About Us
Our Services
Contact


Privacy Policy

Preamble

The following privacy policy aims to inform you about the types of personal data (hereinafter referred to as "data") that we process, the purposes for which we process it, and the extent of this processing. This privacy policy applies to all instances of personal data processing conducted by us, whether within the scope of providing our services or, in particular, on our websites, mobile applications, and external online presences, such as our social media profiles (hereinafter collectively referred to as the "Online Offer").

The terms used are not gender-specific.

Effective Date: January 16, 2025

Table of Contents

  1. Preamble
  2. Data Controller
  3. Overview of Processing Activities
  4. Applicable Legal Bases
  5. International Data Transfers
  6. General Information on Data Retention and Deletion
  7. Data Subject Rights
  8. Business Services
  9. Use of Cookies
  10. Contact and Inquiry Management
  11. Web Analytics, Monitoring, and Optimization
  12. Changes and Updates
  13. Definitions

Data Controller

Resonant Insight
Württemberger Str. 21
72768 Reutlingen, Germany

Email: orkan.kara@resonant-insight.com

Overview of Processing Activities

The following overview summarizes the types of data we process, the purposes for which they are processed, and the data subjects affected.

Types of Processed Data

  • Master data
  • Payment data
  • Contact data
  • Content data
  • Contract data
  • Usage data
  • Metadata, communication, and procedural data

Categories of Data Subjects

  • Recipients of services and contracting parties
  • Prospective customers
  • Communication partners
  • Users
  • Business and contractual partners

Purposes of Processing

  • Provision of contractual services and fulfillment of contractual obligations
  • Communication
  • Audience measurement
  • Office and organizational procedures
  • Organizational and administrative procedures
  • Feedback
  • Profiles with user-related information
  • Provision of our Online Offer and user experience optimization
  • Business processes and economic operations

Applicable Legal Bases

Legal Bases under the GDPR
The following provides an overview of the legal bases under the GDPR on which we rely for the processing of personal data. Please note that national data protection regulations may also apply in addition to the GDPR in your or our country of residence. If specific legal bases are relevant in individual cases, we will inform you within the privacy policy.

  • Consent (Art. 6(1)(a) GDPR): The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Contractual Performance and Pre-contractual Requests (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the data subject's request prior to entering into a contract.
  • Legal Obligation (Art. 6(1)(c) GDPR): Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate Interests (Art. 6(1)(f) GDPR): Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

National Data Protection Regulations in Germany
In addition to the GDPR, national data protection laws in Germany also apply, particularly the Federal Data Protection Act (BDSG), which contains specific regulations concerning data subject rights, the processing of special categories of personal data, and more. Additionally, state-level data protection laws may apply.

Applicability of GDPR and Swiss Data Protection Act (DPA)
These privacy notices serve to provide information in compliance with both the Swiss DPA and the GDPR. The terminology used primarily aligns with GDPR for consistency. The legal definitions of terms under the Swiss DPA remain applicable within its jurisdiction.

International Data Transfers

If we process data in a third country (i.e., outside the European Union (EU) or European Economic Area (EEA)), this is conducted only in compliance with legal requirements. For example, this occurs based on an adequacy decision (Art. 45 GDPR), standard contractual clauses (Art. 46(2)(c) GDPR), or the data subject's consent (Art. 49(1) GDPR). Details about transfers to third countries and the underlying legal frameworks are provided in the specific sections of this policy.

Further information on adequacy decisions is available from the European Commission: EU Commission – DataProtection in International Contexts.

For certified entities under the EU-U.S. Data Privacy Framework (DPF), details are available here: U.S. Department ofCommerce – Data Privacy Framework.

General Information on Data Retention and Deletion

We delete personal data according to legal requirements when the purposes for processing are no longer applicable or consent has been withdrawn, provided no other legal basis for processing exists. Exceptions apply where legal obligations require longer retention.

Specific retention periods include:

  • 10 years: For documents such as annual financial statements and tax records (Section 147 AO, Section 257 HGB).
  • 6 years: For business correspondence and other documentation relevant to taxation.
  • 3 years: For records related to warranty and damage claims.

Further information on retention periods is provided in the context of specific processing activities.

- Processed Data Types: Meta-, communication-, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties).
- Affected Individuals: Users (e.g., website visitors, users of online services).
- Legal Basis: Legitimate interests (Art. 6(1)(1)(f) GDPR). Consent (Art. 6(1)(1)(a) GDPR).

