Status: July 1, 2019
As a user, you can use our services in a variety of ways, for example to search for information or to create new content. If you provide us with information, for example by creating an SEA’D account, we may use it to further improve these services and, for example, provide additional functionality and improve their usefulness. SEA’D has an interest in ensuring that users of our services understand how and why we use information and what options users have to protect their own data.
The person responsible within the meaning of the Basic Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is the
20095 Hamburg (Germany)
The use of this website is also possible without providing personal data. As far as on these sides personal data (for example name, address or e-mail addresses) are raised, this takes place on voluntary basis. The storage of this data will not be passed on to third parties without the express consent of the user. Your e-mail address can be deleted upon request.
Collection of information
SEA’D collects information in the following ways:
- Data you provide to us: To use services, you must first create an SEA’D account. To do this, we ask you to provide personal information. This includes your name, e-mail address and telephone number, which are stored in connection with your account.
- Data that we receive as a result of your use of our services: We collect information about the services you use and how you use them, for example, when you click a link or when our content is viewed and interacted with. Our website collects a number of general data and information each time a user or an automated system accesses the website. This general data and information is stored in the log files of the server. We may collect (1) the types and versions of browsers used, (2) the operating system used by the accessing system, (3) the website from which the accessing system accesses our website, (4) the sub-sites accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information used to avert dangers in the event of attacks on our information technology systems.
- When using this general data and information, we do not draw any conclusions about the user. Instead, this information is required to (1) correctly deliver the content of our website, (2) optimize the content of our website, (3) ensure the long-term operability of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack. This anonymously collected data and information is therefore evaluated by us both statistically and with the aim of increasing data protection and data security in our company and for our users in order to ensure an optimum level of protection for the personal data processed by us. The anonymous data of the server log files are always stored separately from all personal data.
The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR. The legitimate interest in the processing lies in enabling the use of the website and its functionalities.
Cookies and comparable technologies
SEA’D and some partners use different technologies to collect and store data when you call a SEA’D service. This may include cookies or similar technologies that identify your browser or device. Cookies are small text files that enable the user’s terminal device to store specific, user-related information. We also use these technologies to collect and store information when you interact with services that are part of our partner offering, such as advertising services or SEA’D features available on other websites.
For example, SEA’D uses Google Analytics. This technology helps companies and website owners analyze traffic to their websites and apps. When Google Analytics is used in conjunction with advertising services, such as those that use the DoubleClick cookie, Google Analytics data is linked to information about visits to multiple websites.
The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google. To increase the protection of your data, we use Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are only further processed in abbreviated form so that direct personal references can be ruled out.
You can prevent cookies from being saved by selecting “do not accept cookies” in your browser settings. You can also set your browser so that it asks you whether you agree before setting cookies. Finally, you can also delete cookies that have been set at any time. If you do not accept cookies, this can lead to functional limitations of the services in individual cases. Even without active deletion, however, the cookie is automatically deleted after twelve months. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=en).
The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR. The legitimate interest in the processing lies in enabling the use of the website and its functionalities. On the right of objection in data processing on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR see below (“Data Subject Rights”).
Use of the data
We use the data collected as part of our services to provide, maintain, protect and improve our services, to develop new services and to protect our users. We also use this information to provide you with customized content – for example, to provide you with more relevant information from startups.
The data entered during registration will also be used for the purposes of using the service. You may be informed by e-mail about information relevant to the offer or registration, such as changes in the scope of the offer or technical circumstances. The collected data can be seen in the input mask during registration. This may include company name, first name, surname, telephone number, postal address, e-mail address.
This information is required in order to issue the invoice. We store your data on specially protected servers in Europe. Access to it is only possible for a few specially authorised persons who are responsible for the technical or commercial support of the servers.
After termination, the data will be deleted immediately after the complete receipt of payment or the settlement of invoice objections after expiry of the storage period, unless we are required by legal storage obligations, such as for tax or accounting purposes, to store this data for a specific period.
Social media services
Our services allow you to share information with others. When you publicly share information, remember that this information may be indexed by search engines. Our services offer various ways for you to share your content over social networks such as Instagram and Twitter.
