Privacy statement

General information

Thank you very much for your interest in our website. We take the protection of your privacy and your data very seriously. When you use this website, we — as the data controller responsible for data processing — process your personal data and store it for as long as is necessary to fulfill the specified purposes and meet any statutory obligations.

Personal data (e.g. the name, address, email address or telephone number of a data subject) is processed in accordance with the requirements of the General Data Protection Regulation (GDPR) and in line with the applicable country-specific data protection legislation. Pursuant to Article 4 (1) GDPR, personal data means any information relating to an identified or identifiable natural person.

The following privacy statement provides information about the type of data collected, how this data is used and transferred, which security measures we implement to protect your data, how you can obtain information about the data you have given to us, and the rights you may assert.

Name and address of the data controller responsible for data processing

This privacy statement applies to the processing of data on the website www.emulation.me by the following data controller: 

Emulation S.Hein
Owner: Sascha Hein

Rennweg 17
79106 Freiburg im Breisgau
Germany

Phone: ‭+49 151 57834551‬

Email: s.hein@emulation.me
Website: www.emulation.me

Personal data processing and processing purposes

When you visit our website

You can visit the website www.emulation.me without being required to disclose information about your identity. Only the information needed to establish a connection to our website will be automatically sent to our website’s server from your device’s browser.

Each time a user connects to our website, our website will collect a series of general pieces of data and information. This general data and information will be stored in our server’s log files. The following details may be collected:

(a) the browser types and versions used,

(b) the operating system of the device accessing our website,

(d) the subpages on our website being accessed by the system,

(e) the dates and times of when our website has been accessed,

(f) the Internet Protocol address (IP address),

(g) the internet service provider of the system accessing our website,

(h) any other similar pieces of data and information that can be used to protect our services in the event of an attack on our information technology systems.

We do not draw any conclusions about users when using this general data and information. Instead, we use this information to:

(a) ensure that the content on our website is displayed correctly,

(b) optimize our web content and the advertising for our website,

(d) provide law-enforcement authorities with the information needed to prosecute offenders in the event of a cyberattack.

We therefore evaluate this anonymously collected data and information firstly for statistical purposes and secondly in order to provide better data protection and data security with the ultimate aim of ensuring an optimum level of protection for the personal data we process. The anonymous data saved in the server log files is stored separately from all the personal data provided by a data subject.

Data is deleted as soon as we no longer need it to fulfill the purpose for which it was collected. In the case of data collected to enable operation of the website, this deletion occurs when the user’s browsing session comes to an end.

IP addresses are processed for technical and administrative purposes so that we can establish a stable connection, keep our website secure and in full working order, and — if necessary — trace any unlawful attacks on our website.

The legal basis for processing IP addresses is Article 6 Paragraph 1 Sentence 1 (f) GDPR. Our legitimate interest results from the aforementioned security requirements and the necessity to provide a fully functional website.

In processing your IP address and other information in the log files, we are unable to draw any direct conclusions about your identity.

When you register on our website

You have the option to register on our website by entering your personal data. During registration, you are required to enter your data into a form. This data is then transferred to us and stored. Your data will not be transferred to third parties.

During the registration process, we will ask you to provide your consent for us to process this data. Certain content and services on our website are only available to registered users. Registration is also necessary for the performance of a contract or for taking steps prior to entering into a contract.

Data is deleted as soon as we no longer need it to fulfill the purpose for which it was collected.

You can cancel your registration at any time. You can also ask for the data we have stored about you to be amended at any time. For more information, please see the section on Rights of data subjects.

When you subscribe to our newsletter

You have various opportunities to subscribe to our newsletter on our website.

Provided that you have given your express consent in accordance with Article 6 Paragraph 1 Sentence 1 (a) GDPR, we will use your email address to send you information in line with your preferences at regular intervals. To receive this information, all you need to do is provide us with your email address and select your desired language version.

You may be given the opportunity to enter additional optional personal data (e.g. name, address and telephone number). We will use this data to contact you by phone or post.

After registering, you will receive an email asking you to confirm your subscription so that you can be sent the newsletter. This is known as the double opt-in process. This provides us with proof that the registration process was initiated by you.

You can unsubscribe at any time, e.g. by clicking on the link at the end of each press newsletter. Alternatively, you can inform us at any time of your wish to unsubscribe by sending an email to s.hein@emulation.me.

