Data Privacy

Privacy Policy

1. Scope of Application

1.1. This privacy policy applies to the personal data processed by My Implant Business GmbH ("Controller") within the scope of its business. This also includes all personal data processed by third parties on behalf of the Controller.

1.2.Controller within the meaning of the data protection law is the person who decides on the purposes and means of processing your personal data (Art. 4 No. 7 GDPR).

1.3. The following explains for what purposes and in what way the Controller collects and processes your personal data, to what extent this is done and who receives access or to whom your data is transferred.

2. Contact details of the Controller

2.1. If you have any questions regarding data protection or the processing of your personal data, you can contact the Controller using the following contact details:

My Implant Business GmbH
(Attn.) Dr. Frank Zastrow
Waterkamp 24a, 59075 Hamm
Tel.: +49 6221 4370650
Email: info@myimplantbusiness.com

3. Purposes and legal bases of data processing

3.1. The Controller processes your personal data on the basis of the provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

3.2. The processing of your data is limited to the purposes stated in point 3: If, in individual cases, it is necessary to process data in a different way, you will be informed in advance and your consent will be obtained if necessary, unless this conflicts with legal requirements or confidentiality obligations.

3.3. Your data will be processed for the purpose of fulfilling any contractual relationship that may exist between you and the Controller (Art. 6 para. 1 sentence 1 lit. b GDPR) and to fulfil legal obligations (Art. 6 para. 1 sentence 1 lit. c GDPR). In addition, your data will be processed if you have given your express consent to it (Art. 6 para. 1 sentence 1 lit. a GDPR) or if this is necessary to safeguard the legitimate interests of the Controller for the establishment, exercise or defence of legal claims (Art. 6 para. 1 sentence 1 lit. f GDPR).

4. Security of processing your data

4.1. The protection of your personal data is provided through appropriate organizational and technical precautions. These precautions relate in particular to protection against unauthorized, unlawful or accidental access, processing, loss, use and manipulation.

4.2. The Controller fulfils the requirements for data protection by design (Art. 25 para. 1 GDPR) by using SSL encryption with https for the purpose of tap-proof transmission of data on the internet. The use of this protection for data transmission is evident from the small lock symbol that can be seen at the top left of the browser, to the left of the Controller's internet address.

4.3. Notwithstanding the efforts to maintain an appropriately high level of due diligence at all times, it cannot be excluded that information that you disclose to the Controller via the internet may be viewed and used by other persons. Please note that the Controller therefore accepts no liability whatsoever for the disclosure of information due to errors in data transmission not caused by the Controller and/or unauthorized access by third parties (e.g. hacking of email accounts or telephones, interception of faxes).

5. Personal Data

5.1. Personal data describes data that contains individual details about your personal or factual circumstances and makes you identifiable as a person (Art. 4 No 1 GDPR). This includes in particular general personal data (name, date of birth, registration data, contact data, etc.), server log files, course data (registration, participation, participant status, etc.) as well as other data that you voluntarily provide to the Controller, in particular data relating to your orders (products, quantities, delivery addresses, etc.), your clinic (name, address, contact data, etc.) and other inquiries from you.

5.2. Your personal data will only be processed by the Controller to the extent that this is necessary for the execution and processing of the sale of the medical products and other products offered by it via the online shop it operates in the field of dental medicine and on the topics of implantology and hard and soft tissue management. This applies regardless of whether the deliveries to be provided by the Controller are carried out online or offline.

6. Processing of the e-mail address for the transmission of the electronic instructions for use

6.1. If you purchase a medical product offered by the Controller via the Controller's online shop, the Controller will process your email address in connection with the execution and processing of the contractual relationship between you and the Controller. This serves to transmit the instructions for use for the respective product in electronic form. The Controller offers (active) implantable medical devices and accessories in the online shop it operates, which is why it is entitled to provide you with the instructions for use in electronic form, which must be enclosed with the products it offers.

