10 % off 2026 stays from 7 nights – Code: SMARTBIRD
Data protection
We operate our websites in accordance with the principles set out below:
We are committed to complying with the statutory provisions on data protection and strive to always observe the principles of data avoidance and data minimization.
1. Name and address of the controller and the data protection officer
The person responsible
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union as well as other data protection regulations is
smartments Betriebsgesellschaft mbH
Am Tullnaupark 15
90402 Nürnberg
The data protection officer
You can reach the data protection officer of the controller as follows
SiDIT GmbH, www.sidit.de, E-Mail: info@sidit.de
2.Definitions
We have designed our privacy policy in accordance with the principles of clarity and transparency. However, if there are any uncertainties regarding the use of various terms, the corresponding definitions can be viewed here.
3. Legal basis for the processing of data
We only process your personal data, such as your surname and first name, your email address and IP address, etc., if there is a legal basis for doing so. According to the General Data Protection Regulation, the following regulations in particular come into consideration here:
– Art. 6 para. 1 sentence 1 lit. a GDPR: The data subject has given their consent to the processing of their personal data for one or more specific purposes.
– Art. 6 para. 1 sentence 1 lit. b GDPR: Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
– Art. 6 para. 1 sentence 1 lit. c GDPR: Processing is necessary for compliance with a legal obligation to which the controller is subject
– Art. 6 para. 1 sentence 1 lit. d GDPR: Processing is necessary in order to protect the vital interests of the data subject or of another natural person
– Art. 6 para. 1 sentence 1 lit. e GDPR: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
– Art. 6 para. 1 sentence 1 lit. f GDPR: processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child
However, we will always point out the legal basis on which your personal data is processed at the relevant points in this privacy policy.
Consent of the legal guardians pursuant to Art. 8 para. 1 sentence 2 alt. 2 GDPR
A legal guardian must consent to all data processing on this website for which the consent of a minor who has not yet reached the age of 16 is required.
Information on the individual data processing operations, their purposes and the categories of data concerned, for which the consent of the data subject is required, can be found in the privacy policy.
You can withdraw your consent at any time by sending a declaration of withdrawal in text form to the contact details of the controller. Processing will remain lawful until you withdraw your consent.
Processing of information pursuant to Section 25 (1) TDDDG
We also process information in accordance with Section 25 (1) TDDDG by storing information on your terminal equipment or by accessing information that is already stored on your terminal equipment. This may involve both personal information and non-personal data, e.g. cookies, browser fingerprints, advertising IDs, MAC addresses and IMEI numbers. Terminal equipment is any equipment connected directly or indirectly to the interface of a public telecommunications network for sending, processing or receiving messages, Section 2 (2) No. 6 TDDDG.
As a rule, we process this information on the basis of your consent, Section 25 (1) TDDDG.
Insofar as an exception according to § 25 para. 2 no. 1 and no. 2 TDDDG is given, we do not require consent. Such an exception is given if we only access or store the information in order to transmit a message via a public telecommunications network or if this is absolutely necessary so that we can provide a telemedia service expressly requested by you. You can withdraw your consent at any time. We inform you that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
4. Disclosure of personal data
The disclosure of personal data also constitutes processing within the meaning of section 3 above. However, we would like to take this opportunity to inform you separately about the issue of disclosure to third parties. The protection of your personal data is very important to us. For this reason, we are particularly careful when it comes to passing on your data to third parties.
Data is therefore only passed on to third parties if there is a legal basis for the processing. For example, we pass on personal data to persons or companies who work for us as processors in accordance with Art. 28 GDPR. A processor is anyone who processes personal data on our behalf – i.e. in particular in a relationship of instruction and control with us
In accordance with the requirements of the GDPR, we conclude a contract with each of our processors in order to oblige them to comply with data protection regulations and thus ensure comprehensive protection of your data.
5. Storage period and deletion
Your personal data will be deleted by us if they are no longer necessary for the purposes for which they were collected or otherwise processed, if the processing is not necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
6. SSL or TLS encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
7. Cookies
We use cookies on our website. Cookies are small data packets that your browser automatically creates and that are stored on your end device when you visit our website. These cookies are used to store information in connection with the end device used.
