en
en

Privacy Policy

Preamble

With the following Privacy Policy, we would like to inform you about the types of your personal data (hereinafter also briefly referred to as "data") we process, for what purposes, and to what extent. This Privacy Policy applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offering").

The terms used are not gender-specific.

Status: July 4, 2025

Table of Contents

  • Preamble

  • Controller

  • Overview of Processing Activities

  • Relevant Legal Bases

  • Security Measures

  • Transfer of Personal Data

  • International Data Transfers

  • General Information on Data Storage and Deletion

  • Use of Cookies

  • Rights of Data Subjects

  • Contact via Email or Phone

  • Provision of the Online Offering and Web Hosting

  • Presences on Social Networks (Social Media)

  • Amendments and Updates

  • Definitions of Terms

Controller

Claas Bojan Haase UniteMinds GmbH Tannenweg 1 21339 Lüneburg Email address: info@uniteminds.de

Overview of Processing Activities

The following overview summarizes the types of data processed and the purposes of their processing, and refers to the data subjects.

Types of Processed Data

  • Contact data.

  • Content data.

  • Usage data.

  • Meta, communication, and procedural data.

  • Log data.

Categories of Data Subjects

  • Users.

Purposes of Processing

  • Communication.

  • Security measures.

  • Feedback.

  • Provision of our online offering and user-friendliness.

  • Information technology infrastructure.

  • Public relations.

Relevant Legal Bases

Relevant Legal Bases under the GDPR: Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the GDPR regulations, national data protection provisions in your or our country of residence or registered office may apply. Furthermore, if more specific legal bases are relevant in individual cases, we will inform you about them in the privacy policy.

  • Legitimate Interests (Art. 6 (1) sentence 1 lit. f) GDPR) - the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

  • National Data Protection Regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany. This includes, in particular, the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The BDSG contains special provisions on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes, and transfer and automated decision-making in individual cases, including profiling. Furthermore, state data protection laws of the individual federal states may apply.

  • Applicability of Data Protection Provisions in the Country of Registered Office: In the country where the controller has its registered office, national data protection regulations also apply in addition to the General Data Protection Regulation (GDPR).

Security Measures

In accordance with legal requirements and taking into account the state of the art, implementation costs, and the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access, input, disclosure, ensuring availability, and their separation. Furthermore, we have established procedures that ensure the exercise of data subjects' rights, the deletion of data, and responses to data endangerment. We also consider the protection of personal data already during the development or selection of hardware, software, and procedures, in accordance with the principle of data protection by design and by default.

Securing Online Connections with TLS/SSL Encryption Technology (HTTPS): To protect user data transmitted via our online services from unauthorized access, we use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt information transferred between the website or app and the user's browser (or between two servers), thereby protecting the data from unauthorized access. TLS, as the more advanced and secure version of SSL, ensures that all data transmissions comply with the highest security standards. When a website is secured by an SSL/TLS certificate, this is signaled by the display of HTTPS in the URL. This serves as an indicator for users that their data is being transmitted securely and encrypted.

Transfer of Personal Data

In the course of our processing of personal data, it may happen that data is transferred to or disclosed to other entities, companies, legally independent organizational units, or persons. Recipients of this data may include, for example, service providers entrusted with IT tasks or providers of services and content integrated into a website. This includes, among others, the domain provider IONOS SE and the content delivery network service provider Cloudflare Inc. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.

International Data Transfers

Data Processing in Third Countries: If we transfer data to a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosing or transferring data to other persons, entities, or companies (which is recognizable by the postal address of the respective provider or if the privacy policy explicitly refers to data transfer to third countries), this always takes place in accordance with legal requirements.

For data transfers to the USA, we primarily rely on the Data Privacy Framework (DPF), which was recognized as a secure legal framework by an adequacy decision of the EU Commission on July 10, 2023. Additionally, we have concluded Standard Contractual Clauses with the respective providers, which comply with the requirements of the EU Commission and establish contractual obligations for the protection of your data.

This dual protection ensures comprehensive protection of your data: the DPF forms the primary layer of protection, while the Standard Contractual Clauses serve as additional security. Should changes occur within the DPF, the Standard Contractual Clauses will act as a reliable fallback option. This ensures that your data remains adequately protected even in the event of political or legal changes.

For individual service providers, we will inform you whether they are DPF certified and whether Standard Contractual Clauses are in place. Further information on the DPF and a list of certified companies can be found on the U.S. Department of Commerce website at https://www.dataprivacyframework.gov/ (in English).

