Privacy Policy
Enable equal access for all
Data protection declaration
We manage our websites according to the following principles:
We are committed to complying with the legal provisions on data protection and strive to always take into account the principles of data avoidance and data minimization.
1. Name and address of the controller and the data protection officer
a) The controller
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union as well as other data protection regulations is:
Web Inclusion GmbH
Florian-Geyer-Str. 1
97076 Würzburg
Phone: +49 176 64103397
E-mail: info@eye-able.com
However, the controller for data processing may vary depending on the offer or purpose of the processing and another of our Eye-Able companies may therefore be the controller. You can find a list of our Eye-Able companies here.
We, Eye-Able Web Inclusion GmbH, have partnered with Eye-Abl® B.V. and Eye-Able S.r.l. agreed on shared responsibility for our marketing activities and recruiting activities. We will be happy to provide you with this information upon request. In this case, please contact our data protection officer.
b) The data protection officer
You can reach the data protection officer of the person responsible as follows:
Head of Legal & Compliance
Mr. Björn Holeschak
Florian-Geyer-Str. 1
97076 Würzburg
E-mail: privacy@eye-able.com
c) The responsible supervisory authority
The supervisory authority generally responsible for the company is the Bavarian State Office for Data Protection Supervision.
Postal address:
PO Box 1349
91504 Ansbach
Germany
Website: https://www.lda.bayern.de/de/kontakt.html
Alternatively, you can contact the supervisory authority responsible for you locally in your home country.
2. Explanations of terms
We have designed our data protection declaration according to the principles of clarity and transparency. If there are any uncertainties regarding the use of different terms, the corresponding definitions can be viewed here.
3. Legal basis for the processing of data
a) Processing of personal data according to the GDPR
We process your personal data such as your last name and first name, your email address and IP address, etc. only if there is a legal basis for this. According to the General Data Protection Regulation, the regulations pursuant to Art. 6 Para. 1 ff. GDPR come into consideration here.
However, we will always point out to you at the relevant points in this data protection declaration the exact legal basis on which your personal data is processed.
b) Consent of the legal guardian according to Art. 8 Paragraph 1 Sentence 2 Alt.2 GDPR
A legal guardian must consent to all data processing within the scope of this website for which the consent of a minor who has not yet reached the age of 16 is required.
Information on the individual data processing operations, their purposes and the data categories affected, for which the consent of the person concerned is required, can be found in the data protection declaration.
You can revoke your consent at any time by sending the declaration of revocation in text form to the contact details of the person responsible. Processing until revocation remains lawful.
c) Processing of information in accordance with country-specific requirements
a. Processing in accordance with Section 25 Paragraph 1 TDDDG (Germany specific)
We also process information in accordance with Section 25 Paragraph 1 TDDDG by storing information on your device or accessing information that is already stored in your device. This can include both personal information and non-personal data, e.g. cookies, browser fingerprints, advertising IDs, MAC addresses and IMEI numbers. Terminal equipment is any device that is directly or indirectly connected to the interface of a public telecommunications network for sending, processing or receiving messages, Section 2 Paragraph 2 No. 6 TDDDG.
We usually process this information based on your consent, Section 25 Paragraph 1 TDDDG.
If there is an exception according to Section 25 Paragraph 2 No. 1 and No. 2 TDDDG, we do not require any consent. Such an exception applies if we access or store the information solely to transmit a message over a public telecommunications network or if this is strictly necessary so that we can provide a telemedia service that you have specifically requested. You can revoke your consent at any time.
We inform you that the revocation of consent will not affect the lawfulness of the processing carried out based on the consent until its revocation.
4. Passing on personal data
The passing on of personal data also involves processing within the meaning of the previous paragraph 3. At this point, however, we would like to inform you separately about the topic of passing on to third parties. The protection of your personal data is very important to us. For this reason, we are particularly careful when it comes to passing on your data to third parties.
Data will therefore only be passed on to third parties if there is a legal basis for the processing. For example, we pass on personal data to people or companies who work for us as processors in accordance with Art. 28 GDPR. A processor is anyone who processes personal data on our behalf - i.e. in particular in an instruction and control relationship with us.
In accordance with the requirements of the GDPR, we conclude a contract with each of our processors in order to oblige them to comply with data protection regulations and thus to guarantee your data comprehensive protection.
5. Storage period and deletion
We will delete your personal data to the extent that it is no longer necessary for the purposes for which it was collected or otherwise processed, the processing is not necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
6. SSL or TLS encryption
This website uses for security reasons and to protect the transmission of confidential content, such as: B. the requests that you send to us as the website operator use SSL or TLS encryption. You can recognize an encrypted connection by the browser's address line changing from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
7. Cookies
We use cookies on our website. Cookies are small data packages that your browser automatically creates and that are stored on your device when you visit our website. These cookies are used to store information related to the device used.
