processing subject to the instruction of the customer. We will act accordingly, in cases where the data is necessary for the establishment, exercise or defense of legal claims.

 

6. Right to lodge a complaint, Art. 77 GDPR

You additionally have the right to lodge a complaint with a supervisory authority, if you consider that the processing of personal data relating to you on behalf of the customer infringes GDPR.


You can therefor appeal to the supervisory authority of the state in which the customer has its registered office. You can find the address here:
 https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html


VII. Right to object pursuant to Art. 21 GDPR and consent withdrawal

You can at any time object to processing which is based on the purposes of legitimate interests. In exercising your right to object you should state the reasons, why the processing should be stopped. Your interest thereby needs to override the interest of our customer to process. This can rely on grounds relating to your particular situation. In case of a reasoned objection, we will together with your company examine the situation and either no longer process your personal data or adapt the processing accordingly or demonstrate compelling legitimate grounds for the processing. Given consent to the processing can be withdrawn at any time.

 

VIII. Data security

We have taken technical and organizational security measures to prevent unwanted access to your data. In particular, we encrypt any transfer to the SSL / TLS standard in conjunction with the respectively highest encryption level supported by your browser or device. Our employees are committed to confidentially and carefully handle personal data. In addition, all service providers have been checked by us.

We also use appropriate technical and organisational security measures in accordance with our internal data protection concept to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.


IX. Overview of purposes for processing

For a better understanding and to facilitate the exercise of your rights, we have gathered information about the categories, purposes and legal basis for processing of personal data on the behalf of our customer.

Category Purpose 43rding to GDPR
Contact Contact COYO directly (exception) Art. 6 (1) 1 a) consent
Access Provision of services, data security and protection Art. 6 (1) 1 f) legitimate interest
Cookies Optimization of services, personalization Art. 6 (1) 1 f) legitimate interest
Local storage Optimization of services, personalization Art. 6 (1) 1 f) legitimate interest
Registration Provision of services, contact Art. 6 (1) 1 a) consent or Art. 6 (1) 1 f) legitimate interest (depending on internal company processes)
Use Provision of services, optimization of services, personalization, data security and protection Art. 6 (1) 1 a) consent or Art. 6 (1) 1 f) legitimate interest (depending on internal company processes)
Analysis Optimization of services, personalization, data security and protection Art. 6 (1) 1 f) legitimate interest

 



With regard to above legal grounds, it should be noted that § 26 BDSG (German Federal Data Protection Act) only applies in the employment context, i.e. in relation to the employment contract between the employer and the employee. However, since COYO is not used in the employment context, but as a communication and collaboration tool in the company, where external persons are also involved, the processing takes place on the basis of Art. 6 GDPR.

As of 24 July 2019

 

 

§ 1 Information related to the collection of personal data

For the purposes of the present agreement, the following definitions shall apply

 

(1)  Below, we provide information on the collection of personal data when using this website. Personal data are all data that are personally referable to you, such as name, address, email addresses and user behavior.

 

(2)  Responsible party, in accordance with Article 4 para. 7 of the General data protection regulation (GDPR) adopted in the European Union is COYO GmbH, Gasstraße 6, 22761 Hamburg / Germany (see our legal information). You can contact our data protection officer at dpo@coyoapp.com or our postal address
with the addition "the data protection officer".

 

(3)  When you contact us via e-mail or via a contact form, the data you provide (your e-mail address, and if applicable your name and your telephone number) will be stored by us in order to answer your questions.

We will erase the data collected in this context after its storage is no longer required, or otherwise limit its further processing if we are required by law to continue retaining it.

 

(4)  In case we employ contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes. We also specify the defined criteria for the storage period.


§ 2 Your rights

(1) You have the following rights towards us regarding your personal data:

–  Right to information,
–  Right to correction or deletion,
–  Right to limitation of processing,
–  Right to object to processing,
–  Right to data transferability.

 

(2) You also have the right to file a complaint with a data protection supervisory authority concerning our processing of your personal data.

 

§ 3 Collection of personal data when visiting our website

(1) If you use the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which are technically necessary for us to display our website to you and to guarantee stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f GDPR):

–  IP address
–  Date and time of request
–  Time zone difference from Greenwich Mean Time (GMT)
–  Content of the request (concrete page)
–  Access Status/HTTP status code
–  Respective volume of data transferred
–  The website making the request
–  Browser
–  Operating system and device
–  Language and version of browser software.

