Data Privacy Notice / Imprint

Welcome to our website agilox.net

The protection of your privacy is of utmost importance to us, including your visits to our websites and any communication conducted via telephone, email, or contact form. This Privacy Notice provides you with all essential information regarding our data processing activities related to our websites and the use of the aforementioned communication channels.

We are committed to protecting the data of visitors to our websites and our customers. Data shall be disclosed to third parties solely to the extent and under the conditions set forth in this declaration.

We reserve the right to amend the information provided in this Privacy Notice. In the future, the most current version published here shall apply respectively.

Contents

1 Our Websites

2 General Information

2.1 Legal Basis

2.2 Controller

2.3 Collecting and Processing Personal Data, Retention Period and Data Recipient

2.4 Rights of Data Subjects

2.5 Consent and Right of revocation

2.6 Data Security

3 Visiting our Website

3.1 General Information

3.2 Marketing- and Personalization Tools

3.3 Third party Providers / Functional Add-ons (Plugins)

3.4 Cookies

4 Interaction with us

4.1 Newsletter

4.2 Contact

5 Social Media

5.1 Controller

5.2 Processing Your Personal Data

5.3 Processing Your Personal Data by Social Media Platform Operators

5.4 Exercising Your Rights

6 Privacy Policy Applications

Consent to Cookies

Imprint

1 Our Websites

This Data Privacy Notice applies to the following websites of AGILOX Services GmbH:

agilox.net

my.agilox.net

help.agilox.net

2 General Information

2.1 Legal Basis

The EU General Data Protection Regulation (GDPR) protects the fundamental rights and liberties of natural persons, in particular their right to the protection of personal data. Personal data shall be understood as any information relating to an identified or identifiable natural person.

Personal data shall be processed exclusively for the purposes specified hereinafter and pursuant to the applicable provisions of the GDPR.

Personal data are processed when contact is made via the contact form, by email, or by telephone, as well as through oral communication of offers or requests for return calls, for the purpose of handling your inquiry and establishing contact with you. Such processing is carried out either for the performance of pre-contractual or contractual obligations pursuant to Art. 6(1)(b) GDPR, on the basis of our legitimate interest in effective communication with users pursuant to Art. 6(1)(f) GDPR, or with your consent pursuant to Art. 6(1)(a) GDPR, when you use the contact form.

When visiting our website, certain technical data, such as IP address, browser type, operating system, and the date and time of access, are automatically processed. This processing is necessary to ensure that the website is safe, stable, and user-friendly. The legal basis for this processing is our legitimate interest in ensuring the technical functionality and security of our website, pursuant to Art. 6(1)(f) GDPR.

If you provide consent, we employ cookies and similar technologies for marketing and analytical purposes. This enables us to analyze website usage, improve our content, and present it in a targeted manner. Processing is conducted on the basis of your consent in accordance with Art. 6(1)(a) GDPR. Consent can be revoked or adapted at any time via our cookie banner.

If you subscribe to our newsletter, we will use your email address to regularly send you information regarding our company, current offers, or other content we consider relevant. This occurs exclusively with your express consent pursuant to Article 6(1)(a) GDPR. You can unsubscribe from the newsletter at any time. An unsubscribe link is provided at the end of each mailing. Following your unsubscription, your email address will be removed from our distribution list.

2.2 Controller

The controller within the meaning of Article 4(7) of the GDPR is AGILOX Services GmbH, Gewerbepark 3, A-4671 Neukirchen bei Lambach (Austria).

2.3 Collection and Processing of Personal Data, Retention Period, and Recipients of the Data

Personal data is gathered when you supply it to us voluntarily, such as during registration (e.g., for newsletters) or when contacting us via our contact form, or by agreeing to the use of cookies and comparable technologies. Your personal data shall be disclosed to third parties solely as outlined in this privacy notice.

Pursuant to the relevant provisions on personal data protection, all personal data shall be gathered, processed, and used primarily to fulfill the services you have commissioned and to respond to your requests.

Your personal data shall be processed exclusively by employees who are assigned to the respective task and are bound by confidentiality obligations. Access shall be granted only to the extent necessary and in accordance with applicable data protection regulations.

Your data shall be stored in personal form only as long as necessary for the purposes for which they are processed, unless otherwise specified in this privacy notice.

When you accept cookies, including analytics and marketing cookies, the resulting data will be processed by the third-party providers mentioned below. These providers may, for example, be headquartered in the United States. Some of these US-based third-party providers are certified under the EU–US Data Privacy Framework. The European Commission has issued an adequacy decision for these companies. This confirms that an adequate level of data protection is ensured (Article 45 GDPR). The transfer of personal data to the United States is therefore conducted on this basis. The list of certified companies can be accessed here: https://www.dataprivacyframework.gov.

For third-party providers not certified under the EU–US Data Privacy Framework, we enter into the Standard Contractual Clauses published by the European Commission with these companies. Nevertheless, in such cases, the transfer occurs only with your explicit consent pursuant to Article 6(1)(a) in conjunction with Article 49(1)(a) GDPR, which you provide by accepting the loading of cookies, including analytics and marketing cookies.

2.4 Rights of the Data Subject

You have the following rights:

• Right of access to stored personal data concerning you (Art. 15 GDPR)
• Right to obtain the rectification of inaccurate personal data concerning you and, if applicable, to have incomplete personal data completed (Art. 16 GDPR)
• Right to erasure, in as far as one of the grounds stipulated in Art. 17 GDPR applies
• Right to restriction of processing, in as far as one of the grounds stipulated in Art. 18 GDPR applies
• Right to data portability, as per Art. 20 GDPR
• Right to lodge a complaint with a supervisory authority, as per Art. 77 GDPR

You may also exercise your right to object for reasons arising from your particular situation (Article 21(1) GDPR).

