Privacy Policy.
Welcome to StakeholderLink and our website www.stakeholderlink.com. The protection of your personal rights is of great importance to us and for this reason, we follow the principle of limiting all data processing to the necessary information and the necessary extent.
With this privacy policy, we inform you for which purposes personal data are collected, processed and used when you visit our website.
We process your personal data in line with this Privacy Policy and in accordance with the Colorado Privacy Act (CPA) and the General Data Protection Regulation (GDPR).
Person responsible (Data Controller)
The responsible party within the meaning of the CPA and the GDPR is StakeholderLink of 6140 South Gun Club Road, Suite K6-359, Aurora, CO, 80016, USA. You can contact us using +1 303-204-6700 or by email to Support@stakeholderlink.com.
You can find us in social media at
Twitter https://twitter.com/stakeholderlink/
Facebook https://www.facebook.com/stakeholderlink/
LinkedIn https://www.linkedin.com/company/stakeholderlink
Principles
StakeholderLink processes personal data in order to better understand the needs of its customers and thus to be able to improve its services. Personal data will only be used in the specific context of your customer relationship with StakeholderLink to the extent permitted by law or on the basis of your prior express consent.
In particular we are committed to the following key principles:
- We protect your privacy and aim to provide you with a service that is tailored to your needs.
- Personal data is collected for specific purposes based on your consent or a legitimate interest when you contact us.
- You have the right to information and access to your personal data at any time and may request its correction or deletion.
- We do not sell your personal data to third parties. However, if necessary and if explicitly mentioned afterwards or if you have consented, we may share your data with group companies, brand licensees, partners and other service providers. In this case, their own privacy policies may also apply.
- We take all reasonable measures to ensure the security and protection of your data from misuse.
- Personal data are processed by us only as necessary and for the purpose of providing a functional and user-friendly website, including its contents and the services offered there.
Data Breaches/Notification
Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6 (1) (a) of the GDPR serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.
General technical organizational measures
StakeholderLink has taken a variety of security measures to protect personal information to an appropriate extent and adequately. All information held by StakeholderLink is protected by physical, technical, and procedural measures that limit access to the information to specifically authorised persons in accordance with this Privacy Policy.
The StakeholderLink website is behind a software firewall to prevent access from other networks connected to the Internet. In addition, only employees who need the information to perform a specific job are granted access to personally identifiable information. These employees are trained in security and privacy practices and treat your information confidentially.
Secure transfer of your data.
In order to best protect the data, we store against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
The exchange of data to and from our website is always encrypted. We offer HTTPS as the transmission protocol for our website, in each case using the current encryption protocols.
In addition, we offer our users content encryption as part of the contact forms and for applications. The decryption of this data is only possible for us. In addition, there is the option of using alternative communication channels (e.g., the postal service).
Colorado Specific Rights
If you are a Colorado Citizen or resident, you have the right to:
- Confirmation whether your personal data is being processed by us;
- Correct inaccuracies in your data;
- Delete personal data obtained from or about you;
- Obtain a copy of the data you previously provided us in a portable and “readily usable” format; and
- Opt-out of data collection if the data is collected “for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning on you.
GDPR Rights
If you are a European Citizen or resident, you have the following rights:
- to confirmation as to whether data relating to them is being processed,
- to information about the data processed, to further information about the data processing and to copies of the data;
- to correction or completion of incorrect or incomplete data;
- to immediate erasure of the data concerning them;
- to receive the data concerning them and provided by them and to transfer this data to other providers/controllers.
- to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection provisions.
In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or restriction of processing that takes place. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.
Likewise, users and data subjects have the right to object to the future processing of data concerning them, insofar as the data is processed by the provider. In particular, an objection to data processing for the purpose of direct advertising is permissible.
The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal information.
Please direct all requests for information, requests for information or objections to data processing to us.
Transmission and disclosure of personal data
In the course of our processing of personal data, it may happen that the data is transmitted to other bodies, companies, legally independent organizational units or persons or that it is disclosed to them. Recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a web site. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.
