3. Analysis Services
Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (1600 Amphitheater Parkway, Mountainview, California 94043, USA; hereinafter: “Google”). Google is the processor used by heroal for this purpose. We have concluded a corresponding processing agreement with Google in accordance with Article 28 GDPR.
Google Analytics enables us to analyse how users interact with the content provided on the website. We use this as a basis for optimising our offers on the website. When using Google Analytics, the following data is recorded and transmitted to Google in the USA: Data on the device and browser (host name, browser type, referrer, language), IP address as well as the respective user interaction on the website (e.g. which page a user accesses). In addition, a random, pseudonymous ID is assigned to a user by means of a cookie, to which the aforementioned information is assigned. This is typically a cookie ID. This links to the identifier of the cookie set by Google Analytics for the specific device. In addition, we set a user ID for cross-device tracking. In addition, we have activated the anonymisation function for IP addresses. This means that as soon as the IP packet arrives at Google's servers, the data is anonymised in full at Google.
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by Google by refusing your consent or revoking it at a later date in the cookie settings .Alternatively, you can click on the following link. This sets an opt-out cookie, which prevents the future collection of your data when visiting this website: Click here to disable Google Analytics.
You can find more information on terms of use and data protection at http://www.google.com/analytics/terms/de.html and www.google.com/intl/de/analytics/privacyoverview.html.
Matomo (formerly Piwik)
The heroal Communicator uses the Matomo web analysis service, provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand (hereinafter: “InnoCraft“), in order to analyse and regularly improve the use of our website. InnoCraft is the processor used by heroal for this purpose.
Cookies are stored on your computer to perform this analysis. The information collected in this way is stored exclusively on our server in Germany.
The heroal Communicator uses Matomo with the AnonymizeIP extension. As a result, IP addresses are further processed in a truncated form to prevent them from being traced back to any particular individual. The IP address transmitted by Matomo from your browser will not be associated with other data collected by us.
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by InnoCraft by refusing your consent or revoking it at a later date in the cookie settings .
Matomo is an open source project. Privacy information from this third-party provider is available at http://Matomo.org/privacy/policy.
Hotjar
We use Hotjar, an analytics tool provided by Hotjar Ltd., Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta (hereinafter “Hotjar”), to better understand the needs of our users and to optimise the offer on this website. Hotjar is the processor used by heroal for this purpose.
Hotjar is a technology service that helps us better understand our users’ experiences (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices (in particular device's IP address (captured and stored only in anonymised form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymised user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by Hotjar by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, you can opt out of the processing by clicking on this opt-out link.
4. Marketing Services
Google Remarketing
We use Google Remarketing by Google Ads, a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter: “Google”). Google is the processor used by heroal for this purpose.
The remarketing function allows us to display advertisements to you when you continue browsing after you have visited our website. This takes place via cookies stored in your browser, through which your usage behaviour is recorded and evaluated by Google when you visit various websites. This is how Google determines that you have previously visited our website. When using Google AdServices, the following data is collected and transmitted to Google in the USA: Data on the device and browser (host name, browser type, referrer, language), IP address and the respective user interaction on our website and on other websites on which our advertisements are displayed (e.g. which page a user visits, which products the user selects and purchases, which advertisements a user clicks on. In addition, a random, pseudonymous ID is assigned to a user by means of a cookie, to which the aforementioned information is assigned.
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by Google by refusing your consent or revoking it at a later date in the cookie settings .
For more information about privacy and Google remarketing, see https://policies.google.com/technologies/ads.
Google DoubleClick
This website uses the online marketing tool DoubleClick, a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter: “Google”). Google is the processor used by heroal for this purpose.
DoubleClick uses cookies to display ads that are relevant to users, to improve campaign performance reports, and to prevent users from seeing the same ads multiple times. Google uses a cookie ID to determine which ads are running in which browser and can prevent them from being displayed multiple times. In addition, DoubleClick can use cookie IDs to record conversions in relation to ad requests. This is the case when a user sees a DoubleClick ad and later uses the same browser to visit the advertiser’s website and buy something. According to Google, DoubleClick cookies do not contain personally identifiable information.
