Privacy Statement

The following data protection information is intended to give you an overview of what happens to your personal data (hereinafter also referred to as “data”) in our company and to inform you of the data protection claims and rights to which you are entitled in line with the European General Data Protection Regulation (“GDPR”) and national data protection legislation, for example the German Federal Data Protection Act (Bundesdatenschutzgesetz “BDSG”). We therefore ask you to take note of this Privacy Policy and if necessary, to print it out or save it. Personal data is all data with which you can be personally identified. Your personal data may be processed for various purposes. Essentially, skalex GmbH (hereinafter also referred to as “skalex” or “We”) can divide the data processing operations into the following areas of application: – In connection with the website https://www.skalex.io and other internet presences of which we link to this Privacy Policy (hereinafter referred to as “Website”), we process visitor data exchanged between their internet-enabled-devices and the server operated by us, as well as data communicated to us in connection with the use of the Website. For details, please refer to Part B. – For the purpose of processing or initiating contracts, we process the necessary data of our customers and interested parties. You will find more information on this under Part C. – Our business partners’ and suppliers’ data are used exclusively for the direct placing, processing and execution of orders. You will find more information on this under Part C. Please visit each section for quick and contextual information on specific processing situations. General information on data protection, data processing procedures and data subject rights, which applies to all data processing procedures carried out for us, can be found in Part A below. A.  General information on data protection and data subject rights I. Who is responsible for data processing and who can you contact if you have any questions? “Controller” according to the GDPR and other national data protection laws of the member states as well as other provisions of data protection law are: skalex GmbH Riegeläckerstraße 48 71229 Leonberg E-Mail: info@skalex.io II. What rights do you have with regard to your personal data? If your personal data is processed, you are the “data subject” as defined by the GDPR, which means that you may be entitled to the rights described below, please contact skalex. If you assert any rights against skalex as the responsible party, we recommend that you direct them our contact address that can be found in the legal & contact details.

1.   Right of access

In accordance with Art. 15 GDPR, you can request confirmation from us as to whether personal data relating to you is being processed by us and to what extent we are processing your data.

2.   Right to rectification

If personal data concerning you is incorrect or incomplete, you have a right to correction and/or completion pursuant to Art. 16 GDPR.

3.   Right to erasure

If the legal requirements of Art. 17 GDPR are met, you can demand that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent an immediate erasure, e.g. in the case of legally regulated storage obligations. Irrespective of the exercise of your right to erasure, we will immediately and completely erase your data in order to fulfil our statutory obligations to erase after the processing purpose has ceased to apply, provided there is no legal or statutory retention period to the contrary.

4.   The right to restriction of processing

In the cases specified in Art. 18 GDPR, you may request us to restrict the processing of your data. If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a member state.

5.   Right to data portability

Pursuant to Art. 20 GDPR, you have the right to have data provided by you, which we process automatically on the basis of your consent or in fulfilment of a contract, transferred to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible. The right to data transfer does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority assigned to the person responsible.

6.   Right to object

If we process your data on the basis of a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you may object to this data processing at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions (see Art. 21 GDPR). If you file an objection, we will no longer process your personal data concerned unless we can prove compelling legitimate grounds for the processing which override your interests as a data subject or for the establishment, exercise or defence of legal claims. Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes; this also applies to profiling insofar as it is connected with such direct advertising. If you object, your personal data will no longer be used for direct marketing purposes. You can object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

7.   Right to withdraw consent under data protection law

Some data processing operations are only possible with your express consent pursuant to Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Please note that even after withdrawing your consent, it may still be possible to process the data concerned in whole or in part on the basis of other legal principles.

8.   Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes upon GDPR (Art. 77 GDPR in conjunction with § 19 BDSG). A list of data protection authorities in Germany and their contact details can be found at the following link: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html. If you are of the opinion that we violate German or European data protection law when processing your data, please contact us in order to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for our company headquarters: Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) Promenade 27 91522 Ansbach Telefon: +49 (0) 981 53 1300 E-Mail: poststelle@lda.bayern.de III. Which personal data are processed and from which sources?

1.   The origin of the personal data

We mainly process the data that we receive directly from the data subjects as part of a business relationship (see also Part C). In individual cases, we also process data that we have received or acquired from other third parties such as credit agencies, creditor protection associations or authorities, or that we have obtained, received or acquired from publicly accessible sources (e.g. telephone directories, company registers, press, Internet or other media). Via our Website, we process data that we receive during your visit to the Website or that you actively communicate to us when using the Website, e.g. when using our contact form. Other data is automatically collected by our IT systems when you visit the Website. These are mainly technical data (e.g. Internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter our Website. Details can be found under Part B.

