This Privacy Policy comprises information on how your personal data are being processed when you visit and use this website. Our Privacy Policy is structured as follows:
I. General information
II. Information about us as controllers of your data
III. Your rights as a data subject
IV. Information about the data processing operations
I. General information
Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e., the General Data Protection Regulation (hereinafter referred to as the “GDPR”), “personal data” (usually referred to just as “data” below) means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Per Art. 4 No. 2 of the GDPR, “processing” refers to any operation, or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.
When processing your data, we will always observe the principles laid down in Art. 5 of the GDPR and make sure that data are processed lawfully, fairly and in a transparent manner in relation to the data subject; collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed; accurate and, where necessary, kept up to date; kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; and processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. Basically, this means that we may be held accountable that your data is only processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents and the services offered there. The following sections of this Privacy Policy are intended to inform you in particular about the type, scope, purpose, duration, and legal basis for our processing of your personal data, including transfers of your personal data to others.
II. Information about us as controllers of your data
The party responsible for this website (the “controller”) for purposes of data protection law is:
7Learnings GmbH
Engeldamm 64b 10179 Berlin
E-Mail: info@7learnings.com
(herein referred to a “7Learnings” or “we”)
The controller’s data protection officer is:
Moritz Knabben
dataprivacy@7learnings.com
III. Your rights as a data subject
With regard to the data processing to be described in more detail below, data subjects have the right
- to seek confirmation from us whether data concerning them is being processed, and, where this is the case, request access to the data being processed, further information about the nature of the data processing, and a copy of the data (cf. also Art. 15 of the GDPR);
- to request from us the correction or completion of incorrect or incomplete data (cf. also Art. 16 of the GDPR);
- to request from us the immediate deletion of data concerning them (cf. also Art. 17 of the GDPR);
- to request from us the restriction of the processing on the grounds stipulated in Art. 18 of the GDPR;
- to request from us to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 of the GDPR);
- to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (cf. also Art. 77 of the GDPR).
In addition, the controller is obliged to inform all recipients, to whom it discloses data, of any such corrections, deletions, or restrictions placed on processing the same pursuant to Art. 16, 17 para. 1, and 18 of the GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients (cf. also Art. 19 of the GDPR).
Likewise, under Art. 21 of the GDPR, data subjects have the right to object to the controller’s future processing of their data if the legal basis for such processing in the controller’s or a third party’s legitimate interest pursuant to Art. 6 para. 1 lit. f) of the GDPR. In particular, an objection to data processing for the purpose of direct advertising is always permissible.
IV. Information about the data processing operations
Your data processed when using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.
Log files
Our website collects some general information every time it is accessed by a data subject. This general information is stored in the log files of our web server, and it contains the browsers type and version used, the operating system used by the accessing system, the website from which an accessing system accesses our website, the sub-websites that are accessed on our website, the date and time of access to our website, an Internet protocol address (IP address), and the Internet service provider of the accessing system. This general information is required from a technical perspective to connect your device to our website.
In addition, this information is required to record potential attacks on our systems. When using this general information, we generally do not draw any conclusions about a specific person. Rather, this information is needed to deliver the content of our website correctly and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.
The legal basis for the processing is Art. 6 para. 1 lit. f of the GDPR. Our legitimate interest follows from the purposes for data collection listed above. The aforementioned log files are regularly deleted after one week and only in the event of a cyberattack, if necessary, are kept longer until the incident has been resolved.
Pre-Contractual Requests
Our website is designed to offer you detailed information about us and our products. If you want to learn more about 7Learnings and the way we strive to improve your business, we offer you different options to request additional information from us prior to purchasing a subscription. The pre-contractual requests include a download option for our whitepaper and access to a demo version of our solution.
The only personal data we request from you in the course of such pre-contractual requests is a valid e-mail address that we may use to follow up on your request, i.e. by sending you login credentials for your demo account. In addition, our sales team may contact you and ask you for your usage experience or your interest in a subscription to our services.
The legal basis for these processing operations is Art. 6 para. 1 lit. b) of the GDPR inasmuch as the processing is required to handle your pre-contractual request, and it is Art. 6 para. 1 lit. f) of the GDPR where the processing is required to serve our legitimate interest in expanding our business and permanently improve our solution upon collecting feedback from (prospective) customers.
Please note that you may at any time object to your personal data being used for the legitimate interests laid out above by unticking the box provided below the respective forms or by sending an e-mail to the addresses stated in this Privacy Notice.
Mailing Lists
If you register for our free newsletter, the data requested from you for this purpose, i.e. your email address and, optionally, your name and address, will be sent to us.