 

(2)  In addition to the aforementioned data, cookies are stored on your computer when you use our website, if you have given us your consent. Cookies are small text files that are stored on your hard disk in association with the browser you're using and by which the body which sets the cookie (in this case, me),
transmits certain information. Cookies cannot run programs or deliver viruses to your computer. They serve to make our site more user-friendly and effective.

 

(3)  Use of cookies:

(a) This website and our services use the following types of cookies,the scope and functionality of which are explained below:

–  Transient cookies (see b)
–  Persistent cookies (see c).

 

(b)  Transient cookies are automatically deleted when you close the browser. These especially include session cookies.These store a session ID which assigns the various requests made by your browser during the joint session.This allows your computer to be recognized when you return to the site. Session cookies
are deleted when you log out or close the browser.

 

(c) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie in question. You can delete cookies at any time in the security settings of your browser.

 

(d)  You can configure your browser settings as desired and refuse to accept third-party or any cookies. Please note that you may not be able to use all functions of this website.

 

(e)  The Flash cookies used are not recorded by your browser, but by your Flash plug-in. We also use HTML5 storage objects that are stored on your mobile device. These objects store the required data independently of your browser and do not have an automatic expiry date. If you do not wish the Flash cookies to be processed, you must install an appropriate add-on, e.g. "Better Privacy" for Mozilla Firefox WWW.COYOAPP.COM 3 (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using private mode in your browser. We also recommend that you regularly delete your cookies and your browser history manually.

 

§4 Further features and offers on our website

(1)  In addition to the purely informational use of our website, we offer various services that you can use if interested. For this purpose, you must provide further personal data which we use to provide the respective service and to which the aforementioned data processing principles apply.

 

(2)  In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked.

 

(3)  Furthermore, we may disclose your personal data to third parties if we offer promotions, competitions, contracts or similar services together with partners. For more information, please provide your personal data or see the description of the offer below.

 

(4)  If our service providers or partners are located in a country outside the European Economic Area (EEA), in the description of the offer we will inform you of the consequences of this circumstance.

 

§ 5 Newsletter

(1)  With your consent you can subscribe to our newsletter, with which we inform you about our current interesting offers. The goods and services to be advertised will be named in the consent form.

 

(2)  To register for our newsletter, we use the "double opt-in" procedure. This means that after your registration we will send you an e-mail to the specified e-mail address in which we ask you to confirm that you would like the newsletter to be sent. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and the time of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.

 

(3)  The only required information for sending the newsletter is your email address. The indication of further, separately marked data is voluntary and is used to be able to address you personally. After your confirmation we will save your e-mail address for the purpose of sending you the newsletter. The legal basis is art. 6 para. 1 p. 1 lit. a GDPR

 

(4)  You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter email, by sending an email or by contacting us in one of the ways listed in the legal notice.

 

(5)  We would like to point out that we evaluate your user behavior when sending the newsletter. For this analysis, the e-mails sent contain so-called web beacons or tracking pixels, which are stored on our website. For evaluation purposes, we link the above data (para. 3) and web beacons to your e-mail address and an individual ID. Links included in the newsletter also contain this ID]With the data obtained in this way, we create a user profile to tailor the newsletter to your individual interests. This means we can record when you read our newsletter, which links you click on in it, and keep track of your personal interests. We link these data with the way how you will use our website.

You can object to this tracking at any time by contacting us. The information is stored for as long as you have subscribed to the newsletter. After a cancellation we store the data purely statistically and anonymously. Such tracking is also not possible if you have deactivated the display of images in your email program by default. In this case the newsletter will not be displayed completely and you may not be able to use all functions. If you display the images manually, the above-mentioned tracking will occur.

 

§ 6 Objection or revocation against the processing of your data

(1)  If you have given your consent to the processing of your data, you can revoke this at any time. If you exercise this right, this will affect our ability to process your personal data after you have already given it to us.

 

(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if processing is not necessary in particular to fulfil a contract with you, which is described by us in the description of the functions. When exercising such objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust data processing or point out to you our compelling reasons worthy of protection, on the basis of which we will continue processing.

 

(3) Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us of your advertising objection at the following contact details:
dpo@coyoapp.com

 

§ 7 Web analytsics

1. Use of Google Analytics

(1)  This website uses Google Analytics, if you have given us your consent, a web analysis service of Google Inc. ("Google"). Google Analytics uses "cookies", text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is enabled on this website, your IP address will first be truncated by Google within the Member States of the European Union or other parties to the agreement on the European Economic Area.

Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and internet usage for the website operator.

 

(2)  The IP address transmitted by your browser within Google Analytics is not merged with other Google data

 

(3)  You can prevent cookies from being stored by selecting the appropriate settings in your browser; however, we wish to point out that by doing so, you may not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies concerning your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link:
http://tools.google.com/dlpage/gaoptout?hl=de

 

(4)  This website uses Google Analytics with the extension "_anonymizeIp()". As a result, IP addresses are further processed in truncated form, so that reference to individuals can be ruled out. If the data collected about you is personally identifiable, it will be blocked immediately and the personal data deleted as soon as possible.

 

(5)  We use Google Analytics to analyses and regularly improve the use of our website. We can improve our offer and make it more interesting for you as a user. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework, for exceptional cases in which personal data is transferred to the USA. The legal basis for the use of Google Analytics is Art. 6 para. (1) sub-paragraph 1 (f) of the GDPR.

 

(6)  Third party provider information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User conditions: http://www.google.com/analytics/terms/de.html, Overview of data Security:
–  http://www.google.com/intl/de/analytics/learn/privacy.html and the Privacy Policy:
–  http://www.google.de/intl/de/policies/privacy

 

(7)  This website also uses Google Analytics for an analysis of visitor flows across all devices that is carried out via a user ID (Google Universal Analytics). You can disable the device cross-analysis of your use in your account under "My data", "personal data".

 

2. Use of Hubspot

COYO uses Hubspot, a service of Hubspot Inc., on its website for analysis purposes, if you have given us your consent. Hubspot is certified under the EU-US Privacy Shield . So-called "web beacons" are used here and "cookies" are also set, which are stored on your computer and enable us to analyze your use of the website. Hubspot evaluates the recorded information (e.g. IP address, geographical location, type of browser, duration of the visit and pages accessed) on our behalf in order to generate reports on the visit and the pages visited. If you subscribe to our newsletter as described under §5, as well as download other documents, we can use Hubspot to record your visits to our website with your additional information (above all your name/email address) and, if necessary, to inform you specifically about your preferred topics. If you generally do not want Hubspot to collect data, you can prevent cookies from being stored at any time using your browser settings (see §3 of the data protection declaration). For more information on how Hubspot works, please refer to the Hubspot Inc. privacy policy: http://legal.hubspot.com/de/privacy-policy

 

3. Use of intercom.io

If you have given us your consent, we use the technology of the provider Intercom of Intercom Inc., 98 Battery Street, Suite 402, San Francisco, CA 94111, USA, to send our messages by email and live chat and to evaluate the use of our website by users.

We transmit a limited amount of your data (such as email address and date of registration) to Intercom and use Intercom for statistical analysis of your use of our website. Intercom analyses the use of our website and tracks our customer relationships with the aim of improving our services for you. We also use Intercom to send messages via email and live chat on our website. As part of our service contract, Intercom collects publicly available contact information related to you, such as email addresses, gender, company, position, photos, website URLs, social networks and addresses, with the aim of improving your user experience.

Further information on data protection at Intercom can be found at http://docs.intercom.io/privacy. The terms of use of Intercom can be found at http://docs.intercom.io/terms. As described above under para II. you can revoke your consent to the storage and use of your data at any time to send further offers by email and live chat, including each email message with further offers contains a corresponding link "unsubscribe".

 

4. Use of being Universal Event Tracking

Our website uses Bing Ads technology to collect and store data from which user profiles are created using pseudonyms. This is a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service enables us to track the activities of users on our website when they arrive via Bing Ads. If you enter our website via such an ad, a cookie is placed on your computer. A Bing UET tag is integrated into our website. This is a code that is used in conjunction with the cookie to store some non-personal information about your use of the site. This includes, but is not limited to, the time spent on the website, which areas of the website have been accessed and the ad which was used to access the website. Information about your identity is not collected.

The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by deactivating the use of cookies. This may limit the functionality of the website under certain circumstances.

In addition, Microsoft may use cross-device tracking to track your usage patterns across multiple electronic devices, enabling Microsoft to display personalized advertisements on Microsoft Web sites and apps. You can disable this behavior at https://choice.microsoft.com/de-de/opt-out.

For more information about Bing's analytics services, please visit the Bing Ads website (https://help.bingads.microsoft.com/#apex/3/de/53056/2).