6.2. The Controller offers you the possibility of receiving the instructions for use, which must accompany the medical devices it distributes, also in paper form. In order to send you the instructions for use by post, it is necessary for the Controller to process your personal data, in particular your name, address and contact details.

6.3. The Controller's processing of the personal data referred to in point 6.1. is carried out for the purpose of fulfilling legal obligations (Art 6 para 1 sentence 1 lit. c GDPR) and on the basis of the provisions of Regulation (EU) 2017 /745 and Implementing Regulation (EU) 2021/2226 concerning electronic instructions for use for medical devices. The Controller is also obliged to send you changes to the instructions for use for a period of five years, and must therefore process your email address during this period.

7. Encrypted payment transactions

7.1. The Controller processes your payment data (e.g. account number) only insofar as this is necessary for the purpose of processing a payment within the framework of the contractual relationship existing between you and the Controller.

7.2. The measures described in point 4.2. regarding the protection of your personal data by design (Art. 25 para. 1 GDPR) also apply in particular to all payment transactions processed via the online shop of the Controller.

7.3. If you purchase a product offered by the Controller via the online shop, you are obliged to pay the displayed price. The Controller makes the following payment providers available to you for the purpose of payment processing:

7.4. Credit card: If you choose to pay by credit card, payment will be processed by XXX. Your payment data (e.g. credit card number, check digit) will be forwarded exclusively to this company and stored and processed by it for the purpose of processing the transaction. Processing by the Controller itself does not take place.

7.5. PayPal: If you choose to pay via PayPal, payment will be processed via the payment service provider PayPal (Europe) S.à.r.l. et Cie S.C.A. Your payment data will be passed on exclusively to this company and stored and processed by it for the purpose of processing the transaction. Processing by the Controller itself does not take place.

7.6. The processing of the personal data mentioned in point 7. by the Controller is carried out for the purpose of fulfilling a contractual relationship between you and the Controller (Art. 6 para. 1 sentence 1 lit. b GDPR) and on the basis of your express consent (Art. 6 para. 1 sentence 1 lit. a GDPR).

8. Newsletter

8.1. The Controller offers visitors to the Controller’s website the opportunity to subscribe to the newsletter offered on the website of its online shop. The newsletter is sent by the Controller to its customers by email in relation to webinars held by the Controller, i.e. approximately two to three times a month.

8.2. The Controller processes your personal data in connection with the sending of the newsletter, whereby the Controller collects the following data in particular: Name, address, telephone number and email address. The processing of this data is carried out exclusively on the basis of the consent you have expressly given for this purpose (Art. 6 para. 1 sentence 1 lit. a GDPR).

8.3. Right of withdrawal (Art. 7 para. 3 GDPR): Since the consent you have given is the basis for the processing of your personal data in connection with the receipt of the newsletter, you have the right to withdraw this consent at any time once it has been given to the Controller. You may withdraw your consent by clicking on the "Unsubscribe" link that you will find at the end of each email newsletter and by confirming the revocation of your consent on the website that opens when you click on the link. As a result, the data processing based on this consent may not be continued in the future. Therefore, if you withdraw your consent, the newsletter will no longer be sent to you and the personal data stored for this purpose, in particular your e-mail address, will be deleted.

9. Disclosure of data and international data transfer

9.1. In order to be able to offer the services described in point 5.2, it is necessary to disclose your personal data to third parties. In general, this data is only transferred to carefully selected and contractually obligated service providers and partner companies.

9.2. The Controller will only transfer your personal data to entities that are located within the European Economic Area and are therefore subject to EU data protection law or that are obliged to comply with a corresponding level of protection or for which this was determined to be the case by an adequacy decision of the European Commission. If the Controller uses service providers in third countries, it takes additional measures to ensure an adequate level of data protection when transferring personal data in accordance with Art. 44 et seq. GDPR and thus ensures that the transfer is generally permissible and that the special requirements for a transfer to a third country are met (e.g. by concluding EU standard contracts and additional technical and organizational measures, such as encryption or anonymization).