For data transfers to other third countries, corresponding security measures apply, in particular Standard Contractual Clauses, explicit consents, or legally required transfers. Information on third-country transfers and applicable adequacy decisions can be found in the information provided by the EU Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=de.

  • Cloudflare Inc. (101 Townsend St, San Francisco, CA 94107, USA) is a service provider we use as part of a Content Delivery Network (CDN) for security and performance optimization. When you access our website, connection data such as your IP address is processed. Cloudflare is certified under the EU-U.S. Data Privacy Framework (DPF). Privacy Policy: https://www.cloudflare.com/privacypolicy/

  • IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, manages the domain of this website. In the context of DNS and domain administration, access data (e.g., IP addresses in the context of DNS requests) may be processed. Privacy Policy: https://www.ionos.de/terms-gtc/datenschutzerklaerung/

  • We use the services of HOSTINGER operations, UAB Švitrigailos str. 34, Vilnius 03230 Lithuania for the purpose of hosting and displaying the website. All data processed during the use of this website will be processed on Hostinger's servers, insofar as this is necessary for the operation and display of the website. This may include, in particular, IP addresses, meta and communication data, website access, and other data submitted via a contact form. The use of Hostinger is based on Art. 6 (1) lit. f) GDPR. Our legitimate interest lies in the secure and efficient provision of our online offering. Insofar as corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 (1) lit. a) GDPR; consent can be revoked at any time.

General Information on Data Storage and Deletion

We delete personal data that we process in accordance with legal provisions as soon as the underlying consents are revoked or no further legal bases for processing exist. This applies to cases where the original purpose of processing ceases to apply or the data is no longer required. Exceptions to this rule exist if legal obligations or special interests require longer retention or archiving of the data.

In particular, data that must be retained for commercial or tax reasons, or whose storage is necessary for legal prosecution or to protect the rights of other natural or legal persons, must be archived accordingly.

Our privacy notices contain additional information on the retention and deletion of data that specifically apply to certain processing procedures.

If there are multiple specifications for the retention period or deletion periods of data, the longest period always applies.

If a period does not explicitly begin on a specific date and is at least one year, it automatically starts at the end of the calendar year in which the event triggering the period occurred. In the case of ongoing contractual relationships in which data is stored, the event triggering the period is the effective date of termination or other termination of the legal relationship.

Data that is no longer required for its original purpose but is retained due to legal requirements or other reasons will be processed exclusively for the reasons justifying its retention.

Further information on processing processes, procedures, and services:

Data Retention and Deletion: The following general periods apply to retention and archiving under German law:

  • 10 years - Retention period for books and records, annual financial statements, inventories, management reports, opening balance sheets, and the work instructions and other organizational documents required for their understanding (§ 147 (1) No. 1 i.V.m. (3) AO, § 14b (1) UStG, § 257 (1) No. 1 i.V.m. (4) HGB).

  • 8 years - Accounting vouchers, such as invoices and expense receipts (§ 147 (1) No. 4 and 4a i.V.m. (3) sentence 1 AO and § 257 (1) No. 4 i.V.m. (4) HGB).

  • 6 years - Other business documents: received commercial or business letters, reproductions of sent commercial or business letters, other documents insofar as they are relevant for taxation, e.g., hourly wage slips, cost accounting sheets, calculation documents, price markings, but also payroll documents, insofar as they are not already accounting vouchers, and cash register strips (§ 147 (1) No. 2, 3, 5 i.V.m. (3) AO, § 257 (1) No. 2 and 3 i.V.m. (4) HGB).

  • 3 years - Data necessary to consider potential warranty and damage claims or similar contractual claims and rights, as well as to process related inquiries, based on previous business experience and common industry practices, will be stored for the duration of the regular statutory limitation period of three years (§§ 195, 199 BGB).

Use of Cookies

Cookies are small text files or similar types of storage markers that store and retrieve information on end devices. They are used to manage various aspects of our online offerings, such as login status, shopping cart contents, accessed content, or used features. Additionally, cookies contribute to the functionality, security, and user-friendliness of our website and allow us to analyze visitor flows.

Cookies We Use

Name: gclau
Storage duration: 1 week
Purpose: Used by Google Adsense to store and track conversions.
Controller: Google Ireland Limited, Dublin, Ireland

Name: __cf_bm
Storage duration: approx. 30 minutes
Purpose: Used to protect against bots and ensure website security.
Controller: Cloudflare Inc., USA (via pexels.com / zyrosite.com)

Name: _cfuvid
Storage duration: Session (active browser session)
Purpose: Identifies legitimate access through web applications (Cloudflare).
Controller: Cloudflare Inc., USA (via pexels.com)

Name: spid.0295
Storage duration: approx. 1 year
Purpose: Used by Snowplow Analytics to collect statistical data on website usage.
Controller: Unsplash Inc., USA

Information on Consent and Legal Basis

We use cookies in accordance with legal regulations. Unless otherwise legally required, we obtain prior consent from our users. Consent is not required when storing and accessing information—including cookies—is strictly necessary to provide a telemedia service expressly requested by the user (i.e., our online offering).