Your email address will be deleted as soon as you withdraw your consent to receive our newsletter. For more information, please see the section on Rights of data subjects.

Distribution of our newsletter using Mailchimp

We send out our newsletter using Mailchimp, a newsletter distribution platform provided by the US-based Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The email addresses of our newsletter recipients as well as other data belonging to them as described in this privacy policy are stored on Mailchimp’s servers in the USA. Mailchimp uses this information to send out and analyze newsletters on our behalf. Furthermore, Mailchimp may also use this data to optimize or improve its own services, e.g. to optimize the technology it uses to distribute and display the newsletter, or for commercial purposes to identify which countries recipients are from.

Mailchimp will not, however, use the data provided by our newsletter recipients to contact them directly and will not pass their data on to third parties.

We have confidence in the reliability of Mailchimp and the IT and data security measures it has implemented. Mailchimp is certified under the EU-US Privacy Shield data protection agreement and therefore undertakes to comply with EU data protection requirements. We have also concluded a Data Processing Agreement with Mailchimp. This is a contract in which Mailchimp commits to protecting our users’ data, undertakes to process it on our behalf in accordance with its own privacy policy and, in particular, agrees not to disclose it to third parties.

You can view Mailchimp’s privacy policy here: https://mailchimp.com/legal/privacy/.

Contact form and email contact

Our website includes a contact form, which you can use to contact us electronically. Should you choose to use this option, the data you enter into the contact form will be transferred to us and stored. When completing this form, you will be asked to provide your consent for us to process this data and you will be referred to this privacy statement.

Alternatively, you can contact us at the email address provided. In this case, we will store the personal data provided to us in the email.

This data will not be transferred to third parties and will exclusively be used for the processing of any communication.

We only process the personal data entered into the contact form in order to handle your inquiry. Your choosing to contact us via email also constitutes the necessary legitimate interest on our part to process your data.

The other personal data we process during this procedure is used to prevent the contact form from being misused and to keep our information technology systems secure.

We process your personal data upon your submission of an inquiry. This data processing is based on our legitimate interests within the scope of responding to an inquiry in accordance with Article 6 Paragraph 1 Sentence 1 (f) GDPR.

Data is deleted as soon as we no longer need it to fulfill the purpose for which it was collected. Personal data entered into our contact form and for data sent by email will be deleted as soon as we have finished communicating with you about your inquiry. This communication is deemed to be finished when it is apparent from the circumstances that the matter being discussed has been completely resolved.

You may withdraw your consent to the processing of your personal data at any time. In such cases, we will no longer be able to continue communicating with you.

All personal data stored as a result of your inquiry will be deleted. For more information, please see the section on Rights of data subjects.

Transfer of personal data to third parties

Except for in the cases specified above (subscription to our newsletter), we only transfer your personal data to third parties if:

you have given your express consent to this in accordance with Article 6 Paragraph 1 Sentence 1 (a) GDPR,
this is necessary for the performance of a contract to which you are party in accordance with Article 6 Paragraph 1 Sentence 1 (b) GDPR,
if we have a legal obligation to transfer the data in accordance with Article 6 Paragraph 1 Sentence 1 (c) GDPR.

Transfer of data to third countries

Insofar as we process data in a third country (i.e. outside of the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or if this takes place as a result of us making use of third-party services or disclosing or transferring data to other individuals or companies, we ensure that we only do so in order to perform a contract or take steps prior to entering into a contract, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual authorization, we only process data or arrange to have data processed in a third country when the legal requirements are met. This means, for example, that the processing takes place on the basis of special guarantees, such as the officially recognized determination that the level of data protection is equivalent to that which is provided in the EU (e.g. via the Privacy Shield for data processed in the USA), or in compliance with officially recognized special contractual obligations.

Use of cookies

Our website uses cookies. Cookies are text files which are placed and stored on a computer system via a web browser.

Cookies are used on lots of websites and servers. Many cookies contain a unique identifier called a cookie ID. This consists of a string of characters which links webpages and servers to the specific web browser on which the cookie is stored. This enables the webpages and servers visited to differentiate between the data subject’s browser and other web browsers on which other cookies are stored. A specific web browser can be recognized and identified using the unique cookie ID.

