Contact now

Data protection declaration


We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of GIM Gesellschaft für innovative Marktforschung mbH. It is generally possible to use the GIM Gesellschaft für innovative Marktforschung mbH website without providing any personal data. However, if a data subject wishes to make use of special services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to GIM Gesellschaft für innovative Marktforschung mbH. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this data protection declaration.

As the controller, GIM Gesellschaft für innovative Marktforschung mbH has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.  

Do you have any questions, suggestions or requests? Please click here.

1. Definitions

The data protection declaration of GIM Gesellschaft für innovative Marktforschung mbH is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.

We use the following terms, among others, in this privacy policy

(a) personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject

Data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

f) Pseudonymization

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) Controller or controller responsible for the processing

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

j) third party

A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent

Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. name and address of the controller responsible for processing

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is

GIM Gesellschaft für innovative Marktforschung mbH

Goldschmidtstraße 4-6

69115 Heidelberg

Heidelberg, Germany

Phone: +49 (0)6221 8328-0

E-mail: info@g-i-m.com

Website: www.g-i-m.com

Data Protection Officer:

Lutz Goldschmidt

E-mail: datenschutz@g-i-m.com

3. Cookies

The Internet pages of the Gesellschaft für innovative Marktforschung mbH use cookies. Cookies are text files that are placed and stored on a computer system via an Internet browser.

Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters that can be used to assign websites and servers to the specific internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, the GIM Gesellschaft für innovative Marktforschung mbH can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie, the information and offers on the website of GIM Gesellschaft für innovative Marktforschung mbH can be optimized for the benefit of the user. As already mentioned, cookies enable us to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website, as this is done by the website and the cookie stored on the user's computer system. 

In order to further improve the services and website of GIM Gesellschaft für innovative Marktforschung mbH, GIM Gesellschaft für innovative Marktforschung mbH uses cookies for anonymous statistical and analytical purposes. With the help of these cookies, GIM Gesellschaft für innovative Marktforschung mbH can, for example, determine the number of visitors and the effect of certain pages of the GIM Gesellschaft für innovative Marktforschung mbH website and optimize our content. When you visit the GIM Gesellschaft für innovative Marktforschung mbH website, you can decide for yourself whether you wish to allow this.

The data subject can also prevent the setting of cookies by the GIM Gesellschaft für innovative Marktforschung mbH website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of statistics cookies. Furthermore, statistics cookies that have already been set can be deleted at any time via an Internet browser or other software programs. 

By clicking on “Accept necessary cookies” in the cookie policy banner, you also prevent the collection of statistics cookies. The cookie settings can be changed at any time - please click on “Cookie Policy” in the footer. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of the GIM Gesellschaft für innovative Marktforschung mbH website may be fully usable.

4. Collection of general data and information

The website of the GIM Gesellschaft für innovative Marktforschung mbH collects a series of general data and information when a data subject or automated system calls up the website. This general data and information is stored in the server log files. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website can be recorded, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems.

When using these general data and information, the GIM Gesellschaft für innovative Marktforschung mbH does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

5. Analysis tools and advertising

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

The storage of Google Analytics cookies is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behavior in order to optimize both its website and its advertising.

IP anonymizationWe have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

Even if you have previously consented to the use of cookies, you can prevent the collection of your data by Google Analytics by clicking on the cookie policy bar (bottom left) and clicking on “Reject”.

This will set an opt-out cookie that will prevent the collection of your data on future visits to this website.

You can find more information on how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order data processing

We have concluded a contract with Google for commissioned data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic characteristics in Google Analytics

This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.

Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).

If you have given your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you sign in with your Google account.

To support this function, Google Analytics collects Google-authenticated user IDs that are temporarily linked to our Google Analytics data to define and create target groups for cross-device advertising.

You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account by following this link: https://www.google.com/settings/ads/onweb/.

The aggregation of the data collected in your Google Account is based exclusively on your consent, which you can give or withdraw from Google (Art. 6 para. 1 lit. a GDPR). For data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merging), the collection of data is based on Art. 6 para. 1 lit. f GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes.

Further information and the data protection provisions can be found in Google's privacy policy at: https://www.google.com/policies/technologies/ads/.

Google AdWords and Google Conversion Tracking

This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).

As part of Google AdWords, we use what is known as conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google Conversion Tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.

The storage of “conversion cookies” takes place on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behavior in order to optimize both its website and its advertising.

