IDAGIO Privacy Policy

At IDAGIO we place great value on maintaining a trusting relationship with our users, the protection of their personal data and their right to information self-determination. This Privacy Policy describes who is responsible for the collection, processing and use of personal data which we obtain from you via our website(s) and software applications such as our mobile and desktop applications (hereinafter jointly: “IDAGIO Software”), what personal data we collect, why we collect this data and what we do with your data. Personal data is all information concerning an identified or identifiable natural person. We will only collect, process and use your personal data in accordance with the principles set out below and in full compliance with applicable data protection legislation.

Contents

  • A. General information
    1. Data controller, data protector officer
    2. Definitions
    3. How we collect data
      1. Automated collection of data via Segment
      2. Automated collection of data via Amplitude
      3. Use of cookies and other stroage technology during use of our website and the IDAGIO services
    4. How we store data
    5. How long we store data
    6. Newsletter and email marketing
    7. Third-party tools used by us
      1. Papertrail
      2. Looker
      3. Braze
      4. Intercom
      5. Hockeyapp
      6. Sentry
      7. Appsflyer
    8. Recipients of personal data
    9. Rights of the data subject
    10. Amendments to our privacy policy
  • B. Collection, processing and use of personal data during use of our website for purely informational purposes
    1. Data collected automatically during use of website
      1. IP address and log files
      2. Google Analytics
      3. Doubleclick by Google
      4. Google Ads
      5. Facebook Custom Audience
    2. Contactin us
    3. Links to social media platforms
  • C. Collection, processing and use of personal data during registration for and use of our services
    1. Collection, processing and use of personal data during registration for a user account via our website
    2. Collection, processing and use of personal data when you set up a subscription via our website
    3. Collection, processing and use of personal data when you download our mobile and/or desktop application via third-party providers(e.g. app stores) and when you set up a user account and a subscription within the applications
    4. Collection, processing and use of personal data when you use our website and our mobile and/or desktop applications for the purposes of the technical provision of the IDAGIO service
    5. Collection, processing and use of personal data when you use our website or our mobile and/or desktop applications for the purpose of calculcating our usage based payments to our licensors
    6. Collection, processing and use of personal data when you use our website or our mobile and/or desktop applications for the purposes of improving our applications, the IDAGIO services and the content offered through them
    7. Collection, processing and use of personal data when you use our website or our mobile and/or desktop applications for the purposes of the interest-based presentation of the content and offers available via the IDAGIO services
    8. Collection, processing and use of personal data when you use our website or mobile and/or desktop applications for the purposes of answering questions or providing help with technical problems with the use or our website or mible and/or desktop applications
    9. Collection, processing and use of personal data when you click on links within our advertisements and pos on social media and other third-party sites as well as marketing emails and Newsletters

General Information

1. Data Controller, Data Protection Officer

The Controller as per Art. 4 (7) EU General Data Protection Regulation (GDPR) is IDAGIO GmbH, Tempelhofer Ufer 17, 10963 Berlin, Germany, info@idagio.com (“IDAGIO”, “we”, “us”). You can reach our Data Protection Officer at: privacy@idagio.com or at our postal address, marking any correspondence for the attention the "Data Protection Officer".

2. Definitions

Personal data is all information concerning an identified or identifiable natural person ("Data Subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Cookies are small text files which are stored locally, during each visit to a website, on the user's end device (e.g. PC, smartphone, tablet). They can contain a range of information about the end device used as well as about usage behaviour and are, upon reconnection, sent back to the cookie-setting web server with the aim of recognising a returning user and their settings.

GDPR is the abbreviation for REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL OF 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

3. How We Collect Data

During your use of our website and our IDAGIO services, we collect some data when you provide it to us (for example in the registration process or in direct communication with us). In addition, we collect a range of data automatically, as follows:

3.1 Automated Collection of Data via Segment

For the automated collection of some data during your use of the IDAGIO services via our website or our applications, we use the Segment service provided by Segment.io, Inc., 100 California Street, Suite 700, San Francisco, CA 94111, USA. Such data may be stored on Segment’s servers which are located outside the EU, in the USA. As far as the transfer of data to the USA is concerned, Segment is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework ), thus ensuring an adequate level of protection. Moreover, we have concluded a third-party data processing agreement with Segment. Under that agreement, Segment is obliged to protect our users’ data, to process it in accordance with and solely on our behalf. In particular, Segment is obliged not to pass such data to third parties without express instructions from us to do so. Segment’s privacy policy can be found here.

Automated Collection of Data via Amplitude

For the automated collection of some data during your use of the IDAGIO services via our website or our applications, we use the Amplitude service provided by Amplitude, Inc., 501 2nd Street, Suite 100, San Francisco, CA 94107, USA. Such data may be stored on Amplitude’s servers which are located outside the EU, in the USA. As far as the transfer of data to the USA is concerned, Amplitude is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework), thus ensuring an adequate level of protection. Moreover, we have concluded a third-party data processing agreement with Amplitude. Under that agreement, Amplitude is obliged to protect our users’ data, to process it in accordance with and solely on our behalf. In particular, Amplitude is obliged not to pass such data to third parties without express instructions from us to do so. Amplitude’s privacy policy can be found here.

3.3 Use of Cookies and Other Storage Technology During Your Use of Our Website and the IDAGIO Services

What are cookies?

When you use our website, open our emails or use our services online, we, or third parties duly authorised by us to do so, will sometimes use so-called “cookies”, text files which are stored on your computer and which enable your use of the website to be analysed, irrespective of whether you are registered with IDAGIO, have subscribed to IDAGIO services or not. Cookies are small text files which are stored on your hard drive and associated with the browser you use and through which certain information flows to the entity which set the cookie. Cookies cannot run any programmes or transfer viruses to your computer. Their purpose is to make the website as a whole more user-friendly and more effective. You can find more information about cookies here: www.allaboutcookies.org.

What are Cookies Used for?

Generally, cookies help make the website as a whole more user-friendly and more effective, make additional functions possible and allow the user of the cookies to learn more information about your visit to their website and the overall use of the website and services. For example, cookies enable their users to determine whether an end device has already visited a website before. Cookies also enable a website to be customised according to previous visits, if information regarding the previous behaviour of the user on the website or on a different website has been stored in the cookie. We use cookies, for example, to be able to identify you on return visits, should you have a user account with us. Otherwise, you would have to log in with each new visit.

Own Cookies and Third-party Cookies

Our services can place our own cookies as well as cookies from third parties duly authorised by us on your end device. Our own cookies help us to provide our services better and more efficiently and to be able to understand user behaviour on our website. Third-party cookies are stored on your end device by those third parties directly. We only allow such third parties to place their cookies on users’ end devices via our services. We have no control over the information and no access to the information which such cookies collect. The information is under the sole control of the respective third party, in accordance with their own data policies.

Types of Cookie

Our website uses the following types of cookie, the extent and mode of functioning of which are set out below:

  • Transient cookies
  • Persistent cookies

Transient cookies are automatically deleted when you close your browser. They include, in particular, session cookies. Session cookies store a so-called session-ID which allows different requests from your browser to be attributed to the same session. This enables your computer to be recognised if you return to our website. Session cookies are deleted when you log out or close your browser.

Persistent cookies are deleted automatically after a preset period of time which can differ from cookie to cookie. You can delete these cookies at any time using the security settings of your browser.

Association of cookie information with other data

If you have created an IDAGIO user account or subscribed to the IDAGIO services, we can associate the information collected via our cookies, in accordance with our Privacy Policy, with your personal data.

Cookies from third-party providers

The following third parties use cookies via our services:

4. How we store data

All data collected by us during your use of our website or our services is hosted with the following service providers, in accordance with the third-party processing agreement concluded with the respective service provider:

The servers of those service providers where we store data are located exclusively in the EU. All three service providers are certified under the EU-US Privacy Shield Framework, which ensures an adequate level of data protection for companies based in the USA.

5. How long we store data

Unless expressly stated otherwise in this Privacy Policy, we will only store your data for as long as is required to fulfil the respective purpose of the processing.

After expiry of your subscription, we must retain your usage data in part to fulfil our internal contractual obligations as such data is required, in particular, to verify the calculation of our usage related payments to our licensors. This billing is based on the subscription fee paid in each case as well as usage related and country specific. After expiry of your subscription, however, we block your data for all purposes other than the aforementioned and erase it after expiry of the retention period, provided no further statutory retention periods apply.

6. Newsletter and email marketing

a) Explanation and purpose of the processing:

You have the opportunity to subscribe to our newsletter. In the newsletter, we inform you about current content available on the IDAGIO services, product features and offers which could be of interest to you.

Prior to registering you for a newsletter subscription, we obtain your consent by way of a so-called double opt-in process. This means, after we receive a subscription request from you, we send an email to the specified email address, in which we ask for confirmation that you wish to receive the newsletter. If you do not confirm your subscription request, the data submitted in the respective request is erased or is stored for other purposes, where a legal basis or obligation for continued storage exists. In addition, we store the IP addresses you used as well as the times of the request and the confirmation. The purpose of the process is to verify your request and, if necessary, to be able to investigate a possible abuse of your personal data.

The only mandatory information required to receive the newsletter is your email address. After you have provided confirmation, we will store your email address for the purpose of sending the newsletter.

The newsletter is sent using the service provider, Braze. The email addresses of the recipients of our newsletter as well as their other data described in the scope of this Policy, are stored on Braze’s servers in the EU or in the USA. More information on the Braze service can be found in Part A, Section 7.3. We also use the AppsFlyer service for the purposes of newsletter tracking, as described below. Further information on the AppsFlyer service can be found in Part A, Section 7.7.

Our newsletters contain a so-called “web beacon”. This is normally a single pixel sized file which is accessed from the Braze and Appsflyer servers when the newsletter is opened. When the file is requested, firstly technical information is collected, such as information regarding the browser and your system as well as your IP address and the time of the request. This information is used to improve the content and technical delivery of the services using the technical data or the target groups and their usage behaviour. The data collected also includes a determination as to whether the newsletter has been opened, when it is opened and which links are clicked on.

b) Legal basis

The legal basis for the sending of the newsletter is your consent, granted to us, Art. 6 (1) first sentence, (a) GDPR.

You can revoke your consent to receive the newsletter and unsubscribe from the newsletter at any time. You can revoke your consent by clicking on the link provided in every newsletter, by email to contact@idagio.com, or by sending a message via the contact details provided on the imprint page.

The aforementioned collection and analysis of data as well as the recording of the registration procedure is carried out on the basis of Art. 6 (1) first sentence, (f) GDPR. The legitimate interest is in sending our users a user-friendly, secure newsletter, tailored to their interests and to protect ourselves by obtaining legally valid consents.

c) Text of the declaration of consent

I hereby consent to IDAGIO contacting me via the email address I have provided, in order to inform me regularly about current content on the IDAGIO service, as well as product features and IDAGIO offers. You can revoke your consent at any time (e.g. by email to contact@idagio.com or via the unsubscribe link in every newsletter), with effect for the future. You can find more information here in Part A Section 6 Newsletter and Email Marketing.

7. Third-party tools used by us

When providing our services, we use a range of tools from third parties some of which we use to process personal data. We provide an overview of these tools below. We also advise you of the use of particular tools for specific purposes at the respective points in this Privacy Policy.

7.1 Papertrail

In order to create and archive log files, we use the tool Papertrail from SolarWinds Worldwide, LLC, 7171 Southwest Parkway, Bldg 400, Austin, Texas 78735, USA, on the basis of a third-party processing agreement. Such data may be stored on Papertrail’s servers which are located outside the EU. As far as the transfer of data to the USA is concerned, Papertrail is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework) and is thus committed to adhering to EU data protection rules. Moreover, we have concluded a third-party data processing agreement with Papertrail. Under that agreement, Papertrail is obliged to protect our users’ data, to process it in accordance with and on our behalf. In particular, Papertrail is obliged not to pass such data to third parties without express instructions from us to do so. You can find the privacy policy of Papertrail (SolarWinds Worldwide, LLC) here.

7.2 Looker

For the statistical analysis of usage data, we use the tool LOOKER from Looker Data Sciences, Inc., 101 Church Street, 4th Floor, Santa Cruz, CA 95060, USA, on the basis of a third-party processing agreement. LOOKER does not collect any data itself rather it uses the data provided by us for statistical analysis purposes. The servers on which LOOKER stores data are located in the EU. As far as any possible transfer of data to the USA is concerned, LOOKER is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework) and is thus committed to adhering to EU data protection rules. Moreover, we have concluded a third-party data processing agreement with LOOKER. Under that agreement, LOOKER is obliged to protect our users’ data, to process it in accordance with and on our behalf. In particular, LOOKER is obliged not to pass such data to third parties without express instructions from us to do so. You can find LOOKER’s privacy policy here.

