Privacy Policy

The protection of personal data and the responsible handling of information entrusted to us are very important for us. We (i.e. arago GmbH) collect, process, and utilize personal data only in accordance with the statutory regulations (e.g. the GDPR). With this privacy policy, we are informing you about collection, processing and use of your personal data in the context of our website.

1. PERSONAL DATA

If you use the website purely for information purposes, i.e. if you do not log on to, register, or provide us with any other information to use the website, we do not collect any personal data, apart from data which your browser sends to enable you to visit the website. The purpose of this data collection is to enable you to visit the website and to ensure that the website functions properly. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. This is:
  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request(specific page)
  • Access status/HTTP status code
  • Data volume transmitted
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.
 There is no obligation to provide the data, but if the data are not provided, we cannot provide the requested website content. The legal basis is the balancing of interests(point (f) of Article 6 paragraph 1 GDPR). Our legitimate interest is the provision of the website content requested by the user, ensuring the security of the IT infrastructure used to provide the website, in particular identifying, eliminating and preserving evidence of disruptions.
 
In order to facilitate an informational use of the website by you, we use cookies (see Section 6) on the website, by means of which personal data are processed.
 
Unless otherwise is stated in this Data Privacy Policy, we will only store your data for as long as is necessary for the purposes for which they were collected or processed, unless longer storage periods are required by law. Your personal data will therefore be deleted after your request has been processed unless otherwise has been agreed or required by law.
If you use a registration form, arago will collect the information you provide to arago, which may consist of your first and last name, email addresses, telephone numbers, location (country, state/province, city), company name, job title/role, department and function.
In the course of processing personal data we use subcontractors and conclude contracts with these processors in accordance with the requirements of Art. 28 GDPR. The provider which is used to host the website is Amazon Web Services (AWS), headquartered Seattle, Washington, United States. In case of data transfer to AWS in Seattle, Washington, United States,  the appropriate level of data protection is guaranteed by an adequacy decision of the European Commission. AWS in the USA is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU. Further information on data protection at AWS can be found on the following website https://aws.amazon.com/compliance/data-privacy/

2. DATA CONTROLLER AND DATA PROTECTION OFFICER

The data controller for arago and arago’s website is: arago GmbH, Eschersheimer Landstr. 526-532, 60433 Frankfurt am Main, Germany. Our data protection officer can be reached at dpo (at) arago.co, +49(0)69 405680
All requests for information, corrections and deletions, objections or revocations of consent, the assertion of the right to limit the processing or the right to data portability, as well as comments or questions by the user relating to data protection are to be sent to this address. If you send your request to our postal address please use the addition “data privacy”.

3. COLLECTION AND PROCESSING OF PERSONAL DATA ON REQUEST

Your personal data will be collected, processed and used in accordance with the provisions of the German Telemedia Act (Telemediengesetz, TMG) and data protection law, in particular the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the General Data Protection Regulation (GDPR). By means of this data protection declaration we inform about the collection of personal data on and via our website in accordance with Art. 13 GDPR.
Unless otherwise described in section 4 et seq. your personal data is apart from these cases only collected and processed if you voluntarily provide it.

4. DATA PROCESSING TO ENABLE THE USE OF THE WEBSITE

We collect your personal data where necessary to enable your use of this website (usage data), to give you access to special information, or to otherwise communicate with you. This includes your IP address as well as data about the beginning and end of sessions and the telemedia used, it may also include data used to identify you. These data serve the purposes of delivering the service and designing it in a needs-based manner on the basis of Art. 6 (1) sentence 1 lit f GDPR.

5. DURATION OF PROCESSING OF PERSONAL DATA

Where arago is processing and using your personal data as permitted by law or under your consent, arago will store your personal data (i) only for as long as is required to fulfil the purposes set out herein or (ii) until you object to arago’s use of your personal data (where arago has a legitimate interest in using your personal data), or (iii) until you withdraw your consent (where you consented to arago using your personal data). However, where arago is required by mandatory law to retain your personal data longer or where your personal data is required for arago to assert or defend against legal claims, arago will retain your personal data until the end of the relevant retention period or until the claims in question have been settled.