With the marketing tools used, your browser automatically establishes a direct connection to a Google server. We have no control over the extent and continued use of data collected through Google’s use of this tool. By integrating DoubleClick, Google receives the information that you have accessed the relevant part of our website or have clicked on one of our ads. If you are registered with a Google service, Google may link your visit to your account. Even if you are not registered with Google or if you are not logged in, there is a chance that the provider will find and store your IP address.
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by Google by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, you can block this tracking in several ways: a) By setting your browser software accordingly; in particular, blocking third-party cookies will prevent you from receiving any third-party advertisements; b) by disabling cookies for conversion tracking by setting your browser to block cookies from the domain www.googleadservices.com. This setting will be deleted when you delete your cookies; c) by deactivating the interest-based advertisements of the providers that are part of the About Ads corporate self-regulation campaign via the link http://www.aboutads.info/choices. This setting will be deleted when you delete your cookies; d) by permanent deactivation in your browser via the link http://www.google.com/settings/ads/plugin.
Learn more about DoubleClick by Google at https://www.google.com/doubleclick and http://support.google.com/adsense/answer/2839090. General information about Google and data protection is also available at https://www.google.de/intl/de/policies/privacy.
Facebook Custom Audiences
The website also uses the Custom Audiences remarketing feature from Facebook Inc. (1601 S California Ave, Palo Alto, California 94304, USA; hereinafter referred to as "Facebook"). Facebook is the processor used by heroal in accordance with Article 28 GDPR, insofar as data is processed for the presentation of interest-based advertisements and for reach measurement in connection with the use of Facebook Business Tools. Facebook acts together with heroal as the joint controller, to the extent that data is processed in connection with the use of Facebook Business Tools for the targeting of ad and improvement of ad delivery.
The service allows us to show you interest-related ads ("Facebook ads") when you visit the Facebook social network or other websites that use the process. The following personal data are collected in this respect: Websites that you have viewed, visited topic pages, use of a Facebook ad, use of the search terms, IP address.
If you are registered with a Facebook service, Facebook may link your visit to your account. Even if you are not registered with Facebook or you are not logged in, there is a chance that the provider will find and store your IP address and other information, which could be used to identify you.
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by Google by refusing your consent or revoking it at a later date in the cookie settings . Alternatively, as a logged-in user, you can disable the cookie under the following link: https://www.facebook.com/settings/?tab=ads#_
For more information about Facebook data processing, please visit https://www.facebook.com/about/privacy.
Adform A/S
In order to make use of interest-based advertising, cookies provided by Adform A/S, Wildersgade 10B, 1, 1408 Copenhagen K, Denmark (hereinafter: “Adform”). Adform is a processor used by heroal in accordance with Article 28 GDPR.
Adform is used to create pseudonymous user profiles to save information about operating systems, browser versions, IP addresses, location and number of clicks or views. The collected data are used for the following purposes:
-
to record the number of visitors on our websites
-
to determine in which order a visitor visits the different website contents
-
to identify website contents that require adaptation
-
to optimise the website
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by Adform by withdrawing your consent or revoking it at a later date in the cookie settings . Alternatively, you can choose to set an opt-out cookie that blocks any further data collection under the following link: https://site.adform.com/datenschutz-opt-out/
Microsoft Advertising
We use remarketing and conversion tracking by Microsoft Advertising (formerly Bing Ads) on our website. This service is provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, (hereinafter: “Microsoft”). Microsoft acts as a controller under its own responsibility for your data in this context.
This solution allows us to display ads and track user action for those ads. To do so, a cookie is set by Microsoft when you click on an ad placed via Microsoft Advertising, where the advertiser has opted for conversion tracking. The cookie collects the following data and forwards this to Microsoft: User ID, advertising data, i.e. data on access to displayed ads and their use.
Microsoft uses this collected information in order to provide us with statistics about the visitors to our website. Among other things, these statistics include information about the number of clicks on our Bing advertising and the subsequent visits to our websites. Cross-device tracking also allows Microsoft to track you and your consumer behaviour across multiple devices. This means that Microsoft is able to show you personalised advertising across multiple end devices.