2.5 Consent and Right of Withdrawal

Should your consent be required for the processing or use of your data, we shall process or use your data only after obtaining your explicit consent. By providing your consent, you confirm that you have reached the age of 18. You may withdraw your consent at any time. Withdrawal of consent will result in us ceasing to process your data for the purposes mentioned above from that point forward. If you wish to withdraw your consent, please direct your request to privacy@agilox.net

2.6 No Obligation to provide data

The provision of personal data is fundamentally voluntary and is neither required by law nor by contract. If you do not provide certain information, we may be unable to offer our services to you, or may do so only in a limited manner. This particularly applies to contacting us or subscribing to the newsletter.

 2.7 Is a so-called profiling done?

We herewith point out that, in the context of certain analytics and marketing services (e.g., Facebook Pixel, Google Ads, LinkedIn Insight Tag), usage data is evaluated to analyze interests and display personalized advertising on third-party platforms; this may be considered automated decision-making (including “profiling”) under Art. 22 GDPR.

This processing occurs exclusively with your express consent pursuant to Article 6(1)(a) GDPR. You may withdraw your consent at any time via the cookie banner on our website.

The automated decision-making has no legal or comparable significant impact on you and serves solely marketing purposes.

2.8 Data Security

Technical and organizational measures, compliant with the state of the art, are implemented to protect your personal data from loss, unauthorized access, and misuse.

Emails and newsletters are sent in an encrypted form. This prevents misuse of data by third-party access, ensuring that the communication between you and our web server remains protected. We employ TLS (Transport Layer Security) for the encryption. If your email service provider does not support TLS encryption, the email will be transmitted to you unencrypted.

3 Visiting our Website

3.1 General

Each access to our website, or any retrieval or attempted retrieval of a file from the server, is logged in a logfile and stored for 30 days. The following data in particular is recorded for each access:

• IP address (anonymized)
• Name of the retrieved file
• Date and time of access
• Amount of data transferred
• Message indicating successful retrieval
• Message in case the retrieval failed, including the reason for the error
• Name of your Internet service provider
• Operating system and browser software of your device
• The website from which you are visiting us.

The data mentioned in the overview are processed based on our legitimate interests pursuant to Art. 6(1)(f) GDPR for the provision of the website, to ensure system stability, and to maintain data and operational security. The collected data is also included in assessments for performance evaluations. With your consent pursuant to Art. 6(1)(a) GDPR, we also use the analysis, marketing and retargeting tools, plugins, and cookies described under “Analysis Tools” and “Marketing and Retargeting Tools.” These (technically non-essential) technologies are only activated after you provide explicit cookie consent by clicking “Save Selection” or “Accept all”. Consent-requiring technologies will not be employed if you only agree to the “necessary cookies” by clicking “Save” during your website visit. Should you wish to revoke your previously given consent, you can adjust your cookie settings under the “Cookie Consent” section.

3.2 Marketing and Personalization Tools

 3.2.1 Analytics Tools

To analyze the behavior of visitors on our website, data is collected and evaluated using analytics tools. Analytics tools, also known as tracking tools, analyze the origin of users and the areas of our website they access. Analytics tools are employed to improve the website for visitors and to continuously optimize it.

Google

Our websites utilize several services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The Google services are used on the basis of your consent in accordance with Art. 6(1)(a) GDPR. Please note that the use of Google services may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Google LLC is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection. You may withdraw your consent at any time.

General information on data protection at Google can be found at https://policies.google.com/privacy?hl=de-de

Google Analytics

On our websites, we use Google’s web analytics service, Google Analytics. Google Analytics uses cookies that are stored on your computer to enable an analysis of website usage. The information generated by the cookie about website usage is usually transmitted to a Google server in the USA and stored there. We use Google Analytics only with active IP anonymization. This means that Google truncates the IP address of users within the EU or other countries of the European Economic Area, and only then transmits it to the United States. Only in exceptional cases is the IP address transmitted to a Google server in the USA and anonymized there.

Google will use this information on our behalf to evaluate your website usage, compile reports on website activities, and provide other services related to website and internet usage to website operators.

You can prevent the collection of data generated by the cookie regarding your use of the online service, as well as its processing by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

Further information on terms of use and privacy is available at https://marketingplatform.google.com/about/analytics/terms/us/ or under https://policies.google.com/?hl=en

Google Signals

We also use Google Signals in Google Analytics, which updates existing Google Analytics features such as advertising reports, remarketing, cross-device reports, and reports on interests and demographics, allowing us to receive aggregated and anonymized data about you if you have agreed to personalized ads in your Google account.

Google Signals uses so-called cross-device tracking to generate analytics. When Google Signals is active, data is captured and associated with your Google account. Through activation of Google Signals, cross-device remarketing campaigns can be initiated.

In Google Analytics, Google Signals collects additional visitor data such as location, search history, YouTube history, and website activity.

