Status: April 2024
This Data Protection Declaration informs you how personal data is collected, processed and used when visiting our website.
Provider of the OpenSynergy web site www.opensynergy.com is OpenSynergy GmbH, Rotherstraße 20, 10245 Berlin, Germany (hereinafter referred to as “OpenSynergy” or “we”). OpenSynergy is responsible according to EU General Data Protection Regulation (GDPR) for the collection, processing and use of personal data of website´s visitors (hereinafter “you”). If you have any questions or suggestions regarding data protection, please do not hesitate to contact us. You are welcome to address your data protection concerns to us by e-mail at datenschutz(at)opensynergy.com. In addition, you always have the possibility to contact our data protection officer by e-mail at the above stated address (keyword: “data protection officer”).
We expressly point out that when using this e-mail address, the contents are not exclusively taken note of by our data protection officer. If you wish to exchange confidential information, we therefore ask that you first contact us directly via this e-mail address.
Below you can find our complete contact details.
2.1. Visiting the site.
Visiting our website is generally possible without providing personal data. Personal data is only collected if necessary for technical reasons for the use of our website or if you use certain functions or services offered on our website, such as contact form or newsletter registration.
The following data is automatically collected each time you access our website:
Data processing of this information is necessary to enable you to visit the website and to ensure permanent operability, availability and security of our systems. For the purposes described above, access data is temporarily stored in internal log files in order to compile statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices used to access the pages increases) and for general administrative maintenance of our website.
Legal basis for this data processing is art. 6 para. 1 s. 1 lit. b GDPR, insofar as the visit of our website occurs in the course of the initiation or execution of a contract, and otherwise Art. 6 para. 1 lit. f DSGVO due to our legitimate interest in enabling the website visit as well as the permanent functionality and security of our website. Whereas the automatic transmission of the connection data and the log files developed from it do not constitute access to the information stored on the end device within the meaning of the implementation laws of the ePrivacy Directive of the EU member states, in Germany § 25 TTDSG. Otherwise, however, it would be absolutely necessary anyway.
The information stored in the log files do not allow any direct conclusion on your person – in particular, we only store IP addresses in truncated, anonymous form. Log files are stored for 7 days and archived after subsequent anonymization.
2.2. Newsletter.
You have the possibility to subscribe to our newsletter, which will inform you regularly about innovations regarding our technologies, products and solutions and their potential applications. When registering, we ask you to enter your name (optional) to be able to contact you and your e-mail address to be able to send you the newsletter. You also have the possibility to provide further information voluntarily.
We use the so-called double opt-in option. We will only send you information by e-mail if you confirm our notification sent to you by email by accepting a link that you are the owner of the email address provided. If you confirm your e-mail address, we will store your e-mail address, the time of registration and the IP address assigned during registration until you cancel the newsletter. We store this information for the sole purpose of sending you the newsletter and to approve your registration. You can unsubscribe from the newsletter at any time. A corresponding link can be found in every e-mail. A message to the contact details stated above or in individual e-mails (e.g. by e-mail or letter) is sufficient to unsubscribe. Legal basis for data processing is your consent in accordance with art. 6 para. 1 s. 1 lit. a GDPR. When unsubscribing from our newsletter list, we store a limited amount of your data for a period of 3 years in order to be able to prove that we have processed the data lawfully when a request of a data subject or authority arises.
We use your voluntarily provided data anonymously, i.e. without reference to your person, in order to statistically evaluate the sectors of our newsletter recipients. We are furthermore analyzing click and opening rates for the purpose of newsletter individualization and to further optimize the content and design of our newsletter.
The legal basis for this data processing is art. 6 para. 1 s.1 lit. a GDPR, based on your consent given when you sign up for our newsletter. The information in the end device is then accessed based on the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 para. 1 TTDSG. You can revoke your consent to the analysis of user behavior at any time with effect for the future by unsubscribing from the newsletter. You can also prevent the measurement of the opening of an e-mail by deactivating graphics or the output of HTML content in your e-mail program by default.
We store anonymized analysis data for 15 months.
2.3. Contact form.
We offer you the opportunity to send us messages directly via a contact form. Hereby it is necessary to enter an e-mail address where we can contact you. We also ask for your name to be able to contact you. We process the data you provide in the contact form to answer your request. To properly process your inquiry, we may transfer data provided in the contact form to one of the regional sister companies or sales partners mentioned on the contact page, in case the sales company responsible for your region or the subject mentioned in the inquiry can answer your inquiry more appropriately. Legal basis of data processing is art. 6 para. 1 s. 1 lit. b GDPR, insofar as your information is required to answer your enquiry or to initiate or execute a contract, and otherwise art. 6 para. 1 lit. f GDPR based on our legitimate interest to provide an answer to your inquiry. Data collected when using the contact form will be automatically deleted after processing your inquiry, unless we still need your request to fulfil contractual or legal obligations.
