ENWAY Privacy Policy

Protecting your personal information is paramount to us.

We know how important the appropriate use of your personal information is to you. This is why we take the protection of our customers’ personal information very seriously. When you visit our website, we routinely collect your IP address, the URL of the page you used to access our site, the URL of any of our site’s internal pages you browse as a part of your visit, the session date, and the time you spent on our site. This type of information transfer is depersonalized and constitutes an internet protocol that ensures the safe operation of our servers.

We store the details you provide when completing one of our online customer forms on our servers. We only use the information to process your request. We shall keep your personal information strictly confidential, and we will not pass on personal information to any third party.

Responsible in accordance with Article 4 (7) of the EU General Data Protection Regulation (GDPR) is

ENWAY GmbH
c/o The Drivery
Mariendorfer Damm 1
12099 Berlin, Germany
email: info@enway.ai

We are legally represented by Julian Nordt, Bo Chen.

Our data protection officer is heyData GmbH
Kantstrasse 99
10627 Berlin, Germany
www.heydata.eu, email: datenschutz@heydata.eu.

Personal Information

Personal information is any information that renders an individual identifiable. It includes among other things your name, your address, and your email address. You may browse our webpage without providing any personal or otherwise sensitive information. However, in some cases, we may ask you to provide your name, your address, and other related details to ensure the timely and smooth delivery of the services requested by you.
This also applies if we send you any information explicitly requested by you, or if we reply to any inquiries made by you. We will, however, notify you accordingly. Moreover, we only store data provided by you voluntarily or being automatically generated when using our platform.

Automated Collection of Non-personal Data

Server Logs
Every time you visit our website, your browser automatically collects and forwards a certain type of information to our servers contained in so-called server logs. The collected information includes:

  • time and date of the visit
  • requested page
  • referrer URL
  • result status codes (URL found, URL not found, etc)
  • type and version of the browser used
  • IP address of the visitor
  • amount of bytes served

Information contained in server logs will be not correlated to other data in order to identify you as an individual. We use the collected information to optimize features and functionality thereby fully complying with § 6(1) GDPR.
To maximize data security and to protect our servers against cyberattacks, we store server log information for a limited time only, anonymizing the data by truncating the IP address after seven days, to prevent individual users from being rendered identifiable. We use the anonymized data for producing web analysis reports, including the total number of page requests in our statistical site review released on a biannual basis. However, we do not correlate the data to other user-related information or pass on the information to any third party.

Cookies

A cookie is a little text file created on your computer when browsing our webpage. Cookies are not software. They cannot be programmed, don’t contain malware, and cannot be used to obtain any other personal data. In compliance with § 6(1) GDPR, we use cookies solely to collect your IP address in order to recognize you instantly when you are visiting our website again, to improve the user-friendliness of our site.
If you do not agree with ENWAY using cookies you can usually modify your browser setting to decline cookies. If you wish to do so, go to the Extras menu of your browser and select “Settings” or “Internet Options” and follow the instructions. However, declining cookies means that certain functional aspects of our webpage may no longer be available to you.

Google Tag Manager

We use Google Tag Manager (GTM) for tracking and analytics. GTM does not collect any personal information. It is a tool that automatically updates the code snippets of tags that, in turn, may collect sensitive information. GTM does not use these data. However, even if you decline cookies or deactivate URL-based session tracking, tags managed via GTM will still be enabled. More details here.

DoubleClick by Google

If you have agreed to the use of cookies, we use DoubleClick, an ad serving service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. DoubleClick by Google uses cookies to personalize ads. Your browser is assigned a pseudonymous ID used to track the ads that have been served to your browser and to identify those you’ve clicked. The cookies enable Google and its partners to select and display ads based on your browsing behavior on websites including ours. They do not collect any other personal details. The collected information will be transferred to Google’s US-based mainframe. Google fully complies with the Privacy Shield framework implemented by The European Union and the US Department of Commerce. Google does not pass on this information to any third party unless required by law, or for data processing purposes required by the client. Furthermore, the information will not be correlated in any way to any other data collected by Google. If you have agreed to the use of cookies and by using our website you agree to Google collecting and processing information to the extent and for the purposes mentioned above.
If you do not agree with Google using cookies you can modify your browser setting to decline cookies. However, declining cookies means that certain functional aspects of our webpage may no longer be available to you. Moreover, you can object to data being collected, transferred, and processed by Google by downloading a browser plug-in that disables DoubleClick here. Alternatively, use the opt-out you can find under "Right to Withdraw Consent" to deactivate DoubleClick.

Google AdWords Conversion Tracking

If you have agreed to the use of cookies, this site uses ad conversion tracking services provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google uses cookies created on your computer to analyze your browsing behavior. Conversion tracking cookies are created as a result of you clicking on one of the adverts served by Google and remain active for a time period of thirty (30) days. Cookies used for conversion tracking do not collect any personal information. If you do not agree with your browsing activities being tracked by Google, you can change your browser settings in order to block all cookies from googleadservices.com.

If you would like to find out more about how conversion tracking works, and your options when it comes to preventing Google from using cookie-based information, read here.