7.3 Braze

To collect and analyse usage data, to create and allocate users to interest groups and the resulting provision of interest-based content, we use the tool Braze from Braze Inc., 318 West 39th Street, 5th Floor, New York, NY 10018, USA, on the basis of a third-party processing agreement with the provider. Such data may be stored on Braze’s servers which are located in the USA. We have concluded a third-party data processing agreement with Braze. Under that agreement, Braze is obliged to protect our users’ data, to process it in accordance with and on our behalf. In particular, Braze is obliged not to pass such data to third parties without express instructions from us to do so. You can find Braze’s privacy policy here.

7.4 Intercom

To communicate with our customers within our IDAGIO services by email or in-app communication, we use the tool Intercom from Intercom, Inc., a Delaware corporation with offices at 55 2nd Street, 4th Fl., San Francisco, CA 94105, USA on the basis of a third-party processing agreement with the provider. In this context, data may be stored on Intercom’s servers in the USA. As far as any possible transfer of data to the USA is concerned, Intercom is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework) and is thus committed to adhering to EU data protection rules. We have concluded a third-party processing agreement with Intercom. Under that agreement, Intercom is obliged to protect our users’ data, to process it on our behalf. In particular, Intercom is obliged not to pass such data to third parties without express instructions from us to do so. You can find Intercom’s privacy policy here.

7.5 Hockeyapp

To register and document technical faults in connection with the use of our IDAGIO services via our app, we use the tool Hockeyapp from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, on the basis of a third-party processing agreement with the provider. Such data may be stored on the servers of Hockeyapp (Microsoft Corporation) which are located outside the EU. As far as the transfer of data to the USA is concerned, Hockeyapp (Microsoft Corporation) is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework) and is thus committed to adhering to EU data protection rules. Moreover, we have concluded a third-party data processing agreement with Hockeyapp (Microsoft Corporation). Under that agreement, Hockeyapp (Microsoft Corporation) is obliged to protect our users’ data, to process it in accordance with and on our behalf. In particular, Hockeyapp (Microsoft corporation) is obliged not to pass such data to third parties without express instructions from us to do so. You can find the privacy policy of Hockeyapp (Microsoft Corporation) here.

7.6 Sentry

To register and document technical faults in connection with the use of our IDAGIO services via our website, we use the tool Sentry from Functional Software, Inc., 132 Hawthorne St, San Francisco, CA 94107, USA (“Sentry”) on the basis of a third-party processing agreement with the provider. Such data may be stored on Sentry’s servers which are located outside the EU. As far as the transfer of data to the USA is concerned, Sentry is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework) and is thus committed to adhering to EU data protection rules. Moreover, we have concluded a third-party data processing agreement with Sentry. Under that agreement, Sentry is obliged to protect our users’ data, to process it in accordance with and on our behalf. In particular, Sentry is obliged not to pass such data to third parties without express instructions from us to do so. You can find Sentry’s privacy policy here.

7.7 Appsflyer

To track the use of our newsletter, we use the service AppsFlyer from AppsFlyer Ltd., 111 New Montgomery St, San Francisco, CA 94105, USA, on the basis of a third-party processing agreement with the provider. Such data may be stored on Appflyer’s servers which are located outside the EU. As far as the transfer of data to the USA is concerned, AppsFlyer is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework) and is thus committed to adhering to EU data protection rules. Moreover, we have concluded a third-party processing agreement with Appsflyer. Under that agreement, Appsflyer is obliged to protect our users’ data, to process it in accordance with and on our behalf. In particular, Appsflyer is obliged not to pass such data to third parties without express instructions from us to do so. You can find Appsflyer’s privacy policy here.

8. Recipients of personal data

In some cases, we engage external service providers to process your data. Contractual agreements for specific-purpose third-party data processing exist with the following service providers, who, as recipients (according to the definition in Art. 4 No. 8 GDPR), process personal data it as (third-party) processors in compliance with the provisions of Art. 28 GDPR:

  • Amazon Web Services, Inc. 410 Terry Avenue North Seattle WA 98109, USA (web hosting). You can find the respective privacy policy here.
  • Amplitude, Inc., 501 2nd Street, Suite 100, San Francisco, CA 94107, USA (customer targeting). You can find the respective privacy policy here.
  • Apple App Store (Apple Inc.) One Apple Park Way, Cupertino, CA 95014, USA, (distribution of mobile and/or desktop applications). You can find the respective privacy policy here.
  • AppsFlyer Ltd. 111 New Montgomery St, San Francisco, CA 94105, United States (tracking marketing). You can find the respective privacy policy here.
  • Braze, Inc., 318 West 39th Street, 5th Floor, New York, NY 10018, USA (customer targeting, email service provider). You can find the respective privacy policy here.
  • DigitalOcean, LLC, 101 Avenue of the Americas, 10th Floor, New York, NY 10013, USA (web hosting). You can find the respective privacy policy here.
  • Google Analytics (Google, Inc.) 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (web analysis). You can find the respective privacy policy here.
  • Google Play Store (Google, Inc.) 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (distribution of mobile and/or desktop applications). You can find the respective privacy policy here.
  • Heroku, Salesforce, The Landmark @ 1 Market St., Suite 300, San Francisco, CA 94105, USA (web hosting). You can find the respective privacy policy here.
  • Hockeyapp (Microsoft Corporation) One Microsoft Way, Redmond, WA 98052-6399, USA (technical fault reporting). You can find the respective privacy policy here.
  • Intercom, Inc., a Delaware corporation with offices at 55 2nd Street, 4th Fl., San Francisco, CA 94105, USA (customer communication). You can find the respective privacy policy here.
  • Looker Data Sciences, Inc., 101 Church Street, 4th Floor, Santa Cruz, CA 95060, USA (analysis, usage analysis). You can find the respective privacy policy here.
  • Papertrail (SolarWinds Worldwide, LLC) 7171 Southwest Parkway, Bldg 400, Austin, Texas 78735, USA (usage analysis). You can find the respective privacy policy here.
  • Segment.io, Inc., 100 California Street, Suite 700, San Francisco, CA 94111, USA (data processing). You can find the respective privacy policy here.
  • Sentry, (Functional Software, Inc.(132 Hawthorne St, San Francisco, CA 94107, USA (technical fault reporting). You can find the respective privacy policy here.
  • Stripe, Inc. 185 Berry Street, Suite 550, San Francisco, CA 94107, USA (payment transactions). You can find the respective privacy policy here.

