Privacy Policy

Part 1 - Introduction

Thank you for your interest in our company. The protection of your data is important to us, so we have made it our mission to safeguard and protect your data and your rights in relation to data.

Personal data such as names, addresses, email addresses and telephone numbers are always processed in accordance with the General Data Protection Regulation, as well as with the country-specific data protection regulations relevant to us. This Privacy Policy contains information about the type of data that we collect, the extent to which we collect data and its purpose, and also about the rights that you have, provided that personal data has been collected or processed.

Throughout the Privacy Policy, we use various legal and technical terms. An explanation for these can be found in the section entitled "Definitions".

As the persons responsible for data processing, we have taken various different technical and organizational measures to ensure the personal data that we process is protected as completely as possible. Internet-based data transfer can however create security gaps, which means that absolute protection cannot be guaranteed. For this reason, you also have the option to communicate personal data to us through alternative methods, i.e. by telephone.

This Privacy Policy applies to personal data of our customers and suppliers, as well as of the visitors to our website.

The company that is responsible for data processing ("MAGIX" or "we") in accordance with the relevant data protection laws (including the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR") is:

In order to protect the interests of all data subjects affected by data processing, we have appointed a data protection officer. They can be contacted under the following details:

  • MAGIX Software GmbH
    Data protection officer
    Quedlinburger Str. 1
    10589 Berlin
    Germany
    Email: privacy@magix.net

You can contact our data protection officer directly and at any time with any questions or concerns relating to data protection.

Important: Please note that this Privacy Policy may change from time to time. Please use this page to keep yourself up-to-date, as any possible future amendments will be made here.
If you do not agree with a certain aspect of our Privacy Policy, you are entitled to certain legal rights, where applicable. These are described in the respective section below.

Part 2 - Summary:
Our Privacy Policy at a glance

1. What personal data do we collect?

If you are a customer of MAGIX, i.e. a user of our software, we must collect and use certain personal data in order to provide the right services to you, e.g.: (1) to deliver goods ordered, (2) to distribute updates and patches for your software, (3) to ensure that your software's licence is properly managed and to prevent product piracy, as well as (4) to provide you with information about offers which could be of interest to you.

A detailed description of which personal data we collect in this way can be found in the section entitled "Our Privacy Policy in detail".

User data:
If you are a customer of MAGIX, i.e. a user of our software, we must collect and use certain personal data in order to provide the right services to you, e.g.: (1) to deliver goods ordered, (2) to distribute updates and patches for your software, (3) to ensure that your software's licence is properly managed and to prevent product piracy, as well as (4) to provide you with information about offers which could be of interest to you.

A detailed description of which personal data we collect in this way can be found in the section entitled "Our Privacy Policy in detail".

Supplier data:
We require certain information from our suppliers and providers in order to ensure that operations run smoothly. This includes taking contact details for the responsible person in your company in order to communicate with them. We also require further information such as your bank details, so that we can pay you for the services that you have provided (subject to contractual agreement).

A detailed description of the personal data that we collect about you can be found in the section entitled "Our Privacy Policy in detail".

Visitors to the website:
We collect a limited amount of data from visitors to the website. This is to facilitate navigation on our websites and to better manage the services that we offer to you. The data we collect in this way comprises information about how you use our website and how often you access it.

Further information about the data that we collect about you when you visit our website can be found in the section entitled "Our Privacy Policy in detail".

2. From whom is personal data collected?

User data:
We generally only collect your personal data directly from you.

Supplier data:
We only collect your personal data directly from you in the course of working together with you.

Visitors to the website:
We collect data using cookies in accordance with your cookie settings when you visit our websites.

We also collect data from you when you contact us via the websites, for example when you enter information into a contact form or use the chat function. Generally, we may collect certain data automatically as soon as you access our website or read or click on an email from us.

Cookie settings:
The cookie settings are provided by OneTrust.
More information about cookies and cookie preferences can be found here:

3. Why we collect personal data and what we use it for

User data:
We collect and use information about our customers (i.e. users) to make sure that the contractual agreement between you and MAGIX is properly implemented in order to ensure a smooth business relationship. For example, we require personal data in order to process sale and license agreements and so that we can send you the products that you have ordered. A user account, which stores personal data, is required to use our software. We require this in order to offer you multi-user licence management and to prevent product piracy. We also partly require personal data from you in order to provide you with our services (such as customer support).

More information about how we use your personal data can be found in the section entitled "Our Privacy Policy in detail".

Supplier data:
We use your personal data primarily for two reasons: The first is to make sure that the contractual agreement between you and MAGIX is properly implemented in order to ensure a smooth business relationship. The second is to ensure compliance with legal regulations.

More information about how we use your personal data can be found in the section entitled "Our Privacy Policy in detail".

Visitors to the website:
We use your data to to process your requests and to facilitate navigation on our website in accordance with your cookie settings, for example to display offers which we think will be of interest to you, or to save the contents of your shopping cart in the Store for your next visit.

4. Disclosure of personal data

User information
We transmit your personal data for the following reasons: (1) The first is to ensure that you receive the goods that you have ordered from us (i.e. transmission to a delivery service provider), (2) to payment service providers like PayPal, (3) to companies that dispatch the newsletter for us and/or (4) or to companies that provide us with support services.

An overview of the categories of recipient to whom your personal data can be given can be disclosed in the section entitled "Our Privacy Policy in detail".

Supplier information
Unless you have specified otherwise, we can disclose your information to any of our group companies as well as associated third parties, e.g. service providers and organizations which we use and provide services for.

An overview of the categories of recipient to whom your personal data can be given can be disclosed in the section entitled "Our Privacy Policy in detail".

Visitors to the website
If you have given consent, we can pass your information to web analytics service providers, affiliate networks, marketing automation platforms and social media services, in order to ensure that you only receive appropriately targeted advertisements.

In general, with your consent, we reserve the right to also transmit your data to other countries outside of the EU or EEA. In this case, we will however ensure through appropriate arrangements a level of data protection corresponding to the level of protection ensured by the GDPR.

5. Duration for which we store personal data

The criteria for the duration of storage for personal data is the respective legal retention period, after which the data will be deleted. In addition to this, we save the respective data only provided that they are still necessary for the fulfillment of a contract.

More information about our basic procedures relating to storage of personal data can be found in the section entitled "Our Privacy Policy in detail".

6. Rights of the data subject – which rights do you have in relation to your personal data stored by us?

Even if we already hold your personal data, you are entitled to various rights with regard to this information. If you would like to talk to us regarding this, please do not hesitate to contact us. We will make every effort to take care of your query as soon as possible and every case will be treated in accordance with applicable legal regulations. Please note that we may record our communication in order to better solve the issues raised by you.

Insofar as we save your personal data, certain legal rights apply (the "rights of data subjects"), which we will outline here. More information about individual rights can be found in the section entitled "Our Privacy Policy in detail".

