Privacy Policy

I. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection laws is:

Humanizing Technologies GmbH
In der Trift 1
57462 Olpe
+49 221 715975 75
go.plural.io

II. Contact Details of the Data Protection Officer

The data protection officer of the controller is:

DataCo GmbH
Dachauer Straße 65
80335 Munich
Germany
+49 89 7400 45840
www.dataguard.de

III. General Information on Data Processing


On this page, we inform you about the data protection regulations applicable on
Plural.io
(“Platform”). The platform is provided by
Humanizing Technologies GmbH,
In der Trift 1, 57462 Olpe, Germany.


We enable customers and their clients or partners to use the following functionalities:

  • Creation and management of avatars for communication with e.g. customers or business partners
  • Setup of communication guides
  • Management and evaluation of chats


The provision of these functionalities constitutes the purpose of the processing.
There is no
automated decision-making in accordance with Article 22 (1) and (4) GDPR
as part of the data processing by the platform of Humanizing Technologies GmbH.


Please note that the respective
user of the platform
is the
controller
for the
personal data processed
in the context of Avatar-to-end customer interactions.
We will comply with requests regarding the processing of personal data
if and to the extent required by applicable legal provisions.

1. Scope of Processing Personal Data


We process personal data of our users only to the extent necessary to provide a functional
platform
as well as our content and services.
Processing of personal data is generally carried out only with the user’s consent
or if processing is necessary for the performance of a contractual relationship.
We process the following personal data of our
platform
users:

  • First name
  • Last name
  • Company name
  • Phone number
  • Email address

2. Legal Basis for Processing Personal Data

If we obtain the consent of the data subject for processing operations involving personal data, Art. 6 para. 1 sentence 1 lit. a GDPR serves as the legal basis.


If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 sentence 1 lit. b GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.

3. Data Deletion and Storage Duration


The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if required by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject.

4. Recipients of Personal Data


Depending on which modules are used, various processors may receive personal data if they provide part of the processing services. Categories of recipients include:

  • Hosting providers
  • Providers of tools integrated by customers into the platform
  • IT service providers for maintenance and support purposes
  • CDN providers
  • Other processors commissioned to provide and improve our platform


If recipients of personal data are located outside the EU or EEA, we actively implement appropriate safeguards for lawful data transfer to third countries, e.g., by entering into standard data protection clauses in accordance with Art. 46 para. 2 lit. c GDPR.


If you express interest in our products and services, your personal data will be transferred to our Customer Relationship Management (CRM) platform Pipedrive, operated by Pipedrive, Inc., 530 Fifth Avenue, Suite 802, New York, NY 10036, USA. Data may be transferred to servers of subcontractors located outside the EU or EEA. According to Pipedrive, appropriate safeguards are always in place to protect personal data in such transfers.


For more information, please visit:

https://www.pipedrive.com/en/privacy

5. Personal Data from Third-Party Sources under Art. 14 GDPR


Our customers who use our platform for the above-mentioned purposes may independently process personal data of their customers via the platform. In this case,
we act as a processor, not as a controller. Please refer to the privacy policies of your respective contact person, who is independently responsible for processing your personal data via our platform.

6. Right to Object and Options for Erasure


You may object to the processing of your personal data at any time by sending a written notice or an informal email to contact@plural.io. All other data subject rights may also be directed to this email address.


An objection may result in the inability to continue providing services under contractual agreements if the processing of personal data is necessary for service delivery.

IV. Rights of the Data Subject

If your personal data is being processed, you have the right to obtain information from the controller about the data stored about you (Art. 15 GDPR).

If incorrect personal data is being processed, you have the right to rectification (Art. 16 GDPR).

If the legal conditions are met, you may request the erasure or restriction of processing (Art. 17 and 18 GDPR).

If you have consented to the data processing or a contract for data processing exists and the processing is carried out by automated means, you may have the right to data portability (Art. 20 GDPR).

You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(e) GDPR (data processing in the public interest) and Article 6(1)(f) GDPR (data processing based on a balancing of interests), including profiling based on those provisions (Art. 21(1) GDPR).