9. Rights of the data subject

a) You have the right to request confirmation from us on whether we are processing personal data concerning you. If this is the case, you have a right to information regarding this personal data (Art. 15 GDPR in conjunction with Sec. 34 BDSG (German Federal Data Protection Act)). This does not apply if

  • the data is only stored because it may not be deleted due to data retention rules set out in the law or the company statutes or
  • the storage is for the sole purpose of backing up data or data protection monitoring

and the provision of information would require a disproportionate cost and effort and any processing for other purposes has been excluded using appropriate technical and organisational measures.

b) You also have the right to request that inaccurate personal data be rectified and where applicable - taking into account the purposes of the processing - incomplete personal data be completed, including by means of a supplementary statement (Art. 16 GDPR). Moreover, in the cases set out in Art. 17 (1) (a) to (f) GDPR, you have the right to erasure of personal data provided none of the exceptions under Art. 17 (3) GDPR applies, as well as a right to restriction of processing in the cases set out in Art. 18 (1) GDPR. There is also a right to have data portability ensured in the cases laid out in Art. 20 (1) GDPR.

c) You have the right to lodge a complaint with the supervisory authority if you consider that the processing of personal data relating to you infringes the GDPR.

d) The right to object to processing on the basis of legitimate
To the extent the processing of data is based on Art. 6 (1) (f) GDPR ("legitimate interests"), you have the right to object at any time, for reasons related to your particular situation, to the processing of personal data concerning you. If you exercise your right to object, this can lead to you only being able to use our overall website or individual services or functions in a limited manner, or not at all.

e) To exercise your rights as a Data Subject, please contact IDAGIO GmbH - FAO The Data Protection Officer - Tempelhofer Ufer 17, 10963 Berlin or privacy@idagio.com.

10. Amendments to our privacy policy

In order to improve and continue to develop the IDAGIO services and the IDAGIO software for you, we may amend this Privacy Policy at our discretion, for example if we use new technology or introduce new services. We will send you a clear notification of any such amendments in a manner appropriate to the circumstances, for example a conspicuous message within the IDAGIO services or by email. Should you decide you no longer wish to use the IDAGIO services under the new Privacy Policy, you can terminate the agreement by sending us a corresponding notification within the stated time period in text form (e.g. by email to contact@idagio.com or by letter).

B. Collection, processing and use of personal data during use of our website for purely informational purposes

1. Data collected automatically during use of our website

1.1 IP addresses and log files

a) Explanation and purpose of the processing

As far as use of our website for purely information purposes is concerned, namely if you do not register or otherwise send us information, we automatically process the following information which your browser sends to our server:

  • the IP address of your computer or other end device (e.g. tablet PC or smartphone)
  • URL data
  • Date and time of your request
  • Access status/HTTP status code
  • Information as to how you arrived at our website
  • Information as to which search engine and what search terms you used to reach our website
  • Information about the devices which you used our IDAGIO services with: individual device ID, browser type, browser version, individual device ID, screen resolution and operating system
  • Volume of data transferred

The IP address and information on the request(s) from your internet browser are necessary, for technical reasons, for you to visit and use the website; without this data being processed, websites cannot be accessed and webpages cannot be displayed.

In addition, the above mentioned data will be processed by us for the following purposes:

  • Ensuring a smooth connection to the website can be made,
  • Ensuring our website can be used in a convenient manner,
  • Analysis of system security and stability and
  • Other administrative purposes.

To collect the data, we use the service Segment, which in turn collects the data through cookies. More information on the Segment service can be found in Part A, Section 3.1. You can find more information in Part A, Section 3.3.

You can prevent cookies being stored through corresponding settings in your browser software; we would, however, make you aware that in this case you may not be able to use all functions of our website in full.

b) Legal basis:

The legal basis is Art. 6 (1) first sentence, (f) GDPR. The legitimate interest in processing the relevant data is that it makes accessing the website technically possible, optimises how the content is displayed for the user and enables the future improvement/optimisation of the IDAGIO services and the content available there.

1.2 Google Analytics

a) Explanation and purpose of the processing:

We use Google Analytics on our websites, a web analytics tool from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses "cookies" which are stored on your PC and which enable an analysis of your use of the website. The information generated by the cookie includes, for example, browser type/version, operating system used, screen resolution, referrer URL (the website visited prior to this one), anonymised IP address of the computer used to access the website, time spent on individual pages, time of server request, time spent on individual pages, files downloaded, videos watched, advertising banners clicked on, active orders, sequence of clicks etc. You can find more information on the cookies used by Google here.

This information could, in some circumstances, be transmitted to one of Google's servers in the USA and stored there. Google has committed to complying with the Privacy Shield agreement, published by the US Department of Commerce, between the EU and the USA regarding the collection, use and storage of personal data from EU Member States.

We use Google Analytics on our websites with an IP anonymisation tool. With this tool, your IP address recorded by Google Analytics is, in Member States of the European Union or in other states which are party to the Agreement on the European Economic Area, first abbreviated by Google and thus transmitted in anonymised form.

Google uses the information collected on our behalf on the basis of a contractual agreement entered into between Google and ourselves, in order to statistically evaluate the use of the website for us in aggregated form, to create reports on the website activities and behaviour of users on our website and to provide us with other analysis services related to the website and its use. These reports assist us in designing our website and content according to the needs of users and in continuously improving it. The IP address transmitted by your browser in the scope of Google Analytics is not associated with other data from Google.

We also use Google Analytics to analyse visitor streams across devices. This is performed in pseudonymous form on the basis of random user IDs assigned by us (Universal Analytics). You can deactivate the cross-device analysis of your use in the settings of your Google user account under “Privacy Settings”.

The maximum retention period we have chosen for data associated with cookies or user IDs and advertising IDs is 14 months. After this time period has expired, the data will be automatically deleted.

b) Prevention of storage of cookies:

You can prevent cookies being stored by adjusting your browser settings accordingly; moreover, you can delete stored cookies using your browser. Preventing or deleting cookies may render, in some circumstances, the use of certain functions of the website impossible or inconvenient.

