Privacy Statement for the SocialHub-Website (www.socialhub.io) the SocialHub Blog (blog.socialhub.io) and the SocialHub Software (app.socialhub.io)
Note: Data processing that takes place in the context of the use of the SocialHub software is legitimized by a contract for data processing on behalf and is not the subject of this data protection notice.
The provider (in the following also referred to as “we”) collects, uses and stores your personal data in accordance with the EU General Data Protection Regulation (GDPR), the German Data Protection Act (“Bundesdatenschutzgesetz”) and the German Telemedia Act (“Telemediengesetz”). Personal data means any information relating to an identified or identifiable natural person. Below we inform you about the type, extent and purpose of the collection and use of personal data.
1. Who is responsible for data processing and who can you contact?
The party responsible for data processing is: maloon GmbH
Telefon: 0049 (0)841 493 990-0
Fax: 0049 (0)841 493 990-10
For confidential requests, our Commissioner for Data Protection is always there for you:
2. Which data are being processed and what are the sources of these data?
We process personal data (Art. 4 Nr. 1 GDPR) which we receive in the course of conducting our business as provider of a cloud solution for social media management (name, addresses, email-adresses, further data to technologies or communication content).
3. For what purpose and on what legal basis are the data processed?
We process personal data in order to be able to provide our services as a Biotech-Company and in order to receive and reply your requests. We process personal data in accordance with the following data protection-related provisions:
- a) Processing personal data with your consent (Art. 6 para. 1 a GDPR):
We process data according to Art. 6 para 1 a GDPR in order to communicate with you and advert for our services.
- b) Processing personal data to fulfil contractual obligations (Art. 6 para. 1 b GDPR):
If we enter into a contractual relation (including the initiation of contractual relation) the processing of personal data takes place for the provision of our services as cloud software provider to Art. 6 para. 1 b GDPR.
- c) Processing personal data to fulfil legal requirements (Art. 6 para. 1 c GDPR):
In the event that our company is subject to a legal obligation which requires the processing of personal data, such as for example the fulfilment of tax obligations, the processing of personal data is made pursuant to Art. 6 para. 1 lit. c GDPR.
- d) Processing personal data according to Art. 6 para. 1 d GDPR:
In exceptional cases the processing of personal data may be required in order to protect the vital interests of the data subject or another natural person. This could for example be the case were a visitor will be injured in our premises and in consequence his name, age, health insurance data or other vital information need to be transmitted to a doctor, hospital or other third party. In that event the processing will be made pursuant to Art. 6 para. 1 lit. d GDPR.
- e) Processing personal data according to Art. 6 para. 1 d GDPR:
Finally, data processing activities can be conducted on the basis of Art. 6 para. 1 lit. f GDPR which covers data processing activities which are do not fall under any of the afore mentioned legal provisions and which covers data processing which is necessary for the purposes of the legitimate interests pursued by us or a third party and provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject.
4. Legitimate interests of the controller that are being pursued by the controller or a third party
If the processing of personal data is based on Article 6 para. 1I lit. f GDPR our legitimate interest is the conduct of our business and the related communication with you (recital 47 GDPR).
For security reasons and in order to protect confidential information, such as requests submitted via our contact form, we use SSL-encryption. If an encrypted connection has been effected the address-line of your browser will show „https://“ instead of „http://“ and you might notice a locker symbol in your browser. If SSL is activated third parties cannot read data that you send to us.
6. Server Logfiles
- shortended IP-adress
- browser type/ browser version
- your operating system
- referrer URL (or the website visited previously)
- date and time of the server request
- amount of transmitted data
- your internet service provider
These data will be collected and processed only for the purpose of measuring the statistics of our website performance. These data will not be connected with data from other data sources.
8. Free trial / Registration
You can visit our website without registration. In order to be able to use full functionality you need to register for a free trial or for a paid account. If you register for an account we ask you to provide us additional data such as
- your name
- your address
- your company
- your email-adress
- your phone number
If you register for an account we store and process the above mentioned data entered in the registration form. In this case we store and process theses data. We don´t transfer personal data to third parties. Data will be used only in order to be able to communicate with you. Storing and processing your personal data in this context is based on Art. 6 para 1, lit b GDPR.
9. Period of Data Storage
We process and store personal data only for the period, which is required to meet the purpose of processing, or as long and to the extent as statutory laws require us to process and/or store such data.
If the purpose of processing does not apply anymore and the applicable statutory retention requirement expires, we will as a matter of routine erase data or restrict the processing of data in accordance with the applicable statutory laws.
10. GoogleAdWords Conversion Tracking
This website uses “Google AdWords Conversion Tracking” feature of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”), pursuant to Art. 6 para. 1 f) GDPR. Google AdWords Conversion Tracking uses so-called “cookies”, text files that are stored on your computer and that allow you to analyze the use of the website by you if you have clicked on a Google ad. The cookies are valid for a maximum of 90 days. Personal data is not stored. As long as the cookie is valid, Google and we as the website owner can see that you’ve clicked an ad and reached a specific landing page (e.g., order confirmation page, newsletter signup). These cookies can not be tracked across multiple websites by different AdWords participants. The cookie generates conversion statistics in Google AdWords. These statistics include the number of users who have clicked on one of our ads. In addition, it counts how many users have come to a landing page that has been tagged with a “conversion tag”. However, the statistics do not contain any data that identifies you.