2.   Categories of personal data

Among the personal data that we regularly process are personal master/contact data such as: First and last name, address, e-mail address, telephone number, fax, position in the company. In addition, we also process the following additional personal data depending on the order/service: – information on the type and content of our business relationship such as contract data, order data, sales and document data, customer and supplier history, consulting documents. – information on financial status (for example, creditworthiness data) – advertising and sales data, – documentation data (e.g. consultation protocols, data from service meetings or support cases) – information from your electronic dealings with us (e.g. IP address, log-in data), – other data that we have received from you in the context of our business relationship (e.g. in discussions with customers), – the documentation of declarations of consent lV.   For which purposes and on what legal basis are data processed? We process your data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) as amended, in particular on the following basis:

1.   Fulfilment of (pre-)contractual obligations (Art. 6 para. 1 lit. b GDPR)

Personal data is processed on the basis of Art. 6 para. 1 lit. b GDPR in order to fulfil skalex’s contractual obligations, in particular in connection with the sale and distribution of our goods and services as well as all activities customary in the industry for the operation or administration of skalex (e.g. customer administration). The data may also be processed on a pre-contractual level as part of initiating business with skalex or in the course of other contractual relationships with skalex. Art. 6 para. 1 lit. b GDPR, for example, is the legal basis in the following cases: – creating and maintaining a customer account or a supplier account – keeping customer/prospect files or our customer/prospect database – sending information – offering and selling skalex Software products – offering and implementing our services (e.g. training, consulting and support services) Details for the purpose of these data processing activities can be found in the respective contract documents and terms and conditions.

2.   Safeguarding legitimate interests (Art. 6 para. 1 lit.f GDPR)

On the basis of a weighing of interests, data processing may take place beyond the actual fulfilment of a contract in order to safeguard the legitimate interests of skalex or third parties. That is permissible except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Data processing to safeguard legitimate interests is carried out in the following cases, for example: – measures for business management and further development of our services – maintaining databases on customers/prospects and service providers to improve our offering – consultation of and data exchange with credit bureaus and creditor protection associations to determine creditworthiness data and maintenance of a group-wide creditworthiness database to identify financial default risks in specific business transactions – execution of payment transactions via external service providers – use of debt collection service providers and lawyers to collect receivables and/or enforce them in court – assertion of other legal claims and defence in legal disputes – advertising or marketing – market and opinion surveys – image and sound recordings at public events (e.g. trade fairs, open days, workshops, industry events) – carrying out a risk assessment (due diligence) in the context of any company restructuring or a company acquisition or sale – ensuring the IT security and IT operations of our company – measures for building and plant safety

3.   Fulfilment of legal obligations (Art. 6 para. 1 lit.c GDPR)

The processing of your data may be necessary in part for the purpose of fulfilling various legal obligations and requirements to which we are subject, e.g. from the German Commercial Code (Handelsgesetzbuch “HGB”) or the German Tax Code (Abgabenordnung “AO”).

4.   Consent (Art. 6 para. 1 lit.a GDPR)

If, in individual cases, you have given us your consent to process your data, it will be processed in accordance with the purposes and to the extent agreed in the declaration of consent. Consent given, e.g. for sending a newsletter, can be revoked at any time with effect for the future. For this purpose, please contact the contact data listed under Part A. I. or Part A II. Please note that processing which took place before the withdrawal is not affected by the withdrawal and under certain circumstances data processing may continue to be possible at least partially on the grounds of some other legal basis. For this we use your data for the following purposes: – quality assurance: In order to continuously improve our services, our products and our services for you, we conduct surveys to your satisfaction, as well as your experiences from your contractual relationship. – general and personalised advertising by e-mail, fax or telephone.