In addition, you can deactivate the Google Analytics function using a browser add-on which you can download here: https://tools.google.com/dlpage/gaoptout. To do this, you must install that browser add-on on all devices you use. This prevents the analysis information from being sent to Google. Alternatively, you can set a so-called opt-out cookie by clicking on the link which prevents data being collected by Google Analytics in future. Please note, however, that on deleting cookies in your browser settings, this opt-out cookie will also be deleted and must be set once more. You can deactivate the tracking via the Google Analytics cookies here.

c) Further information on Google Analytics:

Comprehensive information from Google on data processing in connection with Google Analytics can be found here.

d) Legal basis:

The legal basis for the use of Google Analytics is Art. 6 (1) first sentence (f) GDPR. The legitimate interest in processing the data is to analyse usage data and, on the basis of the knowledge gained, identify and remedy errors and to optimise the design of our website, including in relation to increasing the conversion rate.

The legal basis for the cross-device analysis of visitor streams via Google Analytics is the consent you grant to us in our cookie banner upon first visit to our website (Art. 6 (1) first sentence (a) GDPR). You can revoke your consent at any time, for example by notifying us by email to privacy@idagio.com, with effect for the future or you can deactivate the cross-device analysis of your use in the settings of your Google user account under “My data”, “Personal Data”.

e) Right to Object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. See Part A Section 9.

f) Text of the declaration of consent

This website uses the service DoubleClick and other remarketing tools of the companies Google Inc. and Facebook Inc. in order to record your usage behaviour, in part across devices, using cookies and other technologies in order to present you with tailored advertising or to track the success of our own advertising. By continuing to use our website, you agree to that. You can revoke your consent at any time with effect for the future. You can find more information here https://www.idagio.com/privacy in Part B Sections 1.1 - 1.4.

1.3 Doubleclick by Google

a) Explanation and purpose of the processing:

We use the service DoubleClick on our websites as well as other remarketing tools from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

DoubleClick and the other remarketing tools from Google use cookies, on the basis of the consent which we obtain from you via a banner displayed the first time you visit our website, in order to present you with advertising relevant to you. For this process, your browser is assigned a pseudonymised identification number (ID) in order to record your usage behaviour. The cookie enables Google and its partner websites to place advertisements, based on your previous visits to our website or other websites, which are tailored to your usage behaviour and which should therefore match your interests. The cookies do not contain any other information about your person. The information generated by the cookies is transferred by Google for analysis to a server in the USA and stored there. Any transfer of data by Google to third parties is always performed in line with statutory rules or in the scope of the data processing. Under no circumstances will Google associate your data with other data collected by Google.

The processing of your data in connection with DoubleClick is performed on the basis of your consent. You can revoke your consent at any time by blocking the storage of DoubleClick cookies as explained below. Revoking consent has no influence on the legitimacy of the processing carried out on the basis of the consent prior to the revocation.

b) Prevention of storage of cookies:

You can prevent cookies being stored by adjusting your browser settings accordingly; moreover, you can delete stored cookies using your browser. Preventing or deleting cookies may render, in some circumstances, the use of certain functions of the website impossible or inconvenient.

In addition, you can deactivate the DoubleClick function using a browser add-on which you can download here. To do this, you must install that browser add-on on all devices you use. This prevents the analysis information from being sent to Google. Alternatively, you can deactivate the DoubleClick cookies on the website of the Digital Advertising Alliance using the following link, which enables you to set a so-called opt-out cookie. Please note, however, that on deleting cookies in your browser settings, this opt-out cookie will also be deleted and must be set once more.

c) Further information on DoubleClick:

You can find comprehensive information from Google on data processing in connection with DoubleClick and other Google remarketing tools here.

d) Legal basis:

The legal basis for the use of DoubleClick and the other Google remarketing tools is your consent granted to us, Art. 6 (1) first sentence, (a) GDPR. You can revoke your consent at any time, for example by notifying us by email to privacy@idagio.com, with effect for the future or you can prevent tracking as described under point (c).

e) Text of the declaration of consent

This website uses the service DoubleClick and other remarketing tools of the companies Google Inc. and Facebook Inc. in order to record your usage behaviour, in part across devices, using cookies and other technologies in order to present you with tailored advertising or to track the success of our own advertising. By continuing to use our website, you agree to that. You can revoke your consent at any time with effect for the future. You can find more information here https://www.idagio.com/privacy in Part B Sections 1.1 - 1.4.

Google Ads

a) Explanation and purpose of the processing:

We use Google Ads conversion tracking on our website, a tracking tool from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

Whenever you click on an advertisement displayed by Google, a cookie is stored on your computer for conversion tracking purposes. These cookies expire after 30 days and do not contain any personal data. If you arrive on our website via an advertisement displayed by Google, this enables Google and us to know that you have clicked on the advertisement and have thus been forwarded to this site. The information obtained with the aid of the conversion cookie serves the purposes of compiling conversion statistics for Google Ads customers in order to track the effectiveness of certain advertisements. These tell us the total number of users who have clicked on their advert and been forwarded to a particular page. However, we do not receive any information on individual users and their behaviour which we are able to trace back to a particular user.

b) Prevention of storage of cookies:

You can prevent cookies being stored by adjusting your browser settings accordingly; moreover, you can delete stored cookies using your browser. Preventing or deleting cookies may render, in some circumstances, the use of certain functions of the website impossible or inconvenient.

Alternatively, you can set your browser such that only cookies from third parties or only cookies from the domain “googleadservices.com” are blocked.

You can deactivate the tracking via the Google Ads cookie here.

c) Further information on Google Ads tracking:

You can find comprehensive information from Google on data processing in connection with Google Ads conversion tracking here.

d) Legal basis:

The legal basis for the use of Google Ads conversion tracking is Art. 6 (1) first sentence, (f) GDPR. The legitimate interest in processing the data is to analyse the success of our Google Ads and, on the basis of the knowledge gained, to optimise the design of our adverts, including in relation to increasing the conversion rate.

e) Right to Object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. For more on this, see below (Part A Section 9, d): "Rights of the Data Subject"). You can also prevent Google Ads conversion tracking by taking the steps described in point b).

1.5 Facebook Custom Audience

a) Explanation and purpose of the processing:

On our websites, we use remarketing tools from Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).

