The previous version of the privacy policy, which also covers the LIP API and Newsbot, can be found here.
In the following, we would like to inform you about the data we store about you when you visit our website/application and how this data is used.
If you have any further questions, e.g. about data that we have store about you, please do not hesitate to contact us.
Lateral GmbH
Köthener Str. 38
10963 Berlin
Germany
The Lateral GmbH is the responsible party in terms of data protection regulations. Contact requests can be made via e-mail to datenschutz@bitkom-consult.de
Our data protection officer is: Bitkom Servicegesellschaft mbH, Albrechtstraße 10, 10117 Berlin. You can contact them directly via email at datenschutz@bitkom-consult.de.
When you call up our website/application, the browser used on your end device automatically sends information to the server of our website/application and temporarily stores it in a so-called log file. The following information is also recorded without your intervention and stored until it is automatically deleted:
Additionally, we will process your personal data as a customer, if you have decided to subscribe to our service. For the purpose of managing your order, we will collect your account data and additionally payment data.
The data are deleted if you withdraw your consent and/or such data are no longer necessary for the purpose of processing. The log files and IP addresses of website visitors, which we process as described below, are deleted within 30 days. Data are also stored as set forth in this privacy policy. Furthermore, we store your data if we are obliged to do so in accordance with legal retention periods (e.g. German Commercial Code (HGB) or German Fiscal Code (AO)) (legal basis: Art. 6 (1) c. GDPR).
We may also store your data to enforce, exercise and defense legal claims (legal basis: Art. 6 (1) f. GDPR) with our legitimate interest that may be, for example, in the assertion of legal claims and defense in legal disputes. Criteria for storing data are the respective interests of you or us for storing such data for example considering economic and technical restrictions, the time periods offered by third party providers engaged by us etc.
We may use third party service providers that process your data for the purposes named in this privacy policy. We process your personal data by using third party providers in the EU and the USA, whereas data protection standards applicable in the EU are ensured.
For our online offer - as on many websites - cookies are used. Cookies are small text files which are stored on your computer and which store certain settings and data for the exchange with our online offer via your browser. A cookie usually contains the name of the domain from which the cookie file was sent as well as information about the age of the cookie and an alphanumeric identifier.
Cookies enable us to recognize your computer and to make any pre-settings and preferences immediately available. The cookies we use are - as far as possible - so-called session cookies, which are automatically deleted after the browser session ends. Occasionally, cookies with a longer storage period may also be used so that your preferences and settings can be taken into account the next time you visit our website.
Most browsers are set to accept cookies automatically. However, you can deactivate the storage of cookies or set your browser to inform you as soon as cookies are sent. It is also possible to manually delete already stored cookies via the browser settings. Please note that if you reject the storage of cookies or delete necessary cookies, you may not be able to use our online services at all or only to a limited extent.
The legal basis for the use of necessary cookies is our legitimate interest in the proper provision of our online offer within the meaning of Art. 6 para. 1 lit. f) DSGVO as well as - insofar as contracts are concluded or fulfilled via our online offer - the fulfilment of the contract within the meaning of Art. 6 para. 1 lit. b) DSGVO.
We use Abbyy Cloud for OCR processing of PDF files. We have a DPA with Abbyy Europe GmbH Landsberger Str. 300, 80687 Munich, Germany and the processing and storage of our European customer data takes place within the EU.
Further information on data protection can be found at https://www.abbyy.com/de/privacy/
In order to process our web app analytics we use use the services of Amplitude, Inc., 631 Howard Street, Floor 5, San Francisco, CA 94105, USA (“Amplitude”). On the basis of our legitimate interests (Art. 6 (1) lit. f DSGVO) of analysing user behaviour the processing of data takes place. For this purpose the pseudonymised Lateral ID is sent to Amplitude as well as interaction data.
View the Amplitude Privacy Policy for more information on how data is processed by Amplitude. We have also entered into a “Data Processing Agreement” with Amplitude. This commits Amplitude to protect our customer’s data, to not pass it on to third parties and to comply with the standard contractual clauses in cases where personal data is transferred to the USA (Art. 46 lit. f DSGVO).
We use Canny.io to collect feedback. Canny Inc. is located in 831 N Tatnall St Suite M #140, Wilmington, DE 19801, USA and we have concluded a DPA with the provider. For all transfers of personal data from the EU, Canny maintain EU standard contractual clauses where necessary. More information is available at https://canny.io/privacy and https://help.canny.io/en/articles/1876821-is-canny-gdpr-compliant
We offer you the possibility to book an appointment /meeting with us via our website. For this purpose we use the tool "Calendly" by the company Calendly LLC, BB&T Tower, 271 17th St NW #1000, Atlanta, GA 30363, US. We use Calendly to allow interested parties to automatically book appointments and meetings.
