ConSense GmbH Privacy Notice

ConSense GmbH (hereinafter referred to as "we") informs with this Privacy notice users (hereinafter referred to as “you”), about which data we collect on this website, why, and how we use this data. You will also find out what information and control rights you have regarding your personal data. 

1. Responsible and Data Protection Officers

ConSense GmbH, Kackertstraße 11, 52072 Aachen, email address: info(at)consense-gmbh.de, is as operator of the website responsible in terms of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) as well as further provisions on data protection.

Comprehensive information about our company is found in the Legal Disclosure.

The protection of your personal data is an important concern for us. 

If you have questions or any other concerns according to the data processing as described here or to your rights, do not hesitate to contact us per email [datenschutz(at)consense-gmbh.de]. 

Our data protection officer can be reached at the following email address: consense(at)unser-datenschutz.de   

2. Providing the Website and Log files

2. 1. Description and scope of the data processing

Each time our website is accessed, our web server collects information automatically from the system of the accessing computer or terminal device.

The following data is collected and stored in log files:

  • User´s IP address
  • Browser type and browser version 
  • Operating system of the end device
  • User's internet service provider
  • Date and time of the access
  • Requested domain
  • Website from which the access is made
  • Status and amount of data transmitted

2.2 Purpose and legal basis of processing 

The temporary storage of the IP address by our system is necessary to enable delivery of the website to your computer. The storage of further data in log files is done to ensure the operation and functionality of the website. Furthermore, they serve to optimise the website and to ensure the security of our information technology systems (e.g. attack detection). 

Legal basis for the temporary storage and use of this data is Art. 6 para. 1 lit. f GDPR. Our interest is to guarantee the integrity, confidentiality and availability of the data processed by this website. 

2.3 Storage duration

The above-mentioned data will be deleted as soon as it is no longer necessary for the purpose for which they were stored. In the case of the collection of data for the purpose for providing the website, this is the time when the relevant session is ended. 

Log files are generally deleted after 30 days at the latest. However, storage beyond this period is possible. In this case, the IP address is deleted or alienated so that an assignment of the accessing client is no longer possible and the data contained no longer contain any personal reference.

3. Use of Cookies

3.1 Description and scope of the data processing

Our website partly uses cookies. These are bits of textual information that are stored as a file in your browser on your end device. Cookies do not damage your computer in any way and do not contain viruses, but allow a number of useful user interactions. A cookie usually contains the name of the domain as well as information about the age of the cookie and an alphanumeric identification (“Cookie ID”).

Cookies may contain information about browser settings and previous interactions on the website and may indicate that a user has visited a website in the past.

The data processing does not take place by assigning data to you personally, but by assigning it to the cookie ID. The cookie ID is not merged with your name, IP address or similar data.

3.2 Purpose and legal basis of processing

Cookies enable to manage a website visit and thus make it more convenient for the visitor. Cookies are necessary for some functions (e.g. user accounts, shopping cart control, login status); other functions are primarily intended for users convenience.

The processing serves our interest in providing a functional and user-friendly online presence of our company and is based on Art. 6 para. 1 lit. f GDPR (functional cookies).

You can block the usage of cookies on our website here or in your browser settings. However, this may also affect some functions of the website or the availability of certain offers.

Cookies also enable storage of information of your preferred activities and thus align our website and presented offers to meet your interests. 

In addition, cookies are used in the website analysis, which enables us to improve the website technically, creatively and content-related (statistics cookies).

These data processing operations for analysis and marketing purposes are described separately below, as they involve the use of special tools and contractual partners. These are also based on Art. 6 (1) lit. f GDPR and serve our interest in an optimised presentation of our contents, products and services.

3.3 Storage duration   

Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit.

Persistent cookies are also used. Most delete themselves after only a few days. However, persistent cookies are also used in the website analysis, which can have a storage period of up to 24 months. 

You can also delete the cookies stored on your computer at any time using your browser tools.

4. Contact forms and Registration

4.1 Description and scope of the data processing

On our website you have the possibility to send us inquiries via contact forms, e.g. to arrange a presentation appointment, to request information material or to register for an event (e.g. academy, webinars). In addition to freely available content, we also offer content for download (e.g. whitepapers) for which prior registration is required.

We also offer selected content on specialised platforms of our marketing partners, in order to reach a wider audience. In this case, the relevant marketing partner will send your contact details to us.  You will be informed about this separately before the download and asked for your consent. Furthermore we process your data as described below.