  • Right to access information
    At any time, you have the right to request us to confirm which information we have saved about you, and to request that this information be changed, updated, or deleted. We can then comply with your request. We also have the following options:
    • We may ask you to confirm your identity, or request further information, and
    • provided that this is permitted by law, we can decline your request. In this case, we will explain the reasons for doing so.
  • Right to objection:
    If we use your data because we believe this is in our legitimate interests and you do not agree, you have the right to object. We will respond to your request within 30 days. In certain cases, we are entitled to extend this period. We will usually only disagree in very narrowly defined circumstances.
  • Right to revoke consent:
    If we have obtained your consent to process your personal data for specific activities (for example, in order to send you advertisements), you can revoke this consent at any time.
  • Right to correction
    You have the right to request that the personal data concerning you be immediately corrected or amended.
  • Right to deletion
    In certain situations (for example, if we have unlawfully processed your data) you have the right to request us to delete your personal data. We will reply to your request within 30 days (in certain cases, we may however have the right to extend this period) and we will only disagree in very specific, narrowly defined circumstances – for example, if the data is absolutely necessary in order to continue to provide our services to you or to ensure the protection of our intellectual property. If we agree to your request, we will delete your data, but we will generally assume that you wish your name to be included in the list of persons that do not want to be contacted. In this way, we minimize the chance that you will be contacted in the future should your data be collected separately under other circumstances. If you do not wish this, please let us know.
  • Right to restrict processing
    Instead of requesting deletion, you can also request from us that the processing of your data be restricted or blocked. We will also reply to this request within 30 days, except if we still need the data, for example in order to continue to provide our services to you or to ensure the protection of our intellectual property.
  • Right to data portability
    Should you wish, you have the right to transfer your data from us to another person responsible. We will support you by transferring your data directly for you or by providing you with a copy in a standard machine-readable format.
  • Rights relating to automated decisions (profiling)
    Under certain circumstances, you have the right not to be subject to a decision that has been based exclusively on automated processing and that will have legal effect against you. However, under certain circumstances we may have a legitimate interest in such automated decision-making.
  • Right of appeal to a regulatory body
    You also have the right to lodge a complaint with a local regulatory body. Details about this can be found in the section entitled "Our Privacy Policy in detail".

7. Use of cookies

Our websites/web services use "cookies". Cookies are small text files that are saved on the hard drive of your PC (client) for a defined period. An overview of the cookies used and your options for setting them can be found here:

Part 3: Our Privacy Policy in detail

A. Detailed information on collection

1. What personal data do we collect?

User data:
We collect some data about our customers and users that we require to implement contracts and for license management and copy protection of our products. We therefore require your name, your email address and country of residence in order to create a user account, which is then used to activate software or content. The same information is collected when you register for our newsletter. We may also require further information from you (e.g. address, telephone number or date of birth), for instance for Store purchases, ordering of services, registering domains or ordering subscriptions. You may also provide us with further data – this is optional. The specific data collected depends on the form or input mask used, or will be clarified by our support staff over the phone.

If for any reason we require additional personal data from you, we will let you know.

Supplier data:
We only collect data about suppliers insofar as this is necessary, in order to maintain a streamlined business relationship. We collect data about our contact person in your organization, and some names, telephone numbers and email addresses. We also collect bank data for the purpose of making payments to you. We can also collect additional information that someone from your organization has shared with us. In certain circumstances, e.g. if you have been in contact with our financial department or billing department, our telephone calls with you may be recorded, regardless of local regulations and requirements.

2. From whom is personal data collected?

We generally only collect your personal data directly from you. We do not collect personal data from any other sources.

3. Why we collect personal data and what we use it for

User data:
In general, we use data on our users and customers in the following ways:

a) Advertising measures
Pursuant to Section 7 (3) of the law against unfair competition (UWG) of the Federal Republic of Germany, we are entitled to use the email address provided when a purchase is made in our shop for direct marketing for our own similar products or services. If you no longer wish to receive our product recommendations, you can unsubscribe from them at any time without incurring any costs other than the transmission costs according to the basic rates. To unsubscribe, simply click on the "Unsubscribe" link at the bottom of any of our product recommendation emails or send an email to privacy@magix.net.

b) Functionality of our products and security of our intellectual property rights
We are dependent on protecting our intellectual property rights, not least for the purposes of being able to offer you our products and services at their usual standard of quality and at attractive prices. In order to guarantee effective copy protection and enable you, depending on the product, to use our software on several computers, each installation of our software is linked to your user account, where certain data must be obligatorily saved (name, email address and country). It is only in this way that we can provide you with updates and patches for your software. To guarantee smooth operability of our products, you are therefore required to provide us with the above mentioned data

c) Assertion, exercise or defence of legal rights
In unusual cases, we may also use your personal data in order to assert, exercise or defend legal rights.

We may use your personal data for these purposes if it corresponds with our legitimate interests. More information about what this means can be found in the section entitled "Our Privacy Policy in detail".

Supplier data:
We will only use your information in order to conduct our business relationship with you in an optimal manner. To this end, we save your data in our database so that we can contact you in accordance with our agreement and can use your services. In unusual cases, we will use this data for the assertion, exercise or defence of legal rights.

4. Disclosure of personal data

We may share your personal data with the following categories of people in a variety of ways and for a variety of purposes, as appropriate and in accordance with local laws and regulations:

  • All company groups
  • Tax authorities, audit authorities or other authorities, if we in good faith believe that we are required by law or other regulation to disclose such information (for example, because of a request from a tax authority or in connection with an anticipated legal dispute)
  • External service providers that provide services in our name (including external email providers, auditors and accountants, technical support)
  • Providers of external IT services and storage providers, if a corresponding arrangement (or similar assurance) exists
  • Marketing technology platforms and suppliers

If in future we merge with or are acquired by another company (or should meaningful discussion about such a possibility take place), we may disclose your personal data to the (future) new company owners.

In general, with your consent, we reserve the right to also transmit your data to other countries outside of the EU or EEA. In this case, we will however ensure through appropriate arrangements a level of data protection corresponding to the level of protection ensured by the GDPR.

5. Duration for which we store personal data

We process and save personal data solely for the duration necessary for achieving the purpose for which the data was stored, or as stipulated in laws and requirements set by the European directive and regulation provider or another legislator to which we are subject.

If the storage purpose ceases to apply or if a storage period prescribed by European directive and regulation provider or another competent legislator expires, the personal data will be deleted routinely and in accordance with the statutory provisions.

6. How we protect your personal data

We will adopt all reasonable and appropriate measures to protect the personal data we have stored from misuse, loss or unauthorized access. To this end, we have taken a range of technical and organizational measures. This includes measures to deal with any suspected breaches of data.

If you believe that your personal data has been misused or has been lost or has been accessed without authority, please inform us immediately. Our contact details can be found in Part 1 of this Privacy Policy.

B. Detailed information about use and processing

We collect a limited amount of data from visitors to our websites in order to facilitate navigation of our websites and to better manage the services that we offer to you. You can use our websites without having to provide any personal data. In certain cases (e.g. Store orders, product activation etc.), processing of personal data may be required.

1. General data and information collection

Our websites collect a variety of general data and information each time one of their pages is loaded. This general data and information is saved to our server log files. Data that may be collected includes (1) browser types used and their versions, (2) operating system used, (3) the website from which an accessing system reaches our websites (what is known as a "referrer"), (4) subpages on our websites that are accessed by an accessing system, (5) date and time of visit to websites, (6) an Internet Protocol Address (IP address) and (7) any other similar data and information, that could serve as hazard prevention in the event of an attack on our IT systems.

No conclusions are drawn about the data subject during the use of this general data and information. This information is required in order to (1) correctly transmit the content of our website, (2) optimize content of and advertising for our website, (3) guarantee the permanent functional operability of our information technology systems and technology for our website, and (4) in the event of a cyber attack, provide law enforcers with necessary information for prosecution. This anonymously collected data and information is therefore evaluated by us statistically and also with the aim of increasing data protection and data security in our company ultimately to ensure an optimum level of protection for the personal data processed by us. Anonymous server log file data are stored separately from all personal data provided by a data subject and deleted regularly after a deadline appropriate for the purposes of storage has expired.