You can find more information about Google AdWords and Google Conversion Tracking in Google's privacy policy: https://www.google.de/policies/privacy/.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Google reCAPTCHA

On this website, we use the reCAPTCHA function of Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland). This function is primarily used to distinguish whether an entry (e.g. sending a contact form) is made by a human or by automated machines (“bots”). The processed data may include IP addresses, information on operating systems, devices or browsers used, language settings, location, mouse movements, keyboard strokes, time spent on websites, previously visited websites, interactions with ReCaptcha on other websites. Further information about Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/

Use of Microsoft Advertising (Bing Ads)

This website uses the Microsoft Advertising service, a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). This service enables conversion tracking and optional personalized advertising measures (remarketing).

Conversion tracking with UET tag

Microsoft's Universal Event Tracking (UET) tag is used on this website to analyze user behavior and measure advertising effectiveness. When the website is visited, a cookie is set in the user's browser via the UET tag if an ad in the Microsoft advertising network (e.g. Bing search or Microsoft Audience Network) has previously been clicked on.

The UET tag collects pseudonymized information about how users interact with the website - e.g. which pages were accessed, which forms were filled out or which goals were achieved. The information generated in this way is used to evaluate Microsoft Advertising campaigns and enables the assignment of so-called conversions (e.g. forms sent) to the respective advertisements.

Remarketing (only with consent)

In addition, Microsoft may use the information collected via the UET tag to create pseudonymized target groups for remarketing campaigns based on previous user behavior. This means that visitors to our website can be shown targeted advertising when they subsequently use other Microsoft services or partner websites - for example, for products or content that they have previously viewed on our website.

This function is only activated if the user has expressly consented to the use of marketing cookies.

Types of data and data transmission

When using Microsoft Advertising, the following data in particular may be processed

- IP address (shortened and pseudonymized),

- browser type, operating system, screen resolution,

- pages visited, duration of the visit, content clicked on,

- URL of origin (referrer) and search terms used.

Persons are not directly identified. Processing is exclusively pseudonymized. Microsoft may process the collected data on servers in the USA. Microsoft is certified in accordance with the EU-US Data Privacy Framework (DPF). This ensures an adequate level of data protection for data transmission in accordance with Art. 45 GDPR.

Legal basis and revocation

The processing of personal data in the context of Microsoft Advertising is based on Art. 6 para. 1 lit. a GDPR (consent). Users must actively consent to its use via the Consent Management Tool on this website. Without consent, Microsoft Advertising will not be used and data will not be processed for advertising purposes.

Consent can be revoked at any time with effect for the future via the cookie settings on this website.

In addition, personalized advertising by Microsoft can be deactivated using the following opt-out options:

https://account.microsoft.com/privacy/ad-settings/signedout

Further information on data processing by Microsoft can be found in Microsoft's privacy policy:

https://privacy.microsoft.com/de-de/privacystatement

LinkedIn Analytics and LinkedIn Ads

We use the conversion tracking technology and the retargeting function of Linkedin Ireland Unlimited Company, 70 Sir John Rogerson's Quay, Dublin 2, Dublin, D02r296, Ireland on our website.

With the help of this technology, visitors to this website can be shown personalized advertisements on LinkedIn. Furthermore, it is possible to create anonymous reports on the performance of the advertisements and information on website interaction. For this purpose, the LinkedIn Insight tag is integrated on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged into your LinkedIn account at the same time.

In LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy you will find further information on data collection and data use as well as the options and rights to protect your privacy. If you are logged in to LinkedIn, you can deactivate data collection at any time by clicking on the following link: https://www.linkedin.com/psettings/enhanced-advertising

We use LinkedIn Insight Tags to design our website to meet your needs and to advertise it (legitimate interest pursuant to Art. 6 (1) lit f. GDPR).

6. Registration on Our Website

Data subjects have the possibility to register on the website of the controller by providing personal data. Which personal data is transmitted to the controller is determined by the respective input form used for registration. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for transfer to one or more processors, for example a parcel service, who also uses the personal data exclusively for internal use attributable to the controller.

When registering on the website, the IP address assigned by the Internet Service Provider (ISP) and the date and time of registration are also stored. This data is stored because it is the only way to prevent misuse of our services and, if necessary, to investigate committed offenses. Therefore, the storage of this data is required for the security of the controller. This data will not be passed on to third parties unless there is a legal obligation to do so or it serves the purpose of criminal prosecution.