Cookies enable us to provide visitors to our site with more user-friendly features, which we would not be able to offer without the use of cookies. We use cookies to optimize the information and services on our website in line with the user’s requirements. As mentioned above, cookies allow us to recognize our website’s users. The purpose of this recognition is to make our website easier to use. For example, visitors to a website which uses cookies do not have to re-enter their login data each time they visit the website because this is automatically taken from the cookie stored on the user’s computer system and entered into the website.

Some of the cookies we use are deleted as soon as the browser session comes to an end, i.e. when the user closes their browser. These cookies are known as session cookies. Other cookies remain on the user’s device and enable us or our partner companies to recognize the user’s browser the next time the user visits our website. These cookies are known as persistent cookies.

Data subjects can, at any time, prevent our website from placing cookies on their device by changing the settings in their web browser, permanently objecting to the placement of cookies. Furthermore, cookies which have already been placed on a device can be deleted at any time via a web browser or other software program. This is possible in all commonly used web browsers. If the data subject disables the placement of cookies in their web browser, they may not be able to make full use of all our website’s features.

Web analysis

We have integrated Google Analytics into our website (with an anonymization function). Google Analytics is a web analytics service. Web analytics involves the collection, compilation and evaluation of data about user behavior on websites. Examples of the types of data collected by a web analytics service include the webpage from which a data subject has accessed the website in question (known as the referrer), the specific pages accessed on the website, and how often and for how long the user remains on specific pages. Web analytics is predominantly employed for website optimization purposes and for performing a cost-benefit analysis of internet advertising.

The operator of Google Analytics is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

We use Google Analytics to analyze our website with the extension “_gat._anonymizeIp”. When our website is accessed from a Member State of the European Union or another state party to the Agreement on the European Economic Area, Google uses this extension to abbreviate and anonymize the IP address allocated to the data subject’s internet connection.

The purpose of using the Google Analytics service is to analyze the flow of visitors on our website. Google uses the data and information collected to analyze how our website is used, to compile online reports on our behalf about activities performed on our website and to provide other services concerning the use of our website.

Google Analytics places a cookie on the data subject’s information technology system. Please see above for a definition of cookies. The placement of this cookie enables Google to analyze how our website is used. Each time that a connection is made to one of the individual pages on this website, which is operated by us and into which Google Analytics has been integrated, Google Analytics will trigger the web browser on the data subject’s information technology system to transfer data to Google for the purpose of the online analysis. During this technical process, Google acquires knowledge of personal data, such as the data subject’s IP address, which, for example, allows Google to trace the origin of visitors and clicks and subsequently account for a commission.

The cookie is used to store personal information, such as the access time, the location from which the website was accessed and the frequency of visits to our website by the data subject. Each time our website is visited, this personal data, including the IP address of the data subject’s internet connection, is transferred to Google in the United States of America. This personal data is stored by Google in the USA. Google may pass the personal data collected through this technical process to third parties.

As described above, data subjects can, at any time, prevent our website from placing cookies on their device at any time by changing the settings in their web browser and permanently objecting to the placement of cookies. By adjusting their web browser in this way, data subjects can also prevent Google from placing a cookie on their information technology system. Furthermore, a cookie which has already been placed on a device by Google Analytics can be deleted at any time via the web browser or another software program.

The data subject can also object to and prevent data which is generated by Google Analytics and relates to the use of this website from being collected and processed by Google. To do this, the data subject must download and install a browser add-on available at https://tools.google.com/dlpage/gaoptout. This browser add-on uses JavaScript to inform Google Analytics that it is forbidden to transfer data and information about visits to websites to Google Analytics. Google will consider the installation of the browser add-on as an objection to the use of Google Analytics. If the data subject’s information technology system is subsequently deleted, formatted or reinstalled, the data subject must reinstall the browser add-on to disable Google Analytics. If the browser add-on is uninstalled or disabled by the data subject or another person who has control over it, it is possible to reinstall or reactivate the browser add-on.

For further information and to view Google’s privacy policy, please visit https://policies.google.com/privacy?hl=en and https://www.google.com/analytics/terms/us.html. Please see https://marketingplatform.google.com/about/ to find out more about Google Analytics.

As an alternative to installing the browser add-on or if you are using a mobile web browser, please click on the following link to place an opt-out cookie which will prevent Google Analytics from collecting data on this website in future. This opt-out cookie only works in this browser and for this domain. If you delete the cookies in this browser, you will need to click on the link again: Disable Google Analytics for this website.

