preload

Data privacy

we protect your data

The protection of your privacy is extremely important to us. This data protection declaration provides information on how and for what purpose we process personal data and explains the rights to which you are entitled. We are aware of how important personal data is for our users and comply with all German and European data protection regulations.

1. contact & data protection officer

With regard to the General Data Protection Ordinance (DSGVO) is the responsible organization:

DR. HAFIZ & COLLEAGUES

MesseTurm 9 & 23th floor
60308 Frankfurt am Main
Germany

contact

Our data protection officer can be contacted at our e-mail or postal address with the addition “data protection”.

2. your rights

You have the following rights in relation to the personal data concerning you:

Right to information
Right to correction or deletion
Right to limit processing
Right to refuse processing Right to data transfer
You also have the right to complain to a data protection authority about our processing of your personal data.
3. processing by external service providers

In some cases we use external service providers to process your data. These are carefully selected and commissioned by us, they are bound by our instructions and are regularly checked.

4. collection of personal data when visiting our website

If you use the website for purely informative purposes, we only record the personal data that your browser transmits to our server if you do not make this data available to us in any other way, for example via our search function. If you would like to view our website, we collect the following data, which we need technically to show you our website and to ensure stability and security. The legal basis for the temporary storage of the data is Art. 6 para. 1 lit. f of the General Data Protection Regulation.

The IP address
Date and time of the request
Difference between time zone and Greenwich Mean Time (GMT)
Content of the application (specific website)
Access status / HTTP status code
Amount of data transferred in each case
Website from which the request comes
Browser
Operating system and its interface
Language and version of the browser software.
The data is stored in the log files of our system. This data can never be linked to other personal data of our users. The data is deleted as soon as it is no longer needed to achieve the purpose for which it was collected. If the data is stored in log files, this happens no more than seven days later.

It is possible to store the data longer. In this case the IP addresses of the users will be deleted or made anonymous so that they can no longer be associated with the visiting customer.

In addition, cookies are stored on your computer while you use our website. See below and section 5 in this context.

We collect anonymous data to identify and record errors and problems in our products and services. This data includes data related to program crashes. We use a variety of third party vendors to collect error logs. When you use our website, various personal data necessary for the operation of the website are stored on the technical infrastructure of the third party provider for a limited period of time in encrypted form.

5. cookies

Access to our cookie settings: Cookie settings

Cookies are small text files that are stored on your hard drive, assigned to the browser you are using, and through which the location that the cookie sets (here by us) collects certain information. Cookies cannot run programs or deliver viruses to your computer. They serve to make our offer more user-friendly and effective.

We use one or more persistent cookies to store the user’s settings and to make our website more user-friendly, to analyse user behaviour and, if necessary, to carry out web analyses (see below) or A/B tests (see below). The legal basis for the processing of personal data by means of cookies is Art. 6 para. 1 lit. f of the General Data Protection Regulation.

Persistent cookies are automatically deleted after a certain period of time, which can vary from cookie to cookie. You can delete the cookies in the security settings of your browser at any time. You can configure your browser as you wish and, for example, refuse to accept third-party cookies or all cookies. Cookies already stored can be deleted at any time. This can also be done automatically. Please note that if you disable cookies for our website, you may not be able to use all the features of this website to their full extent.

6. special forms of use of the HAFIZ GLOBAL website

a. Search

The HAFIZ GLOBAL search is a search that is supported by third-party providers. When a search is conducted with HAFIZ GLOBAL, the data is transferred to our partner Bing. Bing is operated by: Microsoft Ireland Operations Ltd, Carmanhall Road, Sandyford Industrial Estate, Dublin 18, Ireland (hereinafter referred to as: Bing). This is done to display search results and to prevent fraudulent activity. The following information is submitted to Bing when a search query is made: IP address, user agent string, search term, country and language settings, adult content filter settings, active search filter settings (e.g., filtering of search results by date).

HAFIZ GLOBAL also assigns a “Bing Client ID” to improve the quality of the search results. This value is a user-specific ID that allows Bing to deliver more relevant search results based on previous searches. The ID is stored in the HAFIZ GLOBAL cookie and will be retrieved on future visits. In both cases, the legal basis for processing this data is Art. 6 para. 1 p. 1 lit. f of the General Data Protection Regulation.

However, you have full control over the use of this “Customer ID”. If “Do not track” is activated in your browser, the customer ID is automatically deactivated and will not be saved or sent.

Microsoft/Bing is certified according to the US-EU Privacy Shield Agreement and is committed to comply with EU data protection regulations. For information on data protection at Bing, please visit: https://privacy.microsoft.com/privacystatement

b. Blog Features

We provide a blog in which we publish various articles on topics related to our activities in order to spread our website and its content on the Internet and to increase our traffic.

