We appreciate your visit to our website. Below, we would like to inform you about how we handle your data in accordance with Article 13 of the GDPR.
Controller:
Controller for the processing of personal data collected during the visit to this website is:
Matchory GmbH
Aiko Wiegand
Ferdinand-Sauerbruch-Str. 3
89134 Blaustein
Email: info@matchory.com
Data Protection Office:
Our Data Protection Officer is available to provide information or address any concerns regarding data protection:
Datenschutz Nord GmbH
Zweigstelle Berlin-Charlottenburg
Kurfürstendamm 212
10719 Berlin
E-Mail: office@datenschutz-nord.de
Data security
We take technical and organizational measures to protect your data from unauthorized access as comprehensively as possible. We use an encryption process on our websites. Your data is transmitted from your computer to our server and vice versa via the Internet using TLS encryption. You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.
Data processing processes
Usage data
When you visit our website, we temporarily store so-called usage data on the basis of Art. 6 para. 1 sentence 1 lit. f) GDPR. We use the usage data for statistical purposes in order to improve the quality of our website. We also use this information to enable our website to be accessed, to control and administer our systems and to improve the design of the website. These purposes pursued by us also represent the legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR. The data set consists of:
Use of cookies
We use cookies on our website. Cookies are small text files that can be stored and read by the internet browser on the user's computer system. They allow us to store information for a certain period of time and identify the visitor's computer. This facilitates navigation and makes our website user-friendly. Cookies also help us identify particularly popular areas of our website. We distinguish between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.
Some cookies are necessary for the use of our website. We do not use these cookies for analysis, tracking or advertising purposes. Some of these cookies only contain information about specific settings and are not personal. They may also be necessary to enable user guidance, security, and implementation of the site. We use these cookies based on Art. 6 (1) sentence 1 lit. f) of the GDPR, based on our legitimate interest in being able to provide basic functions of the website to ensure its functionality.
You can configure your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time using the appropriate browser settings and prevent the setting of new cookies. Please note that our websites may then not be displayed and some functions may no longer be available. In addition, we also use technically unnecessary cookies on our website. We will inform you separately about the use of these cookies below.
Cookie Consent
Our website uses the cookie consent technology provided by HubSpot to obtain your consent for storing certain cookies on your device and to document this in compliance with data protection regulations. The provider of this technology is HubSpot, Inc. (hereinafter referred to as "HubSpot"). When you visit our website, the following personal data is transferred to HubSpot:
Furthermore, HubSpot stores a cookie in your browser in order to associate the granted consents or their revocation with you. The legal basis for the data processing is Art. 6 (1) sentence 1 lit. c) of the GDPR. The use of HubSpot is carried out to obtain the legally required consents for the use of technically unnecessary cookies and to provide evidence of these consents (see Art. 7 (1), Art. 5 (2) of the GDPR). The aim is to know the preferences of our users and to implement them accordingly, as well as to document them for evidential purposes.
Job Application
You can apply for open positions at Matchory by mail, email, or using the contact form on the website. Your application data will be forwarded to the individuals responsible for the application process. All parties involved treat your application documents with the necessary care and confidentiality. We process the data you provide us in the course of your application for the purpose of applicant selection.
The legal basis for this data processing is Art. 88 (1) of the GDPR in conjunction with § 26 (1) sentence 1 of the BDSG or Art. 6 (1) sentence 1 lit. b) of the GDPR (decision on the establishment of an employment relationship). After completion of the selection process, the information provided by you for the specific selection process and the submitted documents will be deleted no later than six months later, unless we have entered into an employment contract with you. In the event that we may also consider your application for other or future job advertisements, please indicate this in your application. With your explicit consent, we will process your data on the basis of Art. 6 (1) sentence 1 lit. a) of the GDPR (consent). You can withdraw your consent at any time with effect for the future. The processing of data carried out until the withdrawal remains lawful.
General Contact
You have the option to contact us by mail, phone, or email. Additionally, you can use the contact form provided on our website. In this process, we process the following data as mandatory information: your name, email address, company name, and message. We use this information to address you personally, process your inquiry, and respond to you. Optionally, you can provide us with information about your website, your position, and your phone number. We require this data to prepare for a personal conversation with you and to better understand the business field. Your data will be deleted after the final processing of your inquiry. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified, and unless there are legal retention obligations.
The legal basis for the processing of the data is Art. 6 (1) sentence 1 lit. f) of the GDPR. We have a legitimate interest in being in contact with users of the website and responding to inquiries directed at us.