9.3. The transfer is made to service providers for the Controller's company (in particular IT services, email and server hosting, website providers, password managers, banks, insurance companies, tax consultants, legal advisors, accounting software). In some cases, these third parties act as processors for the Controller and are therefore only authorized to process your personal data in accordance with the Controller's instructions.

9.4. In addition, personal data will be transmitted to courts and authorities if the Controller is obliged to do so (e.g. due to a government order) or if it is entitled to do so in order to enforce or defend its own rights and claims.

9.5. Your personal data will only be disclosed if you have expressly consented to the transfer (Art. 6 para. 1 sentence 1 lit. a GDPR) or if the transfer is for the purpose of processing the contractual relationship that may exist with you (Art. 6 para. 1 sentence 1 lit. b GDPR), to fulfil legal obligations (Art. 6 para. 1 sentence 1 lit. c GDPR) or to safeguard the legitimate interests of the Controller and to establish, exercise or defend legal claims (Art. 6 para. 1 sentence 1 lit. f GDPR).

10. Duration of data storage

10.1. Your personal data is stored in accordance with the applicable statutory data protection requirements and the retention periods under company and tax law. It is emphasized that the fulfilment of or compliance with statutory retention obligations and periods constitutes a legitimate purpose for the processing of personal data.

10.2. The Controller is obliged not to store your personal data for longer than is strictly necessary for the purposes of its lawful processing (Art. 5 para. 1 lit. e GDPR).

10.3. If personal data is processed on the basis of express consent (Art. 6 para. 1 sentence 1 lit. a GDPR), this data will be stored until you withdraw your consent.

10.4. If there are statutory retention periods for data that is processed in the context of legal or similar obligations (Art. 6 para. 1 sentence 1 lit. b GDPR), this data will be routinely deleted after expiry of the retention periods except there is a legitimate interest of the Controller in further storage.

10.5. If personal data is processed on the basis of a legitimate interest of the Controller (Art. 6 para. 1 sentence 1 lit. f GDPR), this data will be stored until you exercise your right to object (Art. 21 para. 1 GDPR). In addition, the data will be processed if the Controller demonstrates compelling legitimate grounds for the processing or the processing serves to establish, exercise or defend legal claims.

11. Rights according to the General Data Protection Regulation (GDPR)

As a data subject whose personal data is collected and processed by the Controller, you have the following rights under the GDPR:

11.1. Right of access (Art. 15 GDPR): You have the right to request access to your personal data processed by the Controller at any time. In particular, you can request information about the processing purposes; the category of personal data; the categories of recipients to whom your data has been or will be disclosed; the planned storage period; the existence of a right to rectification, erasure, restriction of processing or objection; the existence of a right to lodge a complaint; the origin of your data if it was not collected directly by the Controller and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;

11.2. Right to rectification and erasure (Art. 16 GDPR): You can also demand the immediate rectification of incorrect personal data and that incomplete personal data is completed;

11.3. Right to erasure (Art. 17 GDPR): You have the right to obtain the erasure of your personal data without undue delay, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;

11.4. Right to restriction of processing (Art. 18 GDPR): You may request the restriction of the processing of your personal data if the accuracy of the data is contested by you, the processing is unlawful but you oppose the erasure of your data and the Controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Art. 21 GDPR;

11.5. Right to data portability (Art. 20 GDPR): You have the right to receive your personal data, which you have provided to the Controller, in a structured, commonly used and machine-readable format or to request that it be transmitted to a controller other than the Controller;

11.6. Right of withdrawal (Art. 7 para. 3 GDPR): If your consent forms the basis for the processing of your personal data, you are entitled to withdraw this consent from the Controller. As a result, the data processing based on this consent may no longer be continued in the future;

11.7. Right to object (Art. 21 GDPR): Insofar as the processing of your personal data is based on legitimate interests (Art. 6 para. 1 sentence 1 lit. e and f GDPR), you have the right to object to the processing of the data at any time. You can only exercise this right insofar as there are reasons for the objection arising from your particular situation;

11.8. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): If you believe that your personal data is being processed unlawfully, you have the right to lodge a complaint with a data protection authority. In Germany, the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia and the Freedom of Information is responsible for this. This right to lodge a complaint is without prejudice to any other administrative or civil law remedies.