Data processing in third countries
If we process data in a third country (i.e., outside the United States) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only be done in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we only process or have data processed in third countries with a recognized level of data protection, contractual obligation through so-called standard contractual clauses, in the presence of certifications or binding internal data protection regulations.
Provision of the website and web hosting
In order to provide our website securely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers managed by them) the website can be accessed. For these purposes, we may use infrastructure and services, computing capacity, storage space and database services as well as security services and technical maintenance services.
The data processed in the course of providing the hosting service may include all information relating to the users of our online service that is generated in the course of use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of websites to browsers, and all entries made within our website or websites.
Economic analyzes and market research
For business reasons and in order to be able to recognize market trends, wishes of contractual partners and users, we analyze the data we have on business transactions, contracts, inquiries, etc., whereby the group of persons concerned may include contractual partners, interested parties, customers, visitors and users of our website.
The analyzes are carried out for the purpose of business evaluations, marketing and market research (e.g., to determine customer groups with different characteristics). In doing so, we may, if available, take into account the profiles of registered users together with their details, e.g., regarding services used. The analyzes serve us alone and are not disclosed externally, unless they are anonymous analyzes with summarized, i.e., anonymized values. Furthermore, we take the privacy of the users into consideration and process the data for the analysis purposes as pseudonymous as possible and, if feasible, anonymously (e.g., as summarized data).
Online marketing
We process personal data for online marketing purposes, which may include, in particular, marketing and advertising space on social media or displaying promotional and other content on our website including but not limited to the sign ups from our Free Webinar or our Free Trial (collectively, “content”) based on potential user interests and measuring its effectiveness.
For these purposes, so-called user profiles are created and stored in a file or similar procedures are used, by means of which the information about the user relevant to the presentation of the aforementioned content is stored. If users have consented to the collection of their personal data, this may also be processed.
The IP addresses of users are also stored. However, we use available IP masking procedures (i.e., pseudonymization by shortening the IP address) to protect users. In general, no clear user data (such as e-mail addresses or names) is stored without the user’s explicit consent.
Notes on legal basis: If we ask users for their consent to use third-party providers, the legal basis for processing data is consent.
Sending information
We use your data for sending information ordered by you about our offer and other promotions from us to the e-mail address provided by you.
We would like you to enjoy reading our e-mails. Therefore, we try to only include content that you are likely to be interested in. We therefore measure and store opening and click-through rates in your usage profile, i.e., whether and when you open our emails, which content of the emails you click on and when, as well as whether and why our emails could possibly not be delivered. We also use this data for statistical purposes. In particular, this serves our legitimate interest to evaluate the performance of the individual campaigns and to define optimization measures in order to make our e-mails as attractive and suitable as possible for you. The legal basis for the processing is therefore Art. 6 para. 1 lit. f GDPR.
Of course, you can unsubscribe from receiving our information at any time, i.e., revoke your consent with effect for the future or object to data processing. For this purpose, you will find a corresponding unsubscribe link in every mail. You can also contact us for a cancellation at any time.
Direct marketing in the context of a customer relationship
We use the data you provide to fulfil and process our contract and to respond to your inquiries in accordance with Art. 6 para. 1 p. 1 b) GDPR or on the basis of your consent in accordance with Art. 6 para. 1 p. 1 a) GDPR. Insofar as you have also given us separate consent to process your data for consulting and advertising purposes, StakeholderLink is entitled to contact you for these purposes via the communication channels you have ticked in this consent.
Data processing in the context of our service provision (incl. Trials and Webinars)
The protection of your data is particularly important to us in the performance of our services. We therefore only want to process as much personal data (for example, your name, address, e-mail address or telephone number) as is absolutely necessary. Nevertheless, we rely on the processing of certain personal data, in order to fulfil our contractual obligations to you or to carry out pre-contractual measures. This processing of personal data, will always be carried out in accordance with applicable data protection laws.