In addition to the requested date and company name, the following personal data is also processed by Calendly:
First and last name
E-mail address
Custom Message
The legal basis for the processing of the data is our legitimate interest in arranging a non-binding consultation with you as an interested party in accordance with Art. 6 Para. 1 lit. f DSGVO (GDPR) and, if applicable, Art. 6 Para. 1 lit. b DSGVO (GDPR), provided that your request is aimed at concluding a contract.
Since a transfer of personal data to the USA takes place, further protective mechanisms are required to ensure the level of data protection of the DSGVO(GDPR). To ensure this, the provider has implemented standard data protection clauses in accordance with Art. 46 (2) lit. c DSGVO(GDPR). These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the USA.
The personal data collected for consulting purposes will be deleted as soon as contact with you has taken place or was unsuccessful. Continued processing only takes place if it is necessary in the context of a resulting initiation and execution of a contract or for the fulfilment of resulting contractual purposes. You can object to the processing of your personal data at any time in the case of Art. 6 (1) lit. f DSGVO(GDPR).
For more information on the processing of data, please refer to the following link: https://calendly.com/pages/dpa
On our website a web service of the company Cloudflare, Inc., 101 Townsend St, 94107 San Francisco, United States of America (hereinafter: CloudFlare) is reloaded. We use this data to ensure the full functionality of our website .In this context, your browser may transmit personal data to CloudFlare. The legal basis for data processing is Art. 6 para. 1 lit. f DSGVO.The legitimate interest lies in an error-free functioning of the website.
The standard contractual clauses concluded between us and Cloudflare, Inc. serve as the legal basis for the transfer to a third country without a decision on appropriateness. According to art. 46 DSGVO this represents a suitable guarantee in the sense of the DSGVO. The data will be deleted as soon as the purpose of their collection has been fulfilled. Further information on the handling of the transferred data can be found in the CloudFlare data protection declaration: https://www.cloudflare.com/privacypolicy/
You can prevent CloudFlare from collecting and processing your data by disabling the execution of script code in your browser or by installing a script blocker.
We use Google Analytics, a web analysis service by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4 Ireland ("Google"). Google Analytics uses cookies to analyze how you use the website. Google will use this information on our behalf to evaluate the use of our website by the users, to compile reports on the activities within this website and to provide us with further services related to the use of this website and the internet. The processed data can be used to create pseudonymous user profiles of the users.
The protection of your data is important to us, therefore we have configured it to use the con-figuration parameter "anonymizeIp". https://support.google.com/analytics/answer/2763052 to shorten your IP address and process your personal usage data anon-ymously. All other data will only be processed pseudonymised. It is not possible for us to draw any conclusions about your identity. The IP address transmitted by the user's browser is not merged with other data from Google.
The information generated by the cookie about your use of the website is usually transferred and stored to a Google server in the USA.
The processing is based on EU standard contract clauses. Through this, Google offers a guarantee to comply with European data protection law. The storage of cookies is based on Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time using the following link: https://tools.google.com/dlpage/gaoptout
Further informations on the use of your data and objection options can be found in Google‘s privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).
Further informations on the terms of use of Google Analytics and the data protection regulations can be found at: http://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/
Our Website uses the "Google Fonts" service of Google LLC, Mountain View, CA, USA to integrate and display text on the Website. For this purpose Google may process your data (including the IP address) on servers located in the USA.
When the IP address is processed this is based on our legitimate interests of technical functionality of the Website based on Art. 6 (1) f. GDPR or TMG.
Google LLC is certified according to the "Privacy Shield" agreement between the European Union and the USA and guarantees compliance with applicable European data protection regulations (see: https://www.privacyshield.gov/). You can also find more information in Google's privacy policy: services.google.com/sitestats/en.html
We use Google Forms provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland for surveys and online forms. Google Forms makes it possible to design and evaluate surveys and online forms. In addition to the respective personal data that you enter in the respective forms, information on your operating system, browser, date and time of your visit, referrer URL and your IP address is recorded. Your personal data will be processed by Google on our behalf.The processing is based on EU standard contract clauses. Through this, Google offers a guarantee to comply with European data protection law.There are detailed instructions on how to manage your own data in connection with Google products. https://policies.google.com/privacy
This website still occasionally uses the Google Maps API to display geographical information visually. When using Google Maps, Google also collects, processes and uses data on the use of the map functions by visitors. You can find more detailed information about data processing by Google in the Google data protection information. There you can also change your personal data protection settings in the data protection center
There are detailed instructions on how to manage your own data in connection with Google products. https://policies.google.com/privacy
To protect against misuse of our web forms and spam by automated software (so-called bots), Google reCAPTCHA collects data (IP address, time of visit, browser information and information on your use of our website) and uses a so-called JavaScript and cookies to analyze your use of our website. In addition, other cookies stored in your browser by Google services are evaluated. No personal data is read out or saved from the input fields of the respective form.