When cookies are used, a distinction is made between technically necessary cookies and “other” cookies. Technically necessary cookies are those that are absolutely necessary in order to provide an information society service that you have expressly requested.
Technically necessary cookies
In order to make the use of our website more pleasant for you, we use technically necessary cookies, which may be so-called session cookies (e.g. language and font selection, shopping cart, etc.), consent cookies, cookies to ensure server stability and security or similar. The legal basis for the cookies results from Art. 6 para. 1 sentence 1 lit. f) GDPR, our legitimate interest in the error-free operation of the website and the interest in providing you with our services in an optimized manner.
More cookies
Other cookies include cookies for statistical, analytical, marketing and retargeting purposes.
We use these cookies for you on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.
You can revoke your consent to the use of cookies at any time.
We inform you that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
To do this, you can either edit your cookie settings on our website, deactivate the use of cookies in your browser settings (whereby this may also restrict the functionality of the online offer) or set an opt-out for the corresponding service in individual cases.
We will inform you of the legal basis on which this data is processed for the respective services within the privacy policy.
8. Cookie banner / consent management
To obtain consent for the cookies we use, we use the cookie banner of the service provider Digital Data Solutions B.V. (CookieFirst), Plantage Middenlaan 42a, 1018DH, Amsterdam. This service provider itself sets a so-called consent cookie in order to query and process the respective consent status. This consent cookie is technically necessary and is therefore used on the basis of our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, § 25 para. 1 TDDDG.
For the use of some services of the Google/Alphabet Group, we use the so-called Google Consent Mode V2 in Basic Mode. Details on this consent mode can be found on the Google website at https://developers.google.com/tag-platform/security/guides/consent?hl=de&consentmode=advanced.
The use of Consent Mode is technically necessary and is therefore used on the basis of our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.
9. Collection and storage of personal data and the nature and purpose of its use
External hosting
Our website is hosted by METANET AG, Josefstrasse 218, CH-8005 Zurich. For this reason, all personal data collected on our website is stored on the servers of our hoster, unless an external service of a third party is integrated. This may be the IP address, your e-mail address, communication data or similar. You can find out which specific personal data is involved in the individual functions and services explained by us below. If we use an external service from a third party, this will be made clear in the description of the respective service or tool.
The hoster processes your data only on our instructions and insofar as this is necessary to fulfill the services on the website. The hoster does not process the data for its own purposes. We have concluded an order processing contract with the host.
When visiting the website
When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:
– IP address of the requesting computer
– Date and time of access
– the browser used and, if applicable, the operating system of your computer and the name of your access provider
We process the aforementioned data for the following purposes:
– Evaluation of system security and stability
– Error analysis
Data that allows conclusions to be drawn about your person, such as the IP address, will be deleted after 7 days at the latest. If we store the data beyond this period, this data is pseudonymized so that it can no longer be assigned to you.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.
Booking apartments
We offer users the opportunity to book furnished accommodation in Germany and Austria on our website. For this purpose, we use the API of Apaleo GmbH, Dachauerstr. 15 A, 80335 Munich, Germany.
The following personal data may be processed as part of the booking:
– Name and contact details of guests
– Reservation details
– Payment information
– IP addresses and device information
This data is processed in order to manage bookings, process payments and organize the guests’ stay.
This data is processed in accordance with Art. 6 para. 1 lit. b GDPR for the performance of a contract or in order to take steps prior to entering into a contract. Insofar as the processing of data is necessary to safeguard legitimate interests, it is carried out in accordance with Art. 6 para. 1 lit. f GDPR.
An order processing contract has been concluded with Apaleo GmbH in accordance with Art. 28 GDPR, which ensures compliance with data protection requirements.
Further information on data protection at Apaleo can be found in Apaleo’s privacy policy at https://apaleo.com/de/privacy-policy.
If you decide to pay with one of the online payment service providers offered by us as part of your order process, your contact details will be transmitted to them as part of the order triggered in this way. The lawfulness of the transfer of the data is based on Art. 6 para. 1 sentence 1 lit. b GDPR, for the execution of the payment method you have chosen and our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR to enable user-friendly and uncomplicated payment processing.
The personal data transmitted to the online payment service provider is usually first name, last name, address, telephone number, IP address, e-mail address, or other data required for order processing, as well as data related to the order, such as number of items, item number, invoice amount and taxes as a percentage, billing information, etc.
