Responsible for data processing on these websites:
HiveMQ GmbH (in the following “us”) represented by Christian Meinerding und Dominik Obermaier
+49 871 – 97 50 63 00
+49 871 – 97 50 63 29
1. Collection and processing of data
We collect an process personal data insofar you provide us with via an entry form on our website or by any other way for example e-mail. Moreover we collect and process data that arises during use of our website. The processing of your data is made in accordance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG) and the German Telemedia Act (Telemediengesetz – TMG). Personal data means any information relating to an identified or identifiable natural person. Below we inform you in detail about which data we process in which way and on which legal basis. Moreover we inform you about your rights and about the duration of storage of your data.
2. Processing of personal data when contacting us; Processing of personal data of applicants
If you provide us with personal data when contacting us, p.ex. by e-mail or via one of our contact forms we collect and process your data according to Art. 6 (1) sent. 1 point (b) GDPR for the performance of a contract with you or in order to take steps at your request prior to entering into a contract or according to Art. 6 (1) sent. 1 point (f) GDPR for the purpose of our legitimate interest to answer your request. We do not use your data beyond theses purposes.
Insofar you provide us with personal data or your curriculum to apply for a job offer we process your personal data on the legal basis of sec. 26 German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). According to this provision processing of your data is allowed in the context of a decision about your employment.
If we need your data after completing the application process we may continue to process your data if it is necessary for the enforcement of our rights. The legal basis may be for example Art. 6 (1) sent. 1 point (f) GDPR if we have a legitimate interest to enforce or defend against claims.
In case of refusal we delete your data after 3 months.
3. Consent to receipt of our newsletter or to subscription for new blog posts
If you register for our newsletter or to subscription for new blog posts we process your e-mail address only for the purpose of sending you the newsletter or to subscription for new blog posts. Moreover, we process your IP address in order to be able to prove your consent. After sending your e-mail address you receive a confirmation e-mail in which you have to click a link to receive the newsletter or subscription mails. This confirmation e-mail is necessary for verifying you as the owner of the e-mail address inserted. Without clicking this link you will not receive our newsletter or the subscription for new blog posts.
With the our newsletter we send you information and news about our products, services and our company. With our to subscription for new blog posts we only inform you about new blog posts. For newsletter and subscription mail sending we use a newsletter administration tool of a third party service provider. We have chosen them carefully and have made data protection related agreements with him to keep the sovereignty over your data. We analyze click and opening rates of our newsletters. However, we do this without any reference to single users, i.e. only in anonymized form.
At the bottom of each e-mail newsletter or subscription mail you will find a hyperlink via which you may unsubscribe from the newsletter or from the subscription for new blog posts at any time. You may also unsubscribe from receiving our newsletter or subscription mails at any time via a message to our contact details as mentioned above. If you withdraw your consent by unsubscribing, this does not affect the lawfulness of processing based on consent before its withdrawal.
4. Consent to the processing of your data when downloading the software HiveMQ or PDFs
Some services on our websites we offer to you free of charge but in return we ask you for your personal data so that we can contact you and ask you for information regarding your user experience and/or your opinion on the evaluation software or on the documents downloaded and to ask whether you are interested in a purchase. Therefore, you give your consent as follows:
a) PDF and/or HiveMQ Download By clicking the “Download” button after entering your data you give your consent to the processing of all data you provided for the above mentioned purposes. Your consent covers that we contact you by e-mail (no newsletter, only communication for the above mentioned purposes) and by phone.
b) Update service within evaluation software If you activate the update check within the evaluation software, you also consent to the submission of the following information to our update server when starting:
- Clear identifier (e.g. “eaec627d-199e-11e3-abd7-e0f847425aca”)
- Version (e.g. “2.2.0”)
- Names of all plug-ins (extensions of HiveMQ) and their versions (e.g. “database plug-in”, “1.0.0”)
- Operating system
- Java version
We will only use such data to show you whether new updates are available.
c) Withdrawal of your consent You can withdraw your consent at any time by contacting us. If you withdraw your consent this does not affect the lawfulness of processing based on consent before its withdrawal. Regarding data processing when using our update service within the evaluation software, you can prevent the submission of the data stated in b) by deactivating the update check. A manual on activating/deactivating can be found here.
