- visit our website,
- access or use any of our applications, including our cloud environment,
- register and/or attend to any events hosted or attended by Taktile,
- contact our customer support,
- do business with us, or
- otherwise interact or communicate with us.
These services are hereinafter collectively referred to as the “Services”.
Name of Controller and Data Protection Officer
Taktile GmbH if you are located outside North America and for all website activities
Address: Taktile GmbH, Schönhauser Allee 9, 10119 Berlin, Germany
Legal representative: Maik Taro Wehmeyer
Contact details of Data Protection Officer: email@example.com
Taktile, LLC, if you are located in North America
Address: Brookfield Place, 200 Vesey Street, New York, NY 10281
USA Legal representative: Maik Taro Wehmeyer
Any requests or questions related to data protection may be addressed to firstname.lastname@example.org, phone: +49 89 250039222.
The operational data protection officer can be reached as follows:
Leopoldstraße 21, 80802 Munich, Germany
The categories of data we process depend on your interactions with us and may include one or more of the following data categories.
Taktile processes the following categories of Personal Data as contact data: first name, last name, email addresses, postal address/location (country, state/province, city), telephone numbers, and your relationship history with Taktile.
Personal data related to the business relationship with Taktile
In the context of established business relationships, Taktile may process the business partners company name, industry, size of the organization, your job title and role, department and function and your company’s relationship history with Taktile. When you register to use our Services, we may collect your Personal Data (like name and contact details).
Personal Data related to statutory law or regulation
If required by statutory law or regulation, Taktile may process the following data categories: geolocation, business partners’ names and addresses, IP addresses, business partner relevant information about significant litigation or other legal proceedings, and other custom compliance relevant information.
Data generated through your use of Taktile’s website
When you visit our website, it is technically necessary that data is transmitted to our web server via your internet browser. The following data is recorded during a running connection for communication between your internet browser and our web server:
- visited domain
- the date and time of the request
- page from which the file was requested
- access status (file transferred, file not found, etc.)
- the web browser, system language, operating system and device type used
- IP address of the requesting computer
- the amount of data transferred
We collect the listed data to ensure a smooth connection to the website and to enable a comfortable use of our website. In addition, the log file serves the purpose of evaluating system security and stability, as well as providing administrative functions. The legal basis for the temporary storage of data or log files is Art. 6(1)(f) GDPR.
For reasons of technical security, in particular to prevent attempts to attack our web server, we may temporarily store this data. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is made anonymous by shortening the IP address at domain level, so that it is no longer possible to establish a reference to the individual user. This data is not evaluated in anonymous form except for statistical purposes. This data is not combined with data from other data sources.
Form to Obtain Offers
We provide a webform on our website for you to contact us and request a demo of our services. The transfer of Personal Data via the webform is encrypted. If you make use of the form, the entered data will be transferred to us and stored. These data are: email address, first and last name as well as your phone number if you enter it voluntarily. The following data will also be stored at the time the message is sent: date and time.
The data will only be processed within the scope of the specified purpose - sending a demo access and contacting via email or telephone. The legal basis for processing the data, which are transmitted in the course of sending an email, is the performance of pre-contractual measures or a contract pursuant to Art. 6(1)(b) GDPR or your consent pursuant to Art. 6(1)(a) GDPR.
Your Personal Data will be deleted as soon as they are no longer required for the purpose for which they were collected. The collected Personal Data will be deleted as soon as the demo access has been sent and contact via email or phone was established or unsuccessful. Data will only be continuously processed if they are necessary in the context of an initiation and completion of a contract, respectively for the fulfilment of resulting contractual measures.
Recruiting and Onboarding
We collect application relevant documentation provided by candidates. In general, this includes name, surname, e-mail address, address, phone number, a cover letter and the CV and a link to the applicant’s LinkedIn profile or website. Moreover, certain information can be provided for self-identification under local US law (gender, race or ethnicity, veteran status, disability). Do disregard this section unless it is required by local law.
Depending on whether your application is successful, we need further information to enter into an agreement/employment relationship with you. This may be: date of birth, bank account details, insurance number, work-permits, disabilities if legally required under local law etc. We will also conduct automated checks against applicable sanctions-party lists.
Please do not include in your CV and cover letter information about political opinions, religious beliefs, and similar sensitive data. They are not required for your application.
The legal basis for data processing activities during the recruitment process is the respective national employment law or Article 6(1)(b) GDPR (i.e., the processing is necessary for entering into or the performance of a contract with you).
If you provide any information in relation to e.g. referees, you are responsible for obtaining their consent and ensuring that they are aware that their details can be forwarded.