2. Registration on our website

You can register your personal data on several of our websites, for instance by signing up to our newsletter or setting up a user account (e.g. through placing an order or by activating a MAGIX product). The specific personal data you submit to MAGIX is dependent on the type of input mask used for registration. The personal data submitted by the data subject will be collected and stored for the sole purpose of internal use and purposes by MAGIX. We may arrange for disclosure to one or more contract processors, for example a parcel service provider, who also uses the personal data exclusively for an internal use that is attributable to us.

When registering on a MAGIX website, the IP address provided by your Internet service provider (ISP), date and time of registration will also be stored. This data is stored against the background that the misuse of our services can only be prevented in this manner and that this data may enable committed criminal offences to be investigated. In this respect, the storage of this data is necessary for MAGIX security reasons. This data will not be passed on to third parties unless required to do so by law or for the purpose of criminal prosecution.

Registration by voluntarily submitting data also enables us to offer you content or services that may only be offered to registered users due to to the nature of the offer. Registered users are free to modify personal data submitted during registration or have them deleted in entirety from our database.

Upon request, we will provide you at any time with information about which personal data we have stored about you. We will also correct or delete personal data upon your request or notification, as long as this does not conflict with any legal storage obligations. Our data protection officer is available as a contact person in this regard.

3. Subscription to our newsletter

Users have the option of subscribing to our newsletter via our websites. The specific personal data you submit to us when signing up to the newsletter is dependent on the type of input mask used.

You can only receive our newsletter if you (1) have a valid email address and (2) have registered for newsletter distribution.

When registering for the newsletter, the IP address provided by your Internet service provider (ISP), date and time of registration will also be stored. The collection of this data is necessary in order to track (potential) misuse of email addresses at a later point in time and therefore fulfils the purpose of legal protection for MAGIX.

Personal data stored within the scope of registration for newsletters will only be used in order to distribute our newsletter. This data will solely be transmitted to Emarsys eMarketing Systems AG, Hans-Fischer-Strasse 10, 80339 Munich, whom we have commissioned to distribute our newsletter. In addition, no data is disclosed to third parties. You can cancel the use of your email address for advertising purposes at any time by clicking "Unsubscribe" at the bottom of the newsletter. You can at any time revoke the consent you have granted for storing personal data in order to receive our newsletter.

4. Newsletter tracking

The MAGIX Software GmbH newsletters contain what are known as tracking pixels. A tracking pixel is a miniature graphic embedded in emails in HTML format for the purposes of recording and analyzing log files. This enables us to conduct a statistic evaluation of the success or failure of our online marketing campaigns. On the basis of the technology used, we can recognize whether and when an email was opened by you and whether you clicked on the links within the email.

Data collected in this manner is stored and evaluated on our account by Emarsys eMarketing Systems AG, Hans-Fischer-Strasse 10, 80339 Munich, in order to optimize newsletter distribution and modify the content of future newsletters further so that they match the interests of the data subject receiving the newsletter. Your data will not be disclosed to any third parties. You can revoke your declaration of consent, which you have provided separately, in this regard at any time here:

5. Contact options via the websites

Our websites contains legally required information, which enables us to be contacted rapidly in a direct manner, for instance by email. If you contact us by email or via a contact form, the personal data submitted by you will be stored automatically. We store this voluntarily submitted personal data for purposes of handling or to communicate with you; we will not pass it on to third parties.

6. Use and application of third party tools and services on our websites

We have integrated various third-party components onto our websites to enable us collect your data in a way that is compliant with data protection requirements. The following provides you with more information about this: For information on a third-party services that require consent, please see the section on Cookies/Cookie settings.

a) Onetrust
We use the cookie consent solution OneTrust, a service provided by OneTrust LLC, Dixon House, 1 Lloyd's Avenue, London, EC3N 3DQ ("OneTrust"). OneTrust stores information about the categories of cookies used by the website and whether you have given or withdrawn your consent to the use of each category. You can find more information and the options for setting cookies here.

b) GoogleTag Manager
Google Tag Manager does not collect or transfer any data to third parties. Google Tag Manager only processes your cookie settings. It is therefore a necessary tool for compliance with the current data protection requirements.

c) Dynamic Yield
Our website uses Dynamic Yield, a service provided by Dynamic Yield Ltd., Highlands House, Basingstoke Road, Spencers Wood, Reading, Berkshire, England RG7 1NT (https://www.dynamicyield.com).

Dynamic Yield is a technology company that provides basic content and news on the website.Dynamic Yield is used in a special privacy mode (Active Cookie Consent mode) by default. No cookies are used and no cross-page visitor session are calculated in this mode. Visitors are not offered personalized experiences unless they actively give consent. Only visitors who have given their consent receive personalized experiences.

You can learn more about this at: https://www.dynamicyield.com/platform-privacy-policy/

i) Tawk.to live chat
Some of our online offers include the application Tawk.to. Tawk.to is live chat software. Chats are integrated into the source text via a script. Using the chat automatically uses the services of Tawk.to. For information regarding the purpose and scope of data collection and the processing and usage of this data by Tawk.to, please see Tawk.to's privacy policy: https://www.tawk.to/privacy-policy.

e) SendGrid

If you do not want to complete an order you have placed in the shopping cart on the website www.magix.com, you have the option to receive a link by email, with which you can restore the shopping cart's contents at a later time. In order to do this, we require your name and email address. To send the emails and notifications, we use the service provider SendGrid provided by Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105, USA (worldwide headquarters), and Twilio Ireland Limited, 25-28 North Wall Quay, Dublin 1, Ireland (EEA headquarters). Hereinafter this is referred to as SendGrid. SendGrid is a cloud-based SMTP provider that acts as an email delivery system and allows email to be sent without the need for dedicated email servers. SendGrid manages the technical details of email delivery, such as infrastructure scaling, reputation monitoring and real-time analytics. Cookies and web beacons (tracking pixels) are used in the emails sent by SendGrid. These allow tracking to determine whether the email sent through the SendGrid platform was delivered, opened, clicked, blocked or treated as spam. The following data is usually handled during this process: IP address, browser types, log files, information about the operating system, information about the connection, which pages are displayed, email address, which parts of the services are used, information about the performance of the services, metrics on the delivery of emails and other electronic communications.

For more information on the data processing by SendGrid, please see: https://www.twilio.com/legal/privacy#sendgrid-services

The aforementioned data will only be processed by SendGrid if you as a user actively consent to such processing.

