Privacy policy

You have the option of preventing the actions you take here from being analysed and linked. This will protect your privacy, but it will also prevent the owner from learning from your actions and improving usability for you and other users.

In this case, an opt-out cookie will be set via your browser, which means that Matomo will not process any session data.

Please note: If you delete your cookies, the opt-out cookie will also be deleted and you will have to set it again.

We only store the analysis data for as long as the purpose of data processing requires, up to a maximum of 360 days.

The legal basis for this processing is Art. 6 (1) sentence 1 (f) GDPR. Our legitimate interest in this is to measure the reach of our website and optimise it for users.

With regard to the opt-out cookie set, the legal basis is Section 25(2)(2) TDDDG, as the storage of information on your device is absolutely necessary in order to comply with your refusal of anonymisation and/or statistical evaluation.

11.  Contact

You can contact us via our email address, by telephone or via our contact form. When you contact us, we will store the data you provide in order to answer your questions and process your requests. The legal basis for this is Art. 6 (1) (f) GDPR.

The following data is collected:

–       Name

–       Email address

–       Your message

If we request information via our contact form that is not necessary for contacting us, we have always marked this as optional (without an asterisk). This information helps us to specify your enquiry and improve the processing of your request. The provision of this information is expressly voluntary and with your consent, Art. 6 para. 1 sentence 1 (a) GDPR.

Insofar as this involves information relating to communication channels (e.g. email address, telephone number), you also consent to our contacting you via this communication channel in order to respond to your enquiry.

You may, of course, revoke this consent at any time with future effect. To do so, please contact our data protection officer, whose contact details can be found above.

Your data, which we have received in the course of contacting you, will be deleted as soon as it is no longer required for the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.

As the data controller, our company has taken a variety of technical and organisational measures to protect the personal data processed via this website as best as possible.

Nevertheless, it should be noted that Internet-based data transmissions can always be associated with security risks. Complete protection against access by third parties cannot therefore be guaranteed. In particular, sending unencrypted emails is not secure.

We therefore ask you not to send confidential information via unencrypted email, but to use either encrypted communication channels (such as our contact form) or the postal service.

12.  Newsletter

12.1       Newsletter registration

You can subscribe to various newsletters on our website, which we (Tutech Innovation GmbH) will send you by email at the intervals specified when you register.

The legal basis for sending you the respective newsletter after you have registered for it is your consent in accordance with Art. 6 (1) (a) GDPR.

We use the double opt-in procedure for registration for our newsletters. This means that after you register, we will send an email to the email address you provided, asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be deleted after 14 days. You will only receive our newsletter after your confirmation.

The only mandatory information required for sending the newsletter is your email address so that we can deliver the newsletter to you.

The provision of further data (first name and surname) is voluntary, as indicated: this data is used to address you personally. The legal basis for this data processing and purpose is Art. 6 (1) (a) GDPR.

After your confirmation, we will store your email address for the purpose of sending you the newsletter until you revoke your consent. We also store your IP address at the time of registration, the time of registration, the content of the consent given, the content of the confirmation email, the time of confirmation and the IP address of the person confirming up to three years after the end of the year in which you revoked/unsubscribed from the newsletter (limitation period).

The purpose of this procedure is to be able to prove your registration in case of doubt and, if necessary, to investigate any misuse of your personal data. The legal basis for logging the registration and confirmation is our legitimate interest pursuant to Art. 6 (1) (f) GDPR in proving that consent has been given, see also Art. 7 (1) GDPR.

You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can revoke your consent, for example, by clicking on the link provided in every newsletter email or by sending an email to datenschutz@tutech.de.

After unsubscribing, your data collected for the purpose of receiving the newsletter will be deleted immediately, unless we need it for the above-mentioned proof of your original consent. The legal basis for this is our legitimate interest in accordance with Art. 6 (1) (f) GDPR.

For the transmission and administration of the newsletter, we use the MailPoet plugin, which we host ourselves or integrate locally, a newsletter service tool from the provider Aut O’Mattic A8C Ireland Ltd, Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland. The provider does not receive any personal data from you.

12.2      Advertising in accordance with Section 7(3) of the German Unfair Competition Act (UWG)

 If you purchase goods or services from us and provide your email address in the process, we may use this address to send you a newsletter. In this case, the newsletter will only contain direct advertising for our own similar goods or services.