When using cookies, a distinction is made between technically necessary cookies and “other” cookies. Technically necessary cookies exist when they are absolutely necessary to provide an information society service that you have expressly requested.
a) Technically necessary cookies
In order to make the use of our offer more pleasant for you, we use technically necessary cookies. These can be so-called session cookies (e.g. choice of language and font, shopping cart, etc.), consent cookies, cookies to ensure server stability and security, etc. act. The legal basis for the cookies arises from Article 6 Paragraph 1 Sentence 1 Letter f) GDPR, our legitimate interest in the error-free operation of the website and the interest in providing you with our services in an optimized manner.
b) Other cookies
Other cookies include cookies for statistical purposes, analysis, marketing and retargeting purposes.
We use these cookies for you based on your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a) GDPR.
You can revoke your consent to the use of cookies at any time.
We inform you that the revocation of consent will not affect the lawfulness of the processing carried out based on the consent until its revocation.
To do this, you can either edit your cookie settings on our website, deactivate the use of cookies in your browser settings (which may also limit the functionality of the online offering) or, in individual cases, set an opt-out for the relevant service.
For each service, we will inform you within the data protection declaration on which legal basis this data is processed.
8. Cookie banner / consent management
To obtain consent for the cookies we use, we use the cookie banner CCM19 from the service provider Papoo Software & Media GmbH, Auguststr. 4, 53229, Bonn. This itself sets a so-called consent cookie in order to query and process the respective consent status. This consent cookie is technically necessary and is therefore used based on our legitimate interest in accordance with Article 6 Paragraph 1 Sentence 1 Letter f GDPR, Section 25 Paragraph 1 TDDDG.
To use some services from the Google/Alphabet group, we use the so-called Google Consent Mode V2 in basic mode. Details about this consent mode can be found on the Google website at https://developers.google.com/tag-platform/security/guides/consent?hl=de&consentmode=advanced.
The use of consent mode is technically necessary and is therefore used based on our legitimate interest in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.
9. Collection and storage of personal data as well as their type and purpose of use
a) Hosting of the website
Our website is hosted on Hetzner AG servers. This means that all personal data collected on our website passes through Hetzner's dedicated logical server. This may be the IP address, your email address, communication data or similar information. You can find out what specific personal data is involved in the individual functions and services we explain below.
If we use an external service from a third party, this will be made clear in the description of the respective service or tool. We would like to point out in particular that our shop page is hosted externally. Further information can be found in the following paragraph.
Since the hosting takes place on our own servers, the responsibility for processing the data lies entirely with us and is carried out exclusively for the purposes described in this data protection declaration.
b) Provision of the dashboard and content delivery network (Bunny)
We use Bunny's Content Delivery Network (CDN) (Bunny Way d.o.o., Cesta v Mestni log 88a, 1000 Ljubljana,) to provide and host our dashboard (frontend) and to deliver static files (such as graphics, scripts, style sheets and other website content). Slovenia; hereinafter “Bunny”).
When you access our dashboard, your browser establishes a direct connection to Bunny's servers. Your IP address is recorded and some of the data is loaded via the CDN in order to ensure fast loading times and a high level of reliability of our platform worldwide. Various static files and system files are also stored on Bunny's servers.
Bunny is used for the purpose of secure, stable and extremely high-performance delivery of our dashboard. The legal basis for this processing is Article 6 Paragraph 1 Sentence 1 Letter b GDPR, as the provision of the dashboard is necessary for the fulfillment of our contract or to carry out pre-contractual measures. In addition, we have a legitimate interest in a technically error-free, fast and optimized presentation of our platform in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.
We worked with Bunny Way d.o.o. a contract for order processing (DPA) has been concluded in accordance with Art. 28 GDPR. Bunny processes the data on European servers to ensure a high level of data protection.
Further information on data protection at Bunny can be found at: https://bunny.net/privacy/
c) Infrastructure and API operation of the dashboard (Scaleway)
To operate our backend API (Application Programming Interface) and the underlying server infrastructure of our dashboard, we use the cloud infrastructure of Scaleway S.A.S. (8 rue de la Ville l’Évêque, 75008 Paris, France; hereinafter “Scaleway”).
When you use the dashboard, all personal data processed there (user data, account and registration data, configurations) is loaded via our API, which runs on Scaleway's servers. Processing therefore includes the transmission and temporary loading of user data via this API infrastructure.
The purpose of using Scaleway is to operate a secure, stable and highly available API infrastructure for our dashboard. The legal basis for this processing is Article 6 Paragraph 1 Sentence 1 Letter b GDPR (fulfillment of the contract and pre-contractual measures), as loading and processing user data via our API is absolutely necessary for the provision of our contractual services in the dashboard. In addition, we have a legitimate interest in the high-performance, secure and error-free operation of our IT systems in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.
Data processing by Scaleway takes place exclusively in data centers within the European Union. We have concluded an Date Processing Agreement (DPA) with Scaleway in accordance with Art. 28 GDPR.
Further information on data protection at Scaleway can be found at:
https://www.scaleway.com/en/privacy-policy/
d) Database infrastructure of the dashboard (PlanetScale)
For persistent storage and structured management of all user and dashboard data, we use PlanetScale's cloud-based SQL database infrastructure (PlanetScale, Inc., 325 9th St, San Francisco, CA 94103, USA; hereinafter “PlanetScale”).