This transmission is necessary to process your order with the payment method you have selected, in particular to confirm your identity, to administer your payment and the customer relationship.
Please note, however, that personal data may also be passed on by the online payment service provider to service providers, subcontractors or other affiliated companies if this is necessary to fulfill the contractual obligations arising from your order or if the personal data is to be processed on our behalf.
Depending on the selected payment method, e.g. invoice or direct debit, the personal data transmitted to the provider will be transmitted by the provider to credit agencies. This transmission serves to check your identity and creditworthiness in relation to the order you have placed. You can find out which credit agencies are involved here and which data is generally collected, processed, stored and passed on by the respective provider in the respective data protection declarations of the providers:
PayPal
PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg at https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Sofortüberweisung
SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany
If you have any further questions about the use of your personal data, you can contact Sofortüberweisung by e-mail (datenschutz@sofort.com) or in writing (SOFORT GmbH, Datenschutz, Theresienhöhe 12, 80339 Munich).
Further information on data protection:
https://cdn.klarna.com/1.0/shared/content/legal/terms/de/bt_payment_data_privacy
If you decide to pay by credit card, we collect and process your necessary personal data and forward it to the card-issuing institution for payment processing and to fulfill the legal requirements, such as customer authentication in accordance with the EU Payment Services Directive PSD2.
This data is forwarded for payment processing in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR and to fulfill our legal obligation to carry out strong customer authentication in accordance with Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with Directive EU 2015/2366 (PSD 2) or the Payment Services Supervision Act (ZAG) to combat money laundering and criminal prosecution.
The technical processing of the credit card payment is carried out by the Payment Service
Provider Adyen N.V., Simon Carmiggeltstraat 6-50, 1011 DJ in Amsterdam, the Netherlands. This provider has been commissioned for the technical management of payment transactions, including the implementation of the 3D Secure 2.0 process in accordance with Art. 28 GDPR. Other recipients of the data are the banks involved (on the one hand the card-issuing bank – the issuer – and on the other hand the merchant’s credit card-accepting bank – the acquirer.
You can find Ayden’s privacy policy at https://www.adyen.com/de_DE/privacy-policy
Newsletter
Content of the newsletter and registration data
We will only send you our newsletter and carry out statistical surveys and analyses and log the registration process if you order it from us and have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para.1 TDDDG.
The contents of the newsletter are described in detail when you register for the newsletter. To register for the newsletter, it is sufficient to provide your e-mail address. If you provide further voluntary information, such as your name and/or gender, this will be used exclusively to personalize the newsletter addressed to you.
Double opt-in and logging For security reasons, we use the so-called double opt-in procedure to register for our newsletter so that nobody can register with other people’s e-mail addresses. After registering for our newsletter, you will therefore first receive an e-mail asking you to confirm your registration. Only when you confirm your registration will it become effective.
Furthermore, your registration for the newsletter will be logged. The logging includes the storage of the time of registration and confirmation, the data you provide and your IP address. If you make changes to your data, these changes will also be logged.
Revocation
If you no longer wish to receive our newsletter, you can revoke your consent at any time for the future. To do so, you can click on the unsubscribe link at the end of each newsletter or send us an e-mail to the following e-mail address: info(at)smartments.com
The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Use of sendinblue / Brevo
We use the e-mail tool Brevo from Sendinblue GmbH, Köpenickerstr. 126, 10179 Berlin, Germany, to send our newsletter.
For this purpose, the data you provide will be forwarded to sendinblue and processed by it. This tool enables us to evaluate how the newsletters are opened and used.
Sendinblue is a German company whose servers are located in Germany, so that they are also subject to the provisions of the BDSG and the GDPR.
We have also concluded an order processing contract with sendinblue. Sendinblue does not obtain the right to pass on your data.
You can find further information on data protection at sendinblue/Brevo at: https://www.brevo.com/de/legal/privacypolicy/
Contact form
We provide you with a form on our website so that you have the opportunity to contact us at any time. To use the contact form, it is necessary to provide a name for a personal salutation and a valid e-mail address so that we know who sent the request and can process it.
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there and your IP address, will be processed in accordance with Art. 6 para. 1 sentence 1 lit. b and f GDPR to carry out pre-contractual measures in response to your inquiry or to safeguard our legitimate interests, namely to carry out our business activities.