Where we obtain publicly available information about you from business- and employment-oriented social networks or websites the legal basis is Art. 6(1)(f) GDPR. Our legitimate interests follow from the fact that we wish to conduct a proper assessment of an applicant.
When we do a video interview with you it might happen that we ask for a recording. We will always ask for your consent whether to record or not, pursuant to Article 6(1)(a) GDPR. Please note – whether you consent is totally up to you. You have the right to revoke your consent at any time without reasons with effect for the future.
Taktile uses an applicant tracking system and recruiting software for its hiring process. It is used to coordinate the application process, to monitor the status of applications and to communicate with candidates and within the team. Only Taktile employees who are involved in the application process for the respective position have access to the candidate’s data.
If you’re based in Germany, your applicant data will be deleted by us six months after the end of the respective application procedure, unless you have been hired by us. This is necessary for the burden of proof in the event of a legal claim based on the German General Equal Treatment Act (AGG).
Personal Data received by third parties, including publicly available sources
Taktile generally aims to collect Personal Data directly from the data subjects. If you or applicable law allows Taktile to do so, Taktile may obtain Personal Data also from third party sources. These third-party sources may include:
- your employer in the context of its business dealings with Taktile,
- third parties you directed to share your Personal Data with Taktile,
- third party sources and publicly available sources like business-oriented social networks or information brokers.
Contact via email
If you send us requests via email, your details from the email, including the contact data you have provided there, will be stored for the purpose of processing the request and in the event of follow-up questions. Under no circumstances will we pass on this data without your consent. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR and, if applicable, Art. 6(1)(b) GDPR, provided that your request is aimed at concluding a contract. Your data will be deleted after final processing of your request, provided that there are no legal storage obligations to the contrary. You can object to the processing of your Personal Data at any time in the case of Art. 6(1)(f) GDPR.
Origin of Data
Purposes for Processing
Providing the requested service
We process your Personal Data to fulfill our contractual obligations to you, including to:
- provide and deliver products and services (including updates thereto);
- operate and improve our operations, systems, products and services;
- understand your preferences to enhance your experience; and
- provide service and support, such as sending confirmations, invoices, technical notices, updates, security alerts and administrative messages and providing customer support and troubleshooting.
Comments and questions
If you contact us via our website, via email or in any other way, we process your Personal Data to understand and respond to your request and to provide customer service. In such circumstances, your request might be internally forwarded to the responsible department at Taktile.
Sales & Marketing activities
We may use your email address for direct advertising, to communicate news about upcoming events, products, and services, and for surveys. We also use your email address, which we receive in connection with the sale of a product or service, for direct advertising of products or services similar to the ones you ordered. Our marketing emails permit you to opt-out of receiving further communications by selecting the “unsubscribe” link. In addition, you may opt-out from marketing communication at any time by contacting email@example.com.
To improve performance of the Services, to assess and improve the customer and user experience, to identify future opportunities for development of the Services, and to assess capacity requirements, we may analyze aggregated, anonymized or statistical information based on Personal Data.
Security and Compliance
We may analyze your Personal Data to maintain the security of the Services and facilities, to enforce our terms and conditions, to protect against, investigate and deter fraudulent, unauthorized, or illegal activity and to avoid and detect attacks on our website or applications or misuse of our Services.
How Taktile Shares Information
We do not sell your Personal Data to third parties. Your Personal Data will not be passed on to third parties unless
- we have explicitly indicated this in the description of the respective data processing;
- you have given your explicit consent in accordance with Art. 6(1)(a) GDPR;
- the disclosure pursuant to Art. 6(1)(f) GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an outright interest worthy of protection in not disclosing your data;
- that a legal obligation exists for the transfer pursuant to Art. 6(1)(c) GDPR; and
- this is required under Art. 6(1)(b) GDPR for the processing of contractual relationships with you.
With Taktile Companies
With Service Providers
We also use external service providers, which we have carefully selected and commissioned in writing, to carry out the Services. They are bound by our instructions and are regularly checked by us. With which we have concluded data processing agreements in accordance with Art. 28 GDPR, if necessary. These are service providers for web hosting, sending emails and maintaining our IT systems, etc.
A user’s Personal Data may be accessed, stored, transferred to and processed in countries other than the country in which the person resides. As an internationally operating company, Taktile processes Personal Data in countries outside the European Economic Area (“EEA“), including the United States of America. These countries may have data protection laws that differ from the laws of the country where the person resides. We have taken adequate security precautions to ensure that such Personal Data remains protected in accordance with this Policy and we have established adequate mechanisms to protect Personal Data in agreements with Taktile’s service providers such as the use of standard contractual clauses of the EU Commission in accordance with Art. 46 (2)(c) GDPR.