We store and use the data you have entered for contact purposes The contact forms contain mandatory fields which necessarily have to be filled in, and optional fields, in which you only provide information if deemed appropriate.  The information we ask from you depends on the context of the form.

Examples for mandatory fields are:

  • salutation
  • surname
  • company 
  • Business email address

Examples for optional fields are:

  • position
  • industry
  • telephone number
  • company address 
  • free text fields for comments, etc. 

In addition to these form data, we store also the content of your request – e.g. which information material you request or download or for which events you register.  The procedure described applies also if you send a request to us by phone or email.

4.2 Purpose and legal basis of processing

The data is collected and used to process your request and to contact you.

If the data collection is based on a registration in connection with a consent, the data will be processed based on Art. 6 para. 1 lit. a GDPR.

If data collection is necessary to initiate or execute a contract (e.g. registration for events), the legal basis is Art. 6 Para. 1 lit. b GDPR. The same applies to the data processing necessary for the provision and sending of content.

In addition, we can evaluate data statistically to improve the content and its presentation on our website.  Such an evaluation does not take place in relation to specific users, but in an aggregated form.  If the purpose is improving our website and no separate consent from the data subject is required, this processing is based on Art. 6 (1) lit. f GDPR.

4.3 Storage duration

The above-mentioned data will be deleted as soon as they are no longer necessary for the purpose of their collection. This is the case with personal data sent via contact forms and the relevant conversation has ended.  The conversation is ended when it can be inferred from the circumstances that the matter has been finally clarified.  This can also include that we will contact you after the processing concerning your satisfaction with our service or about a further interest in related services and products of us.

If the data processing is based on a consent given in combination with a registration, the data will be stored generally for as long as the consent is available; i.e. until you revoke it or it can be inferred from the circumstances that no further contact is desired.  You can revoke or enter an objection to emails with advertising character at any time in the future by clicking the link at the end of the email sent to you.  You can also inform us hereof using the contact details mentioned above.

Data collected for the execution of a contract remain stored for the duration of the contract and until the expiry of the legal and contractual warranty and guarantee rights.  After this period, we store the information required by commercial and tax law for a prescribed period (usually 6 to 10 years).

5. Live-Chat

5.1 Description and scope of data processing

On our website, we use a live chat tool of the company Userlike UG (limited), Probsteigasse 44-46, 50670 Cologne, Germany. You can use it like a contact form to send your enquiries to us, almost in real time. Userlike uses cookies, text files that are stored on your end device. When starting the chat, the following personal data is also collected:

  • Date and time of the access
  • Browser type  and version
  • IP address
  • Operating system
  • URL of the previously visited website
  • Amount of data sent
  • First name, last name
  • Email address

This data is also stored by our chat service provider Userlike. There is a contract in place with the service provider regarding the order processing. The data is stored and processed exclusively within the EU.

In addition, we store the history of the live chat. Depending on the conversation, further personal data may therefore be collected if entered.

The current terms of use, as well as the privacy statement from Userlike can be found at:
https://www.userlike.com/de/terms#privacy-policy

5.2 Purpose and legal basis of processing

Cookies are only set with your consent. If you do not give your consent, the live chat cannot be used, as this requires connecting the chat to a user or to an end device. The legal basis is Art. 6 para. 1 lit. a GDPR.

The storage of the above-mentioned data serves the purpose of potentially avoiding extensive explanations about the history of your enquiry under certain circumstances, as well as for the constant quality control of our live chat service. In addition, it is necessary to ensure the security of the information technology systems. The processing is therefore permissible according to Art. 6 Para. 1 lit. f GDPR.

5.3 Storage duration

The cookies are, on the one hand, cookies of the application status (persisted state, machine state, session ID and chat statistics). These are deleted at the end of the browser session. On the other hand, there are identification cookies (user ID, name of the end user, email address and the number of visits), which make it possible to identify a user on a recurring visit. These remain stored for one year by default. You can also delete them earlier at any time via your browser settings.

The other personal data, including chat history, remain stored by us for one year.

You have the right to revoke your consent of the storage and processing at any time with effect for the future. You can also do this vis-à-vis our staff member at the end of the chat or use the contact options mentioned above.

6. Newsletter and Infomailings

6.1 Description and scope of the data processing

If you wish to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter (double opt-in). We use the so-called double-opt-in procedure, in which you receive a confirmation email. Therein you have to click on the affirmation link.   