The requests and the associated data will be deleted no later than 3 months after receipt, unless they are required for a further contractual relationship.
Request a brochure
We offer you the option of requesting a brochure on our website. To do this, you need to enter a name for a personal salutation and a valid e-mail address so that we can send you this brochure.
Your details from the request form, including the contact details you provide there and your IP address in accordance with Art. 6 para. 1 sentence 1 lit. b and f GDPR for the implementation of pre-contractual measures that take place in response to your request or to safeguard our legitimate interest, namely to carry out our business activities.
The data will be deleted no later than 3 months after receipt, unless they are required for a further contractual relationship.
Application form
We provide you with a form on our website that you can use to apply for a job with us. Your personal data from the application will be processed in accordance with our data protection information for applicants.
The use of this form is based on our legitimate interest in a simple and secure transmission of your application documents, Art. 6 para. 1 sentence 1 lit. f) GDPR.
We use the provider Personio SE & Co KG, Rundfunkplatz 4, 80335 Munich for this purpose. We have concluded an order processing contract with them.
You can view the data protection information for the processing of personal data by us as part of the application process and by Personio itself through the provision of the application tool at https://smartments.jobs.personio.de/privacy-policy?language=de.
Use of the AI chatbot “ailean”
We use the AI-supported chatbot “ailean” (Coding Mind AG, Ueberlandstrasse 1, 8600 Dübendorf, Switzerland) on our website. “ailean” is used for automated communication with users in order to process inquiries efficiently and provide information.
The following personal data is processed when using the chatbot:
– Content of chat communication (entries and responses)
– Metadata such as message timestamps
– Device and browser information (e.g. IP address, operating system, browser type)
– Contact details, if applicable, if provided by the user
Processing is carried out for the following purposes:
– Answering user queries and providing information
– Improving service quality by analyzing chat histories
– Training and further development of the “ailean” AI models
The data is processed on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. You have the right to withdraw your consent at any time with effect for the future.
An order processing contract has been concluded with Coding Mind AG in accordance with Art. 28 GDPR to ensure the protection of your data.
Google Fonts
We use Google Fonts on our website. This enables the display of fonts. Google Fonts is a service provided by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). These web fonts are integrated by a server call, usually a Google server in the USA. This may result in the following being transmitted to the server and stored by Google:
– Name and version of the browser used
– Website from which the request was triggered (referrer URL)
– Operating system of your computer
– Screen resolution of your computer
– IP address of the requesting computer
– Language settings of the browser or operating system used by the user
You can find more information on data protection at Google and in relation to Google Fonts at:
https://developers.google.com/fonts/faq/privacy?hl=de
www.google.com/policies/privacy/
The use of Google Fonts serves to make it easier for you to read our website and to make it graphically more pleasant and is therefore based on our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
Google Tag Manager
We use the Google Tag Manager from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website. Google Tag Manager is an administration and management tool in which other tracking and/or statistics tools can be centrally managed and played out.
When you visit our website, Google Tag Manager collects and processes your IP address, which may also be transmitted to the USA. However, Google Tag Manager itself does not create any user profiles or analyses.
The use of Google Tag Manager is based on your consent in accordance with Art. 6 para. 1 sentence a GDPR.
We have concluded a contract with Google for order processing. You can find the Google privacy policy here.
Processors used
We also use the following systems to process user inquiries and bookings (efficient and fast processing of user inquiries).
