Privacy policy

Protecting your privacy is very important to us. Below we inform you in detail about the handling of your data regarding your visit to our website (https://start.jvm.com).

1. Name and contact details of the controller and the Data Protection Officer

This privacy policy applies to data processing by:

Controller:
Jung von Matt HAVEL GmbH
Brunnenstraße 10
10119 Berlin
Germany

Phone: +49 30 700 108 50 100

You can reach our data protection officer here: datenschutz-extern@jvm.de

2. General notes and mandatory information

a) Data protection and information on storage

When you visit our website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what information we collect and how we use it. It also explains how we collect the data and for what purpose.

We would like to point out that data transmission on the internet (e.g. communication by e-mail) may have security gaps. Complete protection of data against access by third parties is not possible.

Unless a more specific storage period is stated within this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted after these reasons no longer apply.

b) Information on data transfer to the US and other non-EU countries 

Among other things, we use tools of companies located in the United States or other from a data protection perspective non-secure non-EU countries. If these tools are active, your personal data may potentially be transferred to these non-EU countries and may be processed there. We must point out that in these countries, a data protection level that is comparable to that in the EU cannot be guaranteed. For instance, U.S. enterprises are under a mandate to release personal data to the security agencies and you as the data subject do not have any litigation options to defend yourself in court. Hence, it cannot be ruled out that U.S. agencies or authorities may process, analyze, and permanently archive your personal data for surveillance purposes. We have no control over these processing activities but will keep approriate technical and organizational measures in place in order to minimize risks as much as possible.

c) SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties.

d) External hosting of the website

We host our website with Webflow. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter referred to as “Webflow”). When you visit our website, Webflow records various logfiles, including your IP address. Webflow is a tool for the creation and hosting of websites. Webflow stores cookies or other recognition technologies that are required for the depiction of the site, for the provision of certain website functions and to guarantee its security (necessary cookies). 

For details, please consult the data privacy policy of Webflow: https://webflow.com/legal/eu-privacy-policy. We use Webflow on the basis of Art. 6 (1) lit. f GDPR. We have a legitimate interest in ensuring that our website is depicted as reliable as possible. Our hoster will only process your data to the extent that this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to the data.

The transfer of data to the United States is based on the standard contractual clauses (SCC) of the EU Commission. Details can be found here: https://webflow.com/legal/eu-privacy-policy and here: https://webflow.com/legal/privacy. We have signed a data processing agreement (DPA) with Webflow together with the SCCs. 

3. Collection and storage of personal data and the nature and purpose of their use

a) Visiting our website

When you visit our website the browser used on your end device automatically sends information to our website or app server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

• IP address of the requesting computer,
• Date and time of access/server inquiry,
• Name and URL of the retrieved file,
• Website from which the access is made (referrer URL),
• the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The aforementioned data will be processed by us for the following purposes:

• Ensuring a smooth connection of the website,
• Ensuring a comfortable use of our website,
• Evaluation of system security and stability, and
• for other administrative purposes.

The legal basis for the data processing is Art. 6 (1) lit. f GDPR. Our legitimate interest is based on the purposes for data collection listed above. In no case we will use the collected data for the purpose of drawing conclusions about your person. In addition, we use cookies and analysis services when you visit our website. You can find more detailed explanations of this under points 5 and 6 of this privacy policy.

b) Contact form to request an offer or to call you back 

If you answer our online questionaire your are asked at the end to provide us with personal data (name, email address; phone and role within your comapny are optional) in order for us to create an individual offer for you. In addition, you can also submit inquiries to us via our contact form (name, email address, phone number) for a call back. For both cases, the information provided in the contact form as well as any contact information provided therein will be stored by our hosting service Webflow Inc. (for details please refer to section 2. d) of this privacy policy) in order to handle your inquiry and in the event that we have further questions. In addition, we will send you an automatic confirmation email about your selected modules within the questionaire. This confirmation email is send to you via Sendinblue with the support of Zapier (for details please refer to section 8. b) of this privacy policy). The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.

