Data protection

Privacy Policy
We are very pleased about your interest in our company. Data protection holds a particularly high priority for the management of Performery UG (limited liability), which operates this website (www.performery.de). Access to the internet pages of Performery UG (limited liability) is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, processing of personal data may become necessary. If processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject in advance.

The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in compliance with the EU General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to Performery UG (limited liability). By means of this privacy policy, our company seeks to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed of their rights through this privacy policy.

Performery UG (limited liability), as the controller, has implemented numerous technical and organizational measures to ensure as complete protection as possible for personal data processed through this website. However, data transmissions over the internet can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative methods, such as telephone.

1. Definitions

This privacy policy of Performery is based on the terms used by the European legislator when issuing the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easily readable and understandable for the general public as well as our customers and business partners. To ensure this, we would first like to explain the terms used.

In this privacy policy, we use, among others, the following terms:

a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, ID number, location data, online identifier, or one or more characteristics of physical, physiological, genetic, psychological, economic, cultural or social identity.

b) Data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing
Processing means any operation or set of operations performed on personal data, with or without automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination, alignment, restriction, erasure, or destruction.

d) Restriction of processing
Restriction of processing means marking stored personal data with the aim of limiting future processing.

e) Profiling
Profiling means any form of automated processing of personal data to evaluate certain personal aspects concerning a natural person, especially to analyze or predict aspects concerning performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization
Pseudonymization means the processing of personal data in such a manner that the data can no longer be attributed to a specific data subject without additional information, provided that such additional information is stored separately and subject to technical and organizational measures to ensure that the data cannot be attributed to an identified or identifiable person.

g) Controller
Controller means the natural or legal person, authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data.

h) Processor
Processor means a natural or legal person, authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient
Recipient means a natural or legal person, authority, agency or other body to which personal data is disclosed, whether a third party or not. Authorities which may receive personal data in the context of a particular inquiry under Union or Member State law are not considered recipients.

j) Third party
Third party means any natural or legal person, authority, agency or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process the personal data.

k) Consent
Consent means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

2. Name and Address of the Controller

Controller pursuant to the GDPR, other national data protection laws in Member States, and other data protection provisions is:
Performery UG (limited liability)
c/o Unicorn
Gerichtstraße 51
13347 Berlin
Germany
Email: hi@performery.de
Website: www.performery.de

3. Cookies

The pages of Performery UG (limited liability) use cookies. Cookies are text files placed and stored on a computer system via an internet browser. Many websites and servers use cookies. Cookies often contain a so‑called cookie ID — a unique identifier of the cookie. This cookie ID allows the visited web pages and servers to distinguish the individual browser of a data subject from other browsers that contain other cookies. A specific browser can be recognized and identified by the unique cookie ID.

By using cookies, Performery UG (limited liability) can provide more user-friendly services, which would not be possible without the use of cookies. Cookies enable us to optimize the information and offers on our website in line with the user. They allow us to recognize users of the website. The purpose of this recognition is to make it easier for users to use our website. For example, a user does not need to re-enter access data every time they visit the website because this is stored by the website and the cookie. Another example is the cookie of a shopping cart in an online shop, which remembers the items a customer has placed in their virtual cart.

Data subjects can prevent the setting of cookies at any time via their browser settings and thus object to the setting of cookies permanently. They can also delete already set cookies at any time via the browser or other software. If a data subject disables the setting of cookies in their browser, not all functions of our website may be available in full.

4. Collection of General Data and Information

Each time the website of Performery is accessed by a data subject or an automated system, general data and information are collected and stored in the server log files. These may include:

1. Browser type and version

2. Operating system used by the accessing system

3. Referrer URL

4. Sub‑websites accessed

5. Date and time of access

6. IP address

7. Internet service provider

8. Other similar data and information for protection against attacks

Performery does not draw conclusions about the data subject when using this data. This information is rather needed to:

1. Deliver the content of our website correctly

2. Optimize the content and advertising

3. Ensure the ongoing functionality of the IT systems and technology

4. Provide necessary information to law enforcement agencies in case of a cyber attack

These anonymized data are evaluated statistically to increase data protection and data security, ultimately to ensure an optimal level of protection for the personal data we process. The anonymized log file data is stored separately from all personal data provided by a data subject.

​

5. Registration on Our Website

Data subjects have the option to register on our website by providing personal data. The exact information required is specified in the registration form. The personal data entered is collected and stored solely for internal use by the controller. The controller may pass data to processors (e.g. shippers), who, likewise, use it only for the purposes of the controller.
Upon registration, we also store the data subject’s IP address, date, and time. This is necessary to prevent misuse of our services and to investigate crimes. These details are kept as required and not shared unless legally obligated or for prosecutorial purposes.
Registration (which is voluntary) helps us offer content or services only accessible to registered users. Registered users can update or delete their data at any time.
Upon request, we will confirm which of the user’s personal data is stored, correct or delete that data—unless legal retention obligations prevent it. All staff members are available to assist with this.