V. Provision of the Platform and Creation of Log Files

1. Description and Scope of Data Processing

Each time our platform is accessed, our system automatically collects data and information from the computer system of the accessing device.

The following data is collected:

  • The IP address of the user
  • Date and time of access

This data is stored in the log files of our system. These data are not stored together with other personal data of the user.

2. Purpose of Data Processing

The temporary storage of the IP address by the system is necessary to deliver the platform to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

Storage in log files is carried out to ensure the functionality of the platform. The data also helps us to optimize the platform and ensure the security of our IT systems. No evaluation of the data for marketing purposes takes place in this context.

These purposes also represent our legitimate interest in data processing pursuant to Art. 6(1) sentence 1 lit. f GDPR.

3. Legal Basis for Data Processing

The legal basis for the temporary storage of data and log files is Art. 6(1) sentence 1 lit. f GDPR.

4. Duration of Storage

The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for the provision of the platform, this is the case when the respective session ends.

In the case of data stored in log files, this is the case after no more than seven days. Longer storage is possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible to assign the accessing client.

5. Right to Object and Possibility of Removal

The collection of data for the provision of the platform and the storage of data in log files is absolutely necessary for the operation of the platform. Consequently, there is no possibility of objection on the part of the user.

6. Hosting with All-Inkl

Our website is hosted by All-Inkl. The provider is ALL-INKL.COM – Neue Medien Münnich, Owner René Münnich, Hauptstraße 68, 02742 Friedersdorf (hereinafter referred to as “All-Inkl”). For more information, please refer to All-Inkl’s privacy policy: https://all-inkl.com/datenschutzinformationen/.

The use of All-Inkl is based on Art. 6(1)(f) GDPR as we have a legitimate interest in a stable and reliable presentation of our website. If consent is required, processing is based on Art. 6(1)(a) GDPR and § 25(1) TTDSG – especially when it involves storing cookies or accessing information on the user’s device (e.g. device fingerprinting). Consent may be revoked at any time.

Data Processing Agreement

We have concluded a data processing agreement (DPA) with All-Inkl. This ensures that All-Inkl processes the personal data of our website visitors strictly according to our instructions and in compliance with the GDPR.

VI. Use of Cookies

1. Description and Scope of Data Processing

Our platform uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses our platform, a cookie may be stored on the user’s operating system. This cookie contains a unique string of characters that allows the browser to be clearly identified when the platform is visited again.

We use cookies to make our platform more user-friendly. Some elements of our website require the requesting browser to be recognized even after navigating to a different page.

The following data is stored and transmitted in the cookies:

  • Language settings

The user data collected in this way is pseudonymized using technical measures. Therefore, it is no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the user.

2. Purpose of Data Processing

The purpose of using technically necessary cookies is to simplify the use of our platform for users. Some functions of our platform cannot be offered without the use of cookies. For these functions, it is necessary that the browser is recognized even after a page change.

We require cookies for the following application:

  • Adoption of language settings

The user data collected through technically necessary cookies is not used to create user profiles.

3. Legal Basis for Data Processing



The legal basis for the use of technically necessary cookies and related data processing is § 25 (2) TTDSG in conjunction with Art. 6 (1)(f) GDPR. The processing serves to facilitate your use of our platform and provide you with the services you expect. Some functions of our platform do not work without the use of these cookies and therefore cannot be offered. Our legitimate interest in processing cookies arises from the aforementioned purposes. Cookies are deleted at the end of the session (e.g., logging out or closing the browser) or after a predefined duration.

4. Storage Duration, Objection, and Removal Options

Cookies are stored on the user’s computer and transmitted to our platform. Therefore, you as the user have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies for our platform are deactivated, it may no longer be possible to use all functions of the platform to their full extent.

If you use a Safari browser version 12.1 or higher, cookies are automatically deleted after seven days. This also applies to opt-out cookies set to prevent tracking.

