Privacy policy
Last update: 17.09.2024
1. General
1.1 What is personal data?
Personal data is information that discloses or may disclose the identity of the user. We adhere to the principle of data avoidance. The collection of personal data is avoided as far as possible.
1.2 Handling of personal data
Personal data is used exclusively for the establishment of the contract, content design, execution or processing of the contractual relationship (Art. 6 I p. 1 b GDPR).
In addition, personal data will only be processed if we have received your consent to do so (Art. 6 I p. 1 a GDPR) or if the processing of the data is necessary for our legitimate interests and if the balancing of interests shows that there are no overriding interests, fundamental rights or freedoms on your part (Art. 6 I p. 1 f GDPR).
We may use processors to process your personal data, with whom we have concluded a contract for order processing where necessary, but we will not pass on personal data to third parties beyond this.
In order to process payments, the payment data required for this purpose will be passed on to the credit institution commissioned with the payment and, if applicable, to the commissioned and selected payment service provider.
Your personal data is processed in the EU and in countries classified as safe or appropriate by the EU. If personal data is processed in the USA, care is taken to ensure that the services we use are certified under the "Data Privacy Framework".
1.3 Usage data
When you visit the website/app, general technical information is collected. This is the IP address used, time, duration of the visit, the browser type and the page of origin for our website and the device type for the app. For technical reasons, this usage data is registered in a log file and can be used and stored for the purpose of statistical analysis of this website/app. This usage data is not linked to your other personal data.
1.4 Registration data
Registration is required for full use of the functions of our website/app. The registration data is collected through your corresponding entries and used for the specifically stated purpose in accordance with your consent (Art. 6 I p. 1 a GDPR).
1.5 Access authorisations when using our app
When using Android, we require the following authorisations:
- WRITE_EXTERNAL_STORAGE
Change/delete data from external storage.
- READ_EXTERNAL_STORAGE
Read data from external storage.
The external memory contains the SD card and part of the phone's built-in memory.
When using iOS, you will be expressly requested to consent to the granting of certain rights so that you can decide directly there.
You can revoke this consent at any time by denying our app access to your data. You can also use our app without access to your data. However, this may impair its functionality.
1.6 Push Services
Our app also uses push services from the operating system manufacturers. After downloading the app, the mobile device registers with the corresponding push service of the platform (iOS - Apple Push Notification Service; Android - Google Cloud Messaging). The service then sends the registration ID (Android) or the token (iOS) to the registered device; the ID or token is sent by the app to the server and stored there in a database. If a push notification is to be sent, the server sends the desired message with the registration ID/token to the platform's push service, which forwards the push message to the respective devices.
We use push notifications to inform you about events within the app that may require your special attention or a reaction on your part.
Your consent is requested when the app is set up for the first time and/or later when an event occurs.
You can stop receiving push notifications if you do not use the app by explicitly logging out of the app. You can revoke your consent to receive push notifications via the operating system as follows:
- iOS/Settings/Stackfield/Notifications
- Android/Settings/Applications/Application manager/Stackfield/Notifications
1.7 Duration of storage
We only store your personal data after the end of the purpose for which the data was collected for as long as this is required by law (in particular tax law).
2. Your rights
2.1 Right to information
You can request information from us as to whether we process your personal data and, if this is the case, you have a right to information about this personal data and to the further information specified in Art. 15 GDPR.
2.2 Right to rectification
You have the right to rectification of inaccurate personal data concerning you and may request the completion of incomplete personal data in accordance with Art. 16 GDPR.
2.3 Right to deletion
You have the right to demand that we erase the personal data concerning you without undue delay. We are obliged to delete this data immediately, in particular if one of the following reasons applies:
- Your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing of your data was based and there is no other legal basis for the processing.
- Your data has been processed unlawfully.
The right to deletion does not exist if your personal data is required for the assertion, exercise or defence of our legal claims.