All personal information collected through the Dashboard (such as your name, email address, account settings, and dashboard usage-specific data) resides in our database at PlanetScale and is retrieved from there via our API (hosted at Scaleway) for display in the Dashboard.
The purpose of this service is to provide a highly available, high-performance and secure relational database environment for the long-term and protected storage of your user data. The legal basis for storing this data is Article 6 Paragraph 1 Sentence 1 Letter b GDPR (fulfillment of the contract and pre-contractual measures), as the persistent storage of your profile data and settings is absolutely necessary for the functionality of the dashboard, as well as Article 6 Paragraph 1 Clause 1 Letter f GDPR, as we have a legitimate interest in structured and stable data storage.
We have concluded an Date Processing Agreement (DPA) with PlanetScale in accordance with Art. 28 GDPR. Since PlanetScale is a US company, we have also agreed to the EU Commission's Standard Contractual Clauses (SCCs) to guarantee an appropriate level of data protection when data is transferred to a third country.
Further information on data protection at PlanetScale can be found at:
https://planetscale.com/legal/privacy
e) Shop system and hosting of the shop page
To offer our services, we use the shop and hosting system of Shopify International Limited, 2nd Floor, 1-2 Victoria Buildings Haddington Road Dublin 4. D04XN32, Ireland on shop.eye-able.de.
The data you provide will therefore also be processed by our shop provider as part of the operation of the shop system and hosting. In addition, the shop system may set additional cookies.
For this reason, we have concluded a contract for order data processing/the standard contractual clauses with them.
When you visit our shop website, information is automatically sent to Shopify's server. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:
IP address of the requesting computer
Date and time of access
Name and URL of the file accessed
Website from which access is made (referrer URL)
Browser used and, if applicable, the operating system of your computer as well as the name of your access provider
We process the data mentioned for the following purposes:
Ensuring a smooth connection to the website
Ensuring comfortable use of our website
Evaluation of system security and stability
Error analysis
For further administrative purposes
The legal basis for data processing is Art. 6 Para. 1 Sentence 1 Letter f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.
Further information on data protection can be found at: https://www.shopify.com/de/legal/datenschutz?country=de&lang=en.
f) Contractual relationship
1. Conclusion of contract
As part of the establishment of the contractual relationship, only the personal data absolutely necessary for the execution of the contract will be processed in accordance with Art.
If you provide additional voluntary information, this will only be processed based on your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR. We use this voluntary information to offer a customer-friendly service and to continually improve it.
2. Credit card payment
If you make a credit card payment on our website, we collect and process your necessary personal data and forward it to the card issuing institution for payment processing and to fulfill legal requirements, such as customer authentication in accordance with the EU Payment Services Directive PSD2.
This data is forwarded for payment processing in accordance with Article 6 Paragraph 1 Sentence 1 lit.
The technical processing of credit card payments is carried out by Shopify Payments, Shopify Inc., 151 O'Connor Street, Ground floor, Ottawa. This was commissioned for the technical control of payment transactions including the implementation of the 3D Secure 2.0 process in accordance with Article 28 GDPR. Other recipients of the data are the banks involved (on the one hand, the card-issuing bank - the issuer - and on the other hand, the merchant's credit card-accepting bank - the acquirer.
The Shopify Payments data protection regulations can be found at https://www.shopify.com/de/legal/datenschutz?country=de&lang=en.
g) Newsletter
1. Content of the newsletter and registration details
The sending of our newsletter as well as the carrying out of statistical surveys and analyzes as well as the logging of the registration process only takes place if you order it from us and have given your corresponding consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, Section 25 Paragraph 1 TDDDG.
The contents of the newsletter are specifically described when you register for the newsletter. To register for the newsletter, it is sufficient to provide your email address. If you provide further voluntary information such as your name and/or gender, this will only be used to personalize the newsletter addressed to you.
2. Double opt-in and logging
To register for our newsletter, we use the so-called double opt-in procedure for security reasons so that no one can register with someone else's email address. After registering for our newsletter, you will first receive an email asking you to confirm your registration. This only becomes effective once your registration is confirmed.
Furthermore, your registration for the newsletter will be logged. The logging includes the storage of the registration and confirmation time, the data you provide and your IP address. If you make changes to your data, these changes will also be logged.
3. Revocation
If you no longer wish to receive our newsletter, you can revoke your consent at any time in the future. To do this, you can click on the unsubscribe link at the end of each newsletter or send us an email to the following email address: datenschutz@eye-able.com
The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.
4. Use of “HubSpot”
Registration is done using the “HubSpot” newsletter service, which is offered by HubSpot Inc. (25 First Street, Cambridge, MA 02141 USA).
The email addresses of our interested parties and their other data described in this notice are stored on HubSpot's servers in the USA. HubSpot uses this information to send and evaluate participation links on our behalf. Furthermore, HubSpot may, according to its own information, use this data to optimize or improve its own services, e.g. to technically optimize the sending and display of the invitation or for economic purposes to determine which countries the recipients come from. However, HubSpot does not use our prospects' data to write to them ourselves or pass them on to third parties.
We have entered into standard contractual clauses with HubSpot. HubSpot does not have the right to share your information.
You can find HubSpot's privacy policy here.
5. Use of ActiveCampaign
We send our newsletter using the newsletter service “ActiveCampaign”, which is operated by ActiveCampaign, LLC (1 North Dearborn St, 5th Floor, Chicago, IL 60602, USA).
The email addresses of our newsletter recipients, as well as their other data described in this information, are stored on ActiveCampaign's servers in the USA. ActiveCampaign uses this information to send and evaluate the newsletter on our behalf.
Furthermore, according to its own information, ActiveCampaign can use this data in pseudonymous form, i.e. without assigning it to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes to determine which countries the recipients come from. However, the shipping service provider does not use the data of our newsletter recipients to write to them themselves or to pass them on to third parties.
We have concluded the standard contractual clauses with Active Campaign.
You can find ActiveCampaign's data protection regulations here: https://www.activecampaign.com/legal/privacy-policy
6. Statistical surveys and analyzes
The newsletters sent via AcveCampaign contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from the shipping service provider's server when the newsletter is opened. As part of this retrieval, technical information is initially collected, such as information about the browser and your system, as well as your IP address and the time of retrieval.
This information is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their access locations (which can be determined using the IP address) or the access times.
Statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our nor ActiveCampaign's intention to monitor individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
h) Make an appointment
On our website we offer you the opportunity to make an appointment for a consultation with us directly. You will be shown a calendar with possible free appointments. After choosing an appointment that suits you, you will be asked to enter your first and last name, your email address and telephone number in order to reserve the appointment for you and send you an appointment confirmation. In addition, you will be asked to provide information about your company (the company domain and company size), your job description and the purpose of your request. This data is processed to carry out the consultation.
For this service we use the calendly tool from Calendly LLC, 271, 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA, with whom we have concluded an order processing agreement.
We process your personal data in accordance with Article 6 Paragraph 1 Sentence 1 Letter b GDPR to carry out pre-contractual measures at your request.
You can find more information about data protection at Calendly at https://calendly.com/legal/privacy-notice.
i) Free WCAG test
We offer the opportunity to carry out a free WCAG test for your website on our website. To use this offer, it is necessary to provide your full name, your business email address, your telephone number, your job description, your company domain, the company size and the purpose of your request. We process this data in order to carry out the WCAG test, then send you the test report by email and create a test license in the Eye-Able dashboard.
This processing is carried out on the basis of Article 6 Paragraph 1 Sentence 1 Letters b and f GDPR to carry out pre-contractual measures at your request or to safeguard our legitimate interest, namely to carry out our business activities.
j) Contact form
We provide you with a form on our website so that you have the opportunity to contact us at any time. To use the contact form, it is necessary to provide a name for a personal salutation and a valid email address to contact you so that we know who the request comes from and can process it.
If you send us inquiries using the contact form, your information from the inquiry form, including the contact details you provided there and your IP address, will be processed in accordance with Art.
The inquiries and the associated data will be deleted no later than 3 months after receipt, unless they are required for a further contractual relationship.
k) Application form
We provide you with a form on our website that you can use to apply to us. Your personal data from the application will be processed in accordance with our data protection instructions for applicants.
The use of this form is based on our legitimate interest in a simple and secure transmission of your application documents, Art. 6 Para. 1 Sentence 1 Letter f) GDPR.
We use the provider Personio SE & Co. KG, Rundfunkplatz 4, 80335 Munich for this purpose. We have concluded an Date Processing Agreement with them.
You can find the data protection information regarding the processing of personal data by us as part of the application process and by Personio itself through the provision of the application tool at https://eye-able.jobs.personio.de/privacy-policy?language=de.
l) Google Tag Manager
We use the Google Tag Manager from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website. The Google Tag Manager is an administration and management tool in which other tracking and/or statistics tools can be centrally managed and played out.
When you visit our website, Google Tag Manager collects and processes your IP address, which can also be transferred to the USA. However, Google Tag Manager itself does not create a user profile or analyzes.
The use of the Google Tag Manager is based on our legitimate interests in accordance with Art. 6 Para. 1 Sent. f GDPR.
We have concluded an Date Processing Agreement with Google.
The Google privacy policy can be found here.
m) Sentry.io
Within the dashboard, we use Sentry, an error analysis service. This service is provided by Functional Software Inc., 132 Hawthorne Street, San Francisco, California 94107, USA (“Sentry”). To ensure the technical stability of our services, system errors are logged using Sentry. The information generated by Sentry is generally transmitted to a Sentry server in the United States and stored there. The data is stored for a maximum of 90 days and then permanently deleted.
We have entered into standard contractual clauses with Sentry.
The processing of the data is based on our legitimate interest pursuant to Article 6(1)(f) of the GDPR.
To perform error analysis, we have entered into a data processing agreement with Sentry pursuant to Article 28 of the GDPR.