Administration, financial accounting, office organization, contact management.
We process data in the context of administrative tasks as well as organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are Article 6 (1) (c) GDPR, Article 6 (1) (f) GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities.
In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers.
Furthermore, based on our business interests, we store information on suppliers, event organizers and other business partners, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.
Information in the context of the use of the website
In principle, it is possible to use the StakeholderLink website without providing personal data. When a page of our website is accessed and each time a file is retrieved, access data about this process is stored in a log file. The corresponding log file contains: Your IP address, the page from which the file was requested, the name of the file, the date and time of the request, the amount of data transferred, the access status (file transferred, file not found, etc.), a description of the type of operating system and web browser used. The stored data does not allow any conclusions to be drawn about your identity and is evaluated exclusively for statistical purposes.
The collection and processing of this data is carried out in order to enable the use of the website at all, on the basis of Art. 6 para. 1 p. 1 f) GDPR, whereby our legitimate interest is the provision of our website. Incidentally, we store this aforementioned data, including the IP addresses, only in anonymized form and use it only in this anonymized form to analyze the use of the offer and the further development and optimization of our website in your interest, also on the basis of Art. 6 para. 1 p. 1 f) GDPR. Our legitimate interest is the ongoing improvement of our online offer in order to provide you with the greatest possible user comfort.
Contacting Us
If you contact us and send us general inquiries the contact details you provide, will be stored and used by us to fulfill the purpose associated with the transmission, e.g., to process your inquiry or in the event of follow-up questions.
The basis for this storage and use of your personal data is your consent in accordance with Art. 6 Para. 1 S. 1 a) GDPR, which you give us separately before sending the contact form. Insofar as you provide us with your personal data for the purpose of responding to your questions or preparing a quotation, the entry of personal data is required within the meaning of Art. 13 (2) e) GDPR. Without this information, we cannot process your request.
You have the right to revoke your consent to the data processing described above at any time with effect for the future. In this case, we will no longer process your data. Your personal data will be deleted even without your revocation in any case if we have processed your request or if the storage is inadmissible for other legal reasons.
Contact form
If you use the contact form to send us general inquiries, request a quote for a specific service, your details from the inquiry form, including the contact details you provide there, will be stored and used by us to fulfill the purpose associated with the transmission, e.g., to process your inquiry, to prepare the desired quote and in each case for the event of follow-up questions.
The basis for this storage and use of your personal data is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you give us separately before sending the contact form. Insofar as you provide us with your personal data for the purpose of responding to your questions or preparing a quotation, the entry of personal data is required within the meaning of Art. 13 (2) e) GDPR. Without this information, we cannot process your request.
You have the right to revoke your consent to the data processing described above at any time with effect for the future. In this case, we will no longer process your data. Your personal data will be deleted even without your revocation in any case if we have processed your request or if the storage is inadmissible for other legal reasons.
Cookies
During the use of our website, so-called “cookies”, small text files, are stored on your computer. Such cookies register information about your computer’s navigation on our website (pages selected, day, time and duration of use, etc.). A cookie is downloaded via a browser the first time you visit a website. The next time you visit this website with the same device, the browser checks whether a corresponding cookie is present (i.e., contains the website name). It sends the data stored in the cookie back to the website. Some cookies are important for the website’s functionality and are automatically activated by us when a user visits. Our website also uses cookies to make it easier to use and to provide you with content tailored to your information needs.
You cannot be personally identified from any of the information we collect. The use of the cookies we use is necessary in order to be able to provide the online offer of StakeholderLink at all and, moreover, to be able to optimize it on an ongoing basis. The data processing in this context is therefore based on Art. 6 para. 1 p. 1 f) GDPR. Our legitimate interest is to provide visitors to our website with a functioning online service and to make visiting and using the website as pleasant and efficient as possible.
For further information on cookies in general, please visit www.allaboutcookies.org and for further details on the cookies we use, please refer to our Cookie Policy.