Your revocable consent is clearly communicated and contains all relevant information regarding the respective use of cookies.

The legal basis for processing your personal data via cookies depends on whether we obtain your consent:

  • If consent is given: The legal basis for processing your data is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR).

  • Without required consent: Otherwise, cookie-based data processing is based on our legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR), e.g., to ensure the business operation of our online offering and to improve its usability. If the use of cookies is required to fulfill our contractual obligations, the processing is based on that necessity.

Cookie Storage Duration

We distinguish between the following types of cookies with regard to storage duration:

  • Temporary cookies (session cookies): These cookies are deleted at the latest after you leave our website and close your device (e.g., browser or mobile application).

  • Persistent cookies: These cookies remain stored even after you close your device. This allows, for example, your login status to be saved or preferred content to be displayed immediately when you revisit our website. User data collected via cookies can also be used for reach measurement. Unless we provide explicit information regarding the type and storage duration of cookies (e.g., when obtaining consent), you should assume they are persistent and may be stored for up to two years.

Withdrawal and Objection (Opt-out)

You can withdraw any consent given at any time and also object to data processing in accordance with legal requirements. This can also be done via your browser's privacy settings. You will also find a link in the footer of our website that allows you to change your cookie settings and withdraw consent.

Types of Data Processed and Processing Purposes

  • Types of data processed: Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved individuals); usage data (e.g., page views and duration of stay, click paths, usage intensity and frequency, device types and operating systems used, interaction with content and features)

  • Data subjects: Users (e.g., website visitors, users of online services)

  • Purposes of processing: Provision of our online offering, security, user-friendliness, and analysis / reach measurement

  • Legal bases: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR); Consent (Art. 6 para. 1 sentence 1 lit. a GDPR)

Additional Notes on Processing Activities, Procedures, and Services

Cookie Data Processing Based on Consent

We use a consent management solution (Cookiebot) to obtain your consent for the use of cookies and related processes and providers. This procedure is used to collect, log, manage, and revoke consents, especially with regard to the use of cookies and similar technologies that store, read, and process information on your end devices.

Your consent declarations are stored to prevent repeated queries and to comply with legal documentation obligations. Storage takes place on the server side and/or via a cookie (so-called opt-in cookie) or similar technologies to assign the consent to a specific user or device.

The duration of consent storage is up to two years. A pseudonymous user identifier is generated and stored along with the time of consent, details on the scope of consent (e.g., categories of cookies and/or providers), and information about the browser, system, and end device used.

  • Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR)

Cookiebot

We use Cookiebot, a consent management solution, to manage your cookie preferences.

  • Provider: Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark

  • Website: https://www.cookiebot.com/en

  • Privacy Policy: https://www.cookiebot.com/en/privacy-policy/

  • Data Processing Agreement: Provided by the service provider

  • Further information: Stored data (on the provider’s server) includes: the user’s IP address in anonymized form (last three digits set to 0), date and time of consent, browser information, the URL from which consent was submitted, a random, encrypted key, and the user’s consent status.

Rights of Data Subjects

Rights of Data Subjects under the GDPR: As a data subject, you have various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:

  • Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

  • Right to withdraw consent: You have the right to withdraw given consents at any time.

  • Right of access: You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and further information and a copy of the data in accordance with legal requirements.

  • Right to rectification: You have the right, in accordance with legal requirements, to demand the completion of data concerning you or the correction of inaccurate data concerning you.

  • Right to erasure and restriction of processing: You have the right, in accordance with legal requirements, to demand that data concerning you be immediately erased, or, alternatively, to demand a restriction of the processing of the data in accordance with legal requirements.

  • Right to data portability: You have the right to receive the data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format in accordance with legal requirements, or to demand its transmission to another controller.

  • Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

Contact via Email or Phone

If you contact us by email or phone, we store and process your information (e.g., name, email address, phone number, content of the message) to answer your inquiry and clarify any follow-up questions. The legal bases for this are Art. 6 (1) lit. b GDPR (contractual or pre-contractual measure) and Art. 6 (1) lit. f GDPR (legitimate interest in communication).