Sentry’s Terms of Service and Privacy Policy can be found at: https://sentry.io/privacy/.
n) Claude AI (Anthropic)
We use Claude AI, a service of Anthropic PBC (500 Howard Street, San Francisco, CA 94105, USA). The processing of personal data is encrypted and serves the data-driven optimization of our internal business and administrative processes.
The purpose of using this service is the efficient organization of our workflows. The legal basis for this processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR in optimizing our internal operations and, if applicable, the performance of a contract or pre-contractual measures pursuant to Art. 6(1)(b) GDPR.
We have concluded a Data Processing Addendum (DPA) with the provider in accordance with Art. 28 GDPR. To secure the transfer of data to the USA, the EU Standard Contractual Clauses have additionally been agreed upon. According to the contractual terms, data transmitted via our commercial accounts and interfaces is not used to train the provider's AI models.
For more information on data protection at Anthropic, please refer to:
https://www.anthropic.com/privacy
10. Analysis and tracking tools
We use the analysis and tracking tools listed below on our website and on our dashboard. These serve to ensure the ongoing optimization of our website and to design it in line with needs.
We use these tools based on the consent you have given in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR. You can revoke your consent at any time by changing the cookie settings. Processing until revocation remains lawful.
The respective data processing purposes and data categories can be found in the corresponding tools. We would like to point out that we have no influence on whether and to what extent the service providers carry out further data processing.
a) Google Analytics
We use Google Analytics, a web analysis service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter “Google”) on our website and on our dashboard.
Google Analytics uses cookies in this context (see section 7). The information generated by the cookie about your use of this website, such as
name and version of the browser used
operating system of your computer
website from which access is made (referrer URL)
IP address of the requesting computer
time of the server request
is usually transmitted to a Google server in the USA and stored there.
Your IP address is automatically anonymized by Google before it is recorded across EU domains and servers. There is therefore no logging or storage of your IP address.
On our behalf, Google will use this information to evaluate your use of our website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.
We have concluded an Date Processing Agreement with Google.
Please click here for an overview of data protection at Google.
b) Google Remarketing
We use the remarketing function of Google Analytics to direct advertising campaigns - including Google AdWords campaigns - to visitors to our website.
Based on your previous visits to our website, you will be presented with relevant advertisements when you visit other websites in the Google Display Network.
The DoubleClick cookie enables Google to show us and other third parties targeted advertising that matches the interests determined based on your previous visits to our website and/or other websites. This advertising may be displayed on websites owned by Google and/or other operators of the Google advertising network. We also use the Google Analytics advertising features to analyze the effectiveness of our own advertising campaigns.
If you have agreed in your Google Account to have your web and app browsing history linked to your Google Account by Google and to use information from your Google Account to personalize ads, Google will use data from you together with Google Analytics data to create audience lists for cross-device remarketing. To do this, Google Analytics first collects Google-authenticated IDs for you as a user on our website, which are linked to your Google account. Google Analytics then temporarily links these IDs with Google Analytics data to optimize our target groups.
We have concluded an Date Processing Agreement with Google.
Please click here for an overview of data protection at Google.
c) Google Ads Conversion Tracking
We use an online advertising program from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website with Google Ads. Conversion tracking is also used. With this tool, Google Ads sets a cookie on your device when you come to our website via a Google ad.
The cookie is not used for personal traceability. If you as a user visit our website and the cookie is still working, we will be able to see, together with Google, that you have clicked on the relevant ad and have been redirected to our site. Each Google Ads customer is assigned a different cookie. Cookies cannot be tracked via the websites of Ads customers.
The data collected through conversion cookies is used to create conversion statistics for Ads customers. As Google Ads customers, we find out the total number of users who responded to our ad and were then directed to a website that was provided with a conversion tracking tag. This allows us to recognize the success of individual advertising measures. During this process, we do not receive any information with which we could personally identify you as a user.
When using Google Ads, your browser automatically establishes a direct connection with the Google server and, if you have a Google account and are logged in, can assign the visit to your account. If you don't have a Google account, Google will give you your own ID. We have no influence on what other data Google collects and stores.
We have implemented the “extended conversions” function from Google on our website. This means that data we collect ourselves, such as email address, name, address or telephone number, is recorded in conversion tracking tags. These are then sent to Google in hashed form where they are used to match our existing customers with Google accounts. Further information about this function can be found at https://business.google.com/uk/privacy/products/enhanced-conversions/.
We have concluded an Date Processing Agreement with Google.
You can find out more about Google's data protection regulations at http://www.google.de/policies/privacy/.
d) Google AdSense
We use the Google AdSense service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website to integrate advertisements.
Google AdSense uses cookies. These are files that, by storing them on your device, allow Google to analyze the data about your use of our website. In addition, Google AdSense also uses web beacons, invisible graphics that enable Google to analyze clicks on our website, traffic on it and similar information.
The information received via cookies and web beacons, your IP address and the delivery of advertising formats are transmitted to a Google server located in the USA and stored there. Google may pass on this collected information to third parties if this is required by law or if Google commissions third parties to process the data. However, Google will not combine your IP address with the other stored data.
