Privacy Policy Hexonet | HEXONET Skip to main.

Privacy Policy

Thank you for your interest in our website. The protection of your personal data (hereinafter referred to as “data”) is a major and very important concern for us. Below, we would like to inform you in detail about which data is collected during your visit to our website and your use of our offers there, and how we subsequently process or use this data.

Please note that this Privacy Policy may be updated from time to time due to the implementation of new technologies or legislative changes. We will notify you of these changes as appropriate, and we will, of course, duly take your interests into account when making changes.

Please also see our separate Domain Name Registration Privacy Policy regarding the processing of personal data for registration of domain names. The purpose of that policy is to inform you about how personal data is processed when a domain is registered.

If not stated otherwise, the following information apply to all domain names related to Hexonet.

A. General Information

1. Controller

The controllers are Key-Systems GmbH, Kaiserstraße 172-174, 66386 St. Ingbert, Germany, and CentralNic Group PLC, a company registered in England & Wales with Registration Number 08576358, Address: 4th Floor, Saddlers House, 44 Gutter Lane, London, EC2V 6BR. E-mail: [email protected].

Within the CentralNic group certain departments and tasks are shared between the individual group companies. The controllers shall jointly determine the purpose and means of processing. This is described below and in our Privacy Policy regarding the processing of personal data for registration of domain names. Hereinafter, the use of the name "CentralNic" refers to the joint controllers collectively, unless one or more entities are expressly mentioned. If you have any questions or claims regarding data protection, you can contact any group company mentioned in this privacy policy and our website.

2. Data Protection Officer

DPO Key-Systems GmbH c/o Rickert Rechtsanwaltsgesellschaft Colmantstraße 15, 53115 Bonn Deutschland E-Mail: [email protected]

If you have any questions or comments about this Privacy Policy or about data protection in general, please contact our data protection officer by e-mail at [email protected].

The Data Privacy Officer of CentralNic Group PLC can be contacted at Data Privacy Officer, CentralNic Group PLC, 4th Floor, Saddlers House, 44 Gutter Lane, London, EC2V 6BR or by e-mail at [email protected].

3. Your rights

You may assert the following rights free of charge against any person responsible for the processing of your personal data:

For the assertion of claims, please contact the controller or data protection officer (find contact details above). Should you wish to contact us by e-mail, please use an address used to access our system so that we can identify you.

You also have the right to lodge a complaint about the controller's processing of your personal data with a supervisory authority responsible for data protection.

In principle, we only process data when a legal basis is available. We specify the legal basis in the segments about data processing, but in general, we are permitted to process your personal data if one of the following conditions applies.

5. Retention Periods

The data processed by us will be erased or their processing will be restricted in compliance with the legal regulations. Unless expressly stated in the context of this Privacy Policy, we will erase data stored by us as soon as it is no longer required for their intended purpose. Data will only be retained beyond the time it is no longer needed for its intended purpose if this is necessary for other legally permissible purposes or if the data must be retained longer due to statutory retention obligations. In these cases, processing is restricted, i.e. blocked, and the data are not processed for other purposes. For example, a statutory retention obligation exists, due to documentation obligations under tax and corporate law.

6. Children

Our website is not intended for children under the age of 16.

7. Recipients of Data, Third-Country Transfers, Linked Third-Party Websites

We do use external service providers for the processing of your data and hereby want to inform you about the third parties and processors we transfer data to. We use various third-party services on our website. These have different purposes, which we will discuss in more detail in the individual descriptions. These services serve to make our website functional, secure, and visually appealing, as well as to optimise its content on an ongoing basis. In general, we transfer data to the following categories of recipients:

Billing service providers, print- and postal providers, insurances, telecommunications provider, insurance broker and subject matter experts for assessing and regulating of claims, public authorities, provided a justified request, credit institutions and payment service providers, external accountant, auditors, Host Providers and other service providers for this website, and legal counsel.

In the case of cross border transfer (transfer to a third country or to an international organisation) we do inform you separately about the recipient, and the correspondent legal basis. However, in the case that your data is transferred outside of the European Union either to Controllers or Processors, the transfer is justified by the Standard Contractual Clauses according to the Annex of the Commission Decision 2010/87/EU regarding the Directive 95/46/EC, or by other safeguards.