When you use our blog features, we collect and store personal information and usage data in order to fulfill the purpose described in g. Web Analytics to improve the service described under g. Web Analytics. The legal basis for this processing of your personal data is article 6 paragraph 1 letter f of the General Data Protection Regulation.

Embedding of contents

Blog posts may contain third-party embeddings, which in some cases may collect and store personal information. These “embeddings” are hosted by a third party and embedded in our blog. For example: YouTube videos, Facebook or Instagram posts and feeds, or Twitter tweets that appear within a blog post. These files send data to the hosting site as if you were visiting that site directly. For example, when you load a blog posting page with an embedded YouTube video, YouTube receives data about your activity. HAFIZ GLOBAL has no control over what information third parties will collect in such cases or what they will do with it. The use of personal information by providers of embedded content is not covered by this statement, but is governed by the privacy policies of those sites or services.

Notes

Public comments can be posted on our blog. Comments you make will be published with your username. We recommend using a pseudonym instead of your real name.

Our comment function uses the Disqus plugin, which is operated by Big Head Labs Inc. (in the future: “Disqus”), which is responsible for processing the comments. Disqus allows you to add a comment to our blog posts, which will be stored and displayed as long as the respective post is online on our website or until you delete the comment.

You can use the comment function both as a guest and as a registered Disqus user on all websites that use Disqus. You can also register through your accounts with the third party providers Facebook, Twitter and Google. If you register using the login data of a third party, this third party will also process your personal data; however, we do not have access to this information. The information collected by the comment function is made available to us via Disqus. The legal basis for this is Art. 6(1)(1)(f) of the GDPR.

The contact details of the responsible party are as follows Big Head Labs, Inc., San Francisco, USA. More detailed information about the processing of your data can be found in the provider’s privacy policy: http://help.disqus.com/customer/portal/articles/466259-privacy-policy.

c. Newsletter

You can subscribe to our newsletter, with which we inform you about our latest interesting offers. The advertised goods and services are specified in the declaration of consent. For the dispatch of our newsletter we use the newsletter dispatch platform “Mailchimp”. Mailchimp is operated by The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA.

We use the “Double-Opt-In” procedure to register for our newsletter. This means that after registering, you will receive an email to the email address provided, asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. The aim of this procedure is to provide proof of your registration and to clarify any possible misuse of your personal data.

The following data will be stored:

The e-mail address at which you would like to receive the newsletter.
The time and the IP address under which you registered, so that the misuse of the e-mail address of a person concerned can be subsequently traced.
Technical information that is important for the display (e.g. browser) as well as data to improve the service (e.g. time of access)
Data collected for statistical purposes, such as when you open the newsletter and click on links in the newsletter
We expressly do not pass on your e-mail address to third parties. Mailchimp is certified according to the US-EU data protection agreement “Privacy Shield” and is committed to comply with EU data protection regulations.

Your e-mail address will be stored as long as the subscription to the newsletter is active. All other data collected during your subscription is usually deleted within seven days.

You can unsubscribe from the newsletter at any time. This can be done via the link provided in each newsletter. Via this link you also have the possibility to revoke your consent to the storage of the personal data collected during registration.

We would also like to draw your attention to the reference possibilities when collecting data for advertising purposes on the websites http://www.aboutads.info/choices/ and http://www.youronlinechoices.com/ (for the European area).

d. Surveys

We use the “Typeform” platform for conducting our surveys. Surveys help us to better adapt our offer to your needs. The legal basis for this processing of your personal data is Art. 6 para. 1 lit. f of the General Data Protection Ordinance. Typeform is operated by TYPEFORM S.L. Carrer Bac de Roda, 163, 08018 Barcelona, Spain. If you participate in a survey, the following data will be processed:

Your answers
Data on your device, e.g. whether it is a smartphone or a desktop computer and which browser you use to view the web pages
IP address
If applicable, your e-mail address, if you provided it for the purpose of participating in the survey. At the same time, we use cookies to collect data for statistical purposes and to prevent abuse.
This data is stored for as long as it is needed to evaluate the survey, usually up to two years. After that they are deleted or made anonymous. The data collected in connection with surveys is not passed on to third parties.

e. Job applications

All data that you have provided for your application (name, e-mail address, telephone number, photo, resume, cover letter, etc.) as well as the associated communication between you and HAFIZ GLOBAL will be stored during the application process.