6. COOKIES

When you visit our website, information may be stored on your computer in the form of cookies. Cookies are small text files that are transferred between a web server and your browser and are stored on your computer’s disk. This enables us to recognize you when you re-visit the website and we can offer you better functionality of our website and, for example, avoid that you have to log in repeatedly, or allow us to carry out web analysis.
Most browsers are configured to automatically accept cookies. You may deactivate that cookies are stored by your browser and erase cookies at any time. Please note that without cookies, the use and experience of our services via this website may be impeded or impossible. Via your browser settings, you can also prevent certain cookies (such as third-party-cookies) from being stored, e.g. if you want to prevent web tracking. You will find further information in your browser’s help section.
This website uses cookies to the following extent:
  • This website uses cookies to the following extent:
  • Transient cookies(temporary use) are deleted automatically when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests by your browser can be assigned to the shared session. As a result, your computer can be recognized when you return to the website. Session cookies are deleted when you log out or close your browser.
Types of Cookies
1.1 Required cookies
 These cookies are required to enable core site functionality.
1.2 Functional cookies
 These cookies allow us to analyze site usage so we can measure and improve performance.
Company
Cookie
Description
Google Analytics
_ga
Used to distinguish users. Expiration time – 2 years
Google Analytics
_gid
Used to distinguish users. Expiration time – 24 hours
Google Analytics
_gat
Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>. Expiration time – 1 minute
Hubspot
__cfduid
This cookie is set by HubSpot’s CDN provider, Cloudflare. It helps Cloudflare detect malicious visitors to your website and minimizes blocking legitimate users. It may be placed on your visitors’ devices to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It is necessary for supporting Cloudflare’s security features.
Hubspot
___hstc
The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
Hubspot
hubspotutk
This cookie keeps track of a visitor’s identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
Hubspot
__hssc
This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. 
Hubspot
__hssrc
Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
Personio
YouTube
VISITOR_INFO1_LIVE
This cookie tracks viewing of Youtube videos on the website.
LinkedIn 
LinkedIn Insight
1.3 Third Party cookies
 Third-party cookies are set by other organizations that we use for different services. For example, we are using YouTube to enable video content streaming on this site and YouTube may  set its own cookies.

7. WEB TRACKING AND COOKIES

In order to optimize the user experience of our website, we use web tracking technology such as Google Analytics (see section 8). Respective data is stored in pseudonymous usage profiles (your IP addresses is stored in anonymized form). Pseudonymous usage profiles will not be (re-)combined with personal data.
When you visit our website for the first time or if necessary again, we will ask whether you agree that we
  • process usage data in pseudonymous usage profiles (tracking) for advertising, market research, web analysis and website improvement purposes, and
  • we use cookies for this and other purposes that are not required for the technical provision of the website.
When visiting our websites, you will be asked in a cookie layer whether you consent to our using of any marketing cookies or tracking mechanisms, respectively.
You can restrict your consent to the setting of cookies in whole or in part by configuring your browser settings accordingly and deactivating the setting of cookies in whole or in part. In addition, you can install a plugin in your browser to protect your privacy, which offers the possibility to prevent web analysis – e.g. AdBlock, Ghostery or NoScript (please note the data protection information of the respective plugin provider). In addition, some web analytics providers are members of industry associations whose websites allow you to centrally prevent the use of online advertising and web analytics by their members. Below you find the websites of these associations for a comfortable provider-spanning prevention of web analysis. In this way you can also prevent the creation of pseudonymous user profiles

8. GOOGLE ANALYTICS

Our website uses Google Analytics, a web analytics service by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google). Google Analytics uses cookies (see section 4) in order to analyse your use of this website. The information about your use of this website is collected via cookies. It is usually transferred to and stored on servers of Google Inc. in the US. Prior to the transfer to the US, Google masks and thereby anonymizes your IP address within the territory of the EU or of the European Economic Area. Only in exceptional cases, the full IP address is sent to and masked by Google servers in the US. On behalf of the website provider, Google will use this information to analyse your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not combine your IP address with any other data held by Google.
  1. You may refuse to have cookies stored on your device by appropriately configuring your browser (see section 7) or by using a privacy plugin (see section 7). Further, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available here: https://tools.google.com/dlpage/gaoptout?hl=en-GB. Further information on the data processing in the context of Google Analytics is available under: https://www.google.de/intl/de/policies/.