You may at any time withdraw your agreement to the storage of data, as well as its use for sending emails by SendGrid. You can exercise your right of revocation at any time by sending an email to the data protection officer at MAGIX Software GmbH, privacy@twilio.com or by clicking on the unsubscribe link provided in each email.

f) Piwik PRO

For the purpose of monitoring the functionality of our websites and online stores and evaluating user feedback, we rely on Piwik PRO for web monitoring. Thereby we collect, for example, which pages and elements cause errors and when visitors do not find their destination. Within Piwik PRO standard mode, no cookies are created without explicit consent. The collected usage information from this site is transferred to servers in Europe and not shared with third parties. The IP addresses that are processed are exclusively masked (i.e. anonymized). Direct personal reference is therefore not possible. We have concluded a contract with Piwik PRO with order processing agreement in which Piwik PRO undertakes to comply with the level of data protection provided within the EU when processing user data and exclusively processes data in accordance with our instructions. Contact and further information: Piwik PRO GmbH, Kurfürstendamm 21, 10719 Berlin, DE, Link to the privacy policy: https://piwik.pro/privacy-policy/

g) Google Customer Match

We use Google Customer Match to periodically send youadvertisements that we think are most relevant to you. This feature enables usto provide ads based on your preferences as part of a specific group of people.We do not share any of your personal information, such as name or emailaddress, with any third-party networks. These networks only receive a uniqueidentifier. You can manage your privacy settings in the privacy tab of youraccount for third-party processing. Find more information about Google CustomerMatch at: https://policies.google.com/privacy

h) Facebook Conversion API

We utilize a tracking tool namedFacebook Conversion API developed by Facebook/Meta Platforms Ireland Limited, 4Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, a subsidiary of Facebook / META Inc. 1601, Willow Road Menlo Park, CA 94025, USA. This is adata interface through which we transmit data about your activity on ourwebsite to Facebook for evaluation. This enables us to provide advertisementsthat match your user behavior on our website.  In conjunction with ConversionAPI, we make use of the following data: • Client User Agent (the browser youare using and your operating system) We transmit this data to Facebook. In thisprocess, the data is also transmitted to Facebook within the USA.  The EUCommission has not issued an adequacy decision regarding the transfer of datato the USA. Facebook ensures an adequate level of data security in accordancewith the EU standard contractual clauses. You can find a copy of thecontractual clauses at: https://www.facebook.com/legal/EU_data_transfer_addendum The legal basis for the data processing is your consent according to Art. 6para. 1 a) DSGVO.  You can revoke your consent for any data processing byFacebook on our web domain at any time with effect from that time by changingyour preferences in our cookie settings.

7. Cookies/Cookie settings

We use cookies on our websites in order to be able to display and optimize our websites using their full range of content, to permanently display the most relevantcontent for you, to compile statistics on the use of our websites and for marketing purposes such as sending newsletters tailored to your interests. When used for marketing purposes, usage data is also transferred to third countries such as the USA that do not have a level of data protection equal to that in Europe. To manage your cookie settings, we use a cookie consent solution from OneTrust. 

The cookie consent tool appears as a banner on our website. By clicking on "ACCEPT COOKIES", you consent to the use of analytics tools for the purposes mentioned above. Via the button "COOKIE SETTINGS" at the website footer, you can individually select unnecessary cookies and also change them at any time. You can also revoke your consent in the settings at any time with effect for the future. 

The following analytics tools are managed by the cookie consent tool:

a) Google Analytics

MAGIX has integrated Google Analytics components into its websites. The operator for Google Analytics components is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. For web analysis with Google Analytics, MAGIX uses an anonymization function, where Google shortens and anonymizes the IP address for the Internet connection of the data subject (hereinafter "data subject"). Google Analytics is a web analytics service. Web analytics is the collection, organization and analysis of data on the behavior of visitors to websites. A web analytics service collects, among other things, data regarding the websites the data subject came to a website from ("referrer" URLs), which subpages of the websites were accessed or how often and for how long a website was viewed. These web analysis metrics are mainly used as a data basis for optimizing the functions and contents of a website. Google Analytics sets a cookie on the computer of the data subject. Using cookies enables Google to analyze the use of our websites. Each time a user visits one of the pages of the websites that are operated by MAGIX and upon which Google Analytics components are embedded, the Internet browser on the computer of the data subject is automatically prompted by the Google Analytics components to transmit data to Google for the purpose of online analysis. As part of this technical procedure, Google obtains knowledge of personal data, such as the IP address of the data subject, which enables Google to trace the origin of the visitors and their behavior on the site, among other things.

Cookies are used to store information such as access time, the location from which access came and the frequency of visits to our websites by the data subject. For every visit to our websites, this data, including the IP address of the Internet connection used by the data subject, will be transferred to Google in the United States of America. This personal data will be stored by Google in the United States of America. Google may disclose the personal data collected through this technical process to third parties.

You can use the cookie consent tool at any time to manage cookie settings for our websites as described above. Further information and the Google Analytics Privacy Policy can be viewed at https://policies.google.com/privacy.

b) Hotjar

Hotjar is a website analytics system provided by Hotjar Ltd, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta, which enables us to evaluate the use of our website. MAGIX uses Hotjar to anonymously evaluate interaction with content (for example in terms of click statistics or scroll depth). Hotjar does not collect or store any personal data. In using Hotjar, our goal is to gain an understanding of how users interact with content elements on our site in aggregate. This knowledge forms the basis for improvements we make to the accessibility and user experience of our websites. For more information, visit https://www.hotjar.com/legal/policies/privacy/.

c) Emarsys

Emarsys Interactive Services GmbH is a technology company that provides an omnichannel customer engagement platform that enables services such as sending email and customized in-app messages. We use this omnichannel customer engagement platform for the purpose of measuring sales/performance/function of campaigns and for providing offers and services related to customer registration. The aim of this measurement is to analyze and improve the efficiency and relevance of our existing customer communication (CRM) on a long-term basis. The operator is Emarsys eMarketing Systems GmbH, Märzstraße 1, 1150 Vienna, Austria. For more information, visit https://emarsys.com/privacy-policy/.

d) Dynamic Yield

Dynamic Yield (Dynamic Yield Ltd, Highlands House, Basingstoke Road, Spencers Wood, Reading, Berkshire, England RG7 1NT) is a technology company that aims to improve customer experience on websites by providing relevant content. Dynamic Yield's engine uses machine learning and predictive algorithms to provide personalization, recommendations, automatic optimization and additional content. Dynamic Yield uses cookies for this and only collects pseudonymized information about usage activities on our website. Direct personal reference is therefore not possible. MAGIX uses the service provided by Dynamic Yield to offer visitors the most relevant and successful content possible and to test user acceptance of new functions. You can learn more about this at: https://www.dynamicyield.com/platform-privacy-policy/

e) Affiliate networks

Affiliate marketing is a web-based distribution system, which allows commercial operators of websites, merchants or advertisers, to place advertisements, which are mostly compensated per click or sales commission, on third party websites (partners), which are also called affiliates or publishers. The merchant provides advertising media over an affiliate network such as a banner advertisement or a suitable media for Internet advertisement, which is subsequently linked and advertised by an affiliate on their own websites or other such channel, such as social media or email marketing. The respective affiliate network places a cookie on your computer ("affiliate cookie"). The affiliate cookie does not save any personal data. Only the identification number of the affiliate is saved, that is, the partner who is referring a potential customer, as well as a reference number for the website visitor and the advertising media clicked. This data is stored for the purpose of processing commission payments between a merchant and the affiliate, which is processed via the affiliate network. You can manage cookie settings for our websites at any time, as described above.