If you click on the appropriate button, you may be asked to register with the relevant social media service in a new window. If you do not click on the button and are not registered with the social media service, no data will be forwarded or corresponding cookies stored on your computer. If you are a registered user of a social media service and click on the button, this information, including your IP address, is transmitted to the social media network and assigned to your profile. Other users may then see, for example, that you are recommending this video or podcast. The exact users who receive this information depend on the settings you have made on the social media service. Against this background, we recommend that you read the current privacy notices of the social networks listed below carefully and change your settings if necessary.
Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The privacy statement can be found at http://www.google.com/intl/de/+/policy/+1button.html.
Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. The privacy statement can be found at http://instagram.com/about/legal/privacy/
The user has the opportunity to register on our website by providing personal data. Which personal data is transmitted to us in this case, results from the input mask, which is used for the registration. The personal data entered by the user is collected and stored exclusively for internal use and for our own purposes. We may arrange for the data to be passed on to one or more so-called contract processors, for example a postal service provider, who also uses the personal data exclusively for internal purposes attributable to us.
Registration on our website also saves the IP address assigned by the user’s Internet Service Provider (ISP), the date and time of registration. This data is stored in order to prevent misuse of our services and, if necessary, to clarify any criminal offences. In this respect, the storage of this data is necessary for our legal protection. These data will not be passed on to third parties unless there is a legal obligation to do so or the data is used for criminal or legal prosecution.
The registration of the user with voluntary indication of personal data serves us to offer the user contents or services which, due to the nature of the matter, can only be offered to registered users. In addition, we use the collected data for customer support and acquisition, in particular for making telephone contact and sending advertising by post and/or email.
Registered users are free at any time to have the personal data provided during registration completely deleted from our database.
The person responsible for the processing will provide each person concerned with information about which personal data about the person concerned is stored at any time upon request. Furthermore, the data controller corrects or deletes personal data at the request or notice of the data subject, unless this is contrary to any statutory storage obligations. The data protection officer named in this data protection declaration and all employees of the data controller are available to the data subject as contact persons in this context. The legal basis for this data processing is Art. 6 Para. 1 S. 1 lit. a GDPR.
Use of MailChimp
With regard to the use of your personal data to receive our newsletter, you will be asked for consent at the given point as follows:
“I have taken note of the data protection declaration, in particular I agree that the data processing is carried out by a service provider in the USA”.
With the newsletter we inform you about our offers at regular intervals. In order to receive our newsletter, you need a valid e-mail address. We will check the e-mail address you have entered to see whether you are actually the owner of the e-mail address provided or whether the owner is authorised to receive the newsletter. When you subscribe to our newsletter, we will store your IP address and the date and time of your subscription. In the event that a third party misuses your e-mail address and subscribes to our newsletter without your knowledge, this serves as security on our part. A comparison of the data collected in this way with data that may be collected by other components of our site also does not take place.
Newsletter by MailChimp
We use the MailChimp component to send our newsletter. MailChimp is a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA. Your personal data (e-mail address, name, IP address, date and time of your registration) will be transferred to a server of The Rocket Science Group in the USA and stored there in compliance with the “EU-US Privacy Shield”. Further information on data protection at MailChimp can be found at: http://mailchimp.com/legal/privacy/
Further information on the EU-US Privacy Shield can be found at:
The Federal Commissioner for Data Protection and Freedom of Information http://ec.europa.eu/justice/data-protection/international-transfers/eu-us-privacy-shield/index_en.htm_en.htm. You can cancel or revoke your subscription to this newsletter and thus your consent to the storage of your data at any time for the future. Details can be found in the confirmation e-mail and in each individual newsletter.
Our newsletters contain so-called tracking pixels (web bugs), which enable us to recognise whether and when an e-mail was opened and which links in the e-mail were followed by the personalised recipient. This data is stored by us so that we can tailor our newsletters optimally to the wishes and interests of our subscribers. Accordingly, the data collected is used to send personalized newsletters to the respective recipient. We ask for your consent in this regard at the given point as follows:
“I agree that my data and my usage behaviour may be electronically stored by newsletter tracking in order to send me an individualised newsletter. With the revocation of the consent to receive the newsletter, the consent to the aforementioned tracking is also revoked”.
Use of Google Web Fonts
On our website we use Google Fonts to display external fonts. This is a service of Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.
