2. Technical measures
The website does use https (with TLS 1.2) with a strong key exchange and a strong cipher. The transfer is therefore adequately secured by using state-of-the-art-encryption. Even though TLS 1.2 is not the newest version of the encryption protocol, it is still state of the art and can be deemed as secure. However, the use of TLS 1.3 is recommended.
3. Tracking tools
Multiple tracking tools are being used on the website. Tracking tools generally require a consent of the data subject. Therefore, no processing of personal data with the help of tracking tools should be performed before the data subject declares the consent. Even though a so-called cookie-banner is implemented on the website www.baettr.com, this banner does not have any functionality:
Even though the visitor of the website did not click on “I accept”, the tracking already starts. The cookie-banner obviously has no functionality apart from setting a “core-cookiebar”-Cookie once the user clicked one of the two buttons. The language selection has no effect on the language of the cookie banner. The cookie-banner is always displayed in English.
3.1. Facebook pixel
The Facebook pixel is used to connect the website visitor with the Facebook account of the visitor. This data is used by the operator of the website to measure and track the visitors of the website. Apart from that, this data is used by Facebook to complete the profile of the Facebook user. Since this personal data is being transferred to Facebook and the interest of the data subject outweigh the interest of the website operator (controller) here, a consent is necessary for this transfer.
3.2. Google Analytics
Google Analytics is implemented on the website. The anonymizeIP-function of Google Analytics has not been implemented and therefore the complete IP address of the website visitor is being processed for the tracking with Google Analytics. Due to reasons of data minimization it is recommended to truncate the IP address by the last 3 digits and to only implement Google Analytics once the user declare the consent.
Dear visitors of our Internet portal,
thank you for visiting our website. To make you feel comfortable while visiting our website, we would like to inform you about the handling of your data. The following data protection regulations are intended to inform you about how we collect, use and pass on your personal data. Responsible for this website is Baettr Sales & Services A/S.
The protection of your privacy is very important to us. For this reason, we have designed our website in a way that it can be used anonymously. We use information that we receive and store during your visit of our website exclusively for internal purposes and to improve the design of the website. We store the IP address transmitted by your web browser for a period of seven days in order to detect, limit and eliminate faults or errors (e.g. attacks on our servers). After this period has expired, we delete or anonymize the IP address. We use the IP address exclusively for the above-mentioned security purposes. Further information on the processing of the IP address can be found in the following section "Usage data".
When you visit our website, so-called usage data is temporarily stored on our web server for statistical purposes as a protocol in order to improve the quality of our website. This data set consists of
- the page from which the file was requested,
- the name of the file,
- the date and time of the query,
- the amount of data transferred,
- the access status (file transferred, file not found),
- the description of the type of web browser used,
- the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be produced.
We use this information to enable the access to our website, to control and administrate our systems and to improve the design of our websites. The creation of personal user profiles is excluded. Data about individuals or their individual behavior is not collected.
Data transmission to third parties
We do not transfer your personal data to third parties.
Our service providers
We're using service providers to operate our website and other internet services. These service providers are strictly bound to our instructions with a contract according to Article 28 GDPR.
For more information, please visit http://tools.google.com/dlpage/gaoptout?hl=en or http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection). Please note that the code "gat._anonymizeIp();" has been added to Google Analytics in order to ensure anonymous collection of IP addresses (so-called IP masking).
The legal basis for the processing is your consent according to Art. 6 para 1 lit. a GDPR.
You can revoke your consent at any time to prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie is set to prevent future collection of your data when you visit the website: Disable Google Analytics.
We are using the Facebook pixel to measure the performance and how the users use our website. With the help of the Facebook pixel your visit on our website can be connected to your Facebook profile to generate advertisements based on your interests. This data will also be processed by Facebook. For further information on the processing of your data by Facebook, please click here.
The legal basis for the processing is your consent according to Art. 6 para 1 lit. a GDPR. You may revoke your consent at any time by clicking here.
To protect your data from unwanted access, we use an encryption method on our pages. Your information is transmitted from your computer to our server and vice versa via the internet using 128-bit TLS encryption (Transport Layer Security). You can recognize this by the fact that the lock symbol on the status bar of your browser is closed and the address line starts with https://.
Your rights as a user
As a user, you have the right to request information about what personal data is stored by us and for what purpose it is stored. In addition, you may have incorrect data corrected or data deleted that is inadmissible or no longer necessary to be stored. You also have the right to transfer your data and to object in front of a data protection authority. We are at your disposal for information, wishes or suggestions on the subject of data protection.
Data protection officer
Our data protection officer will be happy to provide you with information or suggestions on the subject of data protection: