Open Hippo prioritizes the protection of your privacy and the security of your personal data.
This Privacy Policy is designed to help you understand how we collect and process your personal data when you use our website or contact us.
We believe that you have the right to control your personal data. As such, we have outlined the various rights you have regarding your personal data, including your right to object to certain uses, and your right to access, update, or delete your data.
1. Definitions
"Open Hippo" or "We": refers to Open Hippo GmbH, a German entity registered at the Register Court of Augsburg under Register Number HRB 39923, with its corporate seat at Garmischer Allee 15, 86438 Kissing, Germany.
"User", "Customer" or "You": refers to any person who subscribes to, accesses, or uses Our Services.
"Privacy Policy": refers to this document describing the Processing activities carried out by Open Hippo as Data Controller. This Privacy Policy covers the Processing activities relating to Your use of Our Services.
"Processing": refers to any operation relating to Your Personal Data (for instance: collection, use, access, transfer, deletion, etc.).
"Personal Data" or "User Data": refers to any data that directly or indirectly relates to You.
"Data Controller": refers to the person who makes decisions about Your Personal Data. For instance, the Data Controller decides which Personal Data to collect, where to store such data, for how long, etc.
2. Who is responsible for data protection?
Open Hippo is responsible for handling your personal data. In accordance with Article 37 of the German Federal Data Protection Act, Open Hippo is not obliged to designate a Data Protection Officer.Due to Open Hippo's location, the competent data protection supervisory authority is the Bavarian State Office for Data Protection Supervision. For current contact information, please refer to their website: https://www.lda.bayern.de.
3. What Personal Data do we collect and why?
Following the principle of data minimization, we aim to reduce the collected data to a minimum. However, personal data is collected when you use the website and when you contact Open Hippo.
3.1 What personal data is collected when visiting the website?
When you visit our website, your IP address, browser information, timestamp, and comparable information are saved as part of the server logs. We process server logs on the basis of our legitimate interest to ensure the security and proper functioning of our website. This data is not processed for any other purposes.
3.2 What happens to my data when I contact you in writing?
When you contact us in writing by mail or email we process your personal data on the basis of our legitimate interest to respond to your inquiries. The data you provide when contacting us remains with us until you request deletion, revoke your consent for storage, or the purpose for data storage no longer applies, for example after your request has been processed. Mandatory statutory provisions – especially retention periods – remain unaffected.
4. Who do we forward your Personal Data to?
4.1 Digital Ocean
We host this website with our cloud provider DigitalOcean, LLC, 101 Avenue of the Americas, FL 10, New York, NY, 10013-1905, United States of America.The personal data collected using the website is stored on the servers of Digital Ocean. The server is located in Germany. Digital Ocean assures that the data remains in the selected region and will inform us if this changes. To ensure data protection-compliant processing, we have concluded a data processing agreement with Digital Ocean. The agreement can be accessed at https://www.digitalocean.com/legal/data-processing-agreement.
4.2 Google
We have a legitimate interest in maintaining professional email communication with you as our customer and in conducting video conferences efficiently. To achieve this, we use Google Workspace, a product provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Workspace includes services such as Gmail for business email, Google Meet for video conferencing, and other collaboration tools. When you communicate with us via email or participate in a video conference, your personal data (such as your email address, name, and potentially your image and voice during video calls) may be processed through these services.
Google has committed to processing your personal data solely in accordance with our instructions as the customer, as outlined in the GDPR-compliant data processing agreements. For more information on Google's GDPR compliance, please visit: https://cloud.google.com/privacy/gdpr
Please note that Google is a US-based company, and data may be transferred to and processed in countries outside the EU. To ensure data protection-compliant processing, we have concluded a comprehensive data processing agreement with Google. This agreement governs how Google may process data on our behalf and includes strict data protection and security measures. You can review this agreement at: https://cloud.google.com/terms/data-processing-addendum/
5. What external services do we use?
5.1. Calendly
For convenience we offer you the option to book an meeting with us. The booking page is provided by Calendly LLC, 271 17th St. NW, Ste 1000, Atlanta, Georgia, United States of America. The booking page is not part of our website and is only accessible via an external link. The use of this service is entirely voluntary. Thus the consent for usage is managed directly by Calendly. When you give your consent, personal data related to the meeting, such as your name and preferred meeting time, is shared with Calendly.
It's important to note that by using Calendly's service, you are subject to their privacy policy and terms of service. We recommend reviewing these before proceeding with a booking. For further information on Calendly's data protection practices, please visit https://calendly.com/legal.