1.   Who receives my data?

At skalex, those employees or organizational units who need your data to fulfil our contractual and legal obligations or to process or pursue our legitimate interests receive it. Your data will be forwarded to companies for the initiation or execution of a contractual relationship (e.g. provision of a service or sale of goods) in accordance with Art. 6 para. 1 lit. b GDPR or – depending on the type of concrete contractual relationship – and on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR, in particular to companies which we regularly use in connection with the provision of our service or the execution of the contract. This applies to the following recipients or recipient categories: – IT service providers (e.g. e-mail service providers, web hosting companies) – partner companies or freelancers – sales partners – advertising partners – insurances – banks – communication provider (telephone provider, fax provider) – payment service providers – tax and legal advisors If we use a service provider or any other third party for the provision of services within the meaning of Art. 28 GDPR, we shall nevertheless remain responsible for the protection of your data. Insofar as required by law, such processors are contractually obliged by means of an order processing agreement to treat your data confidentially and to process it only within the scope of providing the service. The processors commissioned by us will receive your data insofar as they require the data to perform their respective services. Your data will only be transferred to state institutions and authorities or collected for this purpose within the framework of mandatory national legal provisions or if you have allowed us to do so. Vl.   How long will my data be stored? Your personal data will only be used for the purpose for which you provided it to us or for which you gave us your consent and will be stored until this specific purpose has been fulfilled. After complete processing of the purpose, or as soon as you request us to delete your data, your data will only be stored as long as it is necessary due to statutory limitation periods or retention periods (in particular tax and commercial law nature). However, the data will be deleted at the latest after expiry of all time limits unless you have expressly consented to further or other use. You can also assert rights during the retention periods, such as blocking your data. See Part A. II. Your data will be erased or blocked by us as soon as the purpose of storage no longer applies or you request us to erase it. We process and in particular store your data in principle at most only until the termination of the business relationship or until the expiry of the applicable guarantee, warranty and limitation periods. For example, the statute of limitations according to §§ 195 ff. of the German Civil Code (BGB) is generally three years, but in certain cases also up to thirty years. In addition, it may be necessary for data to be retained until the legally binding termination of any legal disputes for which the data is required as evidence. We are also subject to statutory documentation and storage periods (e.g. from the German Commercial Code (Handelsgesetzbuch, “HGB”) (e.g. § 257 HGB), the German Money Laundering Act or the German Tax Code (Abgabenordnung “AO”) (e.g. § 147 AO)). The time limits specified there for storage or documentation are two to ten years. For example, even after termination of a contract with you, we would be required to store your data for a period of time until the completion of the tax audit of the last calendar year in which you were our customer. Vll.   Will personal data be transferred to a third country? As part of our processing activities, in certain business transactions or areas of activity, personal data may also be transferred to locations in so-called third countries outside the EU or the EEA to which the EU Commission has not yet attested an adequate level of data protection. Also the USA is considered by the European Court of Justice to be a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without the possibility of legal recourse. If such data transfer should become necessary in individual cases, this will only be done on the basis of an adequacy decision of the European Commission, standard contractual clauses, suitable guarantees for compliance with data protection or your express consent. By accepting Cookies of US Services Providers like Google, Facebook, LinkedIn, Twitter or YouTube, by clicking on the Button “Accept all” when entering our Website, you also agree in accordance with Art. 49 Paragraph 1 S. 1 lit. a DSGVO that your data may be processed in the USA, as mentioned above. If you click on “Accept only essential cookies”, the transfer described above will not take place. B. Use of our Website In principle, you can visit our Website and use it for information purposes without having to provide any personal details (e.g. register, place orders or otherwise provide information about yourself). In this case, we process personal data of our users only to the extent necessary to provide a functional Website and our content and services or to the extent that cookies used on the Website provide us with personal information when visiting the Website. For information on our own cookies used by us, please refer to Part B. II. Other cookies enable our partner companies or third parties to recognise your browser on your next visit, if applicable. For information on such third party cookies, please refer to Part B. III. In addition, the processing of personal data of our users is carried out regularly only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by statutory provisions. I. Provision of the Website and creation of log files

1.   Description of data processing

Each time you access our Website, our system automatically collects data and information from the computer system of the accessing computer, which your Internet browser automatically transmits to us or our web host (so-called log files). These server logfiles contain IP addresses or other data that enable an assignment to a user. This could be the case, for example, if the link to the Website from which the user accesses the Website or the link to the Website to which the user switches contains personal data. The following information is collected: – information about the browser type and version used – the user’s operating system – the Internet service provider of the user – the IP address of the user – date and time of access – Websites from which the user’s system accesses our Website – Websites accessed by the user’s system through our Website These data are not stored together with other personal data of the user.

2.   Legal basis and purpose of data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR. The temporary storage of the IP address by the system is necessary to enable delivery of the Website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. The data is stored in log files in order to ensure the functionality of the Website. The data is also used to optimise the Website and to ensure the security of our information technology systems.

3.   Duration of storage / right of objection and erasure

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the purpose of providing the Website, this is the case when the session in question has ended. When data is stored in log files, this is the case after hours at the latest. Storage going beyond this is possible, provided the IP addresses of the users will be erased or alienated so that an assignment of the accessing client is no longer possible. The collection of data for the provision of the Website and the storage of data in log files is mandatory for the operation of the Website. Consequently, there is no possibility for the user to object. II. Use of cookies

