The website owner within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
Possible Digital GmbH
Max-Urich-Straße 3
13355 Berlin
Germany
kontakt[at]possible-digital[dot]de
The data protection officer of the website owner is:
DataCo GmbH
Dachauer Straße 65
80335 Munich
+49 89 7400 45840
We generally process personal data of our users only to the extent necessary for providing a functional website as well as our content and services. The processing of personal data of our users is usually only carried out with the user's consent. An exception applies in cases where obtaining prior consent is not possible for factual reasons and the processing of data is required by legal regulations.
If we obtain the consent of the data subject for processing personal data, Article 6(1)(a) GDPR serves as the legal basis.
For processing personal data necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required for carrying out pre-contractual measures.
If the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party, and if the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6(1)(f) GDPR serves as the legal basis for processing.
Personal data of the data subject will be erased or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if provided for by the European or national legislator in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or erased when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for conclusion or performance of a contract.
If personal data concerning you is processed, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:
You have the right to obtain from the controller confirmation as to whether or not personal data concerning you is being processed.
If such processing is taking place, you can request the following information from the controller:
You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must make the correction without delay.
Under the following conditions, you can request the restriction of processing of your personal data:
a) Obligation to erase
You may request the erasure of personal data concerning you from the controller without undue delay, and the controller shall have the obligation to erase such data without undue delay where one of the following grounds applies:
b) Information to third parties
Where the controller has made the personal data concerning you public and is obliged pursuant to Art. 17(1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers processing the personal data that you, as the data subject, have requested erasure by such controllers of any links to, or copy or replication of, those personal data.
c) Exceptions
The right to erasure does not apply to the extent that processing is necessary:
If you have asserted your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of data or restriction of processing, unless this proves impossible or involves disproportionate effort.
You have the right to be informed about these recipients from the controller.
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used, and machine-readable format. Additionally, you have the right to transmit this data to another controller
without hindrance from the controller to whom the personal data have been provided, if:
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, where technically feasible. This must not adversely affect the rights and freedoms of others.
The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1) sentence 1 point e or f GDPR, including profiling based on those provisions.
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.
Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.
You have the option to exercise your right to object in connection with the use of information society services – notwithstanding Directive 2002/58/EC – by automated means using technical specifications.
You have the right to withdraw your data protection consent declaration at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
However, these decisions must not be based on special categories of personal data referred to in Article 9(1) GDPR unless Article 9(2)(a) or (b) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
With regard to the cases referred to in points 1 and 3, the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view, and to contest the decision.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.
When you visit our website, our system automatically collects data and information from the computer system of the accessing device. The following data is collected:
This data is stored in the log files of our system. Storage of this data together with other personal data of the user does not take place.
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's device. For this purpose, the user's IP address must be stored for the duration of the session.
The storage in log files is done to ensure the functionality of the website. Additionally, the data is used for optimizing the website and ensuring the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. Our legitimate interest in data processing pursuant to Art. 6(1)(f) GDPR is also based on these purposes.
The legal basis for the temporary storage of data and log files is Art. 6(1)(f) GDPR.
The data is deleted as soon as it is no longer necessary for the purpose of its collection. In the case of data collected for the provision of the website, this occurs when the respective session is terminated.
In the case of storing data in log files, this is the case after a maximum of seven days. Further storage is possible. In this case, the IP addresses of the users are either deleted or anonymized, so that assignment to the accessing client is no longer possible.
The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no option for the user to object.
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables unique identification of the browser when the website is accessed again.
We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change. The following data is stored and transmitted in the cookies:
The data collected from users in this way is pseudonymized through technical measures. Therefore, it is no longer possible to associate the data with the accessing user. The data is not stored together with other personal data of the user.
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. It is necessary for these functions that the browser is recognized even after a page change. We require cookies for the following applications:
The user data collected through technically necessary cookies is not used to create user profiles.
The legal basis for processing personal data using technically necessary cookies is Art. 6(1)(f) GDPR.
Cookies are stored on the user's computer and transmitted to our site. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, some functions of the website may not be fully available.
If you are using a Safari browser version 12.1 or higher, cookies are automatically deleted after seven days. This also applies to opt-out cookies that are set to prevent tracking measures.
Linkedin:
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
On our LinkedIn corporate page, we provide information and offer LinkedIn users the opportunity to communicate. When you take action on our LinkedIn corporate profile (e.g., comments, posts, likes, etc.), you may disclose personal data (e.g., your real name or photo of your user profile). However, since we generally have little or no influence over the processing of your personal data by the company responsible for the Possible Digital GmbH corporate presence on LinkedIn, we cannot provide binding information on the purpose and scope of processing your data.
Our corporate presence on social networks is used for communication and exchange of information with (potential) customers. In particular, we use the corporate presence for:
The publications via the corporate presence may contain the following content:
Each user is free to disclose personal data through activities.
The legal basis for data processing is Art. 6(1)(a) GDPR. The data generated by the corporate presence is not stored in our own systems.