 

For more information about Microsoft's and Bing's privacy practices, see Microsoft's Privacy Policy (https://privacy.microsoft.com/de-de/privacystatement).

 

5. Use of LinkedIn Insight

On our website we use the "LinkedIn Insight Tag", a tracking technology of the platform LinkedIn, an offer of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2 (Ireland). LinkedIn's above technology allows you to view more relevant advertisements based on your interests. LinkedIn also provides us with aggregated and anonymous reports of advertising activity and information about how you interact with our website.

LinkedIn uses cookies to do this. The information collected through the cookie is used to compile the aforementioned anonymous statistics and reports and to play advertisements based on your interests.

For more information about LinkedIn's privacy practices, please visit LinkedIn:
https://www.linkedin.com/legal/privacy-policy

You may opt-out of LinkedIn's analysis of your usage patterns and of the display of interest-based recommendations under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

 

6. Use of LuckyOrange

We use the LuckyOrange analysis service on our website to improve usability and customer experience. Mouse clicks as well as mouse and scroll movements can be recorded. Keystrokes can also be recorded on this website. However, the recording is not personalized and therefore remains anonymous. LuckyOrange does not record this data on pages that do not use the LuckyOrange system. You can deactivate the LuckyOrange service at https://www.luckyorange.com/disable.php.

 

§ 8 Social media

1. Use of social media plug-ins

(1)  If you have given us your consent, we use the following social media plug-ins: Facebook, Google+,Twitter, Xing, T3N, LinkedIn, Flattr, Instagram.We use the so-called two-click solution. This means that if you visit our site, initially no personal data will be passed on to the providers of these plug-ins. You can recognize the provider of the plug-in by the marking on the box above its initial letter or the logo. We offer you the possibility to communicate directly with the provider of the plug-in via the button.Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. In addition, the data mentioned under section § 3 of this declaration will be transmitted. In the case of Facebook and Xing, the IP address is anonymized immediately after collection, according to the respective provider in  Germany. By activating the plug-in, data is automatically transmitted to the respective plug-in provider and stored there (US providers in the USA). Since the plug-in provider collects data mainly via cookies, we recommend you to delete all existing cookies before clicking on the grayed-out box using your browser's security settings.

 

(2)  We have no influence on the data collected and data processing processes, nor are we aware of the full extent of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

 

(3)  The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation is also made for users who are not logged in, to display customized advertising and to inform other users of the social network about activities on our website. You have a right to object to the creation of these user profiles. You must contact the respective plug-in provider to exercise this right. Through the plug-ins we offer you the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. (1) sub-paragraph 1 (f) of the GDPR.

 

(4)  The data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. When activating the activated button and link the page, for example, the plug-in provider also stores this information in your user account and communicates this to your contacts in public. We recommend that you log out regularly after using a social network, especially before activating the button, as this way you can avoid being assigned to your
profile with the plug-in provider.

 

(5)  For more information on the purpose and extent of the data collection and its processing by the plug-in provider, please refer to the privacy statements of these providers provided below. Here, you will also find further information on your rights and settings options for protecting your privacy.

 

(6)  Addresses of the respective plug-in providers and URL with their data protection information:

 

(a)  Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA;
http://www.facebook.com/policy.php; further information on data collection:
http://www.facebook.com/help/18632566808508,
http://www.facebook.com/about/privacy/your-info-on-other#applications and
http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the
EU-US privacy shield, https://www.privacyshield.gov/EU-US-Framework

(b)  Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA;
https://www.google.com/policies/privacy/partners/?hl=de. Google has submitted to the EU-US
privacy shield (https://www.privacyshield.gov/EU-US-Framework)

(c)  Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA;
https://twitter.com/privacy Twitter has submitted to the EU-US privacy shield,
https://www.privacyshield.gov/EU-US-Framework.

(d)  Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.

(e)  T3N, yeebase media GmbH, Kriegerstr. 40, 30161 Hanover, Germany; https://t3n.de/store/page/datenschutz

(f)  LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, United States;
http://www.linkedin.com/legal/privacy-policy LinkedIn has submitted to the EU-US privacy shield,
https://www.privacyshield.gov/EU-US-Framework.

(g)  Flattr Network Ltd.with headquarters at 2nd Floor, White bear yard114A, Clerkenwell Road, London,
Middlesex, England, EC1R 5DF, Great Britain; https://flattr.com/privacy.

(h)  Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA:
https://help.instagram.com/155833707900388

 

2. Inclusion of Youtube videos

(1)  We have included YouTube videos in our online offering, which are stored on http://www.YouTube.com and are directly playable from our website. These are all integrated and embedded in the "Extended Privacy Mode", i.e. no data about you as user are transferred to YouTube if you do not play the videos.

Only when you play the videos will the data referred to in paragraph 2 be transmitted. We have no
influence on this data transfer.

 

(2)  When you visit this website, YouTube receives the information that you have accessed the corresponding
subpage of our website. In addition, the data mentioned under section § 3 of this declaration will be transmitted. This takes place regardless of whether YouTube makes available a user account via which you are logged in or no user account exists. If you are logged in toGoogle, your information will be directly associated with your account. If you do not wish to be associated with your profile when using YouTube, you must first log out before clicking the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or requirements-oriented design of its website. Such evaluation also takes place (even for users who are not logged in) for the purposes of providing customized advertising and to inform other social network users about activities on our
website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

 

(3)  For more information on the purpose and scope of data collection and processing by YouTube, please refer to the privacy policy. There you will also find further information on your corresponding rights and settings options for protecting your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

 

3. Integration of Vimeo videos

If you have given your consent, plugins of the video portal Vimeo of Vimeo, LLC, 555 West 18th Street, New York, NewYork 10011,USA are include don our website. Each time you visit a site that offers one or more Vimeo video clips, a direct connection is established between your browser and a Vimeo server in the USA. Information about your visit and your IP address is stored there. By interacting with the Vimeo plugins (e.g. clicking the start button), this information is also  transmitted to Vimeo and stored there.

If you have a Vimeo account and do not want Vimeo to collect information about you through this website and link to your membership information stored on Vimeo, you must log out of Vimeo before visiting this website. You can find the Vimeo privacy policy with more detailed information on the collection and use of your data by Vimeo at http://vimeo.com/privacy.

Vimeo also calls up the tracker Google Analytics via an iFrame in which the video is called. This is Vimeo's own tracking system to which we have no access. You can stop tracking by Google Analytics by using the opt-out tools that Google offers for some Internet browsers. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en

 

§ 9 Online publicity

1. Use of Google Adwords conversion tracking

(1)  If you have given us your consent, we use the offer of Google AdWords to draw attention to our attractive offers with the help of advertising materials (so-called Google AdWords) on external websites. We can determine how successful the individual advertising measures are in relation to the data from the advertising campaigns. We are interested in showing you advertisements which are of interest to you, in making our website more interesting for you and achieving a fair calculation of advertising costs.

 

(2)  This advertising media is delivered by Google via  "AdServers". For this purpose, we use ad server cookies, through which certain parameters for measuring success can be measured, such as the display of advertisements or of clicks by users. If you access our website via a Google ad, Google AdWords will store a cookie on your device. These cookies usually expire after 30 days and are not used with the intention of personally identifying you. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (a mark that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.

 

(3)  These cookies enable Google to recognize your Internet browser. If a user visits certain pages of an AdWords customer's website and the cookie stored on their computer has not expired, both Google and the customer are able to recognize that the user has clicked on the ad and has been redirected to this page. Each AdWords customer is assigned a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser.We do not process any personal data ourselves in the aforementioned advertising measures.We only receive statistical evaluations from Google.We are able to recognize which of the advertising measures are particularly effective on the basis of these evaluations.We do not receive any further data from the use of advertising material; in particular, we cannot identify users on the basis of this information.

 

(4)  Due to the marketing tools used, your browser is automatically able to establish a direct connection to
the Google server.We have no influence on the extent and the further use of the data which are collected by Google's use of this tool, and we therefore inform you according to our knowledge: By integrating AdWords conversion Google receives the information that you accessed the relevant part of our online presence or clicked on one of our advertisements. If you are registered with a Google service, Google may associate your visit to our website with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

 

(5)  You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular by suppressing third-party cookies, you will not receive any ads from third-party providers; b) by deactivating cookies for conversion tracking, by setting your browser to block cookies from the domain "www.googleadservices.com", https://www.google.de/settings/ads, this setting being deleted when you delete your cookies; c) by deactivating the interest-based ads of providers that are part of the "About Ads" self-regulation campaign via the link  http://www.aboutads.info/choices, this setting being deleted when you delete your cookies; d) by permanently deactivating Firefox, Internet Explorer or Google Chrome in your browsers under the link  http://www.google.com/settings/ads/plugin. Please note that in this case you may not be able to use all functions of this offer in full.

