Welcome to the data protection declaration of the full-service digital agency VISION UNLTD. CREATIVE WORX GmbH from Cologne.
This data protection declaration (version of 01.07.2018) was created in order to explain to you, in accordance with the requirements of the Basic Data Protection Regulation (EU) 2016/679, which information we collect, how we use personal data and how the protection of personal data (hereinafter referred to as "data") is guaranteed when using our web/app services and the associated web/app services (hereinafter jointly referred to as "online services"). Due to changes in the laws or internal company processes, the data protection declaration may be amended. Users should inform themselves periodically.
Identity of the person responsible
Vision Unltd. Creative Worx GmbH
Neusser Str. 27 – 29
Contact details of the external data protection officer
You can also contact our responsible external data protection officer via mail at:
We collect and use personal data only to the extent necessary to provide functional online services and content, functions and contractually agreed services. Personal data is information that can be individually assigned to you. Examples include your name, address, postal address, telephone number, e-mail address or location data The processing of these personal data takes place regularly only after your consent. A transfer to third parties will only take place if this is expressly permitted by law or if you have consented to the transfer within the scope of your registration or in the course of an active business relationship.
Our apps use data that you enter and, if you allow it, data that is available on the device or generated by the use of device functions (for example GPS location data). It is also possible to use the app without accessing this data. Access can be deactivated and reactivated at any time in the mobile device settings.
An exception applies in those cases in which prior consent cannot be obtained for actual reasons and the processing of the data is permitted by statutory provisions.
When contacting us (e.g. via contact form, e-mail, telephone or via social media), the user's details will be processed for the purpose of processing the contact inquiry and processing it in accordance with Article 6 Abs. 1 lit. b DSG-VO. The user data can be stored in a customer relationship management system or comparable inquiry organization.
We will delete the requests if they are no longer necessary. We review the necessity every two years. Furthermore, the statutory archiving obligations apply.
In accordance with Art. 13 DSG-VO, we would like to inform you about the legal basis for our data processing.
For users from the area of application of the Basic Data Protection Regulation (DSG-VO), i.e. the European Union and the European Economic Community, the following applies if the legal basis is not mentioned in the data protection declaration:
The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 DSG-VO.
The legal basis for the processing for the fulfillment of our services and the execution of contractual measures as well as the answering of inquiries is Art. 6 para. 1 lit. b DSG-VO. This shall also apply to processing operations necessary for the implementation of pre-contractual measures.
The legal basis for the processing for the fulfillment of our legal obligations is Art. 6 para. 1 lit. c, DSG-VO.
In the event that vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 para. 1 lit. c of the DSG-VO serves as the legal basis.
The legal basis for the processing necessary for the performance of a task in the public interest or in the exercise of official authority entrusted to the controller is Art. 6 para. 1 lit. e, DSG-VO.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f DSG-VO serves as the legal basis for the processing.
The processing of data for purposes other than those for which they were collected is governed by the provisions of Art. 6 (4) DSG-VO.
The processing of special categories of data (pursuant to Art. 9 (1) DSG Regulation) is governed by the provisions of Art. 9 (2) DSG-VO.
With regard to the terms used, such as "personal data", "processing" or "controller", we refer to the definitions in Art. 4 of the Basic Data Protection Regulation (DSG-VO).
Data erasure and storage duration
The personal data of the person concerned will be deleted or disabled as soon as the purpose of storage no longer applies. Storage may also take place if the European or national legislator has provided for this in Union regulations, laws or other provisions to which the person responsible is subject. The data shall also be disabled or deleted if a storage period prescribed by the aforementioned standards expires unless it is necessary for further storage of the data in order to conclude or fulfill a contract.
The hosting services used by us serve the provision of the following services: Infrastructure and platform services, computing capacity, storage space and database services, e-mail distribution, security services and technical maintenance services which we use for the purpose of operating these online services.
In doing so, we or our hosting provider process inventory data, contact-, content-, contract-, usage-, meta- and communication data of customers, interested parties and visitors to this online services on the basis of our legitimate interests in the processing of data in accordance with Art. 6 Para. 1 lit. f DSG-VO in an efficient and secure provision of this online service.