As far as processors are being used, they are bound by our instructions under data protection law. These service providers are our contractors and assist with processing of your personal data, for example, to provide this website. These contractors have been carefully selected and authorised and are regularly monitored. The authorisations are based on agreements for processing. The processors do not perform any independent processing for their own purposes.

Our website may contain links to third-party websites. If you follow a link to one of these websites, we point out to you that these offers have their own data protection policies and that we are not the controllers for the processing of your data on these websites. Please review each privacy policy before disclosing personal information to those controllers.

8. Data Security

We apply technical and organisational security measures to protect personal data that is collected, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorised persons. Our security measures are continuously improved in line with technological developments. To protect your data in transit we use encryption technologies (TLS).

9. Automated Decision Making

We do not use automated decision making, including profiling.

10. Data processing when you are based in the EU/EEA, EU-Representative

When you are based in the EU/EEA, we only process data when a legal basis is available as mentioned above. For EU/EEA related data processing, in general, the following legal bases shall apply to the processing of data under our responsibility.

Subject to the member states’ legal requirements, you may be entitled to assert the following rights: Right of access by the data subject, Article 15 GDPR, Right to rectification, Article 16 GDPR, Right to erasure (‘right to be forgotten’), Article 17 GDPR, Right to restriction of processing, Article 18 GDPR, Right to data portability, Article 20 GDPR, Right to object, Article 21 GDPR, Right to withdraw consent, Article 7 (3) GDPR, Right to lodge a complaint with a supervisory authority, Article 77 GDPR.

The EU-GDPR Representative of controllers not established in the EU can be reached at Key-Systems GmbH, Kaiserstraße 172-174, 66386 St. Ingbert, Germany, [email protected]. The Representative serves as a point of contact for data subjects on all issues related to the processing of personal data and for the purpose of ensuring compliance with the EU GDPR.

B. Collection and Processing of your Personal Data when using our Website

1. Technical Provision of the Website, Hosting

For the informational use of our website, you generally do not need to actively provide personal data. Each time you use the internet, your browser is transmitting certain information which we store in so-called log files, such as:

The temporary storage of the data is necessary for the course of a website visit to enable delivery of the website. Further storage of the log files takes place in order to ensure the functionality of the website and the security of the information technology systems (especially to prevent abusive attacks, so-called DDoS attacks). Unless otherwise specified, your IP address will be shortened as soon as possible so that it is no longer possible to identify you. The legal basis for the temporary storage is to provide you with our website for the fulfilment of a contract or to process operations necessary for the implementation of pre-contractual measures. The legal basis for further storage with a shortened IP address is our legitimate interest to protect our information technology systems. A personal evaluation of the data, in particular for marketing purposes, does not take place without prior consent.

To operate this website, we, the Key-Systems GmbH, Kaiserstraße 172-174, 66386 St. Ingbert, Germany, serve as a hosting provider ourselves to process meta and communication data of our website users, on our behalf and based on our legitimate interests in an efficient and secure provision of this website.

2. Security and Performance

Sentry

To ensure the technical stability of our service, we monitor it using the Sentry service (Functional Software Inc., 132 Hawthorne Street, San Francisco, California 94107, USA). Among other things, this allows code errors to be identified and then corrected. Sentry does not process data for advertising purposes or for the purpose of analysing your usage behaviour. Information on possible causes of errors is collected anonymously or anonymised immediately after collection.

The legal basis for the use of Sentry is our legitimate interests in a secure and user-friendly design of our services.

We have concluded a data processing agreement with Sentry, on the basis of which Sentry may only process and delete your personal data on our instruction.

In addition, we have concluded European standard contractual clauses with the provider, with which the provider has undertaken to comply with European data protection law for the services it provides. Furthermore, we have agreed with Sentry on the encryption of data during transmission and in the stored state as additional measures.

You can find further information at https://sentry.io/privacy/.

3. Other plugins and embedded third-party content

a. Google Fonts

This applies to: https://me.hexonet.net/, https://ca.hexonet.net/, https://shop.hexonet.net/, https://hexonet.domains/

This website uses Google Fonts of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google Fonts is an interactive register with over 800 fonts, that Google provides free of charge.

Google Fonts is an important tool, to keep the high quality of our website. With Google Fonts we can use fonts without having to upload them to our servers. These fonts are automatically optimised for the web and there save data traffic and result in quicker loading times.

Google Fonts supports all established browsers and works reliantly on most mobile devices. The legal basis is formed by our legitimate interests in the efficient and secure provision of the website.