Storage period and deletion
We store your personal data for as long as is necessary to fulfil the intended purpose (e.g., contract fulfilment, answering your enquiries) or for as long as legal retention periods make storage necessary. As long as legal storage obligations, such as tax and commercial law regulations, or other justified reasons within the meaning of Art. 17 (3) of the GDPR prevent the deletion of your personal data, we will restrict the processing of your data; your data will then be deleted in accordance with the legal regulations.
Data processing due to legal requirements / protection against misuse / rights of third parties
StakeholderLink is entitled to process your personal data insofar as this is necessary to fulfil legal obligations. For this purpose, StakeholderLink may transfer this data in particular to authorities, law enforcement agencies and courts. In this case, the transfer of your data is required by Art. 6 para. 1 p. 1 c) GDPR for compliance with a legal obligation to which we are subject. StakeholderLink is further entitled to process personal data if and to the extent necessary to detect or prevent misuse of this website or to enforce claims of StakeholderLink, its employees or users, whereby the data processing in these cases is necessary to protect these aforementioned legitimate interests of StakeholderLink pursuant to Art. 6 para. 1 p. 1 f) GDPR.
Your personal data will not be transferred to countries outside the USA, with the exception of the transfer of information generated by the cookie.
When you send a data subject access request
The legal basis for the processing of your personal data in the context of handling your data subject access request is our legal obligation and the legal basis for the subsequent documentation of t data subject access request is both our legitimate interest and our legal obligation.
The purpose of processing your personal data in the context of processing data when you send a data subject access request is to respond to your request. The subsequent documentation of the data subject access request serves to fulfil the legally required accountability.
Your personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the processing of a data subject access request, this is three years after the end of the respective process.
You have the possibility at any time to object to the processing of your personal data in the context of the processing of a data subject access request for the future. In this case, however, we will not be able to further process your request. The documentation of the legally compliant processing of the respective data subject access request is mandatory. Consequently, there is no possibility for you to object.
Legal defense and enforcement of our rights
The legal basis for the processing of your personal data in the context of legal defense and enforcement of our rights is our legitimate interest.
The purpose of processing your personal data in the context of legal defense and enforcement of our rights is the defense against unjustified claims and the legal enforcement and assertion of claims and rights. Your personal data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected.
The processing of your personal data in the context of legal defense and enforcement is mandatory for legal defense and enforcement of our rights. Consequently, there is no possibility for you to object.
Automated decision-making
Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place on the part of StakeholderLink.
Accuracy
It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.
External Links
Our website contains links to the online offers of other providers. We hereby point out that we have no influence on the content of the linked online offers and the compliance with data protection regulations by their providers.
Social Media
The data you enter on our social media pages, such as comments, videos, pictures, likes, public messages, etc. are published by the social media platform and are not used or processed by us for any other purpose at any time. We only reserve the right to delete content if this should be necessary. Where applicable, we share your content on our site if this is a function of the social media platform and communicate with you via the social media platform. The legal basis is our legitimate interest. The data processing is carried out in the interest of our public relations and communication.
If you wish to object to certain data processing over which we have an influence, please contact us. We will then examine your objection. If you send us a request on the social media platform, we may also refer you to other secure communication channels that guarantee confidentiality, depending on the response required. You always have the option of sending us confidential enquiries to our address stated in the imprint.
As already stated, where the social media platform provider gives us the opportunity, we take care to design our social media pages to be as data protection compliant as possible. With regard to statistics that the provider of the social media platform makes available to us, we can only influence these to a limited extent and cannot switch them off. However, we make sure that no additional optional statistics are made available to us.
Analysis and targeting tools
Google Analytics
On our website, we use various services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
You can find more information about Google services at https://www.google.com/privacy/ads/.