2.4. Application via the online form.
You can apply for open vacancies by using our online form. The purpose of data processing is to select applicants for possible employment. We collect the following data for reception and processing of your application: First and last name, telephone number, job title, e-mail address, application documents (e.g. certificates, curriculum vitae, cover letter). Legal basis for processing of your application documents is art. 6 para. 1 s. 1 lit. b GDPR.
We store your personal data upon receipt of your application. If we accept your application and an employment relationship is established, we will store your data for as long as necessary for the employment relationship and as legal regulations provide obligation for retention. If we reject your application, we store your applicant data for a maximum of six months after rejection of your application, unless you grant us consent to store the data for a longer period. If you have given us your separate consent, we will store the data you have submitted in your application in our applicant pool for additional twelve months after the end of the application process to identify any other vacancies of interest to you and to contact you again if necessary. The data will be deleted after this period. You can revoke this consent for the future at any time by sending us an e-mail to jobs(at)opensynergy.com.
We use the technical support of the Software of Personio for our application process. Personio is provided to us by Personio GmbH. The data you submitted will be processed by Personio on our behalf for the purpose of carrying out and processing the application process. We have concluded a Data Processing Agreement with Personio GmbH according to the requirements of art. 28 para. 3 GDPR.
2.5. Download whitepaper.
We offer you the opportunity to receive further technical documentation on our products in return for your consent to the processing of your contact data (e-mail address, name, information about your company) for advertising purposes (information about our products and solutions) by mail, telephone or e-mail. The legal basis for the processing is Art. 6 para. 1 lit. b GDPR, as you enter into a contractual relationship with us through your request and provision of your data.
Please note that the requested white paper will be provided after the double opt-in procedure (confirmation of your e-mail address) has been completed.
2.6 Trial version.
We offer you the opportunity to register on our website for receiving a trial version license for our products in return for your consent to the processing of your contact data (e-mail address, name, information about your company) for advertising purposes (information about our products and solutions) by mail, telephone or e-mail. The legal basis for the processing is Art. 6 para. 1 lit. b GDPR, as you enter into a contractual relationship with us through your request and provision of your data.
Please note that the requested trial version license for our products will be provided after the double opt-in procedure (confirmation of your e-mail address) has been completed.
3.1 General use of cookies.
When you visit and use our website, different cookies are installed. Cookies are small text files that are stored in the memory of your web browser and contain information that enable web servers to recognize you when you visit our website later. Cookies cannot execute programs or transfer viruses to your computer. The main purpose of our own cookies is rather to make the use of our services technically as time-saving and user-friendly as possible.
We use tools necessary for website operation on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to provide the basic functions of our website. In certain cases, these tools may also be necessary for the performance of a contract or for the implementation of pre-contractual measures, in which case the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR. Access to and storage of information in the end device is absolutely necessary in these cases and is carried out on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 para. 2 TTDSG.
A deactivation of essential cookies is not offered.
We use our own cookies in particular
We aim to make your use of our website more convenient and individual.
You can prevent the storage of cookies on your terminal device at any time by changing the settings of your browser. However, we would like to point out that you cannot access all functions of this website without restrictions.
We use different types of cookies: So called: “Session cookies” contain an identification in the form of a so-called session ID and are automatically deleted when you close the browser. The session ID can be used to assign various requests from your browser to the shared session. The session cookies are deleted when you log out or if close the browser.
Permanent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. However, you can also delete the cookies prematurely at any time in the security settings of your browser:
Please note: You have to copy the link in the respective browser and there are several more browsers available, so we only want to give you some examples.
In individual cases not-accepting of cookies, may lead to considerable functional restrictions of our website.
3.2 Essential Cookies.
Essential cookies enable basic functions and are necessary for the proper function of the website.
3.2.1 Borlabs Cookie.
Our website uses the WordPress plugin “Borlabs Cookie” to record and manage consents and any revocations. When you make a decision in the consent banner, a cookie is set (“borlabs-cookie” (182days)) that records your consent or rejection.
Data processing is necessary in order to provide you with the legally required consent management and to comply with our documentation obligations. The legal basis is Art. 6 para. 1 lit. c GDPR, justified by our interest in fulfilling the legal requirements for consent management. The access to and storage of information in the terminal device is necessary in these cases and is carried out on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 para. 2 TTDSG.
If you delete your cookies, we will ask you for your consent again when you access the page later.