We have concluded an Date Processing Agreement with Google.
You can find out more about Google's data protection regulations at
http://www.google.de/policies/privacy/.
e) Google Double Click
We have integrated components from DoubleClick by Google on our website. DoubleClick is a Google brand under which special online marketing solutions are primarily marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with every impression as well as with clicks or other activities.
Each of these data transfers triggers a cookie request to the data subject's browser. If the browser accepts this request, DoubleClick sets a cookie in your browser.
DoubleClick uses a cookie ID that is required to process the technical process. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid double placement. The cookie ID also enables DoubleClick to record conversions. Conversions are recorded, for example, if a user was previously shown a DoubleClick ad and then made a purchase on the advertiser's website using the same Internet browser.
The cookie is used, among other things, to place and display user-relevant advertising and to create reports on or improve advertising campaigns. The cookie also serves to avoid multiple displays of the same advertisement. Every time you access one of the individual pages on our website on which a DoubleClick component has been integrated, your browser is automatically prompted by the respective DoubleClick component to transmit data to Google for the purposes of online advertising and billing of commissions.
A DoubleClick cookie does not contain any personal data, but may contain additional campaign identifiers. A campaign identifier is used to identify the campaigns with which you have already been in contact on other websites. As part of this service, Google receives knowledge of data that Google also uses to create commission statements. Among other things, Google can track that you have clicked on certain links on our website. In this case, your data will be passed on to the operator of DoubleClick, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information and the applicable data protection regulations of DoubleClick by Google can be found at https://policies.google.com/privacy.
We process your data using the double-click cookie for the purpose of optimizing and displaying advertising.
f) Hubspot
We work with the CRM software from Hubspot from HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA), through which we can manage our customer data and conduct online marketing. For this purpose, among other things, landing pages are analyzed and reports are created. So-called “web beacons” are used and cookies are used. In this context, the following personal data may be processed:
IP address
geographical location
type of browser
duration of the visit
pages viewed
visitor sources using Utm parameters
As a rule, the IP address is processed on Hubspot's European servers and only stored in a shortened version. Only in exceptional cases will the IP address be transferred to a HubSpot server in the USA and shortened there.
We use the information collected to continually optimize and improve our website and make it more user-friendly for you. In addition, we use this information to analyze which services our company offers are of interest to customers, users and newsletter subscribers in order to contact them for advertising purposes.
We have entered into standard contractual clauses with HubSpot. HubSpot does not have the right to share your information.
You can find HubSpot's privacy policy here.
g) Microsoft Clarity
We use the analysis service “Microsoft Clarity” from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 USA on our website.
Here, usage and user-related information, such as IP address, location, time or frequency of visits to our website, is transmitted to a Microsoft server in the USA and stored there. We have activated the anonymization function at Microsoft so that your IP address is only processed in an abbreviated form.
This data is used to evaluate your visit to our website and your usage behavior so that we can improve and optimize our services.
We have agreed the standard contractual clauses with Microsoft. Further information on Microsoft data protection can be found at
https://privacy.microsoft.com/de-de/privacystatement
h) Matomo (formerly “Piwik”)
We use the analysis service Matomo (InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand), which uses cookies. These are stored on your computer and enable us to analyze the use of our website.
The cookies contain usage information and transmit it to our server, where it is stored for usage analysis purposes and helps us optimize our website. Your IP address is also included in the usage information, but this is shortened so that it is anonymized and you as a user remain anonymous.
We have concluded an Date Processing Agreement with Matomo.
Further information about data protection at Matomo can be found at:
https://matomo.org/privacy-policy/
We do not pass on the information generated by the cookie to third parties.
i) Facebook Conversion Pixel
We use the “conversion pixel” or visitor action pixel from Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland). By calling up this pixel from your browser, Meta Platforms can subsequently recognize whether a Facebook ad was successful, e.g. B. led to an online purchase.
We only receive statistical data from Meta Platforms without reference to a specific person. This allows us to record the effectiveness of Facebook advertisements for statistical and market research purposes. In particular, if you are logged in to Facebook, we refer you to their data protection information https://www.facebook.com/about/privacy/.
j) LinkedIn Conversion Tracking
We use the conversion tracking function of LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) on our website. This gives us the opportunity to target you with advertisements following your visit to our website. In addition, LinkedIn provides reporting that shows how successful the advertisements we place are and how users generally interact with our site. If you have logged in via LinkedIn before visiting our site, this will be recognized as part of conversion tracking and you will be connected to your LinkedIn account as a visitor to our site.
We have concluded an Date Processing Agreement with LinkedIn.
Further information can be found in LinkedIn's privacy policy:
https://www.linkedin.com/legal/privacy-policy?_l=de_DE
You also have the option of unsubscribing from interest-based advertising via LinkedIn. This is possible via the following link:
https://www.linkedin.com/psettings/enhanced-advertising
k) Microsoft Advertising Conversion Tracking
We use the Microsoft Advertising advertising program on our website, which is provided and operated by Microsoft Ireland Operations Limited, One Microsoft Place, South Country Business Park, Leopardstown, Dublin, Ireland 18, D18 P521 (“Microsoft”).