Registration of the data subject, with the voluntary provision of personal data, is intended to enable the controller to offer the data subject content or services that may only be offered to registered users. Registered persons are free to modify the personal data provided during registration at any time or to have it completely deleted from the controller’s data records.

The controller shall, at any time upon request, provide information to each data subject about what personal data is stored about the data subject. In addition, the controller shall correct or delete personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations. All employees of the controller are available to the data subject in this respect as contact persons.

7. Subscription to Our Newsletter and Downloading Whitepapers/Studies

The website of GIM Gesellschaft für innovative Marktforschung mbH offers users the opportunity to subscribe to our company’s newsletter and to download whitepapers or studies. The input form used determines what personal data is transmitted.

GIM Gesellschaft für innovative Marktforschung mbH regularly informs its customers and business partners about company offers by means of newsletters and follow-up emails after the download of a whitepaper or study. These communications are only sent to data subjects who (1) have a valid email address and (2) have registered for the newsletter and/or downloaded a whitepaper or study. For legal reasons, a confirmation email will be sent using the double opt-in procedure to the email address entered by the data subject. This confirmation email is used to verify whether the owner of the email address authorized the subscription.

When registering for the newsletter or downloading a whitepaper/study, we also store the IP address assigned by the ISP to the computer system used at the time of registration, as well as the date and time of registration. This data is required to understand the (potential) misuse of an email address at a later date and thus serves the legal protection of the controller.

The personal data collected during registration or download will be used exclusively for sending the newsletter or whitepaper/study and related follow-up communications. Subscribers may also be informed via email if this is necessary for the operation of the newsletter or download service or in the case of technical changes.

Our service providers:
The email services are provided by HubSpot, a company based in the USA. Personal data may be transferred to the USA, where HubSpot ensures adequate safeguards, including EU Standard Contractual Clauses. In addition, data is transmitted to our technical service provider Ahorn GmbH.

These services may be canceled at any time by the data subject. Consent to the storage of personal data can be revoked at any time. Each newsletter/email contains a corresponding unsubscribe link. It is also possible to unsubscribe directly by sending an email to marketing@g-i-m.com or by contacting the controller in another way.

8. Newsletter Tracking and Whitepaper/Study Downloads

The newsletters (this includes emails sent as part of the newsletter subscription as well as follow-up emails after the download of a whitepaper or study) of GIM Gesellschaft für innovative Marktforschung mbH contain what are known as tracking pixels. A tracking pixel is a miniature graphic embedded in emails sent in HTML format to enable log file recording and analysis. This allows for statistical evaluation of the success or failure of online marketing campaigns.

Using the embedded tracking pixel, GIM Gesellschaft für innovative Marktforschung mbH can determine whether and when an email was opened by a data subject and which links in the email were clicked.

The personal data collected via the tracking pixels contained in newsletters is stored and evaluated by the controller in order to optimize newsletter and follow-up email distribution after a whitepaper download and to better tailor future newsletters and whitepapers to the interests of the respective target group. These personal data will not be disclosed to third parties. Data subjects may withdraw their specific consent—granted through the double opt-in procedure—at any time. Upon withdrawal, this personal data will be deleted by the controller. Unsubscribing from the newsletter or follow-up emails after a whitepaper download is interpreted by GIM Gesellschaft für innovative Marktforschung mbH as a withdrawal of consent.

9. Use of SalesViewer

Our website uses the tool SalesViewer to identify companies that visit our website. SalesViewer helps us collect information about the origin and industry affiliation of visitors based on their IP address. We use this information to improve our marketing and sales activities and to better approach potential business partners.

SalesViewer processes personal data such as IP addresses, company names, industry affiliations, and geolocation data. These data are used to provide relevant content and offers to companies visiting our website. The processing is based on our legitimate interest (Art. 6(1)(f) GDPR) in improving our marketing and sales efforts and in targeting companies more effectively.

It is possible that personal data processed by SalesViewer may be transferred to third countries. In such cases, SalesViewer ensures that appropriate safeguards in accordance with the GDPR—particularly the use of EU Standard Contractual Clauses—are in place to ensure an adequate level of data protection.

Users have the right to object to the processing of their data by SalesViewer at any time. This can be done by disabling cookies in the browser settings. More information can be found in the cookie policy on this website.

10. Use of Microsoft Clarity

This website uses the web analytics service Microsoft Clarity, a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). Clarity allows us to analyze usage behavior on this website in order to improve usability and the user experience.