– Apaleo GmbH, Dachauer Str. 15a in 80335 Munich
– Adyen N.V. German Branch, Friedrichstr. 63 in 10117 Berlin
– Klarna Bank AB (publ), Sveavägen 46 in 11134 Stockholm, Sweden
– Sofort GmbH Company of the Klarna Group
– Zendesk Inc., 1019 Market St in 94103 San Francisco, CA USA
– Straiv by Code2Order = CODE2ORDER GmbH, Eichwiesenring 4F 70567 Stuttgart, Germany
– Hotelbird GmbH, Plinganserstr. 150 in 81369 Munich
– Global Office = global office GmbH, Werkstr. 11 in 56410 Montabaur
– Calendly LLC, 271 17th St NW, Ste 1000 30363 Georgia, Atlanta USA
– DocuWare Europe GmbH – Planegger Str. 1 in 82110 Germering
– HappyHotel – revenue cloud solutions GmbH – In der Spöck 12 in 77656 Offenburg
– ReviewPro – Shiji Information Technology Spain, S.A. Pg. De Gracia 17, 6th Fllor in 08007 Barcelona
– Microsoft Corporation – One Microsoft Way, 98052-6399 Redmond, WA, USA
– Paypal ( Europe ) S.à.r.l. et Cie, S.C.A. – 22-24 Boulevard Royal in 2449 Luxembourg
For this purpose, we have concluded an order processing contract with the aforementioned companies in accordance with Art. 28 GDPR or a contract with so-called standard contractual clauses, in which the contractual partners undertake to process user data only in accordance with our instructions and to comply with the EU data protection level.
10. Analysis and tracking tools
We use the analysis and tracking tools listed below on our website. These serve to ensure the continuous optimization of our website and to design it in line with requirements.
We use these tools on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time by changing the cookie settings. Processing remains lawful until you withdraw your consent. The respective data processing purposes and data categories can be found in the corresponding tools. We would like to point out that we have no influence on whether and to what extent the service providers carry out further data processing.
Google Analytics
We use Google Analytics on our website, a web analysis service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”).
Google Analytics uses cookies in this context (see section 7). The information generated by the cookie about your use of this website such as
– Name and version of the browser used
– Operating system of your computer
– Website from which the access is made (referrer URL)
– IP address of the requesting computer
– Time of the server request
are usually transferred to a Google server in the USA and stored there.
Your IP address is automatically anonymized by Google before it is recorded via EU domains and servers. There is therefore no logging or storage of your IP address.
Google will use this information on our behalf to evaluate your use of our website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
We have concluded an order processing contract with Google. Please click here for an overview of data protection at Google.
Google Remarketing
We use the remarketing function of Google Analytics to target advertising campaigns – including Google AdWords campaigns – to visitors to our website.
Based on your previous visits to our website, you will be presented with relevant advertisements when you visit other websites in the Google Display Network.
The DoubleClick cookie enables Google to show us and other third-party providers targeted advertising that matches the interests determined based on your previous visits to our website and/or other websites. This advertising may be displayed on Google websites and/or other operators of the Google advertising network. We also use the Google Analytics advertising functions to analyze the effectiveness of our own advertising campaigns.
If you have agreed in your Google account that your web and app browsing history will be linked by Google to your Google account and information from your Google account will be used to personalize ads, Google will use data from you together with Google Analytics data to create target group lists for cross-device remarketing. For this purpose, Google Analytics first collects Google-authenticated IDs for you as a user on our website, which are linked to your Google account. Google Analytics then temporarily links these IDs with Google Analytics data in order to optimize our target groups.
We have concluded an order processing contract with Google. Please click here for an overview of data protection at Google.
Google Ads Conversion Tracking
We use Google Ads, an online advertising program from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our website. Conversion tracking is also used. With this tool, Google Ads places a cookie on your device when you access our website via a Google ad.
The cookie is not used for personal traceability. If you visit our website as a user and the cookie is still working, we and Google will recognize that you clicked on the corresponding ad and were redirected to our site. A different cookie is assigned to each Google Ads customer. Cookies are therefore not traceable via the websites of Ads customers.
The data collected by conversion cookies is used to generate conversion statistics for Ads customers. As Google Ads customers, we learn the total number of users who responded to our ad and were then redirected to a website that was provided with a conversion tracking tag. This allows us to recognize the success of individual advertising measures. During this process, we do not receive any information that would allow us to personally identify you as a user.
When using Google Ads, your browser automatically establishes a direct connection with the Google server and, if you have a Google account and are logged into it, can assign the visit to your account. If you do not have a Google account, Google will assign you a unique identifier. We have no influence on what other data Google collects and stores.
We have concluded an order processing contract with Google.
You can find out more about Google’s privacy policy at http://www.google.de/policies/privacy/.
Microsoft Clarity
We use the “Microsoft Claritiy” analysis service from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 USA on our website.
Usage and user-related information, such as IP address, location, time or frequency of visits to our website, is transmitted to a Microsoft server in the USA and stored there. We have activated the anonymization function at Microsoft so that your IP address is only processed in abbreviated form.