Your data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is generally the case when the conversation indicates that the matter concerned has been conclusively clarified and no further legal retention obligations exist.

Provision of the Online Offering and Web Hosting

We process user data to be able to provide our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or end device.

  • Processed data types: Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions); Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons); Log data (e.g., log files concerning logins or data retrieval or access times). Content data (e.g., textual or pictorial messages and posts and related information, such as authorship details or creation time).

  • Data subjects: Users (e.g., website visitors, users of online services).

  • Purposes of processing: Provision of our online offering and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)). Security measures.

  • Retention and deletion: Deletion according to information in the section "General Information on Data Storage and Deletion".

  • Legal bases: Legitimate Interests (Art. 6 (1) sentence 1 lit. f) GDPR).

Cloudflare Content-Delivery-Network (CDN): We use Cloudflare for the delivery and security of our online offering. This may involve the processing of personal data such as IP addresses and device information. The use is based on our legitimate interests in an efficient and secure provision of the website (Art. 6 (1) lit. f GDPR).

Domain management: The domain is provided by IONOS SE. Technical access data may be processed in the context of the DNS infrastructure.

Further information on processing processes, procedures, and services:

  • Provision of online offering on rented storage space: For the provision of our online offering, we use storage space, computing capacity, and software that we rent or otherwise obtain from a corresponding server provider (also called "web hoster"); Legal bases: Legitimate Interests (Art. 6 (1) sentence 1 lit. f) GDPR).

  • Collection of access data and log files: Access to our online offering is logged in the form of "server log files". Server log files may include the address and name of the accessed web pages and files, date and time of access, transferred data volumes, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), and, as a rule, IP addresses and the requesting provider. Server log files can be used for security purposes, e.g., to prevent server overload (especially in the case of abusive attacks, so-called DDoS attacks), and to ensure server utilization and stability; Legal bases: Legitimate Interests (Art. 6 (1) sentence 1 lit. f) GDPR). Deletion of data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further retention is necessary for evidentiary purposes is excluded from deletion until the final clarification of the respective incident.

  • Email sending and hosting: The web hosting services we use also include the sending, receiving, and storing of emails. For these purposes, the addresses of the recipients and senders as well as other information concerning the email sending (e.g., the providers involved) and the content of the respective emails are processed. The aforementioned data may also be processed for the purpose of SPAM detection. We ask you to note that emails on the Internet are generally not sent encrypted. As a rule, emails are encrypted during transport, but (unless so-called end-to-end encryption is used) not on the servers from which they are sent and received. We therefore cannot assume responsibility for the transmission path of emails between the sender and receipt on our server; Legal bases: Legitimate Interests (Art. 6 (1) sentence 1 lit. f) GDPR).

  • Content-Delivery-Network: We use a "Content-Delivery-Network" (CDN). A CDN is a service that helps deliver content of an online offering, especially large media files such as graphics or program scripts, faster and more securely with the help of regionally distributed and internet-connected servers; Legal bases: Legitimate Interests (Art. 6 (1) sentence 1 lit. f) GDPR).

Presences on Social Networks (Social Media)

We maintain online presences within social networks and process user data in this context to communicate with active users there or to offer information about us.

We point out that user data may be processed outside the European Union. This may result in risks for users, for example, because the enforcement of user rights could be made more difficult.

Furthermore, user data within social networks is usually processed for market research and advertising purposes. For example, user profiles can be created based on usage behavior and resulting user interests. The latter may in turn be used to place advertisements inside and outside the networks that presumably correspond to the users' interests. Therefore, cookies are usually stored on the users' computers, in which the users' usage behavior and interests are stored. In addition, data can also be stored in the usage profiles independently of the devices used by the users (especially if they are members of the respective platforms and are logged in there).

For a detailed description of the respective forms of processing and the possibilities of objection (opt-out), we refer to the privacy policies and information of the operators of the respective networks.

Also, in the case of requests for information and the assertion of data subjects' rights, we point out that these can be most effectively asserted with the providers. Only the latter have access to the user data and can directly take appropriate measures and provide information. Should you nevertheless need help, you can contact us.

  • Processed data types: Contact data (e.g., postal and email addresses or phone numbers); Content data (e.g., textual or pictorial messages and posts and related information, such as authorship details or creation time). Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions).

  • Data subjects: Users (e.g., website visitors, users of online services).

  • Purposes of processing: Communication; Feedback (e.g., collecting feedback via online form). Public relations.

  • Retention and deletion: Deletion according to information in the section "General Information on Data Storage and Deletion".

  • Legal bases: Legitimate Interests (Art. 6 (1) sentence 1 lit. f) GDPR).