5. Consent to the processing of personal data when leaving a comment in our blog; Transferring of your data to Gravatar
If you leave a comment in our blog you give your consent in the processing of your data as mentioned below:
Your name and your comment will be made available on our website. This applies also to the URL of your website if you provide us with. However, you can provide a pseudonym instead of your real name. We only ask for your mail address to ensure that our comment form will not be misused für Spam or attacks on our website. Moreover, we can only identify you with your mail address if you request deletion of your comment. If you wish deletion of your comment please contact us via the above mentioned contact details. We ask for your understanding that we may only delete your comment if you write us from the mail address you use for leaving the comment or at least tell us this mail address. Without this we cannot identify you as the author of the comment.
You can withdraw this consent at any time. We then delete your comment and other data from our systems unless there is another legal basis for processing. If you withdraw your consent, this does not affect the lawfulness of processing based on consent before its withdrawal.
Moreover, on our websites and blog, we use the service Gravatar of Automattic, Inc, based in the USA (in the following: Gravatar). The use of Gravatar is made on the legal basis of Art. 6 (1) sent. 1 point (f) GDPR because we have a legitimate interest to make our comment function more comfortable to our users.
If you click on the “Post Comment” button your e-mail address will be transferred in encrypted form to a server of Gravatar only for the purpose to check if you have an account there. If you have an account there your profile picture will be displayed automatically with your comment. If do you not want your Gravatar profile picture to be displayed with your comment you have to choose another email address when leaving comments in our blog.
Please find more information on the processing of your data here: automattic.com/privacy
6. Data processing with Cookies und Logfiles
Moreover, in accordance with Art. 6 (1) sent. 1 point (f) GDPR, every single web page uses log files, i.e. for every page impression, the access data are saved to the server log. The saved data record contains the following details:
Your anonymized IP address, the date, the time, the file accessed, the status, the request that your browser sent to the server, the amount of data transmitted and the webpage from which you accessed the requested page (referrer) as well as The product and version information of the browser used, your operating system and your country of origin. We use the anonymous log data – which means data without assignment or references to your person – only for the purpose of recognizing and preventing attacks on our website. We reserve the right to store IP addresses in single cases completely and to analyze them if we believe that user use our websites and/or services illegally or contrary to contract. We anonymize IP addresses as soon as we do not need them anymore.
7. Google Fonts
On our websites we use the service Google Fonts, a service of Google Inc. based in the USA (in the following: Google). By including this service in our websites data of website visitors may be transferred to Google. This processing takes place on the legal basis of Art. 6 (1) sent. 1 point (f) GDPR because of our legitimate interest to make our websites more attractive to our website visitors. With Google Fonts fonts on our websites may be displayed consistently and we may offer faster loading times for our websites. When accessing our website your browser downloads the necessary Google Fonts to the browser cache to display texts and fonts correctly. According to Google your requests for fonts are separate from and do not contain any credentials you send to the Google server while using other Google services that are authenticated.
In accordance with the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 transfers from a controller or processor in the European Union to organisations in the U.S. that have self-certified their adherence to the EU-U.S. Privacy Shield Framework Principles with the Department of Commerce and have committed to comply with them are allowed. Google has self-certified its adherence to the EU-U.S. Privacy Shield Framework Principles and has committed to comply with them.
8. Google Analytics Remarketing
Our websites use the functions of Google Analytics Remarketing in combination with the functions of Google AdWords and Google DoubleClick, which work on all devices. The provider of these solutions is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This function makes it possible to connect the advertising target groups generated with Google Analytics Remarketing with the functions of Google AdWords and Google DoubleClick, which work on all devices. This makes it possible to display interest-based customized advertising messages, depending on your prior usage and browsing patterns on a device (e.g. cell phone) in a manner tailored to you as well as on any of your devices (e.g. tablet or PC).
If you have given us pertinent consent, Google will connect your web and app browser progressions with your Google account for this purpose. As a result, it is possible to display the same personalized advertising messages on every device you log into with your Google account. To support this function, Google Analytics records Google authenticated IDs of users that are temporarily connected with our Google Analytics data to define and compile the target groups for the ads to be displayed on all devices.
You have the option to permanently object to remarketing / targeting across all devices by deactivating personalized advertising in your Google account. To do this, please follow this link: www.google.com/settings/ads/onweb/. The consolidation of the recorded data in your Google account shall occur exclusively based on your consent, which you may give to Google and also revoke there (Art. 6 Sect. 1 lit. a GDPR). Data recording processes that are not consolidated in your Google account (for instance because you do not have a Google account or have objected to the consolidation of data), the recording of data is based on Art. 6 Sect. 1 lit. f GDPR. The legitimate interest arises from the fact that the operator of the website has a legitimate interest in the anonymized analysis of website visitor for advertising purposes. For further information and the pertinent data protection regulations, please consult the Data Privacy Policies of Google at: policies.google.com/technologies/ads?hl=en.
