We, Cosuno Ventures GmbH (hereinafter ‘we’ or ‘Cosuno’) are pleased that you are interested in our company.

We take the protection of your personal data and its confidential treatment very seriously. The processing of your personal data takes place exclusively within the framework of the legal provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter "GDPR") and the other applicable regulations.

With this data protection declaration, we inform you about the processing of your personal data on our website [http://www.cosuno.com] (the ‘Website’) and your rights under the GDPR.

1. Contact information of the data protection officer

The data protection officer of the person responsible is: 

DataCo GmbH
Dachauer Straße 65
80335 Munich

+49 89 7400 45840
www.dataguard.de

2. Subject-matter of the data protection

The subject matter of data protection is ‘personal data’. This includes all information that relates to an identified or identifiable natural person (so-called data subject). This includes, for example, information such as name, postal address, e-mail address, or telephone number.

You will find specific information on the personal data we process in each case under the data handling processes listed in detail.

3. Collection and storage of personal data as well as the type and purpose of their processing

a. When visiting the website

When you visit our website, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted after 365 days:

  • The IP address of the requesting computer,
  • date and time of access,
  • name and URL of the retrieved file,
  • the website accessed from (referrer URL),
  • website accessed through our website;
  • browser used and, if applicable, the operating system of your computer and the name of your access provider.

The mentioned data are processed by us for the following purposes:

  • Ensuring a smooth connection establishment of the website,
  • ensuring comfortable use of our website,
  • evaluation of system security and stability as well as
  • for other administrative purposes.

The legal basis for data processing is Art. 6 Paragraph 1 S. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the collected data to draw conclusions about your person.

In addition, we use cookies and analytics services when you visit our website. You will find more detailed explanations under sections 5 and 6 of this data protection declaration.

b. When subscribing to a newsletter

If you have agreed expressly by Article 6 Paragraph 1 S. 1 lit. f GDPR, we will use your e-mail address to send you our newsletter regularly. Providing an email address is sufficient to receive the newsletter. The newsletter can also contain content from our cooperation partners.

If you purchase goods or services on our website and enter your e-mail address, this can subsequently be used by us to send a newsletter. In such a case, only direct advertising for our own similar goods or services will be sent via the newsletter. In this case, the legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG i. In conjunction with Article 6 Paragraph 1 S. 1 lit. f GDPR.

You can unsubscribe at any time, regardless of whether the sending of the newsletter is based on consent or legal permission, for example via a link at the end of each newsletter. Alternatively, you can send your request to unsubscribe at any time to: info@cosuno.de. There are no costs other than the transmission costs according to the basic tariffs.

The data required for sending the newsletter will be deleted as soon as they are no longer required to achieve the purpose for which they were collected and provided that no other legal basis for further processing applies. Your e-mail address will therefore only be stored for sending the newsletter until you revoke your consent or object to the sending of the newsletter.

c. When using our contact form or e-mail contact

If you have any questions, we offer you the opportunity to contact us using a form provided on the website. It is necessary to provide a valid e-mail address so that we know who sent the request and can answer it. Further information can be provided voluntarily.

Alternatively, you can contact us via the email address provided. In this case, the personal data transmitted by you with the e-mail will be saved.

Data processing to establish contact is described in Art. 6 Paragraph 1 lit. f GDPR. If contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.

The personal data collected by us from the contact form can be deleted at your request after your request has been dealt with. Please send this request to ​info@cosuno.de​ and we will be happy to comply with your request immediately.

4. Information disclosure

We do not pass on your personal data to third parties (recipients).