The legal basis for this is Section 7 (3) of the German Unfair Competition Act (UWG).

You can object to this use at any time without incurring any costs other than the transmission costs according to the basic tariffs. You will also find an unsubscribe/objection link in every newsletter sent to you. 

13.  Data transfer

Your personal data will not be transferred to third parties unless we are legally obliged to do so, or the transfer of data is necessary for the performance of the contractual relationship, or you have expressly consented to the transfer of your data in advance.

to external service providers (processors)

Your data will be passed on to external service providers if they are acting on behalf of Tutech Innovation GmbH and support us in providing our services.

The processing of your personal data by these service providers is carried out within the framework of order processing in accordance with Art. 28 GDPR.

The aforementioned service providers only have access to the personal data necessary for the respective task. These service providers are prohibited from passing on your data or using it for other purposes, in particular for their own advertising purposes.

If external service providers come into contact with your personal data, we use legal, technical and organisational measures as well as regular checks to ensure that they also comply with the applicable data protection regulations.

Please also note the data protection information provided by the respective providers. The respective provider is responsible for the content of external services. We check these services within reasonable limits to ensure that they comply with legal requirements.

Your personal data will not be passed on to other companies for commercial purposes.

We attach great importance to processing your data within the EU/EEA. However, we may use service providers who process data outside the EU/EEA. In such cases, we ensure that an adequate level of data protection comparable to the standards within the EU is established at the recipient’s end before your personal data is transferred. This can be achieved, for example, through EU standard contracts or binding corporate rules or special agreements to which the company can submit.

14.  Webinars and other online events

To register for our webinars and other online events, we initially request the following personal data:

–       Title

–       First name

–       Surname

–       Company

–       Address

–       Telephone number

–       Email address

We use the above data exclusively for invoicing, cost processing and conducting the webinar.

The legal basis for free webinars is our legitimate interest in the proper execution of the webinar in accordance with Art. 6 (1) (f) GDPR and, in the case of paid webinars, the fulfilment of our contractually agreed service in accordance with Art. 6 (1) (b) GDPR.

Statistical data is collected during and after the webinar. If you participate in a webinar, we will receive information about the duration of your participation, questions asked and answers given in addition to your registration data for the purpose of further customer support.

Following a webinar, we will send you a one-time email containing the most important information from the webinar, along with a reference to our services. The legal basis for this is Art. 6 (1) (f) GDPR.

You have the right to object to the processing under the statutory conditions (Art. 21 GDPR).

In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. We would like to point out that in the event of an objection, participation in a webinar may not be possible.

By clicking ‘Submit’, you confirm that you will not make any recordings or screen captures of this session.

Recipients

Zoom

In order to conduct webinars and other online events via the Internet, we use the video conferencing service ‘Zoom’ (a service provided by Zoom Communications, Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA).

This enables us to convey information efficiently, flexibly and independently of location, with the option of exchanging information.

When using Zoom, various types of data are processed. The scope of processing depends on the information you provide before or during your participation in an online meeting.

The following personal data may be processed:

User data:

First name, last name, company name, telephone number (optional), email address, password (if single sign-on is not used), profile picture (optional), department (optional). To participate in webinars and other online events via Zoom, you must provide at least your name and email address so that we can send you the event invitation.

Meeting metadata:

topic, description (optional), IP addresses of participants, device and hardware information.

The online event will not be recorded.

For telephone dial-in:

Information about the incoming and outgoing phone number, the country, start and end time, and, if applicable, other connection data such as the IP address of the device and the browser used will be stored.

Text, audio and video data:

You can use chat, question or survey functions during an online meeting. The text you enter is processed in order to display it in the meeting and, if necessary, to log it. To transmit video and audio, data from your device’s microphone and, if applicable, camera is processed during the meeting. You can deactivate or mute the camera and microphone yourself at any time in the Zoom app.

If you are registered as a user with Zoom, reports on online meetings (e.g. meeting metadata, telephone dial-in data, questions and answers, survey results) may be stored by Zoom for up to one month.

Automated decision-making within the meaning of Art. 22 GDPR does not take place.

The legal basis for data processing is Art. 6(1)(b) GDPR, in order to be able to carry out the contractually agreed online event.

Personal data processed in connection with participation in ‘online meetings’ will not be passed on to third parties unless this is expressly provided for.

We use encrypted connections to protect your data. Access to the meetings is restricted to authorised participants only.