By the certification after the EU-US data protection shield (“EU-US Privacy Shield”) https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active=a2zt000000001L5AAI&status=Active Google guarantees that the data protection defaults of the European Union are kept also with the processing of data in the USA. In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the optimisation and economic operation of our Internet presence. Through the connection to Google established when calling up our website, Google can determine from which website your enquiry was sent and to which IP address the representation of the font is to be transmitted. Google offers further information at https://adssettings.google.com/authenticated https://policies.google.com/privacy, in particular on the possibilities of preventing the use of data.
We do not share any personal information with companies, organizations or individuals outside of SEA’D, except in one of the following cases:
- With your consent: We will share personal information with companies, organizations or individuals outside of SEA’D if we have received your consent to do so. We require your explicit consent to disclose any sensitive categories of personal information.
- In the case of administrators: If your SEA’D account is managed for you by an administrator, the administrator has access to the information in your SEA’D account (including your e-mail and other data). Your administrator may have the option:
- View statistics related to your account, such as statistics on the applications you installed.
- Change the password for your account.
- Block or terminate access to your account.
- Access or store any data stored as part of your account.
- Obtain information from your account in order to comply with applicable laws, regulations or procedures or to comply with an enforceable government order.
- Limit your ability to delete or edit any data or privacy settings.
- For legal reasons: We will disclose personal information to companies, organizations or individuals outside SEA’D if we believe in good faith that access to, or use, retention or disclosure of, such information is reasonably necessary to
- comply with any applicable law, regulation or legal process or comply with an enforceable government order.
- detect, prevent or otherwise combat fraud, security deficiencies or technical problems.
- protect the rights, property or safety of SEA’D, our users or the public from harm to the extent permitted or required by law.
We may share non-personal information with the public and our partners, such as publishers, advertisers or affiliates. For example, we publish information to show trends in the general use of our services.
If SEA’D is involved in a business combination, acquisition or sale of assets, we will continue to ensure the confidentiality of any personal information and we will notify affected users before personal information is transferred or otherwise disclosed.
The legal basis for the transfer of data can be Art. 6 Para. 1 S. 1 lit. a (contractual obligation) or Art. 6 Para. 1 S. 1 lit. f (justified interest) GDPR.
Deletion of the stored data
We process and store the user’s personal data only for the period of time necessary to achieve the storage purpose or if this has been provided for by the European Directive and Regulation Body or another legislator in laws or regulations to which the data controller is subject.
If the storage purpose no longer applies or if a storage period prescribed by the European Directive and Regulation Body or another competent legislator expires, the personal data will be deleted routinely and in accordance with the statutory provisions.
Every user is entitled to certain rights defined by law. In the following we would like to briefly inform you about these rights:
- a) Right to confirmation
Every user has the right to request confirmation from us as to whether we process personal data from him or her.
- b) Right to information
Every user has the right to receive from us, at any time and free of charge, information about the personal data stored about him as well as documentation of this information. Furthermore, we will provide the following information on request in accordance with the GDPR:
- The respective processing purposes.
- The categories of personal data processed by us.
- The recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations.
- If possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration.
- The existence of a right of rectification or erasure of personal data relating to him or her or of a right of limitation or of opposition to the processing by the controller.
- The existence of a right of appeal to a supervisory authority.
- If the personal data are not collected from the data subject: All available information on the origin of the data.
- The existence of automated decision-making including profiling in accordance with Article 22(1) and (4) GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended effects of such processing on the data subject.
Finally, the data subject has the right to know whether personal data have been transferred to a third country or to an international organisation. Where this is the case, the data subject shall also have the right to obtain information on the appropriate safeguards relating to the transfer of data concerning him.
- c) Right to rectification
Any person data subject to the processing of personal data has the right to obtain the rectification without delay of inaccurate personal data concerning him or her. Furthermore, the data subject shall have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.
- d) Right to cancellation
Any person data subject to the processing of personal data shall have the right to obtain from the controller concerned the erasure without delay of the personal data concerning him which are processed for any of the following reasons and in so far as the processing is not necessary:
- Personal data have been collected or otherwise processed for purposes for which they are no longer necessary.
- The data subject withdraws his consent on which the processing was based pursuant to Art. 6 para. 1 letter a GDPR or Art. 9 para. 2 letter a GDPR and there is no other legal basis for the processing.
- The data subject objects to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate reasons for the processing or the data subject objects to the processing pursuant to Art. 21 para. 2 GDPR.
- The personal data have been processed unlawfully.
