Home > Legal

Privacy

stroke-header
firstbird GmbH

A) General information

B) Access data, cookies, contact forms, and newsletter

C) Use of the Firstbird Help Center

D) Plug-ins & Tools

E) Marketing and optimisation

F) Advertising

G) Social networks

H) Other functions and services (within and outside this website)

In the following we will inform you about the personal data we collect when you visit our website and the purposes for which we use them. Personal information is any data with which you could be personally identified, e.g. name, address, telephone number, e-mail address.

A) General information

1. Name and contact details of the controller

The controller in accordance with Article 4(7) EU General Data Protection Regulation  (GDPR) is:

firstbird GmbH

Hietzinger Hauptstraße 34

1130 Vienna, Austria

Telephone: +43 1 25 31 790 199

E-mail: hello@firstbird.com

2. Our data protection officer

Firstbird has appointed Mr. Marco Tessendorf of procado Consulting, IT- & Medienservice GmbH, Warschauer Str. 58a, 10243 Berlin as its external data protection officer. You can contact him by e-mail at data-security@firstbird.com.

3. Your data protection rights

You have the following rights toward us regarding your personal data:

  • the right to access,
  • the right to rectification or erasure,
  • the right to restrict the processing,
  • the right to data portability,
  • the right to object to the processing.

 

Furthermore, you have the right to lodge a complaint with a supervisory authority concerning our processing of your personal data.

The data protection supervisory authority responsible for Firstbird is:

Österreichische Datenschutzbehörde,

Barichgasse 40-42

1030 Vienna

E-Mail: dsb@dsb.gv.at 

4. Objection or withdrawal of your consent to the processing of your data

If you have given your consent to the processing of your data, you can withdraw it at any time. Such a revocation influences the permissibility of processing your personal data after you have exercised the right to object.

Where we process data on the basis of legitimate interests, you have the right at any time, on grounds relating to your particular situation, to object to the processing of your personal data; this shall also apply to profiling based on these provisions. If you object to the processing, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defence of legal claims (right to object according to Article 21(1) GDPR. 

Where your personal data are processed for direct marketing purposes, you shall have the right to object any time to the processing of personal data concerning you for such marketing; this also applies to profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (right to object according to Article 21(2) GDPR). The objection is free of charge and can be done informally. 

The respective legal basis we use for processing is described in the present Privacy Policy.

5. SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content (e.g. inquiries about our contact forms). You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

6. Service providers who support us in the operation of the website

We use external service providers to support us in the operation of our website. These have been carefully selected and commissioned by us, are bound to our instructions, and are controlled regularly.

This collaboration is based on data processor agreements in accordance with Article 28 GDPR. As a rule, these external service providers who provide us with technical support (e.g. web hosters, programmers) have at least the possibility to access personal data. Such access is not intentional. However, we cannot rule out in individual cases that certain personal data are disclosed to these providers as part of their activity.  From a data protection point of view, these are so-called recipients (Article 4(9) GDPR) of personal data.

We use the following external service providers:

  • HOSTING/ DATACENTRE: Droptop GmbH, Am Grashorn 8, 14548 Schwielowsee (Germany)
  • WEB DEVELOPMENT/ MAINTENANCE AND UPDATE OF THE WEBSITE: TRE – Information Engineering e.U., Teichhofweg 3/2, 8044 Graz (Austria)

7. Updating and changes

This Privacy Policy was last updated in September 2019.

It may become necessary to change this Privacy Policy as a result of the further development of our website or due to changes in legal or administrative requirements.

B) Access data, cookies, contact forms, and newsletter

1 Access data and log files

1.1 Description of data processing

When you visit and use our website only for information purposes, that is, if you do not register or otherwise provide us with information, our system automatically collects data and information that your browser transmits to our server (so-called access data):

  • information about the browser type and version used,
  • the user’s operating system
  • the user’s Internet service provider
  • the user’s IP address
  • the date and time of access
  • websites from which the user’s system was directed to our website,
  • websites accessed by the user’s system via our website

These data are also stored in our system’s log files. The data are not stored in conjunction with the user’s other personal data.

1.2. Legal basis for data processing

The legal basis for the temporary storage of the data and the log files, provided they contain any references to persons, is Article 6(1)(f) GDPR.

