DSGVO
Ihre Daten sicher – wir schützen Ihre Privatsphäre mit modernster Technologie und Herz!
Effective Date: 10 March 2025
1. Responsible Party
The entity responsible for processing personal data on this website and in the context of our services is:Hawk Intelligent Technologies GmbH
Schafäckerlein 23
91413 Neustadt an der Aisch, Germany
Email: management@hawk-intech.com
Telephone: +49 9161 87192-0
2. Data Processing When Visiting Our Website
2.1 General Access Data
Whenever you access our website, our web server automatically logs certain access data. This includes, for example, your IP address, the date and time of the request, the amount of data transmitted, the type and version of your browser, and the operating system. We require this data to enable the website’s functionality, ensure system security, and optimize our online offering. The log data is stored for a period of generally 7 days, unless security-relevant events require a longer retention period.
Legal Basis: Article 6(1)(f) GDPR (legitimate interest).
2.2 Contact (Contact Form and Email)
When you contact us (e.g. via the contact form provided on the website or by email), we process the data you submit (especially your name, email address, and the content of your message) to process and respond to your inquiry. Mandatory fields in the contact form are clearly marked so that we can assign and address your request.
Legal Basis: Processing is based on your voluntarily given consent (Article 6(1)(a) GDPR) or, depending on the nature of your request, on the necessity to take pre-contractual measures or to fulfill a contract (Article 6(1)(b) GDPR).
2.3 Newsletter
If you subscribe to our newsletter offered on our website, we collect and use only the data necessary for sending you the newsletter (e.g. your email address) containing information about our products and offers. After your subscription, you will receive a confirmation email (double-opt-in procedure) to verify that you are the owner of the provided email address.
Legal Basis: Processing is based on your consent (Article 6(1)(a) GDPR), which you can revoke at any time for the future.
2.4 Cookies and Tracking Technologies
Our website uses cookies and similar technologies (e.g. pixels and scripts) to provide certain functions and improve your user experience. Cookies are small text files stored on your device. Some cookies are technically necessary for the website and our services to function properly (essential cookies). We only use other cookies and tracking technologies with your consent, particularly for statistical purposes, analysis, or marketing.Cookie Consent: When you first visit our website, a cookie banner may ask for your consent to use non-essential cookies and tools. You can adjust your cookie settings at any time via our website or revoke a consent you have already given (for example, via a settings link in the footer). We use the consent management platform CookieScript (provider: Objectis Ltd., Vilnius, Lithuania) for this purpose. This tool displays the cookie banner, saves your preferences, and sets a cookie that records your decision. In doing so, technical information (such as your anonymized IP address) may be transmitted to CookieScript’s servers.
Legal Basis: Article 6(1)(c) GDPR (fulfillment of legal obligations) and Article 6(1)(f) GDPR (legitimate interest).
Below, we provide information about the technologies we use:
Google Analytics
Our website uses Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics employs cookies that enable analysis of your use of the website. The information generated about your website usage (including your IP address) is usually transmitted to a Google server and stored there. We have configured Google Analytics so that your IP address is anonymized before being transferred within the EU/EEA. The data collected is processed on our behalf to compile reports on website activity and to provide further services related to website usage.
Data Transfer to the USA: It cannot be ruled out that Google Ireland transfers data to Google LLC in the USA. Appropriate safeguards, such as the conclusion of EU standard contractual clauses, are used to ensure an adequate level of data protection. With your consent to use Google Analytics, you also consent to a possible transfer of your data to the USA.
Legal Basis: Article 6(1)(a) GDPR (consent).
Opt-Out: You can install a browser add-on to disable Google Analytics or block the corresponding cookies in your browser.