Processing of communication data
When you visit our web services, apps or online services, certain information is automatically generated and stored.
When you visit our online services, our web servers, or our hosting providers, automatically store data such as
- Information about the browser type and the version used
- The user's operating system
- The internet service provider of the user
- Online identifiers (e.g. IP address, session IDs, cookies, device identifiers) of the user
- Date and time of retrieval
- Name of the file retrieved and the amount of data transferred.
- Websites from which the user's system accesses our online services
- Websites accessed by the user's system through our online services
in log files.
As a rule, log files are saved and then automatically deleted. The information stored in the server log files does not allow any direct conclusion to be drawn about the user and will be anonymized after an appropriate period of time. This storage takes place separately from the other data which you provide to us directly when using our online services, e.g. when registering for our online services. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed in the event of unlawful conduct. Data, the further storage of which is necessary for evidence purposes, will be excluded from deletion until the respective incident has been finally clarified.
According to Article 6 (1) lit. f of the DSG-VO, the legal basis is that there is a legitimate interest in enabling the error-free operation of our online services by recording log files. The data is also used to optimize our online services and to ensure the security of our online services.
The collection of the data for the provision of the online services and the storage of the data in log files is absolutely necessary for the operation. Consequently, there is no possibility of objection on the part of the user.
Storage of personal data
Personal data which you transmit to us electronically via our online services, such as your name, e-mail address, address or other personal information in the context of a registration form, chats, blog comments or similar, will only be used by us together with the time and IP address for the purpose stated in each case and will be stored securely.
We, therefore, use your personal data only for communication with visitors who expressly wish to contact us and for processing services and products offered via our online services. We will not pass on your personal data without your consent. However, we cannot exclude the possibility that this data may be viewed in the event of unlawful conduct.
Security Precautions & TLS Encryption with https
In order to protect the security of your data during transmission, we use state-of-the-art encryption methods such as SSL over HTTPS.
You can recognize an encrypted connection by the small lock symbol in the upper left corner of the browser. The address line of the browser changes from "http://" to "https://".
Our interest is based on Article 25 paragraph 1 DSG-VO (data protection through technology design).
Cooperation with contract processors, jointly responsible parties and third parties
We process your personal data only for the purposes stated in this data protection declaration. Your personal data will not be transmitted to third parties for purposes other than those mentioned. We will only pass on your personal data to third parties if:
- you have given your express consent to this,
- the processing is necessary to process a contract with you,
- the processing is necessary to fulfill a legal obligation,
- the processing is necessary to safeguard legitimate interests and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data.
The basis for this is if a legal obligation provides for this or on the basis of our legitimate interests in the processing of the data pursuant to Art. 6 para. 1 lit. f DSG-VO, such as the use of agents, hosting providers, etc..
Transmissions to non-EU countries
If we process data in a non-EU country (i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or if this is done in the context of the use of third-party services or disclosure or transfer of data to other persons or companies, this will only occur if it is done to fulfill our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests in the processing of the data pursuant to Art. 6 Para. 1 lit. f DSG-VO. Subject to express consent or contractually required transfer, we process the data only in third countries with a recognised level of data protection, which includes US processors certified under the "Privacy Shield" or on the basis of special guarantees, such as contractual obligations under so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 DSG-VO).
Provision of contractual services
We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Article 6 para. 1 lit b DSG-VO. The entries marked as mandatory in online forms are required for the conclusion of the contract.
The deletion of the data takes place after the expiry of statutory warranty and comparable obligations, the necessity of data storage is reviewed every three years; in the case of statutory archiving obligations, the deletion takes place after their expiry. Information in any customer account remains until its deletion.
At the end of the session, most of the cookies we use are deleted from your device ("session cookies"). Permanent cookies, on the other hand, remain on your device/browser and enable us to analyze the surfing behavior, measure traffic, provide various services and inform advertisers about the usage habits of our users. Insofar as the processing of personal data takes place here, these are always pseudonymized.
Our partner companies are not permitted to collect, process or use personal data via cookies via our online offers. You have the option of preventing the storage of cookies on your device/browser by changing the settings, which may limit the functionality of our online services.
