§ 1 Information about the collection of personal data
(2) "We" are Signavio GmbH, Kurfürstenstraße 111, 10787 Berlin, Germany (email: firstname.lastname@example.org (see also our imprint). In this context, we are the controller according to Art. 4 section 7 General Data Protection Regulation (GDPR) (EU). Our Data Protection Officer can be reached at email@example.com or our postal address with the additional line "Attn: Data Protection Officer".
§ 2 Your rights
(1) You have the following rights regarding your personal data:
- Right of access according to Art. 15 GDPR,
- Right to rectification or erasure to Art. 16 u. 17 GDPR,
- Right to restriction of processing according to Art. 18 GDPR,
- Right to data portability according to Art. 20 GDPR,
- Right to object to the processing according to Art. 21 GDPR.
(2) You also have the right to complain to a data protection supervisory authority about the unlawful processing of your personal data by us.
§ 3 Collection of personal data when visiting our website
(1) Informational use: Informational use means using our website to find out more about our products. Therefore, if you do not register for one of our free trials or webinars, or otherwise submit information to us, we will only collect the information your browser sends to our server. In that case, we will collect the following data, which is necessary for us to both display our website and to ensure its stability and security (legal basis is Art. 6 (1) sentence 1 lit. f GDPR):
- Browser type and version
- Operating system
- Referring URL
- Time of server request
- IP address
(2) Signavio Products: The use of our online applications, in particular “Signavio Process Manager SaaS”, “Signavio Collaboration Hub SaaS”, “Signavio Workflow Accelerator SaaS” and “Signavio Process Intelligence”, hereinafter referred to as “Signavio Products”, requires registration, which requires the entry of the following data: name, full address, email address, telephone number, company name. Additional entries are not mandatory and marked as such. For continuous improvement of Signavio products, we use software from TrackJS, LLC () for error analysis. In the course of this, TrackJS may receive a user’s IP address but may not further process or store the IP address. Additionally, we process login information (IP address, time stamp) and change log information of users. This information is used by us to provide statistics to the relevant customer and to enable the customer to perform governance and compliance tasks (upon request). In addition, on the basis of the user logins, we create pseudonymised usage profiles for the purpose of customizing our Signavio products. When using such data for customizing our Signavio products, we act as a data controller. The legal basis for this processing activity is Art. 6 (1) sentence 1 lit. f GDPR.
Processing to ensure compliance Signavio and its products, technologies, and services are subject to the export laws of various countries including, without limitation, those of the European Union and its member states, and of the United States of America. You acknowledge that, pursuant to the applicable export laws, trade sanctions, and embargoes issued by these countries, Signavio is required to take measures to prevent entities, organizations, and parties listed on government-issued sanctioned-party lists from accessing certain products, technologies, and services through Signavio’s websites or other delivery channels controlled by Signavio. This could include (i) automated checks of any user registration data as set out herein and other information a user provides about his or her identity against applicable sanctioned-party lists; (ii) regular repetition of such checks whenever a sanctioned-party list is updated or when a user updates his or her information; (iii) blocking of access to Signavio’s services and systems in case of a potential match; and (iv) contacting a user to confirm his or her identity in case of a potential match. Any such use of your Personal Data is based on the permission to process Personal Data in order to comply with statutory obligations (Article 6 para. 1 lit. c GDPR or the equivalent articles under other national laws, when applicable) and Signavio’s legitimate interest (Article 6 para. 1 lit. f GDPR or the equivalent articles under other national laws, when applicable). For this purpose, and subject to the other processing activities set out herein, we will only store your Personal Data for as long as it is required for Signavio to comply with its statutory obligations resulting from applicable export laws.
(3) Customer Portal: Your use of the Customer Portal is not mandatory for your use of the Signavio Products mentioned above. If you use the Signavio Customer Portal, additional data might be collected. Which data actually are collected in the course of this depends on the type of service you are using in the Customer Portal. Your data and user behaviour can be monitored by Signavio. Any data involved in the use of the Customer Portal will be processed on servers of Salesforce, Inc. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards under the Standard Contractual Clauses. Salesforce, Inc. has committed to the Standard Contractual Clauses of the European Union Commission. As far as a service is provided by a third party other than Salesforce or Signavio, data may be transferred to such third party. The “Signavio Customer Portal – Terms and Conditions” which can be viewed within the Customer Portal will provide further information of such transfer. These Terms and Conditions also govern the use of the Customer Portal in general.