Clarity uses cookies and similar technologies to collect usage data, including mouse movements, clicks, scrolling behavior, and technically required access information. Personal data such as IP addresses may also be collected and pseudonymized or anonymized before storage.

Our implementation of Clarity ensures that sensitive data (e.g., form content) is automatically obscured through so-called "data masking" functions. This ensures that individual users cannot be identified.

Clarity enables “session replays”—visual reconstructions of session histories in anonymized form. Interactions such as mouse movements, clicks, and scrolling are recorded, but not the content of form fields or other sensitive data.

Despite careful configuration of the data masking function, it cannot be entirely ruled out that personal data may be collected in exceptional cases—e.g., when third-party plugins or embedded forms are not correctly masked. The operators of this website implement appropriate technical and organizational measures to prevent such occurrences.

The processing of data via Microsoft Clarity is based on Art. 6(1)(a) GDPR (consent), provided the user has explicitly given consent via the consent management tool. Without such active consent, Microsoft Clarity is not used.

The data collected through Clarity may be transferred to Microsoft servers in the United States. Microsoft is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of protection in accordance with Art. 45 GDPR.

Further information on data processing by Microsoft Clarity can be found in Microsoft’s privacy policy:
https://privacy.microsoft.com/en-us/privacystatement

Users can withdraw their consent at any time via the cookie settings on this website.

11. Contact Options via the Website

Due to legal regulations, the website of GIM Gesellschaft für innovative Marktforschung mbH contains information that enables quick electronic contact with our company and direct communication with us. This also includes a general address for electronic mail (email address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the controller is stored for the purposes of processing or contacting the data subject. This personal data is not passed on to third parties.

12. Routine Erasure and Blocking of Personal Data

The controller processes and stores the personal data of the data subject only for the period necessary to achieve the purpose of storage or as required by European legislation or other applicable laws or regulations.

If the storage purpose ceases to apply or if a storage period prescribed by European legislation or another relevant legal framework expires, the personal data will be routinely blocked or deleted in accordance with legal requirements.

13. Transfer of Personal Data to Third Parties; Social Plug-ins

a) Our websites may include content and services from third-party providers. If you click on such an offer, we may transmit data to the relevant provider as necessary (e.g., informing them that you found their offer through our website and providing any information you have already entered on our site that is relevant to that offer).

b) If we use “social plug-ins” from social networks such as Facebook, Twitter, or Google+ on our website, we integrate them as follows: When you visit our websites, these plug-ins are deactivated, meaning no data is transmitted to the operators of these networks. You can activate the plug-ins by clicking on them, thereby establishing a direct connection to the respective network's server.

If you are logged into the social network when activating the plug-in, the network can associate your visit to our site with your user account. If you want to prevent this, log out of the respective network before activating the plug-in. Social networks cannot associate your visit to other websites unless a social plug-in on that site is also activated.

When you activate a social plug-in, the content is transmitted directly to your browser and embedded into our site. In this case, data transmissions initiated and controlled by the social network may occur. Your connection to a social network, data transfers between the network and your system, and your interactions on the platform are subject exclusively to the privacy policies of the respective network. The plug-in remains active until you deactivate it or delete your cookies.

c) Clicking on a third-party offer or activating a social plug-in may result in the transfer of personal data to providers located in countries outside the European Economic Area that do not ensure an adequate level of data protection according to EU standards. Please keep this in mind before clicking such links or activating plug-ins.

14. Rights of the Data Subject

a) Right to Confirmation
Data subjects have the right to obtain confirmation from the controller as to whether personal data concerning them is being processed. If you wish to exercise this right, you may contact any employee of the controller at any time.

b) Right of Access
Data subjects have the right to obtain free information about their stored personal data and a copy of this information at any time. Furthermore, the GDPR grants data subjects access to the following:

the purposes of the processing

the categories of personal data concerned

the recipients or categories of recipients to whom the personal data have been or will be disclosed

the envisaged storage period or criteria for determining this period

the existence of a right to rectification or erasure of personal data or restriction of processing or objection

the existence of a right to lodge a complaint with a supervisory authority

where the personal data is not collected from the data subject: any available information about the data source

the existence of automated decision-making, including profiling, and meaningful information about the logic involved and the envisaged consequences of such processing

If personal data has been transferred to a third country or an international organization, the data subject shall have the right to be informed of the appropriate safeguards related to the transfer.

c) Right to Rectification
Data subjects have the right to request the rectification of inaccurate personal data and the completion of incomplete data, including by means of a supplementary statement.

d) Right to Erasure ("Right to Be Forgotten")
Data subjects have the right to request the immediate deletion of their personal data where one of the following applies:

The data is no longer necessary for the purposes for which it was collected.