1.3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to allow for the website to be displayed on the user’s system. In particular the user’s IP address must be stored for the duration of the session. 

The log files are stored to ensure the functionality of the website. In addition, we use the data to guarantee the security of our information technology systems. The data are not used for marketing purposes in this context.

The above purposes also constitute our justified interest in data processing as per Article 6(1)(f) GDPR.

1.4. Storage period

The data will be deleted when they are no longer necessary for the purposes for which they were collected. In the event that data are collected in order to make the website available, this applies each time the respective session has ended. In the case of storage of the data in log files, these will be deleted not later than after three months. A storage beyond that time is possible. In this case, the IP addresses of the users will be deleted or masked, so that an identification of the visiting client is no longer possible.

1.5 Right to object

It is absolutely necessary to collect the data to make the website available, and to store these data in log files in order to operate the website. Therefore, the user of the website does not have a right to object to their collection.

2 Use of cookies

This website uses cookies and external services. To change existing settings, please use the cookie settings panel here:

Change Cookie Settings

2.1 Description of data processing

In addition to the aforementioned data, cookies or other technologies such as pixels (hereinafter referred to as “cookies”) are used on your computer when visiting and using our website. Cookies are small text files that are stored by your browser on your device to save certain information or image files, such as pixels. The next time you visit our website on the same device, the information saved in the cookies will subsequently be returned either to our website (“first-party cookie”) or to another website to which the cookie belongs (“third-party cookie”).   

Based on the saved and returned information, the respective website recognizes that you have already accessed and visited it with the browser of your device. Firstbird uses this information to design and display our website in the best possible way according to your preferences. Only the cookie itself is identified on your device in the process. A storage of your personal data beyond this will only take place upon your express consent, or if it is absolutely necessary to be able to use the service provided to and accessed by you accordingly.

Our website uses the following types of cookies, the function of which is explained further below:

  • Strictly necessary cookies (Type A)
  • Functionality and performance cookies (Type B)
  • Consent-based Cookies (Type C)

You can find more information on the cookie types set and used in the description of the tools implemented on our websites (e.g. Google Analytics, Google Ads) in this Privacy Policy.

 

2.1.1. Strictly necessary cookies (Type A)

Strictly necessary cookies guarantee functions without which you cannot use our web pages as intended. These cookies are used exclusively by us, and therefore constitute first-party cookies. This means that all information stored in the cookies will be returned to our website. 

Strictly necessary cookies are used, for instance, to ensure that you as a registered user always remain logged in when accessing various subpages of our website and thus do not have to re-enter your login data every time you go to a new page.

The use of strictly necessary cookies on our website is possible without your consent. For this reason, strictly necessary cookies cannot be activated or deactivated individually. However, you can generally deactivate cookies in your browser at any time (see below).

The legal basis for the temporary storage of the data is Article 6(1)(f) GDPR.

2.1.2. Functionality and performance cookies (Type B)

Functionality cookies enable our website to store information already provided (such as language selection) and to offer you improved and more personalized functions based on this information. These cookies only collect and store anonymised information so that they cannot track your movements on other websites.

Performance cookies collect information about how our website is used. We use them in order to improve the attractiveness, content, and functionality of our website. Functionality cookies help us, for example, determine whether and which subpages of our website are visited and the content users are particularly interested in. More specifically, we record the number of visits to a page, the number of subpages accessed, the time spent on our website, the order of the pages visited, which search terms led you to us, the country, region and, if applicable, the city from which our site was accessed, and the share of mobile devices accessing our websites. We also capture movements, clicks and scrolling with the computer mouse to understand which areas of our website are of particular interest to users. As a result, we can adjust the content of our website more specifically to the needs of our users and optimize our services. The IP address of your computer transmitted for technical reasons is automatically anonymised and does not allow us to identify the individual user. 

You can object to the use of functionality and performance cookies at any time by adjusting your cookie settings accordingly.

The legal basis for the use of these cookies is Article 6(1)(f) GDPR.

 

2.1.3. Consent-based Cookies (Type C)

Cookies which are neither absolutely necessary (Type A) nor functionality or performance cookies (Type B) will be used only upon your express consent.

We also reserve the right to use information that we have obtained by means of cookies from an anonymous analysis of the usage behaviour of visitors to our website, in order to display specific advertising to you for certain of our products on our own websites. We believe that you, as a user, will benefit from this because we display advertising or content that we think suits your interests based on your surfing behaviour, so that you receive less randomly scattered advertising or certain content that might be of less interest to you. 

