Privacy Notice
We appreciate your interest in our website. Protecting your privacy when processing personal data and safeguarding all business data is important to us, and we incorporate this into our business processes. The following information explains how we handle your data.
§1 General Information on the Collection of Personal Data When Visiting Our Website
(1) Below, we provide information on the collection of personal data when using our website.
Personal data refers to any data that can be related to you personally, such as your name, address, email addresses, or user behavior.
Please note that data transmission over the internet (e.g., communication via email) may have security vulnerabilities. Complete protection of data against third-party access is not possible.
(2) The controller pursuant to Art. 4(7) of the EU General Data Protection Regulation (GDPR) is:
effective GmbH
L13, 3-4
68161 Mannheim
Deutschland
Managing Director: Hermann Bareis
Telefon: +49 621 17893 0
E-Mail: mannheim(at)effective-world.com
Our Data Protection Officer can be reached at dataprotection@effective-world.com or at our postal address with the addition "Data Protection Officer."“.
(3) This privacy notice applies only to the part of our website directed at EU citizens. It is based on the language selection made on our website—this notice applies only if you select a language associated with the EU.
For your privacy and data protection, we strongly recommend avoiding other language options, as they may involve data transmission to insecure third countries or companies not bound by EU data protection agreements. These companies may process the data for their own purposes, potentially including transfer to government agencies or security services, over which we have no control.
(4) This website is hosted by an external service provider (host). Personal data collected on this website is stored on the host's servers. This may include IP addresses, contact requests, metadata, communication data, contract and contact information, website access data, and other data generated via the website.
Hosting is carried out for the fulfillment of contracts (Art. 6(1)(b) GDPR) and in the legitimate interest of secure, efficient, and professional website provision (Art. 6(1)(f) GDPR).
Where consent is obtained, data processing is based on Art. 6(1)(a) GDPR and §25(1) TDDDG (German Telecommunications and Telemedia Data Protection Act), especially regarding cookies or device data (e.g., fingerprinting). Consent can be withdrawn at any time.
We have signed a Data Processing Agreement (DPA) with our host in accordance with GDPR requirements.
(5) Unless a specific storage duration is mentioned in this privacy notice, your personal data will remain with us until the purpose for the data processing no longer applies. If you request deletion or withdraw consent, your data will be deleted unless legally required otherwise (e.g., tax or commercial law retention periods). In such cases, deletion will occur once those obligations have expired.
(6) If you have given your consent, we process your personal data based on Art. 6(1)(a) GDPR or, if special categories of data are involved, Art. 9(2)(a) GDPR.
If explicit consent to data transfers to third countries has been given, Art. 49(1)(a) GDPR applies.
If consent is given for cookies or device access (e.g., fingerprinting), processing is also based on §25(1) TDDDG.
Data necessary for contract performance is processed under Art. 6(1)(b) GDPR.
Data processed to fulfill legal obligations is covered by Art. 6(1)(c) GDPR, and data based on our legitimate interest is processed under Art. 6(1)(f) GDPR. The applicable legal basis is detailed in the following sections.
§ 2 Your Rights
(1) Below we outline your rights as a data subject under Art. 15 GDPR. You may exercise these rights at any time by contacting us.
We may request additional information to verify your identity before responding. We'll explain our decisions in detail and do our best to comply with your requests.
(2) Right of Access
You have the right to request information about whether we process your personal data, including the purposes, recipients, storage duration, and data source (if not collected directly from you).
You are also entitled to one free copy of your data. Additional copies may incur a reasonable administrative fee.
(3) Right to Rectification
You may request the correction of inaccurate or incomplete personal data.
(4) Right to Erasure ("Right to Be Forgotten")
You may request the deletion of your data. If the data has been made public, we will inform other controllers to delete all related links, copies, and replications under Art. 17(2) GDPR, where technically feasible and within reasonable effort.
(5) Right to Restriction of Processing
You may request the restriction of processing under certain conditions. During restriction, your data may only be processed with your consent or for legally limited purposes.
(6) Right to Object to Processing
If we process your data based on a balancing of interests (e.g., not for fulfilling a contract), you may object by explaining your reasons. We will then assess the situation and either stop or adjust processing—or explain why we must continue.