9. TRANSFER TO THIRD PARTIES

We will only transfer your personal data to third parties where allowed or required by law or if you have given prior consent. If you have given consent, you can withdraw it at any time with effect for the future. We only transfer data to public authorities if required by law, administrative order or court order.

10. TRANSFER OF DATA TO NON-EU COUNTRIES

If necessary for our purposes, we transfer your data to recipients outside of the EU if it is guaranteed that the recipient maintains an adequate level of data protection and there are no legitimate interests excluding the transfer. To guarantee an adequate level of data protection at the recipient’s end, we in particular use the EU Commission’s model clauses for data transfers to third countries.

11. DATA SECURITY AND CONFIDENTIALITY

We have taken the necessary technical and organisational measures to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees and all persons involved in the data processing are obliged to observe data protection law. and to keep personal data confidential. To protect your personal data, we use a secure online transmission protocol called “Secure Socket Layer” (SSL). You can recognize this where an “s” is added to the URL part “http://” (making it “https://”) or by a green, closed lock icon shown in your browser. By clicking the lock icon, you will get information on the SSL certificate used. The appearance of the icon depends on the type and version of your browser. SSL-encryption ensures an encrypted and complete transmission of your data.
The technical and organizational security measures implemented by our hosting provider AWS are described here: https://aws.amazon.com/compliance/data-privacy/

12. YOUR RIGHTS REGARDING YOUR PERSONAL DATA

The user and other data subjects may demand from us the following rights in respect of their personal data:
 
  • Right of access by the data subject (Article 15 GDPR)
  • Right to rectification (Article 16 GDPR)
  • Right to erasure (‘right to be forgotten’) (Article 17 GDPR)
  • Right to restriction of processing (Article 18 GDPR)
  • Right to data portability (Article 20 GDPR)
  • Right to object (Article 21 GDPR)
  • Right to revoke consent given at any time without affecting the legality of the processing carried out on the basis of the consent until revocation, if the data processing is based on consent pursuant to Art. 6 para. 1 lit. a or Article 9 para. 2 lit. a GDPR.
 
With respect to Art. 21 GDPR you may object
  • on grounds relating to your particular situation
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on lit. e (public interest) or lit. f (legitimate interests) of Article 6 para. 1, including profiling based on those provisions. We no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
  • relating to direct marketing
Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data is no longer be processed for such purposes.

13. YOUR CONTACT TO EXERCISE YOUR RIGHTS

In these matters and in case of questions relating to data protection, please contact our data protection officer Dr. Bernd Schmidt at dpo (at) arago.co or write to: arago GmbH, Eschersheimer Landstr. 526-532, 60433 Frankfurt am Main, Germany. For a swift processing of your request, we recommend stating your name, surname, date of birth and, where existing, your e-mail address and in case of an opt-out after receiving advertisements attaching a copy of the advertisement.

14. RIGHT TO LODGE A COMPLIANT WITH A SUPERVISORY AUTHORITY

If you believe that arago is not processing your personal data in accordance with the requirements set out herein or applicable data protection laws, you can at any time lodge a complaint with the competent data protection authority (Art. 77 GDPR).

15. NO AUTOMATED DECISION MAKING

We do not use your personal data for automated decision making under Art. 22 (1) GDPR.

16. CHANGES TO THIS DATA PROTECTION DECLARATION

New legal requirements, business decisions or technical developments may require changes to our data protection declaration. This data protection declaration will then be updated. The most current version is always available on our website.
Last Update: September 9th 2020

Get started

Contact us for a demo or to learn more about Knowledge Automation