Marketing cookies come from external advertising companies (third-party cookies) and are used to collect information about the websites visited by the user in order to create target group-based advertising for the user.

The legal basis for the use of these cookies is Article 6(1)(a) GDPR.

You can withdraw your consent to the use of cookies at any time with effect for the future.

 

2.2. Management of cookies

You can change your browser’s settings to disable or limit the transfer of cookies. Previously saved cookies can be deleted any time. This can also be done automatically. You can set your web browser to generally prevent the storage of cookies on your device and/or to ask you each time whether you agree to cookies being set. You can also delete set cookies at any time. Your browser’s help function describes in detail how this can be done. 

In principle, our website can be used without any cookies. Please note, however, that completely deactivating cookies may lead to functional restrictions of our website.

3 Contact forms

3.1. Description and purpose of data processing

You will find various contact forms on our website. The data collected shall depend on the respective form. Your data are collected for the following purposes:

  • To be able to provide you with our DOCUMENTATION FREE OF CHARGE (case studies and white papers).
  • To be able to provide you with a free WEB DEMO. When you ORDER a WEB DEMO, we use your data to contact you (by e-mail or telephone), to establish what is needed, and to coordinate and organise a meeting with you.
  • To be able to make you a PERSONALISED OFFER. In this case, we use your data to contact you, to establish what is needed, and to coordinate and organise a meeting with you.
  • To be able to offer you a PERSONAL MEETING. In this case, we use your data to contact you, to establish what is needed, and to coordinate and organise a meeting with you.
  • To be able to provide you with our WEBINARS (live webinars, expert webinars) and WEB CONFERENCES.

3.2. Legal basis for data processing

The processing of the data is necessary in order to take steps prior to entering into a contract in accordance with Article 6(1)(b) GDPR or for the performance of a contract in accordance with Article 6(1)(b) GDPR.

3.3. Storage period

We will store your data for as long as necessary to take steps prior to entering into a contract or for the performance of a contract, with the exception of data that we are not yet allowed to delete due to statutory obligations (e.g. documents that must be kept under tax and commercial law) and data required to safeguard legitimate interests, e.g. to assert claims.

3.4 Objection possibilities

You may at any time request that the personal data you transferred to us in a contact form are deleted from the database by sending an e-mail to data-security@firstbird.com.

3.5 Marketing communications

When you request a WEB DEMO, a TEST ACCOUNT, a PERSONALISED OFFER, a PERSONAL MEETING or DOCUMENTATION FREE OF CHARGE, or you are registering for a WEBINAR or a WEB CONFERENCE, we can also use the personal data you provide to us in the form for sales/marketing communications with your consent.

Such communications shall include: 

  • contacting by telephone (follow-up after WEB DEMO, TEST ACCOUNT, PERSONALISED OFFER, PERSONAL MEETING, download of DOCUMENTATION FREE OF CHARGE, or WEBINAR or WEB CONFERENCE) as well as
  • contacting by e-mail to inform you about our newsletter or our services, or directly addressing you by e-mail.

The legal basis for this is the consent pursuant to Article 6(1)(a) GDPR. You can withdraw your consent at any time, and we will not contact you again. You can withdraw your consent by sending an e-mail to data-security@firstbird.com or a message to the contact details shown in the Imprint.

In the case of web conferences we organise together with other companies, we transfer your data to these other companies when necessary so that these can also contact you for marketing purposes. This transfer only takes place if you have given us your express approval for this during your registration. The legal basis for this is the consent pursuant to Article 6(1)(a) GDPR. You can withdraw this consent at any time.

3.6 Disclosure of data

We sometimes transfer your data to external service providers so as to deliver our services more efficiently. We only work together with service providers who provide sufficient guarantees that suitable technical and organisational measures are implemented to ensure an adequate protection of your data. Where provided by law, we concluded data processor agreements with the following service providers in accordance with Article 28 GDPR. In addition, we ensure that the transfer of personal data outside the EU always takes place in compliance with the GDPR.

We use the following service providers:

  • SharpSpring Inc.:
    • Form input data are not stored on the hosting server (see section 6 above) but at SharpSpring ,and are processed there.
    • For more information about data protection at SharpSpring Inc., go to: https://de.sharpspring.com/legal/privacy/.