(7) Right to Withdraw Consent
If you have given consent for processing, you may withdraw it at any time. This affects only future data processing.
(8) Right to Data Portability
You may request a copy of your personal data in a structured, commonly used, and machine-readable format—or request that we transfer it directly to another controller, where technically feasible.
(9) Right to Lodge a Complaint
You may lodge a complaint with a data protection authority at any time regarding our handling of your personal data.
§ 3 Collection of Personal Data When Visiting Our Website
(1) Even when using our website for information purposes only, certain data is transmitted automatically by your browser for technical reasons.
This data is necessary for displaying the website and ensuring stability and security (Art. 6(1)(f) GDPR):
- IP address
- Hostname
- Date and time of request
- Time zone difference from GMT
- Requested content (specific page)
- Access status/HTTP status code
- Amount of data transferred
- Referring website (referrer)
- Pages visited on our website
- Browser type, version, and language settings
- Operating system and version
- If JavaScript is enabled:
- Screen resolution
- Color depth
- Browser window size
- Installed browser plugins
(2) Use of Cookies and Storage Technologies
Cookies are small text files stored by your browser. Websites may also store HTML5 storage objects on your device. These technologies store and retrieve information but cannot execute programs or deliver malware.
a) This website uses elements either directly or via third parties. Where consent is legally required, we obtain it on the relevant pages.
The legal basis for these elements is your consent (Art. 6(1)(a) GDPR in conjunction with §25(1) TDDDG).
For technically necessary elements, we rely on our legitimate interest in operating the site efficiently and securely (Art. 6(1)(f) GDPR in conjunction with §25(2) TDDDG).
If a different legal basis applies for specific features, it will be explained where relevant.
| Name | Type | Purpose / Source | Lifetime |
|---|---|---|---|
| yt-remote-cast-available | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | Session |
| yt-remote-cast-installed | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | Session |
| yt-remote-fast-check-period | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | Session |
| yt-remote-session-app | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | Session |
| yt-remote-session-name | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | Session |
| yt-player-bandaid-host | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | permanent |
| yt-player-bandwidth | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | permanent |
| yt-player-headers-readable | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | permanent |
| yt-remote-connected-devices | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | permanent |
| yt-remote-device-id | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | permanent |
| yt.innertube::nextid | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | permanent |
| yt.innertube::requests | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | permanent |
| ytidb::LAST_RESULT_ENTRY_KEY | HTML5 Storage object Funktional | Technical variable in connection with the playback of YouTube videos. youtube.com | permanent |
b) You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or any cookies at all. We generally recommend that you automatically or manually delete cookies, browser history, and other temporary web storage objects on a regular basis to increase your privacy protection.
§ 4 Additional Functions and Services of Our Website
(1) In addition to the purely informational use of our website, we offer various services that you can use if interested. To do so, you generally need to provide further personal data, which we use to provide the respective service and which are subject to the principles of data processing previously mentioned. Mandatory fields are marked with an asterisk. Information in fields not marked in this way is purely voluntary.
(2) When you contact us by e-mail, we store your e-mail address and any other data you provide in order to respond to your inquiry. If a business relationship exists between you and us, or arises as a result of your inquiry, we store this data for the duration of the business relationship. Otherwise, we delete the data once storage is no longer necessary for the full processing of your inquiry. If statutory retention obligations prevent deletion, we restrict the processing of the data for the duration of these obligations and delete them thereafter. By sending your e-mail, you declare your consent to our processing of the transmitted data in the aforementioned manner (Legal basis: Art. 6 para. 1 sentence 1 lit. a GDPR).
(3) In some cases, we use external service providers to process your data. These providers have been carefully selected and commissioned by us, and we have concluded data protection agreements with them to ensure the protection of your data as required by data protection law.
§ 5 Provision of Personal Data Based on Legal or Contractual Obligations of the Controller or the Data Subject
If you wish to apply for a job with us via our careers portal, certain information—required in the mandatory fields of our application form—as well as the submission of meaningful application documents is necessary. Without the submission of this data, we regret that we are unable to consider your application.