We work with service providers, so-called processors, to whom we transfer personal data and who process personal data on our behalf and according to our instructions within the framework of Art. 28 GDPR. These service providers have been carefully selected and commissioned by us, are bound by our instructions, and are regularly checked. Specifically, these are the following service providers:

  • Google Analytics: ​(listed in section 6.a)
  • Full Story: (listed in section 6.c)
  • Mixpanel: (listed in section 6.d)
  • Facebook: (listed in section 6.e)
  • LinkedIn: (listed in section 6.f)
  • Beamer: ​​We use Beamer to inform our customers about important changes, news, and updates as well as to receive user feedback on our latest updates. Beamer uses cookies and other technologies to collect data about user behaviour and the devices used (in particular the IP address, which is only stored anonymously, the device type (individual device type identification), browser information, geographic information (country), preferred language for displaying the website, among others. Beamer stores this information in a pseudonymised user profile. Neither Beamer nor we will use this information to identify individual users or to compare it to future data. You can view Beamer's privacy policy under: https://www.getbeamer.com/privacy-policy
  • Segment: ​We use Segment.io, a service provided by Segment.io, Inc, 101 15th St, San Francisco, CA 94103, USA (‘Segment’) for data analysis, which helps us to analyse the access data that is generated when using our website, to collect, analyse and, with the help of the other third-party tools described in this declaration, to evaluate usage and to use it for website optimisation. The usage data collected is only processed in a pseudonymised form, IP addresses are shortened accordingly after they have been collected and the data is not used to merge usage profiles with your personal data. Information about the use of our website is usually transmitted to a Segment server in the USA and stored there. You can find out more about Segment.io's data protection declaration and data protection guidelines in general. You can object to the collection of data for these purposes by preventing the storage of cookies via your browser settings.
  • Intercom: ​​We make Intercom live chat available on our website, which allows us to take up contact with website visitors and answer questions. The legal basis for the processing of your data is Article 6 Paragraph 1 S. 1 lit. f GDPR. During the chat connection, we display and store the location, IP address, browser and website visited. For more information about Intercom live chat, see Intercom's privacy policy. An order processing contract was concluded for the processing and storage of the data. Intercom automatically deletes the IPs and geographical data of visitors who have not visited our website for 9 months.
  • Niro: ​​We store plain data in Niro to evaluate the results for the Cosuno Bau Digital Fonds 2020 application. Niro processes personal data exclusively for the provision of the services. To execute the contract and in particular, to provide the services on behalf of the user, the user authorises and requests that Niro process the following personal data:
    • any data sent by the user to Niro for processing from the date of this agreement;
    • all data accessed by Niro for processing on behalf of the user as of the date of this agreement; and
    • any data otherwise received by Niro for processing on behalf of the user; 
      concerning all services.

5. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your terminal (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not damage your terminal and do not contain viruses, Trojans, or other malware.

Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed about your identity.

For one thing, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages on our website. These are automatically deleted after leaving our website.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a specific period. If you visit our website again to make use of our services, it will automatically be recognised that you have already been with us and what inputs and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer (see section 6). These cookies enable us to automatically recognise when you visit our website again that you have already been with us. These cookies are each automatically deleted.

The data processed by cookies are required for the stated purposes to protect our legitimate interests and those of third parties per Article 6 Paragraph 1 S. 1 lit. f GDPR.

Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your computer or that a message always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

6. Analytical tools

The tracking measures listed below and used by us are carried out based on Article 6 Paragraph 1 S. 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

The respective data processing purposes and data categories can be found in the corresponding tracking tools in this section.

a. Google Analytics

We use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; hereinafter Google). In this context, pseudonymised user profiles are created and cookies (see Section 5) are used. The information generated by the cookie about your use of this website such as

  • browser type/version,
  • operating system used,
  • referrer URL (the previously visited website),
  • hostname of the accessing computer (IP address),
  • time of server request,

are transferred to Google servers in the USA and stored there as part of the agreement on the order data agreement that we have concluded with Google. The information is used to evaluate the use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage for research and the needs-based design of these websites. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that an assignment is not possible (IP masking). Sessions and campaigns are terminated after a certain period. By default, sessions are terminated after 30 minutes of inactivity, and campaigns are terminated after six months. The time limit for campaigns can be a maximum of two years.

You can prevent the installation of cookies by setting the browser software accordingly; we would like to point out to you however that in this case not all functions of this website can be used in full.