12. Cookies

12.1. The Controller uses cookies on its website to optimize its website in terms of system performance, user-friendliness and the provision of useful information about the Controller's products and services.

12.2. Cookies are small data packets that are stored on the end device you use (e.g. computer, tablet, smartphone) via the web browser you use when you visit the Controller's website. The cookie then collects information solely for the purpose of recognising the visitor to the Controller's website. Some of the cookies used by the Controller are deleted from your device after you leave their website ("Session Cookie"). However, some of the cookies used remain stored on your end device ("Persistent Cookie"). The next time you visit the Controller's website with the same device, the information stored in cookies can be sent back either to the Controller's website ("First-Party Cookie") or to another website to which the cookie belongs ("Third-Party Cookie").

12.3. The cookies set by the Controller on its website are divided into the following categories according to their respective purpose and function:

12.3.1.Technically necessary cookies: This type of cookie is used to ensure the correct technical operation and basic functionality of the Controller's website.

12.3.2. Functionality cookies: This type of cookie is used by the Controller to provide users of its website with improved and personalised functions based on the user's preferences, behaviour and interactions with the Controller's website.

12.3.3. Statistics cookies: This type of cookie is used to analyze user behavior on the Controller's website. In particular, information is collected and analyzed for the purpose of optimizing the Controller's website and the products and services it offers.

12.3.4. Marketing cookies: This type of cookie is used to set targeted advertising activities on the Controller's website.

12.4. The use of technically necessary cookies is based on the legitimate interest of the Controller for the technically correct operation and basic functionality of its website (Art. 6 para. 1 sentence 1 lit. f GDPR). Statistics and marketing cookies are used exclusively on the basis of your express consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can withdraw your consent to the use of cookies at any time for the future (Art. 7 para. 3 GDPR). Further information about the cookies actually used by the Controller (in particular about their purpose and storage duration) can be found in point 12.6. as well as in the information about the cookies used by the Controller in the cookie banner on its website.

12.5. If you do not agree to the use of cookies by the Controller and their possible storage on the end device you are using, you have the option of rejecting when you first access the Controller's website. This means that no cookies are used by the Controller. Since the use of technically necessary cookies is also omitted on the Controller's website in this case, the basic functionality of the Controller's website may be restricted and you may not be able to use certain functions.

12.6. The Controller uses the following cookies on its website:

12.6.1. Technically necessary cookies:

12.6.2. Functionality Cookies:

12.6.3. Statistics Cookies:

12.6.4. Marketing Cookies:

13. Use of third-party technologies

13.1. The Controller uses technologies provided by third-party providers on its website in order to use them in the context of the online shop it operates and for the purposes of web analysis and to improve its website on the basis of the data collected in this way and to be able to use them to carry out targeted advertising activities.

13.2. The use of third-party technologies is based on the legitimate interest of the Controller in the technically correct operation and basic functionality of its website (Art. 6 para. 1 sentence 1 lit. f GDPR). In addition, the use of such technologies takes place exclusively on the basis of your express consent (Art. 6 para. 1 sentence 1 lit. a GDPR).

13.3. You can withdraw your consent to the use of the technologies referred to in point 13.1. at any time for the future (Art. 7 para. 3 GDPR). Further information on the third-party technologies actually used by the Controller (in particular their purpose) can be found in point 13.4. and in the information on the third-party technologies used by the Controller in the cookie banner on their website.