VII. Use of External Service Providers

HubSpot

We use HubSpot for our online marketing activities. HubSpot is a U.S. software company with a branch in Ireland (HubSpot Inc., 2nd Floor 30 North Wall Quay, Dublin 1, Ireland). HubSpot is an integrated software solution that helps us cover various aspects of our online marketing, including:

  • Email marketing
  • Social media publishing & reporting
  • Contact management (e.g., user segmentation & CRM)
  • Landing pages and contact forms
  • Website analytics

In the course of using HubSpot, cookies are stored on your device and personal data such as IP address, location, browser, visited pages, or the form data you submit is processed.

Processing is carried out on the basis of Art. 6 (1)(f) GDPR, as we have a legitimate interest in analyzing user behavior in order to continuously optimize our offering.

If you do not want HubSpot to analyze your behavior, you can object to the storage of cookies at any time by adjusting your browser settings or by modifying the cookie settings on our website. For more information on how HubSpot processes data, please refer to the
HubSpot Privacy Policy: https://legal.hubspot.com/de/privacy-policy

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies into our website. Google Tag Manager itself does not create user profiles, store cookies, or perform independent analyses. It only serves to manage and deploy the tools integrated via it. However, Google Tag Manager does record your IP address, which may also be transmitted to Google’s parent company in the United States.

The use of Google Tag Manager is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the fast and easy integration and administration of various tools on their website. If corresponding consent was requested, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined by the TTDSG. Consent can be revoked at any time.

Web Analytics Services

This website uses features of the web analytics service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, duration of visit, operating systems used, and the origin of the user. These data are assigned to the respective user device but not to a unique device ID.

Additionally, Google Analytics can track mouse and scroll movements, as well as clicks. It uses various modeling approaches to enhance data sets and applies machine learning technologies during analysis.

Google Analytics uses technologies that make it possible to recognize users for the purpose of analyzing their behavior (e.g., cookies or device fingerprinting). The information collected by Google is usually transmitted to a Google server in the USA and stored there.

Use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time.

Data transfers to the USA are based on the EU Commission’s standard contractual clauses. Details can be found here:
https://privacy.google.com/businesses/controllerterms/mccs/

IP Anonymization

We have activated the IP anonymization function on this website. This means your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the website operator to evaluate your use of the website, compile reports on website activity, and provide further services related to website and internet use. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser Plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de

For more information about how Google Analytics handles user data, please see Google’s privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de

Demographic Features in Google Analytics

This website uses the “demographic features” function of Google Analytics to display suitable ads to website visitors within the Google advertising network. This allows reports to be generated that contain statements about age, gender, and interests. These data come from interest-based advertising by Google and from visitor data from third-party providers. These data cannot be assigned to any specific individual. You can disable this feature at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described under “Objection to data collection.”

Data Processing Agreement

We have entered into a data processing agreement with Google and fully comply with the strict requirements of the German data protection authorities when using Google Analytics.

VIII. Registration

1. Description and Scope of Data Processing

Users can register on our platform by providing personal data. The data is entered into an input form, transmitted to us, and stored. No data is passed on to third parties. The following data is collected during the registration process:

  • Email address
  • Last name
  • First name
  • Pseudonym
  • Phone / mobile number
  • IP address of the accessing computer
  • Date and time of registration

2. Purpose of Data Processing

Registration and identification of the user are necessary to provide certain content and services on our platform. To activate and/or use some of our SaaS offerings, you need to create an account. We require this information so that you can activate, manage, or use our products and services. We may link your email address and other personal data (such as name, phone number) to your account and access to our products or services.

3. Legal Basis for Data Processing

The legal basis for processing the data is the user’s consent in accordance with Art. 6(1)(a) GDPR.
In addition, registration is necessary for the performance of a contract (Art. 6(1)(b) GDPR).

4. Duration of Storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected.
This applies to data collected during the registration process if the registration on our website is canceled or modified.

5. Right of Revocation, Objection, and Deletion

As a user, you have the option at any time to cancel your registration. You can modify the data stored about you at any time. You may delete your account yourself in your account settings or request deletion by email at
contact@plural.io.
You may also address any other data subject rights to this email address.

