The thing is: Your personal data (which we’ll refer to as “data” from here on) will only be processed to the extent that’s required to provide you with a functional and reader-friendly website (which includes contents, services, etc.).
Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (or “GDPR”), “processing” refers to pretty much anything we could do to your data, more specifically: any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.
This privacy policy right here will inform you about the type, scope, purpose, duration, and legal basis for such data processing – either under our own control, or through others. We’ll also inform you about the third-party components we’re currently using to optimize this website (the use of these might result in said third parties also processing data they collect and control).
Are you ready for the fine print? Allright then – here it comes: unbillable hour’s privacy policy, broken up into five chunks:
<p>Manage your cookie preferences <a class=”cmplz-show-banner”>by clicking here.</a></p>
Here’s the short version: unbillable hours is GDPR-compliant and doesn’t use cookies for retargeting. We do use Google Fonts and the Youtube player though, plus we run Matomo for analytics though (with IP anonymization). Also, we might ship the occasional newsletters through MailChimp – so some of your data might end up with these services. More on that below!
The party responsible for this website and its content (the “controller”) for purposes of data protection law is: Flo!
Florian Heinrichs
Sonnemannstraße 12
60314 Frankfurt am Main
Germany
Telephone: +49 176 24871275
E-mail: hello@unbillable-hrs.com
The controller’s data protection officer is, surprise, also Flo:
Florian Heinrichs, see above
With regard to the data processing to be described in more detail below, users and data subjects have the right…
… to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
… to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
… to the immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
… to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
… to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).
In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.
Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller’s future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.
Neat, huh?
The data that’s processed when you’re using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply. That is, provided the deletion of the same is not in breach of any statutory storage obligations – or unless otherwise stipulated (yes: “stipulated”) below.
Our website uses Google Fonts to display external fonts. This is a service provided by Google Inc., Gordon House, Barrow Street, Dublin 4, Irland (hereinafter: Google).
Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google guarantees that it will follow the EU’s data protection regulations when processing data in the United States.
To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed.
The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the optimization and economic operation of our site.
When you access our site, a connection to Google is established from which Google can identify the site from which your request has been sent and to which IP address the fonts are being transmitted for display.
Google offers detailed information at https://adssettings.google.com/authenticated and at https://policies.google.com/privacy – in particular on options for preventing the use of data.
We also use YouTube on our website, this is a video portal operated by YouTube LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, hereinafter referred to as “YouTube”.
YouTube is a subsidiary of Google LLC, Gordon House, Barrow Street, Dublin 4, Irland, hereinafter referred to as “Google”.
Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google and its subsidiary YouTube guarantee that they will follow the EU’s data protection regulations when processing data in the United States.
We’ll ask for your consent to YouTube’s cookie- and privacy policies before showing you any videos though – and we embed clips in “advanced privacy mode”… so you should be safe?
According to YouTube, the advanced privacy mode means that the data specified below will only be transmitted to the YouTube server if you actually start a video.
Without this mode, a connection to the YouTube server in the USA will be established as soon as you access any of our webpages on which a YouTube video is embedded.
This connection is required in order to be able to display the respective video on our website within your browser. YouTube will record and process at a minimum your IP address, the date and time the video was displayed, as well as the website you visited. In addition, a connection to the DoubleClick advertising network of Google is established.
If you are logged in to YouTube when you access our site, YouTube will assign the connection information to your YouTube account. To prevent this, you must either log out of YouTube before visiting our site or make the appropriate settings in your YouTube account.
For the purpose of functionality and analysis of usage behavior, YouTube permanently stores cookies on your device via your browser. If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your browser. Further details can be found in the section about cookies above.
Further information about the collection and use of data as well as your rights and protection options in Google’s privacy policy found at https://policies.google.com/privacy
Oh, and: The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website.
If you register for our free blog alert / newsletter services, the data requested from you for this purpose, i.e. your email address and, optionally, your name, etc. will be sent to us. We also store the IP address of your computer and the date and time of your registration. During the registration process, we will obtain your consent to receive this newsletter and the type of content it will offer, with reference made to this privacy policy. Obviously, the data collected will be used exclusively to send the newsletter and will not be passed on to third parties.
Important: We use Mailchimp, a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA, hereinafter referred to as “The Rocket Science Group”.
Through certification according to the EU-US Privacy Shield, the Rocket Science Group guarantees that it will follow the EU’s data protection regulations when processing data in the United States. In addition, the Rocket Science Group offers further information about its data protection practices here.
When The Rocket Science Group sends you an e-mail from us, said e-mail will also contain a tracking pixel called a web beacon. This pixel helps us evaluate whether and when you have read our newsletter and whether you have clicked any links contained therein. In addition to further technical data, such as data about your computer hardware and your IP address, the data processed will be stored so that we can optimize our newsletter and respond to the wishes of our readers/listeners. The data will therefore increase the quality and attractiveness of the newsletter (if we don’t misinterpret the data, that is… ahem).
The legal basis for sending the newsletter and the analysis is Art. 6 Para. 1 lit. a) GDPR.
You may revoke your prior consent to receive this newsletter under Art. 7 Para. 3 GDPR with future effect. All you have to do is inform us that you are revoking your consent, or click on the unsubscribe link contained in each newsletter.
We, too, use Matomo on our website. That’s is a web analytics service provided by the Matomo open source project.
With the help of Matomo, we are able to collect and analyze data on how you use our website. This enables us, among other things, to find out when which region you come from, which pages you’ve viewed, etc. We also collect various log files (e.g. on your IP address, referrer, browser and the operating system you use) and can measure whether you perform certain actions on our site (e.g. clicks, purchases, etc.).
But: We do use IP anonymization when analyzing with Matomo. Which means that your IP address will be shortened before the analysis, and can therefore no longer be clearly linked to you.
Oh, and: we host Matomo on our own server (using their wordpress plugin), which means that all our analysis data remain with us and are not passed on.
We use Matomo on the basis of Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in the anonymous analysis of user behavior in order to optimize both this website and its advertising (should we ever do any…). If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be withdrawn at any time.
Manage 'em all by clicking here (this will open our cookie consent box popup again. Who doesn't like a popup?)
In case not: don’t hesitate to reach out to unbillable hours’ data protection officer (Flo) at hello@unbillable-hours.com – or find him on social media: