Information obligation according to Art. 13 EU GDPR.
In the age of digitalization, data protection and computer security play an important role.
The protection of personal data and other user data is important to us. Data collected is protected within the framework of the legal regulations. We are supporters of the General Data Protection Regulation (GDPR). Below you will find information about which data is collected during a visit to this website and how this data is used. This privacy policy only addresses the Internet presence of Shapefield GmbH through the website https://www.shapefield.com/.
We have taken technical and organizational measures to ensure that the regulations on data protection are observed by both us and our external service providers.
Our website can be used without providing personal data (e.g. email, name, address etc.). However, we offer a convenient inquiry dialog for contacting us. Our hosting provider IONOS (1and1) records some browser data for statistical evaluation. In addition, we use a CDN to optimize performance and to protect against hacker attacks. The website can be accessed via the secure HTTPS protocol. We do not use cookies or tracking. We link to external websites and are not responsible for their content. We have concluded order processing agreements with our external service providers.
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. Personal data is data with which you can be personally identified. This data protection declaration explains which data we collect and what we use it for. It also explains how and for what purpose this is done. We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. Complete protection of data against access by third parties is not possible.
The responsible party within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
Managing Director
Philipp Grau
info@shapefield.de
+49 (0) 6826 8189820
Address
Shapefield GmbH
Saarpfalz-Park 1
66450 Bexbach
Germany
We have appointed a data protection officer to the responsible supervisory authority.
The data protection officer of the controller is:
dsgvoschutzteam.com - Lukmann Consulting GmbH
Packerstraße 131a
8561 Söding
Austria
Telephone: +49 7223 95 666 77
Email: service@dsgvoschutzteam.com
The data protection officer is not subject to instructions in the performance of his duties (Section 5 Para. 3
DSG).
In accordance with Art. 13 GDPR, we inform you of the legal basis for our data processing. If the legal basis is not stated precisely in the data protection notice, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a in conjunction with Art. 7 GDPR. The legal basis for processing to fulfill our services and carry out contractual measures as well as to answer inquiries is Art. 6 Para. 1 lit. b GDPR. The legal basis for processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c GDPR. If the processing of your data is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Para. 1 lit. f GDPR serves as the legal basis for processing. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis.
We adhere to the principles of data minimization in accordance with Art. 5 (1) (c) GDPR and storage limitation in accordance with Art. 5 (1) (e) GDPR. We only store your personal data for as long as is necessary to achieve the purposes stated here or as provided for by the retention periods stipulated by law. Once the respective purpose no longer applies or after these retention periods have expired, the corresponding data will be deleted as quickly as possible.
This website may contain links to third-party websites or to other websites under our responsibility. If you follow a link to one of the websites outside our responsibility, please note that these websites have their own data protection information. We accept no responsibility or liability for these external websites and their data protection notices. Therefore, before using these websites, check whether you agree with the data protection statements there.
You can recognize external links either by the fact that they are displayed in a slightly different color from the rest of the text or by being underlined. Your cursor shows you external links when you move it over such a link. Only when you click on an external link will your personal data be transferred to the destination of the link. The operator of the other website receives in particular your IP address, the time at which you clicked the link, the page on which you clicked the link, and other information that you can find in the data protection notices of the respective provider.
Please also note that individual links can lead to data being transferred outside the European Economic Area. This could give foreign authorities access to your data. You may not have any legal recourse against this data access. If you do not want your personal data to be transferred to the link destination or even exposed to unwanted access by foreign authorities, please do not click on any links.
As a data subject within the meaning of the GDPR, you have the opportunity to assert various rights. The data subject rights arising from the GDPR are the right to information (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority and the right to data portability (Article 20).
Right of withdrawal
Some data processing can only take place with your express consent. You have the option of withdrawing your consent at any time. However, this does not affect the legality of the data processing up to the time of withdrawal.
Right of objection
If the processing is based on Art. 6 Paragraph 1 Letter e or f of GDPR, you as the data subject can object to the processing of personal data concerning you at any time for reasons arising from your particular situation. You also have this right in the case of profiling based on these provisions within the meaning of Art. 4 Paragraph 4 of GDPR. If we cannot prove a legitimate interest in the processing which outweighs your interests, rights and freedoms or processing which serves to assert, exercise or defend legal claims, we will refrain from processing your data after you have objected.
