Testbirds Privacy Policy
Testbirds is part of the Testbirds Group which includes Testbirds GmbH, Testbirds B.V., Testbirds Ldt. and Testbirds AB. This privacy policy will explain how our organization uses the personal data we collect from you when you use our website.
Privacy Statement
What data do we collect?
Depending on our relationship with you, we may collect the following data:
- personal identification information (name, email address, phone number, etc.)
- IP and device information (e.g. IP address, device/browser type)
How do we collect your data?
You directly provide Testbirds with most of the data we collect. We collect data and process data when you:
- use or view our website in general.
- submit a contact form.
- voluntarily complete a customer survey or provide feedback in any of our tests or via email.
- subscribe to our newsletter.
- visit our Social Media sites.
How will we use your data?
Testbirds collects your data so that we can:
- process your requests.
- provide you with sufficient experience using our website.
- email you with special offers on other products and services we think you might like.
How do we store your data?
Data from form submissions is stored in Salesforce/Pardot (further info below):
Testbirds will keep your personal data for period necessary to fulfill our legal and/or contractual obligations. Once this time period has expired, we will delete your data.
What are your data protection rights?
Testbirds would like to make sure you are fully aware of your data protection rights. Every user is entitled to the following:
- The right to access – You have the right to request Testbirds for copies of your personal data.
- The right to rectification – You have the right to request that Testbirds correct any information you believe is inaccurate. You also have the right to request Testbirds to complete the information you believe is incomplete.
- The right to erasure – You have the right to request that Testbirds erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that Testbirds restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to Testbirds’ processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that Testbirds transfer the data that we have collected to another organization, or directly to you, under certain conditions.
How to contact us
If you make a request, we will respond to you within one month. If you would like to exercise any of the above rights, please contact us:
- as a tester, please send an email to data-privacy@testbirds.com.
- as a website user or client, or if you want to contact our Data Privacy Officer, please send an email to dataprivacyofficer@testbirds.com.
Cookies
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.
How do we use cookies?
Testbirds uses cookies in a range of ways to improve your experience on our website, including:
- understanding how you use our website.
- being able to show you relevant content.
What types of cookies do we use?
There are of cookies our website uses:
- Functionality – Testbirds uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
- Marketing, Statistics, Social Media – Testbirds uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address. These may include cookies from third-party providers (so-called third party cookies). We only use such cookies with your consent pursuant to Section 25 (1) TDDDG and, if applicable, Article 6 (1) a GDPR. You can find information about the purposes, providers, technologies used, stored data and the storage period of individual cookies in the cookie settings of our Consent Management Tool.
The following technology is enabled on our website:
Google Analytics
This website, as well as the Testbirds Companion App, use Google Analytics and Google Remarketing, an analytics service provided by Google Ireland Ltd. Google Analytics is a web analytics service that allows us to collect and analyze data about the behavior of visitors to our website. Google Analytics allows us to measure interaction data from different devices and from different sessions. This allows us to put individual user actions in context and analyze long-term relationships. Google Analytics uses cookies for this purpose, which enable an analysis of the use of our website. This involves processing personal data in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers and information about interaction with our website. In part, this data is information stored in the terminal device you are using. In addition, further information is also stored on your used end device via the cookies used. Such storage of information by Google Analytics or access to information already stored in your end device will only take place with your consent. Google Ireland will process the data collected in this way on our behalf in order to evaluate the use of our website by the users, to compile reports on the activities within our website and to provide us with further services associated with the use of our website and the use of the Internet. In doing so, pseudonymous usage profiles of the users can be created from the processed data. The setting of cookies and the further processing of personal data described here takes place with your consent. The legal basis for the data processing in connection with the Google Analytics service is therefore Art. 6 para. 1 letter a GDPR. You can revoke this consent via our Consent Management Tool at any time with effect for the future. The personal data processed on our behalf to provide Google Analytics may be transferred to any country in which Google Ireland or Google Ireland’s sub-processors maintain facilities. Please refer to the notes in the section “Data transfer to third countries”. We only use Google Analytics with IP anonymization activated. This means that the IP address of the user is shortened by Google Ireland within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The IP address transmitted by the user’s browser is not merged with other data. The shortening of the IP address takes place on servers in the EU. You’ll find further information about Google’s policies here.