IX. Email Contact

1. Description and Scope of Data Processing

It is possible to contact us via the provided email address on our platform. In this case, the personal data transmitted with the email will be stored.
The data will be used exclusively for processing the conversation.

2. Purpose of Data Processing

In the case of contact via email, the necessary legitimate interest in processing the data also lies therein.

3. Legal Basis for Data Processing

The legal basis for processing the data is the user’s consent under Art. 6(1)(a) GDPR.
The legal basis for processing data transmitted via email is Art. 6(1)(f) GDPR. If the email contact is aimed at concluding a contract, then Art. 6(1)(b) GDPR also serves as an additional legal basis.

4. Duration of Storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data transmitted via email, this is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

5. Right of Revocation, Objection, and Deletion

The user may revoke their consent to the processing of personal data at any time. If the user contacts us in writing (see address) or by email at contact@plural.io, they may object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
All personal data stored in the course of the contact will be deleted in this case.

X. Newsletter

1. Description and Scope of Data Processing

It is possible to subscribe to a free newsletter when registering on the platform. During newsletter registration, the following data is transmitted to us from the input form:

  • Email address
  • Pseudonym

During the registration process, your consent is obtained for data processing, and reference is made to this privacy policy.

If you purchase goods or services on our website and provide your email address in the process, it may subsequently be used by us to send a newsletter. In such cases, the newsletter will only contain direct advertising for our own similar goods or services.

No data will be passed on to third parties in connection with newsletter processing. The data is used exclusively for sending the newsletter.

2. Purpose of Data Processing

The user’s email address is collected to deliver the newsletter.

3. Legal Basis for Data Processing

The legal basis for data processing after newsletter registration by the user is the user’s consent under Art. 6(1)(a) GDPR.
The legal basis for sending the newsletter following the sale of goods or services is Art. 6(1)(f) GDPR.

XI. Content Delivery Networks

Microsoft Azure CDN

1. Description and Scope of Data Processing

We use features of the Microsoft Azure CDN content delivery network on our platform, operated by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, United States. A content delivery network (CDN) is a network of regionally distributed servers connected via the Internet that is used to deliver content — especially large media files such as videos. Microsoft Azure CDN provides web optimization and security services that help us improve loading times on our platform and protect it against misuse. When you access our platform, a connection is made to Microsoft Azure CDN servers to retrieve content. In this process, personal data such as user activity (especially which pages were visited), and device/browser information (in particular IP address and operating system) may be stored and analyzed in server log files.

For more information on the collection and storage of data by Microsoft Azure CDN, visit:
https://azure.microsoft.com/de-de/overview/trusted-cloud/privacy/

2. Purpose of Data Processing

The use of Microsoft Azure CDN features serves to deliver and accelerate online applications and content.

3. Legal Basis for Data Processing

This data collection is based on Art. 6(1)(f) GDPR. The platform operator has a legitimate interest in the technically error-free presentation and optimization of their platform.

4. Duration of Storage

Your personal information will be stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

5. Right of Objection and Deletion

Information on options for objection and deletion regarding Microsoft Azure CDN can be found at:
https://azure.microsoft.com/de-de/overview/trusted-cloud/privacy/

XII. Telemetry Data

1. Description and Scope of Data Processing

We collect telemetry data on our platform using the following tool:

  • Microsoft Azure Monitor

2. Purpose of Data Processing

The data is processed for the following purposes:

  • Error diagnostics
  • Log analysis
  • Infrastructure monitoring
  • Application monitoring
  • Resource optimization

3. Legal Basis for Data Processing

The collection of this data is based on Art. 6(1)(f) GDPR. The platform operator has a legitimate interest in the technically error-free presentation and optimization of their platform.

4. Duration of Storage

Your personal information is stored as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

5. Right to Object and Removal Options

You may object to the processing of your personal data at any time by sending an informal email to
contact@humanizing.com.
You may also address all other rights as a data subject to this email address.

This privacy policy was created with the support of
DataGuard.