1. Information about the collection of personal data and contact details
Thank you for visiting our website. In the following we would like to inform you about the handling of your personal data when using our website. Personal data are basically all data with which you can be personally identified. Responsible for processing data in our website within the meaning of the General Data Protection Regulation (GDPR) is:
ColorDigital GmbH
Im Zollhafen 24
D-50678 Köln
Tel.: +49 (0) 221 93280170
E-Mail: info@colordigital.de
In order to protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL or TLS) via HTTPS. We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. A complete protection of the data against access by third parties is not possible.
2. Data collection when you visit our website
Every time you visit our website, our system automatically records data and information that your browser transmits to our server (so-called "server log files"). The following data that is technically necessary for us is collected: our website visited, date and time of your access, amount of data sent in bytes, source/reference from which you came to the page, operating system used, browser used, IP address used (possibly in anonymous form).
The legal basis for processing is Article 6 (1) lit. f GDPR due to our legitimate interest in improving the stability and maintaining the functionality of our website. The data will not be passed on or used in any other way. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. We reserve the right to check the server log files retrospectively if there are concrete indications of illegal use. Log file data is deleted after seven days at the latest, or anonymized so that it is no longer possible to assign the accessing client.
3. Cookies
Our website uses cookies. Cookies are text files that are stored on the user's device. Some functions of our website cannot be offered without the use of cookies. The user data collected by technically necessary cookies are not used to create user profiles. The legal basis for processing personal data using technically necessary cookies is Art. 6 (1) lit. f) GDPR. In addition, our website uses cookies that enable an analysis of the surfing behavior of the users (so-called third party cookies).
As a user, you have full control over the use of cookies. You can deactivate, restrict or delete the transmission of cookies by changing the settings in your internet browser. If you deactivate cookies for our website, it is possible that not all functions can be used in full. Some cookies are deleted after you close your browser (session cookies); others remain on your device and enable us or our partner companies to recognize your browser on your next visit (persistent cookies).
4. Contacting support
If you contact us using the contact form, the data entered in the input mask will be transmitted to us and saved. When you contact us by email, only the data you have entered will be transmitted to us. The data will only be used to process the conversation and your request. If the user has given consent, the legal basis for processing is Art. 6 (1) lit. a GDPR. Otherwise it is Art. 6 (1) lit. f GDPR, and additionally Art. 6 (1) lit. b GDPR if the aim is to conclude a contract. The data will be deleted as soon as it is no longer required and no statutory retention requirements apply. Users can object to storage at any time.
5. Use of your data for direct mail
5.1 Newsletter
You can subscribe to a free newsletter on our website. The only mandatory information is your email address. The legal basis for processing your data after registering for the newsletter is Art. 6 (1) lit. a GDPR. We collect this by sending you a confirmation email after registering (double opt-in). You can cancel your subscription to the newsletter at any time using the link in every newsletter, which also revokes your consent to the storage of the personal data collected during registration.
5.2 MailChimp
We send our newsletter via The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. We pass on the data you entered during registration in accordance with Art. 6 (1) lit. f GDPR. As a rule, your data will be transferred to a MailChimp server in the USA and saved there, secured by standard contractual clauses. MailChimp's privacy policy: mailchimp.com/legal/privacy.
6. Tools and miscellaneous
6.1 Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies to help analyze how users use the site. IP anonymisation is active on this website, so your IP address will be truncated within the EU/EEA. Only in exceptional cases the whole IP address is first transferred to a Google server in the USA and truncated there. You can opt out by installing the Google Analytics opt-out browser add-on: tools.google.com/dlpage/gaoptout.
6.2 HubSpot
We use HubSpot Analytics for the statistical analysis of user behavior on our website. This allows for the collection of information such as pages visited, click behavior, and time spent on the site. Data processing only occurs with your consent, in accordance with Art. 6 (1) lit. a GDPR. The provider is HubSpot Inc., USA. Data transfer to third countries (e.g. USA) cannot be ruled out.