4 Newsletters

4.1. Description and purpose of data processing

On our website, you have the possibility to subscribe to our newsletter, in which we regularly inform you about our products and provide updates on our company, events, and special offers. 

We use the so-called double opt-in method for the registration to our newsletter. This means that, after your registration, we send an e-mail to your e-mail address in which we ask you to confirm that you wish to receive our newsletter.

In addition, we store the respective IP addresses and the times of your registration and confirmation.  The purpose of this method is to furnish proof of your registration and, if necessary, to be able to investigate a possible misuse of your personal data.

The only mandatory piece of information required for the newsletter to be sent to you is your e-mail address. After your confirmation, we will store your e-mail address for the purpose of delivering the newsletter to you.

4.2. Legal basis for data processing

The legal basis is Article 6(1)(f) GDPR to the extent that we store data to furnish proof of your registration and, if necessary, to investigate a possible misuse of your personal data We store your e-mail address with your consent. The legal basis for this is Article 6(1)(a) GDPR.

4.3. Storage period

The data will be deleted when they are no longer necessary for the purposes for which they were collected. Accordingly, the data transferred by the user during registration will be stored as long as the newsletter subscription is active.

4.4 Possibility to object and to withdraw consent

You can withdraw your consent for the newsletter at any time and unsubscribe the newsletter. You can withdraw your consent by clicking on the link provided in each newsletter, or by sending an e-mail to data-security@firstbird.com or a message to the above-mentioned contact details. As a result of the withdrawal of your consent, the data collected during registration will be deleted. 

4.5 Newsletter service provider

We work together with SharpSpring to deliver the newsletter.  The data described in this section is stored on the servers of SharpSpring in the USA in the process.

We have concluded a data processor agreement with SharpSpring pursuant to Article 28 GDPR, in which the protection of your data is contractually guaranteed. In the case of undertakings outside the EU, an additional guarantee is required that the data in the “third country” are as secure as in the EU. SharpSpring offers this guarantee, because the undertaking is subject to the EU-US Privacy Shield. For more information on this, go to the following link.

C) Use of the Firstbird Help Center

If you want to have access to the protected areas of “data protection” or/and “onboarding” in the Firstbird Help Center, you can request such access via this link. We provided helpful documents and information for our (potential) customers in these two areas so as to facilitate their start with Firstbird.

In order to verify whether the access was actually requested by a (potential) customer, the following data are collected, stored, and used for identification: First name, last name, e-mail address, and company name. After confirming the Privacy Policy and sending your request, your data will be stored at SharpSpring Inc., and an automatic e-mail with your information will be sent to Zendesk (support and help center tool) for further processing. The data are also stored there so as to give you access to the Help Center.

Subsequently, the (potential) customer receives an e-mail from the Zendesk support tool containing a link to the registration page. There, it is possible to enter a password to create an account and thus obtain access to the protected area(s).

The data is processed in order to take steps prior to entering into a contract in accordance with Article 6(1)(b) GDPR or for the performance of a contract in accordance with Article 6(1)(b) GDPR.

D) Plug-ins and Tools

1 Google Web Fonts

For uniform representation of fonts, this page uses so-called web fonts provided by Google. Google Fonts are locally installed. No connection is established to the servers of Google.

2 Wordfence Security

This website uses the Wordfence plug-in to protect from viruses and malware, and for defence against external attacks. The provider is Defiant, 800 5th Ave Ste 4100, Seattle, WA 98104, USA.

Wordfence Security verifies the visits to the website as to their legitimacy, and logs the visits to the web hosting server in the same extent as the latter.

IP addresses are stored on the Wordfence servers in the USA for the purpose of protection against brute-force and DDoS attacks or comment spam. IP addresses classified as safe are put on a white list.

Wordfence Security secures our website and thus protects visitors to the website against viruses and malware. The provider currently sets three cookies to guarantee this function.

Cookie type: B

Data collected: For information about which cookies are set, go here.

Legal basis: Article 6 (1)(f) GDPR.

Storage period: up to 30 days

We have concluded a data processor agreement with Defiant in accordance with Article 28 GDPR. In addition, we ensure that the transfer of personal data outside the EU always takes place in compliance with the GDPR.