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by Microsoft by withdrawing your consent or revoking it at a later date in the cookie settings . Alternatively, you may prevent your data from being collected by changing the relevant settings in your internet browser. If you have a Microsoft account, you can also go to https://choice.microsoft.com/de-de/opt-out in order to change the settings for personalized advertising.
You can find more information on Microsoft Advertising, data collection and use, and background information on protecting your privacy at: https://help.bingads.microsoft.com/#apex/3/de/53056/2.
LinkedIn Insight and Conversion Tracking
We use the LinkedIn Insight Tag for this website, a service of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (hereinafter: We use the LinkedIn Insight Tag for this website, a service provided by LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (hereinafter: “LinkedIn”). LinkedIn acts as a processor for heroal in accordance with Article 28 GDPR.
The LinkedIn Insight Tag creates a cookie on your web browser that collects the following data: IP address, timestamp, website activities, demographic data from LinkedIn, if the user is an active LinkedIn member.
This technology enables us to monitor the performance of our ads and create information regarding user interaction on our website. The LinkedIn Insight Tag is embedded on our website in order to connect to the LinkedIn Server if and when you visit our site and are logged into your LinkedIn Account while doing so. We process your data in order to evaluate campaigns and collect information about users who might have reached our website via our LinkedIn campaigns..
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by LinkedIn by withdrawing your consent or revoking it at a later date in the cookie settings .
Further information on privacy at LinkedIn can be found here.
Pinterest Pixel (Pinterest Tag)
The so-called "Pinterest Tag" of Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland ("Pinterest") is also integrated on our website, which serves to analyze and optimize our online offer.
This enables Pinterest to determine the website visitor as a target group for the display of advertisements. Pinterest receives the information that the user has accessed the website and which offers they are interested in. If the website visitor is also a Pinterest member, corresponding advertisements and offers can also be displayed on Pinterest (via so-called "Custom Audiences").
We want to use the Pinterest tag to ensure that our Pinterest ads correspond to the potential interest of users and are not annoying. With the help of the Pinterest tag, we can track the effectiveness of Pinterest ads for statistical and market research purposes by seeing whether users have been redirected to our website after clicking on a Pinterest ad (so-called "conversion").
The following information is processed during use Device information, operating system used, IP address, time our website was accessed. In this context, personal data is transferred to the USA.
The legal basis for the associated data processing is Art. 6 para. 1 a) or Art. 49 para. 1 a) GDPR in conjunction with your consent.
Revocation: You can revoke your consent to the use of marketing cookies and smart pixels at any time with effect for the future. You can find the link to the cookie settings in the footer.
Taboola
Taboola is dedicated to providing Internet users the highest level of transparency and control over the use of their data in online advertising. We adhere to the Self-Regulatory Principles set forth by the Digital Advertising Alliance (DAA), the Digital Advertising Alliance Canada (DAAC), and the European Interactive Digital Advertising Alliance (EDAA). Taboola also adheres to the Interactive Advertising Bureau’s (IAB) Self-Regulatory Principles for Online Behavioral Advertising, the IAB Europe OBA Framework, as well as participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies as vendor number 42. In addition, Taboola is a proud member in good standing of the Network Advertising Initiative (NAI), an association dedicated to responsible data collection use in digital advertising, and we adhere to the NAI Code of Conduct for Web and Mobile. To update your AdChoices Opt Out settings, select your region here: US , Canada , or Europe (including the United Kingdom); and to manage all NAI member sites’ settings, click here .
5. Integrated Services by Third-Party Providers
Google Maps
This website uses the Google Maps product. Google Maps is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”).
Google Maps is integrated as a two-click solution. If you give your consent in accordance with Article 6 (1) (a) GDPR to activate Google Maps by clicking on the plug-in on a sub-page in which Google Maps is embedded, Google receives the information that you have visited a specific sub-page of our website. In addition, data is collected that your browser transmits to Google. This includes, for example, the IP address, the date and time of the request, the amount of data transferred, the operating system and its user interface, and the language and version of the browser software.