If the processing of personal data is for direct marketing purposes, you also have the right to object at any time. The same applies to profiling which is related to direct marketing. Here, too, we will no longer process personal data as soon as you object.
Right to lodge a complaint with a supervisory authority
If you believe that the processing of personal data concerning you violates
the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the
member state of your residence, place of work or place of the alleged violation,
without prejudice to any other administrative or judicial remedy.
Right to data portability
If your data is processed automatically based on consent or fulfillment of a contract, you have the right to receive this data in a structured, common and machine-readable format. You also have the right to request the transfer and provision of the data to another responsible party, insofar as this is technically feasible.
Right to information, correction and deletion
You have the right to receive information about your processed personal data regarding the purpose of the data processing, the categories, the recipients and the duration of storage.
If you have any questions about this topic or other topics relating to personal data, you can of course contact us using the contact options provided in the imprint.
Right to restriction of processing
You can request the restriction of the processing of your personal data at any time. To do so, you must meet one of the following requirements:
You dispute the accuracy of the personal data. For the duration of the verification of accuracy, you have the right to request that processing be restricted.
If processing is unlawful, you can request that the use of the data be restricted as an alternative to deletion.
If we no longer need your personal data for the purposes of processing, but you need the data to assert, exercise or defend legal claims, you can request that processing be restricted as an alternative to deletion.
If you object to processing in accordance with Art. 21 Para. 1 GDPR, a balance will be struck between your interests and ours. Until this balance has been struck, you have the right to request that processing be restricted.
Restriction of processing means that personal data, apart from storage, may only be processed with your consent or for the establishment, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This can include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 Para. 1 lit. f GDPR). Our hoster will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions with regard to this data. We use the following hoster:
IONOS SE
Elgendorfer Str. 57
56410 Montabaur
In order to ensure data protection-compliant processing, we have concluded a contract for order processing with our hoster.
We use the service “Cloudflare”. The provider is Cloudflare Inc., 101 Townsend St., San
Francisco, CA 94107, USA (hereinafter “Cloudflare”).
Cloudflare offers a globally distributed content delivery network with DNS. Technically, the information transfer between your browser and our website is routed through the Cloudflare network. This enables Cloudflare to analyze the data traffic between your browser and our website and to serve as a filter between our servers and potentially malicious data traffic from the Internet. Cloudflare can also use other technology to recognize Internet users, but these are only used for the purpose described here.
The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 Para. 1 lit. f GDPR).
The data transfer to the USA is based on the standard contractual clauses of the EU Commission.
You can find details here: https://www.cloudflare.com/privacypolicy/.
You can find more information on security and data protection at Cloudflare here:
https://www.cloudflare.com/privacypolicy/.
For security reasons, browser requests from dubious sources (hackers, malware, spammers
etc.) are rejected. Using Cloudflare protects us from hacker attacks and spammers and
thus contributes to the security of the user and the website.
In order to ensure data protection-compliant processing, we have concluded a contract for order processing with our hoster IONOS, which includes Cloudflare.
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as
requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the
browser changes from "http://" to "https://" and by the lock symbol in your browser line.
On the server side, website calls are automatically redirected to "https://".
This encrypts the data transmitted. Nevertheless, access should always be made from a
secure network with a secure connection. The HTTPS protocol is vulnerable to a so-called
man-in-the-middle attack. You can find further information on Wikipedia:
https://de.wikipedia.org/wiki/Man-in-the-Middle-Angriff
The use of contact data published as part of the imprint obligation to send unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, for example through spam emails.
The provider of the pages, IONOS, automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
Our website offers an inquiry dialog with a contact form. The dialog can be used to make contact
as an alternative to communication, e.g. by email or telephone. The use of the
inquiry dialog is voluntary.
The following data is collected via the inquiry dialog:
Addition to contact form: This section is only relevant if you actively visit our website by clicking on a Google ad. In this case, a conversion can be recorded by submitting the contact form in conjunction with explicit consent. This is helpful for us so that we can optimize our Google ads and find out whether our ads lead to successful conversions. Without this knowledge, the performance of Google ads is worse and more expensive. You can help us and we thank you in advance for your support.
We have implemented an individual and data protection-friendly solution for our requirements because we did not want to use Google cookies and services in the browser.
When a user visits our website via a Google ad, technically nothing happens at first. No cookies are set or evaluated. No data is transmitted to Google. No Google Tag Manager Javascript Library or other Google services are loaded in the browser. Our solution works without the Google Tag Manager Javascript Library in the user's browser.
Only when the contact form is sent to our server can a pseudonymized SHA256 hash of the email address be sent to Google in an encrypted, unreadable manner and without the use of cookies. The transmission is encrypted and server-side and explicitly not via the user's browser. However, the transmission only takes place if explicit consent is activated in the contact form by checking the checkbox. No cookies are set via our website. Not even after sending or visiting our website again in this context.
The legal basis for the data processing described is your consent in accordance with Art. 6 Para. 1 lit. a GDPR and our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR. However, we would like to point out that we have no influence on data processing by Google.
You can find more information about Google's data protection here:
https://policies.google.com/privacy?hl=de
Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
If you want to use the form without the conversion shown, simply open our URL www.shapefield.de in a new browser window and reload the contact form. Alternatively, you can also contact us via email letswork@shapefield.de and telephone +49 (0) 6826 8189820.
As an alternative to our contact form, the Microsoft Bookings service can be used to book appointments online. The use of Microsoft Bookings is voluntary.
The following data is collected via the Microsoft Bookings contact form:
The data from the Microsoft Bookings contact form is processed by Microsoft itself. A separate data processing agreement (AV) was concluded with Microsoft to ensure the protection of personal data. The Microsoft Bookings contact form contains the user's explicit consent. Without consent by checking the checkbox, the Microsoft Bookings contact form cannot be sent to Microsoft and subsequently to us. The data from the Microsoft Bookings contact form is transmitted in encrypted form when the website is accessed using the HTTPS protocol (see section "Accessing the website using the HTTPS protocol").
The purpose of collecting data in the Microsoft Bookings contact form is to respond to the user's contact in a targeted manner and to technically enable appointment booking. Using the Microsoft Bookings contact form does not create any contractual relationship between the user and Shapefield GmbH.
If you send us inquiries using the Microsoft Bookings contact form, your details from the Microsoft Bookings contact form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We store the contact details in our own ERP system, which is hosted by IONOS. Furthermore, this data is also collected and processed in our CRM system Pipedrive via an automated interface (Zapier). For more information on data processing by Pipedrive and Zapier, please refer to the relevant sections of this Privacy Policy. In order to ensure that processing complies with data protection regulations, we have concluded a contract for order processing with our hoster IONOS (see above, external hosting). We will not pass on this data without your consent. This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, provided that your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was requested. The use of the Microsoft Bookings contact form and the processing of your data by Microsoft is based on your consent (Art. 6 Para. 1 lit. a GDPR). However, we would like to point out that we have no influence on the data processing by Microsoft.
You can find more information about Microsoft's data protection here:
https://www.microsoft.com/de-de/privacy/privacystatement
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA;
The data you enter in the Microsoft Bookings contact form will remain with us until you request us to delete it, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.
You can primarily contact us by email, telephone, post or in person on site. When data is transmitted by email, telephone or post, complete protection of the data cannot be guaranteed. Important data should always be encrypted or transmitted using an adaptive security mechanism. Even an on-site appointment can be attacked by appropriate listening devices. Complete protection against attackers is not possible.
Data transmitted to us is always protected with the greatest possible care by appropriate technical security measures.
If you contact us by email, telephone, post or in person, your request, including all personal data resulting from it (e.g. name, request), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is based on Art. 6 Para. 1 lit. b GDPR, provided that your
request is related to the fulfillment of a contract or is necessary to carry out pre-contractual
measures. In all other cases, the processing is based on our legitimate
interest in the effective processing of the requests addressed to us (Art. 6 Para. 1 lit. f GDPR)
or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was requested.
The data you send to us via contact requests will remain with us until you
request us to delete it, revoke your consent to storage or the purpose for
the data storage no longer applies (e.g. after your request has been processed). Mandatory
legal provisions - in particular statutory retention periods - remain unaffected.
In addition to the purely informational use of our website, we offer various UX services
that you can use as part of a collaboration. For this, we usually need
personal data, which we use to provide the respective services. In individual cases,
all we need is the contact person of the requesting company with the basic
contact details (name & email). These are processed in the context of the quotation creation.
We store the contact details in our own ERP system, which is hosted by IONOS.
Furthermore, this data is also collected and processed in our CRM system Pipedrive via an automated interface (Zapier). For more information on data processing by Pipedrive and Zapier, please refer to the relevant sections of this Privacy Policy.
In order to ensure data protection-compliant processing, we have concluded a contract for order processing with our host IONOS (see above, external hosting). We
have a legitimate interest in processing a request for a quotation in a targeted manner or in enabling
cooperation with us.
This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, provided that your
request is related to the fulfillment of a contract or is necessary to carry out pre-contractual
measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the offer addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was requested.
The data collected during the offer creation process will remain with us until you request us to delete it, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular statutory retention periods - remain unaffected.
We are represented on social media platforms in order to get in touch with the users of these platforms and to increase our reach (level of awareness). Communication with users takes place by using the functions available on the platforms. In order to measure the success of our activities, we can use evaluations offered by the respective manufacturer or tracking functions (e.g. for interest/behavior-related profiling), cookies and remarketing functions. In order to promote the exchange of opinions or to win new customers, we manage groups. Notes on data processing by social networks The operators of social networks are generally not based in the European Union. This means that personal data is also processed outside the European Union (e.g. USA). This means there is an increased risk that user data will not be processed in accordance with the data protection requirements required by the European Union or that user rights cannot be exercised or are difficult to exercise. Social networks process user data extensively in order to create personal user profiles. These user profiles are used in particular for advertising purposes or market research data. This can take the form of advertisements that are displayed to users within or outside the social networks that correspond to the user's interests. In addition, data about the devices, browsers and resolution used when using the platforms are usually assigned to the user profile. Cookies are stored on users' computers for these purposes, among other things. For a detailed description of the respective processing methods and the options for opting out, please refer to the data protection declarations and information provided by the operators of the respective networks. The best way to assert your rights as a data subject (e.g. information or deletion) is to contact the respective provider. Only the operators of the social platforms have access to your data and can fulfill your requests for data subject rights.
The purpose of our profiles on social media platforms is to expand our internet presence and thus increase our awareness. Therefore, the legal basis is legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR. Furthermore, with regard to the processing activities by the social networks, reference must be made to their own legal basis (e.g. consent in accordance with Art. 6 Para. 1 lit. a GDPR), which you can find in the respective data protection declaration.
In principle, we are jointly responsible with the social media platform for the data processing operations triggered when you visit our profile. Therefore, you can assert your rights as a data subject in accordance with Art. 15ff GDPR vis-à-vis the social media platform as well as against us. However, we would like to point out that we have no influence on the data processing by the social media platform.
Meta Platforms Ireland Ltd. (Previously Facebook Ireland Ltd.), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland,
https://www.facebook.com;
Privacy policy: https://www.facebook.com/about/privacy;
Opt-out option: Settings for advertisements:
https://www.facebook.com/settings?tab=ads;
Additional information on data protection: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/terms/page_controller_addendum,
Data protection information for Facebook pages:
https://www.facebook.com/legal/terms/information_about_page_insights_data.
Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Website: https://www.instagram.com;
Data protection declaration: https://instagram.com/about/legal/privacy.
Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA;
Data protection declaration: https://twitter.com/de/privacy,
(Settings) https://twitter.com/personalization.
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website:
https://www.linkedin.com;
Data protection declaration: https://www.linkedin.com/legal/privacy-policy;
Option to object (opt-out):
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
New Work SE, Am Strandkai 1, 20457 Hamburg, Germany; Website: https://www.xing.de;
Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.
YouTube - Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
Website: https://www.youtube.com/
Privacy policy: https://policies.google.com/privacy
This website uses the analysis services of IONOS WebAnalytics (hereinafter: IONOS). The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D - 56410 Montabaur. As part of the analyses with IONOS, visitor numbers and behavior (e.g. number of page views, duration of a website visit, bounce rates), visitor sources (i.e. which page the visitor comes from), visitor locations and technical data (browser and operating system versions) can be analyzed. Furthermore, malicious hacker attacks can be detected. For this purpose, IONOS stores the following data in particular:
We have concluded a contract for order processing with IONOS. This contract is intended to ensure that IONOS handles your personal data in compliance with data protection regulations.
On this website, data is collected and stored for marketing, market research and optimization purposes using SalesViewer® technology from SalesViewer® GmbH (SalesViewer® GmbH, Universitätsstraße 60, 44789 Bochum) on the basis of the legitimate interests of the website operator (Art. 6 Para. 1 lit. f GDPR).
For this purpose, a JavaScript-based code is used that is used to collect company-related data and use it accordingly. The data collected using this technology is encrypted using a non-returnable one-way function (so-called hashing). The data is immediately pseudonymized and not used to personally identify the visitor to this website.
The data stored as part of SalesViewer® is deleted as soon as it is no longer required for its intended purpose and there are no legal retention periods that prevent deletion.
You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt-out to prevent SalesViewer® from collecting data on this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click on this link again.
This site uses so-called web fonts provided by Google to uniformly display fonts. The Google Fonts are installed locally. There is no connection to Google servers. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.
This site uses Font Awesome to uniformly display fonts. Font Awesome is installed locally. There is no connection to Fonticons, Inc. servers. For more information about Font Awesome, see the Font Awesome privacy policy at: https://fontawesome.com/privacy.
We use online conference tools, among others, to communicate with our customers. The tools we use in detail are listed below. If you communicate with us via video or audio conference via the Internet, your personal data will be collected and processed by us and the provider of the respective conference tool. The conference tools collect all data that you provide/use to use the tools (email address and/or your telephone number). The conference tools also process the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other “context information” related to the communication process (metadata). The provider of the tool also processes all technical data that is required to handle online communication. This includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speakers, and the type of connection.
If content is exchanged, uploaded or otherwise made available within the tool, it is also stored on the servers of the tool providers. Such content includes in particular cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.
Please note that we do not have full influence on the data processing operations of the tools used. Our options are largely based on the company policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, which we have listed below this text.
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 Para. 1 Clause 1 Letter b GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest within the meaning of Art. 6 Para. 1 Letter f GDPR). If consent has been requested, the use of the relevant tools is based on this consent; consent can be revoked at any time with effect for the future.
The data we collect directly via the video and conference tools will be deleted from our systems as soon as you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected. We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
We offer various mailing lists for our customers and selected interested parties. Registration in a mailing list only takes place after personal consent and with the confirmation of an additional confirmation link (double opt-in procedure). The registration form is not publicly integrated on the website. This is how we prevent false or abusive entries. After successful registration, another confirmation email is sent with further details and instructions, e.g. on unsubscribing. The registration form contains the explicit consent of the user. Without consent by checking the checkbox, the form cannot be submitted. By checking the checkbox, consent and permission for further contact from us is also given.
To register in a mailing list, only the name and email address are collected. For the mailing lists, we use the provider Brevo (Sendinblue GmbH). Sendinblue GmbH, address: Köpenicker Straße 126, 10179 Berlin. A separate data processing agreement (AV) was concluded with Brevo (Sendinblue GmbH) to ensure the protection of personal data. Further information can be found in the provider's data protection information at the following URL: https://de.sendinblue.com/legal/privacypolicy/. We would like to point out, however, that we have no influence on data processing by Brevo.
The collection of the email address serves to send corresponding emails via the mailing lists and to publish information. The name is collected for personal address within the emails. The email address and name are not passed on to other third parties by us, but are only used for the mailing lists.
You have the option at any time to revoke your consent to the processing and storage of the e-mail address provided and its use for sending. Registration in a mailing list can be cancelled at any time by sending a general email to info@shapefield.de with the subject "Unsubscribe from mailing list". Each published email also contains precise and specific instructions for unsubscribing from the corresponding mailing list. If a registration has been cancelled, the user will no longer receive emails. The legality of the data processing operations that have already taken place remains unaffected by the revocation. We delete the data arising in this context after storage is no longer required, or the processing is restricted if there are statutory retention periods.
We hereby prohibit anonymous use of the mailing lists. Information is only occasionally published via the mailing lists.
The legal basis for the data processing described is your consent in accordance with Art. 6 Para. 1 lit. a GDPR and our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR. We reserve the right to delete e-mail addresses and names from our mailing lists at our own discretion within the scope of our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR.
As part of our marketing, we offer you the opportunity to subscribe to our newsletter via our website. To order the newsletter, you go through a registration process during which we check whether you are the owner of the specified email address and whether you agree to receive our newsletter. You can only register for the newsletter after you have given your personal consent and by confirming an additional confirmation link (double opt-in process). After you have successfully registered, another confirmation email will be sent with further details and instructions, e.g. on how to unsubscribe. The registration form contains the user's explicit consent. The form cannot be submitted without consent by checking the checkbox. Checking the checkbox also means that you consent and allow us to contact you further.
The following data is collected via the form:
We use the provider Brevo (Sendinblue GmbH) for the newsletter. Sendinblue GmbH, address: Köpenicker Straße 126, 10179 Berlin. A separate order processing agreement (AV) was concluded with Brevo (Sendinblue GmbH) to ensure the protection of personal data. Further information can be found in the provider's data protection information at the following URL: https://de.sendinblue.com/legal/privacypolicy/. However, we would like to point out that we have no influence on the data processing by Brevo.
The email address is collected to send corresponding emails via the newsletter and to publish information. The name is collected for a personal address within the emails. We do not pass the email address on to other third parties, but primarily use it for sending the newsletter. We store the contact details in our own ERP system, which is hosted by IONOS. Furthermore, this data is also collected and processed in our CRM system Pipedrive via an automated interface (Zapier). For more information on data processing by Pipedrive and Zapier, please refer to the relevant sections of this Privacy Policy. In order to ensure data protection-compliant processing, we have concluded a contract for order processing with our host IONOS (see above, external hosting).
You have the option at any time to revoke the consent given to the processing and storage of the transmitted data (email address, etc.) and its use for sending. Subscription to the newsletter can be canceled at any time by sending a general email to info@shapefield.de with the subject "Unsubscribe from newsletter". Every published email also contains precise and specific instructions for unsubscribing from the newsletter. If a registration has been cancelled, the user will no longer receive emails. The legality of the data processing operations that have already taken place remains unaffected by the revocation. We delete the data collected in this context after storage is no longer required, or processing is restricted if there are statutory retention periods.
We hereby prohibit anonymous use of the newsletter. Otherwise, we only send a few newsletter emails with selected topics.
The legal basis for the data processing described is your consent in accordance with Art. 6 Para. 1 lit. a GDPR and our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR. We reserve the right to delete email addresses from our newsletter at our own discretion within the scope of our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR.
As part of our marketing, we offer you the opportunity to purchase various whitepapers via our website. To order a whitepaper, you go through a registration process, during which we check whether you are the owner of the specified email address and whether you agree to receive our whitepaper. Registration to download a whitepaper is only possible after personal consent and confirmation of an additional confirmation link (double opt-in process). After successful registration, another confirmation email will be sent with further details and instructions, e.g. for unsubscribing. The registration form contains the user's explicit consent. Without consent by checking the checkbox, the form cannot be submitted. By checking the checkbox, you also consent and permission for us to contact you further.
The following data is collected via the form:
For our white papers we use the provider Brevo (Sendinblue GmbH). A white paper is provided via an email newsletter mechanism. However, this mechanism is not a content-related newsletter, but technically works like a newsletter. Sendinblue GmbH, Address: Köpenicker Straße 126, 10179 Berlin. A order processing agreement (AV) was concluded separately with Brevo (Sendinblue GmbH) to ensure the protection of personal data. Further information can be found in the provider's data protection information at the following URL: https://de.sendinblue.com/legal/privacypolicy/. However, we would like to point out that we have no influence on the data processing by Brevo.
The email address is collected in order to send the download link for a white paper. The name is collected for personal addressing within the emails. The email address is not passed on to third parties by us, but is used to send white papers. We store the contact details in our own ERP system, which is hosted by IONOS. Furthermore, this data is also collected and processed in our CRM system Pipedrive via an automated interface (Zapier). For more information on data processing by Pipedrive and Zapier, please refer to the relevant sections of this Privacy Policy. In order to ensure that processing complies with data protection regulations, we have concluded a contract for order processing with our host IONOS (see above, external hosting).
You have the option at any time to revoke your consent to the processing and storage of the transmitted data (email address, etc.) and its use for sending. The order of a white paper can be cancelled at any time by sending a general email to info@shapefield.de with the subject "Cancel white paper". Each published email also contains precise and specific instructions for unsubscribing. If a white paper order has been cancelled, the user will no longer receive emails. The legality of the data processing operations that have already taken place remains unaffected by the revocation. We delete the data arising in this context after storage is no longer required, or processing is restricted if there are legal retention obligations.
We hereby prohibit anonymous use of the white papers. Otherwise, only three emails are sent for the white papers: confirmation, download link to the white paper, UX training video.
The legal basis for the data processing described is your consent in accordance with Art. 6 Para. 1 lit. a GDPR and our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR. We reserve the right to delete email addresses at our own discretion within the scope of our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR.
As part of our marketing, we offer you the opportunity to purchase various white papers via LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). For this purpose, we use the Lead Gen Forms service from LinkedIn.
Ordering a white paper is done using a form provided by LinkedIn. By registering and submitting the form, you consent to the processing and storage of your data and allow Shapefield GmbH to contact you via email or telephone.
The following data will be visible to Shapefield GmbH via the form:
Name
Email
Telephone
After submitting the form, you will receive a download link to the corresponding white paper via LinkedIn.
LinkedIn processes and stores your data. Further information can be found in LinkedIn's privacy policy:
https://de.linkedin.com/legal/privacy-policy
https://www.linkedin.com/help/linkedin/answer/a1444756/linkedin-marketing-solutions-und-die-datenschutz-grundverordnung-dsgvo-?lang=de
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
We do not pass on your data (email address, etc.) to third parties. We store the contact details in our own ERP system, which is hosted by IONOS. Furthermore, this data is also collected and processed in our CRM system Pipedrive via an automated interface (Zapier). For more information on data processing by Pipedrive and Zapier, please refer to the relevant sections of this Privacy Policy. In order to ensure that processing complies with data protection regulations, we have concluded a contract for order processing with our host IONOS (see above, external hosting).
You have the option of revoking your consent to the processing and storage of the transmitted data (email address, etc.) and its use by Shapefield GmbH at any time. To do so, send us an email to info@shapefield.de. The legality of the data processing operations that have already taken place remains unaffected by the revocation. We delete the data collected in this context after storage is no longer required, or processing is restricted if there are statutory retention periods.
We hereby prohibit anonymous use of the white papers.
The legal basis for the data processing described is your consent in accordance with Art. 6 Para. 1 lit. a GDPR and our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR. We reserve the right to delete transmitted data (email address, etc.) at our own discretion within the scope of our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR. However, we would like to point out that we have no influence on data processing by LinkedIn.
To manage and organize customer relationships as well as to create and track offers, we use the CRM system Pipedrive, a service provided by Pipedrive OÜ, Mustamäe tee 3a, 10615 Tallinn, Estonia.
Pipedrive is used to record, manage, and structure customer and prospect data. We also use Pipedrive for the systematic creation, management, and tracking of offers as part of our sales process. In doing so, we process personal data such as name, email address, telephone number, company affiliation, as well as the content and status of offers.
The processing of this data is based on Art. 6 Para. 1 lit. b GDPR, insofar as your inquiry is related to the fulfillment of a contract or is necessary for the performance of pre-contractual measures.
In all other cases, the processing is based on our legitimate interest in the efficient handling of inquiries and the structured execution of our sales processes Art. 6 Para. 1 lit. f GDPR, or on your consent Art. 6 Para. 1 lit. a GDPR, if such consent has been obtained.