(4) Use of other offers: In addition to the purely informational use of our website and the use of Signavio products via our website, we offer various services that you can use if you are interested. These include registration for webinars, requests for contact or requests for downloads, among others. To use these services, you will usually need to provide additional personal information which we will use to provide the service and for marketing purposes. These include your name, email address, and/or telephone number.
(2) Consent Management: At any time you can modify or withdraw your consent regarding the use of third-party cookies on our website by accessing our Cookies Table webpage:.
§ 5 External service providers
(2) Google Analytics, Google Tag Manager and Google reCAPTCHA: This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files which are stored on your computer and which enable you to carry out an analysis of the use of the website. The information obtained through the cookie concerning your use of this website will be typically transmitted to Google’s servers in the US and stored there. Signavio has activated the option for IP address anonymization provided by Google. As a result, your IP address will be shortened to the last 8 bits within countries that are members of the European Union, or in other contracting countries of the European Economic Area (EEA). Only in exceptional cases will the full IP address be transmitted to Google’s servers in the US and shortened there. On behalf of the website operator, Google will use this information in order to evaluate your use of the website so as to compile reports concerning website activities and in order to render further services associated with website and Internet use for the website operator. The IP address transmitted by your browser for the use of Google Analytics will not be used in connection with other Google data. You may prevent storage of cookies through your browser settings or via the opt-out function provided above; nevertheless we want to draw your attention to the fact that in this case you may not be able to use all functions of this website to their full extent. Additionally, you can prevent Google from capturing data on your use of this website (incl. your IP address) by downloading and installing the Browser plugin at the following link:. We use Google Analytics with the extension "_anonymizeIp ()". As a result, IP addresses are processed in their shortened form, meaning that personally identifying information will be excluded. Insofar as the data collected about you is assigned a personal reference, it will be immediately excluded and the personal data will be deleted immediately.
We use Google Analytics to analyze and regularly improve the use of our website. With these statistics we can improve our offerings and make them more interesting for you as a user. For the exceptional cases in which personal information is transferred to the US and because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, such transfers will be subject to appropriate additional safeguards under the Standard Contractual Clauses..The legal basis for the use of Google Analytics is Art. 6 (1) sentence 1 lit. f GDPR.
Furthermore, the service “Google Tag Manager” is used for an improved administration of the other services listed herein. Neither does Google Tag Manager collect additional data, nor does it store additional cookies.
(4) Matomo: Matomo is used for analysis purposes on this website. Through the statistics obtained from this service, we can improve our offerings and make them more interesting for you as a user. The legal basis for the use of Matomo is Art. 6 (1) sentence 1 lit. f GDPR. We use Matomo with the extension "AnonymizeIP". As a result, IP addresses are processed in their shortened form, meaning that personally identifying information will be excluded. The IP address transmitted by Matomo from your browser will not be merged with other data collected by us. For this evaluation, cookies (see above) are stored on your computer. The information collected in this way is stored exclusively on a server hosted by us in Germany not data is transferred to Matomo. You can adjust the amount of data we collect by deleting existing cookies and preventing the storage of cookies. If you prevent the storage of cookies, we point out that you may not be able to use this website to the fullest extent. You can prevent cookie storage by adjusting your browser settings.
(5) GoToWebinar: To provide webinars, we use GoToWebinar, a service of LogMeIn, Inc. When you register for one of our webinars, you submit your login information to LogMeIn, Inc. LogMeIn, Inc. is responsible for this service and associated data transfer. LogMeIn is headquartered in the US and maintains a global infrastructure. The data collected can be transferred to, stored, and processed on servers in the United States and other countries around the world. LogMeIn has committed to the Standard Contractual Clauses of the European Union Commission to ensure proper security arrangements with regard to the transfer of personal data between the EU and the US. More information can be found at:. LogMeIn, Inc. 333 Summer Street, Boston, MA 02210 United States.
(7) Hotjar: For analysis purposes, we use Hotjar. Through this service, we can gather anonymous evaluations regarding user’s behaviour and therefore, we are able to improve our offerings. For this evaluation, cookies (see above) are stored on your computer. The information collected in this way is stored by Hotjar exclusively on a server hosted within the EU. The storage of cookies and the exchange of data with Hotjar can be prevented by clicking on the “Withdraw your consent” button on the Cookies Table.