Meta Pixel (Facebook Pixel)
We use the Meta Pixel (formerly Facebook Pixel), an analysis service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. With the help of the pixel, we can track user behavior after they have seen or clicked one of our Facebook or Instagram advertisements. This helps us evaluate the effectiveness of our Facebook/Instagram ad campaigns for statistical and market research purposes, and to optimize future advertising efforts. By using the Meta Pixel, a connection to Meta’s servers is established when you visit our website. Data such as your IP address, device and browser information, and the time of interaction are transmitted. If you are logged into Facebook or Instagram, Meta may associate this information with your user account.
Data Transfer to the USA: The data collected by Meta may be transferred to Meta Platforms, Inc. in the USA. Appropriate measures, such as EU standard contractual clauses, are used as the contractual basis. With your consent to use the Meta Pixel, you also consent to a possible transfer of your data to the USA.
Joint Responsibility: In using the Meta Pixel, we and Meta are jointly responsible as defined in Article 26 GDPR.
Legal Basis: Article 6(1)(a) GDPR (consent).
Opt-Out: You may adjust your browser settings or use Facebook/Instagram account settings to disable the use of your data for personalized advertising.
LinkedIn Insight Tag
Our website uses the LinkedIn Insight Tag from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This tool enables us to obtain information about visitors who have reached our website via LinkedIn and to measure the success of our LinkedIn advertising campaigns (e.g. conversion tracking). Data such as the URL of the visited page, referrer, IP address, device and browser characteristics, and the time of access are collected. If you are logged into LinkedIn, the visit may be associated with your LinkedIn account. The collected data is processed in aggregated form so that no individual profiles are created.
Data Transfer to the USA: Any transfer to the USA is based on appropriate safeguards (e.g. EU standard contractual clauses). With your consent to use the LinkedIn Insight Tag, you also consent to a possible transfer of your data to the USA.
Legal Basis: Article 6(1)(a) GDPR (consent).
Opt-Out: You can use browser settings or plugins to prevent the loading of LinkedIn scripts.Google AdSense
Our website integrates Google AdSense, an advertising service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google AdSense uses cookies and web beacons to recognize visitors to our site and evaluate their usage behavior. This data helps display personalized or contextual advertising.
Data Transfer to the USA: Data may be transferred to the USA, for which Google Ireland has concluded standard contractual clauses with its US headquarters. With your consent to use Google AdSense, you also consent to a possible transfer of your data to the USA.
Legal Basis: Article 6(1)(a) GDPR (consent).
Opt-Out: You can disable personalized advertising in Google ad settings or use external opt-out pages (e.g. youronlinechoices.com).
2.5 Social Media Presences and Links
We maintain online presences on various social networks and communication platforms to interact with customers and prospects and to inform about our services. On our website, we link via icons or buttons exclusively to the following external platforms:
Facebook (operated by Meta Platforms Ireland Limited, Dublin, Ireland) – Privacy Policy: facebook.com/privacy
LinkedIn (operated by LinkedIn Ireland Unlimited Company, Dublin, Ireland) – Privacy Policy: linkedin.com/legal/privacy-policy
X (Twitter) (operated by Twitter International Limited, Dublin, Ireland) – Privacy Policy: twitter.com/privacy
Instagram (operated by Meta Platforms Ireland Limited, Dublin, Ireland) – Privacy Policy: privacycenter.instagram.com/policy
Threads (operated by Meta Platforms Ireland Limited, Dublin, Ireland) – Privacy Policy: as provided for Instagram
YouTube (operated by Google Ireland Limited, Dublin, Ireland) – Privacy Policy: policies.google.com/privacy
WhatsApp (operated by WhatsApp Ireland Limited, Dublin, Ireland) – Privacy Policy: whatsapp.com/legal/privacy-policy
Our website does not use social media plugins. A connection to the servers of the social networks is only established when you click on a link. Please note that when you visit the profiles on these platforms, the respective terms of service and privacy policies apply. The data processing on these platforms is carried out by the respective service providers. Interactions (e.g. comments or likes) are processed solely for the purpose of responding or analyzing, based on our legitimate interest (Article 6(1)(f) GDPR).