Pipedrive processes data on our behalf based on a data processing agreement in accordance with Art. 28 GDPR. Data may be processed on servers within the EU or – subject to appropriate safeguards (e.g. EU Standard Contractual Clauses) – in third countries.
For more information about data processing by Pipedrive, please refer to: https://www.pipedrive.com/en/privacy
To automate certain processes related to offer creation and customer management, we use the tool Zapier. The provider is Zapier Inc., 548 Market St #62411, San Francisco, CA 94104-5401, USA.
Zapier is used exclusively to create automated connections (so-called "Zaps") between our CRM system Pipedrive and internal processes related to offer generation. For example, information from Pipedrive may be automatically transferred into offer templates or forwarded to other systems for further processing. Only the personal data necessary for this purpose is processed (e.g. name, email address, company details, offer content).
The processing of this data is based on Art. 6 Para. 1 lit. b GDPR, if it is necessary for the performance of a contract or in order to take steps prior to entering into a contract. In all other cases, processing is based on our legitimate interest in efficient and error-free offer handling Art. 6 Para. 1 lit. f GDPR, or on your consent Art. 6 Para. 1 lit. a GDPR, if such consent has been obtained.
Zapier processes data on our behalf based on a data processing agreement in accordance with Art. 28 GDPR. A data transfer to the United States may occur. In doing so, Zapier relies on EU Standard Contractual Clauses pursuant to Art. 46 GDPR to ensure an adequate level of data protection.
For more information about data processing by Zapier, please refer to: https://zapier.com/privacy
It is possible to send an application to us (e.g. by email). The personal data obtained in this way will be stored and processed by us for the application process.
The basis for the processing is Art. 6 Para. 1 lit. b GDPR and Art. 6 Para. 1 lit. a GDPR, provided that consent has been given. Insofar as German law is applicable, Section 26 BDSG in particular is used as the legal basis for the processing. You can revoke your consent at any time. The legality of the processing carried out up to the time of revocation remains unaffected.
If the application results in an employment relationship, the data collected will be stored for the purpose of processing the employment relationship on the basis of Art. 6 Para. 1 lit. b GDPR. If no employment relationship is established, the data will be stored on the basis of Art. 6 (1) (f) GDPR for the duration of the legal claims, in particular due to discrimination in the application process. This is necessary for the defense against any lawsuits or allegations. If consent has been granted, the data will be stored for a longer period on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time. The legality of the processing carried out up to the time of revocation remains unaffected.
If no employment relationship is established, the applicant can be included in our applicant pool. All application details are stored so that the relevant person can be contacted when suitable job advertisements arise.
The data is only stored in the applicant pool after consent has been granted on the basis of Art. 6 (1) (a) GDPR. This consent can be revoked at any time, after which the relevant data will be deleted unless there are legal reasons for retention. Deletion takes place automatically no later than two years after consent is granted. The legality of the processing carried out up to the time of revocation remains unaffected.
If no employment relationship is established, the applicant can be included in our applicant pool. All details of the application are saved so that the relevant person can be contacted when suitable job advertisements arise.
The data is only stored in the applicant pool after consent has been given on the basis of Art. 6.1 lit.a GDPR. This consent can be revoked at any time, after which the relevant data will be deleted unless there are legal reasons for retention. Deletion takes place no later than two years after consent has been given. The legality of the processing carried out up to the time of revocation remains unaffected.
We do not use cookies on our website. The website works completely without cookies.
We expressly do not use more specific analysis tools such as Google Analytics (except IONOS Webanalytics and SalesViewer, see above). In this context, we do not collect any data, pass it on to third parties or use it for advertising purposes.
Malware refers to computer programs that have been developed to perform unwanted and harmful functions. Malware is a generic term for viruses, worms, Trojans, bots and much more. A large proportion of malware is spread via websites. Please protect yourself with an antivirus program, such as Avira.
Our offer is generally aimed at adults in a business context (B2B). People under the age of 18 should not send us any personal data without the consent of their parents or guardians.
Every digital product stands or falls with the user experience. At Shapefield, we support companies in developing better products through targeted UX services - from UX consulting to complete project implementation.
Improve the user experience of your products!
Contact us today for more information.