3 Cloudflare

This website uses Cloudfare to make the website quicker and safer. The provider is Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA.

Cloudfare collects information about the website visitors. Such data include the IP addresses, system configuration information, and other information to and from the website, which are derived from browsing activities.  This information helps Cloudfare to detect new threats, identify malicious third parties, and to offer stable security protection for this website. Data may, under certain circumstances, be stored on Cloudflare’s servers in the USA.

Cloudflare sets cookies to guarantee these functions.

Cookie type: B

Data collected: For information about which cookies are set, go here.

Legal basis: Article 6 (1)(f) GDPR.

Storage period: up to one year

We have concluded a data processor agreement with Cloudfare in accordance with Article 28 GDPR. In addition, we ensure that the transfer of personal data outside the EU always takes place in compliance with the GDPR.

Cloudflare offers web optimisation and security services designed to improve and protect websites. These include a reverse proxy, a pass-through security service, and a content distribution network. 

Cloudflare is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. For more information, go to https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0.

For more information about data protection at Cloudflare, go to https://www.cloudflare.com/de-de/privacypolicy/.

4 Borlabs cookie

This website uses the Borlabs Cookie software by Borlabs, Georg-Wilhelm-Str. 17, 21107 Hamburg, to display GDPR-compliant data safeguard provisions and to process user decisions on external media and cookies and to store these in a cookie on the user’s system.

Cookie type: B

Legal basis: Article 6 (1)(f) GDPR.

Storage period: up to one year

5 WPML cookie

This website uses the WPML software by OnTheGoSystems Limited, 22/F 3 Lockhart Road, Wanchai, Hong Kong, to implement a multilingual environment. In some cases, it is necessary to store a cookie containing the user’s language selection.

Cookie type: B

Legal basis: Article 6 (1)(f) GDPR.

Period of storage: 24 hours

E) Marketing and optimisation

1 Website analysis with Google Analytics

We use Google Analytics to analyse and regularly improve the use of our website.

Cookie type: B

Data collected: see “Data Collected by Google Analytics

Legal basis: Article 6 (1)(f) GDPR.

Storage period: up to 60 days

This website uses Google Analytics with the extension that anonymises IP addresses. As a result, your IP address will be truncated before being sent to Google, thus ruling out the identification of the user. Therefore, where the data collected about you contain any reference to persons, such reference will be immediately excluded. For those exceptional cases in which personal data are transferred to the USA, Google is subject to the EU-U.S. Privacy Shield.

You can prevent data generated by the cookie and relating to your use of the website (including your IP address) from being collected and processed by Google, by downloading and installing this browser plug-in.

If you are visiting our website on a mobile device (e.g. smartphone or tablet), you can prevent data collection by Google Analytics by clicking on the following link . This will activate an opt-out cookie. If you delete your cookies, you must click on this link again.

2 Website analysis with LinkedIn Marketing Solutions

Moreover, we use LinkedIn Marketing Solutions by LinkedIn Ireland Unlimited Company for marketing and optimisation purposes.  With LinkedIn Marketing Solutions, we can analyse and regularly improve the use of our website.

Cookie type: B

Data collected: see “What data does the LinkedIn Insight Tag collect?

Legal basis: Article 6 (1)(f) GDPR.

Storage period: up to 30 days

LinkedIn is subject to the EU-U.S. Privacy Shield. For more information and the applicable privacy policy of LinkedIn, go here.

You can reject LinkedIn cookies by following this link.

 

F) Advertising

1 Advertising with Google Ads (Google AdWords)

We use the services of Google Ads Conversion to draw attention to our services by means of advertising materials (so-called Google Ads) on external websites. We can determine how successful our advertising measures are on the basis of the data of the advertising campaigns. We are interested in showing you advertisements that are of interest to you, in making our website more interesting for you, and in achieving a fair calculation of advertising costs.

These advertising materials are delivered by Google via so-called “Ad Servers”. For this purpose, we use ad server cookies, through which we can measure certain parameters for success such as the display of ads or clicks by users. If you are directed to our website via a Google ad, Google Ads will store a cookie on your device. These cookies usually expire after 30 days and are not used to personally identify you. As a rule, the analysis parameters stored with this cookie are the unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for post-view conversions) and opt-out information (a mark indicating that the user no longer wishes to be addressed).