We currently do not use any of the analyzing feature in regards to newsletters from Sendinblue. The data you enter for the purpose of a confirmation email will be stored on Sendinblue's servers in Germany.

With the help of Sendinblue, it is possible for us to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. In this way, we can determine, among other things, which links were clicked on particularly often. We can also see whether certain previously defined actions were carried out after opening/clicking (conversion rate). For example, we can see whether you have made a purchase after clicking on the newsletter. Sendinblue also allows us to subdivide ("cluster") the newsletter recipients according to various categories. For example, newsletter recipients can be subdivided according to age, gender or place of residence. This way, the newsletter can be better adapted to the respective target groups.

For detailed information about the features of Sendinblue, please refer to the following link: https://de.sendinblue.com/newsletter-software/.

The processing of these data is based on Art. 6 (1) lit. b GDPR. Your request is related to the execution of a contract or is necessary to carry out pre-contractual measures. In the case of a request for call back, the processing also might be based on our legitimate interest in the effective processing of the requests addressed to us according to Art. 6 (1) lit. f GDPR if your request is not related to any pre-contractual measures. The information you have entered into the contact form shall remain with us until you ask us to eradicate the data or if the purpose for which the information is being archived no longer exists (e.g. after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

You can find more details in the privacy policy of Sendinblue at: https://de.sendinblue.com/datenschutz-uebersicht/.

We have concluded a data processing agreement with Sendinblue.

4. Disclosure of personal data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only share your personal information with third parties if:

• You have given your express consent to this in accordance with Art. 6 (1) lit. a GDPR,
• It is legally permissible and necessary according to Art. 6 (1) lit. b GDPR for the processing of contractual relationships with you,
• In the event that a legal obligation exists for the disclosure pursuant to Art. 6 (1) lit. c GDPR, as well as
• The disclosure is necessary for the assertion, exercise or defence of legal claims pursuant to Art. 6 (1) lit. f GDPR and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,

5. Use of cookies

a) General

Our website uses so-called "cookies". Cookies are small text files and do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behaviour or to display advertising. Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions desired by you (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 (1) lit. f GDPR, unless another legal basis is specified. We have a legitimate interest in storing cookies for a technically error-free and optimized provision of our services. Insofar as consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 (1) lit. a GDPR); consent can be revoked at any time. 

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

If cookies are used by third parties or for analysis purposes, we will inform you separately within the framework of this privacy ploicy and, if necessary, request your consent.

b) Cookiebot

Our website uses consent technology from Cookiebot by Usercentrics to obtain your consent to the storage of certain cookies on your end device or for the use of certain technologies and to document this in a data protection compliant manner. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich (hereinafter “Cookiebot”). 

When you visit our website, the following personal data is transferred to Cookiebot: 

• Your consent(s) or revocation of your consent(s) 
• Your IP address 
• Information about your browser 
• Information about your device 
• Time of your visit to our website 

In addition, a connection is established with the Cookiebot servers to obtain your consent and provide you with other explanations regarding the use of cookies. Cookiebot will then store a cookie in your browser to identify the consent you have given or its revocation. The data collected in this way is stored until you request us to delete it, delete the Cookiebot cookie itself or the purpose for which the data is stored no longer applies. Mandatory legal storage obligations remain unaffected. 

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 (1) lit. c GDPR. We have signed a data processing agreement (DPA) with Cookiebot.

6. Analyzing tools and advertising

a) Tracking tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) lit. a GDPR. With the tracking measures used, we want to ensure a needs-based design and the ongoing optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate in the sense of the aforementioned regulation.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

b) Matomo 

We use on our website the open-source web analysis service Matomo. Matomo uses technologies that make it possible to recognize the user across multiple pages with the aim of analyzing the user patterns (e.g. cookies or device fingerprinting). The information recorded by Matomo about the use of this website will be stored on the server of our third-party provider (details see below). Prior to archiving, the IP address will first be anonymized. Through Matomo, we are able to collect and analyze data on the use of our website-by-website visitors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we collect various log files (e.g. IP address, referrer, browser, and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.). The use of Matomo is based on your explicit consent on the basis of Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time. 