In order to make our online services more user-friendly for our users, we cooperate with selected cooperation partners. These platforms can be temporarily integrated by so-called plugins on our online offers. If you access a page of our offers with such a plugin, your browser establishes a direct, short connection with their servers. This serves primarily to show you the content of the plugin. In this case, the cooperation partner will learn your IP address and other device-related information. In practice, this IP address cannot be assigned to you without further ado. Under certain circumstances, the cooperation partner may also store a cookie on your device, which is deleted when the browser is closed (see upper section cookies). In the browser settings, you can decide for yourself whether you want to accept cookies or not.
See cookie settings and delete cookies
If you want to determine which cookies have been stored in your browser, change cookie settings or delete cookies, you can find this in your browser settings:
- Safari: Managing cookies and website data with Safari
- Firefox: Deleting cookies to remove data that websites have stored on your computer
- Chrome: Delete, activate and manage cookies in Chrome
- Internet Explorer: Deleting and managing cookies
If you do not wish data to be stored in cookies, you can set your browser so that it informs you when cookies are set and you only allow this in individual cases. You can delete or deactivate cookies that are already on your computer at any time. The procedure for this varies depending on your browser, it is best to search the manual in Google with the search term "Delete cookies Chrome" or "Deactivate cookies Chrome" in the case of a Chrome browser or exchange the word "Chrome" for the name of your browser, e.g. Edge, Firefox, Safari.
On www.youronlinechoices.com and und www.aboutads.info you can generally manage your preferences for usage-based online advertising. You can deactivate or activate different providers at once or check the settings for individual providers.
On our online services, we partly offer users the possibility to register by providing personal data such as username, email, possibly mobile phone number, password. The data is entered into an input mask and transmitted to us and stored. Transmission to third parties will only take place if this is expressly permitted by law or if you have consented to the transmission within the scope of your registration or in the course of an active business relationship. Registration of the user is necessary for the provision of certain contents, services on our online offers. Furthermore, for the fulfillment of a contract with the user or for the implementation of pre-contractual measures.
The legal basis for the processing of the data is Art. 6 para. 1 lit. a and b DSG-VO on the basis of our legitimate interests or for the implementation of (pre)contractual measures if the user has given his consent.
It is possible to subscribe to a free newsletter via our online services. When you register for the newsletter, the data from the input mask will be transmitted to us and the right is granted to contact you by e-mail. In addition, we store your IP address and the time of registration and confirmation. The purpose of the procedure is to prove your registration and, if necessary, to clarify any possible misuse of your personal data.
We use the data stored within the scope of the registration to the newsletter exclusively for our newsletter. Transmission to third parties will only take place if this is expressly permitted by law or if you have consented to the transmission within the scope of your registration or in the course of an active business relationship. The subscription of the newsletter can be canceled by the user at any time. For this purpose, there is a corresponding link in every newsletter. We delete then all data with the registration to the newsletter were stored.
The following information applies if we send newsletters with MailChimp and use functions of the newsletter service MailChimp of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA on our online services in order to register for newsletters.
General information about MailChimp
If you register for our newsletter on our online services, the entered data will be stored at MailChimp.
Deletion of your data
You can withdraw your consent to receive our newsletter at any time within the received e-mail by clicking on the link. If you have unsubscribed by clicking on the unsubscribe link, your data will be deleted at MailChimp.
If you receive a newsletter via MailChimp, information such as IP address, browser type and e-mail program will be stored to give us information about the performance of our newsletter. MailChimp can determine if the email has arrived if it has been opened and if links have been clicked by using the images called Web Beacons (details can be found at https://kb.mailchimp.com/reports/about-open-tracking) integrated into the HTML emails. All this information is stored on the servers of MailChimp, not on our online services.
MailChimp Order Data Processing Contract
We have signed a contract with MailChimp for the Data Processing Addendum. This contract serves to secure your personal data and ensures that MailChimp complies with the applicable data protection regulations and does not pass on your personal data to third parties.
More information about this contract can be found at https://mailchimp.com/legal/forms/data-processing-agreement/.