1.   Description of data processing

Our Website uses cookies or similar methods and collects, processes and uses usage data (e.g. access times, visited websites) or meta and communication data (IP address, device information). Cookies are text files with a characteristic string of characters that are stored in the Internet browser or by the Internet browser on the user’s computer system and which enable the browser to be uniquely identified when the offer is called up again. If a user calls up a Website, a cookie can be stored on the user’s operating system. A cookie contains a characteristic string of characters. The use of these cookies serves to make a website more user-friendly, effective and secure. When you visit a website on which a cookie is embedded, the data you enter is stored exclusively in the cookie on your computer. In this case, data will only be transmitted to the servers of our offer when a page request is made. Some cookies are deleted after the end of the browser session when your browser is closed (so-called session cookies). These cookies are technically necessary, e.g. so that you can log in to the application and also remain logged in across pages during your visit to our Website. Other cookies remain on your end device for a specified period of time and enable us to recognize your browser during your next visit (so-called persistent or protocol cookies). The purpose of using these cookies is to provide you with optimal user guidance, to “recognize” you and to present you with as varied a Website and new content as possible when you repeatedly use it. Cookies from partner companies or third parties may be used, for example, to collect information for advertising, custom content or statistics (“Third Party Cookies”). Unless we identify cookies as originating from third parties, the cookies originate from our offering (“First Party Cookies”). We will inform you separately about third party cookies or tracking technologies that we use in the following sections of our Privacy Policy. Flash cookies are stored on your computer as data elements of web pages when they are operated with Adobe Flash. Flash cookies have no time limit. We use the Cookie Consent Management Tool from Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, acting under the firm name „Borblabs“ (“Borlabs”). Borlabs stores the chosen preference and consent you have given when you entered the Website. For this purpose Borlabs stores two technically necessary cookies (“borlabsCookie” and “borlabsCookieUnblockContent”). If you wish to revoke these consents, simply delete the cookie from your browser, or press the Button beneath to change your cookie preferences. If you re-enter/reload the website, you will be asked again for your cookie consent. Change Cookie Preferences For more information on which cookies we use to make our Website more user-friendly, their purpose and what data is stored in them or transmitted to third party, please enter the detailed cookie information included in Borlabs.

2.   Legal basis and purpose of data processing

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality and security of the Website and a customer-friendly and effective design of the site visit, unless we ask you for consent under Art. 6 para. 1 lit. a GDPR. The purpose of using technically necessary cookies is to simplify the use of Websites for users. Some functions of our Website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized also after a page change.

3.   Storage duration / right of objection and erasure

Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. You can also change your cookie preferences under: Change Cookie Preferences If cookies are deactivated for our Website, it is possible that all functions of the Website can no longer be used to their full extent. lll.   Statistical analysis of the Website / increase of reach

1.   Google Analytics

Description of data processing This Website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Analytics also uses so-called “cookies”. The information generated by the Google cookie about your use of this Website will generally be transmitted to and stored by Google on servers in the United States. By accepting Cookies used by Google Analytics, you also agree in accordance with Art. 49 para 1 S. 1 lit. a DSGVO that your data may be processed in the USA. The USA is considered by the European Court of Justice to be a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without the possibility of legal recourse. If you click on “Accept only essential cookies”, the transfer described above will not take place. We would like to inform you that this Website uses Google Analytics exclusively using the extension “anonymizeIp()”. Your IP address will therefore not be stored completely and will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area prior to transmission to the USA. The identification of the visitor of the web page is impossible. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. For further information on the processing of data by Google, please read Google’s privacy policy: https://policies.google.com/privacy?hl=de Legal basis and purpose of data processing Google Analytics cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless we obtain consent via our cookie-consent-management-tool based on Art. 6 para 1 lit. a GDPR. The Website operator has a legitimate interest in analysing user behaviour in order to optimise both its Website and its advertising. The information generated by the cookies about your use of this Website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the Website, compiling reports on Website activity for Website operators and providing other services relating to Website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google has contractually guaranteed that it will not associate your IP address with any other data held by Google. We have concluded a contract with Google for order data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics. Duration of storage / right of objection and erasure Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our Website, it is possible that all functions of the Website can no longer be used to its full extent. By installing the browser add-on to deactivate Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de), you can object to its use. By doing so, you inform Google Analytics that no information about the Website visit should be transmitted to Google Analytics. Furthermore, you can install an opt-out cookie on your device via this link https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable, in particular for browsers of mobile devices, so that the collection of data by Google Analytics on our Website is prevented in the future. Please note that if you delete cookies from your end device, you must also reinstall the opt-out cookie Please use our cookie content management tool for this purpose and for more information about the duration of storage.

2.   Google Tag Manager

Description of data processing The Google Tag Manager is a solution from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) that allows marketers to manage Website tags through a single interface. The Google Tag Manager itself (which implements the tags) is a domain without cookies and does not collect personally identifiable information. The Google Tag Manager triggers other tags that may themselves collect data. For details of these third parties, please refer to this privacy statement. The Google Tag Manager does not access this information. If you have set cookies to be disabled or otherwise set cookies to be disabled, this will be applied to all tracking tags used with Google Tag Manager, so the tool will not change your cookie settings. For more information about the Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html. Duration of storage / right of objection and erasure We use the Tag Manager for the Google services Google Analytics and GA Audience. If you have deactivated these services, the Google Tag Manager will take this into account. See B.III.1 for details on Google Analytics. Please use our cookie content management tool for this purpose and for more information about the duration of storage.