13.4. Depending on their respective purpose and function, the Controller uses the following technologies of the respective third-party providers on its website:

13.5. Sanity

13.5.1. The Controller uses the content management system "Sanity" from the third-party providers Sanity AS and Sanity US Inc. ("Sanity") as part of its business, which is used by the Controller for the purpose of managing all content embedded in the controller's website and made available to visitors to the website.

13.5.2. In this context, Sanity may process personal data of visitors to the website of the controller, whereby in particular the IP address of the visitor is recorded.

13.5.3. Further information on the data actually collected and processed by Sanity can be found at the following link, through which the privacy policy of Sanity can be accessed: https://www.sanity.io/legal/privacy.

13.6. Commerce Layer

13.6.1. The "Commerce Layer" technology provided by the third-party provider Commerce Layer, Inc. ("Commerce Layer") is used by the Controller as part of the design of its online shop as a backend to ensure the proper operation and basic functionality of the online shop.

13.6.2. In order to be able to fulfil the purpose set out in the previous point, Commerce Layer collects and processes personal data of visitors to the website of the Controller. This data collected and processed by Commerce Layer includes in particular the name, address, name of the user's dental institution or clinic and contact details including the user's e-mail address.

13.6.3. Further information on the data actually collected and processed by Commerce Layer can be found at the following link, through which the privacy policy of the provider Commerce Layer can be accessed: https://commercelayer.io/.

13.7. Vercel

13.7.1. The Controller uses the technology "Vercel", which is offered by the third-party provider Vercel Inc. ("Vercel") and uses its technology as part of the design of its online shop as a front end to ensure the proper operation and basic functionality of its online shop.

13.7.2. If the website of the Controller is accessed by a visitor and the visitor interacts with the website, Vercel collects and processes personal data of the visitor, in particular the IP address, the time of access to the website of the Controller by the user and the respective access duration as well as information on the browser used by the user and the activities of the user on the website of the controller.

13.7.3. Further information on the data actually collected and processed by Vercel can be found at the following link, through which the privacy policy of the provider Vercel can be accessed: https://vercel.com/legal/privacy-policy.

13.8. Amazon Web Services

13.8.1. As part of the design of its online shop, the Controller uses the technologies "AWS Lambda", "Amazon API Gateway", "Amazon EventBridge Event Bus" and "Amazon DynamoDB" from the third-party provider "Amazon Web Services" ("AWS") to ensure the proper operation and basic functionality of its online shop.

13.8.2. AWS collects and processes in particular the following personal data of the users of the Controller's website Name, address, contact details including email address, data concerning the user's dental institution or clinic (name, address, contact details), course data (registration, participation, participant status), IP address, the time of access to the Controller's website by the user and the respective access duration including access attempts as well as information on the browser used by the user and the user's activities on the Controller's website.

13.8.3. Further information on the data actually collected and processed by AWS can be found at the following link, through which the privacy policy of the provider AWS can be accessed: https://aws.amazon.com/de/privacy/?nc1=f_pr

13.9. Auth0

13.9.1. The authentication and authorization platform "Auth0" of the third-party providers Auth0, Inc. and Okta, Inc. ("Okta") is used by the Controller within the scope of its business and in particular in connection with the operation of its online shop. The technology offered by Okta is used to store and manage the logins of visitors to the Controller's website who have created a user account in the online shop.

13.9.2. In this context, Auth0 collects and processes the personal data of users, including in particular the following data: Email address, password, password hashes, user names, IP address, the time of access to the Controller's website by the user and the respective access duration including access attempts as well as information on the browser used by the user and the user's activities on the Controller's website.

13.9.3. Further information on the data actually collected and processed by Okta can be found at the following link, through which the privacy policy of the provider Okta can be accessed: https://www.okta.com/privacy-policy/

13.10. Kajabi

13.10.1. The Controller uses the online course platform "Kajabi" provided by the third-party provider Kajabi LCC ("Kajabi") as the platform for holding the training and further education programs offered by the Controller.