LinkShare (Rakuten Advertising)

Rakuten Advertising is an affiliate network for managing our publishers. We use this to measure the performance of publishers and to pay commission to publishers for generated sales. For more information, visit https://go.rakutenadvertising.com/hubfs/Website-Privacy-Policy-English.pdf

AWIN

AWIN is an affiliate network for managing our publishers. We use this to measure the performance of publishers and to pay commission to publishers for generated sales. For more information, visit https://www.awin.com/privacy

TradeTracker

Tradetracker is an affiliate network for managing our publishers. We use this to measure the performance of publishers and to pay commission to publishers for generated sales. For further information, please visit https://tradetracker.com/privacy-policy/

ADCELL

Adcell is an affiliate network for managing our publishers. We use this to measure the performance of publishers and to pay commission to publishers for generated sales. For more information, visit https://www.adcell.de/datenschutz

Effiliation

Effiliation is an affiliate network for managing our publishers. We use this to measure the performance of publishers and to pay commission to publishers for generated sales. For more information, visit https://www.effiliation.com/en/privacypolicy

CJ

CJ is an affiliate network for managing our publishers. We use this to measure the performance of publishers and to pay commission to publishers for generated sales. For more information, please visit https://www.epsilon.com/emea/privacy-policy

f) Facebook

Facebook is a social network. The platform collects various kinds of user information and activity, which is provided by the user about themselves or shared by other users. This information includes the individual user's networks and connections, payment information, device information, information about websites and apps with Facebook integration, other Facebook companies and information from third parties including interaction with advertising partners. Detailed information about the privacy policy – available under https://www.facebook.com/about/privacy – provides information about the collection, processing and use of personal data through Facebook. Users can restrict and control their individual privacy settings under https://www.facebook.com/about/basics. Facebook is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Facebook uses cookies and other technology to collect and save identifiers and additional user information about computers, phones and other devices. Cookies enable Facebook to process user information on Facebook itself and also to track user behavior on other websites and apps, regardless of whether the user is registered or logged in. In addition, cookies support the targeted placement of advertisements and help companies that use Facebook products to evaluate and optimize their advertising campaigns. More information about Facebook's cookie policy can be found under https://www.facebook.com/policies/cookies/.. MAGIX uses Facebook as a platform for increasing brand awareness and as an advertising platform for MAGIX products. To assist with performance measurement of these campaigns, MAGIX has implemented Facebook Conversion Tracking on its own homepages. This form of tracking enables the sharing of information about user behavior with Facebook in order to enhance product relevance and advertising effectiveness for users and their interests. Using Facebook targeting options, MAGIX identifies individual target groups on the platform (according to location, age, interests etc.) for targeted advertising using relevant content. Users can view, modify and limit targeting options and advertising preferences in their advertisement settings under https://www.facebook.com/ads/about/.

g) Google Ads

Google Ads is an Internet advertising service that permits advertisers to place ads in Google search engine results and in the Google advertising network. Google Ads enables advertisers to set predefined keywords: an advertisement will be displayed in Google search results only if the user's search engine results are relevant to the keywords. Within the Google advertising network, advertisements are distributed to thematically relevant websites by means of an automatic algorithm and predefined keywords. Google Ads are used for the advertisement of our websites through the placement of interest-based advertisements on websites of other companies and in the search engines results for search engine Google, as well as the placement of third party advertisements on our website. If the data subject arrives at our website by clicking on a Google advertisement, Google will place a "conversion cookie" on their computer. The definition of cookies has been provided above. A conversion cookie loses its validity after a limited period of time and is not used to identify the data subject. If the cookie has not yet expired, the conversion cookie is used to determine whether certain subpages, such as the shopping basket of an online shop system, have been accessed on our website. The conversion cookie enables both us and Google to track whether a data subject who has accessed our website via an Ads advertisement has generated revenue, that is, whether they have completed or canceled a purchase of goods. The data and information obtained through the use of conversion cookies are used by Google to create statistics about visits to our website. These visitor statistics are in turn used by us to determine the total number of users who arrived at our website via Ads advertisements, as well as the success rate of the corresponding Ads advertisement, and to optimize our Ads advertisements in the future. Neither our company nor the other clients of Google Ads receive information from Google which could identify the data subject. Personal data, for example the websites that have been visited by the data subject, is saved using conversion cookies. For every visit to our websites, therefore, personal data including the IP address of the Internet connection of the data subject will be transmitted to Google in the United States of America. This personal data will be stored by Google in the United States of America. Google may disclose the personal data collected through this technical process to third parties. You can use the cookie consent tool at any time to manage cookie settings for our websites as described above.

h) Microsoft Ads

MAGIX has integrated Bing Ads into this website. Bing Ads is an Internet advertising service that allows advertisers to place ads both in Bing's search engine results and in the Bing advertising network. Bing Ads allows an advertiser to specify certain keywords in advance, which are used to display an ad in Bing's search engine results only when the user uses the search engine to retrieve a keyword-relevant search result. In the Bing advertising network, the ads are distributed to topic-relevant websites using an automatic algorithm and taking into account the previously defined keywords. The operating company for Bing Ads' services is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. The purpose of Bing Ads is to promote our website by displaying interest-relative advertising on Bing.com (and websites operated by Bing such as MSN.com, Bing.de and Bing.co.uk), AOL and Yahoo.com (including websites operated by Yahoo). The search network also includes third-party websites operated by Microsoft and Yahoo consortium search partners.

If you access our website via such an advertisement, a cookie is placed on your computer. A conversion cookie loses its validity after thirty days and is not used to identify the data subject. If the cookie has not yet expired, the conversion cookie is used to determine whether certain subpages, such as the shopping basket of an online shop system, have been accessed on our website. The conversion cookie enables both us and Microsoft to track whether a data subject who has accessed our website via a Bing Ads advertisement has generated revenue, that is, whether they have completed or canceled a purchase of goods. A Bing UET tag is integrated into our website. This is a code used in connection with the cookie to store personal information, such as the web pages visited by the data subject. Personal data, including the IP address of the Internet connection used by the data subject, is therefore transferred to Microsoft in Australia, Austria, Brazil, Canada, Finland, France, Germany, Hong Kong, India, Ireland, Japan, Korea, Malaysia, the Netherlands, Singapore, the United Kingdom and the United States of America each time he or she visits our website. This personal data is stored by Microsoft in Australia, Austria, Brazil, Canada, Finland, France, Germany, Hong Kong, India, Ireland, Japan, Korea, Malaysia, the Netherlands, Singapore, the United Kingdom, and the United States of America. In addition, Microsoft may be able to track your usage across multiple electronic devices through cross-device tracking, enabling you to display personalized advertising on or in Microsoft webpages and apps. You can disable this behavior at https://account.microsoft.com/privacy/ad-settings/ (Opt Out). The data subject can adjust the setting of cookies by our website, as already described above, at any time by means of an appropriate setting in the cookie consent tool. For more information on Bing Ads' analytics services, please visit the Bing Ads website (https://help.bingads.microsoft.com/#apex/3/de/53056/2). For more information about Microsoft and Bing's privacy policy, please see the Microsoft Privacy Policy (https://privacy.microsoft.com/privacystatement).

i) Hubspot

We use the CRM and marketing automation system of the provider HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA) with offices in Germany (Am Postbahnhof 17, 10243 Berlin) and Ireland (One Dockland Central, Dublin 1, Ireland) on the basis of your consent for the purpose of processing user requests and optimizing our online services. We have concluded a contract with HubSpot with standard contractual clauses in which HubSpot undertakes to comply with the level of data protection provided within the EU when processing user data and only processes data in accordance with our instructions. For more information on privacy, visit HubSpot's website: https://legal.hubspot.com/dpa and https://legal.hubspot.com

8. Privacy policy for the payment methods offered

a) PayPal
MAGIX has integrated PayPal components into this website. PayPal is an online payment service provider. PayPal makes it possible to initiate online payments to or to receive payments from third parties. PayPal also acts as a trustee and provides buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxemburg.

If you select "PayPal" as a payment option in our online shop during the order process, your data will be automatically transmitted to PayPal. By selecting this payment option, you consent to the transfer of personal data required for payment processing.

The personal data transmitted to PayPal is usually first name, last name, address, email address, IP address, telephone number, mobile phone number or other data required for payment processing. Personal data in connection with the respective order are also necessary for the processing of the purchase contract.

