Data Protection Policy
Jakob Martens Studios (hereinafter: JMS) takes the protection of your personal information very seriously. We handle your personal information confidentially and consistent with the legal regulations of the relevant data protection laws, especially the EU General Data Protection Regulation (GDPR), as well as this data protection policy.
This data protection policy applies to the use of JMS’s digital services, including our social media profiles on PCs, smartphones, tablets, and all other internet-enabled mobile devices.
The digital services may contain links to other third-party service provider websites that are not covered by this data protection policy.
Note on the Data Controller - Who is Responsible for Data Collection?
The data controller responsible for processing your personal information is:
Jakob Martens Studios
represented by
Jakob Martens
Am Falm 302
27498 Helgoland
jakob@jakobmartens.de
If you have any questions about data protection with us, please write to us at the aforementioned postal address, with the addition of "Data Protection," or at the provided email address.
Purposes and Legal Basis of Data Processing - What Do We Use Your Data For?
In the following part, we will talk about the different ways of utilizing and handling data in order to improve the user experience and provide safety for personal information.
Data Processing for the Provision of Contractual Services
We process personal information to manage contractual relationships and to provide contractual offers tailored to your needs. This collection of data is specifically for entering into and/or executing a contract.
We particularly request the name and contact information of business partners' liaisons for the purpose of establishing and conducting the contractual relationship.
The basis for data processing is Art. 6 Para. 1 S. 1 lit. b GDPR, which allows for the processing of data for the completion of a contract or pre-contractual measures.
Data Processing for Communication with You
In addition to contract information, we process your communication data (name, address, telephone number, email address) to address your inquiries and/or to be able to reach out to you. Personal information that you provide to us via email will be processed solely for correspondence with you or only for the purpose you've provided the data to us.
The legal basis for this data processing is Art. 6 Para. 1 S. 1 lit. b GDPR, which allows for the processing of data to carry out a contract or pre-contractual measures.
Download of Press Materials
On our website, we offer press materials about our company and our works, available for download via a specific form. For this service, we require your full name, email address, and information regarding the editorial office for which you work. This information is necessary because free publication is only allowed within the context of an editorial piece about the digital service offerings of Jakob Martens Studios, relating to the content of this press release. We reserve the right to process your details to pursue our legal interests in the event of any violation.
We have a legitimate interest in the lawful usage of our press materials. The basis for this data processing is Art. 6 Para. 1 S. 1 lit. f GDPR, which permits the processing of data to protect the legitimate interests of the controller, assuming the interests or fundamental rights and freedoms of the data subject do not take precedence.
Cookies
We utilize so-called cookies on certain of our websites, primarily to provide you with site-specific services, recognize you on subsequent visits to our website, enhance your user experience, and/or tailor our offerings to your individual preferences.
Cookies are small text files stored on a visitor's computer, containing data about the user to facilitate access to various features. Our website uses both session cookies and persistent cookies. A session cookie is temporarily stored on your computer while you navigate the site and is deleted when you close your internet browser or after your session expires following a specific period. A persistent cookie remains on your computer until it is removed. Storing a cookie ensures that you don't have to repeatedly input your personal settings and preferences every time you visit our website, saving you time and making our website more user-friendly.
On some of our websites, we may collaborate with third-party entities, meaning cookies from partner companies (third-party cookies) could be stored on your hard drive when you visit such a site. Below, we inform you about the use of these cookies and the extent of data collection in each instance.
You have the option to delete permanently installed cookies through your browser settings. Most browsers automatically accept cookies, so if you wish to avoid the use of cookies, you might need to actively delete or block them or prevent cookie storage by adjusting your browser software. However, please be aware that if you choose not to accept cookies, you can still access our website, but some functionalities might not operate as originally intended.
The use of the aforementioned cookies is in the interest of ensuring a consistent presentation and operation of our websites. The data processing is based on Art. 6 Para. 1 S. 1 lit. f GDPR, allowing for the processing of data to protect the legitimate interests of the data controller, provided that the interests or fundamental rights and freedoms of the data subject do not take precedence.
Data Processing in the Context of Our LinkedIn Company Page
We operate a company page on the social network linkedin.com, provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"), and receive so-called Page Analytics from LinkedIn. For this operation of the LinkedIn company page, we are jointly responsible with LinkedIn pursuant to Art. 26 of the GDPR.
The type and scope of information processed or provided by LinkedIn, the associated purposes of LinkedIn's data processing, its legality, as well as information on the exercise of data subject rights, can be found in LinkedIn's privacy notices at the URL https://www.linkedin.com/legal/privacy-policy and the agreement on joint responsibility available at the URL https://legal.linkedin.com/pages-joint-controller-addendum. Page Analytics consists of aggregated data that allows us to understand how users interact with our pages. The generation and provision of these Page Analytics are within LinkedIn's area of responsibility, and we have no influence over them. LinkedIn assumes all obligations under the GDPR regarding the processing of Insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR, and Articles 32 to 34 GDPR).
The purpose of our processing of the data provided by LinkedIn lies in the statistical analysis of the usage of our company page. For example, we can determine preferred visiting and posting times and use this information for the optimization of our posts and our company page. Additionally, we process personal data made publicly available on LinkedIn (e.g., real names in the user profile) as well as data directly related to activities on our company page (e.g., posts, likes, tags) for communication purposes.
The basis for the aforementioned data processing is Art. 6 Para. 1 S. 1 lit. a GDPR. If consent has been given to LinkedIn, it can be withdrawn at any time with future effect. Similarly, if consent has been provided to us, it can also be withdrawn at any time with future effect. Otherwise, our basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail. Our interest lies in providing content and communication with LinkedIn users and in improving the reach and effectiveness of our posts.
Rights to access, correction, deletion, limitation of processing, and data portability of stored Insights data can be asserted against LinkedIn, as LinkedIn has assumed the relevant obligations:
LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Ireland
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Online Presence in Other Social Networks
We maintain online presences within various social networks to communicate with you, potential customers, and clients, and to inform them about our services and current offers. Besides our interaction with you, social networks process users' data for market research and advertising purposes. That is, a user profile may be created by the respective social network operator based on a visitor's behavior and the derived preferences and interests. Such user profiles may serve to display ads within the social network and possibly on other websites, which are presumably aligned with the user's interests. Cookies (refer to the section above) may be stored on visitors' devices, enabling the collection of data concerning user behavior. This data collection, particularly for logged-in members of the respective social network, may span across various browsers and/or devices used by a user. Even if a visitor does not hold an account with the respective social network, it cannot be excluded that personal data will be stored upon visiting the respective website.
Inquiries about the data stored through our online presence on social networks or the exercise of data subjects' rights can be addressed to the provider of the respective service (see below). Only the providers of the social networks have full access to the respective stored data and can provide appropriate information or take necessary actions. Concerning the purpose and scope of data processing by the social networks, we additionally refer to their respective privacy policies and contact information:
Instagram:Facebook Ireland Ltd.4 Grand Canal SquareDublin 2, IrelandPrivacy Policy: https://www.facebook.com/about/privacy/Contact: https://www.facebook.com/help/contact/540977946302970Opt-out: https://www.facebook.com/settings?tab=adsYouTube:[Note: The original text provided details for Tencent/WeChat instead of YouTube. Please provide the correct details for YouTube.]Tencent International Service Europe B.V.26.04 Amstelplein 541096 BC Amsterdam, The NetherlandsPrivacy Policy: https://www.wechat.com/de/privacy_policy.htmlOpt-out: [The opt-out link refers to Facebook, which appears to be misplaced. Please provide the correct opt-out link for Tencent/WeChat.]
The processing of data in connection with our online presence on social networks is based on our legitimate interest in effective information exchange and direct communication with potential customers and clients.
The legal basis for this data processing is Art. 6 para. 1 s. 1 lit. f GDPR, which allows data processing to safeguard the legitimate interests of the controller, provided these interests do not override the interests or fundamental rights and freedoms of the data subject.
Tracking with Matomo
On our website, we utilize the web analysis service Matomo to evaluate and analyze website usage. Information generated by Matomo about the use of respective internet pages is stored on our server. Matomo may collect data that provides insights into the frequently used functions of the website and potential areas of misunderstanding. This data includes:
Country, state, city
Time of the page access
Browser type, including version, language, and installed plugins
User's operating system
User's screen resolution
Anonymized IP address of the user (with the fourth octet replaced by a '0')
Time of the last visit
Date of the first visit
A randomly generated unique user ID
Loading time of the visited page
Number of actions per visit
Page title of the visited page
URL of the visited page
Duration of stay per visit
Functions utilized during the visit
This data forms the basis for statistics on user behavior, including overviews of devices and browsers used, and actions per visit (e.g., whether data exports were executed or meter readings were entered). Matomo maintains transparency about the data collected, and you can learn more about it on their official website at https://matomo.org/faq/general/faq_18254/.
IP addresses are anonymized before storage. However, we must explicitly state that despite the fully activated anonymization function, complete anonymization is not achieved, but rather pseudonymization. During its operation, Matomo generates an internal hash value calculated from various factors including the IP address, resolution, browser, plugins used, and operating system. Even with the anonymization function active, this heuristic internally utilizes the full IP address, meaning that, with some effort (excluding the IP address), recalculation to the other information can be performed with considerable accuracy.
If you disagree with the storage and use of your data, you can deactivate this function. If so, an opt-out cookie will be stored in your browser, preventing Matomo from storing usage data. Deleting your cookies also removes the Matomo opt-out cookie, necessitating reactivation upon your next visit to our site.