Google Optimize

We use Google Optimize on our website, which is a website optimization tool. More information about the use of Google Optimize and data processing is available at: https://policies.google.com/privacy?hl=en

Survicate

In the protected area of our website my.agilox.net (login required), we occasionally provide surveys to users to collect feedback on their use of our services. For the technical implementation of these surveys, we use the service provider Survicate (based in Poland, EU) as a data processor as per Art. 28 GDPR. Your email address is also transmitted to Survicate in this context. For feedback analysis, Survicate also uses the subcontractor Savio Technology Inc., based in Canada, which, according to Survicate’s Privacy Policy 5.3, is responsible for processing feature requests, user feedback, and prioritization data. Based on the European Commission’s adequacy decision (Dec 20, 2001, 2002/2/EC), Canada is recognized by the EU as providing sufficient data protection as per Art. 45 GDPR. Therefore, the transfer of personal data to Savio Technology Inc. is carried out on this basis.

More information about data processing by Survicate can be found in their privacy policy at: https://assets.survicate.com/docs/Privacy%20Policy%205.3.pdf?_gl=1*xuoeko*_ga*MTkxMjEyNDE0My4xNzQ0OTgxNDcx*_ga_Z8KP425DS5*MTc0NTMwMzk1NS4zLjEuMTc0NTMwNTEzNS4wLjAuMjAxODE0NjEwMQ...

Your email address is processed solely for participation tracking and feedback analysis. No further processing takes place. The data processing is performed on the basis of Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in the continuous improvement of our services and the user experience. Your data will be erased as soon as it is no longer required for the evaluation of the respective survey.

You are entitled to lodge an objection at any time against this processing of your personal data (Art. 21 GDPR).

Sentry

In the protected area of our AGILOX World (login required), we use the analytics service “Sentry.io” provided by Functional Software, Inc., based in California, USA, as a data processor in accordance with Art. 28 GDPR. This service is used to log and monitor errors in the various AGILOX World apps and to ensure the technical functionality and performance of the website.
Error log data are transmitted to the processor. These data include metadata such as the user agent (which provides information about your operating system and browser), your screen resolution, the time of access/use, and the IP address necessary for transmission.
The personal data are anonymized by the processor immediately after transmission and before any analysis. The processor, Functional Software, Inc., is certified under the EU–U.S. Data Privacy Framework, making such data transfers permissible.
We process the logged data based on AGILOX’s legitimate interest pursuant to Art. 6(1)(f) GDPR. These data are not combined with other data sources.

Laravel Nightwatch

In the protected area of our AGILOX World (login required), we use the analytics service “Laravel Nightwatch” provided by Laravel Holdings Inc., based in New York, USA, as a data processor in accordance with Art. 28 GDPR, to monitor the stability, performance, and availability of our web applications.
This service analyzes incoming HTTP requests to our backend to detect and fix technical errors, latency issues, and outages at an early stage.
During this monitoring, technical access data such as the following are processed:

• Requested URLs and response times
• HTTP status codes and error messages
• Request timestamps
• IP address of the requesting device (in shortened or pseudonymized form)

These data are used solely to ensure technical operations, troubleshoot errors, and improve system stability. They are not combined with any other personal information.
Laravel Nightwatch processes and stores all collected data exclusively within the European Union (EU) and fully complies with the General Data Protection Regulation (GDPR).
Further information can be found in Laravel Nightwatch’s compliance documentation: https://nightwatch.laravel.com/docs/resources/compliance
The legal basis for processing is our legitimate interest in maintaining the functionality, security, and reliability of our systems under Art. 6(1)(f) GDPR.

Single Sign-On (SSO) via Microsoft Entra ID

For user authentication and account management, we use Microsoft Entra ID (formerly Azure Active Directory), a service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, as a data processor in accordance with Art. 28 GDPR.
Entra ID enables our employees, customers, and business partners to securely access our internal systems and platforms via Single Sign-On (SSO).
Personal data processed include username, email address, organizational affiliation, and authentication and log data.
Processing is based either on Art. 6(1)(b) GDPR (performance of a contract, if access is provided to business partners) or Art. 6(1)(f) GDPR (legitimate interest in secure and efficient user management).
Microsoft may transfer data to third countries (particularly the USA) as part of its service provision. Such transfers are based on Microsoft’s EU–U.S. Data Privacy Framework certification.
More information on Microsoft’s data processing practices can be found here:
https://privacy.microsoft.com/de-de/privacystatement

3.2.2 Marketing and retargeting tools

By means of so-called marketing tools, we analyze and optimize our website based on the user behavior in order to improve the customer experience.

Retargeting, also referred to as remarketing, describes personalized targeting strategies, i.e., advertising that is tailored to the visitor. Users are identified upon visiting our website through the confirmation of cookies. Thereafter, such visitors may be targeted with advertisements from the respective advertising program when accessing other websites.

Furthermore, we implement pixels from various platforms on our website, which are listed below. A pixel is defined as a graphic that, after consent for the placement of all cookies on agilox.net has been granted, is loaded when a website is accessed and records the activities during the website visit.

Google

On our website, we use several services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The Google services are used on the basis of your consent in accordance with Art. 6(1)(a) GDPR. Please note that the use of Google services may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Google LLC is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection. You may withdraw your consent at any time.