The purpose of data transmission is to process payments and prevent fraud. MAGIX will provide PayPal with personal data in particular if there is a legitimate interest in the transfer. Personal data exchanged between PayPal and MAGIX may be transferred by PayPal to credit agencies. The purpose of this transfer is to verify identity and creditworthiness.

PayPal may pass on personal data to affiliated companies and service providers or subcontractors if this is necessary to fulfil contractual obligations or if the data is to be processed on behalf of PayPal.

The data subject has the option to revoke his or her consent to the handling of personal data by PayPal at any time. A revocation does not affect personal data which must be processed, used or transmitted for (contractual) payment processing.

PayPal's current privacy policy can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

b) Other payment options
During payment, you will be forwarded to the payment page of the respective provider. Data requested for completing the payment will be directly requested through the provider and we cannot view or access this information.

Computop

For payments you make to us and for additional related services, such as fraud prevention, we use the payment platform "Computop Paygate" of Computop Paygate GmbH, Schwarzenbergstraße 4, 96050 Bamberg, Germany (hereinafter: "Computop"). The purpose of this payment platform is to connect us to various providers of payment methods and other services as well as for the technical control of data streams between you, us and the relevant bodies for the use of these payment methods or services (e.g. banks, providers of payment methods or providers of other services used). MAGIX does not receive access to your payment data or to credit card data in particular. Data processed are those necessary for the execution of the payment, in particular

  • Web server log data including IP addresses and timestamps,
  • Amount,
  • Currency,
  • Payment method and data types required for the payment method (these differ depending on the payment method),
  • Information about additional services potentially used (e.g. fraud prevention services) and types of data required for these services,
  • Information about the success or failure of a transaction, and
  • Other technical parameters necessary for the execution of the payment and additional services used.

The legal basis for data processing in connection with the execution of payments is Article 6 (1) sentence 1 b) of the GDPR.

The legal basis for the use of fraud prevention services is Article 6 (1) sentence 1 f) of the GDPR.

The legal basis for the use of a service provider in this context is Article 28 of the GDPR. Computop assists us with order processing and we have concluded an order processing contract with Computop that complies with the legal requirements pursuant to Article 28 of the GDPR.

Computop has Payment Card Industry Data Security Standard (PCI-DSS) certification and has adopted a very high number of security measures for data processing accordingly. The current certificate can be found on the website www.computop.com. Details on PCI-DSS, in particular the highly comprehensive checklist of PCI-DSS test criteria, are available on the PCI Security Standards Council website (https://www.pcisecuritystandards.org).

Datatrans

For executing the payment process by credit card, direct debit, and PayPal, MAGIX commissions the provider Datatrans AG, Kreuzbühlstr., 26 CH-8008 Zurich (Datatrans). Datatrans is the leading Swiss payment service provider and specializes in payment processing technology for online commerce. As a technical service provider, Datatrans is not involved in cash flow. MAGIX works with professional payment service provider Datatrans to ensure data protection and data security for your payment data (credit card number, bank details, etc.). Datatrans AG is compliant with all PCI guidelines and is officially certified by VISA and Mastercard as a payment service provider (PCI DSS Level 1). During the purchase process (checkout), a Datatrans form is opened for the execution of the payment process and the payment is conducted via an interface to Datatrans. MAGIX does not receive access to your payment data or to credit card data in particular. Further information on technical standards data protection relating to Datatrans can be found on the provider's website (https://www.datatrans.ch/)

The legal basis for data processing in connection with the execution of payments is Article 6 (1) sentence 1 b) of the GDPR.

The legal basis for the use of fraud prevention services is Article 6 (1) sentence 1 f) of the GDPR.

The legal basis for the use of a service provider in this context is Article 28 of the GDPR. Datatrans assists us with order processing and we have concluded an order processing contract with Datatrans that complies with the legal requirements pursuant to Article 28 of the GDPR.

c) Sending messages (SMS)
In certain cases, we may request you provide us with your mobile phone number, or landline telephone number if you do not have a mobile telephone, in order to be able to send you an SMS with a personal verification code. This is done for security purposes, so that we can be sure that orders placed under your name are actually placed by you.

We send SMS text messages using the service provided by creditPass GmbH, Mehlbeerenstr. 2,| 82024 Taufkirchen, Germany, and transfer them the mobile phone number or landline phone number provided by you for the purpose of sending text messages. This date will also be linked to your order and issued in the event of a police/legal investigation.

9. Applicant management

a) Description
Personal data is processed in accordance with the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (the new BDSG) if it is provided to us in the course of receiving an application from an applicant.

During this process, the following information will be saved:

  • IP address of the applicant
  • Date and time
  • Personnel master data in the context of an application (surname, first name, address, contact data and date of birth)
  • Data about qualifications (e.g. training certificates, professional work history, etc.)
  • Other personal data within the documents provided in the application by the applicant.

In order to process the data, the applicant's consent will be obtained when sending the form and reference will be made to this privacy policy.
We only disclose the personal data received to persons and departments within our company that require it for the fulfillment of contractual or legal obligations and for the enforcement of our legitimate interest. Furthermore, we may have the personal data that we receive in the application process transmitted and processed by companies commissioned by us, in compliance with the above-mentioned legal bases. The personal data will then be processed on our behalf by a contractor (pursuant to Article 28 of the GDPR). The data is afforded the highest level of protection during transmission and processing.
The contractor commissioned for the processing of applicant data is the provider HRworks GmbH, Waldkircher Str. 28, 79106 Freiburg, Germany, which is the provider of an applicant management system that we use and operates its service on platforms of the provider AWS. There is no transfer of personal data to a third country. This is ensured by the operator of the platform used for the applicant management system. Only data centers within the European Economic Area (EEA) are designated for processing the data pursuant to Article 28 of the GDPR. A transfer of data to recipients outside the addressed entities is not intended and will only take place in case of doubt if legal requirements exist and explicitly demand this.

b) Legal basis
The legal basis for processing is provided by Article 88 of the GDPR in conjunction with Section 26 of the new BSDG, as well as Article 6 (1) b) of the GDPR.

In addition, further processing the collected data with reference to Article 6 (1) c) of the GDPR (fulfillment of legal obligations) or also for the defense of asserted legal claims against us (Article 6 (1) f) of the GDPR) may constitute a legitimate interest. In this regard, it is conceivable that the aforementioned legitimate interest may manifest, for example, in a duty to provide evidence for proceedings with reference to the General Act on Equal Treatment (AGG).
By submitting the data as an applicant, the applicant gives their express consent to have their personal data processed in accordance with the legal bases mentioned. The consent is accordingly given in accordance with Article 6 (1) a) and further also in terms of Article 49 (1) (1) a) of the GDPR. It is possible to revoke consent at any time, for which you can use the instructions below under (e).

c) Purpose of data processing
The processing of personal data from the data entry form of the application process used is solely for the purpose of processing the application. With regard to the application process, only such data is processed that is provided to us in the context of the application, i.e. in conjunction with the application.

We use this data to make decisions about potential employment arrangements. If an applicant takes part in the application process, the data entered in various entry forms is transmitted to us and stored.The decision on the success of an application is not linked to any automated processing of the data provided by the applicant.

d) Duration of data storage
The transmitted data will only be processed as long as it is necessary for the decision-making process regarding potential employment. Additionally, the data will be retained for a maximum of six months after the applicant has been notified of a possible rejection. Further storage of the data record may only occur in absolute exceptional cases. This exceptional case is defined by the possible defense of legal claims for the duration of a legal dispute. For this period, it is in our legitimate interest to retain the data beyond the standardized retention period.