We use the provider Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18-21 St. Stephen’s Green, Dublin 2, Republic of Ireland to provide you with support via onboarding, the chat function and email, and thus facilitate the use of our app. To respond to requests, your first name, user ID, email, your chat content as well as interaction data are collected. On the basis of our legitimate interests (Art. 6 (1) lit. f DSGVO) of analysing user behaviour the processing of data takes place.
Cookies are used to operate the chat function. Cookies are small text files that are stored locally in the cache of the site visitor’s Internet browser. The cookies enable the recognition of the site visitor’s Internet browser in order to distinguish individual users of the chat function of our website. The information generated by the cookies about your use of this website (including your IP address) is transmitted to a server of the chat service provider and stored there.The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent. If the information collected in this way has a personal reference, the processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in effective customer service.
If the chat history is aimed at the conclusion of a contract, the additional legal basis is Art. 6 para. 1 lit. b DSGVO processing for the performance of a contract or for the implementation of pre-contractual measures.The use of the service provider is based on our legitimate interest according to Art. 6 para. 1 lit. f DSGVO.
The data will be deleted by Lateral as soon as they are no longer required to achieve the purpose for which they were collected. The data deletion will be completed by Intercom within 90 days of a request being received.
If consent has been given, the user has the option to revoke his consent to the processing of personal data at any time. In such a case, the conversation cannot be continued.
Since a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c DSGVO. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavor to obtain additional regulations and commitments from the recipient in the USA.
For more information on the processing of data, please refer to the following link: https://www.intercom.com/legal/privacy
LinkedIn and we may use your data for careers and recruiting services for our LinkedIn pages (see also the data processing agreement: https://legal.linkedin.com/dpa). Data on how you use LinkedIn may be shared with us and certain third parties as described in detail here: https://www.linkedin.com/legal/privacy-policy#share
LinkedIn also uses cookies and similar technologies as set forth here: https://www.linkedin.com/legal/cookie_policy
As LinkedIn user you can at any time influence how your user behavior is recorded when you visit LinkedIn pages. To do this, you can manage the advertising and general settings in your account under https://www.linkedin.com/psettings/privacy. LinkedIn also provides opportunities to contact and exercise rights under https://www.linkedin.com/legal/privacy-policy, https://www.linkedin.com/legal/cookie-policy and for individual messages online via https://www.linkedin.com/help/linkedin/ask/TSO-DPO.
We use Mailgun to send automatic emails. Mailgun is located in San Antonio HQ 112 E Pecan St. #1135San Antonio, TX 78205 USA and we have concluded a DPA with the provider. For all transfers of personal data from the EU, Mailgun maintain EU standard contractual clauses where necessary, ensure additional safeguards such as data encryption and data minimisation.
For further information on data usage, please refer to https://www.mailgun.com/privacy-policy/ and https://www.mailgun.com/gdpr/
We use Sendinblue on our website. Sendinblue is a European software company from France, Sendinblue SAS - Politique de confidentialité 55, rue d'Amsterdam 75008 Paris, France. We use this integrated software solution for our contact forms, as a CRM tool, for transactional emails and for e-mail marketing.
According to the principle of data minimization, Sendinblue only processes the personal data that have been specified in the DPA.
Sendinblue uses cookies. These are small text files that are stored locally in the cache of your web browser on your device and allow us to analyze your use of the website. The collected information (e.g. IP address) and the content of our website is stored on the servers of the service provider. If you have given your consent in accordance with art. 6 para. 1 sentence 1 lit. a DSGVO, the processing will take place on this website in order to be able to contact you.
You can permanently object to the collection of data by Sendinblue and the setting of cookies by preventing the storage of cookies through your browser settings accordingly. You may object to the processing of your personal data by us at any time with effect for the future by e-mail.
All data is stored on servers of the European Union. A data transfer to third countries does not take place.
For more information on the objection and Sendinblue's remedies, please visit: https://www.sendinblue.com/legal/privacypolicy/
We use Typeform.com for surveys and online forms. Typeform is a software company from Spain, TYPEFORM S.L., Carrer Bac de Roda 163, 08018 Barcelona, Spain. Typeform collects and stores your data when you submit the form. We are responsible for the Typeform forms that we publish and manage the data collected.
In addition to the respective personal data that you enter in the respective forms, information on your operating system, browser, date and time of your visit, referrer URL and your IP address is recorded. Your personal data will be processed by Typeform on our behalf. Processing of data by Typeform may entail the International transfer of data outside the European Union.
Through their privacy policy Typeform offers a guarantee to comply with European data protection law.Further information on the collection and use of data by Typeform can be found in the Typeform privacy policy https://admin.typeform.com/to/dwk6gt.