You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (​https://tools.google.com/dlpage/gaoptout?hl=en).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie will be set to prevent future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (​https://support.google.com/analytics/answer/6004245?hl=de​).

b. Google Adwords Conversion Tracking

We also use Google Conversion Tracking to statistically record the use of our website and to evaluate it for you in order to optimise our website. Google Adwords places a cookie (see section 5) on your computer if you have reached our website via a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not yet expired, Google and the customer can recognise that the user clicked on the ad and was redirected to this website.

Each Adwords customer receives a different cookie. This means that cookies cannot be tracked via the websites of Adwords customers. The information obtained using the conversion cookie is used to create conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers learn the total number of users who have clicked on their ad and who were forwarded to a conversion tracking tag c. provided website. However, they do not receive any information with which users can be personally identified.

If you do not want to participate in the tracking process, you can also refuse the setting of a cookie required for this - for example via a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser so that cookies from the "www.googleadservices.com" domain are blocked. You can find Google's privacy policy on conversion tracking here (https://support.google.com/google-ads/answer/1722022).

c. Fullstory

This website uses Fullstory. Fullstory records user behaviour on our website. Visitor session recordings allow us to analyse them and subsequently improve the website experience for visitors. Fullstory stores and collects data in an anonymous form using cookies. You can deactivate tracking (i.e. the collection of the data generated by the cookie and related to the use of the website) at any time. Please follow the instructions at https://www.fullstory.com/optout.

We use Fullstory to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. The legal basis for data processing in connection with the use of Fullstory is Art. 6 Paragraph 1 S. 1 lit. f GDPR.

Third-Party Information: Fullstory Inc. (hereinafter “Fullstory”), 818 Marietta Street, Atlanta, GA 30318, USA. full story Information on data protection can be found on the Fullstory website (www.fullstory.com). Fullstory has subjected to the EU-US Privacy Shield. You can find more information on this on the EU-US Privacy Shield website (www.privacyshield.gov). 

d. Mixpanel

We use Mixpanel, an application marketing analytics service owned by Mixpanel Inc. (“Mixpanel”), incorporated under the laws of the State of Delaware, USA. Mixpanel uses "cookies" to help analyse how visitors arrive at and use our Service and provide us with statistical reports on the activity of the Services. This data generated by cookies or other technologies about your use of the Services (including IP address) (the "Analytics Services Information") is transmitted to Mixpanel and may be stored on servers in the United States. Mixpanel will use the Analytics Services Information to compile reports on the activity of the Services for us.

For more information, see Mixpanel's Terms and Conditions and Privacy Policy. https://mixpanel.com/legal/privacy-overview/

e. Facebook Pixel

We use the so-called Facebook pixel on our website. This is a product of Facebook Ireland Ltd., Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (‘Facebook’).

The Facebook Pixel establishes a direct connection to the Facebook servers. Cosuno only uses the standard functions of the Facebook pixel and does not use the extended comparison. The pixel is a Javascript that allows us to track actions on our website and measure the effectiveness of our advertising on Facebook. This pixel can be used to track the behaviour of users after they have been redirected to our website by clicking on a Facebook ad. Facebook generates a non-reversible and non-personal hash value (checksum) from the usage data, which is used for analysis and marketing purposes, such as personalised advertisements. Details on how it works are available on the Facebook website https://en-gb.facebook.com/business/help/1711863145774142.

When you visit our website, the pixel establishes a direct connection to the Facebook servers, it acts as a so-called pseudonym, i.e. by setting the pixel we do not assign it directly to you, we do not save the data. However, the data is stored and processed by Facebook and connected to your Facebook account, also for its own advertising purposes, following the Facebook data usage guidelines https://www.facebook.com/about/privacy/.

f. LinkedIn Insight Tag

Our website uses the LinkedIn Ireland Unlimited Company’s “LinkedIn Insight Tag” conversion tool. This tool creates a cookie in your web browser, which enables the collection of the following data, among other things: IP address, device and browser properties, and page events (e.g. page views). This data is encrypted, anonymised within seven days, and the anonymised data is deleted within 90 days. LinkedIn does not share any personal data with Cosuno but offers anonymous reports on website audience and display performance. In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. With the help of this data, Cosuno can display targeted advertising outside of its website without you being identified as a website visitor. You can find more information on data protection at LinkedIn in the LinkedIn data protection information.