With Competent Authorities
Taktile may share customer and user Personal Data when believed, in good faith, that Taktile is: (i) responding accordingly to authorized requests by law enforcement agencies, regulators, courts, and other public authorities; (ii) comply with any law, regulation, subpoena, or court order; (iii) investigate and assist in preventing security threats, fraud or other criminal or malicious activity; (iv) enforce/protect the rights and properties of Taktile and its affiliates; or (v) protect the rights or personal safety of Taktile’s and its affiliates’ employees, and third parties on or using Taktile property in line with the requirements of applicable law.
Legal Basis for Processing Information
Taktile only uses customer and user Personal Data in a lawful, apparent, and reasonable manner. Taktile relies on the following legal bases:
- consistent with user-specific, revocable consents in accordance with Art. 6(1)(a) GDPR;
- to prepare, enter into or fulfill a contract in accordance with Art. 6(1)(b) GDPR, as necessary;
- to comply with legal obligations, in accordance with Art. 6(1)(c) GDPR, as necessary;
- to protect customer and user vital interests or those of others; and
- as necessary for Taktile’s legitimate interests in accordance with Art. 6(1)(f) GDPR, such as customer management, to facilitate and evaluate the use of online properties, business operations, marketing and advertising (if applicable), research, development or security.
In accordance with Art. 32 GDPR and having regard to the latest state of the art, the costs of implementation, the type, scope, circumstances and purpose of the processing as well as various probabilities of occurrence and severity of risks for rights and freedoms for natural persons, we take suitable technical and organizational measures in order to guarantee an appropriate level of protection. This website uses SSL-encryption for safety reasons and in order to secure the transfer of confidential content. However, as no electronic transmission or storage of information can be entirely secure, we can make no guarantees as to the security or privacy of your information. Our staff who may have access to your information are required to keep that information confidential.
Your Personal Data will be deleted upon your request or as soon as it is no longer required to achieve the purpose for which the Personal Data has been collected, namely, to provide the requested Services. If legal regulations apply the duration of the storage of Personal Data may be determined by the relevant legal retention periods (e.g. from commercial law and tax law). After expiry of the respective period, the corresponding data is routinely deleted.
Your Rights and Choices
You have the right to
- request information about your Personal Data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of Personal Data, the categories of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of complaint, the origin of your data, if they have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information regarding their details.
- immediately request the correction of incorrect or incomplete Personal Data stored by us in accordance with Art. 16 GDPR.
- request the deletion of your Personal Data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
- pursuant to Art. 18 GDPR, to demand the restriction of the processing of your Personal Data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to have it deleted and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have filed an objection against the processing pursuant to Art. 21 GDPR.
- receive your Personal Data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another person responsible in accordance with Art. 20 GDPR.
- complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state in which we have our registered office or, if applicable, that of your usual place of work or usual residence.
- revoke consent granted at any time with effect for the future pursuant to Art. 7 para. 3 GDPR. In the event of revocation, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation.
At your request, and as required by law, Taktile will:
- inform of what Personal Data is on file;
- amend or correct Personal Data or any previous privacy preferences the customer or user selected; and/or
- delete Personal Data.
To exercise your rights, please contact Taktile via firstname.lastname@example.org. Taktile uses reasonable efforts to delete Personal Data as required and retains records necessary to comply with governmental authority or applicable federal, state, or local laws. Where legally permitted, Taktile may decline to process requests that are excessively repetitive or methodical, require unreasonable technical effort, or risk the privacy of others.
If Taktile is unable to resolve your concerns, users have the right to contact their local data privacy supervisory authority or seek a remedy through the courts if the users believes his or her requests to exercise privacy rights have not been honored.
Right of Objection
If your Personal Data is processed by us on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right to object to the processing of your Personal Data in accordance with Art. 21 GDPR, insofar as this is for reasons resulting from your particular situation. If the objection is directed against the processing of Personal Data for the purpose of direct marketing, you have a general right of objection without the requirement to indicate a special situation.
If you would like to make use of your right of withdrawal or objection, simply send an email to email@example.com.
California Privacy Rights
You may make a request pursuant to your rights under the CCPA by contacting us at firstname.lastname@example.org. We will verify your request using the information associated with your account (if any), including email address. Government identification may be required. You can also designate an authorized agent to exercise these rights on your behalf.
Subject to Alterations
Last update: 31 October 2023