We use Google Fonts of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our online services. Google Fonts is used without authentication and no cookies are sent to the Google Fonts API. If you have an account with Google, none of your Google Account information will be transmitted to Google while using Google Fonts. Google only records the use of CSS and the fonts used and stores this data securely. More on these and other questions can be found at https://developers.google.com/fonts/faq?tid=311102395.
We use the reCAPTCHA feature of Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) ('Google'). This function is mainly used to differentiate whether an entry is made by a natural person or whether it is misused by mechanical and automated processing. The service also includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 Para. 1 lit. f DSG-VO on the basis of our legitimate interest in establishing the individual will of actions on the Internet and the avoidance of abuse and spam.
Google Inc., headquartered in the USA, is certified for the Privacy Shield Agreement, which ensures compliance with the data protection level applicable in the EU.
Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf to evaluate the use of our online services by users, to compile reports on the activities within this online services and to provide us with further services associated with the use of this online services and the use of the Internet. Pseudonymous user profiles can be created from the processed data.
We use Google Analytics only with IP anonymization enabled. This means that Google will reduce the IP address of users within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The IP address transmitted by the user's device is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online services and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
Further information on data use by Google, possible settings and objections can be found on Google's websites: https://www.google.com/intl/de/policies/privacy/partners ("Data used by Google when using our partners' websites or apps"), https://www.google.com/policies/technologies/ads ("Data use for advertising purposes"), https://www.google.de/settings/ads ("Manage information that Google uses to show you advertising").
Our online services use the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags through a single interface. The Tool Tag Manager itself (which implements the tags) is a cookieless domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
Using Facebook Social Plugins
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) Social Plugins ("Plugins") of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are identified by one of the Facebook logos (white "f" on blue tile, the terms "like", "like" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
When a user calls up a function of this online offer that contains such a plugin, his device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user's device and integrated into the online offer. The processed data can be used to create user profiles. We, therefore, have no influence on the amount of data Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.
By integrating the plugins, Facebook receives information that a user has called up the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. When users interact with the plugins, such as pressing the Like button or posting a comment, the information is sent directly from your device to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to obtain and store their IP address. According to Facebook, only an anonymized IP address is stored in Germany.
The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for the protection of users' privacy, can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/.
If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and link it to his membership data stored on Facebook, he must log out of Facebook before using our online offer and delete his cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US page https://www.aboutads.info/choices/ or the EU page https://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
We use the Facebook pixel of facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"), on our online services.
The code implemented on our online services can evaluate the behavior of visitors. This can be used to improve Facebook advertisements and this information is collected and stored by Facebook. The data collected cannot be viewed by us but can only be used for advertising purposes. Cookies are also set through the use of the Facebook pixel code.
By using the Facebook pixel, visits to these online services are communicated to Facebook so that users can see suitable ads on Facebook and partner services. If you have a Facebook account and are logged in, visit our online offerings will be associated with your Facebook user account.
To find out how Facebook pixel is used for advertising campaigns, visit https://www.facebook.com/business/learn/facebook-ads-pixel.
You can change your ad settings on Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen if you are logged in to Facebook. At https://www.youronlinechoices.com/de/praferenzmanagement/, you can manage your preferences for usage-based online advertising. You can deactivate or activate many providers at once or change the settings for individual providers.
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
For more information about Facebook's data policy, please visit https://www.facebook.com/policy.php.
Rights of data subjects
If the legal requirements are met, you have the following rights under Articles 15 to 22 DS-GMO: the right to information, correction, deletion, restriction of processing, data transfer ability.
In addition, under Article 14(2)(c) in conjunction with Article 21 DS-GMO, you have a right of objection to processing based on Article 6(1)(f) DS-GMO.
Right of appeal to the supervisory authority
Under Article 77 of the DS GMO, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful. The address of the supervisory authority responsible for our company is:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Cavalry route 2-4, 40213 Düsseldorf
Phone: 02 11/3 84 24 – 0, Fax: 02 11/3 84 24 - 10
Responsible in the sense of the Data Protection Act
Please direct any questions regarding the collection, processing or use of your personal data as well as information, correction, blocking or deletion of data to:
Vision Unltd. Creative Worx GmbH
data protection department
Neusser Str. 27 - 29
Fon: +49 (0)221 569 78 0
Fax: +49 (0)221 569 78 11