Using the Microsoft Advertising advertising program, we can place advertisements on various search engines and networks. In order to recognize which ad or keyword you used to come to our website, we have implemented Universal Event Tracking (UET) on our site. This is a conversion tracking tag that allows us to learn more about your user behavior on our websites. Use this information to optimize our web advertisements and offers and better adapt them to your needs.
Microsoft collects, processes and uses information via the cookie, from which usage profiles are created using pseudonyms. These usage profiles are used to analyze visitor behavior and are used to display advertisements. No personal information relating to the user's identity is processed.
Microsoft Advertising can collect the following information, among other things:
Information about the browser you use and the device you use
Microsoft assigned identifiers (labels)
website or display from which access is made (referrer URL)
IP address of the requesting computer
access duration and time.
We have concluded a data processing agreement with Microsoft, which ensures that your data will be processed in accordance with European data protection standards.
It cannot be ruled out that personal data will also be processed by the service provider in the USA, as the parent company Microsoft Corporation has its headquarters in the USA.
Further information about data protection and the cookies used at Microsoft can be found on the Microsoft website https://privacy.microsoft.com/de-de/privacystatement.
l) Hotjar
Our website uses the Hotjar analysis software from Hotjar Ltd. (Hotjar Ltd, Level 2, St Julians Business Centre,3, Elia Zammit Street,St Julians STJ 1000, Malta, Europe). Using this software, we can analyze the usage behavior of our website visitors, as clicks, mouse movements and similar behaviors on our website are measured and evaluated. The aim of this software is to show opportunities for improvement of our website.
Hotjar uses cookies that are stored on your device and enable analysis of your use of the website. In order to exclude direct personal reference, IP addresses are only stored and processed anonymously. In addition, information about the operating system, browser, incoming and outgoing references (links), geographical origin as well as resolution and type of device are evaluated for statistical purposes. This information is not personal and will not be passed on to third parties by us or Hotjar.
You can prevent the storage of cookies by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
We have concluded an Date Processing Agreement with Hotjar.
Further information about data protection at Hotjar can be found at:
https://www.hotjar.com/legal/policies/privacy/
You can also prevent or reactivate recording if you follow the instructions at https://www.hotjar.com/opt-out.
m) PostHog
We use the analysis and tracking tool PostHog from PostHog, Inc. (2261 Market Street #4008, San Francisco, CA 94114, USA; hereinafter “PostHog”) on our website and in our dashboard.
With PostHog we can analyze usage behavior on our platform and in the dashboard (e.g. which functions are used and how often, which paths users take through the dashboard and how user-friendliness can be optimized). For this purpose, cookies and similar technologies are stored on your device. As part of these analyses, among other things, The following data is processed:
IP address (usually anonymized or shortened)
Details about the browser and operating system you use
Clicks, scrolling actions, time spent and interactions on the website/dashboard
Geographic location (rough, e.g. country or city)
Referring websites (referrer URL)
PostHog is used for the purpose of continually improving our offering, fixing errors more quickly and making the platform more user-friendly. The legal basis for the use of this service is your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, which you can give via our cookie banner. To operate the dashboard, it can also be used for certain error analyzes based on our legitimate interest in the stability and freedom from errors of our service in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.
We have concluded an Date Processing Agreement (DPA) with PostHog. PostHog offers the processing of data on EU servers; We use the EU cloud infrastructure of PostHog in Frankfurt am Main (Germany) for our storage. Since PostHog, Inc. is a US company, we have also agreed to the EU Commission's standard contractual clauses to guarantee an appropriate level of data protection for possible maintenance or support access from third countries.
Further information about data protection at PostHog can be found at: https://posthog.com/privacy
n) Demodesk
We use the online meeting tool Demodesk from Demodesk GmbH (Balanstraße 73, 81541 Munich, Germany; hereinafter “Demodesk”) to conduct interactive online meetings, product demonstrations (demos), sales discussions and consultation appointments.
If you take part in an online meeting arranged with us via Demodesk, your browser establishes a connection to Demodesk's servers. Technical connection data (e.g. IP address, device and browser information, date and time of participation) as well as the participation data you entered (e.g. your name) are processed. Audio and video data are also processed during the appointment. As a general rule, the meeting will not be recorded unless we obtain your express, separate consent for this in advance.
The legal basis for this data processing is exclusively your voluntary and express consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR, which you give before joining the meeting or by activating your camera and microphone. You can revoke this consent at any time with future effect by leaving the meeting or deactivating the camera/microphone.
We have concluded an Date Processing Agreement (DPA) with Demodesk GmbH in accordance with Art. 28 GDPR. Since Demodesk is a German company and hosts the data on servers within the European Union (Germany), a high level of data protection is ensured.
Further information on data protection at Demodesk can be found at: https://demodesk.com/legal/privacy-policy
11. Image, sound and video integration
a) YouTube
We embed videos from YouTube into our website as part of iFrame and/or via a plug-in, which is operated by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). As part of the embedding of the videos, we activated YouTube's extended data protection mode.