3.3 Statistic/analysis cookies.
Other cookies are used to analyze the use of our website for statistical purposes. They let us know, for example, which content on our website is particularly relevant and what type of terminal equipment was used to visit the website. As a result, we are enabled to make our offer more interesting and, if necessary, more user-friendly for our users. Information on browsers and used end devices enable us to adapt the design of our website to the most important browser types. We only use these analysis cookies if you grant your consent via our cookie banner. The legal basis for the analysis tools is your consent in accordance with Art. 6 para. 1 lit. a GDPR. Access to and storage of information in the end device then takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 para. 1 TTDSG. You can revoke your consent by opening Cookie Settings and changing the corresponding selection.
If you have consented to the use of the analysis tools, you can revoke your consent via our Cookie Settings by changing the corresponding selection at any time.
3.3.1 Matomo Tag Manager.
This website uses the open-source web analysis service Matomo.
Through Matomo, we are able to collect and analyze data on the use of our website by website visitors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we collect various log files (e.g. IP address, referrer, browser, and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The following data could be stored in the user log together with a pseudonymized user ID:
Legal basis for data processing is art. 6 para. 1 lit. a GDPR, based on your consent, which you have provided via our cookie banner and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. If you have not consented to the use of analytics cookies, your data will not be collected by OpenSynergy or Matomo. This consent can be revoked via our Cookie Settings by changing the corresponding selection at any time.
IP anonymization. For analysis with Matomo we use IP anonymization. Your IP address is shortened before the analysis, so that it is no longer clearly assignable to you.
Hosting. We use the Matomo Cloud. The Matomo Cloud is hosted with the following provider: InnoCraft Ltd, 7 Waterloo Quay, PO Box 625, 6140 Wellington, New Zealand
Data processing. We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
3.4 External media.
Our website may contain links to the websites and online offers of other providers not affiliated with us. If you use these links, we naturally have no influence on which data is collected by respective providers and which data is collected by them. You will find detailed information on the collection and use of data in the privacy policy of the respective provider. Since the collection and processing of data by third parties is beyond our control, we do not accept any responsibility for this. Legal basis for data processing in connection with the external cookies is your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent by opening Cookie Settings and changing the corresponding selection.
3.4.1 Google Maps.
On our contact page we use the map service Google Maps, which is provided for persons from the European Economic Area and Switzerland by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and for all other persons by Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (together “Google”).
In order for the Google map material used by us to be integrated and displayed in your web browser, your web browser must establish a connection to a Google server, which may also be located in the USA, when you access our website. In addition, JavaScript is used by Google Maps for the functionality of the map service, which accesses information on your end device.
The legal basis for this data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. The access to and storage of information in the end device then takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 para. 1 TTDSG.
Your personal data may also be transferred by Google Ireland Limited to Google LLC in the USA. Google LLC has joined the EU-US Data Privacy Framework, which is why the transfer in this case is based on the adequacy decision for the USA in accordance with Art. 45 GDPR.
By integrating the map material, Google receives the information that a page of our website has been accessed from the IP address of your device. If you access the Google map service on our website while you are logged into your Google profile, Google can also link this event to your Google profile. If you do not wish to be associated with your Google profile, you must log out of Google before accessing our contact page. Google also uses your data for the purposes of advertising, market research and personalized presentation of Google Maps.
For more information, please see the Privacy Policy of Google and the Additional Terms of Use for Google Maps/Google Earth.
3.4.2 Integration of Vimeo videos.
We have integrated videos on our website that are stored on the Vimeo video platform and can be viewed directly from our website. Vimeo is a multimedia service of Vimeo Inc. 555 West 18th Street, New York 10011, USA (“Vimeo”). For this purpose, Vimeo uses JavaScript, which retrieves information from your end device, and uses cookies, which are stored on your end device.
By visiting our website, Vimeo receives the information that you have accessed the corresponding subpage. That may happen regardless of whether you are logged in to Vimeo or not.
Vimeo sets the following cookies:
– “__cf_bm” (30 minutes): Fraud prevention, bot detection;
– “vuid” (2 years): Storage of the history of videos watched, usage analysis.
Legal basis for integration is your consent which you may have given for data processing pursuant to art. 6 para. 1 s. 1 lit a DSGVO. The access to and storage of information in the terminal device is carried out based on the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 para. 1 TTDSG. Without your consent, there is no connection to the Vimeo servers. You can revoke your consent at any time or adjust your selection in our Cookie Settings. Please refer to the section “Data transfer to third countries” of this Privacy Policy, for the risks associated with data transfer to third countries.
Vimeo may use this data for purposes of advertising, market research, and the design of its websites to meet your needs. If you watch videos on our website while you are logged in to your Vimeo profile, Vimeo can also link this event to your Vimeo profile. If you do not want this association to occur, you will need to log out of Vimeo before accessing our website. For more information, please refer to the Vimeo privacy policy.