GA Connector
Google Analytics data is integrated with our CRM and Marketing Automation systems, Salesforce and Pardot (Salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich) by the means of the GA Connector (Zuev Software LLC, Akademika Lebedeva Street 1/6, Kyiv, Ukraine). The legal basis for the processing of said data lies with your consent, in accordance with Art. 6(1) Sentence 1(a) of GDPR. GA Connector does not store any personal information until the point when users start filling out forms on the website, where consent is then explicitly requested. You can find more information here.
Google Firebase
Our website uses Firebase services from Google. Firebase is certified under major privacy and security standards. More details on the used Firebase Services as well as how and what is processed by Google Firebase can be found here.
Hotjar
This website uses Hotjar, an analysis software of Hotjar Ltd. („Hotjar“) (Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta, Europe). For the purposes of the services that Hotjar provides to Customer Websites, Hotjar acts as a Data Processor and solely processes all personal data in accordance with the instructions received from our data controllers, the owner and/or operator of the Customer Websites. Hotjar Enabled Sites insert a tracking code and cookies onto their respective website which is transmitted to servers of Hotjar based in Ireland (EU). The following information may be collected:
End User’s device and browser:
- device’s IP address (captured and stored in an anonymised format)
- device screen resolution
- device type (unique device identifiers), operating system, and browser type
- geographic location (country only)
- preferred language used to display the Hotjar Enabled Site.
User interactions
- Mouse events (movements, location and clicks)
- Keypresses (Excluded are sensitive information like application data or payment data)
Log data
For a sampling of visitors, servers of Hotjar automatically record information which is collected from Customer Websites and Hotjar Site. This data includes:
- referring URL and domain;
- pages visited;
- geographic location (country only);
- preferred language used to display the webpage;
- date and time when website pages were accessed.
Cookies
Cookies are used to collect non-personal information including standard internet log information and details of your behavioural patterns upon visiting a Hotjar Enabled Site. This is done to enable the operators of a Hotjar Enabled Site to provide you with a better experience, identify preferences, diagnose technical problems, analyse trends and generally help our customers improve their website. Cookies are small data files transferred onto computers or devices by websites for record keeping purposes and to enhance functionality on the Hotjar Enabled Site. Most browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer, please visit the opt-out page and click “disable Hotjar” to reject all cookies, before accessing any Hotjar Enabled Site.
Microsoft
Bing: Our websites use the Microsoft Advertising service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). According to Microsoft Advertising, the data processed by Microsoft Advertising is stored on servers in the European Economic Area (“EEA”). According to Microsoft, there is no transfer of personal data to a third country, such as the USA. The storage and reading of information on your end device by cookies or similar technologies (e.g. object storage, pixels, web beacons), which are not required to provide a telemedia service explicitly requested by you, is based on your consent pursuant to Section 25 (1) TDDDG. You can declare this by opting in via our CMP (Consent Management Program) in the cookie settings. The further processing of your personal data after storage or readout is also based on your explicit consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR. You can declare your consent according to § 25 para. 1 TDDDG and Art. 6 para. 1 p. 1 lit. a GDPR with a single click on the corresponding button (“Accept all”). A later withdrawal has no effect on the permissibility of data processing until that time. Microsoft will delete your data as soon as it is no longer needed for the processing purpose, but no later than after one year and 25 days. Microsoft Forms: In certain cases we conduct surveys using Microsoft Forms. Further information can be found here.
Youtube
YouTube can be played directly from our website. By simply visiting our website – before you click on an embedded video – YouTube processes personal data by setting cookies. This is done regardless of whether YouTube provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of personalized advertising, market research and/or needs-based design of its own website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. The data transmitted to Google LLC via the YouTube video is predominantly stored on servers managed by Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) in the European Economic Area (EEA). For more information on the purpose and scope of data collection and processing by YouTube, please refer to Google’s privacy policy. Further information can be found here.
Pixel your site
We may use Pixel Your Site to collect information about how visitors interact with our website. Any information collected will be used only for the purpose of providing our services and will never be shared with any third parties. Further information can be found here.
Salesforce Pardot
Pardot is a Marketing Automation product. We use Pardot to gather insights and information about website visitors. Personal information is only stored in Pardot when completing a form or a subscription for an event or email communication. Processing of your data only happens with your consent. When using the service, a transfer of your data to the USA or another third-party country cannot be excluded. As appropriate safeguards for transfers to third countries we use Salesforce’s Processor Binding Corporate Rules for the Processing of Personal Data. Pardot’s privacy policy is available here.