If you play a YouTube video during your visit, a connection will be established to YouTube's servers and the YouTube server will be informed which of our pages you have visited. This allows YouTube to assign your surfing behavior directly to your personal profile. You can prevent this if you log out of your member account before visiting our website. In addition, YouTube sets various cookies when starting the service in order to improve the services it offers and to prevent misuse.
Further information on the handling of user data and the cookies set can be found in YouTube's data protection declaration at: https://policies.google.com/privacy?hl=en&gl=de
By integrating YouTube, Google's Google Fonts are also dynamically reloaded without you as the website operator or visitor actively determining this. These web fonts are integrated via a server call, usually a Google server in the USA. This may result in the following being transmitted to the server and stored by Google:
Name and version of the browser used
Website from which the request was triggered (referrer URL)
Operating system of your computer
Screen resolution of your computer
IP address of the requesting computer
Language settings of the browser or the operating system that the user is using
Further information can be found in Google's data protection information, which you can access here: www.google.com/policies/privacy/
The legal basis arises from the consent you have given in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR. You can revoke your consent at any time by changing the cookie settings on our website.
12. Rights of the data subject
You have the following rights:
a) Information
In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. This right to information includes information about
the processing purposes
the categories of personal data
the recipients or categories of recipients to whom your data has been or will be disclosed
the planned storage period or at least the criteria for determining the storage period
the existence of a right to rectification, deletion, restriction of processing or objection
the existence of a right to lodge a complaint with a supervisory authority
the origin of your personal data, if it was not collected by us
the existence of automated decision-making including profiling and, if necessary, meaningful information about its details
b) correction
In accordance with Art. 16 GDPR, you have the right to have incorrect or incomplete personal data stored with us immediately corrected.
c) Deletion
According to Art. 17 GDPR, you have the right to request the immediate deletion of your personal data from us, unless further processing is necessary for one of the following reasons:
the personal data are still necessary for the purposes for which they were collected or otherwise processed
to exercise the right to freedom of expression and information
to fulfill a legal obligation which the processing is required in accordance with the law of the European Union or the Member States to which the controller is subject, or for the performance of a task that is in the public interest or in the exercise of official authority vested in the controller
for reasons of public interest in the field of public health in accordance with Article 9 Paragraph 2 Letters h and i and Article 9 Paragraph 3 GDPR
for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes Purposes in accordance with Art. 89 Para. 1 GDPR, insofar as the right mentioned under section a) is likely to make the achievement of the objectives of this processing impossible or seriously impair
to assert, exercise or defend legal claims
d) Restriction of processing
You can request the restriction of the processing of your personal data in accordance with Art. 18 GDPR for one of the following reasons:
You dispute the accuracy of your personal data Data.
The processing is unlawful and you refuse the deletion of the personal data.
We no longer need the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims.
You object to the processing in accordance with Art. 21 Para. 1 GDPR.
Information
If you have requested the correction or deletion of your personal data or a restriction of processing in accordance with Art. 16, Art. 17 or Art. 18 GDPR, we will inform all recipients to whom your personal data has been disclosed, unless this proves impossible or involves disproportionate effort. You can request that we inform you of these recipients.
f) Transmission
You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format.
You also have the right to request that this data be transmitted to a third party, provided that the processing was carried out using automated procedures and is based on consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a or Article 9 Paragraph 2 Letter a or on a contract in accordance with Article 6 Paragraph 1 Clause 1 Letter b GDPR.
g) Revocation
In accordance with Art. 7 Para. 3 GDPR, you have the right to revoke your consent to us at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation. In the future, we will no longer be allowed to continue data processing based on your revoked consent.
h) Complaint
According to Art. 77 GDPR, you have the right to complain to a supervisory authority if you believe that the processing of your personal data violates the GDPR. To do this, please use the data protection authority as described under point 1.c. is called.
i) Objection
If your personal data is processed on the basis of legitimate interests in accordance with Art. In the latter case, you have a general right to object, which we will implement without specifying the particular situation. If you would like to exercise your right of revocation or objection, simply send an email to privacy@eye-able.com.
j) Automated decision in individual cases, including profiling
You have the right not to be subject to a decision based solely on automated processing - including profiling - which has legal effects against you or similarly significantly affects you. This does not apply if the decision
is necessary for the conclusion or performance of a contract between you and us
is permitted by the laws of the European Union or the Member States to which we are subject and these laws contain appropriate measures to safeguard your rights and freedoms and your legitimate interests
is made with your express consent
However, these decisions may not be based on special categories of personal data in accordance with Article 9 Para. 1 GDPR, unless Art. 9 Para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests.
With regard to the cases mentioned in i) and iii), we take appropriate measures to protect the rights and freedoms as well as your legitimate interests, which include at least the right to obtain human intervention on our part, to express one's own point of view and to challenge the decision.
13. Changes to the data protection declaration
If we change the data protection declaration, this will be indicated on the website.
As of: June 4, 2026