We maintain various online presences in social networks in order to communicate with interested parties and to inform them about our products and services
User data is generally processed by the social networks concerned for market research and advertising purposes. This allows user profiles to be created based on the interests of the users. Cookies and other identifiers are stored on the computers of the data subjects for this purpose. Based on these user profiles, advertisements are then placed within the social networks and on third-party websites, for example.
As part of the operation of our online presences, we may have access to information such as statistics on the use of our online presences provided by the social networks. These statistics are aggregated – meaning that this information cannot be related to individuals – and may contain, in particular, demographic information (e.g. age, gender, region, country) as well as data on interaction with our online presence (e.g. likes, subscriptions, sharing, viewing images and videos) and the posts and content distributed via it. This may also provide information about the interests of users and which content and topics are particularly relevant to them. This information can also be used by us to adapt the design and our activities and content on the online presence and to optimize it for our audience.
If you have an account with the social network, it is possible that we can see your publicly available information and media when we access your profile. In addition, the social network may allow us to contact you. This can take place, for example, via direct messages or posted contributions. The content of communication via the social network and the processing of content data is the responsibility of the social network as a messenger and platform service.
As soon as we transfer personal data from you to our own systems or process it further (by way of an application, for example), we are independently responsible and this is done to carry out pre-contractual measures and to fulfill a contract in accordance with Art. 6 Para. 1 lit. b GDPR.
The legal basis for the data processing carried out by the social networks on their own responsibility can be found in the data protection information of the respective social network. The links below will also provide you with further information on the respective data processing and the options to object:
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland (“Linkedin”)
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Irland(“X”)
YouTube is a service offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“YouTube”)
A transfer of the data collected by us will only occur if:
Parts of data processing described in this data protection declaration may be carried out by our service providers. In addition to service providers mentioned in this data protection declaration, in particular computer centers that store our website and databases, IT service providers maintaining our systems, and consulting companies. If we transfer data to our service providers, they use the data exclusively for the fulfilment of their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have suitable technical and organizational measures in place to protect the rights of persons concerned, guarantee an appropriate level of data protection and are carefully monitored by us. In addition, data may be transferred in connection with official inquiries, court orders and legal proceedings if necessary for legal prosecution or enforcement.
As explained in this privacy policy, we use services whose providers are partly located in so-called third-party countries, i.e. countries whose level of data protection does not correspond to that of the European Union. Where this is the case and the European Commission has not issued an adequacy decision (art. 45 GDPR) for these countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union or binding internal data protection regulations.
Where this is not possible, we base the transfer of data on exceptions to art. 49 DSGVO, in particular your express consent or the necessity of the transfer for the performance of the contract. If a third country transfer is provided and no adequacy decision or appropriate safeguards are in place, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) may gain access to the transferred data in order to collect and analyze it and that enforceability of your data subject rights cannot be guaranteed. When obtaining your consent via the consent banner, you will also be informed of this.
You have the right to request information about the processing of your personal data by us at any time. In the course of providing you with this information, we will explain the data processing to you and provide you with an overview of personal data stored about your person.
If data stored with us is incorrect or no longer current, you have the right to have this data corrected. You can also request the deletion of your data. If, in exceptional cases, deletion is not possible due to other legal regulations, the data will be blocked so that it is only available for that legal purpose.
You can also have the processing of your data being restricted, e.g. if you believe that the data we have stored is incorrect. You also have the right to data transferability, i.e. that we send you a digital copy of the personal data you have provided us with on request.
Right of withdrawal and right of objection.
According to art. 7 para. 2 GDPR, you have the right to revoke a consent once granted to us at any time. As a result, we will no longer continue to process data based on this consent with effect for the future. The revocation of consent does not affect the legality of the processing that took place on the basis of the consent until the revocation.
In case we process your data on the basis of legitimate interests pursuant to art. 6 para. 1 lit. f GDPR, you have the right – pursuant to art. 21 GDPR – to object to the processing of your data and to provide us reasons arising from your particular situation which, in your opinion, indicate that your interests worthy of protection prevail. You have a general right of objection without providing reasons to data processing for direct marketing purposes. If you wish to exercise your right of revocation or objection, it is also sufficient to send an informal message to the contact details given above.
In order to assert your rights as described, you can contact us at any time by using the contact details provided in section 1. This also applies if you would like to receive copies of guarantees to demonstrate an adequate level of data protection.
Furthermore, you have the right to object to data processing based on art. 6 para. 1 s.1 lit. e or f GDPR.
Finally, you have the right to lodge a complaint to the data protection supervisory authority responsible for us. You can assert this right with a supervisory authority in the Member State in which you are resident, your place of work or the place of the suspected infringement. In Berlin the competent supervisory authority is: Berlin Commissioner for Privacy and Freedom of Information, Friedrichstr. 219, 10969 Berlin