You can object to the processing of your personal data that we collect during your use of our LinkedIn corporate profile at any time and exercise your data subject rights as mentioned in section IV of this privacy policy. To do so, please send us an informal email to kontakt@possible-digital.de. For information on the processing of your personal data by LinkedIn and the corresponding objection options, please refer to: https://www.linkedin.com/legal/privacy-policy?
The website is hosted on servers by a service provider commissioned by us. Our service provider is:
Webflow, Inc., 398 11th St., Floor 2, San Francisco, CA 94103, United States of America
The servers automatically collect and store information in so-called server log files that your browser automatically transmits when you visit the website. The stored information includes:
These data are not merged with other data sources. The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be recorded. For details, please refer to the Webflow privacy policy.
The data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here. However, in view of the invalid US Privacy Shield, these are not sufficient. For this reason, data processing agreement with Webflow has been concluded for hosting the website.
We have entered into a data processing agreement with the provider mentioned above. This is a data protectionally required contract that ensures that the provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
Our website uses the technologies of Dealfront (Liidio Oy as part of Dealfront Group GmbH) to analyse visitor behaviour. The IP address of a visitor is processed.
For this purpose, the visitor's IP address and corresponding session data are compared with a large whitelist of known companies at the beginning of the visitor's session.
As part of this processing, first-party cookies are used to analyse visitor behaviour. Further information on the processing of data by Leadfeeder can be found here:
https://www.leadfeeder.com/privacy/
This processing is intended to help us understand which companies visit our website by enriching IPs with associated information such as the company name or industry code.
If we process website traffic data, this is done on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR and § 25 TTDSG) in optimising our products, services, sales and marketing.
If lead generation is aimed at the fulfilment of a contract or the implementation of pre-contractual measures with the data subject, the legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR.
Your personal information will be stored for as long as necessary to fulfil the purposes described in this privacy policy or as required by law.
To prevent this processing, you (website visitors) can install and configure appropriate ad blockers or use no-script plugins in your browser.
We have concluded an data processing agreement with Dealfront to ensure compliance with applicable data protection standards.
You can find more information about your rights vis-à-vis Leadfeeder at: https://www.leadfeeder.com/privacy/
We use the service provider Brevo of Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany (hereinafter referred to as Brevo) to send our newsletter. Brevo is a provider of email and SMS marketing and enables us to communicate directly with potential customers via email and SMS newsletters. If you register for the newsletter, the data you enter when registering for the newsletter will be transmitted to Brevo and stored there. As a result, further personal data may be stored and analysed, in particular the user's activity (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular the IP address and operating system). Your data is also stored by Brevo for this purpose. Your data will not be passed on to third parties for the purpose of receiving the newsletter and Brevo does not obtain the right to pass on your data. After registration, Brevo will send you an email to confirm your registration. Brevo also offers various options for analysing how the newsletters sent are opened and used, e.g. to how many users an email or text message was sent, whether emails or text messages were rejected and whether users unsubscribed from the list after receiving an email or text message.
Further information on the processing of data by Sendinblue can be found here:
https://www.brevo.com/de/legal/privacypolicy/
The personal data collected as part of a registration for the newsletter is used exclusively for sending our newsletter, possibly for invitations to events and, if you are already our customer, for customer emails. Furthermore, subscribers to the newsletter may be informed by email if this is necessary for the operation of the newsletter service or a registration in this regard, as could be the case in the event of changes to the newsletter offer or changes to the technical circumstances.
The legal basis for the processing of users' personal data is generally the consent of the user in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law. In addition, you can contact Brevo and request the deletion of your data.
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can withdraw your consent to the storage of the data and its use for sending the newsletter by Brevo at any time. You can revoke your consent at any time by sending an email to Brevo or by clicking on the link provided in every newsletter.
You can find further information on objection and removal options vis-à-vis Brevo at: https://www.brevo.com/de/legal/privacypolicy/
We use the service provider Publitas of Publitas.com B.V., J.H. Oortweg 21, 2333 CH, Leiden, Netherlands (hereinafter referred to as Publitas) to provide our publications in the ‘Insights’ section.
Publitas is a tool that enables companies to create and manage digital publications such as catalogues and magazines. It provides a user-friendly platform that allows users to create interactive content that can be viewed on different devices and platforms. If you display the PDF view of one of our reports and/or download it, you will be redirected to Publitas.
Publitas collects and processes personal data of users who interact with the plug-in. This includes IP addresses, usage behaviour, browser and device information as well as any data provided by the user such as name, email address and other contact details. In addition, technical data such as cookie information and log data may also be collected.
Further information on the processing of data by Publitas can be found here: https://www.publitas.com/legal/privacy-statement/
The processing of personal data by Publitas serves several purposes:
The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
Your personal information will be stored for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law. In addition, you can contact Publitas and request the deletion of your data.
Users have the right to object to the processing of their personal data at any time. The objection can be sent by e-mail or in writing to the controller. In the event of a justified objection, the personal data will no longer be processed and will be erased unless there are compelling legitimate grounds for the processing. Users can also request the correction, blocking or deletion of their stored personal data at any time, provided that there are no statutory retention obligations to the contrary.
Further information on objection and removal options vis-à-vis Publitas can be found at: https://www.publitas.com/legal/privacy-statement/