General information on data protection at Google can be found at the following link: https://policies.google.com/privacy?hl=en-us

Google Ads

We use the Google Ads service on our website. Google Ads uses cookies for the purpose of displaying online advertisements to visitors at a later time through remarketing campaigns within the Google advertising network. For the publication of remarketing advertisements, the third-party provider uses Google cookies, based on a visit to this website. As a user, you have the option to withdraw your consent to Google’s use of these cookies: https://adssettings.google.com/authenticated?hl=en

Facebook

Several pixels of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (“Facebook”) are used on our website. The pixels are used on the basis of your consent in accordance with Art. 6(1)(a) GDPR. Please note that the use of these pixels may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Meta Platforms, Inc. is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection. You may withdraw your consent at any time. General information on data protection at Facebook can be found at https://www.facebook.com/privacy/center/

Meta Pixel (previously Facebook Pixel)

We use the Meta Pixel on our website. This service enables us to track user behavior after they have been redirected to our website by clicking on a Facebook advertisement. This allows us to evaluate the effectiveness of Facebook advertisements and to optimize future advertising measures on the basis of the analysis. For us, the data obtained remains anonymized and does not allow any conclusions to be drawn regarding the identity of the user. However, the data are stored and processed by Facebook, making it possible to link them to the respective user profile, and Facebook may use the data for advertising purposes in accordance with the Facebook Data Use Policy (https://www.facebook.com/privacy/center/). You can enable Facebook and its partners to display advertisements on and outside of Facebook. For this purpose, a cookie may also be stored on your computer. You can control the use of cookies by Facebook at https://www.facebook.com/policies/cookies/

Microsoft

On our website, we utilize several services provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). The Microsoft services are used on the basis of your consent in accordance with Art. 6(1)(a) GDPR. Please note that the use of Microsoft services may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Microsoft is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection. You may withdraw your consent at any time.

Microsoft Ads Universal Event Tracking (UET)

On our websites, we use Microsoft Ads Universal Event Tracking, a service provided by Microsoft Corporation. Microsoft stores cookies on users’ devices to allow analysis of their use of our online services, provided that users have accessed our online services via a Microsoft Ads advertisement. This allows us to identify that someone clicked on an ad, was directed to our online services, and arrived at a designated target page. We obtain solely the aggregate number of users who clicked on an ad and were forwarded to the target page. No IP addresses are stored. No personal information regarding the identity of users is communicated to us.

If users do not wish to participate in Microsoft Ads tracking, they may disable the necessary cookie via their browser settings or use Microsoft’s opt-out page: http://choice.microsoft.com/en-US/opt-out. Further information on data protection and the cookies used by Microsoft Ads can be found in Microsoft’s Privacy Statement (https://privacy.microsoft.com/en-US/privacystatement).

Microsoft Clarity

To analyze the use of our website, we employ the “Microsoft Clarity” service provided by Microsoft Corporation. With Clarity, we can record mouse movements, click behavior, and scroll depth, thereby generating session replays and heatmaps. Personal data is transmitted to the separate data controller Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Irland.

You can contact the Data Protection Officer of Microsoft Ireland Operations Ltd. via email at the following link https://www.microsoft.com/en-US/concern/privacy. You can access the Privacy Policy of Microsoft Ireland Operations Ltd. at: https://privacy.microsoft.com/en-US/privacystatement.

HubSpot

On our website, the HubSpot service (“HubSpot”) is used for marketing purposes. HubSpot is a software company based in the United States with a branch in Ireland:

HubSpot Ireland Limited
1 Sir John Rogerson’s Quay
Dublin 2, Ireland

HubSpot provides an integrated software solution for our own marketing, lead generation, and customer service purposes. This includes email marketing for sending newsletters and automated mailings, as well as reporting, contact management such as user segmentation and CRM, landing pages, and contact forms.

HubSpot uses cookies that are stored locally in the browser cache on your device and employed to analyze your use of the website. The following information is collected by HubSpot and evaluated on our behalf to allow analysis of your visit and the pages you accessed:

• • IP address (anonymized)
  • Geographical location
  • Browser type
  • Duration of visit
  • Pages accessed

The information collected by HubSpot, along with the content of our website, is stored on servers of HubSpot service providers. Subject to your consent in accordance with Art. 6(1)(a) GDPR, data processing is conducted on this website for website analytics purposes.

We would like to point out that your data may also be transferred to the United States, as the headquarters of HubSpot Inc. is located at 25 First ST 2nd Floor Cambridge, MA, USA. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). HubSpot, Inc. is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection. .

Further information on data processing can be found here: https://legal.hubspot.com/de/dpa

The data will be deleted as soon as it is no longer needed for the purpose for which it was collected.

You can permanently opt out of HubSpot data collection and cookie placement by preventing cookie storage via your browser settings. You may object to the processing of your personal data at any time with effect for the future.

LinkedIn

On our websites, we use several pixels of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland (“LinkedIn”). The LinkedIn pixels are used on the basis of your consent in accordance with Art. 6(1)(a) GDPR. Please note that the use of LinkedIn pixels may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). LinkedIn Corporation is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection. You may withdraw your consent at any time. General information on data protection at LinkedIn can be found at https://linkedin.com/legal/privacy-policy.

LinkedIn Insight Tag

On our websites, we use the LinkedIn Insight Tag. This service enables us to track user behavior after they have been redirected to our website by clicking on a LinkedIn advertisement. This allows us to evaluate the effectiveness of LinkedIn advertisements and to optimize future advertising measures on the basis of the analysis. The LinkedIn Insight Tag enables the collection of data, including URL, referrer URL, IP address, device and browser characteristics (User Agent), and timestamps. The IP addresses are truncated or hashed. LinkedIn removes the direct identifiers of members within seven days to pseudonymize the data. This remaining pseudonymized data is deleted within 180 days.

LinkedIn does not share personal data with us but provides reports and notifications (in which users are not identified) regarding website audiences and ad performance. LinkedIn also provides retargeting for website visitors, allowing us to display targeted advertising outside our site without identifying the member. LinkedIn also utilizes non-identifying data to improve ad relevance and reach members across multiple devices. LinkedIn members can control the use of their personal data for advertising purposes in their account settings (https://www.linkedin.com/psettings/advertising). Further information on LinkedIn’s data protection practices is available at https://linkedin.com/legal/privacy-policy.