Google Fonts does not set any cookies on your device. The data is requested via the google-domains fonts.googleapis.com and fonts.gstatic.com. According to Google, these requests are processed separately from other services Google provides. This includes your Google account, if you have one.

Google captures the usage of CSS (Cascading Style Sheets) as well as the fonts used and saves this data securely. Google stores CSS-requests for a day on their servers, which mostly are located outside of the EU. Insofar as Google Ireland Limited transfers personal data to the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google guarantees by means of standard contractual clauses to maintain the EU level of data protection. Google’s goal is to improve loading time of websites by caching the fonts once and then using them again on any other website that uses Google Fonts. Next to this data, every Google Fonts request also automatically transmits data like your IP-address, language settings, screen resolution, name, and version of your browser to the Google Servers. This is necessary to ensure a correct graphical display.

b. Font Awesome

This applies to: https://www.hexonet.net/

This website uses Font Awesome, to embed fonts and icons into the website to make our website more visually attractive. For this purpose we use the processor Fonticons, Inc. ,6 Porter Road Apartment 3R, Cambridge, MA 02140, USA. Further information on data protection can be found at https://fontawesome.com/privacy.

The legal basis is formed by our legitimate interests in the efficient and secure provision of the website. Font Awesome is an important tool, to keep the high quality of our website. With Font Awesome we can use fonts without having to upload them to our servers. These fonts are automatically optimised for the web and there save data traffic and result in quicker loading times.

Font Awesome supports all established browsers and works reliantly on most mobile devices.

Font Awesome does not set any cookies on your device.

Font Awesome guarantees by means of standard contractual clauses to maintain the EU level of data protection. Font Awesome’s goal is to improve loading time of websites by caching the fonts once and then using them again on any other website that uses Font Awesome. Next to this data, every Font Awesome request also automatically transmits data like your IP-address, language settings, screen resolution, name, and version of your browser to the Font Awesome Servers. This is necessary to ensure a correct graphical display.

4. Newsletter

We use your personal data to send you our newsletters and to inform you about news from our company, new services, new products, and events tailored to your interests. This includes information on current or future range of services and products as well as functions and events with participation of our company or group companies (e.g. trade fairs). To send you the newsletter, we need your e-mail address. The legal basis for the processing is your consent. We will use the personal data you provided during registration exclusively for sending our newsletter. After the registration of your e-mail address, you will receive an e-mail from us asking for you to confirm that you wish to receive the newsletter by clicking a link. If the confirmation by hyperlink is not given within a period of 7 days, your information will be blocked and deleted after a month. We are also entitled to keep your IP addresses, and times of registration and confirmation times to verify your registration and to appropriately clarify any possible misuse of your personal data.

We can analyse our newsletter campaigns. When you open an e-mail, a file contained in the e-mail (so-called web-beacon) connects to our newsletter-server. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. If you do not want any analysis, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

The legal basis for this is your consent and the necessity for compliance with a legal obligation to which we are subject. The legal basis for the transfer to a third country is as well your consent. Please note that the level of EU data protection cannot be guaranteed in the third country. In particular, effective legal remedies against official access to your personal data may not exist.

Your data will be processed in an electronic newsletter system for the duration of your subscription. For this purpose and for sending the newsletter, we use the processor "HubSpot" of the provider HubSpot Ireland Ltd, One Dockland Central, Guild Street, Dublin 1, Co. Dublin, Ireland (US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA), which processes the data on our behalf.

If personal data is transferred to the US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA, HubSpot guarantees by means of standard contractual clauses plus UK Data Transfer Addendum to maintain EU and UK data protection level. For more information, please visit https://legal.hubspot.com/security. For more information about HubSpot's privacy policy, please visit https://legal.hubspot.com/privacy-policy.

Since we base our processing on your consent, this means that you have the right to withdraw your consent at any time or to object to the processing of your personal data for the purpose of sending the newsletter. If you do so, we will immediately remove you from our newsletter distribution list to comply with your request. You can withdraw your consent at any time by sending an e-mail to our data protection officer or by following the instructions at the end of a promotional/newsletter e-mail. If you send us an e-mail, please let us know what your withdrawal should refer to so that we can assign your request.