This data is used to evaluate your visit to our website and your usage behavior so that we can improve and optimize our services.
We have agreed the standard contractual clauses with Microsoft. You can find further information on data protection at Microsoft at
https://privacy.microsoft.com/de-de/privacystatement
Facebook Conversion API
We use the Facebook Conversopn API of Meta Platforms Ireland Ltd (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) on our website. We use this data interface to send tracking and event data to Meta for analysis. This includes usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data (information on the geographical position of a device or person). If necessary, your e-mail address, telephone number, gender, date of birth, first and last name, address, user IDs may also be transmitted.
By evaluating this data through Facebook, we can show you advertisements that match your usage behavior.
Further information on data protection at Meta can be found at https://www.facebook.com/about/privacy/.
LinkedIn Conversion Tracking
We use the conversion tracking function of LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) on our website. This allows us to target you with advertisements following a visit to our website. In addition, LinkedIn carries out reporting that shows how successful our advertisements are and how users generally interact with our site. If you have logged in via LinkedIn before visiting our site, this will be recognized as part of conversion tracking and you will be associated with your LinkedIn account as a visitor to our site.
We have concluded an order processing contract with LinkedIn.
Further information can be found in LinkedIn’s privacy policy:
https://www.linkedin.com/legal/privacy-policy?_l=de_DE
You also have the option of opting out of interest-based advertising via LinkedIn. This is possible via the following link:
https://www.linkedin.com/psettings/enhanced-advertising
Use of AWIN (affiliate marketing)
Our website uses the affiliate network of AWIN AG, Otto-Ostrowski-Straße 1A,
10249, Berlin, Germany, to integrate affiliate marketing programs. This involves integrating advertisements and links to offers from third-party providers through which we can receive a commission.
When you click on an affiliate link, a cookie is placed on your device that stores the following information:
– a pseudonymized user ID,
– the identification number of the affiliate,
– the serial number of the advertising material clicked on,
– Information about the device and browser used.
This data is used to track transactions (so-called tracking) and to settle commissions between us and AWIN.
Further information on the handling of your personal data by AWIN can be found in the privacy policy at https://www.awin.com/de/datenschutzerklarung#section_endverbraucher-bzw-nutzer.
Use of Leadfeeder (Dealfront)
Our website uses the technologies of Dealfront (Dealfront Finland Oy as part of Dealfront Group GmbH) to analyze visitor behavior. In this process, a visitor’s IP address is processed to help us understand which companies (B2B) visit our website.
As part of the processing, the IP address is enriched with associated information such as the company name or industry code. For this purpose, the IP address of the website visitor and the corresponding session data are compared with an extensive whitelist of known companies at the start of the session.
We have concluded an order processing contract with Dealfront Group GmbH in accordance with Art. 28 GDPR to ensure that the processing of data on our behalf complies with data protection regulations.
11. Social Media
The social media plugins listed below are used on our website to make our website better known. The legal basis for the use of social media plugins is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.
Responsibility for data protection-compliant operation must be guaranteed by the respective provider.
Facebook “Like” plugin
The Facebook “Like” plugin is integrated into this website. You can recognize it by the blue Facebook logo and the adjacent addition “Like”. The plugin is operated by Meta Platforms Ireland Limited (Hanover Reach, 5-7 Hanover Quay, Dublin 2 Ireland) and is directly connected to the Meta Platforms servers. No data is passed on to the website operator.
As soon as you activate the plugin, it collects, uses and transmits data to Meta Platforms – independently of this website – to the extent and for the purpose specified in Facebook’s privacy policy at http://www.facebook.com/policy.php (including the information that and when you visited this website). If you actively use the plugin (e.g. by clicking the “Like” button), this information is also transmitted to Meta Platforms and used there.
The type, scope and purpose of the data collected depend on whether you are registered and/or logged in to Facebook. However, data is only assigned to your Facebook account if you are currently logged in to Facebook. This means that you should log out of Facebook before visiting this website if you want to prevent any association with your Facebook profile. Meta Platforms may also process the data collected in third countries in accordance with the Facebook privacy policy.
We use functions of the Instagram service on our websites, which is operated by Meta Platforms Ireland Ltd (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).