LinkedIn Jobs Conversion Tracking

Our website also employs LinkedIn Job Conversion Tracking. This service allows us to track when a user has viewed a job posting on LinkedIn, clicked the Apply button, and subsequently submitted an application on our career website. Metadata such as IP address, timestamp, and events (e.g., page views) are collected in this process. All data are encrypted. The cookie remains stored in the user’s browser until manually deleted or until it expires (six months from the last loading of the pixel by the user’s browser). Further information regarding LinkedIn cookies is available at https://de.linkedin.com/legal/cookie-policy .

3.3 Third-Party Providers / Functional Extensions (Plugins)

Within our website, we use third-party content or service providers based on our legitimate interests, such as analyzing and optimizing our online services, pursuant to Article 6(1)(f) GDPR, in order to integrate content and services (e.g., videos) on our website. Plugins, which may include content elements from third-party providers, are implemented to expand our website’s functionality and content. In this process, as with any website visit, the transmission of your (anonymized) IP address to the respective provider is necessary for technical reasons. This transmission is carried out directly by your browser; no data processing by AGILOX Services GmbH occurs in this context.

Plugins WordPress

Gravity Forms

Our website uses the Gravity Forms plugin of developer Rocket Genius, Inc., 1620 Centerville Turnpike, Suite 102, Viriginia Beach VA 23464-6500, United States.

As a result of the use of the form, the data you enter is transmitted to our website server and sent to us via email. You provide your consent for processing your request and transmitting your personal data by selecting the checkbox beneath the form prior to submitting the content. The legal basis is Article 6(1)(a) GDPR.

Further information regarding data protection can be found at: https://www.gravityforms.com/privacy/

Google Maps

Our website uses the Google Maps API service (“Google Maps”). Our website uses Google Maps to display map information. When Google Maps is used, Google also processes and utilizes data regarding the use of Maps functions. The integration of this service results in the transfer to Google of at least following information: IP address, visit time, visitor’s display resolution, website URL (referrer), browser ID (user-agent), and search terms. The data transfer occurs regardless of whether you have a Google account through which you are logged in or whether no account exists for you. If you are logged in, this data is directly associated with your account. If you do not wish for the data to be linked to your profile, you must log out and delete any cookies prior to activating the button. Google stores such information in the form of usage profiles and employs it for advertising, market research, and/or optimizing its website according to user demand. You have the right to object to the creation of such user profiles. To exercise this right you must contact Google directly.

Please note that the use of Google Maps may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Google LLC is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection.

YouTube Videos

We have embedded YouTube videos on our website, these videos are hosted on “www.youtube.com” and can be played directly from our website. These are embedded using the so-called “enhanced privacy mode” (see https://support.google.com/youtube/answer/171780?hl=en). When the plugin is activated, YouTube cookies can be saved on your device and at minimum, the following information is sent to Google as YouTube operator: IP address, cookie ID, the exact URL of the page you visited, browser language, system date and time of the visit, and browser ID. The data transfer occurs regardless of whether you have a Google account through which you are logged in or whether no account exists for you. If you are logged in, this data is directly associated with your account. YouTube, or rather Google, stores such information in the form of usage profiles and employs it for advertising, market research, and/or optimizing its website according to user demand. This evaluation is carried out (even for users not logged in) with the express purpose of delivering personalized ads and notifying other users about your actions on our site. You have the right to object to the creation of such user profiles. To exercise this right you must contact Google as operator of YouTube directly.

If you do not want YouTube to associate your visit to our pages, you can prevent this by logging out of your YouTube account and deleting cookies.

Please note that using YouTube may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Google LLC is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection.

More information about the handling of user data can be found in the privacy policy of YouTube: https://www.google.de/intl/en/policies/privacy

Mailchimp

We use services from Mailchimp of The Rocket Science Group, LLC 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA (“Mailchimp”) on our website to send newsletters. The provider enables us to communicate directly with our subscribers. Additionally, user behavior is analyzed so that we can continually optimize our offering.

The following data are processed for the use of Mailchimp:

• E-mail address
• First name
• Last name

Mailchimp receives your personal data and serves as a processor on our behalf for sending newsletters. Your data will only be processed after your explicit consent according to Art. 6(1)(a) GDPR and the transfer of your personal data. Please note that using Mailchimp may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). The Rocket Science Group, LLC is certified under Intuit in acc. with the Data Privacy Framework, which guarantees an appropriate level of data protection. You may withdraw your consent at any time.

Details regarding data processing by Mailchimp can be found here: https://mailchimp.com/en/legal/data-processing-addendum/

The provider’s privacy policy can be found here: https://www.intuit.com/privacy/statement/

Vimeo

We use the service of Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA (“Vimeo”). Using a code snippet on our website, we can provide you with videos on the website as well as on our social media channels.

Using Vimeo may involve the collection of certain user data to analyze usage behavior and improve services. If you visit a page on our website that contains an embedded Vimeo video, your browser will connect to Vimeo’s servers. The transmitted data is collected, stored, and processed on Vimeo’s servers. This includes IP address, browser information, operating system, and basic device details. Information about the website on which you access Vimeo is also saved. For analysis, metrics such as session duration, bounce rate, and button clicks are tracked, stored using cookies and similar technologies.

Please note that using Vimeo may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Vimeo.com, Inc. is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection. You may withdraw your consent at any time.