(6)  The legal basis for processing is your consent under Art. 6 para. (1) sub-paragraph 1 (f) of the GDPR. Further information on data protection at Google can be found here:

http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html.
Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org. Google has submitted to the EU-US privacy shield (https://www.privacyshield.gov/EU-US-Framework)

 

2. Remarketing

In addition to AdWords Conversion, if you have given us your consent, we use the Google Remarketing application. This is a process we would like to use to contact you again. This application allows us to show you our advertisements after you have visited our website whilst you continue to use the Internet. This is done using cookies stored in your browser, which record and evaluate your usage behavior when Google visits various websites. This is how Google can determine your previous visit to our website. Google does not, according to its own statements, combine the data collected in the context of remarketing with your personal data, which may be stored by Google. According to Google, in particular, Google AdWords Remarketing uses pseudonymization.

 

3. Doubleclick by Google

(1) If you have given us your consent, this website continues to use the online marketing tool DoubleClick by Google. DoubleClick uses cookies to serve ads relevant to users, improve campaign performance reports, or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to track which ads are displayed in which browser and to prevent them from being displayed more than once. In addition, DoubleClick may use cookie IDs to collect conversions related to ad requests. This is the case, for example, when a user sees a DoubleClick ad and later visits the advertiser's website with the same browser and buys something there. According to Google, DoubleClick cookies do not contain any personal information.

 

(2)  Due to the marketing tools used, your browser is automatically able to establish a direct connection to the Google server.We have no influence on the extent and the further use of the data which are collected by Google's use of this tool, and we therefore inform you according to our knowledge: By integrating AdWords conversion Google receives the information that you accessed the relevant part of our online presence or clicked on one of our advertisements. If you are registered with a Google service, Google may associate your visit to our website with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

 

(3)  You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular by suppressing third-party cookies, you will not receive any ads from third-party providers; b) by deactivating cookies for conversion tracking, by setting your browser to block cookies from the domain "www.googleadservices.com", https://www.google.de/settings/ads, this setting being
deleted if you delete your cookies; c) by deactivating the interest-based ads of providers that are part of the "About Ads" self-regulation campaign via the link http://www.aboutads.info/choices, this setting being deleted if you delete your cookies; d) by permanently deactivating Firefox, Internet Explorer or Google Chrome in your browsers under the link http://www.google.com/settings/ads/plugin. Please note
that in this case you may not be able to use all functions of this offer in full.

 

(4)  The legal basis for processing is your consent under Art. 6 para. (1) sub-paragraph 1 (f) of the GDPR. For more information about DoubleClick by Google, please visit  https://www.google.de/doubleclick and
http://support.google.com/adsense/answer/2839090, and Google's privacy policy in general:
https://www.google. de/intl/en/policies/privacy. Alternatively, you can visit the website of the Network
Advertising Initiative (NAI) at http://www.networkadvertising.org. Google has submitted to the EU-US privacy shield (https://www.privacyshield.gov/EU-US-Framework)

 

4. Facebook custom audiences

(1) Furthermore, if you have given us your consent, the website uses the remarketing function "Custom Audiences" of Facebook Inc. ("Facebook"). This allows users of the website to see interest-based advertisements ("Facebook ads") when visiting the social network Facebook or other websites that also use the process. We are interested in showing you advertisements that are of interest to you in order to make our website more interesting for you.

 

(2)  Due to the marketing tools used, your browser is automatically able to establish a direct connection to the Google server.We have no influence on the extent and the further use of the data which are collected by Google's use of this tool, and we therefore inform you according to our knowledge: By integrating AdWords conversion Google receives the information that you accessed the relevant part of our online presence or clicked on one of our advertisements. If you are registered with a Google service, Google may associate your visit to our website with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

 

(3)  The "Facebook Custom Audiences" function can be deactivated [here and] for logged in users at https://www.facebook.com/settings/?tab=ads#_ .

 

(4)  The legal basis for processing is your consent under Art. 6 para. (1) sub-paragraph 1 (f) of the GDPR. For more information about how Facebook processes your information, visit https://www.facebook.com/about/privacy.

 

Version: May 24, 2018.

 

 

 

Request an agreement for contract data processing

You are using our COYO Cloud and would like to sign an agreement for contract data processing. 

Write us an email

 

And now it's your turn.
Discover your new Digital Home.

It's really simple: Start now with your 30-day free trial for your new Digital Home.

Start your free trial now