In order to be able to provide our online offer securely, we use the services of the web hosting provider "Webflow". Webflow, Inc. is located at 208 Utah, Suite 210, San Francisco, CA 94103, USA; For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security services and technical maintenance services.
Since a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c DSGVO. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe.
The data processed as part of the provision of the hosting offer may include all information relating to the users of our online offer, which is generated as part of the use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of online offers to browsers, and all entries made within our online offer or from websites.
Collection of access data and log files: We ourselves (or our web hosting provider) collect data on each access to the server (so-called server log files). The server log files may include the address and name of the web pages and files accessed, the date and time of access, the volume of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider.
The server log files may be used on the one hand for security purposes, e.g., to prevent server overload (especially in the event of abusive attacks, so-called DDoS attacks) and on the other hand, to ensure the utilization of the servers and their stability.
Types of data processed: Content data (e.g. text input, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), inventory data (e.g. names, addresses), contact data (e.g. email, phone numbers).
- Data subjects: Users; as website visitors.
- Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f. GDPR), consent (Art. 6 para. 1 p. 1 lit. a GDPR).
For further information on the processing of personal data by Webflow, please visit: https://webflow.com
Privacy Policy (EU & Swiss) - https://webflow.com/legal/eu-privacy-policy
We also use the video portal of YouTube LLC, 901 Cherry Ave., 94066 San Bruno, CA, USA, hereinafter only referred to as "YouTube".
YouTube is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter only referred to as "Google". The information generated by the cookies about the use of the online offer by the users is usually transferred to a Google server in the USA and stored there. The processing is based on EU standard contract clauses. Through this, Google offers a guarantee to comply with European data protection law.
We use YouTube in conjunction with the Advanced Privacy Mode feature to show you videos. The legal basis is Art. 6 para. 1 lit. a) GDPR.
According to YouTube, the function "Extended Privacy Mode" has the effect that the data described in more detail below is only transmitted to the YouTube server when you actually start a video.
Without this "Extended Privacy Mode", a connection to the YouTube server in the USA is established when you visit one of our Internet pages on which a YouTube video is embedded. This connection is required in order to display the besaid video via your Internet browser. YouTube will at least record and process your IP address, the date and time, and the website you visited in this process.
For the purpose of functionality as well as for the analysis of usage behaviour, YouTube permanently stores cookies via your internet browser on your end device. If you do not agree with this processing, you have the possibility to prevent its storage within your browser settings.
You will find more informations above under "Cookies". Google provides further information about the collection and use of data as well as your rights and protection options at https://policies.google.com/privacy.
If you apply to us via our web form, we collect personal data. This includes in particular your contact data (such as first name, last name, name affixes, private address, (mobile) telephone number, e-mail address) as well as other data provided by you regarding your background (e.g. curriculum vitae, qualifications and degrees, professional experience) and your person (e.g. cover letter, personal interests). This may also include special categories of personal data (e.g. information on a severe disability). Your personal data is usually collected directly from you during the application process and is encrypted during electronic transmission. The data is taken from the application form to be filled out online and from the uploaded files.
The data processing serves to initiate an employment relationship. The primary legal basis for this is § 26 para. 1 BDSG. In addition, consents in accordance with Art. 6 Para. 1 lit. a, 7 DS-GVO in conjunction with § 26 Para. 2 BDSG can be used as a data protection permission regulation. If the processing of your data is based on consent, you have the right to revoke your consent at any time with effect for the future.
If you decide to place an order for our services on our website, we will collect personal data to manage your purchases. This includes in particular your contact data (e.g. name, address, e-mail), your subscription data (i.e. what service has been ordered) and your payment data (e.g. credit card, bank information). We process your personal data to provide our services and perform on our contract based on Art. 6 (1) lit b) GDPR.
For managing the checkout process and payment, we use the services of Stripe, a provider of financial services for the purposes of taking payments, sending invoices and managing subscriptions. As Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA is a US-company, your data will be transferred to and stored in the USA. Your personal data is encrypted during electronic transmission. Since a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c DSGVO. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe.
For more information on the processing of data, please refer to the following link: https://stripe.com/en-gb-es/privacy
With regard to the data processing listed here, you are entitled to various data subject rights which are regulated in the GDPR.
First of all, you have the right to obtain information about the data that you have transmitted to us and that we have processed (Art. 15 GDPR).
You can also request the correction (Art. 16 GDPR), deletion (Art. 17 GDPR) and restriction (Art. 18 GDPR) of your data.
You also have a right to data portability (Art. 20 GDPR) and a right of objection (Art. 21 GDPR).
Without prejudice to any other administrative or judicial remedy, you also have the right to complain to a data protection supervisory authority. You may contact the data protection authority at your usual place of residence or our registered office. The address of the supervisory authority responsible for us is
Berliner Beauftragte für Datenschutz und Informationssicherheit
Friedrichstr. 219, 10969 Berlin
Tel: 030 138890