5. Commercial Services

a. Account Registration

You may register a customer account. Registration of domain names is only possible if you have a registered account. You will need to provide some personal data during the registration process, which is marked with "mandatory field". These are generally the following categories of data:

Contact Name (First Name, Last Name), Address, City, Zip Code, Country, State, Phone number, E-Mail address If you are registering an account as a company, we furthermore collect the following data:

Company/Organisation, Legal representative (CEO) We will use this data for identification of customers and to administer your account. Additionally, the data will be used to pre-fill your domain name registration forms when you register an account. The legal basis for the data processing is the necessity to process personal data for the fulfilment of a contract or to process operations necessary for the implementation of pre-contractual measures.

Additionally, you may voluntarily provide further categories of data. This data will be processed for our legitimate interest of additional verification and quicker communication.

Furthermore, you will choose a User-ID and a password to log into your account. Please make sure that no unauthorised person gets access to the log-in credentials for your account.

A registered account is necessary to register domain names. For the processing of your personal data for domain name registrations, please refer to our Domain Name Registration Privacy Policy.

b. Payment

We use various payment methods from third party payment providers. If you choose one of these payment methods, your payment data will be forwarded to the respective payment service provider for payment processing. These third-party providers process your personal data as an independent controller according to their privacy terms. The transfer is based on the fulfilment of the contract and on our legitimate interests in secure payment processing and fraud prevention.

Please refer to the Terms and Conditions, Terms of Use and Privacy Policy of the respective payment provider.

When selecting the payment methods purchase on account and instalment purchase, in particular the following personal data is processed by us or our payment service provider as a controller for the purpose of payment processing and in this context for identity and credit checks:

In the event that the payment method "purchase on account" or "instalment purchase" is selected, we or our payment service provider may process personal data and information about the user's previous payment history as well as probability values for the user's payment history in the future (so-called scoring) in order to decide whether the payment method can be offered to the user. The scoring is calculated on the basis of scientifically recognised mathematical-statistical methods.

c. Direct Marketing

We have a legitimate interest (direct advertising) in advertising customers (persons with whom we have had a business relationship) by e-mail or post. In particular, we may send you news about our company or group companies, information on events and invitations to review our services and products.

For this purpose and for sending the newsletter, we use the processor “HubSpot“ HubSpot Ireland Ltd, One Dockland Central, Guild Street, Dublin 1, Co. Dublin, Ireland (US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA), which processes data on our instructions.

If personal data is transferred to the US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA, HubSpot guarantees by means of standard contractual clauses plus UK Data Transfer Addendum to maintain EU and UK data protection level. For more information, please visit https://legal.hubspot.com/security. For more information about HubSpot's privacy policy, please visit https://legal.hubspot.com/privacy-policy.

To send you advertising by post, we use a post service partner.

You can object to the sending of advertising at any time by sending an e-mail to our data protection officer or by following the instructions at the end of a promotional e-mail. If possible, please send your e-mail from the same e-mail address you used for registration, so that we can assign you more easily.

d. Domain Query (Whois)

We offer the possibility to obtain information about certain owner data of already registered domain names. In the event of a search query, the data you enter into the search field and the categories of data listed under “log files” are processed. The legal basis for the processing is the necessity to process personal data for the fulfilment of a contract or to process operations necessary for the implementation of pre-contractual measures in connection with the domain guidelines. Search requests are deleted no later than seven days after the request.

6. Contact, CRM

You can contact us by e-mail, telephone, fax and via our contact forms to request a quote or to conduct other correspondence. In order to process your request, we process names, e-mail addresses, possibly the names of your company, position, mandatory information, which are absolutely necessary to create an offer. The processing of your data in the context of contact made by e-mail, a contact form or by telephone takes place on the basis of our legitimate interest to provide a good customer service or is necessary to fulfil a contract or to process operations necessary for the implementation of pre-contractual measures insofar as the contacts are related to contractual performance obligations such as the request of a dispute entry.

Contacting us for abuse and complaint messages requires users to log into their account. In addition, the categories of data listed in “log files” are processed. If you want to request a dispute entry, we also need your further contact details (last name, first name, address, name of the company) as well as a description of your request, stating the domain in question. We will delete your contact requests immediately after processing unless statutory retention periods require continued retention. After answering your inquiry, we will archive your request immediately. Access is only possible to a very limited extent. Solely informative inquiries, i.e. which do not result in a contract or do not contain any other content that needs to be retained, will be deleted at the end of the year in which the request was made. See "Retention periods" for more information.