9. Google Ads and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online promotional program of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). In conjunction with Google AdWords, we use a tool called Conversion Tracking. If you click on an ad posted by Google, a cookie for Conversion Tracking purposes will be placed. Cookies are small text files the web browser places on the user’s computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we will be able to recognise that the user has clicked on an ad and has been linked to this page.
A different cookie is allocated to every Google AdWords customer. These cookies cannot be tracked via websites of AdWords customers. The information obtained with the assistance of the Conversion cookie is used to generate Conversion statistics for AdWords customers who have opted to use Conversion Tracking. The users receive the total number of users that have clicked on their ads and have been linked to a page equipped with a Conversion Tracking tag. However, they do not receive any information that would allow them to personally identify these users. If you do not ant to participate in tracking, you have the option to object to this use by easily deactivating the Google Conversion Tracking cookie via your web browser under user settings. If you do this, you will not be included in the Conversion Tracking statistics.
The storage of “Conversion” cookies and the use of this tracking tool are based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. To review more detailed information about Google AdWords and Google Conversion Tracking, please consult the Data Privacy Policies of Google at: policies.google.com/privacy?hl=en. You can set up your browser in such a manner that you will be notified anytime cookies are placed and you can permit cookies only in certain cases or exclude the acceptance of cookies in certain instances or in general and you can also activate the automatic deletion of cookies upon closing of the browser. If you deactivate cookies, the functions of this website may be limited.
10. Google Signals
This website uses Google Signals. Signals is an online advertising program of Goggle Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States “Google”) as expansion of the Google Analytics family.
On the basis of the data collected by Google, a so-called Cross Device Tracking is performed by Google. As website operator we receive anonymised reports which do NOT enable us to allocate natural persons or user profiles.
For more information about Google AdWords and Google Conversion Tracking see Google’s data protection regulations: policies.google.com/privacy. You can change the settings of your browser to make a warning appear on the screen before a cookie is saved and to decide whether you wish to accept cookies in individual cases, or completely exclude all incoming cookies as well as to activate the automatic deletion of cookies when the browser is closed. However, deactivating cookies may restrict the functionality of this website.
11. Facebook Pixel
To measure our conversion rates, our website uses the visitor activity pixel of Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyse the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns. For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data. The use of Facebook Pixel is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in effective advertising campaigns, which also include social media. In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: www.facebook.com/about/privacy/. You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section. To do this, you first have to log into Facebook. If you do not have a Facebook account, you can deactivate any user based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: www.youronlinechoices.com/de/praferenzmanagement/.
12. LinkedIn Insight Tag
For more information about LinkedIn Insight Tag, please see: LinkedIn Insight Tag Frequently Asked Questions
14. Embedding of YouTube videos
YouTube LLC is included in self-certification of Google Inc. as part of the EU/US Privacy Shield. In accordance with the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 transfers from a controller or processor in the European Union to organisations in the U.S. that have self-certified their adherence to the EU-U.S. Privacy Shield Framework Principles with the Department of Commerce and have committed to comply with them are allowed. Google has self-certified its adherence to the EU-U.S. Privacy Shield Framework Principles and has committed to comply with them.
Data you insert on our website is transferred in encrypted form (TLS). We take technical and organizational measures to secure our website and other systems against loss, destruction, access, modification or dissemination of your data by unauthorized persons.
16. Categories of recipients of the personal data; data transfer to a third country
17. Your Rights
According to Art. 15 GDPR you have the right free of charge of access to your personal data and information about processing. Moreover, according to Art. 16 to 18 GDPR you have the right of rectification of inaccurate personal data as well as of erasure of personal data or restriction of processing.
Under the conditions of Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance.
Moreover, according to Art. 21 (1) GDPR you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Art. 6 (1) sent. 1 GDPR including profiling based on those provisions. We shall comply with the aforementioned requests if and to the extent such compliance is required by the applicable statutory laws. Where personal data are processed for direct marketing purposes, according to Art. 21 (2) GDPR, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Each data subject has the right to lodge a complaint with a supervisory authority of the alleged infringement.
18. Period of Data Storage and routine deletion
Insofar nothing else is stated above we process and store personal data only for the period, which is required to meet the purpose of processing, or as long and to the extent as statutory laws require us to process and/or store such data.
If the purpose of processing does not apply anymore or the applicable statutory retention requirement expires, we will as a matter of routine erase data or restrict the processing of data in accordance with the applicable statutory laws.