In this context, Facebook collects data, using a JavaScript code (“Facebook Pixel”) about users’ behaviour on websites on which the Facebook Pixel has been embedded. In this way, for example, the behaviour of users can be tracked after they have clicked on a Facebook advertisement and been forwarded to the respective advertiser’s website. This process helps us to analyse statistically the effectiveness of the advertising we purchase from Facebook and to optimise our advertising. If you have a Facebook account, Facebook might associate this data with your account and can thus create a direct connection to you. In the context of the data collection by the Facebook Pixel, data is sent to Facebook’s servers in the USA. As far as the transfer of data to the USA is concerned, Facebook is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework), thus ensuring an adequate level of protection. More information about the collection and use of data by Facebook and your rights and options to protect your privacy in this respect can be found in the Facebook data policy at https://www.facebook.com/about/privacy/.

The processing of your data in connection with Facebook is performed on the basis of your consent. You can revoke your consent at any time by blocking Facebook Pixels. Revoking consent has no influence on the legitimacy of the processing carried out on the basis of the consent prior to the revocation.

b) Prevention of storage of cookies:

You can prevent cookies being stored by adjusting your browser settings accordingly; moreover, you can delete stored cookies using your browser. Preventing or deleting cookies may render, in some circumstances, the use of certain functions of the website impossible or inconvenient.

You can deactivate the tracking via the Facebook Pixel here. If you have a Facebook account, you can alternatively deactivate the tracking here, however for this purpose you need to log into your account.

c) Further information on the Facebook Pixel:

Comprehensive information from Facebook on data processing in connection with the Facebook Pixel can be found here.

d) Legal basis:

The legal basis for the use of the Facebook Pixel is your consent granted to us, Art. 6 (1) first sentence, (a) GDPR.

e) Text of the declaration of consent:

This website uses the service DoubleClick and other remarketing tools of the companies Google Inc. and Facebook Inc. in order to record your usage behaviour, in part across devices, using cookies and other technologies in order to present you with tailored advertising or to track the success of our own advertising. By continuing to use our website, you agree to that. You can revoke your consent at any time with effect for the future. You can find more information here https://www.idagio.com/privacy in Part B Sections 1.1 - 1.4.

2. Contact us

a) Explanation and purpose of the processing:

When you contact us directly without already being a customer of ours, we collect the information which you voluntarily provide to us (e.g. email address, address and other contact details). We use this data to allocate, process and respond to enquiries as well as to store them until such a time as your matter has been completely dealt with. The communication with you may be subject to statutory retention periods and must, if this is the case, be retained by us in line with the legal requirements even after the communication with you has ended. In this case, after the communication has ended, the information contained therein will be blocked for any additional processing beyond that.

Legal basis:

The legal basis for the processing is Art. 6 (1) first sentence (f) GDPR. The legitimate interest in the processing is in the handling and answering of your enquiries as well as in enabling us to offer a contact possibility to users of our website.

c) Right to object

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. For more on this, see below, Part A Section 9, d) “Rights of the Data Subject”)

3. Link to social media platforms

On our website, we link to our company pages on the following companies' social media platforms:

Please note, in the event that you visit these linked sites, information may be collected and processed by the respective platform provider, which may be associated with your respective user account and stored and used according to the data policy of the respective platform operator. Please take time to find out about the manner and extent of data use by the relevant platform operator before visiting the linked sites.

C. Collection, processing and use of personal data during registration for and use of our service

1. Collection, processing and use of personal data during registraition for a user account via our website

a) Explanation and purpose of the processing:

When you register on our website or via our mobile and/or desktop applications and set up a user account, you provide information to us which we store in your customer account:

  • Your email address
  • Your password

We use this data to perform the contract concluded with you through means of your registration and to provide our contractual services e.g. in connection with any subsequent subscription.

b) Legal basis:

The legal basis for the processing is Art. 6 (1) first sentence (b) GDPR.

2. Collection, processing and use of personal data when you set up a subscription via our website

a) Explanation and purpose of the processing:

When you set up a paid subscription via your user account, which entitles you to use the IDAGIO services and the content provided, we also collect the following information which is associated with your user account:

  • Type, date, number and status of your subscription
  • Your subscription fee including currency information

We collect and use this data to perform the contract concluded with you and to provide and bill our contractual services. We also require the data regarding your subscription in order to comply with our own contractual accounting obligations towards our licensors. To this end, we generate a random user ID for your account to enable us to produce the respective accounting reports without disclosing information regarding your person. This data is stored by us for as long as is required to fulfil the respective purpose of the processing. After expiry of your subscription, we must retain this data to fulfil our internal contractual obligations for a period of two years, as such data is required, in particular, to verify the calculation of our usage related payments to our licensors. After that period, the data is erased. We install a block to duly limit any use of such data.

In addition, you supply us with the following information to set up a subscription, in order to enable us to collect payment for the subscription:

  • Your payment information, including credit or debit card number and other card information (together: “Payment Details”)

To process the payment for your subscription, we use the payment services provider STRIPE, Inc., 185 Berry Street, Suite 550, San Francisco, CA 94107, USA. The processing of payments for European customers is performed via the European subsidiary, STRIPE Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland. Your Payment Details are sent directly to the payment services provider STRIPE but not to us. Accordingly, this data is not stored by us. STRIPE communicates the last four digits of your credit or debit card number as well as the expiry date of the card to us. These digits can be displayed in your user account so that you can check at any time which payment method you are using to pay for your subscription. The sharing of your data takes place exclusively for the purposes of the payment processing with STRIPE Payments Europe Ltd. We are not involved in the further processing of payments via STRIPE. The data controller for the further payment processing is STRIPE Payments Europe Ltd. For cases in which personal data has to be transferred to the USA, STRIPE Inc. is certified under the US-EU data protection agreement “Privacy Shield” (https://www.privacyshield.gov/EU-US-Framework) and is thus committed to ensuring an appropriate level of data protection. You can find more information on STRIPE’s data policy here.

b) Legal basis:

The legal basis for the processing is Art. 6 (1) first sentence (b) GDPR.

3. Collection, processing and use of personal data when you download our mobile and/or desktop applications via third-party providers (e.g. app stores)and when you seet up a user account and a subscription within the applications

a) Explanation and purpose of the processing:

You can download our mobile and/or desktop applications via the services of third parties (e.g. Apple App Store, Google Play Store). When you download the mobile app, information about your person may be collected by the respective app store. We have no influence on this collection of data and are not responsible for it. The controller for this data processing is the respective app store operator.