This occurs regardless of whether Google provides a user account that you are logged in to, or whether you have no Google account. If you are logged in to Google, your data will be linked directly to your account. If you do not want this link to your Google profile, you must log out before activating the button. Google stores your data as a user profile and uses it for purposes of advertising, market research and/or customisation of its website.
For more information about the processing of your personal data by Google Inc., please refer to this link: https://policies.google.com/privacy?hl=de.
YouTube
We have embedded YouTube videos on our website. These are stored on www.youtube.com and can be played directly from our website. YouTube is a service provided by Google LLC, 1600 Amphitheater Parkway, Mountainview, California 94043, USA (hereinafter: “Google”).
The videos are embedded in advanced privacy mode, which means that your personal user data is not sent to Google if you do not play the videos. Only when you play a video does Google receive information that you have accessed a sub-page of our website. In addition, data is collected that is then sent to YouTube by your browser. This includes, for example, the IP address, the date and time of the request, the amount of data transferred, the operating system and its user interface, and the language and version of the browser software.
This occurs regardless of whether YouTube provides a user account that you are logged in to, or whether you have no YouTube account. If you are logged in to Google, your data will be linked directly to your account. The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR, which you give when you click on the video.
Regardless of the playback of the video, YouTube already sets cookies when you visit the page in which the YouTube video is embedded, which send data about you (in particular the IP address and pages visited) to the Google Double-Click network. The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR, which you give in the cookie settings.
For more information on the purpose and scope of the data collection and processing through YouTube, please refer to the Google Privacy Policy at: https://www.google.de/intl/de/policies/privacy.
Vimeo
We use plugins from Vimeo, Inc. 555 West 18th Street, New York, New York 10011, USA on our website in order to increase awareness about our company and integrate videos with further information for you into the website.
The plugins are designated with a Vimeo logo.
We integrate these plugins through the so-called two click method to provide the best possible protection for visitors to our website. This means that your personal data (in particular, your IP address) is not transmitted to Vimeo simply when you access the website. Instead, for the data to be transmitted you must activate the integrated videos by clicking on them. With this click, you grant your consent in accordance with Art. 6 para. 1 lit. a GDPR to form a connection with Vimeo's servers.
Through this connection, Vimeo receives the information that your browser accessed the corresponding page of our website even if you do not have a Vimeo profile or are not currently logged in.
This information (including your IP address) is transmitted by your browser directly to a Vimeo server in the USA and saved there. If you are logged into Vimeo, then Vimeo can directly associate your visit to our website with your account. If you interact with the plugins, for example by starting the video, this information is also transmitted directly to a Vimeo server and saved there.
If you do not want Vimeo to directly associate data collected via our website with your account, you must log out of Vimeo before activating the plugin.
Data is transmitted to the USA as a third country in accordance with Art. 49 para. 1 lit. a) GDPR with your consent, if you have granted such consent to us and after we have informed you that you may have no or limited legal protection in the USA, as well as a lower level of data protection than in the EU. Further information is available in the Vimeo data privacy policy: https://vimeo.com/privacy.
AddSearch
The search function on our website is provided by AddSearch Oy, Töölönkatu 4, FI-00100 Helsinki, Finland (‘AddSearch’). When you use the search function (search field) on our website, data is transmitted to AddSearch. The search terms you enter and your IP address are transmitted.
AddSearch uses Amazon Web Services (AWS), based in the USA, as a processor. This means that some data processing may also take place outside the EU or the European Economic Area (EEA). By using standard contractual clauses of the EU Commission (Art. 46 para. 2 lit. C GDPR), security measures are taken to protect your personal data in the event of a possible transfer to the USA initiated by AWS. Further information on the standard contractual clauses can be found here:
https://commission.europa.eu/law/law-topic/data-protection/data-protection-eu_en .
Your personal data is transmitted on the basis of our legitimate interest in improving the user experience on our website through a search function, Art. 6 para. 1 lit. f GDPR. Information is only transmitted once at least three characters have been entered in the search function. No data is transferred to AddSearch before this.
Further information can be found in the privacy policy of AddSearch: https://www.addsearch.com/privacy/ .