Zoom obtains knowledge of the aforementioned data within the scope of the data processing agreement concluded with us in accordance with Art. 28 GDPR, insofar as this is necessary.

As ‘Zoom’ is provided by a US-based provider, personal data is also regularly processed in a third country.

Insofar as data is processed outside the EU/EEA, Zoom has certified itself under the Data Privacy Framework (DPF) programme and is listed in the Data Privacy Framework list of the International Trade Administration (ITA). This means that Zoom has publicly committed to complying with DPF obligations and that any data transfer to the US is safe based on the European Commission’s current adequacy decision of 10 July 2023.

A list of currently certified US companies can be found here: https://www.dataprivacyframework.gov/s/participant-search.

Further information on the Data Privacy Framework programme can be found on the official ITA website: https://www.dataprivacyframework.gov/s/.

In addition, we have concluded EU-US standard contractual clauses with Zoom.

Further information relevant to data protection can be found at: https://www.zoom.com/de/trust/gdpr/?lang=null

Please note: If you visit the Zoom website, e.g. to download the Zoom software, the provider of Zoom is responsible for the data processing that takes place there. Visiting the corresponding website is only necessary to download the software for Zoom. If you do not want to or cannot use the Zoom app, the basic functions are also available in a browser version, which you can also find on the Zoom website.

Other recipients

In order to fulfil our contractual and legal obligations, your personal data may be disclosed to various public or internal bodies, as well as external service providers:

–     IT service providers (e.g. maintenance service providers, hosting service providers)

–     Service providers for file and data destruction

–     Auditors, tax advisors, solicitors

We store your personal data for as long as is necessary to fulfil our legal and contractual obligations, e.g.:

–     Invoices: Fulfilment of commercial and tax law retention obligations, for example.

–     These include, among others, retention periods from the German Commercial Code (HGB) or the German Fiscal Code (AO). The retention periods are up to 10 years.

–     The participation lists for paid webinars are subject to a 3-year storage period in accordance with the German Civil Code (BGB). There are no statutory retention periods for participation lists for free webinars. These participant lists are deleted at the end of each quarter.

In addition, statistics (participation duration) are collected per webinar by Zoom. These statistics are deleted together with the event after one month.

15. Cookies

We do not use cookies.

Cookies are data stored on your computer by a website you visit, enabling your browser to be re-identified. Cookies transmit information to the entity that uses them. Cookies can store various types of information, such as your language settings, the length of your visit to our website, or the entries you have made there. This prevents you from having to re-enter the data required for forms each time you use the website. The information stored in cookies can also be used to identify preferences and tailor content to areas of interest.

16.  Social Media

16.1 General

Tutech Innovation GmbH is represented on several social media platforms with a company page:

–      LinkedIn of LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, hereinafter referred to as ‘LinkedIn’

–      Facebook of Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, hereinafter referred to as ‘Facebook’

–      Instagram of Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland, hereinafter referred to as ‘Instagram’

–      Wisskomm.social of Informationsdienst Wissenschaft e.V. -idw-, Richard-Wagner-Str. 36, 95444 Bayreuth, hereinafter referred to as ‘Wisskomm.social’

–      X (formerly Twitter) of X Internet Unlimited Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland, hereinafter referred to as ‘X’

–      YouTube of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as ‘YouTube’

We operate our social media pages for the purpose of providing information and communicating with people who are interested in the content we publish there. In accordance with the terms of use of the respective social media platform, which each user has agreed to when creating an account, we can identify the subscribers to the page and view their profiles and other information shared by users.

For example, your name and profile picture are visible to us (and other users) when you visit our social media page or comment on our posts.

We therefore only collect personal data that has become an obvious part of our social media page through your participation.

We have no interest in collecting and using your personal data for marketing purposes. Your data remains on the respective social media platform.

16.2 Statistics and page insights

 When visiting our social media pages, certain information about users is processed. The operators of the social media platforms are solely responsible for this processing of personal data.

You can find comprehensive information about the processing of personal data by the respective providers in their privacy policies:

–       LinkedIn (https://de.linkedin.com/legal/privacy-policy)

–       Facebook (https://www.facebook.com/privacy/policy/?locale=de_DE)

–       Instagram (https://privacycenter.instagram.com/policy)

–       X (https://x.com/de/privacy)

Social media site providers collect various data in order to provide us with statistics and insights for our sites in anonymised form.