2.6 Google reCAPTCHA
To protect our online forms and prevent spam, we use Google reCAPTCHA, a service provided by Google Ireland Limited, Dublin, Ireland. reCAPTCHA analyzes various characteristics (e.g. input behavior, mouse movements) to determine whether the input is made by a human or an automated process. In the background, your interaction with the website is evaluated, which may result in the transmission of your IP address and other technical data to Google.
We use reCAPTCHA to protect our website against automated abuse and spam.
Legal Basis: Article 6(1)(f) GDPR (legitimate interest).
For further information, please refer to Google’s privacy and terms of service (policies.google.com/privacy and policies.google.com/terms).
2.7 Embedded YouTube Videos
On our website, YouTube videos (provided by Google Ireland Limited, Dublin, Ireland) are embedded to offer you multimedia content. When you access a page containing an embedded YouTube video, a connection to YouTube’s servers is established before you play the video, which may result in the transmission of technical data (e.g. your IP address, the URL of the visited page) to Google. We use YouTube’s enhanced privacy mode so that cookies for profile creation are not initially set on your device until you actively play the video.
Legal Basis: Article 6(1)(f) GDPR (legitimate interest).
2.8 Downloads via Google Drive
We provide certain content (e.g. PDF documents such as this Privacy Policy) for download. These files are made available via the cloud service Google Drive provided by Google Ireland Limited, Dublin, Ireland. When you click a download link, the file is directly loaded from Google Drive’s servers. In doing so, your browser automatically transmits technical data (e.g. your IP address, time of access) to facilitate the download.
No personal data is actively collected for downloads – registration or data entry is not required.
Legal Basis: Article 6(1)(f) GDPR (legitimate interest).
Data Transfer to the USA: Technical connection data may be transferred to the USA. Google Ireland Ltd. uses standard contractual clauses for such transfers.
2.9 Hosting by Webflow
Our website is hosted by the service provider Webflow, Inc. (398 11th Street, 2nd Floor, San Francisco, CA 94103, USA). During the hosting process, technical data such as access times, IP addresses, and browser/system information are automatically collected to ensure the proper provision, security, and optimization of our website.
Webflow acts as a data processor on our behalf and processes the collected data strictly according to our instructions and in compliance with applicable data protection laws, in particular the EU General Data Protection Regulation (GDPR). We have concluded a data processing agreement with Webflow for this purpose.
Since Webflow utilizes a global network and content delivery networks (via infrastructure partners), technical data may be transferred to third countries. For more information on data processing by Webflow, please refer to Webflow’s Privacy Policy available at: https://webflow.com/legal/eu-privacy-policy.
Legal Basis: Article 6(1)(f) GDPR (legitimate interest).
3. Data Processing in Connection with Our SaaS Services
In addition to the purely informational visit to our website, we offer cloud-based software services (Software-as-a-Service), for example our platform for intelligent shift planning for companies. In the context of using these services, we process personal data to the extent necessary for providing and executing the services.
Registration and Usage Data:
When you register for one of our services or receive a user account from your employer, we process your registration data (e.g. name, email address, company affiliation, and access credentials). These data enable access to the platform and the management of your account. Additionally, we process usage data generated during the use of the platform (e.g. entered scheduling data, communications, log and usage data) to provide the functions of our services.
Purposes and Legal Bases:
The processing is carried out to fulfill the contract (Article 6(1)(b) GDPR) and to provide support, maintenance, and further development of the service. Internal analyses are preferably carried out in aggregated or anonymized form.
Data Processing on Behalf of Clients:
If our business clients use our SaaS platform to process personal data of third parties, we act as a data processor. The respective business client remains the data controller, and we process the data exclusively on their behalf. In such cases, we conclude a data processing agreement (DPA) to ensure compliant and secure processing.