3.   Facebook Custom Audience

Description of data processing Our Website uses the visitor action pixel (“Facebook pixel”) of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) to measure conversion. This allows us to track the behaviour of site visitors after they have been directed to the provider’s Website by clicking on a Facebook ad. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes (“Conversion”) and future advertising measures to be optimised, for example by identifying visitors to our online offering as a target group for the display of advertisements (“Facebook Ads”). In particular, we may subsequently determine that the Facebook ads placed by us are only displayed to Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products that are determined on the basis of the Websites visited) that we transmit to Facebook (so-called “custom audiences”). The data collected is anonymous to us as the operator of this Website and we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Guidelines (https://www.facebook.com/policy). As a result, Facebook may allow advertisements to be placed on Facebook pages and outside Facebook. This use of data cannot be influenced by us as the site operator. Please refer to Facebook’s Privacy Notice for more information on protecting your privacy https://www.facebook.com/about/privacy/. Legal basis and purpose of data processing We use Facebook Custom Audience on the basis of our legitimate interests in the analysis, optimisation and economic operation of our online offering in the sense of Art. 6 Para. 1 lit. f. GDPR, as well as the interest of our users who are already interested in our Website, or who have certain characteristics (e.g. interests in certain topics or products, which are determined on the basis of the visited websites), to specifically address with advertising, unless we obtain consent via our cookie-consent-management-tool based on Art. 6 para 1 lit. a GDPR. Studies have shown that such user-related advertising is more interesting for users than advertising without a personal reference. Duration of storage / right of objection and erasure Please use our cookie content management tool for this purpose and for more information about the duration of storage. You can also deactivate the remarketing function “Custom Audiences” at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook to do this. You can find more information at https://www.facebook.com/settings?tab=ads. If you do not have a Facebook account, you can disable Facebook’s usage-based advertising on the European Interactive Digital Advertising Alliance Website: http://www.youronlinechoices.com/de/praferenzmanagement

4.   Reddit Conversion Pixel

Description of data processing Our Website uses the visitor action pixel (“Reddit Pixel”) to measure conversion. The Reddit Pixel is an analytics services of Reddit Inc., 520 Third Street, Suite 305, San Francisco, CA 94107, United States (“Reddit”) which uses cookies, which are set if you if you are directed to our website from a reddit commercial ad. When you visit our website, both we and Reddit will know that you have clicked on the ad and have been redirected to our site. The data collected through these cookies is used to generate statistics for us to examine the effectiveness of our ads. This allows us to know the total number of users who responded to our ad and were then redirected to a web page that was red-dited (“Conversion”). We do not receive any information during this process that could personally identify you as a user. Please refer to Reddits Privacy Policy for more information on protecting your privacy https://www.reddit.com/help/privacypolicy/ Legal basis and purpose of data processing We use Reddit Conversion Pixel on the basis of our legitimate interests in the analysis, optimisation and economic operation of our online offering in the sense of Art. 6 Para. 1 lit. f. GDPR, as well as the interest of our users who are already interested in our Website, or who have certain characteristics (e.g. interests in certain topics or products, which are determined on the basis of the visited websites), to specifically address with advertising, unless we obtain consent via our cookie-consent-management-tool based on Art. 6 para 1 lit. a GDPR. Studies have shown that such user-related advertising is more interesting for users than advertising without a personal reference. Duration of storage / right of objection and erasure Please use our cookie content management tool for this purpose and for more information about the duration of storage. If you choose to decline this tracking, you can also disable cookies from your Internet browser. If necessary, use the help function of your browser for further information.