You can provide further information when you register, e.g. if you would like the newsletter to be personalised with your details or if you want to be informed particularly about events in your vicinity.

We sent our ConSense newsletter once per quarter.  In addition, information emails about special events such as trade fairs or workshops in your vicinity are sent irregularly (usually 4-6 times per year).

When sending the newsletter, an opening and click-through rate are also recorded.  We record in this regard aggregate figures how many newsletters have been opened and which links in the email as well how often they have been clicked.  The evaluation is purely statistical and there is no assignment to a specific recipient (email address) or user (IP address). 

You can revoke your consent to the sending of the newsletter at any time by unsubscribing from the newsletter using the link at the end of the email.

In the area of newsletter dispatch or newsletter tracking, we work with the domestic provider SC-Networks, Würmstraße 4, 83219 Starnberg, with whom there is an Order Processing Agreement according to Art. 28 GDPR. 

Further information on data protection of SC-Networks can be found here: 

https://www.sc-networks.de/datenschutz/ 

6.2 Purpose and legal basis of processing

If the processing is based on your consent, the legal basis is Art. 6 (1) lit. a GDPR. The recording and analysis of statistical opening and click rates enable us to evaluate how the newsletter is accepted and which content was more or less interesting as a whole.  Furthermore, it requires determining errors in the supply.  Data processing provides a basis on which to improve the contents and design of the newsletter. Legal basis is Art. 6 (1) lit. f GDPR.

6.3 Storage duration

The above mentioned personal data remain stored as long as you are interested in receiving the newsletter and not revoke your consent.  Legal basis is Art. 6 (1) lit. a GDPR.  Data, which no longer can assign to an identifiable person, are anonymous and remain stored longer.

7. Web analysis (Google Analytics)

7.1 Description and scope of the data processing

This website uses Google Analytics.  If you have your habitual residence in the European Economic Area or in Switzerland, as long as additional conditions are not stipulated, Services of Google Ireland Ltd. (“Google“) will be provided, a company existing and operating under Irish Law (register number: 368047) based in Gordon House, Barrow Street, Dublin 4, Ireland.  Google Analytics also uses Cookies.  This enables an analyse of the use of the website.

If pages of our website are accessed, the following data is stored:

  • Three bytes of the IP address of the calling system (anonymised IP address)
  • The website accessed
  • The website, from which the user have accessed to the website (referrer)
  • Average time spent on the website
  • The frequency with which a website is accessed

Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.

The software is set up so that your IP address will not be stored completely but the last octet of the IP address is masked.  In this way, it is no longer possible to assign the shortened IP address to the requesting computer.

A current excerpt of the terms of use as well as explanations on data protection at Google can be found here:

https://policies.google.com/privacy? 

https://policies.google.com/terms 

Since Google operates servers all over the world, we cannot rule out that personal data will continue to be transmitted to Google LLC based in the USA.

Google is certified to the EU-US-Privacy Shield.  A current certificate is kept available at https://www.privacyshield.gov/list . On July 12, 2016, the EU Commission decided that the requirements of the privacy shield correspond to the data protection level of the European Union; the Convention has been applicable since then.

7.2 Right to object 

You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) as well as Google from processing this data by downloading and installing the browser plug-in available under the following link: 

https://tools.google.com/dlpage/gaoptout?hl=en 

You can also prevent Google Analytics collection by clicking on the following link. An opt-out cookie is set to prevent your data from being collected in the future when you visit this website:

This opt-out cookie must be permanently stored on your computer. If you delete this cookie or if it is automatically deleted by browser settings, you must reinstall this cookie when you visit our site again.

7.3 Purpose and legal basis of processing

Data processing only takes place with your consent and is based on Art. 6 Para. 1 a GDPR. You can revoke your consent at any time with effect for the future by using the objection option (7.2.) or by adjusting your browser settings.

7.4 Storage duration

The user and event data are deleted after a storage period of 38 months.

8. Conversion Tracking and Retargeting (Google Ads and Microsoft Bing Advertising)

8.1 Description and scope of the data processing

We use so-called Google Conversion Tracking. In the case of clients who are directed to our website from an advertisement of Google Ads or Bings Ads, Google or Microsoft will store a cookie on your device.

We thus get the total number of users who clicked on an ad.  Cookies do not enable personal identification.  A universal event tracking tag (UET) is integrated on our website, which is used to store some non-personal data about the use of the website in connection with the cookie.  This includes, among other things, the time you spent on the website, which areas you accessed and the display used to access the website.