Service Providers and Data Transfers:
For the provision of our SaaS services, we employ selected external service providers (e.g. hosting, email, support), who process the data strictly on our behalf and are contractually obligated to adhere to strict data protection measures. A transfer of personal data to third parties occurs only if necessary for contract fulfillment or if legally required.
Retention Period:
Personal data related to our SaaS services are stored only as long as necessary to fulfill our contractual and legal obligations. After termination of the relationship or deletion of the user account, the personal data are removed from the active system unless there are statutory retention obligations.
4. Your Rights as a Data Subject
As a data subject under the GDPR, you have the following rights, subject to the applicable legal conditions:
Right of Access (Article 15 GDPR): You have the right to request information about the personal data stored about you, including the purposes of processing, categories of data, recipients, and retention periods.
Right to Rectification (Article 16 GDPR): You have the right to have incorrect data corrected or incomplete data completed.
Right to Erasure (Article 17 GDPR): Under certain conditions, you can request the deletion of your personal data (e.g. if the data are no longer necessary for the purposes for which they were collected, if you withdraw consent, or if the data have been processed unlawfully).
Right to Restriction of Processing (Article 18 GDPR): You have the right to restrict the processing of your personal data, for example if you dispute the accuracy of the data or have lodged an objection under Article 21 GDPR.
Right to Data Portability (Article 20 GDPR): You have the right to receive the personal data you have provided to us in a commonly used, machine-readable format, or to have these transferred to another data controller.
Right to Object (Article 21 GDPR): If we process your data on the basis of our legitimate interest, you have the right to object if your particular situation warrants such an objection. You may also object to direct marketing at any time without giving reasons, and we will then no longer use your data for marketing purposes.
Right to Withdraw Consent (Article 7(3) GDPR): If you have given consent for processing, you may withdraw that consent at any time for the future. The withdrawal does not affect the lawfulness of processing prior to the withdrawal.
Right to Complain (Article 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR. The competent authority for us is the Bavarian State Office for Data Protection (Postfach 1349, 91504 Ansbach, Germany) or any other supervisory authority of your choice.
You may exercise your rights by contacting us in writing (e.g. via email at the address provided above). Please note that for requests under Article 15 GDPR, we may require proof of your identity in order to prevent unauthorized disclosure of information.
5. Objection and Opt-Out Options
In addition to the above rights, you may object to the processing of your data for certain purposes or revoke any consents you have given. In particular, you can proceed as follows:
Disabling Cookies: You can prevent the storage of cookies by adjusting your browser settings or by deleting already stored cookies. Please note that this may result in limited functionality of our website and services.
Disabling Tracking: If you do not wish for tracking technologies (such as Meta Pixel, Google Analytics, Google AdSense, or the LinkedIn Insight Tag) to collect your data, you may decline consent in the cookie banner or revoke an already given consent via browser add-ons (e.g. script blockers). Additionally, you can disable personalized advertising through external opt-out pages (e.g. youronlinechoices.com).
Unsubscribing from the Newsletter: If you no longer wish to receive our newsletter, you can unsubscribe at any time using the unsubscribe link provided in each newsletter email or by contacting us by email. Upon unsubscription, your email address and any other data processed for the newsletter will be deleted.
Exercising these rights is free of charge.
6. Updates and Changes to this Privacy Policy
We reserve the right to update the content of this Privacy Policy as necessary to reflect changes in our services or in legal requirements. The current version of the Privacy Policy is always available on our website.
7. Additional Information for Users Outside the EU
Our services and this Privacy Policy are primarily designed to comply with the EU General Data Protection Regulation (GDPR). However, we also strive to comply with data protection regulations in other regions. In particular, we do not sell personal data to third parties – neither under the California Consumer Privacy Act (CCPA) nor under similar data protection laws. If you access our services from outside the EU, please feel free to contact us with any questions regarding data protection. We will, as far as legally possible, take into account the applicable data protection rights in your country.