5.   LinkedIn Insights

On our website we use the analysis and conversion tracking technology “LinkedIn Insights”, of the LinkedIn Inc. (2029 Stierlin Ct, Mountain View, CA 94043, USA, hereafter “LinkedIn”). LinkedIn Insights allows us to display you more relevant advertising based on your interests. LinkedIn also provides us with aggregated and anonymous reports of advertising activity and information about how you interact with our Websites. LinkedIn uses a Javascript code (socalled “insight tag”) to do this, which places a cookie on your web browser or uses a pixel. The LinkedIn Insight tag is used to collect information about the use of our website, including URL, referrer URL, IP address, device and browser characteristics, timestamps and page views. LinkedIn does not share any personally identifiable information with us, but only provides aggregate reports about the website’s audience and display performance. In connection with the use of LinkedIn Insights, the information collected is also processed by LinkedIn on LinkedIn servers in the United States. Legal basis and purpose of data processing We use LinkedIn Insights on the basis of our legitimate interests in the analysis, optimisation and economic operation of our Website in the sense of Art. 6 Para. 1 lit. f. GDPR, as well as the interest of our users who are already interested in our Website, or who have certain characteristics (e.g. interests in certain topics or products, which are determined on the basis of the visited websites) to specifically address with advertising, unless we obtain consent via our cookie-consent-management-tool based on Art. 6 para 1 lit. a GDPR. Please refer to LinkedIns Privacy Policy for more information on protecting your privacy: https://www.linkedin.com/legal/privacy-policy#choices-oblig Duration of storage / right of objection and erasure Please use our cookie content management tool for this purpose and for more information about the duration of storage. The data collected via the LinkedIn Insight tag is encrypted and anonymized within 7 days. The anonymized data is deleted within 90 days. You can revoke your consent at any time by clicking on the following opt-out link: https://www.linkedin.com/psettings/guest-controls or by using our cookie-consent-management-tool. Alternatively, you can prevent the evaluation of your user behaviour in connection with LinkedIn by changing your corresponding cookie-settings in your browser.

6.   Twitter Universal Website Tag

On our website we use the remarketing, analysis and conversion tracking technology “Twitter Universal Website Tag”, Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Irland (hereinafter: „Twitter“). The Twitter Universal Website Tag allows us to display you more relevant advertising based on your interests. Twitter provides us with aggregated and anonymous reports of advertising activity and information about how you interact with our Websites. However, it is not visible to us which other websites you visit. Twitter uses a Javascript code (so-called “tag”) to do this, which places a cookie on your web browser or uses a pixel. The information that you have visited our website is transmitted to the Twitter server. Twitter links this information to a unique ID that is stored on your device within the cookie or provided by your device (“advertising ID” for smartphones). If you visit other websites that also use “website tag for remarketing”, this information is also linked to your unique ID. The Twitter Universal Website Tag is used to collect information about the use of our website, including URL, referrer URL, IP address, device and browser characteristics, timestamps and page views. In connection with the use of Twitter Universal Website Tag, the information collected is also processed by Twitter on its servers in the United States. Legal basis and purpose of data processing We use Twitter Universal Website Tag on the basis of our legitimate interests in the analysis, optimisation and economic operation of our Website in the sense of Art. 6 Para. 1 lit. f. GDPR, as well as the interest of our users who are already interested in our Website, or who have certain characteristics (e.g. interests in certain topics or products, which are determined on the basis of the visited websites) to specifically address with advertising, unless we obtain consent via our cookie-consent-management-tool based on Art. 6 para 1 lit. a GDPR. Please refer to Twitters Privacy Policy for more information on protecting your privacy: https://twitter.com/personalization Duration of storage / right of objection and erasure Please use our cookie content management tool for this purpose and for more information about the duration of storage. To prevent the Twitter Universal Website Tag from being collected, you can also disable cookies from your Internet browser. If necessary, use the help function of your browser for further information lV.   Further information on procedures, plug-ins and tools used to design the Website

1.   SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

2.   YouTube

Description of data processing We may from time to time use content or services provided by YouTube LLC, 901 Cherry Ave on our Website. San Bruno, California, CA 94066, United States (hereinafter referred to as “YouTube”), to include video content on our Website using a plugin. YouTube is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States, a subsidiary of Alphabet, Inc. If you want to play the embedded videos using this plugin (by clicking the Play button), your IP address will be sent to YouTube because YouTube cannot send the video content to your browser without the IP address. The IP address is therefore required for the display. The YouTube server also receives information about which subpage of our Website you have visited. If you are logged into your YouTube account as a YouTube member, you will also be able to assign your usage behaviour directly to your personal profile when playing our videos. For more information about YouTube’s data processing practices, please refer to the YouTube section: https://policies.google.com/privacy?hl=de&gl=de Legal basis and purpose of data processing YouTube is used on the basis of our legitimate interests under Art. 6 para. 1 lit. f GDPR to make video content available on our Website. Duration of storage / right of objection and erasure To prevent this assignment, please log out of your YouTube profile before playing our video content.