If you register for our free newsletter, we also store the IP address of your computer and the date and time of your registration. During the registration process, we will obtain your consent to receive this newsletter and the type of content it will offer, with reference made to this Privacy Policy. The data collected will be used exclusively to send the newsletter and will not be passed on to third parties.
The legal basis for the newsletter subscription is your consent declared in accordance with Art. 6 para. 1 lit. a) of the GDPR.
You may at any time revoke your consent to receive this newsletter pursuant to Art. 7 para. 3 of the GDPR with future effect. The revocation of consent does not affect the lawfulness of processing based on consent before its revocation. If you want to revoke your consent, simply inform us that you are revoking your consent or click on the unsubscribe link contained in each newsletter.
Contact
If you contact us via email or the contact form, the data you provide will be used for the purpose of processing your request. We must have this data in order to process and answer your inquiry; otherwise, we will not be able to answer it in full or at all.
The legal basis for this data processing is Art. 6 para. 1 lit. b) of the GDPR if your request is related to an existing contract with us, or if it is necessary for us to revert to you in order to take steps at your request prior to entering into a contract. In all other cases, the legal basis for this data processing is Art. 6 para. 1 lit. f) of the GDPR; our legitimate interest is to introduce ourselves as a customer-friendly and support-oriented company through responding to your inquiry.
Your data will be deleted once we have fully answered your inquiry and there is no further legal obligation to store your data, such as if an order or contract resulted therefrom.
Third-Party processors
We use third-party processors that assist us in providing our services as described in our Privacy Policy.
HubSpot Inc.
We use HubSpot for our customer relation management (CRM). HubSpot is a software company from the USA with a branch office in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telephone: +353 1 5187500.
All information collected by us and processed in the HubSpot software is subject to this Privacy Policy.
We have entered into a specific data protection agreement with HubSpot, including the Standard Contractual Clauses as issued by the European Commission (the “SCCs”). In addition to the supplementary measures implemented by HubSpot, adherence to these SCCs ensures that your data are subject to adequate safeguards also when being processed in the United States and other countries outside the European Union and the European Economic Area.
We use Google LLC for our internal email (Gmail) and documentation activities (Google Drive). Gmail is a web-based e-mail service that allows an organization to run its e-mail system using Google’s systems. It provides the capability to access a 7Learnings’ end user’s inbox from a supported web browser, read mail, compose, reply to, and forward mail, search mail, and manage mail through labels. It provides filtering for spam and viruses and allows our administrators to create rules for handling messages containing specific content and file attachments or routing messages to other mail servers. Google Drive provides web-based tools enabling 7Learnings’ end users to store, transfer and share files, and view videos.
Please note that we will use these tools when communicating with you and to store information that we collect from you as outlined in this Privacy Policy.
Though our contractual partner for the provision of Gmail and the Google Drive is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and though we have selected EU data centers for the storage of any personal data within Gmail or the Google Drive, your data may still be accessed by Google and its sub-contractors’ personnel from locations outside the European Union and the European Economic Area.
We have entered into a specific data protection agreement with Google, including the Standard Contractual Clauses as issued by the European Commission (the “SCCs”). In addition to the supplementary measures implemented by Google, adherence to these SCCs ensures that your data are subject to adequate safeguards also when being processed in the United States and other countries outside the European Union and the European Economic Area.
Outfunnel OÜ
Outfunnel is a software company based in Estonia (Tallinn, Harjumaa 10412, EE) that connects sales and marketing tools.
We use Outfunnel OÜ to synchronize data collected through our contact forms with our CRM software tool (HubSpot).
Bunny.net CDN
We use the content delivery network Bunny.net. The provider is BunnyWay d.o.o., Dunajska cesta 165, 1000 Ljubljana, Slovenia (hereinafter “Bunny.net CDN”).
Bunny.net CDN is a globally distributed content delivery network. Technically, the transfer of information between your browser and our website is routed via the content delivery network. This enables us to increase the global accessibility and performance of our website. The CDN records the IP address, but this is anonymized. The CDN also collects personal data if it is entered by the user (e.g. by submitting a contact form on the website).
The use of Bunny.net CDN is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 (1)(f) GDPR).
You can find more information about Bunny.net CDN here: https://bunny.net/privacy/.
Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Changes to This Privacy Policy
We may change this Privacy Policy at any time. All changes will be published on this website. Any changes to this Privacy Policy will become effective when we publish the revised Privacy Policy on our website. Therefore, we ask you to review our Privacy Policy from time to time. However, should we intend to further process your data for a purpose other than that for which the data were originally collected, your right to be informed proactively in accordance with Art. 13 para. 3 of the GDPR remains unaffected.