It is conceivable that the applicant would like to be included in a talent pool after the application process has been completed, which will allow MAGIX Software GmbH to approach the respective applicant again at a later date. If the applicant has agreed to additional processing as part of the process, the data will be retained for the retention period.
In the event that an employment arrangement is established after the application process, the collected data records will continue to be stored as far as permissible and will then be transferred to the respective employee's personnel file, where they will be further processed within the scope of the employment relationship. This is based, however, on a new legal basis.

e) Right to objection
The applicant has the possibility to revoke their consent to the processing of their personal data at any time. If the applicant contacts us by email, they may object to the storage of their personal data at any time. In this case, the application process will be terminated. Applicants can contact us at the email address hr@magix.net. In the event of an objection, all personal data stored in the course of the application will be deleted.

C. Your rights regarding the processing of personal data in detail

Insofar as we store your personal data or process this in additional ways, special legal rights apply (the "rights of the data subject"), which we will briefly outline here.

1. Right to access information

You have the right to demand a confirmation of which personal data about your person has been stored, at any time and for free. In addition you have the right to receive a copy of this information. The right to access information additionally covers:

  • the purpose for which the data is processed;
  • the categories of personal data that are processed;
  • the recipient or categories of recipients to whom the personal data has been or will be made available, in particular recipients in third countries or international organizations;
  • where possible, the planned duration for which the personal data will be saved or, where this is not possible to establish, the criteria for determining this duration;
  • the existence of a right to rectification or deletion of the personal data or to limit processing of this data by the party responsible or right to object to the processing of same;
  • the existence of a right to appeal through a supervisory authority;
  • the existence of an automated decision including profiling in accordance with Article 22 paras. 1 and 4 of the General Data Protection Regulation and, at least in these cases, the existence of meaningful information regarding the logic involved, as well as the scope and the desired effects of such processing on you.

You also have a right of access to information on whether personal data has been transferred to a non-EU country or to an international organization. If this is the case, you also have the right to obtain information about the appropriate guarantees in connection with the transmission.

You can contact our data protection officer at any time if you want to exercise this right to information.

2. Right to correction

You have the right to request that incorrect personal data concerning you be promptly corrected. You also have the right, taking into account the purposes of the processing, to request the completion of incomplete personal data, also by means of a supplementary declaration.

You can contact our data protection officer at any time if you want to exercise this right to correction.

3. Right to deletion (Right to be forgotten)

You have the right to request us to promptly delete the personal data concerning you, providing that one of the following reasons applies and as long as the processing is not necessary:

  • The personal data has been collected or processed for reasons that are no longer necessary.
  • You revoke your consent on which the processing was based pursuant to Article 6 (1) a) of the GDPR and there is no other legal basis for processing.
  • You object to the processing pursuant to Article 21 (1) of the GDPR and there are no overriding legitimate and justified reasons for the processing on our part, or you object to the processing pursuant to Article 21 (2) of the GDPR in the case of data processing for advertising purposes.
  • The personal data has been unlawfully processed by us.
  • Deletion of personal data is necessary for complying with a legal obligation under Union law or the law of the Member States to which we are subject.
  • The personal data was collected in relation to information society services according to Article 8 (1) of the GDPR.

Provided that one of the aforementioned reasons applies and you wish to have the personal data stored by us deleted, you can contact our data protection officer with your request at any time. They will then ensure that the request for the deletion is promptly complied with.

In principle, we do not release any personal data publicly. However, should we release personal data publicly and as the responsible party be obliged to delete personal data pursuant to Article 17 (1) of the GDPR, we will take appropriate measures (also of a technical nature), under consideration of the technology available and the cost of implementation, in order to inform other persons responsible for data processing and who process the published personal data that you have requested that these other persons responsible for data processing delete all links to this personal data as well as its copies and replications, insofar as the processing is not necessary. Our data protection officer will take the necessary steps in individual cases.

4. Right to restrict processing

You have the right to request a restriction on the data processing if one of the following conditions is met:

  • You dispute the accuracy of the personal data for a period of time that allows us to verify the accuracy of this data.
  • The processing is unlawful, you reject the deletion of personal data and instead request a restriction of the use of the personal data.
  • We no longer need the personal data for processing reasons, however, you yourself require the data in order to assert, exercise or defend legal claims.
  • You object to the processing pursuant to Article 21 (1) of the GDPR at it is not yet clear whether the legitimate reasons on our part outweigh your legitimate interests.

Provided that one of the aforementioned conditions is met and you wish to restrict the personal data stored by us, you can contact our data protection officer at any time. They will then ensure that the data processing is restricted.

5. Right to data portability

You have the right to receive the personal data concerning you that you have provided us with in a structured, standard machine-readable format. You also have the right to request us to transmit this information to another person responsible, provided that the processing is based on consent pursuant to Article 6 (1) a) of the GDPR or a contract pursuant to Article 6 (1) b) of the GDPR and providing that the processing is carried out using automated methods.

When exercising your right to data portability pursuant to Article 20 (1) of the GDPR, you also have the right to have us transfer the personal data directly to another person responsible, as long as this is technically feasible and provided that the rights and freedoms of other persons are not affected by this.

You can contact our data protection officer directly and at any time to assert the right to data portability.

6. Right to objection

At any time, for reasons specific to you, you have the right to object to the processing of personal data concerning yourself that has been carried out on the basis of Article 6 (1) f) of the GDPR in order to protect our legitimate interests. This also applies to profiling based on this regulation.

In the case of of an objection, we will no longer process the personal data, unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms as the data subject or unless the processing is intended to assert, exercise or defend legal claims.

Should we process personal data for direct marketing purposes, you have the right to object at any time to the personal data being processed for this purpose. This also applies to profiling, should this be directly related to this direct marketing. If you object to data processing for direct advertising purposes, we will no longer process your personal data for this reason.

You can contact our data protection officer at any time to assert the right to objection.

7. Right to revoke data protection consent

You have the right to revoke your consent to the processing of personal data at any time.

If you want to exercise your right to revoke the consent, you can contact our data protection officer at any time.

8. Automated decisions in individual cases including profiling

You have the right not to be subject to a decision based exclusively on automated processing, including profiling, which has a legal effect against you or significantly affects you in a similar way, unless (1) the decision is necessary for the conclusion or fulfillment of a contract between you and us, or (2) is permissible due to Union or Member State law to which we are subject and this law contains appropriate measures to safeguard your rights and freedoms and legitimate interests, or (3) occurs with your express consent.

If the decision (1) is necessary for the conclusion or fulfillment of a contract with you or (2) is made with your express consent, we will take reasonable measures to protect your rights, freedoms and legitimate interests, including at least the right for a person on our side to intervene in the decision making, for you to state your position and for you to challenge this decision.

If you want to exercise your right regarding automated decisions, you can contact our data protection officer at any time.

9. Right of appeal to a regulatory body

You have the right to lodge a complaint with a local regulatory body.

Contact details of the responsible local supervisory authority:

Berlin Officer for Data Protection and Freedom of Information


Friedrichstr. 219
10969 Berlin

Telephone: +49 (0)30 13889-0
Fax: +49 (0)30 2155050

Email: mailbox@datenschutz-berlin.de

10. Conducting webinars using the software GoToWebinar

10.1. Extent of data processing
The following provides information on the extent to which we collect, store and use data (hereinafter referred to as "data processing", used according to Art. 4 (2) GDPR) in the context of registrating and conducting webinars using the software GoToWebinar from the US-based company LogMeIn Inc.