13.10.2. Kajabi collects and processes the users' personal data in connection with the organization of the courses offered by the Controller. This includes, in particular, the user's name, login data (email address, password), duration of access to courses offered by the Controller, course progress, course data (registration, participation, participant status), IP address, the time the user accessed the Controller's website and the respective duration of access, as well as information on the browser used by the user and the user's activities on the Controller's website.

13.10.3. Further information on the data actually collected and processed by Kajabi can be found at the following link, through which the privacy policy of the provider Kajabi can be accessed: https://legal.kajabi.com/policies/privacy.

13.11. Ever Webinar

13.11.1. The Controller uses the "EverWebinar" technology of the third-party provider Genesis Digital, LLC ("EverWebinar") on its website.

13.11.2. EverWebinar is used to embed external content into the Controller's website with which users can potentially interact. In its application, EverWebinar collects and processes personal data of visitors to the Controller's website, in particular the IP address, information on the browser used by the user and the user's interactions with the webinar (times of participation, questions and answers during the webinar, etc.) and, if applicable, the user's contact details.

13.11.3. Further information about the data actually collected and processed by EverWebinar can be found at the following link, through which the privacy policy of the provider EverWebinar can be accessed: https://home.webinarjam.com/privacypolicy.

13.12. Hubspot Meeting

13.12.1. The Controller uses the online appointment scheduling tool "HubSpot Meeting" from the third-party provider HubSpot, Inc. ("HubSpot") on its website, which is embedded in the Controller's website.

13.12.2. The use of the HubSpot Meeting tool involves the collection and processing of personal data of the users of the website, including in particular name, e-mail address, telephone number, availability of the user and other data provided by the users in the context of appointment scheduling.

13.12.3. Further information on the data actually collected and processed by HubSpot can be found at the following link, through which the privacy policy of the provider HubSpot can be accessed: https://legal.hubspot.com/de/privacy-policy.

13.13. YouCanBookMe

13.13.1. The Controller uses the online scheduling tool "YouCanBookMe" of the third-party provider YouCanBookMe Limited. ("YouCanBookMe"), which is integrated into its website.

13.13.2. The use of the tool mentioned in the previous point requires that YouCanBookMe collects and processes personal data of the users of the Controller's website. This includes, in particular, the name, email address, telephone number, availability of the user and other data provided by the user in the context of scheduling.

13.13.3. Further information about the data actually collected and processed by YouCanBookMe can be found at the following link, through which the privacy policy of the provider YouCanBookMe can be accessed: https://youcanbook.me/privacy

13.14. ActiveCampaign

13.14.1. The "ActiveCampaign" tool provided by the third-party provider ActiveCampaign, LLC ("ActiveCampaign") is used by the Controller within the scope of its business for the purpose of email marketing.

13.14.2. ActiveCampaign collects and processes personal data of users of the Controller's website, in particular professional title, name, email address, telephone number, name of the visitor's dental clinic or institution, the visitor's interactions with the Controller's company (product purchases, webinar registrations, etc.), the duration of access to individual courses and the origin of the lead.

13.14.3. Further information on the data actually collected and processed by ActiveCampaign can be found at the following link, through which the privacy policy of the provider ActiveCampaign can be accessed: https://www.activecampaign.com/legal/privacy-policy.

13.15. Hubspot

13.15.1. As part of its business, the Controller uses the CRM software of the third-party provider Hubspot, which the Controller uses in connection with the management of its customer relationships.

13.15.2. When using the CRM software mentioned in the previous point, Hubspot collects and processes personal data of the users, in particular professional title, name, email address, telephone number, name of the visitor's dental clinic or institution, the visitor's IP address, interactions of the visitor with the Controller's company (product purchases, webinar registrations, etc.), the source of the lead, the lead status and other data if this is necessary for the management of customer relationships (XXX, etc.).