Our website uses Google Analytics to design and improve the website according to your needs. Google Analytics uses so-called cookies, which are stored on your terminal device, and which enable an analysis of your use of the website. The information generated by the cookie is usually transferred to a Google server in the USA and stored there. We use the extension of IP anonymization (so-called IP masking) on this website, i.e., your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity, and providing other services relating to website activity and internet usage to StakeholderLink.
The legal basis for the data processing is Article 6 (1) (a) GDPR.
Google’s services also include reports on the effectiveness of our advertising measures (including across devices), on the demographics and interests of our users, as well as functions for the cross-device delivery of online advertising if you are the owner of a Google account and have consented to the personalization of advertising (“Ads Personalization”). In this case, the legal basis for data processing is your consent to Google (Article 6 (1) (a) GDPR).
You can object to the collection or analysis of your data by Google Analytics by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout.
The data sent by us and linked to cookies, user IDs (e.g., user ID) or advertising IDs are automatically deleted after 14 months.
For more information on the terms of use of Google Analytics, please visit https://www.google.com/analytics/terms/.
Google Marketing Platform
Our website also uses other services of the Google Marketing Platform (formerly “Google Doubleclick”). These services use cookies to serve ads that are relevant to users, to improve campaign performance reports or to prevent a user from being served ads more than once.
Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed more than once. In addition, Google can use cookie IDs to record so-called conversions, i.e. whether a user sees an ad and later visits the advertiser’s website and makes a purchase there. According to Google, these cookies do not contain any personal information.
Your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of this service. According to Google, the integration of these services provides Google with the information that you have called up the relevant part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, it is still possible for the provider to obtain and store your IP address.
In addition, cookies enable us to understand whether you perform certain actions on our website after you have called up one of our ads on Google or on another platform or clicked on it (conversion tracking) (“floodlight”). Google uses this cookie to understand the content you have interacted with on our websites in order to send you targeted advertising later.
You can prevent the tracking process by making the appropriate setting in your browser software (e.g., third-party cookies deactivated), deactivating cookies for conversion tracking by blocking cookies from the domain www.googleadservices.com in your browser settings, with regard to interest-based ads from providers that are part of the self-regulation campaign “About Ads” via the link http://www.aboutads.info/choices or at the link http://www.google.com/settings/ads/ . We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.
The legal basis for data processing is Art. 6 para. 1 lit. f) GDPR.
Google Tag Manager
This website uses Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags through one interface. The tool itself (which implements the tags) is a cookie-less domain and does not store any personal data. The tool triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data.
We pass on the collected data for processing to the respective internal bodies as well as to other affiliated companies or to external service providers, contract processors (e.g., hosting, support, analysis service providers) in accordance with the required purposes (to implement the desired campaign or newsletter or loyalty program). Platform/hosting service providers receive access to personal data from a third country. So-called standard contractual clauses in accordance with Art. 46 GDPR have been concluded with these service providers as suitable guarantees.
The legal basis for the data processing is Art. 6 (1) f GDPR.
Google Maps
In order to better display and geographically visualize our office location to the user, this web site uses Google Maps API. When using Google Maps, Google also collects, processes and uses data about the use of Maps functions by visiting these pages. The terms of use of Google Maps can be found here. Further information on data processing by Google is listed in Google’s privacy policy.
Scope of this Privacy Policy
This Privacy Policy only applies to the content on the StakeholderLink websites and the data processing on the servers we use. It does not cover such content and websites of third parties to which our offer merely links. The processing of your personal data via such websites is carried out by the respective provider of the website without us having any influence on this processing. For information on the handling and protection of your personal data on these websites, please refer to the Privacy Policy of the respective website.
Changes to this Privacy Policy
StakeholderLink will review and revise this Privacy Policy from time to time as appropriate, for example, due to new technical developments or changes in case law or in our business operations. Therefore, we recommend that you review this Privacy Policy from time to time to ensure that you are aware of how StakeholderLink collects, processes and uses data.
Further Information
If you have any questions regarding our Privacy Policy, please contact us. For general questions, please use the contact form on our website.