These cookies enable Google to recognize your Internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their device has not yet expired, Google and the customer can determine that the user has clicked on the ad and has been redirected to this page. Each Ads customer is assigned a different cookie. Therefore, cookies cannot be traced via the websites of Ads customers. We do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. We can determine which of the advertising measures used are particularly effective on the basis of these evaluations.  We do not receive any further data from the use of advertising material; in particular, we cannot identify users on the basis of this information.

Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence on the extent and the further use of the data which are collected through the use of this tool by Google, and therefore inform you according to our level of knowledge: As a result of the integration of Ads Conversion, Google receives information that you accessed the corresponding part of our Internet website or you clicked on one of our advertisements. If you are registered with one of Google’s services, Google can associate your visit with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

As already described above, you can prevent cookies from being set by our website at any time by making the corresponding settings in your browser, thus permanently objecting to the setting of cookies. Such a setting of the browser you use would also prevent Google from setting a conversion cookie on your device. In addition, a cookie set by Google Ads can be deleted at any time using the browser or other programmes.

You have the possibility to object to personalised advertising by Google. To this end, you must go to this link from each of the browsers you use and carry out the desired settings there. Personalised advertisement can be deactivated here. For more information on Google Ads, go here.

Google is subject to the EU-U.S. Privacy Shield. For more information and the applicable privacy policy of Google, go here.

Cookie type: C

Legal basis: Article 6 (1)(a) GDPR.

 

2 Advertising with Google Dynamic Remarketing

In addition to Google Ads Conversion, we also use the Google Remarketing application. After you visit our website, Google Remarketing will display our ads to you during your subsequent use of the Internet. This is done by means of cookies stored on your computer, through which Google records and evaluates your usage behaviour when visiting various websites. This is how Google can determine your previous visit to our website. According to Google’s own statements, Google does not merge the data collected in the context of remarketing with your personal data, which may be stored by Google. Google states in particular that it uses pseudonymisation for remarketing.

You have the possibility to object to personalised advertising by Google. To do so, you must go to this link from each of the browsers you use and carry out the desired settings there. Personalised advertisement can be deactivated here. For more information on Google Remarketing, go here.

Google is subject to the EU-U.S. Privacy Shield. For more information and the applicable privacy policy of Google, go here.

Cookie type: C

Legal basis: Article 6 (1)(a) GDPR.

 

3. Microsoft BING Ads

Data are collected and stored on our website using Bing Ads technologies, with which usage profiles are generated using pseudonyms. This is a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

This service enables us to track the activities of users on our website when these were directed to our website through advertisements of Bing Ads. In case you are directed to our website through such an ad, a cookie will be set on your computer. A Bing UET tag is integrated in our website. This is a code used in connection with the cookie to store certain non-personal data about the use of the website. These include the time spent on the website, the areas of the website that have been accessed, and the advertisement through which the users have been directed to the website. No Information about your identity is collected.

Moreover, Microsoft may be able to track your usage behaviour across several of your electronic devices, enabling it to display personalised advertising on Microsoft webpages and in Microsoft apps.

The information collected is transferred to Microsoft servers in the USA and is generally stored there for a maximum of 180 days. You have the possibility to object to personalised advertising by Microsoft. To do so, you must go to this link from each of the browsers you use and carry out the desired settings there.

Microsoft is subject to the EU-U.S. Privacy Shield. For more information and the applicable privacy policy of Microsoft go here.

Cookie type: C

Legal basis: Article 6 (1)(a) GDPR.

G) Social networks

1 Data processing by social networks

Firstbird maintains publicly accessible profiles in social networks. The social networks we use are listed further below in this Privacy Policy. 

Social networks like facebook and twitter can carry out a comprehensive analysis of your usage behaviour when you visit their website or a website with integrated social media content (e.g. “like” buttons or advertising banners). Visiting our social media sites will trigger several processing activities relating to data protection. More specifically:

When you are logged in your social media account and you visit our social media site, the operator of the social media portal can associate this visit with your user account.  However, your personal data may also be collected when you are not logged in or do not have an account with the respective social media portal. In this case, data are collected through cookies which are stored on your device, or through identification of your IP address.