The data subject withdraws their consent, and there is no other legal basis for the processing.

The data subject objects to the processing, and there are no overriding legitimate grounds.

The personal data was unlawfully processed.

Deletion is required to comply with a legal obligation under EU or Member State law.

The personal data was collected in relation to services offered to a child.

If personal data has been made public by GIM Gesellschaft für innovative Marktforschung mbH and we are obliged to delete it, we will take reasonable steps—including technical measures—to inform other controllers processing the data that the data subject has requested the deletion of all links, copies, or replications of the data.

e) Right to Restriction of Processing
Data subjects have the right to request restriction of processing if one of the following applies:

The accuracy of the data is contested.

The processing is unlawful and the data subject opposes erasure.

The data is no longer needed by the controller, but required by the data subject for legal claims.

The data subject has objected to the processing and the decision is pending.

f) Right to Data Portability
Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller, where technically feasible and where this does not adversely affect the rights of others.

g) Right to Object
Data subjects have the right to object to processing based on legitimate interests (Art. 6(1)(e) or (f) GDPR). This also applies to profiling based on those provisions.

If GIM Gesellschaft für innovative Marktforschung mbH processes personal data for direct marketing, data subjects may object at any time. This also applies to profiling related to direct marketing.

h) Automated Decisions Including Profiling
Data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, that has legal effects or significantly affects them—unless the decision is:

necessary for entering into or performing a contract

authorized by Union or Member State law

based on the data subject’s explicit consent

In such cases, we will take reasonable measures to safeguard the data subject’s rights and freedoms, including the right to obtain human intervention.

i) Right to Withdraw Consent
Data subjects have the right to withdraw their consent at any time. To do so, they can contact any employee of the controller.

15. Legal Basis for Processing

Art. 6(1)(a) GDPR is the legal basis for processing operations for which we obtain consent for a specific purpose. If the processing is necessary for the performance of a contract to which the data subject is party (e.g., delivering goods or providing services), it is based on Art. 6(1)(b) GDPR. This also applies to processing required for pre-contractual measures (e.g., inquiries).

If our company is subject to a legal obligation requiring the processing of personal data (e.g., for tax obligations), the processing is based on Art. 6(1)(c) GDPR.

In rare cases, processing may be necessary to protect the vital interests of the data subject or another person (e.g., in a medical emergency), based on Art. 6(1)(d) GDPR.

Finally, processing may be based on Art. 6(1)(f) GDPR, if necessary for the purposes of legitimate interests pursued by our company or a third party—provided those interests are not overridden by the interests or fundamental rights and freedoms of the data subject. This legitimate interest may exist, for example, when the data subject is a customer (Recital 47, sentence 2 GDPR).

17. Duration for Which Personal Data Is Stored

The criterion for the duration of the storage of personal data is the respective statutory retention period. After this period has expired, the relevant data is routinely deleted, provided it is no longer necessary for contract performance or contract initiation.

18. Statutory or Contractual Requirements for Providing Personal Data; Necessity for the Conclusion of a Contract; Obligation of the Data Subject to Provide the Data; Possible Consequences of Non-Provision

We inform you that the provision of personal data is partly required by law (e.g., tax regulations) or can also result from contractual arrangements (e.g., details about the contracting party). It may sometimes be necessary for a contract to be concluded that a data subject provides us with personal data that must subsequently be processed by us.

For example, the data subject is obliged to provide us with personal data if our company signs a contract with them. Failure to provide the personal data would result in the contract with the data subject not being able to be concluded.

Before providing personal data, the data subject may contact one of our employees. Our employee will explain to the data subject on a case-by-case basis whether the provision of personal data is required by law or contract, or is necessary for the conclusion of the contract, whether there is an obligation to provide the data, and what the consequences would be of not providing the data.

19. Existence of Automated Decision-Making

As a responsible company, we do not use automated decision-making or profiling.

If you have any questions about data protection, you are welcome to contact our Data Protection Officer:


Lutz Goldschmidt
Email: datenschutz@g-i-m.com