6. heroal Communicator
As a user of the heroal Communicator, you have the opportunity to view and/or download and/or otherwise use content in connection with heroal products, such as catalogues, design drawings and various software tools and software for the administration and display of content and data. You can also communicate with heroal electronically via the heroal Communicator.
When registering for the heroal Communicator, we collect your data (mandatory fields: title, first name, last name, address, company, email address, telephone number, language; voluntary information: customer number, position in the company, fax number, website, the products of interest to you) as well as your request. We store the data you provide upon registering to use the heroal Communicator (stock data) in our Customer Relationship Management system (CRM system) and merge it with any customer data already stored there. In addition, we evaluate the data relating to your use of the heroal Communicator in an anonymised form, such as which functions of the heroal Communicator are used.
The processing of personal data takes place based on Article 6 (1) (b), (f) GDPR. The purpose of the data processing and our legitimate interest lies in customer support, the provision of the aforementioned content, the initiation of contracts and in the ability to answer messages addressed to us.
7. Contact
On our website you will find contact forms which can be used to contact us online (e.g. if you are looking for specialist service providers). Alternatively, you can contact us via our email address. If you contact us via one of these channels, we collect the personal data entered and sent.
If you use the contact form, the processed personal data comprise the master data entered there (mandatory fields: first name, family name, email address, address, optional fields: telephone number, the products that are of interest to you). If you contact us directly via email, we will process your email address and any personal data found in the text of the email.
The processing is based on Article 6 (1) (f) GDPR. The purpose of the data processing and our legitimate interest lies in customer support and in being able to answer the messages addressed to us.
8. Newsletter
heroal sends newsletters, emails and other electronic messages (hereinafter referred to as “newsletters“) subject to the consent of the recipients or statutory permission. In our newsletters, we inform you about current topics and news about heroal and the heroal product range.
We use a double-opt-in process for newsletter subscription. After subscription, an email will be sent to the email address submitted, asking you to confirm your interest in receiving newsletters. If you do not confirm your subscription within 60 days, your information will be deleted. In addition, we save the IP addresses used by you and the time of subscription and confirmation. The double-opt-in process serves as a means to verify your subscription, and to follow up on any potential abuse of your personal data, if any.
Your email address is the only mandatory information needed to subscribe to newsletters. The provision of further, especially marked data is voluntary, and will be used to personalise the contact. After receiving your confirmation, we save your email address for the purpose of sending you newsletters. (Legal basis: Article 6 (1) (1) (a) GDPR)
We record information regarding browsing habits for the technical improvement of our newsletters. A separate revocation of the performance measurement is not possible.
You can cancel your newsletter subscription at any time and unsubscribe from newsletters. If you want to unsubscribe, please click the link provided in each email newsletter, or send an email to info@heroal.de or a message to the contact indicated in the legal notice.
We use the email marketing platform Mailchimp to send newsletters:
Email marketing platform; service provider: “Mailchimp“ – Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA; website: https://mailchimp.com; privacy policy: https://mailchimp.com/legal/privacy/.
9. Google Web Fonts
This website uses Google Web Fonts for a uniform presentation of contents. When you open the website, you load fonts from external servers by Google in the USA. To do so, the browser used by you has to establish a direct connection to Google servers. Google thus becomes aware that our website was accessed via your IP address.
The legal basis for processing the collected data is your consent in accordance with Article 6 (1) (a) GDPR. You can prevent the collection of your data by Google by refusing your consent. You can withdraw your consent at any time in the cookie settings . You can find further information on Google Fonts here: https://developers.google.com/fonts/faq?hl=de-DE&csw=1
Information About Your Right to Object in line with Article 21 of the General Data Protection Regulation (GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, which is based on Article 6 (1) (f) GDPR (data processing for the purposes of legitimate interests), including profiling based on those provisions within the meaning of Article 4 (4) GDPR.
If you make use of this right to object, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
We may occasionally process your personal data for direct marketing purposes. You have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to the processing of your personal data for direct marketing purposes, we will no longer process it for these purposes.
The objection can be submitted without using a form and, if possible, should be directed to the bodies mentioned in the privacy statement in points 1 and 2 of Section I – General Information.