For analysis with Matomo we use IP anonymization. Your IP address is shortened before the analysis, so that it is no longer clearly assignable to you. 

We host Matomo in a cloud version with the following third-party provider: Webflow, Inc. 398 11th Street, 2nd Floor San Francisco, CA 94103. 

We have concluded a data processing agreement with Matomo. 

7. Social media

a) LinkedIn plug-in 

Our website uses functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Any time you access a page of our website that contains functions of LinkedIn, a connection to LinkedIn’s servers is established. LinkedIn is notified that you have visited this website with your IP address. If you click on LinkedIn’s “Recommend” button and are logged into your LinkedIn account at the time, LinkedIn will be in a position to allocate your visit to this website to your user account. We have to point out that we as the provider of the websites do not have any knowledge of the content of the transferred data and its use by LinkedIn. The use of the LinkedIn plug-in is based on Art. 6 (1) lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media. 

Data transmission to the US is based on the standard contractual clauses of the European Commission. Details can be found here: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-derschweiz?lang=en. 

For further information on this subject, please consult LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

8. Plugins and tools

a) Calendly 

You can make appointments with us on our website as a last step after answering our questionaire. We use the “Calendly” tool for booking appointments. The provider is Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA (hereinafter “Calendly”). To book an appointment, enter the requested data and the desired date in the screen provided. The data entered will be used for planning, executing and, if necessary, for the follow-up of the appointment.

The appointment data is stored for us on the servers of Calendly, whose privacy policy can be viewed here: https://calendly.com/de/pages/privacy. The data you have entered will remain with us until you ask us to delete it, revoke your consent for storage or the purpose for which the data was stored ceases to apply. Mandatory legal provisions, in particular retention periods, remain unaffected.

The legal basis for data processing is Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG, as the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time. If you decline the marketing feature via our consent tool Cookiebot, the feature of scheduling an appointment directly over Calendly will not be available to you. However, this does not affect your request for an offer from us in any way.

The data transfer to the US is based on the standard contractual clauses of the European Commission. Details can be found here: https://calendly.com/pages/dpa. We have concluded a data processing agreement with Calendly.

b) Zapier 

We have integrated Zapier on this website. The provider is Zapier Inc, Market St. #62411, San Francisco, CA 94104-5401, USA (hereinafter “Zapier”). Zapier allows us to link and synchronize various functionalities, databases, and tools with our website. More precisely, Zapier establiahes an automatic connection between the contact form on our website with Sendinblue in order to send you a summary of the informtion you provided us to receive an offer. Zapier collects certain personal data in the process, such as IP- and email-address and name. The use of Zapier is based on Art. 6 (1) lit. f GDPR. We have a legitimate interest on the most effective integration of the tools used. 

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here https://zapier.com/tos. In addition, we have concluded a data processing agreement with Zapier.

9. Data subject rights

You have the right,

• to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making, including profiling and, if applicable, meaningful information about its details;
• in accordance with Art. 16 GDPR to demand the immediate correction of incorrect or completion of your personal data stored by us;
• in accordance with Art. 17 GDPR to request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims; 
• to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the correctness of the data is disputed by you, the processing is unlawful, but you refuse its deletion and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
• in accordance with Art. 20 GDPR to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
• to revoke your consent at any time in accordance with Art. 7 (3) GDPR. This has the consequence that we may no longer continue the data processing based on this consent for the future; and
• to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

10. Right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular reason.

If you wish to exercise your right to object, simply send an e-mail to datenschutz-extern@jvm.de.

11. Modification of this privacy policy

This privacy policy is currently valid and is dated April 2022.

Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. The current privacy policy can be accessed and printed out by you at any time on our website at https://start.jvm.com/data-privacy