After your job application has been transferred via the input mask, you will receive a confirmation e-mail to the e-mail address you have entered, asking you to confirm your job application (double-out-in procedure). If you do not confirm your registration within 24 hours, your data will be blocked and automatically deleted after one month. The aim of this procedure is to provide proof of your registration and, if necessary, to remedy any possible misuse of your personal data.

The legal basis for the processing of data after confirmation of your registration is Art. 6 para. 1 lit. a of the General Data Protection Regulation. You can withdraw your application for employment at any time. A link to do so is included in the confirmation e-mail. In this case your data will be blocked and automatically deleted one month later.

In all cases, your documents will be deleted one month after the end of the application process at the latest.

f. Contact form and help pages

We use the “Zendesk” platform to process your requests. In the event of an inquiry, the data you provide will be stored and processed to answer your questions. At the same time we collect certain statistical information via cookies to improve the contact and inquiry function and to use your data to prevent possible misuse of this function. In this context, the data will not be passed on to third parties. The data collected in this context will be deleted after its storage is no longer required or is restricted if there are legal obligations to retain it.

The following parts of your data will be stored:

The e-mail address to which we should send the answer to your question.
The question itself as well as the associated correspondence and the times at which the messages were sent and received
Technical information on browser and operating system as well as the type of device used to ensure that the information is displayed correctly
Your IP address
At the same time, we use cookies to collect data for statistical purposes and to prevent misuse.
The processing of your personal data for the use of our inquiry and contact function is based on your consent.

Zendesk is headquartered in the USA and your data collected when using our inquiry and contact function will be sent there. Zendesk is certified under the US-EU Privacy Shield Agreement and is committed to complying with EU privacy regulations. https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG

g. Web Analytics

We use a secure and fully encrypted web analytics service that we operate ourselves to analyze and continuously improve the use of our website. Based on the statistics obtained, we can improve our offer and make it more interesting for you as a user. The legal basis for this processing of your personal data is Art. 6 para. 1 lit. f of the General Data Protection Regulation.

For this evaluation, cookies (see above) are stored on your computer and the following data is processed:

the IP address
The visited website
The website from which you accessed the visited website
The visited subpages following the visited website
Access status / HTTP status code
The duration of the visit of the website
The frequency of visits to the website
Your click behaviour on the website
This data is anonymized after a short time, usually after 7 days. The anonymized data is stored as long as it is necessary for the evaluation. The data will not be passed on to third parties.

If you do not wish to participate in the tracking, you can deactivate the collection of all usage data by activating the “Do not track” setting in your browser.

Use of Google Analytics

We use Google Analytics to analyze website usage. The resulting data is used to optimize our website and advertising measures.

Google Analytics is a web analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). Google processes the data for website use on our behalf and is contractually obliged to take measures to ensure the confidentiality of the processed data.

During your visit to our website, the following data, among others, is collected:

Pages called up
Orders incl. turnover and ordered products
the achievement of “website objectives” (e.g. contact requests and newsletter subscriptions)
Your behavior on the pages (e.g. clicks, scroll behavior and dwell time)
Your approximate location (country and city)
Your IP address (in abbreviated form, so that no clear assignment is possible)
Technical information such as browser, Internet provider, end device and screen resolution
Source of your visit (i.e. via which website or advertising medium you came to us)
This data is transferred to a Google server in the USA. Google complies with the data protection regulations of the “EU-US Privacy Shield” agreement.
Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID that allows you to be recognized on future visits to the website.

The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form for an unlimited period of time.

If you do not agree with the collection of this data, you can prevent this by installing the browser add-on to deactivate Google Analytics once.

h. A/B test

In addition, we conduct analyses of user behavior by means of “A/B testing”. Within this framework, we can show you our websites with slightly varying content, based on the fulfillment of a profile task. This enables us to analyze our offer, improve it continuously and make it more interesting for you as a user. The legal basis for this processing of your personal data is Art. 6 para. 1 lit. f of the General Data Protection Regulation.

For the purpose of allocation to a test group, cookies (see above) are stored on your computer. The allocation to the test groups is always random. For the evaluation we use the data collected by our web analysis service (see above). The information collected in this way is stored exclusively on our server in Germany.

Before the analyses are carried out, the IP addresses are further processed in abbreviated form so that it is not possible to trace them directly back to a specific person. The IP address transmitted by your browser is not merged with other data collected by us.

If you do not wish to participate in the tests, you can deactivate the collection of all usage data and the storage of the corresponding cookies by activating the “Do not track” setting in your browser.

i. Online Advertising

Advertising on HAFIZ GLOBAL

At HAFIZ GLOBAL, ads are displayed next to or above the search results. If you click on these ads, we receive a commission. This is in pursuit of our interest in generating income to cover our running costs and payments to tree planting projects. These ads are provided by advertising networks.