With the help of these statistics and page insights, we can gain insights into the types of actions that social media users take on our site. We cannot assign the information obtained via page insights to individual user profiles that interact with our sites.

This processing of personal data is carried out by the providers of the social media sites and us as joint controllers.

The processing serves our legitimate interest in evaluating interactions on our site and improving our site based on these findings. The legal basis for this processing is Art. 6(1)(f) GDPR.

We have entered into an agreement with the respective social media platform providers in accordance with Art. 26 GDPR.

Details about the processing of personal data for the creation of page insights and the agreement concluded between us and the social media site providers can be found at the following links:

–       LinkedIn (https://legal.linkedin.com/pages-joint-controller-addendum);

–       XING (https://www.xing.com/terms/onlyfy-one#h2-vereinbarung-zur-gemeinsamen-datenschutzrechtlichen-verantwortlichkeit)

–       Facebook (https://de-de.facebook.com/legal/terms/page_controller_addendum)

–       Instagram (https://de-de.facebook.com/legal/terms/page_controller_addendum)

–       Kununu (https://www.xing.com/terms/onlyfy-one#h2-vereinbarung-zur-gemeinsamen-datenschutzrechtlichen-verantwortlichkeit)

The operation of our respective social media pages and the associated processing of personal data is based on Art. 6(1)(f) GDPR in order to implement our legitimate interests in providing information and interaction opportunities via social media for and with our users and visitors.

Further legal bases for data processing may arise in individual cases from Art. 6 (1) (a), (b), (c) GDPR.

We delete personal data – insofar as we collect any at all – once the purpose of data processing has been achieved and there are no other legal reasons preventing the deletion of the data.

We generally delete messages on our social media accounts manually after 3 years.

16.3 Exercising your rights

You also have the option of asserting your rights in relation to social media site providers. Further information on this can be found at the following links:

–       LinkedIn: https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de

–       Instagram https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0

–       Facebook: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0

–       X: https://x.com/de/privacy#chapter10

17. Data security

Tutech Innovation GmbH uses technical and organisational security measures to protect your data managed by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously improved in line with technological developments. 

18. Rights of data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

18.1    Right of access pursuant to Article 15 GDPR

You may request confirmation from us as to whether we process personal data concerning you. If we have processed data relating to you, you have further rights of information as set out in Article 15 GDPR. 

18.2      Right to rectification

If your personal data recorded and stored by us is incorrect or incomplete, you may request that we correct it immediately in accordance with Article 16 of the GDPR.

18.3      Right to restriction of processing

Under the conditions set out in Article 18 of the GDPR, you may also request the restriction of the processing of personal data concerning you.

After restriction, your data may only be processed with your consent or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or of a Member State. We will inform you before the restriction is lifted.

18.4      Right to erasure

If one of the reasons specified in Article 17(1) GDPR applies, you may request that we delete your personal data without delay, unless there is an exception to the obligation to delete data in accordance with Article 17(3) GDPR.

Right to be informed

If you have asserted your right to rectification, erasure or restriction of processing against us, we are obliged under Article 19 GDPR to notify all recipients of your personal data, unless this is impossible or involves disproportionate effort. You also have the right to be informed about the recipients.

18.5      Right to data portability

Furthermore, pursuant to Article 20 GDPR, you have the right to receive from us the personal data concerning you in a machine-readable format and to transmit the data to another controller without hindrance, provided that the conditions of Article 20(1)(a) GDPR are met, or to have your personal data transmitted directly from us to another controller, insofar as this is technically feasible and does not affect the freedoms and rights of other persons. This right does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority. 

18.6       Right to object

You have the right to object at any time to Tutech Innovation GmbH processing your personal data on the basis of Article 6(1)(f) GDPR, Article 21(1) GDPR.

We will no longer process your personal data unless there are compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing, Art. 21(2) GDPR.

18.7      Right to withdraw your consent

You have the right to withdraw your consent at any time by notifying Tutech Innovation GmbH. Withdrawing your consent does not affect the lawfulness of processing based on consent before its withdrawal.

18.8      Right to lodge a complaint with the supervisory authority

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes this Regulation, without prejudice to any other administrative or judicial remedy

19. Links to websites of other providers

Our websites contain links to websites of other providers. We have no influence on whether these providers comply with the statutory data protection regulations. Please always check their own privacy policy.