7. Rights of the data subject
Under applicable data protection law you have the following rights: information (Art. 15 GDPR), correction (Art. 16 GDPR), restriction of processing (Art. 18 GDPR), deletion (Art. 17 GDPR), information to recipients (Art. 19 GDPR), data portability (Art. 20 GDPR), withdrawal of consent (Art. 7 (3) GDPR), objection to processing based on Art. 6 (1) lit. e or f GDPR, and the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
8. Duration of storage of personal data
The duration of the storage of personal data depends on the statutory retention periods. After the data has expired, we routinely delete it if it is no longer required to fulfill or initiate a contract and if we have no legitimate interest in further storage.
9. Objection to advertising mails
We hereby object to the use of the contact data published as part of the imprint obligation for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.
10. Payment processing via Stripe
For paid DMIx subscriptions we use the payment service provider Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (Stripe). Stripe Payments Europe uses Stripe, Inc. (USA) as a sub-processor.
Controller: DMIx by ColorDigital GmbH (see section 1).
Purpose: processing of subscription orders, invoicing, fraud prevention, VAT calculation and tax reporting. Checkout runs in an embedded form served by checkout.stripe.com, no Stripe cookies are set on dmix.info before you start the checkout.
Data categories: billing email, billing address, VAT identification number, company name, IP address, browser metadata, selected plan and seat configuration, payment metadata (card brand, last 4 digits, country). Card numbers are entered directly into Stripe's PCI-compliant form and are never seen by us.
Legal basis: performance of the contract (Art. 6 (1) (b) GDPR) and compliance with statutory book-keeping and tax obligations (Art. 6 (1) (c) GDPR).
Third-country transfer: data may be transferred to Stripe, Inc. in the USA. The transfer is safeguarded by the EU Standard Contractual Clauses and Stripe's certification under the EU-US Data Privacy Framework.
Retention: billing data is retained for the statutory commercial and tax retention periods (in Germany typically 10 years). Other personal data is deleted as soon as the purpose ceases.
Recipients of further information: Stripe Privacy Policy at stripe.com/privacy.
DMIx subscriptions are offered to business customers only (§ 14 BGB). No consumer right of withdrawal applies.
11. Privacy policy for the SamplR App
Responsible provider: ColorDigital GmbH, Im Zollhafen 24, 50678 Cologne, info@colordigital.de.
Purpose: SamplR App recognizes and digitally processes fabric samples. Camera data is captured and processed via secure cloud services. Results are then available for further use.
Collected data: camera images (for pattern recognition), device type and operating system version, anonymized usage data for error diagnosis, account information (only when logging into the B2B portal).
Cloud processing: partly within the EU. Data is only passed on to third-party providers to fulfill the contract (e.g. hosting), with data processing agreements in place.
Legal basis: Art. 6 (1) lit. b GDPR (contract), Art. 6 (1) lit. f GDPR (legitimate interest in functionality), CCPA/CPRA (no sale of personal data), PIPL (processing only with express consent).
Tracking: no advertising or user-based profiles. Only anonymous technical tracking for app optimization.
International users: California users can object to the transfer via a mechanism provided in the app. Users from China are actively informed of their consent to cloud processing before use.
Contact for data protection enquiries: infosec@colordigital.de.
12. Terms of use (GTC for SamplR App)
Scope: these terms govern the use of the SamplR App, aimed at business customers from the design industry.
Services: SamplR App enables the recognition and digital processing of fabric samples, with analysis and export options.
Prerequisites: a registered B2B account. Data entered remains the property of the respective company.
Rights to content: all content and results created with SamplR App remain the property of the user. The app does not acquire any rights of use to uploaded or processed material.
Liability: the provider is not liable for incorrect recognition, loss of data or system failures, except in cases of gross negligence or intent.
Changes: the provider reserves the right to make changes to the app and these terms. Changes will be announced in the app.
Jurisdiction and law: German law applies. The place of jurisdiction is Cologne.