Truendo
We use the CMP of TRUENDO Technologies GmbH (truendo.com) on our website. The CMP is used to document and manage your consent, declared by an opt-in, to the processing of your personal data through services that are not technically necessary. As a controller, we are required by law to account for the granting of consents. We must therefore be able to prove your consent. Consent data includes the date and time of your visit or your consent or refusal, as well as device information. We obtain this information by retrieving it from the local storage provided in your browser for this purpose. Truendo acts as a processor. The contractual agreement provides, among other things, that Truendo has undertaken to comply with data protection, which includes securing your personal data (consent data) by means of appropriate technical and organizational measures – in particular by means of encryption technologies. The legal basis for storing your consent is Art. 6 para. 1 lit. c GDPR in conjunction with Art. 5 para. 1 lit. a, para. 2, Art. 7 para. 1 GDPR and Art. 6 para. 1 lit. f GDPR, whereby compelling reasons can be held against an objection on your part. Such a compelling reason arises, for example, from the above-mentioned accountability obligation to which we are subject by law. Consent pursuant to Section 25 (1) TDDDG is not required, as the exception of Section 25 (2) No. 2 TDDDG applies in this respect. Your consent data will be stored on Google cloud servers located in the EU/EEA and stored for regulatory auditing purposes for a period of 3 years. Both the data transfer to the servers and the subsequent storage on the servers are encrypted. Truendo hosts the key relevant for decryption on its own servers in the EU, which are managed by Truendo itself. This prevents Google from disclosing the consent data to US authorities. More information can be found here.
Our Internet presence uses social plug-ins (“plug-ins”) for the social network, facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plug-ins are recognizable by Facebook logos (a white “f” on a blue tile or a “thumbs-up” sign) or are identified by the endorsement, “Facebook Social Plug-in”. The list and the appearance of the Facebook Social Plug-ins can be viewed here. If you call up a website from our online platforms, which includes such a plug-in, your browser creates a direct link with Facebook’s servers. The content of the social plug-in is transmitted directly to your browser by Facebook and links into the website. We have no influence on the extent of data collected by Facebook by means of the social plug-in. The integration of the plug-in provides Facebook with the information that you have called up the corresponding page of our Internet presence. If you are logged onto Facebook, Facebook is able to assign the visit to your Facebook Account. If you interact with the social plug-ins, for example, if you activate the “Like” button or leave a comment, the relevant information will be transmitted directly from your browser to Facebook. Even if you are not a Facebook member, it is possible that Facebook may discover and store your IP address. The purpose and scope of data collection and the further processing and use of the data by Facebook as well as your rights in this regard and possible browser settings to protect your personal privacy can be found in your Facebook data protection instructions. We may use data collected to deliver tailored advertisements to you on other websites, including via Facebook’s Custom Audience Feature or other similar Facebook tools. We will not share your email address with Facebook. Click here to learn about how you can control the ads you see on Facebook.
On our website you will find plugins of the social network LinkedIn.com, which is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (‘LinkedIn’). The LinkedIn plugins are indicated by the LinkedIn logo or the ‘Recommend’ button on our website. Please note that when you visit our website, the plugin connects your Internet browser with the LinkedIn server. LinkedIn is thus informed that our website has been visited by your IP address. If you click the LinkedIn ‘Recommend’ button while logged into your LinkedIn account, you can link content from our website to your LinkedIn profile. LinkedIn assigns your visit to our website to your user account. Please note that we receive no information about the content of the transmitted data or of the use of these by LinkedIn. For more details on the collection of data and your legal rights and settings options, please see the LinkedIn privacy policy. If you want to opt-out from this feature – please click here.
Newsletter
We offer on our website the possibility to register for our newsletter. After registration we will inform you regularly about the latest news on our offers. A valid e-mail address is required to register for the newsletter. To verify the e-mail address, you will first receive a registration e-mail, which you must confirm via a link (double opt-in). If you subscribe to the newsletter on our website, we process personal data such as your e-mail address and name based on the consent you have given. The processing is based on the legal basis of Art. 6 (1) a GDPR. You can revoke the consent given at any time with effect for the future, for example via the “unsubscribe” link in the newsletter or by contacting us via the channels mentioned above. The legality of the data processing operations already carried out remains unaffected by the revocation.
When registering for the newsletter, we also store the IP address and the date and time of registration. The processing of this data is necessary in order to be able to prove that consent has been given. The legal basis results from our legal obligation to document your consent (Art. 6 para. 1 letter c in conjunction with Art. 7 para. 1 GDPR).
