This Data Privacy Notice sets forth how CELUM handles your personal data in the following cases and explains your entitled rights. The collection and use of these data are carried out exclusively in compliance with your rights and with statutory provisions according to current versions of the Austrian Data Privacy Act and the GDPR.
With this Data Privacy Notice, CELUM would like to inform you about which specific personal data are collected, for what purpose, in what way and to what extent the data are used.
The responsible entity for purposes of the Data Privacy Act is:
If you have questions or concerns about data privacy, you are welcome to contact us.
Please find all contact details in the imprint.
Data privacy officer
If you have any questions regarding your data privacy please contact our data privacy officer:
Dr. Georg Schröder, LL.M
legal data Schröder Rechtsanwaltsgesellschaft mbH
Tel.: +49 (0)89 954 597 520
Fax: +49 (0)89 954 597 522
Data privacy For Social Media
Learn what data we collect from you on our social media presences and how we use it.
Table of Contents
“Personal data” is information about a person whose identity is or can be determined. “Affected person” is a specific or identifiable natural person whose data is used.
2. Data collection and its purpose
We limit our data collection to only what is necessary and reasonable.
When we collect your personal data, we explain to you for what purposes your data will be used. We need personal data to facilitate your use of our website, to run our business, to fulfill our contractual obligations and to be able to offer services tailored to your needs. This is how we process your personal data, e.g. when processing your inquiries.
All personal data is captured and synchronized by integrated forms from Hubspot, a service of Hubspot Inc. (www.hubspot.com). For purposes of analysis, so-called “web-beacons” and “cookies” are created and stored on your computer in order for us to analyze your usage of the website. The collected information (e.g., your IP address, geographical location, type of browser, duration of visit, and pages viewed) is evaluated by Hubspot on behalf of CELUM GmbH in order to provide CELUM GmbH with reports about website visitation.
If you have subscribed to a newsletter, we collect your e-mail address and we can use Hubspot to link a user’s visits to webpages using your personal information (especially your name and e-mail address) on the basis of your expressed consent, thus allowing us to inform you personally and individually about your preferred topics. If a user generally wishes to avoid data collection via Hubspot, the user may deactivate the storage of cookies by adjusting his or her browser settings accordingly. More information about the functionality of Hubspot can be found in Hubspot Inc.’s data privacy notice at https://legal.hubspot.com/privacy-policy.
For a demo request and on our general contact form we also collect your job title, business name and telephone number.
It can occur that we link personal data with other data at our disposal in order to optimize our service. We reserve the right to make statistical analyses, especially for the purpose of improving system security and functionality of the website. Your data will be deleted after their purpose has expired, unless their storage continues to serve a legitimate purpose and there is no conflict with lawful records-storage obligations
3. Policies for processing of personal data
We conform unconditionally to the legal data-protection regulations of the European Union and derivative national laws regarding the retention, processing and use of personal data. The affected user’s legal legitimation or consent forms the legal basis behind the processing of personal data.
Personal data will not be sold, loaned, rented out or by another means transmitted to a third party without your agreement. We will not divulge or transmit your personal data for advertising or marketing purposes to a third party without this being necessary for the provision of the service required of us or without your express consent.
Companies that are directly or indirectly affiliated with us are not considered third parties, accordingly. It is also possible to transfer personal data to outsourcing partners as long as they provide sufficient guarantees for a lawful and secure use of the data and if they are contractually obliged to adhere to the operational principles described herein.
We reserve the right to transfer personal data to other companies within the context of restructuring or corporate mergers if they also comply with the principles of action described herein and are based either in the European Union or in a third country with commensurate data protection.
To the extent that your consent to the processing of your data goes beyond what is contractually required, you may revoke your consent at any time.
If you actively opt to use the social-network functionality offered on our website, your personal data will be forwarded to the respective external providers of these social-networks. Additional information can be found in Section 5 of this Data-Protection Notice.
Furthermore, we reserve the right to pass on personal data to third parties if we are compelled to do so by law, if a legal order is made by a court or authority having proper jurisdiction, or if as a result of acts or omissions on your part we are compelled to lose our rights, our property or to have our assets protected or enforced by the responsible authorities.
4. Your rights
Fundamentally, you have the right to information, rectification, erasure, restriction of processing, data portability and objection. Should you wish to exercise your rights, please contact us.
4.1 Right to information: You can request a confirmation from us of whether your personal data is being processed. If this is the case, you have the right to access information about these personal data and the information described in Article 15(1) of the GDPR (such as purposes of processing, categories of personal data).
4.2 Right to rectification: You have the right to demand that we promptly correct your incorrect personal data.
4.3 Right to erasure: You have the right to have your personal data deleted when, for example:
(a) if the data are no longer necessary for the purposes for which they were collected or otherwise processed; or
(b) if they are unlawfully processed; or
(c) in the case of processing resulting from your giving consent, if you withdraw such consent.