This website uses retargeting technology. This enables to target those internet users with our advertising on websites connected to Google Ads and Bing Advertising who have already shown an interest in our products.  During retargeting, the advertising media are displayed on the basis of a cookie-based analysis of previous user behaviour.

Furthermore, Google and Microsoft can use under certain circumstances cross-device tracking to track your usage behaviour across several of your electronic devices and are thus able to display personalised advertising on their websites and apps. 

Google Ads is a service of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. 

A current excerpt of the terms of use as well as explanations on data protection at Google can be found here:

https://policies.google.com/privacy? 

https://policies.google.com/terms 

Google is certified to the EU-US-Privacy Shield. A current certificate is kept available at https://www.privacyshield.gov/list . 

Microsoft Bing Advertising is a service of Microsoft Corporation, One Microsoft Place, South County Business Park, Leopards town, Dublin 18, D 18 P 521). 

Since Microsoft operates servers all over the world, we cannot rule out that personal data will continue to be transmitted to Microsoft Online Inc. based in the USA.

A current excerpt of the terms of use as well as explanations on data protection at Bing Ads can be found here:

https://help.bingads.microsoft.com/#apex/3/de/53056/2

https://privacy.microsoft.com/de-de/privacystatement 

In addition, the following guidelines apply to retargeting using UET: 

https://about.ads.microsoft.com/de-de/ressourcen/richtlinien/richtlinien-fuer-remarketing-in-bezahlter-suche 

Microsoft is certified to the EU-US-Privacy Shield.  A current certificate is kept available at www.privacyshield.gov/list .

8.2 Right to object

If you do not want an appropriate collection and use of data with Google technologies, you can use the following link to control cookies for advertising defaults and deactivate interest-based ads: 

http://www.google.de/policies/technologies/ads/ 

You can deactivate the appropriate collection and use of data by Microsoft under the following link: 

http://choice.microsoft.com/de-de/opt-out 

8.3 Purpose and legal basis of processing

Data processing serves to improve and implement our online advertising measures and only takes place with your consent (marketing cookies). The legal basis is Article 6(1a) of the GDPR. You can revoke your consent at any time with effect for the future by using the objection option (7.2.) or by adjusting your browser settings. 

8.4 Storage duration

Cookies lose their validity after 30 days. 

9. Application forms and attachments

9.1 Description and scope of the data processing

You have the possibility to apply for advertised positions directly using an application form on our website.  The data, you have entered directly in the form or send as an attachment, will be collected and stored.  We use this data internally only for processing and evaluating your application and do not forward it to third parties outside of ConSense GmbH. 

9.2 Purpose and legal basis of processing

The storage and processing is to choose suitable candidates and concerning to that deciding for an employment relationship.  Legal basis is § 26 BDSG. 

Often we have several particularly suitable applicants for a position. Subject to the applicant's consent, we offer rejected applicants to include their data in our applicant pool. This means that the application can also be considered for future job offers at ConSense GmbH.  Applicants will be contacted by telephone or email after the selection process in order to clarify any possible interest in the applicant pool. If the applicant is interested, a separate written consent will be obtained. Legal basis is in this case Art. 6 (1) lit. a GDPR.

9.3 Storage duration

Information and electronic documents are stored by us for the duration of the application process (completion of the selection process plus 6 months). If you have given your consent to include your application documents in the application pool, they will be stored for up to 2 years after the calendar year of your application. 

10. Customer Portal: Registration and Ticket System

10.1. Description and scope of data processing

We use the ConSense Customer Portal to provide support services. The tool is based on a proprietary technology developed by ConSense GmbH. In the Customer Portal, you create your support tickets used to communicate with our support team. The following data will be stored for registration:

  • First name, last name
  • Telephone number
  • Email address
  • Academic title
  • Company
  • Position

The data will be stored and processed on EU-based servers exclusively. In addition, we store the content of the tickets created. Depending on the documentation process, further personal data may be collected if these have been entered. It is therefore not excluded that you disclose further personal data in the process (e.g. screenshots). Please ensure that this is kept to the required minimum. In addition to this information, log files (registration and login), the creation date and time of a ticket and the communication associated with the processing of the ticket are also stored.