In this process, personal data will be transferred to the United States of America. We have implemented appropriate safeguards, including Standard Contractual Clauses, to ensure the protection of your data when it is transferred outside the EU/EEA. The data processing addendum is part of Calendlys terms of use. However, please be aware that data protection laws in the United States of America may differ from those in the EU. If you prefer not to use Calendly, please contact us directly at [email protected] to arrange a meeting.
5.2 LinkedIn
Open Hippo maintains a social media presence on LinkedIn, operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
We prioritize your privacy and do not use any analytics tools or cookies on our own website. Similarly, we do not actively collect or process any data from our LinkedIn page. There is no direct data transfer between Open Hippo and LinkedIn regarding user data.However, it's important to understand that by interacting with our LinkedIn page, you are using LinkedIn's platform and are therefore subject to LinkedIn's data processing practices. LinkedIn may collect and process personal data about you when you visit our LinkedIn page or interact with our content, even if you don't have a LinkedIn account.
If you choose to interact with us on LinkedIn (e.g., by commenting, liking, or sending us a message), we will only see the information that LinkedIn makes visible to page administrators, which is typically limited to publicly available profile information and the content of your interaction. Before engaging with our LinkedIn presence, we strongly recommend that you review LinkedIn's Privacy Policy at https://www.linkedin.com/legal/privacy-policy to understand how they collect, use, and share your data.
Please note that LinkedIn is a US-based company, and data may be transferred to and processed in countries outside the EU. LinkedIn states that it uses Standard Contractual Clauses and additional safeguards for these transfers. Remember, your use of LinkedIn is subject to your own agreement with LinkedIn. Open Hippo is not responsible for LinkedIn's data processing practices and does not have control over data collected or processed by LinkedIn.
5.2 Ticket Tailor
We use the Ticket Tailor platform to streamline ticket purchases and event registration for our trainings. Ticket Tailor, operated by Zimma Ltd., 203-213 Mare Street, London, E8 3LY, processes your personal data in compliance with the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
Before you use the platform, we recommend that you familiarize yourself with how your data is processed. For example, Google Analytics is also used to collect anonymized data about website usage. For information on Ticket Tailor's about how your personal data is processed, we refer to their Privacy Policy at https://www.tickettailor.com/legal/privacy-policy.
We collect, process, store and use personal data when you book a ticket and buy any of our associated products and services to an event including your name, address and email address together with payment information. We may also collect personal data that you give to us about other people if you register them to attend an event. You agree that you have notified any other person whose personal data that you provide to us of this privacy notice and, where necessary, obtained their consent so that we can lawfully process their personal data in accordance with this policy.When you visit the platform, information is collected.This information could include your computer or other device's unique ID number, technical information about your device such as type of device, web browser or operating system, your preferences and settings such as time zone and language and statistical data about your browsing actions and patterns. Ticket Tailor collects this information using cookies. They use the information on an anonymous basis to improve their event ticket shop, the events and the products and services they provide, and for analytical and research purposes.
We will use your personal data in order to comply with our contractual obligation to supply to you your tickets to an event and any associated products and services, including to contact you with any information relating to the event or your purchases, to deliver the event and your purchases to you in accordance with any requests you make and that we agree to, and to deal with any questions, comments or complaints you have in relation to the event or your purchases. We may also use your personal data for our legitimate interests, including dealing with any customer services you require.
Your personal data may be shared with any service providers, sub-contractors and agents that we may appoint to perform functions on our behalf and in accordance with our instructions, including payment providers, event ticketing providers, email communication providers, IT service providers, accountants, auditors and lawyers.
According to Ticket Tailor, their servers and databases are located in the EU, specifically in Ireland. However, they state that they use a small number of third parties, some of which are outside the EU, to provide their ticketing service. These third parties are bound by contracts that oblige them to comply with GDPR. You can find more information at https://www.tickettailor.com/legal/gdpr-third-parties.
If you attend a training session but do not want to use Ticket Tailor, please feel free to contact us.
6. What rights do you have as a user?
Under data protection law, you as a user have the following rights regarding your personal data:- the right to information
- the right to rectification and deletion
- the right to restrict processing
- the right to object to processing
- the right to data portability
You have the right to withdraw your consent at any time, where we rely on consent as a legal basis for processing. This withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.In addition, in accordance with data protection law, you also have the right to data disclosure and data destruction.If you wish to exercise your rights, you can inform us informally by email at [email protected], or by mail to our postal address:
Open Hippo GmbH
Garmischer Allee 15
86438 Kissing
Germany