1.   Online presences on social networks and platforms

Description of data processing Skalex maintains further online presences within social networks and/or industry networks (LinkedIn, Twitter, Facebook, XING, Instagram and Medium) (hereinafter also “SN”) and platforms (e.g. Youtube) and links to them from our Website. By clicking on the respective buttons (recognizable by the respective logos of the social networks or platforms) you get to the respective online presence of the SN. The purpose of these online presences is to communicate with active customers, interested parties and users and to inform them about our services. When calling up the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply. Legal basis and purpose of data processing Unless otherwise stated in our data protection declaration, we process user data on the basis of our legitimate interests pursuant to Art. 6 Para. 1 lit. f GDPR effective information of users and communication only if they communicate with us within social networks and platforms (e.g. if users write articles on our online presences or send us messages). In some cases, the SN maintain servers in the USA to which your data may be forwarded. Details are given in the list below. Duration of storage / right of objection and erasure If you are a member of one of the SN on which we maintain online presences and do not want the SN to collect data about you via our service and link it to your data on the SN, you must log out of your SN before visiting our service. For a detailed description of the respective processing operations, information on the duration of the storage of data by the respective SN and the opt-out options, please refer to the information provided by the providers linked below. Also in the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and give information. Should you nevertheless need help, you can contact us. Facebook For our Facebook company page (“Fanpage”) of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, we have concluded an agreement on joint processing of personal data with Facebook pursuant to Art. 26 GDPR. This agreement is necessary because Facebook Inc., Menlo Park, California, USA (hereinafter referred to as Facebook Inc.) enters so-called page insights on our fan page. Page Insights is a compilation of information that enables both us and Facebook Inc. to understand how our users interact with our site. Page insights may be based on personally identifiable information collected in connection with our users’ visits or interactions with our site. However, by maintaining the Facebook Corporate Page, we share responsibility and have a duty to notify Facebook when we receive privacy inquiries about page views. Please note that we forward requests for page views to Facebook Ireland. For the rest, please refer to the comments on the rights to which you are entitled under A. The evaluation of the data collected via page views serves to improve our Websites and for advertising purposes. The collection of this data is in our legitimate interest and in the legitimate interest of Facebook Inc. pursuant to Art. 6 para. 1 lit. f GDPR. We would like to draw your attention to the fact that we cannot switch page insights technology on or off. We must therefore forward the majority of such requests to Facebook-Ireland, unless we ourselves have collected data. If you do not want Facebook Inc. to collect your data, please do not use our Facebook company page and/or set your browser so that it does not set cookies and/or log out of Facebook while you are using our page. Privacy Policy: https://www.facebook.com/about/privacy/, https://www.facebook.com/legal/terms/information_about_page_insights_data Right of objection: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com Instagram Instagram is a service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland Privacy policy/Right of objection: https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram-Hilfebereich&bc[1]=Privatsph%C3%A4re%20und%20Sicherheit LinkedIn Linkedin Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland Privacy Policy: https://www.linkedin.com/legal/privacy-policy Right of objection: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out Medium Medium is a service of A Medium Corporation, 760 Medium Street San Francisco, CA 94102 United States Privacy policy/Right of objection: https://policy.medium.com/medium-privacy-policy-f03bf92035c9 XING Xing AG, Dammtorstraße 29-32, 20354 Hamburg, Germany („XING“) Privacy policy/Right of objection: https://privacy.xing.com/de/datenschutzerklaerung Youtube Youtube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy policy: https://policies.google.com/privacy?hl=de&gl=de Right of objection: https://adssettings.google.com/authenticated Vl.   Links to Websites of other providers

1.   Contact form and e-mail contact

Description of data processing A contact form is available on our Website, which can be used for electronic contact. If a user makes use of this possibility, the data entered in the respective input mask will be transmitted to us and stored. Alternatively, it is possible to contact us via the e-mail address provided. In this case the personal data of the user transmitted with the e-mail will be stored. Legal basis and purpose of data processing Art. 6 para. 1 lit. f GDPR is the legal basis for the processing of data transmitted in the course of sending a contact form request or an e-mail. If the contact form request or the e-mail contact is intended to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. The processing of personal data from the input mask serves us solely to process the establishment of contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. Duration of storage / right of objection and erasure The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the relevant facts have been conclusively clarified and that no legal requirements call for longer storage. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In this event, all personal data stored in the course of contacting us will be deleted unless legal requirements require longer storage. In such a case, the conversation cannot be continued.