You can find the data policy of Google (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) here.

You can find the data policy of Apple (Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA) here.

When you download our app and install it on your end device, we assign you a randomly generated USER ID. When you subsequently set up a subscription within the applications for the IDAGIO services, we collect the following information directly via the app store provider, which is then associated with your USER ID:

Google Play Store
  • Your customer ID issued by the Google Play Store
  • The country which your Payment Details have to be allocated to, which you communicated to the Google Play Store
Apple App Store
  • The country which your Payment Details have to be allocated to, which you communicated to the Apple App Store

This data is required by us to perform the contract concluded with you and is used by us in order to be able to allocate the payment made by you direct via the app store to the subscription set up with us. We also require the data regarding your subscription in order to comply with our own contractual accounting obligations towards our licensors. To this end, we generate a random user ID for your account to enable us to produce the respective accounting reports without disclosing information regarding your person.

This data is stored by us for as long as is required to fulfil the respective purpose of the processing. After expiry of your subscription, we must retain this data to fulfil our internal contractual obligations for a period of two years, as such data is required, in particular, to verify the calculation of our usage related payments to our licensors. After that period, the data is erased. We install a block to duly limit any use of such data.

The payment for a subscription set up within our application is processed directly via the respective app store provider on the basis of the contract concluded between you and that provider. Your Payment Details are not disclosed to us.

Legal basis:

The legal basis for the processing is Art. 6 (1) first sentence (b) GDPR.

4. Collection, processing and use of personal data when you use our website and our mobile and/or desktop application for the purpose of the tchnical provision of the IDAGIO services

a) Explanation and purpose of the processing:

When you use our website or our mobile and/or desktop applications, we process the following personal data automatically:

  • the IP address of your computer or other end device (e.g. tablet PC or smartphone)
  • Information about the devices which you used our IDAGIO services with: type of device, individual device ID and operating system

The IP address as well as information about your devices are technically required for the retrieval and use of the website and the mobile and/or desktop applications. Without the processing of this data, the website and the mobile and/or desktop applications cannot be accessed and they cannot be displayed.

If you use an end device which runs on the iOS operating system (Apple end devices), in place of the device ID, we use the so-called “Advertising Identifier” (IDFA). This is a unique but non-personalised and non-permanent identification number for a particular end device and is provided by iOS. We use this IDFA only as a device identifier but not to provide you with personalised advertising. You can activate the option “Limit Ad Tracking” in the iOS settings under “Privacy” - “Advertising” in order to prevent the IDFA being sent to us. You can delete the IDFA in the device settings at any time (“Reset Advertising Identifier”). By doing so, a new IDFA is generated which is not associated with the previously collected data. We would note that you might not be able to use all of the functions of our app if you make use of the option to limit the IDFA.

In addition, we assign you an internal user ID for the purposes of managing your user account. This user ID also enables us to de-link certain personal information in the scope of some data processing procedures, in particular those involving third parties (e.g. in the scope of the billing process with our licensors).

In addition, the user ID and IP address are processed by us for the following purposes:

  • Ensuring a smooth connection to our website and our mobile and/or desktop applications
  • Ensuring the comfortable use of our website and our mobile and/or desktop applications
  • Analysis of system security and stability
  • For other administrative purposes in the scope of providing our service.

You can find more information on how we collect this data in Part A, Section 3. To process and structure this data in logfiles, we use the service Papertrail. More information on the Papertrail service can be found in Part A, Section 7.1.

b) Legal basis:

The legal basis is Art. 6 (1) first sentence (f) GDPR. The legitimate interest in the processing is in technically enabling the retrieval of the IDAGIO services, ensuring a comfortable use of our services and ensuring system security and stability.

c) Right to Object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. For more on this, see below (Part A Section 9, d): "Rights of the Data Subject")

Collection, processing and use of personal data when you use our website or our mobile and/or desktop applications for the purposes of calculating our usage based payments to our licensors

a) Explanation and purpose of the processing:

When you use our website or mobile and/or desktop applications, we collect the following personal data automatically:

  • The IP address of your computer or other end device (e.g. tablet PC or smartphone)
  • Type, date, number and status of your subscription
  • Your subscription fee including currency information
  • Date and time of use
  • What content you have used and stored
  • Information about the devices which you used our IDAGIO services with: type of device, individual device ID and operating system
  • Which language version has been selected

You can find more information on how we collect this data in Part A, Section 3. To process and structure this data in logfiles, we use the service Papertrail. More information on the Papertrail service can be found in Part A, Section 7.1.

For the purposes of calculating our usage based payments to our licensors, we only disclose to such licensors the user ID assigned by us, the type, date, number and status of your subscription, your subscription fee including currency information, the country in which you set up your IDAGIO subscription (determined on the basis of your IP address), the date and time of use, which content you used. It is therefore not possible for our licensors to associate this data with your person.

b) Legal basis:

The legal basis for the processing is Art. 6 (1) first sentence (f) GDPR. The processing of this data is necessary for us to perform our internal contractual obligations.

c) Right to Object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. For more on this, see below (Part A Section 9, d): "Rights of the Data Subject")

6. Collection, processong and use of personal data when you use our website or our mobile and/or desktop applications for the purposes of improving our applications the IDAGIO services and the content offered through them

a) Explanation and purposes of the processing:

When you use our website or our mobile and/or desktop applications, we process the following personal data automatically:

  • The IP address of your computer or other end device (e.g. tablet PC or smartphone)
  • Customer ID issued by the Google Play Store
  • Type, date, number and status of your subscription
  • Your subscription fee including currency information
  • Date and time of use
  • What content you have used and stored
  • Information about the devices which you used our IDAGIO services with: type of device, individual device ID and operating system
  • Your navigation behaviour within the IDAGIO services
  • Which language version has been selected

We use this data in order to evaluate and analyse the use of our IDAGIO services and our website statistically and, on the basis of the information thereby obtained, to improve our products technically and in terms of content, to identify and remedy errors and weaknesses and to improve the user-friendliness of our IDAGIO services.

You can find more information on how we collect this data in Part A, Section 3. To process and structure this data in logfiles, we use the service Papertrail. More information on the Papertrail service can be found in Part A, Section 7.1. To evaluate this data statistically, we use the service Looker. More information on the LOOKER service can be found in Part A, Section 7.2.