LinkedIn members can control the use of their personal information for advertising purposes in their account settings.

g. Sentry

We use Sentry, a service provided by Functional Software Inc., 132 Hawthorne Street, San Francisco, California 94107, to improve the technical stability of our service by monitoring crashes and detecting bugs. Sentry does not evaluate any data for advertising purposes. User data, such as the time of the error or information about the device, is collected anonymously and is not used personally. For more information, see Sentry's privacy policy: https://sentry.io/privacy/. The legal basis for using Sentry is a legitimate interest according to Art. 6 Para. 1 S. 1 f GDPR. Our legitimate interest lies in the user-friendly design of our offers.

h. Albacross

We inform you regarding the processing of personal data on behalf of Albacross Nordic AB (“Albacross”).

Information collected from cookies set in your device that qualify as personal data will be processed by Albacross, a platform offering visitor identification and ad targeting services with offices in Stockholm and Krakow. Please see below for full contact details.

The purpose for the processing of the personal data is that it enables Albacross to improve a service rendered to us and our website (e.g “Intent” service), by adding data to their database about companies. The Albacross database will in addition to “Intent Data” be used for targeted advertising purposes towards companies and for this purpose data will be transferred to third-party data service providers. For the purpose of clarity, targeted advertising regards companies, not towards individuals.

The data that is collected and used by Albacross to achieve this purpose is information about the IP address from which you visited our website and technical information that enables Albacross to tell apart different visitors from the same IP address. Albacross stores the domain from form input in order to correlate the IP address with your employer.

For full information about our processing of personal data, please see Albacross’ Privacy Policy: https://albacross.com/privacy-policy/

i. Hotjar

We use Hotjar (provided by Hotjar Ltd.) in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.

7. Social Media

We use Shariff buttons from the Facebook Inc. social network, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") on our website. a. The buttons are simple HTML links. We proceed within the framework of the Shariff solution. In the Shariff solution, a script retrieves how often, for example, the share button on a page was pressed: To do this, the script contacts the social network via the programming interface and retrieves the numbers. Your personal data will not be transmitted in this case. Instead of your IP address, only our server address is sent to Facebook, Google, and Twitter. You are not directly connected to Facebook, Google, or Twitter until you become active. Before that, social networks cannot collect any data about you. As long as you don't click on a link to share content, you remain invisible to the networks. If you click on the link, the obligation to provide information about data collection and processing no longer lies with us, but with the operator of the social network.

8. Data subject rights

You have the right:

  • to request information about your personal data processed by us per Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to complain, the origin of your data, if not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details;
  • following Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • according to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;
  • according to Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you use them to assert, exercise or defence of legal claims or you have objected to the processing according to Art. 21 GDPR;
  • following Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common, and machine-readable format or to request transmission to another person responsible;
  • according to Art. 7 Para. 3 GDPR, to revoke the consent you have given to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future and
  • to complain to a supervisory authority following Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.

9. Right of objection

If your personal data is processed based on legitimate interests following Article 6 Paragraph 1 Clause 1 Letter f GDPR, you have the right to object to the processing of your personal data following Article 21 GDPR, provided there are reasons for this, which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation.

If you would like to make use of your right of revocation or objection, an e-mail to kontakt@cosuno.de is sufficient.

10. Further references

We draw your attention to the following in accordance with Article 13 S. 2 lit. e GDPR:

The provision of your personal data to us is neither legally nor contractually required or necessary for the conclusion of a contract. You are not obliged to provide us with personal data. There are no negative consequences for you if you do not provide it.

We draw your attention to the following in accordance with Article 13 S. 2 lit. f GDPR:

We do not process your personal data for the purposes of automated decision-making.

In accordance with Article 13 S. 1 lit. f GDPR, we would like to point out that we do not intend to transfer personal data to a third country or an international organisation.

11. Data security

When you visit our website, we use the widespread SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual website on our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

12. Validity and changing this privacy policy

This data protection declaration is currently valid and has the status of 01.03.2021. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can call up and print out the current data protection declaration at any time on the website at www.cosuno.com.