The right to erasure does not apply if the exceptions cited in Article 17(3) of GDPR can be applied, for example if the processing is required to fulfill a legal obligation under EU or Austrian law (e.g., statutory retention requirements) or to establish, exercise, or defend against legal claims.
4.4 Right to restriction of processing: You have a right to restrict processing, if:
(a) you contest the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data;
(b) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(c) we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or
(d) you have objected to processing pursuant to Article 21(1) pending the verification whether we have legitimate grounds that override yours.
4.5 Right to object: Article 21(2) of the GDPR give you the right to object to processing your personal data, if processing of personal data:
(a) is carried out to safeguard our legitimate interests. We will not process data if you have an overriding interest in protection; or
(b) is for direct marketing purposes. This can be revoked at any time without giving reason.
4.6. Right to data portability: you can request that you receive the personal data you have provided to us in a structured, commonly used and machine-readable format, provided that we process these data on the basis of a revocable consent given by you or to fulfill a contract, and such processing is carried out using automated procedures. You have the right to transmit those data to another responsible party. Provided that it is technically feasible, you have the right to direct transmission from one responsible party to another.
If you believe that the processing of your data infringes upon your data-protection rights or your data-protection entitlements have been in some way violated, you can submit a complaint to the supervisory authority. In Austria, the Data Protection Authority is responsible.
Austrian Data Protection Authority
1030 Vienna, Austria
Telephone: +43 1 52 152-0
5. Log data
When each page is viewed, access data is saved in a log file, the Server Log. The recorded data include the following information:
• date and time;
• IP address;
• session ID;
• website visited;
• name of the website from which you accessed our website; and
• the browser used during your visit.
We evaluate these log files only in the event of improper use of our website. We reserve the right to retrospectively review the log files of any users who are strongly suspected of using our website unlawfully or in breach of contract.
We employ an analytical tool on our website called Hubspot, a service of Hubspot Inc. It uses so-called “web beacons” and also installs “cookies” on your computer, allowing us to analyze your use of our website. The collected information (e.g., IP address, geographical location, type of browser, duration of visit, and pages visited) are evaluated by Hubspot, under contract with Celum GmbH, in order to create reports about your visit and the content you access. If you have subscribed to a newsletter, Hubspot allows us to correlate the website visitor data with the personal data (especially your name and e-mail address) that you have voluntarily consented to provide us, thus allowing us to provide you with targeted and individualized information. If data collection by Hubspot is generally not desired, the storage of cookies can be prevented at any time by adjusting the appropriate browser settings.
Additional information about the functionality of Hubspot can be found in Hubspot, Inc.’s data-protection policy, found at:
7. Webinare / Video Conferences
Various types of data are processed when using the video conferencing system. The scope of the data also depends on the data you provide before or during participation in an online event. The following personal data are subject to processing:
User details: first name, last name, telephone (optional), e-mail address, password (if “single sign-on” is not used), profile picture (optional), department (optional).
Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.
If recording (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
For dial-in with the telephone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an online event. In this respect, the text entries you make are processed in order to display them in the online event and, if necessary, to log them. To enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed accordingly for the duration of the online event. You can turn off or mute the camera or microphone yourself at any time.
To participate in an online event or to enter the “meeting room,” you must at least provide information about your name.
If we want to record an online event, we will inform you transparently and – if necessary – ask for your consent. As a rule, there will be no recording of the online event. This also applies to the chat function.
If your participation in an online event is the subject of a contract with us, the legal basis for data processing is Art. 6 (1) b) GDPR. Otherwise, the legal basis is your consent pursuant to Art. 6 (1) a) GDPR, which you declare by participating in the online event and can revoke at any time with effect for the future.
The provider of the video conferencing system has its headquarters in the USA. Processing of personal data may thus also take place in a third country (a country outside the European Union or the contracting states to the Agreement on the European Economic Area). We have concluded an order processing agreement with the provider that complies with the requirements of Art. 28 GDPR.
In addition, the provider undertakes to conclude so-called EU standard data protection clauses within the meaning of Art. 46 GDPR. Based on this contractual set of rules, the provider is also obligated to comply with a data protection standard in the event of a third country transfer, which essentially corresponds to the European standard. Please note, however, that actual compliance with the EU standard data protection clauses cannot be ensured in every case (e.g., due to official access to the data in the recipient country).
8. Hyperlinks to external websites
So-called hyperlinks to websites of other providers can be found on our website. In these cases, you will be transferred directly from our website to that provider’s website. You recognize this by the change to the URL, among other changes. We assume no responsibility for the confidential handling of your data, because we have no influence as to how the other provider adheres to data-protection regulations. To inform yourself about how these providers handle your personal data, please refer to their websites directly.
9. Security measures used to protect your data
In order to protect your data, we have implemented special technical and operational security measures which are regularly checked and updated with the latest technology. However, we would like to point out that due to the structure of the internet it is possible that the rules of data protection and data security may not be observed by other persons or institutions that are outside of our area of responsibility.