The data processing associated with the use of Matomo is in accordance with Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in analyzing general user behavior to optimize our website for end users' experiences.
Data Processing for Job Applications
We welcome job applications to our company through our website or the provided contact information. Should you share your personal data with us during the application process, either through these platforms or otherwise, we will process this data with the purpose of reviewing, handling, and responding to your application, as well as preparing for a potential employment relationship, if applicable.
The legal basis for this data processing is either Article 6, Paragraph 1, Clause 1(b) of the GDPR, in conjunction with Article 26, Paragraph 1 of the new BDSG (Federal Data Protection Act), which permits data processing for the purpose of making decisions regarding the initiation, establishment, and execution of employment relationships, or - in case you have provided consent - Article 6, Paragraph 1, Clause 1(a) of the GDPR.
You have the right to withdraw your consent at any time, affecting all future operations. This withdrawal does not affect the legality of processing carried out before the consent was withdrawn. To enact this withdrawal, a simple informal notification via email to us will suffice. The legal processing of the data that occurred before the revocation remains unaffected by this action.
Data Processing to Safeguard Legitimate Interests
We also process your data when necessary to protect our legitimate interests or those of third parties. This may include ensuring IT security and smooth IT operations, responding to support inquiries, establishing and verifying facts in legal disputes, and conducting statistical evaluations of our website usage.
The foundation for this data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest is grounded in the aforementioned data processing activities.
Data processing based on your consent
There may be instances where we seek your consent to process your personal data. In such cases, providing your consent and the associated data processing is entirely voluntary, and you will not experience any disadvantages if you choose not to consent.
The data processing in these instances is conducted based on your consent, in accordance with Art. 6 para. 1 s. 1 lit. a GDPR.You have the option to withdraw your consent at any time, effective for future processing. A simple notification via email to us is adequate for this purpose.
The legality of any data processing activities that have occurred prior to the withdrawal remains unaffected by the revocation.
Log Files
Every time our websites are accessed, usage data is transmitted by the respective internet browser and stored in log files, commonly referred to as server log files. The data records stored include the following information: type and version of the browser, operating system used, referrer URL, time of the server request, and truncated IP address.
This data cannot be attributed to specific individuals. This data will not be combined with other data sources. We reserve the right to review this data retrospectively if we receive credible evidence of unlawful use.
The data processing is grounded in Art. 6 para. 1 s. 1 lit. f GDPR, which allows for the processing of data to protect the legitimate interests of the data controller, as long as the interests or fundamental rights and freedoms of the data subject do not override these interests.
Data Processing for Compliance with Legal Obligations
We also process your data to comply with legal obligations, such as regulatory requirements, and commercial and tax record-keeping and documentation duties.
The basis for this data processing is Art. 6 para. 1 s. 1 lit. c GDPR, which allows for processing necessary to comply with a legal obligation.
Categories of Recipients of Personal Data
Your personal data will only be shared with third parties or otherwise transmitted if necessary for contract execution or billing, if you have previously consented, or if there is a legal basis for such disclosure.
As needed for contract fulfillment, data may be shared with partner companies tasked with assisting in contract execution. Our partners commit to adhere to data privacy laws and are prohibited from using the data for any purpose other than contract execution.
Service providers aiding us in delivering our services to you include sales and marketing partners, software (SaaS) providers, IT service providers, specifically those for software and hardware maintenance, hosting providers, and email service providers.
Duration of Data Storage
As a general rule, we delete your data as soon as it is no longer needed for the purposes mentioned above, unless temporary storage is still required.
We retain your data in accordance with legal documentation and storage obligations, which arise, among other sources, from the German Commercial Code and the German Tax Code, stipulating storage periods of up to ten full years.
Additionally, we retain your data for the duration in which claims can be made against our company (statutory limitation period of three or up to thirty years).
Data Security
We transmit your personal data securely through encryption, utilizing the SSL (Secure Socket Layer) coding system. An encrypted connection is indicated by the change in the browser's address line from "http://" to "https://," and by the presence of the lock symbol in your browser line.
In addition, we protect our websites and other systems with technical and organizational measures to prevent loss, destruction, unauthorized access, alteration, or distribution of your data by unauthorized individuals.
Rights of the Data Subject
Under the applicable legal provisions, you have the right to request, at any time and free of charge, information about your personal data stored by us, including its origin, recipients, and the purpose of the data processing. Additionally, you may have the right to correct, block, or delete this data, if applicable. For these inquiries, as well as for further questions regarding personal data, you can contact us at any time using the contact details provided in section 1.
You may also possess a right to restrict the processing of your data and a right to receive the data you've provided in a structured, commonly used, and machine-readable format. If you have granted us consent to process personal data for specific purposes, you can withdraw your consent at any time, effective for the future. If we process your data to safeguard legitimate interests, you may object to this processing due to reasons arising from your specific situation.
Additionally, you have the option to contact a data protection supervisory authority (right of appeal).