Order handling and processing using Billbee 

We process orders using the service provider Billbee (Billbee GmbH, Paulinenstrasse 54, 32756 Detmold, Germany). Your name, address and, if applicable, other personal data are transferred to Billbee in accordance with Article 6 Paragraph 1 (b) GDPR exclusively for the purpose of processing online orders.

Your data is only transferred if doing so is actually necessary for your order to be processed. For information about data protection at Billbee and to view Billbee’s privacy statement, please visit https://www.billbee.io/datenschutz/ (only available in German).

Payment service provider heidelpay

On our website, we give our customers the option to pay using heidelpay. The provider of this payment service is heidelpay GmbH, Vangerowstraße 18, 69115 Heidelberg, Germany (hereinafter referred to as “heidelpay”). heidelpay uses this data to calculate fees, process payments and prevent fraud.

If you make a payment using heidelpay, heidelpay will collect various pieces of transaction data and transfer these to the bank which you used to register for heidelpay. In addition to the data necessary to process payments, heidelpay may collect other data in handling your transaction, e.g. your delivery address or individual items in your cart.

heidelpay then authenticates transactions using the authentication mechanism provided by the bank for this purpose. The payment is then transferred from your account to our account. Neither we nor third parties have access to your account details.

For information about paying with heidelpay, please see the GTC and heidelpay’s privacy statement at https://www.heidelpay.com/en/privacy-statement/.

 Rights of data subjects

You have the right:

1) to withdraw your previously given consent at any time pursuant to Article 7 Paragraph 3 GDPR. This means that we may no longer continue processing the data which we were processing on the basis of this consent;

2) to obtain information about your personal data which we have processed pursuant to Article 15 GDPR. In particular, you have the right to access information about the purposes of processing; the category of personal data; the categories of recipient to whom your data has been or will be disclosed; the envisaged storage period; the existence of a right to rectification, erasure, restriction of or objection to processing, and the lodging of a complaint; the source of your data if we did not collect it; and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about this process;

3) to obtain without undue delay the rectification of inaccurate personal data concerning you and stored by us or the completion of such data pursuant to Article 16 GDPR;

4) to obtain the erasure of personal data concerning you and stored by us pursuant to Article 17 GDPR, unless processing is necessary for exercising the right of freedom of expression and information, for complying with a legal obligation, for reasons of public interest or for establishing, exercising or defending legal claims;

5) to obtain the restriction of processing of your personal data in accordance with Article 18 GDPR if the accuracy of the personal data is contested by you, the processing is unlawful but you do not wish for your data to be deleted, we no longer need the data but you require it for the establishment, exercise or defense of legal claims, or you have objected to the processing pursuant to Article 21 GDPR;

6) to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit this data to another controller pursuant to Article 20 GDPR;

7) to object, pursuant to Article 21 GDPR, on grounds relating to your particular situation and at any time to processing of your personal data which is based on Article 6 Paragraph 1 (e) GDPR (data processing in the public interest) and Article 6 Paragraph 1 (f) GDPR (data processing on the basis of the consideration of interests); this also applies to profiling based on these provisions as defined in Article 4 (4) GDPR. If you make an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing is taking place for the establishment, exercise or defense of legal claims.

If you object to processing for direct marketing purposes, we will stop processing your data immediately. In such cases, no particular situation needs to be indicated. This also applies to profiling to the extent that it is related to such direct marketing. If you would like to exercise your right to object, please simply send an email to s.hein@emulation.me;

8) to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR. As a general rule, you can lodge a complaint with the supervisory authority in your habitual place of residence, your place of work or our registered office. 

Data security

All the data you submit to us will be transferred and encrypted using the customary and secure TLS (Transport Layer Security) standard. A secure TLS connection is indicated by the addition of the letter “s” to “http” (i.e. “https://...”) in your browser address bar or a lock symbol at the bottom of your browser.

We also make use of appropriate technical and organizational security measures to protect your data from accidental or deliberate manipulation, partial or complete loss, destruction and access by unauthorized third parties. We continuously improve our security measures in line with the latest technological developments. 

Updates and amendments to this privacy statement

This privacy statement is up to date and was last amended in September 2018.

We may need to amend this privacy statement following updates to our website and offers or due to changes in the law or official requirements. You can always view and print the latest version of our privacy statement on our website at

https://emulation.me/privacy-statement.