Further information about Vimeo’s privacy protection can be found here: https://vimeo.com/privacy

Wistia

We use the service of Wistia, Inc., 17 Tudor Street, Cambridge, MA 02139, USA (“Wistia”), for our website. On our website, videos are integrated using the Wistia player. Playing the videos establishes a connection to Wistia’s servers. The following data is collected in this process:

• Anonymized IP address, including the provider
• Access time of the videos you viewed
• Details on the video sections
• URL of the video
• Type of end-user device
• Operating system and browser used.

If you have a personal Wistia account and are logged in on your device, Wistia can associate the collected information with your account. You can prevent this association by logging out of your account before visiting our website. Wistia is used to enhance the visual appeal of our website. This constitutes a legitimate interest under Art. 6(1)(f) GDPR.

Please note that using Wistia may involve the transfer of personal data to the United States. For the United States, an adequacy decision has been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Wistia Inc. is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection. To ensure data protection levels in the EU pursuant to Art. 46(2)(c) GDPR, Wistia relies on so-called Standard Contractual Clauses when processing data with recipients in third countries or transferring data to them. These Standard Contractual Clauses are templates provided by the EU Commission to ensure that data complies with European data protection standards when transferred to and processed in third countries. More information about handling personal data can be found at Wistia: https://wistia.com/privacy

Pipedrive

We use the service of Pipedrive OÜ, Mustamäe tee 3a, Tallinn, 10615, Estonia (“Pipedrive”) as CRM (Customer Relationship Management Tool). Any inquiry you send through our site’s contact form is forwarded to Pipedrive and stored on their servers. The use of Pipedrive as a CRM is justified by our legitimate interests according to Art. 6(1)(f) GDPR (user request processing, existing client management, and new business acquisition). For this purpose, a contract with standard contractual clauses has been concluded with Pipedrive, stipulating that user data is processed only according to our instructions and in compliance with EU data protection standards. For the United States, an adequacy decision has also been issued by the European Commission pursuant to Art. 45 GDPR (EU-U.S. Data Privacy Framework). Pipedrive Inc. is certified under the Data Privacy Framework, guaranteeing an appropriate level of privacy protection.

The privacy policy of Pipedrive can be found here: https://www.pipedrive.com/en/privacy

3.4 Cookies

We use cookies to provide you with the best possible experience. They also allow us to analyze user behavior to continually improve the website for you. Cookies are small text files placed on your computer and stored by your browser. Most of the cookies we use are so-called “session cookies.” They are automatically deleted at the end of your visit. Other cookies remain on your device until you delete them. These cookies allow us to recognize your browser on your next visit. You can configure your browser to notify you when cookies are set, allow them on a case-by-case basis, block cookies for certain cases or entirely, and enable automatic deletion of cookies when the browser closes. Disabling cookies may limit the functionality of this website.

To see what cookies your browser has stored or to modify/delete them, use your browser’s settings:

• Chrome: Delete, allow and manage cookies in Chrome
• Safari: Manage cookies and website data with Safari
• Firefox: Deleting cookies to remove data that websites placed on your computer
• Microsoft Edge: Delete and manage cookies

Essential cookies

The technically essential cookies enable basic functions and are required for the proper functioning of the website.

Statistics cookies

Statistics cookies collect information anonymously. This information helps us understand how our visitors use our website.

Marketing cookies

We use marketing cookies to link visitors to customer management. This is done by monitoring visitor activity across sites and the content they interact with.

Real Cookie Banner

We use the “Real Cookie Banner” consent tool to manage the cookies and similar technologies used (tracking pixels, etc.) and to give consent in this regard. Details on how “Real Cookie Banner” works can be found at https://devowl.io/knowledge-base/real-cookie-banner-data-processing/.
The legal basis for the processing of personal data in this context is Art. 6 Abs. 1 lit. c GDPR  and Art. 6 Abs. 1 lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the relevant consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, you cannot manage your consents.

Change privacy settings | Privacy settings history | Revoke consents

4 Interaction with us

4.1 Newsletter

We regularly inform you about our products and developments via email. For this purpose, you can subscribe to our newsletter. If you subscribe, you will receive information from us about the company, our products, developments, and product launches. We use your email address to send the newsletter and analyze its usage to better tailor it to our customers’ interests. The subscription follows a double opt-in procedure. After registering, you will receive an email requesting confirmation of your subscription.

Data processing in connection with our newsletter is carried out based on Art. 6(1)(a) GDPR. You can revoke your consent to receive a newsletter at any time by clicking the unsubscribe link at the end of the newsletter. After unsubscribing, it may take a few hours for the cancellation to take effect due to technical reasons. In exceptional cases, you may still receive a newsletter in the meantime, as the unsubscription is not immediately processed.

We use the Mailchimp program to send the newsletter. Details can be found under the Mailchimp section.

4.2 Contact

You can contact us by phone +43 7245 93083 0, e-mail (office@agilox.net), our contact form or via our social media channels.

For phone inquiries, your personal data is collected if it is necessary for processing your request.

By contacting us, you give your consent to the processing of the data you provide (Art. 6(1)(a) GDPR). In addition, the processing of your personal data is based on our legitimate interest in effective communication with users (Art. 6(1)(f) GDPR).

If you have any questions, please contact us at the following email address: privacy@agilox.net

5 Social Media

Thank you for visiting our social media channels. We are committed to protecting your personal data. Below we would like to inform you about the handling of your data on our social media pages in accordance with Art. 13 GDPR.

On the platforms where our pages are hosted, the respective platform operator alone is responsible for personal data processing.