1.   Newsletter

Description of data processing We would like to inform our customers and interested parties at regular intervals about our products, services, webinars, innovations or news at skalex by e-mail or other electronic notifications (hereinafter referred to as “Newsletter”). We require your e-mail address for this purpose. Further information may be requested in the respective newsletter registration forms in order to provide you with personalised content tailored to your interests. You can subscribe to our Newsletter by using the corresponding function of a subscription form to subscribe to our Newsletter, or during a registration process by ticking a box (so-called opt-in). For this purpose, we provide various options on our Websites or in the context of registration or order interfaces to register for our (possibly topic-specific) newsletters. The details to the respective contents of the newsletters are described concretely in the respective registration form. This description is relevant for your consent. Following your registration, you will receive an e-mail from us in which you will be asked to confirm your newsletter subscription once again (so-called double opt-in procedure). This confirmation is necessary to exclude the possibility that someone else has misused your e-mail address to subscribe to our newsletter at a different address. Only when you activate the hyperlink sent to your email address will the newsletter be sent to your email address. For verification purposes, the IP address and the registration date (“timestamp”) are stored in addition to your e-mail address and name for the newsletter dispatch. Legal basis and purpose of the data processing / data recipient The legal basis for the dispatch of newsletters is the consent given by you as the recipient pursuant to (Art. 6 para. 1 lit. a GDPR, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG), or if consent pursuant to § 7 para. 3 UWG is not required for existing customers, on the basis of our legitimate interest in direct marketing measures pursuant to Art. 6 para. 1 lit. f GDPR in conjunction with § 7 para. 3 UWG. § 7 para. 3 UWG. The logging of the registration procedure is based on our legitimate interests pursuant to Art. 6 Para. 1 lit. f GDPR in a secure and targeted newsletter system that meets both our business sales interests and the ideas and needs of the recipients, as well as the verifiability of the consents given. Duration of storage / right of objection and erasure You can object to the dispatch of the newsletter at any time or withdraw your consent to receive the newsletter in whole or in part. You will find an unsubscribe link at the end of each newsletter. You can also contact us directly under: info@skalex.io. By unsubscribing the newsletter, the business communication is not affected. Your data will be stored by us for the purpose of contract processing, our support and services, software updates or registration for events. In addition, we reserve the right to store the necessary proofs until the statutory limitation periods have expired in order to provide evidence of a legally compliant newsletter mailing. C. Contractual relationships with customers and business partners I. Am I obliged to provide data? If you enter into contract negotiations with us with questions about our services, accept one of our offers or have other contractual agreements with us, we will process the personal data you provide in this context. Which data is processed in detail depends decisively on the relevant objects of purchase or the services which you obtain from us or which you inquire about. In this context, the processing of your data is usually absolutely necessary for the preparation, conclusion and processing of the contract. If you do not provide us with this data, we may have to refuse to conclude a contract or execute an order or may no longer be able to execute an existing contract. As far as we use data in the context of contract initiation or performance with a customer, business or cooperation partner, our interest in handling your data lies in enabling and maintaining the exchange with the customer or the respective business or cooperation partner, typically in the context of a contract or other relationship. If you act as a contact person – typically in your function as an employee at these companies – you usually have no overriding opposing interest, insofar as this interaction with us is part of your area of responsibility, so that a right of objection is regularly excluded. However, you are not obliged to give your consent to data processing with regard to data which is not relevant for the fulfilment of the contract or which is not required by law. II. Communication In principle, we collect the necessary data from you ourselves through personal contact. Of course, you can also contact us by telephone, fax, post or alternatively via our e-mail address (see our Legal Notice) or via the e-mail addresses of our employees provided to you. In the latter case, the personal data transmitted with the e-mail will be stored. Please note that e-mail communication is not encrypted for technical reasons. Your data will be used for the processing of the conversation and the post-processing of the respective inquiry or meeting contents. Your data will be processed on the basis of Art. 6 para. 1 lit. b GDPR if the communication is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) in the effective processing of enquiries addressed to us. In this context, the data will not be passed on to third parties unless it is necessary to pursue our claims or legitimate interests (Art. 6 para. 1 lit. f GDPR) or there is a legal obligation to do so (Art. 6 para. 1 lit. c GDPR). lll.   Data processing within the framework of distribution Personal data will be processed on the basis of Art. 6 Para. 1 lit. b GDPR in order to provide the service you have commissioned us to provide, in particular to implement our contracts or pre-contractual measures, as well as all activities required for the operation and administration of skalex. The resulting purposes of data processing shall primarily depend on the activities and individual services specifically agreed with you and may include, but are not limited to, consulting activities or activities within the scope of controlling sales processes (e.g. compiling documents, sending skalex product or event information, providing skalex services) or accompanying sales negotiations and concluding contracts. Further details on the scope, purpose and recipients of your data can be found in the relevant contractual documents and associated terms and conditions. To the extent necessary within the framework of our operational processes, we process your data in connection with our services beyond the actual fulfilment of the contract to safeguard our legitimate interests (Art. 6 para. 1 lit. f GDPR). In connection with the offer or provision of our services, we may be subject to special legal obligations, such as requirements of tax legislation. The purposes of processing your data may therefore include, among other things, compliance with fiscal control and reporting obligations, customs or export regulations and the assessment and control of risks. The data processing required for this is based on Art. 6 para. 1 lit. c GDPR.

1.   Transmission of data

Depending on the scope of the service, your data or documents may be passed on to public authorities or private service providers or persons with whom we cooperate on a regular basis during the enquiry or offer phase as well as during the execution of the contract (see Section A, Section V).

1.   Contractual relationships with customers and business partners

Due to the further development of our Website or our offers as well as due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access the current data protection declaration on our Website at any time and print it out if necessary.