Further Information on Processing Activities, Procedures, and Services:

Processing of Cookie Data Based on Consent:
We use a consent management solution to obtain users' consent for the use of cookies or the procedures and providers specified within the consent management solution. This process involves obtaining, recording, managing, and revoking consents, particularly concerning the use of cookies and similar technologies employed to store, read, and process information on users' devices. Within this framework, users' consents for the use of cookies and related data processing activities, including specific processes and providers named in the consent management solution, are obtained. Users can also manage and revoke their consents.

Consent declarations are stored to prevent repeated requests and to provide proof of consent as required by law. Storage is carried out either server-side, in a cookie (referred to as an "opt-in cookie"), or through comparable technologies to link consent to a specific user or device. Unless specific information regarding the providers of consent management services is provided, the following general details apply: Consent is stored for up to two years. A pseudonymous user identifier is created, which is stored along with the time of consent, details of the scope of consent (e.g., relevant categories of cookies and/or service providers), as well as information about the browser, system, and device used.
Legal Basis: Consent (Art. 6(1)(1)(a) GDPR).

Contact and Inquiry Management

When contacting us (e.g., via post, contact form, email, telephone, or social media) or within the context of existing user or business relationships, we process the information provided by the inquiring individuals to the extent necessary to respond to their inquiries or to fulfill any requested actions.

- Processed Data Types:
Basic data (e.g., full name, residential address, contact information, customer number, etc.); contact data (e.g., postal and email addresses or phone numbers); content data (e.g., textual or visual messages and contributions, along with related metadata such as author information or creation timestamps); usage data (e.g., page views and duration, click paths, usage intensity and frequency, types of devices and operating systems used, interactions with content and functions); meta-, communication-, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties).

- Affected Individuals: Communication partners.
- Purposes of Processing: Communication; organizational and administrative procedures; feedback collection (e.g., via online forms); providing our online offering and enhancing user experience.
- Retention and Deletion: Deletion in accordance with the section "General Information on Data Retention and Deletion."
- Legal Basis: Legitimate interests (Art. 6(1)(1)(f) GDPR); performance of contracts and pre-contractual inquiries (Art. 6(1)(1)(b) GDPR).

Additional Information on Processing Activities, Procedures, and Services:

Contact Form:
When contacting us via our contact form, email, or other communication methods, we process the personal data provided to address and manage the respective inquiry. Typically, this includes details such as names, contact information, and any additional information shared that is necessary for appropriate handling. These data are used exclusively for the specified purpose of communication and inquiry resolution.
Legal Basis: Performance of contracts and pre-contractual inquiries (Art. 6(1)(1)(b) GDPR); legitimate interests (Art. 6(1)(1)(f) GDPR).

Web Analytics, Monitoring, and Optimization

Web analytics (also referred to as “audience measurement”) serves to analyze visitor flows to our online offering. This may include evaluating behaviors, interests, or demographic information about visitors, such as age or gender, as pseudonymous data. Audience measurement helps us determine when our online offering or its features and content are most frequently used, and identify areas for improvement.

In addition to web analytics, we may use testing procedures to test and optimize different versions of our online offering or its components.

Unless otherwise stated, profiles (i.e., data combined into usage processes) may be created for these purposes, and information may be stored and retrieved on a user’s browser or device. Data collected may include visited websites, elements used, technical information (e.g., the browser used, operating system, and usage times), and location data, if users have consented to such data collection.

IP addresses are also stored; however, an IP masking process (pseudonymization by truncating the IP address) is used to protect users. Generally, no clear data (e.g., email addresses or names) is stored during web analytics, A/B testing, and optimization, but rather pseudonyms. Neither we nor the providers of the software used can identify the users' actual identities based on the pseudonymous profiles.

Legal Basis: If we request users' consent for the use of third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed based on our legitimate interests (i.e., efficient, economical, and user-friendly services). For more information, please refer to the section on cookie use in this Privacy Policy.

© Resonant Insight 2025, all rights reserved

Wir benötigen Ihre Zustimmung zum Laden der Übersetzungen

Wir nutzen einen Drittanbieter-Service, um den Inhalt der Website zu übersetzen, der möglicherweise Daten über Ihre Aktivitäten sammelt. Bitte überprüfen Sie die Details in der Datenschutzerklärung und akzeptieren Sie den Dienst, um die Übersetzungen zu sehen.

Datenschutzeinstellungen

Website-Übersetzer

Datenschutzeinstellungen

Mit diesen Einstellungen aktivieren oder deaktivieren Sie die Datenerfassung von Funktionalitäten die auf dieser Website eingesetzt werden.

Alle Dienste auswählen
Website-Übersetzer
Mehr
Einstellungen speichern