2.4 Right to restriction of processing
You have the right to demand that we restrict the processing of your personal data if:
- you contest the accuracy of the data and we therefore verify the accuracy,
- the processing is unlawful and you oppose the erasure of the data and request the restriction of their use instead,
- we no longer need the data, but you need it for the establishment, exercise or defence of legal claims,
- you have objected to the processing of your data and it is not yet certain whether our legitimate reasons outweigh your reasons.
2.5 Right to data portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from us, where the processing is based on consent or on a contract and the processing is carried out by automated means.
2.6 Right of withdrawal
If the processing of your personal data is based on consent, you have the right to withdraw this consent at any time.
2.7 General information and right to complain
The exercise of your above rights is generally free of charge for you. In the event of complaints, you have the right to contact the supervisory authority responsible for us, the state data protection officer.
3. Data security
3.1 Data security
All data on our website/app is protected by technical and organisational measures against loss, destruction, access, modification and dissemination. However, we accept no liability for the destruction of or damage to data.
3.2 Sessions und Cookies
To operate the website, we use cookies or server-side sessions in which data can be stored. We ensure that no personal data is transferred from sessions or through cookies without your express consent and that cookies are only used if this is technically necessary for the website (e.g. spam protection for the contact form, shopping basket function) and thus the consideration shows that there are no overriding interests on your part (Art. 6 I p. 1 f GDPR) or that you have given your express consent. With your express consent, we use cookies to personalise content and advertisements, to offer functions for social media and to analyse access to our website.
Below you will find the domain, name and duration of the cookies used only based on your consent:
Cookie |
Domain |
Description |
Duration |
ReferrerAff |
.stackfield.com |
Affiliate cookie of our internal partner program. |
6 months |
Adv |
.stackfield.com |
Internal Id of our links on the web to identify the source. |
6 months |
AdId |
.stackfield.com |
Id to track the origin source. |
6 months |
Fp |
.stackfield.com |
Id for unique user identification. |
6 months |
IsUser |
.stackfield.com |
Check whether the user already has an account with Stackfield. |
6 months |
SPage |
.stackfield.com |
Check which Stackfield start page was delivered first. |
6 months |
Stackfield GmbH does not use third-party cookies.
4. Newsletter
If you register for our newsletter, we will use the data required for this or separately provided by you to regularly send you our e-mail newsletter based on your consent in accordance with Art. 6 I p. 1 a GDPR.
Unsubscribing from the newsletter is possible at any time and can be done either by sending us a message via the contact options provided in the legal notice or via the link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.
5. Personalised offers / downloading of information material / booking of appointments
Your contact details (first name, surname, company name, business e-mail address) are collected when you download information material, such as white papers, and for making appointments. By confirming the privacy policy and using these offers, you consent to being contacted by our sales team and receiving offers and other marketing content. The legal basis for the processing of your personal data in this context is Article 6(1)(a) GDPR. You can revoke your consent to receive marketing content and to be contacted by our sales team in text form at any time with effect for the future.
6. Presence on external platforms
We use the following external platforms for company presentation and communication (explicit reference is made to the data protection declarations and opt-out options linked below).
- Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland)
Privacy policy: https://www.facebook.com/about/privacy/
Opt-Out: http://www.youronlinechoices.com
- X (Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland)
Privacy policy: https://twitter.com/de/privacy
Opt-Out: https://twitter.com/personalization
- Instagram (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland)
Privacy policy and Opt-Out: http://instagram.com/about/legal/privacy/.
- LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
Privacy policy: https://www.linkedin.com/legal/privacy-policy
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
- Kununu (NEW WORK AUSTRIA XING kununu onlyfy GmbH, Schottenring 2-6, A - 1010 Vienna, Austria)
Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung
- YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
Privacy policy: http://www.youtube.com/t/privacy/
- Xing (New Work SE, Am Strandkai 1, 20457 Hamburg, Deutschland)
Privacy policy and Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung
- OMR (Online Marketing Rockstars), ramp106 GmbH, Lagerstr. 36, 20357 Hamburg, Germany)
Privacy policy: https://omr.com/de/datenschutz
- Capterra Inc, (Capterra Inc, Lehrer-Wirth-Str. 2, 81829 Munich, Germany)
Privacy policy and Opt-Out: https://www.capterra.com.de/legal/privacy-policy
- Trusted GmbH (Trusted GmbH, Levelingstr. 21, 81673 Munich, Germany)
Privacy policy and Opt-Out: https://trusted.de/datenschutz
These platforms may process personal data outside the EU; in this respect, we refer you to the above data protection declarations of these platforms. The respective platforms may be able to create user profiles from your usage behaviour and the resulting interests and actions on your part and store cookies on your computer in which your usage behaviour is stored. If you have an account on the respective platform and are logged in, your usage behaviour can even be stored independently of your device. Your user profile can be used, for example, to place adverts that presumably correspond to your interest.
We process the personal data exclusively for communication with you via the platform you have selected and to optimise our platform and ensure that no interests on your part are affected that outweigh this legitimate interest on our part (Art. 6 I p. 1 f GDPR). If you have already given the respective platform operator effective consent to the corresponding data processing, your personal data will also be processed on the basis of this consent (Art. 6 I p. 1 a GDPR).
7. Third party services
7.1 Social media links and social-sharing
We have separate social media sites on third-party sites to be reached through links from this website / app. By using the links you can access the respective websites of the third party providers (for example Facebook, Twitter, Google+) and you can also share our contents. Once you have accessed the third-party site, you are in the area of responsibility of each third-party provider, including their privacy statements and their statements about your use of the data. We have no influence on this, but we recommend to avoid unnecessary data transfer before using a corresponding link by logging out yourself from the respective third party, so by the use of the link no tracking like creating user profiles can be created by the third party.
7.2 Inxmail
An interface to our contractual partner Inxmail (Inxmail GmbH, Wentzingerstr. 17, 79106 Freiburg, Germany) is established for sending any e-mails (autoresponders, system e-mails, etc.). Only your e-mail address is transferred to Inxmail and stored. Furthermore, according to its own information, Inxmail may use this data to optimise or improve its own services, e.g. to technically optimise the sending and presentation of emails. Inxmail does not use the data of our mail recipients to write to them itself or to pass it on to third parties. The balancing of interests therefore shows that there are no overriding interests on your part to the contrary (Art. 6 I p. 1 f GDPR). The provisions of Inxmail apply to the use of the service: https://www.inxmail.com/data-conditions
7.3 Edudip
We use edudip to organise our webinars, whereby the user data of the event participants is recorded and temporarily stored. Among other things, the data entered in the mandatory fields (e.g. first name, surname, email address), user information (e.g. display name, chat history, event data), technical data (e.g. IP addresses, hashed passwords) as well as voice and video data are collected and temporarily stored. The legal basis for the processing of your personal data in this context is your consent in accordance with Art. 6 I p. 1 a GDPR.
By registering for the webinar and confirming the privacy policy, you consent to being contacted by our sales team and to receiving offers and other marketing content. You can view edudip's privacy policy here: https://www.edudip.com/datenschutzerklaerung/
7.4 Bing Ads
We use technologies from Bing Ads (operated by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA) on our website. Microsoft places a cookie on your end device if you have reached our website via a Microsoft Bing advert. In this way, Microsoft and we can recognise that someone has clicked on an ad, has been redirected to our website and has reached a predetermined target page ("conversion site"). We only learn the total number of users who clicked on a Bing advert and were then forwarded to the conversion site. Microsoft collects, processes and uses information via the cookie, from which user profiles are created using pseudonyms.