We use a ticket management system to process customer claims and inquiries by e-mail and via the contact forms. The legal basis for the processing is our legitimate interest in the efficient processing of requests.

When you use our contact form, we also process data about your location (country and city based on IP address), data obtained from our tracking system, and data about the browser and device used. We use the "HubSpot" service of the provider HubSpot Ireland Ltd, One Dockland Central, Guild Street, Dublin 1, Co. Dublin, Ireland (US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA) as part of the contact form. For this purpose, we have concluded a data processing agreement with HubSpot, in which HubSpot undertakes to process data only in accordance with our instructions. We process your data based on our legitimate interests (efficient processing of requests). As soon as the contact form is filled out, this information is linked to HubSpot's tracking information if you have consented to this in the cookie settings at the outset. If the email address filled in the form can be linked to an existing contact, we can identify you as an existing contact. The legal basis is your consent, which can be given when you first visit the website. You can withdraw your consent at any time with effect for the future via the cookie settings.

Insofar as personal data is transferred to the US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA, HubSpot guarantees by means of standard contractual clauses plus UK Data Transfer Addendum to maintain EU and UK data protection level. For more information, please visit https://legal.hubspot.com/security. For more information about HubSpot's privacy policy, please visit https://legal.hubspot.com/privacy-policy. Your inquiry and your contact data may be stored in a customer relationship management system ("CRM system") if a business relationship exists or if a business initiation can be expected on the basis of prior communication. We use the CRM system "HubSpot" of the provider HubSpot Ireland Ltd, One Dockland Central, Guild Street, Dublin 1, Co. Dublin, Ireland (US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA). For this purpose, we have concluded a data processing agreement with HubSpot, in which HubSpot undertakes to process user data only in accordance with our instructions. We process your data based on our legitimate economic interests in being able to systematically manage customer and potential customer contact data. In the case of personal data in the CRM system, a check is made after two years at the end of the respective calendar year to determine whether further storage is necessary. If there is no need to do so or if there are no further legal retention obligations, the data will be deleted. If personal data is transferred to the US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA, HubSpot guarantees by means of standard contractual clauses plus UK Data Transfer Addendum to maintain EU and UK data protection level. For more information, please visit https://legal.hubspot.com/security. For more information about HubSpot's privacy policy, please visit https://legal.hubspot.com/privacy-policy.

7. Applications

This applies to: https://www.hexonet.net/, https://hexonet.jobs/

When you apply for a job with us, we process your personal data in accordance with the information below.

a. Controller

Our company is part of the CentralNic group of companies. In this group, certain departments and tasks are shared between different companies in the group. Among other things, this concerns personnel administration. In some cases, a job that is advertised here is also related to other companies in the group. In these cases, the companies named in the application process and CentralNic Group PLC are joint controllers within the meaning of Article 4 No. 7, Article 26 GDPR.

All companies mentioned comply with the requirements of the GDPR. If you have any questions or claims regarding data protection, you can contact any company listed here and in the respective job advertisement.

Insofar as you apply to us via a third-party site (job portal), the data protection provisions of the controller for these sites apply to the processing taking place on these sites.

b. Information on the application process

We process your application data in order to be able to assess whether you have the aptitude, qualifications and professional performance for the position for which you are applying. For us, the legal requirements for the selection process result in particular from labour law and anti-discrimination laws. The legal basis for processing within the scope of the selection procedure for the establishment of an employee or trainee relationship is Article 88, Article 6 (1) (b), GDPR in conjunction with § 26 (1) Bundesdatenschutzgesetz (BDSG).

If your application documents contain special categories of personal data, e.g. information on health, religious conviction or ethnic origin, we also base our processing on Article 9 (2) (b), Article 88 GDPR, § 26 (3) BDSG due to our legal obligations. Furthermore, we also process your information on the basis of Article 9 (2) (h) GDPR, § 26 (3) BDSG in order to be able to take occupational health and preventive health measures, if necessary.

In the application process, we will use all the information you provide to progress your application and to check whether we can offer you a job with us. We also have to comply with our legal obligations as an employer. The provision of the personal data is necessary for the lawfulness of the selection process to be carried out. Failure to include relevant personal data in the application documents may result in your not being considered for the vacant position.