13.15.3. Further information about the data actually collected and processed by HubSpot can be found at the following link, through which the privacy policy of the provider HubSpot can be accessed: https://legal.hubspot.com/de/privacy-policy.

13.16. Google Plugins

13.16.1. The Controller uses the technologies "Google Analytics" and "Google Ads", which are provided by Google LLC ("Google"), on its website.

13.16.2. The use of Google Analytics by the Controller serves to analyze the visitor's interactions with the Controller's website and their activities (e.g. purchases) on its website. In particular, Google collects and processes the visitor's IP address, the time the visitor accessed the Controller's website and the respective access duration, the visitor source (e.g. email, search engine) and information about the browser used by the visitor and the end device on which the browser is installed.

13.16.3. The purpose of Google Ads is to analyze the visitor's interactions with the Controller's website and, based on this, to embed targeted advertising measures tailored to the respective visitor. The data processed by Google in the context of Google Ads includes, in particular, the IP address of the visitor, the time the visitor accessed the Controller's website and the respective access duration, as well as information on the browser used by the visitor and the visitor's activities on the Controller's website.

13.16.4. Further information about the data actually collected and processed by Google can be found at the following link, through which the provider's privacy policy can be accessed: https://policies.google.com/privacy.

13.17. Meta Pixel

13.17.1. The Controller uses the "Meta Pixel" technologies of the provider Facebook Ireland Limited ("Facebook") on its website.

13.17.2. Meta Pixel is used by the Controller for the purpose of analyzing the online activities of visitors to the Controller's website and embedding targeted advertising measures tailored to the respective visitor. The data processed by Facebook as part of Meta Pixel includes, in particular, the visitor's IP address, the time at which the visitor accessed the Controller's website and information about the browser used by the visitor and the visitor's activities on the Controller's website.

13.17.3. Further information on the data actually collected and processed by Facebook can be found at the following link, through which the privacy policy of the provider Facebook can be accessed: https://developers.facebook.com/docs/meta-pixel/implementation/gdpr/.

13.18. TikTok Pixel

13.18.1. The Controller implements the technology "TikTok Pixel", which is offered by the provider Beijing Bytedance Technology Ltd. ("TikTok"), in its website.

13.18.2. TikTok Pixel is used by the Controller for the purpose of analyzing the interactions of visitors with the Controller's website and embedding targeted advertising measures adapted to the user behavior of the respective visitor.

13.18.3. The data processed by TikTok Pixel includes in particular the visitor's IP address, the time the visitor accessed the Controller's website and the respective access duration, the access source (e.g. advertisement) as well as information on the browser used by the visitor and the visitor's activities on the Controller's website.

13.18.4. Further information about the data actually collected and processed by Tiktok can be found at the following link, through which the privacy policy of the provider Tiktok can be accessed: https://ads.tiktok.com/i18n/official/policy/privacy

13.19. HubSpot Tracking Code

13.19.1. The Controller uses the technology "HubSpot Tracking Code" of the provider HubSpot on its website for the purpose of web analysis, whereby in particular the interactions of the visitor to the website of the Controller are recorded.

13.19.2. HubSpot Tracking Code processes in particular the IP address of the visitor, the time the visitor accesses the Controller's website and the respective access duration, the access source (e.g. email), information on the browser used by the visitor and the visitor's activities on the Controller's website and, if applicable, the visitor's email address if the visitor fills out a HubSpot form.

13.19.3. Further information about the data actually collected and processed by HubSpot can be found at the following link, through which the privacy policy of the provider HubSpot can be accessed: https://legal.hubspot.com/de/privacy-policy

13.20. Intercom

13.21. The technology provided by the third-party provider Intercom, Inc ("Intercom") is used by the Controller within the scope of its business for the purpose of managing customer requests. Intercom collects and processes the following personal data of users: name, telephone number and email address.

13.21. Further information on the data actually collected and processed by Intercom can be found at the following link, through which the privacy policy of the provider Intercom can be accessed: https://www.intercom.com/legal/privacy.