10.2. Purpose and legal basis of processing
The purpose of data processing is the optimisation of ticketing and support workflows, procedural documentation as well as transparency for customers and staff. This practice is legal pursuant to Art. 6 para. 1 lit. b of the GDPR and primarily serves the performance of a contract. In addition, the ticket system also serves to improve the products and services of ConSense. The legal basis in this respect is Art. 6 para. 1 lit. f of the GDPR.

10.3. Storage duration
The data is generally stored for the duration of the contract period. In addition, tickets may be retained for a longer period of time if required by tax and commercial regulations and/or IT or QM documentation obligations.

11. Customer Portal: Community platform "ConSense IDEAS"

11.1. Description and scope of data processing

As a registered user of the ConSense Customer Portal, you also have the opportunity to submit ideas and suggestions for improvements to the products and services of ConSense as well as to exchange ideas with other ConSense users. Administrators are able to retrace your authorship of entries via your email address. This information may also be passed on to other ConSense employees in order to contact you regarding your suggestion.
However, entries published on the board will be pseudonymised on the basis of a user ID number. In addition to the e-mail address and the posted content, the IP address, browser and end device information as well as general usage data, approximate location and error messages will be collected. The data is not person-related and will only be processed in aggregated form, unless specific error messages require assignment to a particular account. A session cookie required for technical purposes will be set to manage session-related processes (e. g. login status, caching of content). For error analysis and bug reporting, a cookie called Bugsnap is also required and will be stored locally on your browser.
For our platform "ConSense IDEAS", we use the Sleekplan tool from Sleekplan GmbH, Georgenstrasse 66, 80799 Munich, with whom the necessary data protection agreements have been made. Data generally will only be processed in the EU, unless the platform is accessed from a third country. In this case, servers closer to the location might be called up transmitting the IP to these servers.

11.2. Purpose and legal basis of processing
The purpose of data processing is the improvement and further development of the ConSense products on the basis of users’ experiences and ideas, as well as the promotion of information exchange between users. The legal basis is Art. 6 (1) lit. f GDPR, with our interests pursued by processing your data reflecting the purposes described. We assume that the users’ interests do not conflict with ours when users actively participate in the "ConSense IDEAS" board.

11.3. Storage duration
The data will be deleted as soon as it is no longer required for the stated purposes. This may depend on the individual circumstances (e.g. implementation period, relevance of the contribution). However, you can notify us at any time using the contact details above and request earlier deletion of a contribution.

12. Your rights as a data subject

If your personal data is processed by using this website, you are a ”data subject“ within the meaning of GDPR.  You have the following rights towards us as the person responsible for this data processing:

  • Right of access
  • Right of entitlement
  • Right to restriction of processing
  • Right to erase
  • Right to information
  • Right to data portability
  • Right of objection
  • Right to withdraw the data privacy statement
  • Right of complaint concerning the data protection supervisory authority

Note: cancellation of your consent

You have the right to revoke your consent from us at any time.  However, this does not affect the legality of processing based on consent before its revoke.

Note: complaint concerning the supervisory authority

Without prejudice to any other administrative or judicial legal order, you have the right to file a complaint with a supervisory authority, in particular in the Member State of your residence, your workplace or the location of the suspected infringement. That is the case, if you consider that our processing of your personal data is contrary to the provisions of GDPR.

13. Additional information

13.1 No transfer of your data 

If this has not already been mentioned above, data we collect will generally not be transferred to third parties.  In particular, your data will not be transferred to third parties for their advertising purposes. 

However, we may use service providers for the operation of our website or for e.g. email services. In this case, a service provider can get knowledge of personal data.  We choose these service providers carefully in particular concerning to data protection and data security. We take all data protection measures required for reliable data processing. 

13.2 Data security 

All information that you transmit to us is stored on servers within the European Union.  Unfortunately, the transmission of information over the Internet is not completely secure, so we cannot guarantee the security of data transmitted over the Internet to our website. However, we use technical and organisational measures to protect our website and other systems against the loss, destruction, access, alteration or distribution of your data by unauthorised persons. In particular, we will transmit your personal data in encrypted form. We use the TLS (Transport Layer Security) coding system. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If TLS encryption is activated, third parties cannot read the data you transmit to us.

When communicating by e-mail, we cannot guarantee complete data security, so we recommend that you send confidential information per post.

13.3 Changes to the privacy statement 

We reserve the right to change this privacy statement at any time with effect for the future.  A current version is available on the website.  Please visit the website regularly and inform yourself about the applicable privacy statement. 

July 2022

If you have any questions, feel free to contact us!

Request InformationLive-DemoContact