Legal basis:

The legal basis is Art. 6 (1) first sentence (f) GDPR. The legitimate interest in the processing is in the technical analysis of the use of our services in order to enable us to improve our services technically and in terms of content.

Right to Object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. For more on this, see below (Part A Section 9, d): "Rights of the Data Subject")

7. Collection, processing and use of personal data when you use our website or our mobile and/or desktop applications for the purposes of the interest-based presentation of the content and offers available via the IDAGIO services

a) Explanation and purpose of the processing:

When you use our website or our mobile and/or desktop applications, we process the following data about your use of our website and services automatically:

  • Email address
  • The IP address of your computer or other end device (e.g. tablet PC or smartphone)
  • Type, date, number and status of your subscription
  • Your subscription fee including currency information
  • Date and time of use
  • What content you have used and stored
  • Information about the devices which you used our IDAGIO services with: type of device, individual device ID and operating system
  • Your navigation behaviour within the IDAGIO services (click paths)
  • Which language version has been selected
  • Tokens and IDs for push notifications

This data is analysed by us and stored with your user account. We process this data in order to suggest, on the basis of the content you have used, additional content to you which you might like. The allocation of such content is partly automated in that we, for example, allocate you to certain user groups on the basis of your previous use. Such groups are then shown and recommended content according to the attributes assigned to the group.

In connection with the offer of interest-based content, we also use your email address (if you have consented to being contacted by email (on this point, see Part C, Section 9)) as well as tokens and IDs for push notifications (if you have allowed push notifications in the settings on your device) in order to send you content offered in this context as push notifications, in-app messages or by email. In this context, we also collect data about how individual users act upon receiving these notifications and whether the links contained in the respective messages are clicked on (“Conversion Tracking”) in order to enable us to recommend more targeted content to you.

You can find more information on how we collect this data in Part A, Section 3. To process and structure this data in logfiles, we use the service Papertrail. More information on the Papertrail service can be found in Part A, Section 7.1. To collect and analyse the usage data and to send any push notifications to our users, we also use the tool, Braze. More information on the Braze service can be found in Part A, Section 7.3.

b) Legal basis:

The legal basis for the above processing is Art. 6 (1) first sentence, (f) GDPR. The legitimate interest in the processing is in the specialisation of the IDAGIO services as recommendation services for classical music recordings and corresponding content. The processing aids in determining the success of individual content and offers via the IDAGIO services. This is necessary for the improvement of the services, the interest-based presentation and sending notifications about content and offers. Only on the basis of the above data processing can these functions of the service be performed in a meaningful way.

c) Right to Object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. For more on this, see below (Part A Section 9, d): "Rights of the Data Subject"). Please note, however, that the selection and recommendation of music in line with your interests is a core part of our service. Hence, if you object to the above processing of data, you will no longer be able to use our service.

8. Collection, processing and use of personal data when you use our website or mobile adn/or desktop applications for the purposes of answering questions or providing help with technical problems with the use or our website or mobile and/or desktop applications

a) Explanation and purpose of the processing:

As already set out above, we process the following personal data automatically when you use our website or our mobile and/or desktop applications:

  • Email address
  • The IP address of your computer or other end device (e.g. tablet PC or smartphone)
  • Type, date, number and status of your subscription
  • Your subscription fee including currency information
  • Date and time of use
  • What content you have used and stored
  • Information about the devices which you used our IDAGIO services with: type of device, individual device ID and operating system
  • Your navigation behaviour within the IDAGIO services
  • Which language version has been selected
  • Tokens and IDs for push notifications

We also collect, store and use the data in order to answer your questions regarding the IDAGIO services and to help you when you have technical problems with the IDAGIO software, the IDAGIO services, your user account and your subscription if you contact us in one of these cases. To this end, we will utilise, for example, the usage data stored in your user account, in order to ascertain the cause of possible technical faults or to understand administrative queries in connection with the use of our IDAGIO services.

You can find more information on how we collect this data in Part A, Section 3. To process and structure this data in logfiles, we use the service Papertrail. More information on the Papertrail service can be found in Part A, Section 7.1. To collect and analyse the usage data and to send any push notifications to our users, we also use the tool, Braze. More information on the Braze service can be found in Part A, Section 7.3. For the communication with our users, we also use the tool Intercom. More information on the Intercom service can be found in Part A, Section 7.4.

b) Legal basis:

The legal basis for the above processing is Art. 6 (1) first sentence, (f) GDPR. The legitimate interest in the processing is in answering our users’ questions regarding the IDAGIO services and offering them individual help when they have technical problems with the IDAGIO software, the IDAGIO services, their user account and their subscription.

c) Right to Object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. For more on this, see below (Part A Section 9, d): "Rights of the Data Subject").

Collection, proecessing and use of personal data when you click on links within our advertisements and posts on social media and other third-party sites as well as marketing email and newsletters

a) Explanation and purpose of the processing:

When you click on links contained in our advertisements and posts on social media and other third-party sites as well as in our newsletters, we process the following data:

  • Email address
  • User ID
  • The IP address of your computer or other end device (e.g. tablet PC or smartphone)
  • Information about the devices which you used our IDAGIO services with: Type of device and operating system
  • Type, date, number and status of your subscription
  • Your navigation behaviour within the IDAGIO services

Our advertisements and posts on social media and other third-party sites as well as in our newsletters contain links. When you click on these links, we collect and process the aforementioned data through means of cookies in order to record the fact that you have clicked on the respective link as well as your subsequent usage behaviour within our services so that we can measure the success of our advertisements and posts.

To collect and analyse this conversion data, we use the tool Braze. More information on the Braze service can be found in Part A, Section 7.3. To collect and analyse this conversion data in the scope of our newsletters and marketing emails, we also use the tool AppsFlyer. Further information on the AppsFlyer tool can be found in Part A, Section 7.7.

b) Legal basis:

The legal basis is Art. 6 (1) first sentence (f) GDPR. The legitimate interest in the processing is in the specialisation of the IDAGIO services as recommendation services for classical music recordings and corresponding content. The processing aids in determining the success of individual content and offers via the IDAGIO services. This is necessary for the improvement of the services, the interest-based presentation and sending notifications about content and offers. Only on the basis of the above data processing can these functions of the service be performed in a meaningful way.

c) Right to object:

As far as data processing based on Art. 6 (1) first sentence (f) GDPR is concerned, you have a right to object, without prejudice to other rights. For more on this, see below (Part A Section 9, d): "Rights of the Data Subject")