6. Contact via the Website

Our site provides contact options such as email and contact forms. If a data subject contacts us by email or contact form, we automatically store the transmitted personal data. These voluntarily provided data are stored to process the inquiry or to contact the subject. The data are not shared, except to fulfill the purpose or as required by law.

7. Blog Comments

Performery offers users the option to comment on blog posts. If a user leaves a comment, the comment text, timestamp, chosen username (pseudonym) and their IP address are stored and published. The IP is logged for safety and to protect our rights if comments infringe third-party rights or contain unlawful content. That data is not shared unless legally required or to defend our legal interests.

8. Routine Deletion and Blocking of Personal Data

We retain personal data only as long as necessary to fulfill the purpose or as legally required. Once the purpose no longer applies or retention periods lapse, the data is routinely blocked or deleted in compliance with legal requirements.

9. Rights of the Data Subject

Under the GDPR, data subjects have these rights:

a) Right to confirmation – to ask if we process their data.
b) Right to access – to obtain free information about their data, including: purposes of processing; categories of personal data; recipients; retention period; rights to correction, deletion, restriction, objection; complaint right; data source; and profiling info if applicable.
c) Right to correction – to request immediate correction of incorrect data or completion of incomplete data.
d) Right to deletion (“right to be forgotten”) – to request deletion when data are no longer necessary, consent withdrawn, objection raised, unlawful processing, or legal obligation; and for data concerning children’s services in info society. We will also notify others processing the data, where feasible, to remove it.
e) Right to restriction – to request restriction if: accuracy disputed; unlawful processing but objecting deletion; data no longer needed but needed for legal claims; or objection pending balancing test.
f) Right to data portability – to receive data provided in a structured, common, machine-readable format and transmit it to another controller, when processing is based on consent or contract and automated.
g) Right to object – to object to processing for public interest, legitimate interests, profiling, or direct marketing. We will stop unless we show compelling grounds.
h) Rights regarding automated decisions, including profiling – to not be subject to decisions based solely on automated processing unless necessary for a contract, authorized by EU or member-state law with safeguards, or consented to.
i) Right to withdraw consent – to withdraw any given consent at any time.

To exercise these rights, contact any Performery staff member.

10. Facebook Facebook components are embedded on this site. When a page with a Facebook plugin is accessed, the visitor’s browser automatically connects to Facebook, informing it of the specific page visited. If logged in to Facebook, Facebook links this information to the user’s account. Interactions like clicks or comments are also recorded. To prevent this, users should log out of Facebook before visiting our site.

A Facebook Ireland “Custom Audience Pixel” is integrated to collect usage data (e.g., which articles were viewed). This enables interest-based advertising (retargeting). Data may also be used by Facebook for its own purposes or for third parties.
Legal basis: consent under GDPR Art. 6(1)(a). Consent may be withdrawn at any time.

11. Google Analytics (with IP Anonymization)

We use Google Analytics with the _anonymizeIp feature. Google Analytics collects data about user behavior—referrers, page views, time spent—for website optimization and ads analysis.
Google Analytics sets a cookie; data including the anonymized IP are transmitted to and stored by Google in the U.S., and may be shared further.
Users can prevent cookies via browser settings or delete them. They can also install the Google Analytics opt-out add-on available from Google to block data collection.
More info and opt-out instructions are given via Google’s privacy pages.

12. Instagram

Instagram components (e.g., share button) are embedded. Visiting a page with such a component automatically contacts Instagram, sending the page URL. If logged in, Instagram links the visit to the user’s account. To avoid this, log out of Instagram before visiting the site.
See Instagram’s privacy pages for details.

13. LinkedIn

LinkedIn plugins are embedded. Upon loading a page containing them, the browser connects to LinkedIn, informing it of the page visited. If logged in, LinkedIn associates the visit with the user’s account. To avoid this, users must log out.
LinkedIn’s cookie policy and privacy settings allow opting out of email/SMS ads, targeted ads, and use of cookies by partners like Google Analytics. See their privacy pages for more.

14. Twitter

Twitter components are embedded. Browsers automatically load them, sending page URL to Twitter. If the user is logged in, Twitter links this to their account, even if they don’t interact. To stop this, log out of Twitter before visiting our site.
See Twitter’s privacy policy for more information.

15. YouTube

YouTube components (e.g., embedded videos) are integrated. Loading a page with such a component sends the page URL to YouTube/Google. If the user is logged in to YouTube, the page visit is linked to their account. To avoid this, users must log out before visiting.
YouTube and Google’s privacy policy provides more information.