We use GoToWebinar software to offer you MAGIX Academy training courses. Data processing takes place solely in order to conduct these webinars. You can either use the desktop app, browser, mobile app or your phone to participate in the webinar.

10.2. Purposes of data processing
Data is processed solely for the purpose of providing and conducting webinars.

10.3. Categories of data processing

10.3.1 User information for registration purposes
If you would like to attend a session as an attendee, you must register for the webinar using the registration URL (in the GoToWebinar invitation you have received) via a form. When registering for the webinar, you will be asked to provide a first name, last name and your email address in order to receive an access link fors the webinar.

If you provide your email address, you will receive the link to the webinar via email.

10.3.2 Meeting metadata information
When you participate in the webinar, "meeting metadata" is processed. The following categories of metadata are processed: topic, description (optional), participant IP address, device/hardware information, location, language settings, and operating system. For technical reasons, this data must be processed with regard to the respective webinar.

10.3.3 Data categories when dialing in with the telephone
When dialing in by telephone, details of the incoming and outgoing call number, country name, start and end time are processed. If Voice-over-IP (VOIP) is used, further data regarding the connection such as the IP address may be stored. For technical reasons, this data must also be processed in a necessary manner with regard to the respective webinar.

10.3.4 Processing text data
If you use a chat, question or survey function during the webinar, this content data will be processed for the purpose of communication within the webinar. In addition, the chat history is stored in a text file that contains the surname, first name (or a pseudonym) and the text of the chat message. This data will only be processed for evaluating the content of the webinar.

10.3.5 Processing of audio and video data
Our events held via GoToWebinar software are always recorded. If you make verbal contributions and/or use the video function to enable your image to be visually transmitted, this personal data will be processed for the purpose of communication within the webinar. Deciding to use these functions is up to you. The aforementioned data processing can only take place if you activate the microphone or the camera of your end device.

10.3.6 Data processing for monitoring attention
During events conducted using GoToWebinar software, the software registers whether the participant has the webinar window in the foreground (i.e. as the primary window). This information is communicated to the organizer in non-personalized form during the webinar (e.g. "Attentive: 75%"). In this way, the organizer or speaker can see if the group is losing attention. This function replaces the audience view during analog seminars and helps the speaker manage the event. This average figure also helps us to continuously work on event content. The attentiveness of indivdual participants is not evaluated.

3.7 Data processing during webinar recording
Online events held via GoToWebinar software are always recorded. If you have joined an event via video or microphone and we use this recording for downloading for third parties or similar purposes, we will obtain your consent to do so. You can always see if a recording is taking place – this is indicated by the red recording button in GoToWebinar window. A note related to this: LogMeIn Inc., the provider of GoToWebinar has itself activated Google Analytics on its company website. We have neither influence nor access to data processing carried out by LogMeIn Inc. We would nevertheless like to draw your attention to this data processing, and you can find out more information about the use of Google Analytics by LogMeIn Inc. here (https://www.logmeininc.com/de/legal/privacy/us#analytics). You can also set your browser to reject cookies before clicking on the registration or participation link.

10.4. Legal basis of data processing
Within the context of personal data processing when GoToWebinar is used, Art. 6 para. 1 (a) GDPR is the legal basis for data processing.

10.5. Recipients of data and transfer to third countries (other EU countries)
The recipient of your data within the context mentioned above is the software provider LogMeIn Inc., which provides GoToWebinar and GoToMeeting software. This company processes the data on our behalf. Accordingly, an order processing agreement has been concluded with LogMeIn Inc. in accordance with Art. 28 GDPR. The provider is based in a third country (USA). As a result, they had to guarantee us compliance with an adequate level of protection pursuant to Art. 44 and following articles of the GDPR. This adequate level of protection is guaranteed by the use of EU standard contractual clauses in the context of the order processing contract. In addition, other participants of the webinar can see and hear you and your contributions and are therefore recipients of your data. Please also keep in mind that content from webinars, as well as face-to-face meetings, is often used to communicate information with customers, interested parties, or third parties and that there is a possibility that other participants may communicate your contributions to third parties. Personal data will not be passed on to third parties beyond the scope described here without express consent.

Data will only be transmitted to state institutions and authorities entitled to receive information under the legal obligation to provide information, or if we are obliged to provide information as the result of a court decision.

10.6. Duration of processing and deletion of data
All data relating to the webinar will be deleted no later than 6 months after the event takes place, unless legal obligations to retain the data exist.

11. Product improvement
We calculate usage data when MAGIX products are used in order to align the further development of the software with the functions actually used; in doing so, we do not transmit any personal data. The data help us provide more tailored and efficient services to you and are therefore beneficial to all parties. However, you still have the right to object to our processing of your personal data on this basis. We use Google Analytics to collect usage data. Google Analytics, Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Privacy link: https://policies.google.com/privacy/. Google Analytics is an analysis service of Google LLC, which allows us to continuously analyze and statistically evaluate the use of the software. The information collected is generally transferred to a Google server in the USA and stored there. We use the "anonymizeIP" function' (IP masking). Due to IP anonymization, Google will truncate your IP address within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will your full IP address be transferred to a Google server in the United States before being truncated. Within the scope of Google Analytics, Google will not amalgamate your IP address with any other data held by Google. You can object to this processing int he program settings by deactivating the option "Send analysis data to MAGIX". When software is used, we reserve the right to display information about new product versions. If you do not want to see this information, activate the option "Don't show again" when the information appears. If you have installed the MAGIX Update Notifier, you can object to the display of product information by starting Update Notifier and deactivating the corresponding product groups in the "Info channels" area, or uninstall the program in Windows under Apps & Features.

Part 4 - Definitions

The MAGIX Software GmbH Privacy Policy is based on terms used by the European directive and regulation provider at the point when the General Data Protection Regulation (GDPR) was issued. Our Privacy Policy is intended to be easy to read and understandable for the public as well as for our customers and business partners. Therefore, we would like to explain in advance the terms used.

In this privacy statement, we use the following terms amongst others:

  • "personal data": Personal data is all the information which refers to an identified or identifiable natural person. A natural person is identifiable when they can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
  • "data subject": A data subject is any identified or identifiable natural person whose personal data is processed by us.
  • "processing": Processing is any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data. These include, but are not limited to, the collection, arrangement, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, comparison or linking, restriction, deletion or destruction of personal data.
  • "profiling": Profiling is any kind of automatic processing of personal data that involves using this personal data to assess certain personal aspects that refer to a natural person, especially in order to analyze or predict aspects related to work performance, economic condition, health, personal tastes, interests, reliability, behavior, place of residence or relocation of this natural person. As a responsible company, we refrain from using any sort of profiling.
  • "pseudonymization": Pseudonymization refers to the processing of personal data in a way in which it can no longer be assigned to the specific data subject without the use of additional information.
  • "responsible party": The responsible party is a natural or legal person, authority, institution or other body that alone or together with others decides on the purposes and means of personal data processing.
  • "contract processor": A contract processor is a natural or legal person, authority, institution or other body that processes the personal data on behalf of the responsible party.
  • "receiver": A receiver is a natural or legal person, authority, institution or other body that discloses personal data, regardless of whether this is relating to a third party or not. However, authorities which may receive personal data under Union law or the law of the Member States within the framework of a particular investigation mandate are not considered as recipients.
  • "third party": A third party is a a natural or legal person, authority, institution or other body other than the data subject, the responsible party, the data processor and persons authorized to process the personal data under the direct responsibility of the person responsible or the data processor.