We work together with the advertising network Bing. When you search and simply display an ad, no data is sent to this advertising network (only to Bing, see above). Among other things, the following data is only transmitted to the advertising network when you click on an ad: the search term, your IP address, the location, date and time of the search query and the browser configuration.

HAFIZ GLOBAL also assigns a Bing “customer ID” to improve the quality of the ads. This value is a user-specific ID that is stored in the cookie of HAFIZ GLOBAL and will be retrieved on future visits.

This allows Bing to display more relevant ads from Bing or third parties in the Bing ad network, based in part on previous searches. The legal basis for data processing according to Art. 6 para. 1 p. 1 lit. f of the General Data Protection Regulation.

If “Do not track” is enabled in your browser, the client ID is automatically disabled and will not be saved or sent. In the search settings of HAFIZ GLOBAL, the Client ID and personalized advertisements can also be specifically deactivated.

For more details on the data processing of the Bing Ad Network, please visit: https://privacy.microsoft.com/privacystatement

Monitoring of the success of ads via HAFIZ GLOBAL on third-party platforms

We use various offers of the third-party providers Google, Facebook and Amazon to draw attention to us with the help of advertising on external websites. Based on the data from the advertising campaigns, we can determine how successful the individual advertising measures are. This enables us to track the interest in showing you advertising that is of interest to you, to make our website more interesting for you and to achieve a fair calculation of the advertising costs.

In some places, but never on search pages, HAFIZ GLOBAL allows third parties to set cookies to verify the success of HAFIZ GLOBAL advertising campaigns.

Due to the marketing tools used, your browser will automatically establish a direct connection to the third-party server. We have no influence on the scope and further use of the data collected by the third party provider. We therefore inform you to the best of our knowledge and belief: Through your participation, the third party provider receives the information that you have visited the corresponding website of our Internet presence or clicked on one of our advertisements.

If you have registered for a service of a third party provider, they can assign the visit to your account. Even if you are not registered or have not logged in, it is possible that the provider will find out and store your IP address and other identifying features.

The legal basis for this processing of your data is Art. 6 para. 1 letter f of the General Data Protection Regulation. You can prevent participation in this tracking procedure in various ways:

You can configure your browser as you wish and refuse to accept cookies from third parties or deactivate cookies in general.
By deactivating the provider’s interest-based ads, which are part of the self-regulation campaign “About ads”, via the link http://www.aboutads.info/choices
By disabling the “Facebook Custom Audiences” feature for users logged in at https://www.facebook.com/settings/?tab=ads#_
For more information about the privacy practices of the third parties we use to measure the success of our advertising efforts, please visit

Google: http://www.google.com/intl/policies/privacy and https://services.google.com/sitestats/de.html. Or visit the website of the Network Advertising Initiative (NAI) at: http://www.networkadvertising.org. Google has committed to maintaining the EU-US privacy shield. https://www.privacyshield.gov/EU-US-Framework
Facebook: https://www.facebook.com/about/privacy. Facebook is committed to maintaining the EU-US Privacy Shield.
Amazon: http://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401 and under: http://www.amazon.de/gp/BIT/InternetBasedAds. Amazon is committed to maintaining the EU-US Privacy Shield. https://www.privacyshield.gov/EU-US-Framework

We never integrate tracking scripts or pixels into HAFIZ GLOBAL search pages. Therefore, search data is never shared with third parties that are not directly related to the provision of the search service.

Use of Google Remarketing

We also use the remarketing function of Google. This allows us to display personalized advertising in appropriate advertising spaces on other websites based on the interests you show on our website. This possibility is limited to a maximum of 18 months.

Please see Google’s privacy policy for more information. You can disable interest-based advertising by installing this browser plugin.

7. refusal or revocation of the consent to the processing of your data

If you have given your consent to process your data, you can revoke it at any time. Such revocation will affect the permissibility of processing your personal data on the basis that you have informed us of this.

If we support the processing of your personal data, taking into account a balancing of interests in accordance with Art. 6 para. 1 lit. f of the General Data Protection Regulation, you may at any time object to the processing of data about you for reasons arising from your specific situation. In the event of a refusal, we will examine the matter and stop or adapt the data processing, unless we can provide compelling and legitimate reasons for processing that outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

Of course, you may at any time refuse to have your personal data processed for advertising purposes. No justification is required for this. This also applies to profiling if it is in connection with such direct advertising.

In order to assert a refusal or revocation of consent, please contact our data protection officer at privacy@hafiz.global

Version date of the privacy policy: 01/02/2020