- The deletion of the personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.
- The personal data were collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.
If one of the above reasons applies and a data subject wishes to have personal data stored by us deleted, he or she can contact our data protection officer or another employee of the data controller at any time. We will ensure that the request for deletion is complied with immediately.
If we have made the personal data public and if our company, as the person responsible, is obliged to delete the personal data pursuant to Art. 17 (1) GDPR, we shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform other persons responsible for data processing who process the published personal data that the data subject has requested the deletion of all links to this personal data or copies or replications of this personal data from these other persons responsible for data processing, insofar as the processing is not necessary. We will take the necessary steps in individual cases.
- e) Right to limitation of processing
Any person concerned by the processing of personal data shall have the right to request the controller to limit the processing if one of the following conditions is met:
- The accuracy of the personal data shall be contested by the data subject for a period of time which allows the controller to verify the accuracy of the personal data.
- The processing is unlawful and the data subject refuses to erase the personal data and instead requests that the use of the personal data be restricted.
- The controller no longer needs the personal data for the purposes of processing, but the data subject needs them for the assertion, exercise or defence of legal rights.
- The data subject has lodged an objection to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the data controller outweigh those of the data subject.
If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored by us, he or she can contact our data protection officer or another employee of the data controller at any time. We will arrange for the processing to be restricted.
- f) Right to data transferability
Any person data subject to the processing of personal data has the right to obtain personal data concerning him or her in a structured, common and machine-readable format. It shall also have the right to communicate such data to another controller without interference from the controller to whom the personal data have been provided, provided that the processing is based on consent pursuant to Art. 6 para. 1 letter a GDPR or Art. 9 para. 2 letter a GDPR or on a contract pursuant to Art. 6 para. 1 letter b GDPR and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task in the public interest or in the exercise of official authority entrusted to the controller. Furthermore, when exercising his right to data transferability pursuant to Art. 20 para. 1 GDPR, the data subject shall have the right to obtain that the personal data be transferred directly from one data controller to another data controller, insofar as this is technically feasible and insofar as this does not impair the rights and freedoms of other persons.
The person concerned can contact us at any time to assert the right to data transfer.
- g) Right of objection
Any person data subject to the processing of personal data has the right to object at any time, on grounds relating to his/her particular situation, to the processing of personal data concerning him/her carried out pursuant to Article 6(1)(e) or (f) of the GDPR. This also applies to profiling based on these provisions.
In the event of an objection, we will no longer process the personal data unless we can prove compelling grounds for processing worthy of protection which outweigh the interests, rights and freedoms of the person concerned, or the processing serves to assert, exercise or defend legal claims.
If we process personal data for the purpose of direct advertising, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling as far as it is connected with such direct advertising. If the data subject objects to our processing for direct marketing purposes, we will no longer process the personal data for these purposes. In addition, the data subject shall have the right to object to the processing of personal data relating to him/her by us for scientific research purposes or for statistical purposes in accordance with Art. 89 (1) GDPR for reasons arising from his particular situation, unless such processing is necessary for the performance of a task in the public interest.
In order to exercise the right to object, the person concerned may contact us directly. The data subject is also free to exercise his or her right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.
- h) Automated case-by-case decisions, including profiling
Any person data subject to the processing of personal data shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects upon him or her or significantly affects him or her in a similar manner, unless the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is authorised by legislation of the Union or of the Member States to which the data controller is subject and which provides for adequate measures to safeguard the rights and freedoms and the legitimate interests of the data subject or (3) is taken with the express consent of the data subject.
Where the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the data controller or (2) is taken with the express consent of the data subject, we shall take appropriate measures to safeguard the rights and freedoms and the legitimate interests of the data subject, including at least the right to have the data controller intervene, to present his or her point of view and to contest the decision. If the data subject wishes to assert rights relating to automated decisions, he or she may at any time contact our data protection officer or another employee of the data controller for this purpose.
- i) Right to revoke consent under data protection law
Any person concerned by the processing of personal data has the right to withdraw consent to the processing of personal data at any time. If the data subject wishes to exercise his/her right to withdraw his/her consent, he/she can contact our data protection officer or another employee of the data controller at any time.
Once we receive formal written complaints, we will contact the person who submitted the complaint for the purpose of tracking the complaint. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal information that we cannot resolve with our users.