Further information on processing processes, procedures, and services:

  • LinkedIn: Social Network - Together with LinkedIn Ireland Unlimited Company, we are responsible for the collection (but not the further processing) of visitor data used to create "Page Insights" (statistics) of our LinkedIn profiles. This data includes information about the types of content users view or interact with, as well as the actions they perform. Details about the devices used are also collected, such as IP addresses, operating system, browser type, language settings, and cookie data, as well as information from user profiles, such as job function, country, industry, hierarchy level, company size, and employment status. Data protection information on the processing of user data by LinkedIn can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy. We have concluded a special agreement with LinkedIn Ireland ("Page Insights Joint Controller Addendum", https://legal.linkedin.com/pages-joint-controller-addendum), which specifically regulates what security measures LinkedIn must observe and in which LinkedIn has agreed to fulfill the rights of data subjects (i.e., users can, for example, address requests for information or deletion directly to LinkedIn). The rights of users (in particular the right to information, deletion, objection, and complaint to the competent supervisory authority) are not restricted by the agreements with LinkedIn. The joint responsibility is limited to the collection and transfer of data to LinkedIn Ireland Unlimited Company, a company based in the EU. The further processing of the data is solely the responsibility of LinkedIn Ireland Unlimited Company, particularly with regard to the transfer of data to the parent company LinkedIn Corporation in the USA; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Legal bases: Legitimate Interests (Art. 6 (1) sentence 1 lit. f) GDPR); Website:https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; Basis for Third Country Transfers: Data Privacy Framework (DPF), Standard Contractual Clauses (https://legal.linkedin.com/dpa), Data Privacy Framework (DPF) Standard Contractual Clauses (https://legal.linkedin.com/dpa). Opt-out possibility: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Amendments and Updates

We kindly ask you to regularly inform yourself about the content of our Privacy Policy. We will adapt the Privacy Policy as soon as changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or any other individual notification.

If we provide addresses and contact information of companies and organizations in this Privacy Policy, please note that the addresses may change over time and we ask you to check the information before contacting them.

Definitions of Terms

In this section, you'll find an overview of the terminology used in this Privacy Policy. Where terms are legally defined, their legal definitions apply. The following explanations are primarily intended to aid understanding.

  • Content Data: Content data includes information generated during the creation, editing, and publication of all types of content. This category of data can include texts, images, videos, audio files, and other multimedia content published on various platforms and media. Content data is not limited to the actual content but also includes metadata that provides information about the content itself, such as tags, descriptions, author information, and publication dates.

  • Contact Data: Contact data are essential information that enables communication with individuals or organizations. They include, among others, phone numbers, postal addresses, and email addresses, as well as communication tools like social media handles and instant messaging identifiers.

  • Meta, Communication, and Procedural Data: Meta, communication, and procedural data are categories that contain information about how data is processed, transmitted, and managed. Metadata, also known as data about data, includes information that describes the context, origin, and structure of other data. It can include details about file size, creation date, the author of a document, and modification histories. Communication data records the exchange of information between users across various channels, such as email traffic, call logs, social media messages, and chat histories, including the individuals involved, timestamps, and transmission paths. Procedural data describe the processes and workflows within systems or organizations, including workflow documentation, transaction and activity logs, and audit logs used for tracking and verifying operations.

  • Usage Data: Usage data refers to information that captures how users interact with digital products, services, or platforms. This data includes a wide range of information that shows how users use applications, which features they prefer, how long they stay on certain pages, and what paths they navigate through an application. Usage data can also include frequency of use, timestamps of activities, IP addresses, device information, and location data. They are particularly valuable for analyzing user behavior, optimizing user experiences, personalizing content, and improving products or services. Furthermore, usage data plays a crucial role in identifying trends, preferences, and potential problem areas within digital offerings.

  • Personal Data: "Personal data" means any information relating to an identified or identifiable natural person(hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • Log Data: Log data are information about events or activities that have been recorded in a system or network. This data typically includes information such as timestamps, IP addresses, user actions, error messages, and other details about the use or operation of a system. Log data is often used to analyze system problems, for security monitoring, or to create performance reports.

  • Controller: The "controller" refers to the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

  • Processing: "Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and includes practically every handling of data, whether it is collection, evaluation, storage, transmission, or deletion.

an abstract photo of a curved building with a blue sky in the background
Links

Get in touch

+ 49 (0) 4131 2217924

© 2025 UniteMinds GmbH – All rights reserved.

Imprint

Privacy Policy

info@uniteminds.de

UniteMinds GmbH
global talent recruiting