10. Disclosure about your data and contact information
Your trust is important to us. For information and other questions or suggestions, please send us an e-mail to email@example.com.
11. Changes to the data-protection regulations
Because changes to the laws or to our business processes can make it necessary to adjust these data-protection provisions, we reserve the right to do so and ask you to review this data-protection disclosure regularly.
Cookies are small text data files that are installed on your computer. Most of the cookies we employ will be erased from your hard drive when you quit your browser (so-called “session cookies”). Other cookies remain on your computer and enable us to recognize your computer upon your subsequent visit (so-called “persistent cookies”). Additional cookies from third-party providers are also used on our website.
You can generally access our website without consenting to non-essential cookies, however if you wish to use our website fully and comfortably, you should accept those cookies that enable certain functions or make them easier to use. You can restrict how cookies are saved on your computer by adjusting the relevant settings on your browser.
If you do not wish to save our cookies on your computer, please deactivate the saving of cookies on your browser specifically for our website, or in general for all websites. You can also delete previously saved cookies from your browser.
Our website uses the following categories of cookies:
1. Session cookies
In order to facilitate browsing our website, we install a so-called session identifier (session ID) at the outset of every user’s visit. This session ID is used by our server to identify you or your computer/browser as the same visitor even if the IP address may have changed in the meantime. This session ID enables several related queries from a user to be assigned to a session. The session ID cookie we use expires at the end of a session and is automatically erased when you quit your browser.
2. Persistent cookies
The persistent cookies are the following cookies.
Essential cookies enable basic functions and are necessary for the proper function of the website.
|Provider||Owner of this website|
|Purpose||The Borlabs cookie saves the visitor’s settings that were selected in Borlabs’ Cookie Box.|
|Cookie Expiry||1 Year|
HubSpot & Facebook
|Name||HubSpot & Facebook|
|Purpose||HubSpot is an administrative service for user databases and is made by HubSpot, Inc. On this website, we use HubSpot for our online marketing activities.|
|Host(s)||*.hubspot.com, hubspot-avatars.s3.amazonaws.com, hubspot-realtime.ably.io, hubspot-rest.ably.io, js.hs-scripts.com|
|Cookie Name||__hs_opt_out, __hs_d_not_track, hs_ab_test, hs-messages-is-open, hs-messages-hide-welcome-message, __hstc, hubspotutk, __hssc, __hssrc, messagesUtk|
|Cookie Expiry||Session / 30 Minutes / 1 Day / 1 Year / 13 Months|
Google Tag Manager
|Name||Google Tag Manager|
|Purpose||Google Tag Manager is a Tag-Management System (TMS) that incorporates tracking codes and associated code fragments (generally known as tags) on the website. Google Tag Manager enables the safe and simple configuration of Analytics and measurement tags via a web-based user interface.|
|Cookie Expiry||2 Years|
Statistics cookies collect information anonymously. This information helps us to understand how our visitors use our website.
|Cookie Expiry||2 Years|
Marketing cookies are used by third-party advertisers or publishers to display personalized ads. They do this by tracking visitors across websites.
|Provider||Liidio Oy Ltd.|
|Purpose||Leadfeeder is a cloud-based tool that identifies website visitors and generates leads of visitors by interpreting Google Analytics data.|
|Provider||LinkedIn Ireland Unlimited Company|
|Purpose||LinkedIn is a web-based social network enabling maintenance of existing business contacts. The cookie from LinkedIn will be used for marketing purposes (retargeting).|
|Cookie Name||UserMatchHistory, bcookie, lang, lidc, lissc, bscookie|
|Purpose||3. Use of Google AdWords conversion tracking We use the online-advertising platform “Google AdWords” and its Google Conversion-Tracking service (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If you click on a Google-served ad, a Conversion-Tracking cookie is installed on your computer. These cookies expire after 30 days, contain no personal data and do not serve purposes of personal identification. If you visit specific pages on our website while this cookie has not yet expired, we and Google can recognize that you have clicked on an ad to have been transferred to this webpage. Each Google AdWords customer receives a different cookie, so that there is no way that cookies can be tracked via the websites of AdWords customers. The Conversion Cookie collects information in order to produce conversion statistics for AdWords customers that have opted to use Conversion Tracking. As an Adwords customer using a Conversion-Tracking tag, we can know the percentage of our website’s visitors who have clicked on an ad and were redirected to our webpage. However, we do not receive any information from Google that can personally identify a visitor. If you would like to opt out of tracking, you can restrict the installation of cookies by adjusting your relevant browser settings (deactivation option). Thereafter, you will not be recorded by the Conversion Tracking statistics.|
|Cookie Name||DSID, IDE|
|Cookie Expiry||1 Year|
|Purpose||Capterra code allows to measure campaign performance and match each Capterra conversion to the contact details that were submitted through the platform.|