If you click on the Instagram button on our website, the content of our website will be linked to your Instagram profile. However, this is only possible if you are logged into your Instagram account.
We would like to point out that, as the provider of the website, we have no knowledge of the content of the transmitted data or its use by Instagram.
You can find more information on this in Instagram’s privacy policy: http://instagram.com/about/legal/privacy/
We use functions of the Xing service on our websites, which is operated by XING SE
(Dammtorstraße 30, 20354 Hamburg Germany).
If you click on the Xing button on our website, the content of our website will be linked to your Xing profile. However, this is only possible if you are logged into your Xing account.
We would like to point out that, as the provider of the website, we have no knowledge of the content of the transmitted data or its use by Xing.
Further information on this can be found in Xing’s privacy policy:
12. Image, sound and video integration
Youtube
We embed videos from YouTube, which is operated by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), into our website as part of iFrame and/or via a plug-in. When embedding the videos, we have activated YouTube’s extended data protection mode.
If you play a YouTube video during your visit, a connection to the YouTube servers is established and the YouTube server is informed which of our pages you have visited. This allows YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your member account before visiting our website. In addition, YouTube sets various cookies when the service is started in order to improve the services it offers and to prevent misuse.
Further information on the handling of user data and the cookies set can be found in YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy
By integrating YouTube, Google fonts are also dynamically loaded by Google without the website operator or visitor actively determining this. These web fonts are integrated by a server call, usually a Google server in the USA. This may result in the following data being transmitted to the server and stored by Google:
– Name and version of the browser used
– Website from which the request was triggered (referrer URL)
– Operating system of your computer
– Screen resolution of your computer
– IP address of the requesting computer
– Language settings of the browser or operating system used by the user
You can find more information in Google’s privacy policy, which you can access here:
www.google.com/policies/privacy/
The legal basis results from the consent you have given in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time by changing the cookie setting on our website.
13. Rights of the data subject
You have the following rights:
Information
In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. This right to information includes information about
– the purposes of processing
– the categories of personal data
– the recipients or categories of recipients to whom your data has been or will be disclosed
– the planned storage period or at least the criteria for determining the storage period
– the existence of a right to rectification, erasure, restriction of processing or objection
– the existence of a right to lodge a complaint with a supervisory authority
– the origin of your personal data if it was not collected by us
– the existence of automated decision-making, including profiling and, where applicable, meaningful information about its details
Correction
According to Art. 16 GDPR, you have the right to immediate correction of incorrect or incomplete personal data stored by us.
Deletion
In accordance with Art. 17 GDPR, you have the right to demand that we erase your personal data without undue delay, unless further processing is necessary for one of the following reasons:
– the personal data are still necessary for the purposes for which they were collected or otherwise processed
– to exercise the right to freedom of expression and information
– for compliance with a legal obligation which requires processing by European Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
– for reasons of public interest in the area of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR
– for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing
– for the assertion, exercise or defense of legal claims
Restriction of processing
In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data for one of the following reasons:
– You dispute the accuracy of your personal data.
– The processing is unlawful and you oppose the erasure of the personal data.
– We no longer need the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims.
– You object to the processing pursuant to Art. 21 (1) GDPR.
Information
If you have requested the rectification or erasure of your personal data or a restriction of processing in accordance with Art. 16, Art. 17 or Art. 18 GDPR, we will inform all recipients to whom your personal data has been disclosed, unless this proves impossible or involves a disproportionate effort. You can request that we inform you of these recipients.
Transmission
You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format.
You also have the right to request the transfer of this data to a third party, provided that the processing is carried out using automated procedures and is based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a or Art. 9 para. 2 lit. a or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.
Revocation
In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent to us at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. In future, we may no longer continue the data processing that was based on your withdrawn consent.
Complaint
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.
Contradiction
If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying the particular situation. If you wish to exercise your right of revocation or objection, simply send an e-mail to info(at)smartments.com
Automated decision in individual cases including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
- is necessary for the conclusion or performance of a contract between you and us
- is authorized by European Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests
- with your express consent
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
In the cases referred to in i) and iii), we will take reasonable steps to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain human intervention on our part, to express your point of view and to contest the decision.
14. Amendment of the privacy policy
If we change the privacy policy, this will be indicated on the website.
Status: 09.07.2025