Using the data collected in this manner, the operators of the social media portals can generate user profiles in which they store your preferences and interests. They can thus display interest-based advertisement to you within and outside the respective social media sites. In those cases in which you have an account with the respective social network, the interest-based advertisement can be displayed on all devices on which you are or were logged in.

Please also note that we cannot trace all processing activities on the social media portals. Therefore, depending on the provider, the operators of the social media portals may carry out further processing activities. For more details, please refer to the terms of use and data safeguard provisions of the respective social media portals.

2 Legal basis

The objective of our social media sites is to ensure the most comprehensive presence on the Internet. This constitutes a justified interest pursuant to Article 6(1)(f) DSGVO. The analysis processes triggered by the social networks may be based on diverging legal bases that must be indicated by the operators of the social networks (e.g. consent pursuant to Article 6(1)(a) GDPR).

3 Responsibility and assertion of rights

When you visit one of our social media sites, we are responsible, together with the operator of the social media platform, for the data processing operations triggered by this visit.  You can generally assert your rights (right to access, rectification, erasure, restriction of processing, data portability, and to lodge a complaint) both toward us and toward the operator of the respective social media portal.

Please keep in mind that, despite the joint responsibility with the social media portal operators, we do not have full control over the data processing operations of the social media portals. Our possibilities considerably depend on the company policy of the respective provider.

4 Storage duration

The data we directly collect through our social media sites will be deleted from our systems as soon as you request their deletion, revoke your consent for their storage, or the purpose for their storage no longer applies. Stored cookies remain on your device until you delete them. Any mandatory statutory provisions – especially those regarding data retention periods – shall remain unaffected by this provision.

We do not have any influence on the storage duration of your data stored by the operators of the social networks for their own purposes. For more details, please request information directly from the operators of the social networks (e.g. in their Privacy Policy, see below).

5 Social networks in detail

Facebook

We maintain a profile on facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-US Privacy Shield.

You can adjust the advertising settings in your user account yourselves. To do so, click on the following link and log in. For more details, consult facebook’s data policy.

Twitter

We use the short message service twitter. The provider is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Twitter is certified under the EU-US Privacy Shield.

You can adjust the twitter data protection settings in your user account yourselves. To do so, click on the following link and log in. For more details, consult Twitter’s Privacy Policy.

H) Other functions and services (within and outside this website)

1 Use of the restricted area of the website

The restricted area of our website, the “Firstbird Referral Platform”, is a system separated from our website. It collects numerous personal data and has its own Privacy Policy, to which we separately point out in a suitable section. We kindly ask you to read it carefully before using the referral platform.

2 Contacting by e-mail, telephone, or telefax

2.1 Description of data processing

On our website, you have the possibility to contact Firstbird using the e-mail addresses, telephone and fax numbers provided there. When you contact us through the above channels, we will store and process the resulting personal data for the purposes of dealing with your request.

Your information can be stored in our Customer Relationship Management (CRM) system. The data are not transferred to third parties in this context.  All data are used exclusively for the processing of your request.

2.2. Legal basis for data processing

The legal basis for the processing of the data is Article 6(1)(f) GDPR (general requests). Where the data are processed in order to take steps prior to entering into a contract at your request, the legal basis shall be Article 6(1)(b) GDPR.

2.3. Purpose of data processing

We process the personal data we collect solely for the purposes of effectively handling the requests addressed to us. These purposes also constitute our legitimate interest in processing personal data pursuant to Article 6(1)(f) GDPR.

2.4. Storage period

We will retain the data you transfer to us in contact requests until you ask for their deletion, object to their storage, or the purpose for their storage no longer applies. The purpose for the storage of the data no longer applies when it becomes evident that the underlying issue has been conclusively settled.

2.5 Right to object

You may at any time request that the personal data you transferred to us by e-mail, telephone, or telefax are deleted by sending an e-mail to data-security@firstbird.com.

3 Approach to business cards

If you give us your business card during an event, we will collect, store and use the personal data on the business card such as name, contact address, and e-mail address for the purpose of contacting you (by telephone/e-mail). To this end, the data will be forwarded to our Sales Department and will be stored in the sales management tool Pipedrive. The legal basis for this is Article 6(1)(b) GDPR, because we process the data as part of an initial business contact (implementation of a pre-contractual measure).

You may at any time request that the personal data from your business cards are deleted from the database by sending an e-mail to data-security@firstbird.com.

Scroll to Top