We will only use your contact details to contact you and inform you about the progress of the application procedure. We will only use other information contained in the application documents to determine your suitability for the vacant position.

c. Storage Duration, Applicant Database/Talent Pool

Your personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If an employment relationship, training relationship, internship or other employment status is established following the application process, the data will initially be stored and transferred to the personnel file. Otherwise, the application process ends for you at the time you receive a rejection. This also applies to unsolicited applications.

In this case, your personal data will be deleted six months after receiving the rejection, unless a longer storage duration is necessary for the defence of legal claims. The defence or enforcement of legal claims is also our legitimate interest within the meaning of Article 6 (1) (f) GDPR.

We will inform you separately about the storage duration of your personal data if an employment relationship is established.

If you wish us to include you in a subsequent recruitment process, after your application has been rejected, we will store your application documents based on your consent, Article 6 (1) (a), Article 7 GDPR, § 26 (2) BDSG. In this case, we will obtain your consent separately. As described in the case of an initial application, your application documents will be stored until the next recruitment process and destroyed six months after receiving the rejection, unless a longer storage duration is necessary for the defence of legal claims.

d. Recipients of Data

In some cases, we use external service providers for the processing of your data, which are bound to our instructions as processors according to Article 28 GDPR. They assist us as contractors in the processing of your personal data. The contractors have been carefully selected and commissioned by us and are monitored regularly. The assignments are based on data processing agreements in accordance with Article 28 GDPR. An independent processing by the processors for their own purposes is not carried out.

Recipients are our e-mail service providers and the provider of a cloud-based system for receiving and managing applications and implementing an effective role and authorisation concept. In the event of a successful application, your data furthermore will be processed by using a cloud-based personnel management system.

In addition, your personal data may be disclosed to other group companies if there is a legitimate interest within the meaning of Article 6 (1) (f) GDPR based on the job description. This is usually the case if the employment relationship is likely to have a high group relevance due to group-wide cooperation.

8. Social-Media

Unless otherwise stated, we process your data on the basis of our legitimate interests in order to improve content and to make it more convenient for you to use. The purposes described coincide with our legitimate interests. If cookies are used in connection with the embedding of social media content, this is done on the basis of your consent.

This applies to: https://www.hexonet.net/

Our website integrates links to our presences on different social media sites. This is done via a linked graphic of the respective site. This prevents an automatic transfer of data to the site. A transfer will only take place when you click the link ad, being forwarded to the respective site. The respective site will then collect information whereby the data might be processed in the USA.

The collected data includes your IP-address, time, and date and from where you clicked the link. If you are logged into your social media account of the respective site, the site operator might assign the data to your account. You can prevent this by logging out on your social media account. The following social networks are integrated into our site by linked graphics:

Facebook

Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.

Privacy Policy: https://www.facebook.com/policy.php

Twitter

Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.

Privacy Policy: https://twitter.com/privacy

LinkedIn

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

Privacy Policy: https://www.linkedin.com/legal/privacy-policy

Instagram

Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.

Instagram-Data Security Policy: https://help.instagram.com/519522125107875

b. YouTube

This applies to: https://me.hexonet.net/, https://ca.hexonet.net/, https://shop.hexonet.net/

This website uses YouTube, a service of the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to embed videos.

The embedding improves our online presence by enabling us to provide you with information about our company and products in an easily accessible way.

By integrating the YouTube plugin, information about the use of this website including your IP-address is collected and send to a google server located in the United States. If you are logged into your YouTube or Google account, this data will be assigned to it. Otherwise, it will be assigned to a separate Ad-ID.

We use YouTube in its advanced privacy mode. According to YouTube, this means that data will only be transferred to YouTube servers when you start the video.

Insofar as Google Ireland Limited transfers personal data to the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google guarantees by means of standard contractual clauses to maintain the EU level of data protection.

The legal basis is your consent. Upon the first visit to our website, we ask for your consent. Consent may be withdrawn at any time. This can be done here (link to Cookie-Settings of the website) or by deleting the cookies in your browser.

YouTube permanently stores cookies on your device. If you do not agree to this processing, you have the option of preventing the installation of cookies in the settings in your browser.

Further information about purpose and extent of processing and the storage time can be found at https://policies.google.com/privacy.

c. Twitter Buttons

This applies to: https://www.hexonet.net/

Buttons of the Twitter platform are embedded on our website (provider Europe: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland). If you call up a page of our website that contains such a button, a direct connection between your browser and the Twitter server is only established when you click on the button.

Twitter thereby receives the information that you have visited our site with your IP address. If you click the button while you are logged into your Twitter account, you can link the content of our pages on your Twitter profile. This enables Twitter to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.

If you do not wish Twitter to be able to associate your visit to our pages, please log out of your Twitter account. You can find more information on this in Twitter's privacy policy at https://twitter.com/de/privacy.

d. Facebook Buttons

This applies to: https://www.hexonet.net/

Buttons from Facebook are integrated on our website (provider Europe: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland). If you call up a page of our website that contains such a button, your browser only establishes a direct connection with the Facebook servers when you click on the button.

This provides Facebook with your IP address and information about your browser and operating system. If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. When you click the button, the corresponding information is also transmitted directly to a Facebook server and stored there. Depending on your privacy settings, this information is published on Facebook. Facebook may process this information for the purposes of advertising, market research and the needs-based design of Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, please log out of Facebook before visiting our website. Information on Facebook's data protection can be found at https://www.facebook.com/about/privacy/.

e. LinkedIn Buttons

This applies to: https://www.hexonet.net/

Buttons of the LinkedIn platform are embedded on our website (provider Europe: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). If you call up a page of our website that contains such a button, a direct connection between your browser and the LinkedIn server is only established when you click on the button.

LinkedIn thereby receives the information that you have visited our site with your IP address. If you click the button while you are logged into your LinkedIn account, you can link the content of our pages on your LinkedIn profile. This enables LinkedIn to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.

If you do not wish LinkedIn to be able to associate your visit to our pages, please log out of your LinkedIn account. You can find more information on this in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy.

C. Statistics, Web-Analytics, Advertising based on Tracking and Retargeting – Use of Cookies

In some cases, we or our partners use cookies or process your data in such a way that your consent is required. Cookies are small text files that can be stored on your device when you visit our website. Tracking is possible using various technologies like the pixel technology or log file analysis. Consent is given via the so-called cookie banner, which must be actively clicked. Our cookie policy explains how you can disable individual functions to which you have consented. There you will find information on when cookies expire, how to delete cookies and how to withdraw your consent.

Unless otherwise stated, the processing described in this section is based on your consent. Learn more about how to withdraw your consent in our cookie policy. Our cookie policy is linked in the footer of our website.

1. Web-Analytics, Statistics

To determine which content from our website is most interesting for you we continuously measure the number of visitors and the most viewed content. Therefore, we process your personal data

a. Google Analytics

This website uses Google Analytics of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyse the usage of our web services. The collected data is used to optimise our website and our advertising effort.

Google Analytics is a web-analysing-service provided by Google. Google processed this data on our behalf and is contractually bound to implicate measures to ensure the integrity and confidentiality of the data.

Upon visiting our website, the following data is processed:

The legal basis is your consent. Upon the first visit to our website, we ask for your consent. Consent may be withdrawn at any time. This can be done here (link to Cookie-Settings of the website) or by deleting the cookies in your browser. Another possibility is the browser addon provided by google, which deactivates Google Analytics. You can download it here: https://tools.google.com/dlpage/gaoptout?hl=dehttps://tools.google.com/dlpage/gaoptout?hl=de

Insofar as Google Ireland Limited transfers personal data to the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google guarantees by means of standard contractual clauses to maintain the EU level of data protection.

Google Analytics sets cookies in your browser for the duration of two years from your last visit. These cookies contain a randomly generated User-ID, with which you can be recognised upon your next visit. The recorded data is stored in combination with the randomly generated User-ID, which makes an analysis of pseudonymised user profiles possible. This data will be automatically deleted after 14 months. Other data is stored in aggregated form indefinitely.

b. Google Tag Manager

This applies to: https://me.hexonet.net/, https://ca.hexonet.net/, https://shop.hexonet.net/, https://hexonet.domains/

Together with Google Analytics we use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The Tag Manager allows us to place and administrate small code elements called “tags” via an interface. The tool itself does not process any personal data itself. Google Tag Manager enables the activation of tags, which allows other services to collect data, but does not access the data itself.

Further information about the Google Tag Manager can be found here: https://www.google.com/intl/de/tagmanager/faq.html

c. Hotjar

This applies to: https://www.hexonet.net/

This website uses Hotjar (Service Provider: Hotjar Ltd, St Julians Business Centre, Elia Zammit Street 3, St Julians STJ 3155, Malta, Europa), to better understand our users’ needs and to optimise this service and experience.

Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback.

Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymised user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.

The legal basis is your consent. Upon the first visit to our website, we ask for your consent. Consent may be withdrawn at any time. This can be done here (link to Cookie-Settings of the website) or by deleting the cookies in your browser.

According to Hotjar, the data will only be retained for as long as is necessary for the purpose(s) for which we originally collected it or as required by law. Hotjar is contractually forbidden to sell any of the data collected on our behalf.

For further details, please see https://www.hotjar.com/legal/policies/privacy/.

d. HubSpot

We use the HubSpot service of the provider HubSpot Ireland Ltd, One Dockland Central, Guild Street, Dublin 1, Co. Dublin, Ireland (US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA) on this website to analyze the use of our website and for tracking/marketing measures/usage behavior in order to provide you with advertising that really interests you. For analysis purposes and as part of the optimization of our marketing measures, the following data may be collected and processed via HubSpot:

For the purpose of web analysis, so-called "web beacons" are used and also "cookies" are set, which are stored on your computer and enable an analysis of your use of the website by us. For more information about Hubspot's use of cookies, please visit https://knowledge.hubspot.com/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser.

The legal basis for the processing is your consent, which can be withdrawn at any time with effect for the future, which you have given via the cookie settings. You can withdraw your consent at any time with effect for the future via the cookie settings.
Insofar as personal data is transferred to the US parent company HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA, HubSpot guarantees by means of standard contractual clauses plus UK Data Transfer Addendum to maintain EU and UK data protection level. For more information, please visit https://legal.hubspot.com/security. For more information about HubSpot's privacy policy, please visit https://legal.hubspot.com/privacy-policy.

2. Advertising based on Tracking and Retargeting

We would like to show you - also on the websites of our advertising partners - only advertising that really interests you. Therefore, we use the technologies of so-called tracking and retargeting on our website for advertising that is tailored to your interests. Cookies are usually used for this purpose, but other technologies such as so-called "fingerprinting" are also used in some cases. The cookies temporarily stored for this purpose enable our retargeting partners to recognise visitors to our website under a pseudonym and to display only products that are likely to interest you. Fingerprinting recognizes your device based on your computer hardware, software, add-ons and browser settings. Unless otherwise stated, the processing described in this section is based on your consent. Learn more about how to withdraw your consent in our cookie policy. There you will find information on when cookies expire and how to delete cookies. Our cookie policy is linked in the footer of our website.

In detail, we use the data collected for statistical and advertising purposes

Unless otherwise stated, we use the following services as processors and contractually oblige them to process data only on our behalf.

a. Google DoubleClick

This applies to: https://me.hexonet.net/, https://ca.hexonet.net/, https://shop.hexonet.net/

DoubleClick by Google ("DoubleClick") is a service by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). DoubleClick uses cookies to display most relevant advertisements. Google keeps track of the advertisements you have seen and which of them you have actually viewed. Using the DoubleClick cookies allows Google and its advertising network to serve advertisements based on your previous web page visits (or even apps). Google will transmit information generated by the cookies to a Google server for analysis and storage. You can prevent cookies from being saved by setting your browser software accordingly.

For more detailed information on the terms and conditions of use and data protection, please visit: https://www.google.com/analytics/terms/de.html or https://www.google.com/intl/de/analytics/privacyoverview.html.

b. Facebook Pixel

This applies to: https://www.hexonet.net/

Facebook Pixel is a service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The service enables us to determine target groups for advertisements on Facebook, so-called "Facebook Ads", based on website visits and surfing behaviour. We also use this pixel to measure the effectiveness of online marketing measures. In this way, we can track the actions of users after they have seen a Facebook Ad and/or clicked and then placed an order. When you visit a website, the pixel is integrated directly by Facebook and can store a cookie on your device. If you subsequently log in to Facebook or are already logged in to Facebook, your visit to this site will be logged in your profile. The collected user data is anonymous for us and therefore does not allow us to draw any conclusions about your identity. However, this data is stored and processed by Facebook so that it is possible to draw conclusions about the respective user profile. Data processing by Facebook is carried out according to the Facebook data usage guidelines. For this purpose, we have concluded a joint controller arrangement with Facebook. For more information about Facebook's data processing, please visit: https://www.facebook.com/about/privacy/.