In the following, we provide detailed information about special usage scenarios implemented on our website, email-based information services, tracking and analytics tools, social media integrations, as well as other third-party services.
Special Usage Scenarios
1. Use of Our Chatbot
(1) Our website features a chatbot that allows you to submit questions in natural language through an input field. Your query is initially processed on servers within the EU using logic defined by us. In a second step, your query—along with pre-defined contextual information—is forwarded via an interface to GPT-4.0, provided by OpenAI, in order to generate a natural language response based on AI functionality. This may involve the transfer of data to countries outside the EU, particularly the United States. However, your personal data—such as your IP address—remains solely with us. We do not transmit any personal data to OpenAI unless you include such information yourself in the query.
(2) To prevent the processing of personal or sensitive data, we strongly recommend avoiding the entry of such information into the chatbot. We use a paid version of GPT, under which OpenAI has contractually agreed not to use or store this data for its own purposes. Nevertheless, input data is stored for 30 days and may be evaluated to fulfill legal obligations concerning the handling of inappropriate entries. We have no influence over this process. Please also be aware of any AI policies applicable within your organization.
(3) If your query cannot be answered automatically, a contact form will be displayed, allowing you to manually submit your request. Certain contact fields are mandatory and marked accordingly; additional information is optional. These data are processed exclusively by us and are never shared with OpenAI or other third parties. You may choose to submit the chatbot conversation along with your inquiry, which helps us respond more effectively and further improve the chatbot. This option is voluntary. If you choose not to share the chat history, your inquiry will still be processed to the best of our ability.
(4) By using our chatbot and submitting the contact form and potentially the chat history, you consent—based on the notice displayed prior—to the processing of your data for the purpose of answering your inquiry and for the usage analysis and further development of our chatbot by authorized staff at effective. This consent is voluntary and can be withdrawn at any time with future effect by informal communication to us.
(5) We retain the data you provide for as long as necessary to respond to your inquiry and beyond that for purposes of usage analysis and development of our chatbot until these purposes cease or your consent is revoked.
(6) The provider of GPT is OpenAI, L.L.C., 3180 18th St., San Francisco, CA 94110, USA. Further information on data protection at OpenAI and the use of ChatGPT can be found at openai.com/de-DE/policies/eu-privacy-policy/. Please note that the data processing activities outlined there apply primarily to end users who use ChatGPT directly. When using our chatbot, no personal data is transferred to OpenAI via the GPT interface unless such data is included in your query.
Web Analytics
The legal basis for the use of all web analytics tools mentioned in this section is Art. 6 para. 1 sentence 1 lit. f GDPR, i.e., the protection of our legitimate interests in balance with the interests of our website visitors. Our legitimate interest is the analysis of how our website is used, in order to improve our offerings based on the resulting statistics and make our website more interesting for you as a user. If the tool also serves additional purposes or we use the collected data for other interests, we inform you about this in the respective tool descriptions.
2. Use of Matomo
(1) This website uses the web analytics service Matomo. Matomo stores cookies (see Section 3 for details) on your device. The data collected this way is stored exclusively on servers operated by the controller in Germany. You may object to the use of Matomo below. Please note: if you manually or automatically delete your browser's cookie storage, you will need to reset this opt-out cookie. The same applies when using another browser or device.
You can prevent the tracking of your visit on our website by Matomo at any time by clicking this link. This sets a cookie in your browser that contains no personal data and only serves to deactivate Matomo tracking for your browser.
(2) This website uses Matomo in a privacy-friendly configuration [without the use of cookies]. Your IP address is truncated by the last [two] bytes for all analysis purposes, making it impossible to associate the data with you and limiting geolocation accuracy. The IP address transmitted by your browser will not be merged with other data collected by us.
(3) Matomo is an open-source project. Information from the third-party provider about data protection can be found at: matomo.org/privacy/policy
Social Media and Other Third-Party Services
1. Social Media
(1) We currently do not use social media plug-ins on our website. Instead, we only provide links to our profiles on the following social media platforms: LinkedIn. Simply including these links does not transmit any personal data to the respective provider. Only when you click on the link—identifiable by the respective social media icon—and thereby access our hosted page on that platform, will the provider receive this information.