These user profiles are used to analyse visitor behaviour and are used to display advertisements. No personal information about the identity of the user is processed. If you do not want information about your behaviour to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by Microsoft by declaring your objection at the following link https://choice.microsoft.com/de-DE/opt-out. Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on the Microsoft website: https://privacy.microsoft.com/de-de/privacystatement
7.5 Google Ads
We use the offer of Google Ads Conversion (operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to draw attention to our offers with the help of advertising material (so-called Google Ads) on external websites. These adverts are delivered by Google via so-called "ad servers". Ad server cookies are used for this purpose, which can be used to measure certain parameters for measuring success, such as the display of adverts or clicks by users. If you access our website via a Google advert, Google Ads will store a cookie on your end device. These cookies generally lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information are usually stored as analysis values for this cookie. If you visit our site as a result of such an advertisement and the cookie stored on your computer has not yet expired, Google and we can recognise that you have clicked on the advertisement and have been redirected to this page. A different cookie is assigned to each Ads customer. Cookies can therefore not be tracked via the websites of Ads customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical analyses from Google. These analyses allow us to recognise which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information. Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and can therefore only inform you that the integration of the above-mentioned service enables Google to assign the visit to our website to your Google account if you are registered there. It is also possible for Google to find out your IP address and store it, regardless of whether or not you have a user account. You can view Google's privacy policy here: http://www.google.com/intl/de/policies/privacy
7.6 Myra Security
Stackfield uses the services of Myra Security GmbH (DE), Landsberger Str. 187, 80687 Munich. The purpose is to improve the security and protection of Stackfield GmbH's infrastructure against cyber attacks. The service is essential for the technical security of our website. You can find more information about Myra Security on their data protection page: https://www.myrasecurity.com/en/privacy-policy/
7.7 DISQUS
We also use the DISQUS comment function (operated by DISQUS, Inc., 301 Howard Street, Suite 300, San Francisco, CA 94105, USA). DISQUS allows you to log in either via your own DISQUS account or via your Facebook, Twitter or Google Plus account. The data protection provisions and terms of use of these services apply to registration via the aforementioned social media services:
- Facebook-Account
(Facebook Inc. 1 Hacker Way, Menlo Park, CA 94304, USA)
Privacy policy: https://de-de.facebook.com/about/privacy
Terms of use: https://www.facebook.com/terms.php
- Google Plus-Account
(Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland)
Privacy policy: https://www.google.de/intl/de/policies/privacy/
Terms of use: https://www.google.de/intl/de/policies/terms/regional.html
- X-Account
(Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland)
Privacy policy: https://twitter.com/privacy
Terms of use: https://twitter.com/de/tos
When you register using these services, information about your use of the DISQUS functions is also collected and processed by these providers.
In addition to the above-mentioned functions, you can also comment as a guest to a limited extent. Your IP address and e-mail address, which you enter while commenting, will be transmitted to us by DISQUS. We need this information for the purpose of contacting you in connection with your use of DISQUS (e.g. in the event of queries about your comments).
You can view the DISQUS privacy policy here:
https://help.disqus.com/customer/portal/articles/466259-privacy-policy
The DISQUS terms of use can be found here:
https://help.disqus.com/customer/portal/articles/466260-terms-of-service
7.8 Calenso
Stackfield uses Calenso. The provider is Calenso AG, Neuenkirchstrasse 19, 6203 Sempach-Station, Switzerland, Europe (website: www.calenso.com).
We use Calenso to make appointments and group appointments bookable online. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
When booking an appointment, name, e-mail address and in some cases the telephone number are required. The information sent to us remains with us until you request us to delete it or until the purpose for which the data was stored no longer applies. Mandatory legal provisions - in particular retention periods - remain unaffected. If you prefer not to make appointments with us via Calenso, you can alternatively contact us by e-mail or telephone.
In addition, we have concluded a Data Processing Agreement (DPA) with Calenso. This ensures that Calenso will only use the user data in accordance with EU data protection standards for the sole purpose of processing the requests and will not pass them on to third parties.
For more information about Calenso and the data collected, please consult Calenso's privacy policy.
8. Contact
To contact us regarding data protection, you are welcome to use the following contact options. Controller within the meaning of the GDPR:
Stackfield GmbH
Maximiliansplatz 17
80333 München
represented by its managing director: Mr. Cristian Mudure
E-Mail: info@stackfield.com
Phone: +49 (0) 89 215 5058- 40
You are also welcome to contact our data protection officer:
Data protection officer:
Bitkom Servicegesellschaft mbH
E-Mail: datenschutz@stackfield.com