Contact: Online Demo
If you would like to learn about the functionality of Matchory and test it in advance, you can contact us. For scheduling appointments, we use the Calendly tool provided by the US company Calendly LLC (hereinafter referred to as "Calendly"). In the dedicated contact form provided for this purpose, we require your name, email address, and preferred date as mandatory information. We use this data to respond to your inquiry and to provide you with a closer understanding of the functionality of Matchory in a personal conversation. Your data will be deleted after the final processing of your inquiry. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified, and unless there are legal retention obligations.
The legal basis for the processing of the data is Art. 6 (1) sentence 1 lit. f) of the GDPR. We have a legitimate interest in answering questions about our offers and providing information about our solutions upon request. If your inquiry aims to conclude a contract, the additional legal basis for the processing is Art. 6 (1) sentence 1 lit. b) of the GDPR. The data processing is then necessary for the performance of (pre-)contractual measures.
Website Analysis
To tailor our website to your needs, we use web analytics tools. The data processing is based on your consent in accordance with Art. 6 (1) sentence 1 lit. a) of the GDPR and § 25 (1) of the TTDSG if you have given your consent through our cookie banner. You can revoke your consent at any time with effect for the future. You can adjust the corresponding settings in our cookie banner by accessing the cookie consent section in the footer of our website.
How does tracking work?
The web analytics tool providers we use create user profiles for us based on pseudonyms. The created user profiles are used to analyze visitor behavior and are evaluated for the improvement and needs-based design of our offering. For this purpose, permanent cookies are stored on your device and read by us. Moreover, it is possible that we retrieve recognition features for your browser or device (e.g., by using tracking pixels or so-called browser fingerprints). This allows us to recognize and count recurring visitors.
Which third-party providers do we use in this context?
Below is an overview of the third-party providers we cooperate with for analysis purposes. Data processing may also take place outside the EU or the EEA. If data is processed outside the EU or the EEA in this context, we provide information on the appropriate level of data protection.
Tracking technologies from third-party providers for advertising purposes:
We use cross-device tracking technologies to display targeted advertising on other websites based on your visit to our website and to recognize the effectiveness of our advertising campaigns. The data processing is based on your consent in accordance with Art. 6 (1) sentence 1 lit. a) of the GDPR and § 25 (1) of the TTDSG, if you have given your consent through our banner. Your consent is voluntary and can be revoked at any time with effect for the future. You can adjust the corresponding settings in our cookie banner by accessing the cookie consent section in the footer of our website.
How does tracking work?
When you visit our website, it is possible for the third-party providers listed below to retrieve recognition features for your browser or device (e.g., a browser fingerprint), analyze your IP address, store or read recognition features on your device (e.g., cookies), or access individual tracking pixels. The individual features can be used by third-party providers to recognize your device on other websites. We may request these third-party providers to display advertising based on the pages you have visited on our website.
What does cross-device tracking mean?
If you log in to the third-party provider with your own user data, the respective recognition features of different browsers and devices can be linked together. For example, if the third-party provider has created a unique feature for the laptop, desktop PC, smartphone, or tablet you use, these individual features can be associated with each other once you use your login data to access a service provided by the third-party provider. This allows the third-party provider to target our advertising campaigns across different devices.
Which third-party providers do we use in this context?
Below we name the third-party providers we work with for advertising purposes. If data is processed outside the EU or the EEA in this context, we provide information on the appropriate level of data protection.
Embedded Videos
On our website, we also embed videos that are not stored on our servers. To prevent automatic loading of the third-party content when accessing our website with embedded videos, we initially only display locally stored preview images (thumbnails) of the videos. This way, the third-party provider does not receive any information. Only after clicking on the preview image, the content from the third-party provider is loaded. At this point, the third-party provider receives the information that you have accessed our site, as well as the usage data technically required in this context. Additionally, the third-party provider may implement tracking technologies. We have no control over further data processing by the third-party provider. By clicking on the preview image, you give us your consent to load content from the third-party provider. The embedding is based on your consent in accordance with Art. 6 (1) sentence 1 lit. a) of the GDPR and § 25 (1) of the TTDSG, if you have given your consent by clicking on the preview image. If data is processed outside the EU or the EEA (especially in the USA) in this context, we provide information on the level of data protection in the table below. We use videos from the following third-party providers:
Inclusion of other technical third-party content and functions:
We use the technical functions and content from third-party providers listed below to display our website. Accessing our pages leads to the reloading of content from the third-party provider that provides these functions and content. As a result, the third-party provider receives information that you have visited our site, as well as the usage data technically required in this context. We have no control over any further data processing by the third-party provider. The data processing is based on your consent in accordance with Art. 6 (1) sentence 1 lit. a) of the GDPR and § 25 (1) of the TTDSG, if you have given your consent via our banner solution. Please note that the use of third-party content and functions may result in your data being processed outside the EU or the EEA. For transfers to the USA, an appropriate level of data protection is ensured through the adequacy decision (EU-U.S. Data Privacy Framework) for certified companies.