5.1 Controller

For the data collection and processing listed below, responsibility lies partly with us and partly with the respective social media platform operators (“platforms”). For certain processing activities, we and the platform operators are jointly responsible (Art. 26 GDPR).

5.2 Processing of Your Personal Data

When you visit one of our social media channels, we, as the page operator, process your actions and interactions with our channels, such as messages, inquiries, posts, comments, or shares, as well as your publicly visible profile data, such as your name and profile picture. The publicly visible profile data depends on the privacy settings you have configured on the social media platform. We operate our social media channels and process the aforementioned data to provide information about us and our products and to communicate with our followers and interested parties. Data processing is done based on our legitimate interests mentioned above (Art. 6(1)(f) GDPR) and, where applicable, to respond to the messages, inquiries, posts, or comments you send us (Art. 6(1)(b) GDPR). We review comments and other interactions on our social media pages to check whether they violate applicable law or community guidelines; if they do, we may delete such content. If such comments or content occur repeatedly, we may process the associated usernames internally for coordination purposes. This processing is based on our legitimate interest (Art. 6(1)(f) GDPR) to maintain a professional online presence and comply with legal requirements.

Social media platforms provide us with anonymous usage statistics, known as page insights, based on our followers’ actions and interactions (e.g., likes, shares, comments, follower counts, page views, post reach, and statistics on followers by age, language, location, or interests). These insights help us engage with followers, understand the reach and use of our posts, evaluate content, recognize preferences, and optimize our social media pages for the target audience. We have no influence or access to the generation and processing of these usage statistics; this is done independently by the social media platform operator without our access to personal data of followers or users. This data processing is based on our previously stated legitimate interests (Art. 6(1)(f) GDPR).

Your personal data is processed only as long as necessary for the purposes described above. If you object to the processing based on our legitimate interests (Art. 6(1)(f) GDPR), we delete the personal data unless its further processing is permitted by law. Data will also be deleted if we are required to do so for other legal reasons. In accordance with these general principles, we usually delete personal data immediately after the legal basis ceases to exist, if the data is no longer required for the stated purposes or the purposes no longer apply, and if no other legal basis (e.g., commercial or tax retention periods) exists; otherwise, data is deleted after the other legal basis ceases to exist.

5.3 Processing of Your Personal Data by the Operator of the Respective Social Media Platform

On the platforms where our social media pages are hosted, the respective platform operator alone is responsible for personal data processing. It typically processes your personal data when you visit one of our social media pages, regardless of whether you have an account at the respective social media platform or are logged in, and usually uses cookies and other storage and (sometimes cross-device) tracking technologies. Further information on how your personal data is processed by the operator of each social media platform can be found in the privacy information on the respective social media platform websites.

• Facebook Data Use Policy
• Instagram Privacy Policy
• LinkedIn Privacy Policy
• YouTube Privacy Policy

The listed social media platforms provide us with anonymous usage statistics (so-called page insights data) of our social media pages based on the actions and interactions of our followers. We have no influence over or access to the creation and processing of these usage statistics and the underlying data; this is carried out under the sole responsibility of the respective social media platform operator, without our access to personal data of individual followers or users. The social media platforms may independently generate personalized usage statistics for marketing, advertising, or other commercial or business purposes, potentially processing personal data outside the EU, beyond our influence or access. Further information on how your personal data is processed by the operator of each social media platform in connection with the creation and processing of usage statistics can be found in the usage statistics information on the following websites of the social media platforms:

• Facebook Information on Page Insights Data
• Instagram Insights
• LinkedIn Privacy Policy (Aggregated Insights)
• YouTube-Insights under https://support.google.com/youtube/answer/9002587?hl=en and https://policies.google.com/terms?hl=en

Further information on how your personal data is processed by the operator of each social media platform for interest-based advertising, as well as information on your profile and ad preference settings, can be found on the following websites of the social media platforms:

• Facebook under https://www.facebook.com/business/ads or https://www.facebook.com/adpreferences/ad_settings,
• Instagram under https://business.instagram.com/advertising or https://help.instagram.com/478880589321969/?helpref=hc_fnav,
• LinkedIn under https://www.linkedin.com/psettings/advertising-data,
• YouTube under https://support.google.com/youtube/answer/9002587?hl=en

5.4 Exercising Your Rights

The primary contact for exercising your rights is the operator of the respective social media platform, who alone has direct access to the necessary information or platform functionality and can take the appropriate measures. Contact details for exercising your rights with the respective social media platform operator and further information can be found in the privacy policies of the individual social networks:

1. Facebook Data Use Policy
2. Instagram Privacy Policy
3. LinkedIn Privacy Policy
4. YouTube Privacy Policy

6 Privacy Policy for Job Applications

Below we inform you which personal data we need from you in the case of an application, how we process it, and how you can contact us with questions.

We naturally treat your personal data confidentially and in compliance with the applicable data protection regulations.

The descriptions used to refer to persons in the text are gender-neutral. For ease of reading, we use only the masculine form.

Who is the target group of this privacy notice? 

This privacy notice applies to individuals (hereinafter referred to as applicants) who apply during the recruitment process at AGILOX Services GmbH, as well as to individuals for whom AGILOX Services GmbH creates an applicant profile in the context of an email or postal application, a physical submission, or any other form.

For what purpose do we process your data?

We process your data as part of our recruitment process (search and selection of staff) to fill open positions at AGILOX Services GmbH, i.e., to initiate an employment relationship. The necessity and scope of data collection depend, among other things, on the position to be filled.