11. Google Analytics
We have activated the functionality IP anonymization. In case of activation of the IP anonymization, Google will shorten the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area before sending it to the USA. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On our behalf Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website provider.
Google will not associate your IP address with any other data held by Google.
Opposition to the data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to this website: disable Google Analytics
Click here to deactivate the Google Analytics Tracking
12. Contact Form
On our website we provide a contact form for you in order to provide youvthe possibility to contact us electronically. If you use our contact form we store and process the data entered in the form. These are the following data: name, email-adress, phone number, subject-line, your company name and your message. Alternatively you can contact us by email. In this case we store and process the data submitted by email. We don´t transfer personal data to third parties. Data will be used only in order to be able to reply to your request. Storing and processing your personal data in this context is based on Art. 6 para 1, lit f GDPR.
Our website uses LiveChat software from Autopilot Inc. 140 2nd Street, 5th Floor, San Francisco, CA, 94105. The storage and processing of your personal data in this context is based on Art. 6 para. 1 lit. f DSGVO. If you use this software, the entered data will also be sent to the provider. More information on the privacy of the Autopilot Inc. can be found here: https://autopilothq.com/privacypolicy.html
On our pages plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated. The processing is based on Art. 6 para. 1 f) GDPR. The Facebook plugins can be recognized by the Facebook logo or the “Like-Button” (“Like”) on our site. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/.
If you do not wish Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
You can change your privacy settings on Twitter in the account settings at: https://twitter.com/account/settings.
Our website uses features of the LinkedIn network. The processing is based on Art. 6 para. 1 f) GDPR. Providers is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States. Each time you visit one of our pages that contains LinkedIn features, it will connect to LinkedIn servers. LinkedIn is informed that you have visited our website with your IP address. If you click LinkedIn’s “Recommend Button” and are logged in to your LinkedIn account, LinkedIn will be able to associate your visit to our website with you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by LinkedIn.
For more information, see the LinkedIn privacy statement at: https://www.linkedin.com/legal/privacy-policy
Our website uses functions of the network XING. Provider is the XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. The processing is based on Art. 6 para. 1 f) GDPR. Each time you visit one of our sites that contains XING features, it will connect to XING servers. A storage of personal data is not done to our knowledge. In particular, no IP addresses are stored or the usage behavior is evaluated.
Using the Youtube API, you can integrate comments on Youtube videos into your SocialHub. For this we access the following information via an API: Title of the channel in which the commented video is located, title of the commented video, comment text. You can add your own comments within the SocialHub or reply to imported comments. Your comments or replies to comments will then be sent to Youtube via the API and displayed in the comment section of the corresponding video.
On our site, we use social plugins from the Pinterest social network operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA (“Pinterest”). The processing is based on Art. 6 para. 1 f) GDPR. When you visit a page that contains such a plugin, your browser connects directly to the servers of Pinterest. The plugin transmits protocol data to the server of Pinterest in the USA. This log data may include your IP address, the address of the websites visited, which also includes Pinterest features, browser type and settings, the date and time of the request, how you use Pinterest, and cookies.
We use social plugins from Whatsapp. WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland
21. Information about the transfer of personal data to a third country
We use various cloud services as part of our service, i.e. US-based providers or providers from other states outside EU/EEA who also process personal data on our behalf (e.g. name, e-mail address and possibly others).
We expressly point out that, with regard to the USA, no adequacy decision of the European Commission has been issued so far.
We will only transfer personal data to a provider in the USA if this transmission is permitted in accordance with the so-called Privacy Shield Agreement and / or the transmission is legitimized by standard data protection clauses (standard contractual clauses). The guarantees for privacy shield can be found here:
The standard contract clauses can be found here:
22. Documentation of declared consents
If you have given us a consent under Art. 7 DSGVO, § 7 UWG to contact you via email, then your consent is as follows:
X Yes, I want to receive all editions of the SocialHub-Mag by E-Mail (cancellable at any time)
X Just fill out the form below and we will arrange an appointment with you for a free 30-minute demo shortly. Of course you can revoke your consent to the use of your data at any time free of charge (for example, by email)!
You can withdraw a given consent at any time free of charge. A withdrawal can e.g. done by email or by post or by using the unsubscribe function in the respective email.
23. Rights of Data Subject
The data subject has gem. Art. 15 GDPR the right to obtain free information on request about the personal data stored about him as well as the purpose of the data processing. The data subject has also gem. Articles 16, 17 and 18 GDPR the right to correct incorrect data and block and delete his personal data. Moreover the data subject has, subject to Art. 20 GDPR, the right to receive the personal data concerning him or her, which he or she has provided to us, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance from our part. According to Art. 21 (1) GDPR, the data subject shall also have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Art. 6 (1) GDPR. We will comply with the aforementioned requests if and to the extent such compliance is required by the applicable statutory laws. Requests for access to and rectification or erasure of personal data or restriction of processing may be directed to the email or post address stated in our website’s imprint. Each data subject has the right to lodge a complaint with a supervisory authority of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the GDPR.