(8) LinkedIn: In order to display individual advertisements on the networking portal LinkedIn’s websites and to get an analysis of user’s behaviour on our website, we use the service “LinkedIn Insight Tag”. Hereby, different types of data regarding type and duration of a website visit are collected, however only IP-addresses are personal data amongst the collected data. This service exclusively applies to users which are registered users of LinkedIn services. Linkedin has committed to the Standard Contractual Clauses of the European Union Commission to ensure proper security arrangements with regard to the transfer of personal data between the EU and the US. Third party information: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA.
Bing Universal Event Tracking (UET) collects and uses data to create user profiles using pseudonymous. This service is provided by Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, USA. With the Bing Universal Event Tracking we can track user activity on our website if such users were referred to our website using Bing ads. If you use such Bing Ads a cookie will be stored on your computer. Our website is using a Bing UET Tag which is a code that allows us in combination with the cookie to save non-personal information about your visit on our website. Among those are information about how long the user stayed on our website, what sections did a user visited and which referral ad was used to visit our website. Information about your identity will not be stored. Microsoft might also track your user behaviour across multiple devices and could therefore offer personalized ads. Microsoft has committed to the Standard Contractual Clauses of the European Union Commission to ensure proper security arrangements with regard to the transfer of personal data between the EU and the US. For more information about Bing Event Tracking (UET) please visit.
(10) Bizible: Bizible is a service provided by Bizible, Inc. It serves to evaluate and optimize marketing campaigns based on information collected from Signavio’s website. Bizible will collect and use personal information depending on your interaction with different services on Signavio’s website and also stores cookies on your computer as described above. Bizible has committed to the Standard Contractual Clauses of the European Union Commission.
(11) Facebook Pixel: Signavio website makes use of “Facebook Pixel”, which consists of a line of code in your browser with your prior consent. The Facebook pixel will collect information such as the device you use and the websites that you visit, whether or not you have a Facebook account or are logged into Facebook. Such information will be used to generate advertisement posts for Signavio’s products which may be displayed to you via your Facebook account. Facebook Inc. has committed to the Standard Contractual Clauses of the European Union Commission. For more information on the purpose and scope of this specific data collection and the further processing and use of data by Facebook, please see the data policy of Facebook at. Third party information: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
§ 6 Emails from Signavio
(1) Emails: With your consent, you can sign up to receive our newsletter with up-to-date contributions and offers, as well as other interesting emails regarding Signavio's products. (2) Double-Opt-In: To register for our newsletter, we use the so-called double-opt-in procedure. This means that after you have registered, we will send an email to the email address specified in which we ask you to confirm that you wish to receive the newsletter. (3) Obligatory disclosures: To receive the newsletter, enter your email address, your name, and your country. After your confirmation, we will store this data for the purpose of sending you the newsletter. The legal basis is Art. 6 (1) sentence 1 lit. a GDPR. (4) Revocation: You can revoke your consent to receiving our newsletter or unsubscribe from the newsletter at any time. You can make the cancellation as described in each newsletter, or by sending a message to. (5) Note that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent include so-called web beacons or tracking pixels that represent one-pixel image files stored on our website. For the evaluations, we link the data mentioned in § 3 and the web beacons with your email address and an individual ID. As part of this, we record when you read our newsletters, which links you click on and determine your personal interests. We then link this data with actions you have taken on our website. You can object to this tracking at any time by informing us via the contact provided below.
§ 7 Opposition or revocation against the processing of your data
You can revoke your consent to having your data processed at any time. Likewise, you may object to our processing of your personal data for advertising and data analysis at any time. You can send us your concerns by sending an email to.
§ 8 Additional Provisions for Applicants
When you apply to a job at Signavio, the personal data contained in your application will be collected by Signavio GmbH (“Controller”), which is located at Kurfürstenstraße 111, 10787 Berlin, Germany, and can be contacted by emailing.
Controller’s data protection officer is Michael Möschl, who can be contacted at. Your personal data will be processed for the purposes of managing Controller’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6 (1) (f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment.
Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards under the standard contractual clauses.
Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have the right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.
Version: February 12th, 2021