You can apply either for a specific position or submit a speculative application. During the recruitment process, a recruiter from AGILOX Services GmbH will contact you by email or telephone. The recruiting procedure is managed with the help of our recruiting software.

On what legal basis do we process your personal data? 

We process your personal data based on your consent (Art. 6(1)(a) and Art. 9(2)(a) GDPR), as well as for pre-contractual measures in accordance with Art. 6(1)(b) GDPR.

Processing also takes place to comply with legal obligations and on the basis of legitimate interests of ours or of third parties, e.g., in connection with the establishment, exercise, or defense of legal claims such as claims under the Equal Treatment Act (Art. 6(1)(f) GDPR). In the event of legal proceedings, we also have a legitimate interest in processing the data for evidence purposes.

No obligation to provide data

You are neither legally nor contractually obliged to disclose your personal data. However, we cannot process your application without your personal data and may have to suspend the application procedure if you do not provide us with the necessary data.

Which personal data do we collect and process?

The following categories of data are collected when creating the applicant profile and subsequently processed:

• Registration data (date created/updated, applicant source)
• Personal data (first and last name, date of birth, academic degree)
• Address and contact data (postal address, phone number, email address)
• Application documents (cover letter, CV, motivation letter, certificates)
• Data on your professional experience (information about previous employment)
• Education data (information on school certificates or university degrees)
• Job-related requirements (career profile, job description, preferred working hours, notice period, salary expectations)
• Other skills and qualifications (additional training, certificates, languages, hobbies)
• Additional questions depending on the position (e.g., driving license, citizenship)
• Voluntary information such as photos, disability status, or any other details you choose to provide or upload

• Data from publicly available profiles on social media platforms, such as Facebook, karriere.at, Xing, or LinkedIn

During the further recruitment process, your data will be supplemented by a recruiter of AGILOX Services GmbH:

• Interview appointments, interview notes, and comments on your profile, e.g., salary expectations
• Applicant correspondence with employees of AGILOX Services GmbH
• Using keywords to make your profile easier to find in the applicant database
• Additional positions we may suggest to you, provided you accept the separate voluntary declaration of consent

Please note that health data, racial or ethnic origin, information on political, religious, union, or sexual orientation are considered particularly sensitive data. Please refrain from providing this type of information. If you provide information in your application that falls under special categories of personal data according to Art. 9(1) GDPR, we will process it only within the legally permissible scope.

Accuracy of Your Information

We can only properly process your application if the information provided is accurate. By giving your consent, you confirm that the information you provide is complete and truthful.

Is so-called profiling done?

Our recruitment process contains no automated mechanisms that would cause applicants to be automatically excluded. Decisions regarding recruitment and selection are made solely by the responsible employees of AGILOX Services GmbH.

Who has access to your data?

Employees of AGILOX Services GmbH:

The collection, storage, processing, and transfer of data is carried out exclusively by employees of AGILOX Services GmbH’s HR department. Access to your personal data is granted to individuals involved in filling the position (usually management or key roles). Otherwise, data is never shared with third parties without prior consent.

Technical service providers:

We employ service providers (so-called processors under Art. 4(8) GDPR) to assist with our recruitment process. These include the developer of our recruitment software and the hosting provider who supply servers for its operation. These service providers occasionally have access to your data for maintenance purposes. They are contractually bound by a data processing agreement to confidentiality and appropriate security measures and process the data solely on behalf of AGILOX Services GmbH.

Other recipients:

To fulfill legal obligations or defend against legal claims, we may in some cases grant authorities or courts access to your data.

What rights do you have?

Under the General Data Protection Regulation, you have the right to access, correct, revoke, delete, object to, and complain about your personal data. We would like to explain these rights to you in more detail below:

Your right to access, data portability, correction, and complaint

Naturally, you are entitled to information regarding the personal data we collect and process. Upon your request, we will inform you about the type of data, the purposes for which it is processed, who it is shared with, how long it is stored, and your other rights regarding this data.

You can also request that we provide all personal data you shared with us to yourself, another person, or a company of your choice in a structured, commonly used, and machine-readable format and correct any inaccurate data.

You also have the right to file a complaint with the competent supervisory authority and to be continuously informed about the status and results of the complaint procedure.

Your right to withdrawal of consent, obection, and deletion/restriction of your personal data: 

You can withdraw your consent at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Please note that we may have to suspend the application process if you withdraw your consent to the processing of these data. In this case, we are obliged to delete your personal data or restrict processing if consent is partially withdrawn.

You also have the right to object at any time to the processing of your personal data for reasons arising from your particular situation, if the data are processed under Art. 6(1)(e) GDPR (processing in the public interest) or Art. 6(1)(f) GDPR (processing for legitimate interests). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or unless the processing is necessary for the establishment, exercise or defense of legal claims.

How long will your personal data be stored?

If you neither withdraw your consent nor file a valid objection, your data will generally be stored for 6 months from the date you become aware of this privacy information. This also applies if you retract your application before the recruitment process is completed without explicitly withdrawing consent. An email will be sent to you 14 days before the end of these time frames, giving you the opportunity to (re)confirm your consent. If you grant us your consent again, your applicant profile will be retained by AGILOX Services GmbH for another 6 months. Should you not give your consent, your profile will be deleted, unless we are legally required to retain it or need the data to assert, exercise, or defend legal claims.

Who can you contact?

If you have any questions or wish to exercise your rights, please get in touch with:

AGILOX Services GmbH
Gewerbepark 3
4671 Neukirchen bei Lambach

privacy@agilox.net

We will process your inquiries as quickly as possible in accordance with legal requirements and inform you about the measures we have taken or will take.