We analyze the reading behavior and opening rates of our newsletter. We evaluate the data generated during the delivery and retrieval of our emails in aggregated and anonymized form (delivery rate, open rate, click rates, unsubscribe rate, bounce rate, visits, completions) in order to measure the use and success of the emails. The legal basis for the analysis of our newsletter is Art. 6 para. 1 lit. f GDPR and the processing serves our legitimate interest in optimizing our newsletter.
On the other hand, we also evaluate the data generated when you retrieve and use these e-mails (time of opening, hyperlinks clicked, documents downloaded) as well as transaction data on downstream websites on a personal basis in conjunction with your e-mail address in order to send you individualized information in the future on this basis as well, which takes your interests and needs into account in the best possible way. We use the anonymous and personal data collected to provide you with personalized content and individualized information in our promotional e-mails and downstream websites. The legal basis for data processing in the context of e-mails is Art. 6 (1) a GDPR. You can revoke your consent at any time with effect for the future, for example via the “unsubscribe” link in the newsletter or by contacting us via the channels mentioned above.
For the administration of the subscriptions, the dispatch of the newsletter and the analysis, we use the service Pardot, of Salesforce (see above). Your email address will therefore be transmitted to the service provider. If you do not want your data to be processed by this service provider, you should not subscribe to or unsubscribe from the newsletter.
Contacting us by e-mail
If you send us a message via the contact email provided, we will process the transmitted data for the purpose of responding to your inquiry. We process this data based on our legitimate interest to get in touch with inquiring persons.
The legal basis for the data processing is Art. 6 para. 1 letter f GDPR.
Customer and interested party data
If you contact our company as a customer or interested party, we process your data to the extent necessary to establish or implement the contractual relationship. This regularly includes the processing of the personal master, contract and payment data provided to us as well as contact and communication data of our contact persons for commercial customers and business partners. The legal basis for this processing is Article 6 (1) b GDPR.
We also process customer and interested party data for evaluation and marketing purposes. These processing operations are carried out on the legal basis of Art. 6 (1) (f) GDPR and serve our interest in further developing our offer and informing you specifically about our offers.
Further data processing may take place if you have consented (Art. 6 para. 1 letter a GDPR) or if this is necessary for the fulfillment of a legal obligation (Art. 6 para. 1 letter c GDPR).
Privacy policies of other websites
The Testbirds website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.
Changes to our privacy policy
Testbirds keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 30 March 2023.
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that Testbirds has not addressed your concern in a satisfactory manner, you may contact a supervisory authority.
Raffles & Sweepstakes
Conditions of participation to raffles/sweepstakes
Participation in raffles and their execution are determined by the following provisions: The execution of raffles/sweepstakes as well as the determination of the winners is the sole responsibility of Testbirds. In the event that a provision of the prices should not be possible or due to unforeseen high costs the winners will receive a replacement of equal value.
Participation
- You must be 18 or over to participate in competitions. Minors are excluded from participation.
- Persons excluded from participation are employees of Testbirds, the persons directly involved in the competition as well as their relatives and all persons who violate the conditions of participation or who want to obtain an advantage in an unauthorised way. Testbirds reserves the right to exclude people from raffles and competitions if that appears necessary for the sake of fairness and equal opportunity to other participants.
- All participation takes place by telephone, SMS and / or online depending on the respective competition. We will get in touch with the winners directly after the contest has ended. Due to data security and privacy reasons Testbirds will not post information on participants or winners on our pages or channels.
- To participate in the raffle it is absolutely necessary that all personal data is veridical and completed.
Implementation and execution
- The winners will be determined through a random lottery process from all participants or in case of a competition question from all participants with the correct solution. Unless otherwise indicated, each participant is only entitled to one prize per competition.
- Testbirds will notify winners by writing and / or by telephone. If winnings are not collected by the winner within a time limit set by Testbirds, the termination of the winnings will be at the discretion of Testbirds.
- The winners are not entitled to change or supplement the respective prize. Follow-up costs which are triggered by the respective prize are to be paid by the winners themselves.
- Claims for substitute cash payments do not exist.
- Prize entitlements are not transferable.
Data protection
- By registering to a competition, participants expressly agree that Testbirds is allowed to store the necessary data for the duration of the competition and process it for the purpose of processing the prize.
- Testbirds commits itself to comply with the statutory provisions of data protection. Particularly in this context, Testbirds points out to the information of data protection.
Other
- Any recourse to courts of law is excluded.
- The law of the Federal Republic of Germany is the only applicable one.
- Testbirds reserves the right to change these terms and conditions at any time without notice.
This raffles and sweepstakes notice was last updated late March 2018.