2. Integration of YouTube-Videos
(1) We have embedded videos from the YouTube platform into our online offering to make our website more attractive and informative and to better illustrate certain content or topics. These videos are stored on www.YouTube.com and can be played directly from our website. All videos are embedded using "enhanced privacy mode," which means no data about you as a user is transmitted to YouTube unless you play the videos. Only when you start playing a video will the data referred to in paragraph 2 below be transmitted. We have no influence over this data transmission.
(2) When you start a YouTube video embedded on our site, YouTube is informed that you have accessed the corresponding video and page on our website. Additional data such as your interaction with the video, as well as the information listed in Section 3(1) of this privacy notice, is also transmitted to YouTube. This transmission occurs regardless of whether you have a YouTube user account and are logged in. If you are logged into YouTube, the data will be directly associated with your account. If you do not wish for this data to be linked to your YouTube profile, you must log out before activating the video. YouTube stores your data as usage profiles and utilizes them for advertising, market research, and/or demand-oriented design of its website. Such evaluations are conducted in particular (even for non-logged-in users) to deliver targeted advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and to exercise this right, you must contact YouTube.
(3) By playing the videos, you consent to the use and the associated data transfer to YouTube. The legal basis for the use of the plug-in is Art. 6 para. 1 sentence 1 lit. a GDPR.
(4) Further information about the purpose and scope of data collection and processing by YouTube can be found in their privacy policy. There you will also find further information on your rights and settings options for the protection of your privacy: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, represented by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; www.google.de/intl/de/policies/privacy
(5) For data transfers to non-secure third countries, Google relies on the EU-U.S. Data Privacy Framework and the EU Commission’s Standard Contractual Clauses. Details can be found at: policies.google.com/privacy/frameworks
3. Integration of Friendly Captcha
(1) In certain areas of our website, we have integrated a program code from Friendly Captcha. When you interact with these protected areas (e.g., submitting a contact form), your device establishes a connection to Friendly Captcha's servers. Your browser then receives a computing task from Friendly Captcha. The complexity of this task depends on various risk factors. Your device solves the task using its system resources and sends the result back to our server. Our server contacts Friendly Captcha via an interface and receives a response indicating whether the task was solved correctly. Your browser also transmits additional data, including the information listed in Section 3(1) of this privacy policy, along with connection, environment, interaction, and functional data to Friendly Captcha. Friendly Captcha evaluates this data to determine the likelihood that the user is human and sends the result to us. Based on this result, we may treat access to our website or specific features as either human or potentially automated.
(2) For more information on the purpose and scope of data collection and processing by Friendly Captcha, as well as your rights and privacy settings, please refer to Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, Germany; friendlycaptcha.com/de/privacy/gdpr/
4. Integration of Other Third-Party Services
(1) This website also uses services provided by Typotheque (fonts) and Amazon Web Services (content delivery network).
These services are used based on a balancing of interests, either due to technical necessity or to provide you with a better user experience and enhance the attractiveness of our website (legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR).
(2) When you visit our website, the respective third-party provider is informed that you have accessed the relevant subpage of our site. The data listed in Section 3(1) of this privacy policy is also transmitted. This occurs regardless of whether the third-party provider offers a user account that you are logged into. If you are logged into the provider’s platform, the data will be associated with your user account. If you do not want this data to be linked to your profile, you must log out before visiting our website. The third-party provider may store your data as usage profiles and use them for advertising, market research, or to tailor its website to user needs. This evaluation also occurs for users who are not logged in. You have the right to object to the creation of these usage profiles. To exercise this right, you must contact the respective provider.
(3) For more information about the purpose and scope of data collection and processing by third-party providers, as well as your rights and privacy settings, please refer to the privacy policies of the following providers:
a) Typotheque, Koningsplein 12, 2518 JE The Hague, Netherlands; www.typotheque.com/privacy-policy
b) Amazon Web Services Inc., 410 Terry Avenue North, Seattle WA 98109, USA; aws.amazon.com/de/compliance/germany-data-protection/
Stand: 20.08.2024