Captcha
To protect our web forms from automated requests, we use a captcha provided by a third-party provider. As part of the captcha function, all user inputs and mouse movements you make on our website are automatically captured (regardless of whether you access pages that include web forms or not). The data collected in this way is used to estimate whether the inputs are from a human or an automated program. Since the function is provided by a third-party provider, displaying the captcha leads to the reloading of content from the third-party provider. As a result, the third-party provider receives information that you have visited our site, as well as the usage data technically required in this context. The third-party provider also receives your IP address, which is technically necessary for retrieving the content. We generally have no control over further data processing by the third-party provider. The data processing is based on your consent if you have given your consent via our banner solution. Please note that the use of captchas may result in your data being processed outside the EU or the EEA (especially in the USA). If data is processed outside the EU or the EEA (especially in the USA) in this context, we provide information on the level of data protection in the table below.
Obligation to provide data:
The provision of your data is not legally required and is voluntary. However, for the use of certain services, the provision of your data is necessary. This applies, for example, to providing your email address in the contact form, without which we cannot respond to your electronic contact request. We will inform you when entering data if its provision is necessary for the respective service or function. These data fields are marked as mandatory. Failure to provide required data may result in the relevant service or function not being provided. The non-provision of optional data may result in our services not being provided in the same form and to the same extent as usual.
Duration of Data Storage:
Unless we have already provided information on the storage period for specific data, we will delete personal data when it is no longer necessary for the aforementioned processing purposes and there are no legal retention obligations.
Use of Service Providers:
We may disclose your data to service providers as part of commissioned processing in accordance with Art. 28 of the GDPR, who support us in operating our websites and the related processes. Our service providers are strictly bound by instructions and contractually obligated to us. These service providers fall into the following categories:
Hosting service providers/cloud service providers for the operation of our servers
These service providers process the data solely on our behalf and are contractually obligated to comply with applicable data protection regulations. All processors have been carefully selected and are only granted access to your data to the extent necessary for the provision of services within the required timeframe.
The servers of some of the service providers used by Matchory are located in the USA and other countries outside the European Union. Companies in these countries are subject to data protection laws that may not offer the same level of protection for personal data as the Member States of the European Union. Regarding data transfers to certified US service providers, an appropriate level of data protection is guaranteed due to the adequacy decision (EU-U.S. Data Privacy Framework). For data processed in any other country that does not have an equivalent level of data protection as the European Union, we ensure an adequate level of data protection through contractual agreements or other recognized instruments. With regard to data recipients in third countries, we conclude standard data protection clauses provided by the EU Commission for the processing of personal data in third countries, in accordance with Article 46 (2)(c) of the GDPR. If we use providers in insecure third countries and you consent to it, the transfer to an insecure third country is based on Article 49 (1)(a) of the GDPR.
Your Rights as a Data Subject:
As a data subject, you have the right to information about your personal data (Article 15 of the GDPR) as well as the right to rectify inaccurate data (Article 16 of the GDPR) or request deletion if one of the grounds specified in Article 17 of the GDPR applies, for example, if the data is no longer necessary for the stated purposes. You also have the right to restrict processing if one of the conditions in Article 18 of the GDPR is met and, in the cases described in Article 20 of the GDPR, the right to data portability. If data processing is based on your consent, you have the right, in accordance with Article 7 of the GDPR, to withdraw your consent to the use of your personal data at any time. The withdrawal does not affect the lawfulness of the processing carried out based on the consent until the withdrawal. Additionally, every data subject has the right to lodge a complaint with a supervisory authority if he or she believes that the processing of personal data concerning him or her violates data protection regulations (Article 77 of the GDPR).
In cases where we process your personal data based on Article 6(1)(e) or (f) of the GDPR, you have the right to object, on grounds relating to your particular situation, at any time. We will then no longer process the personal data, unless there are compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise or defense of legal claims.
You also have the right to object at any time to the processing of your data for direct marketing purposes, including profiling related to such direct marketing.
The smart supplier database.