Google Remarketing

If you have agreed to the use of cookies, we use a remarketing tool provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The tool helps to personalize adverts based on individual visitor preference within the Google Display Network. We use this automated service to show you products you may be interested in, with the ads chosen on the basis of your clicking behavior when browsing our website during your most recent visit. The service uses cookies created on your computer that help recognize you when you re-visit websites that are members of the Google Display Network. A cookie is a little text file created on your computer when browsing our webpage. Google collects your URL request, your IP address, browser type, and language as well as the time and date of the visit. This information is used to identify the browser on a computer which, in turn, enables Google Display Network to pick and show ads based on content viewed on websites that also employ the remarketing tool during your previous browser session.

If you have previously agreed to your browser history and your Google account being synchronized (https://www.google.com/settings/u/0/ads/authenticated), and to your Google account details being used to show you personalized ads, Google’s remarketing tool will be enabled across a range of devices. This means that Google uses your Google ID to recognize you on different mobile devices, but does not collect any personal information in the process.

If you object to Google using cookies collecting data related to your use of our website, please adjust your browser settings accordingly. However, this may prevent our site from functioning properly. For more details about how Google uses cookies, please refer to Google’s Privacy Policy.

Google Analytics (Depersonalised)

If you have agreed to the use of cookies, we use Google Analytics (GA), a web stats service offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies, i.e. little text files created on your computer that monitor your browsing behavior on our website. The cookies collect visitor data including the date and time of your visit, where you are based, the number of times you visited our site, and your IP address, transferring the information to the Google™ mainframe-based in the US. However, our site uses Google Analytics with visitor IP address anonymization (i.e. implementing the "_gat._anonymizeIp" function) in compliance with EU regulations. This means that IP addresses located in all member states of the EU will be truncated and, thus, anonymized before being transferred to the Google mainframe. Google uses the collected data to produce web analysis reports for us and to provide additional services related to the use of websites and browsers. Google does not pass on this information to any third party unless required by law, or for data to be processed by parties contracted by Google. Also, Google stresses that, as a rule, IP addresses will not be correlated in any way to any other data that may be collected by Google. If you object to Google collecting data related to your use of our website, please adjust your browser settings accordingly. However, this may prevent our site from functioning properly.
Moreover, Google offers an Opt-out Add-on for all major browsers that allow you to limit the kind of information Google can collect when you visit a website. Basically, this add-on tells Google Analytics JavaScript (ga.js) not to transfer any visitor data to Google Analytics. However, the add-on does not prevent user data from being forwarded to us, or to web stat services other than Google that we may choose to use on our site. More details about the add-on, and how to install it, are available here.

If you are viewing our site on a mobile device such as a smartphone or a tablet, and if you want to prevent your browsing behavior from being tracked by Google Analytics you need to use this link. The link also constitutes a working alternative to the above-mentioned browser add-on. Clicking the link creates an opt-out cookie that specifically applies to the URL and the browser you use. Deleting the browser history also results in the cookie being deleted, which means you need to click the link again to opt-out of GA tracking.
If you have agreed to Google synchronizing your web and app browser history with your Google account and using personal data from your Google account to serve personalized ads, Google will link these data to information collected by Google Analytics in order to set up target groups for cross-device remarketing purposes. If you visit our website, Google will collect your Google ID and hence your personal information via our Google account, followed by Google Analytics temporarily correlating your Google ID to your Google Analytics data to help us refine our target groups.
If you object to your personal information being used for cross-device marketing, log in to your Google account and change your account settings accordingly.

LinkedIn Analytics and LinkedIn Ads

We use Conversion tracking methods and retargeting functions of the LinkedIn Corporation. With this technology visitors of this platform can be addressed with personalized ads on LinkedIn. Furthermore, this enables anonymous to add performance reports and information about the interaction on our website. Therefore the LinkedIn Insight-tag is implemented on our website which produces a link to the LinkedIn server if you visit this page and are logged into your LinkedIn account at the same time. In the privacy policy of LinkedIn , you can find further information regarding data collection and data usage and the possibilities and rights to protect your privacy. If you are logged into your LinkedIn account you can always decline this data processing here.

Hotjar Web analytics

If you have agreed to the use of cookies, this Website uses Hotjar, a tool for Web Analytics developed by Hotjar Ltd. Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta. It enables measuring and analyzing user behavior (clicks, mouse movement, scroll depth, etc.) for this website. The information about your visit, collected through tracking code and cookie, gets sent to Hotjar servers in Ireland and saved there. The tracking code collects information such as IP address of your device (gathered and saved in an anonymized format), your Email address including your surname and last name, if you entered it into our website, your geographical location (only country), and log data like the referring domain, visited pages, etc. Hotjar uses this information to analyze the usage of our Website, creation of usage reports, and other services related to website usage and Web Analytics of this site.

You can find the data policy of Hotjar here.

You can permit Hotjar from collecting data by clicking the following link and following the given instructions or use the opt-out you can find under "Right to Withdraw Consent": Hotjar Opt-out

MailChimp

Subscribing to our newsletter requires a double opt-in. This means you only will receive our newsletter after you have instructed us to activate the service followed by confirming your instruction again by clicking the relevant link contained in our subscription confirmation email. When you subscribe to our newsletter, we store your email address together with the subscription date. We use this information to make sure no third party has been subscribing using your email address without your knowledge or consent. If you no longer want to receive our newsletter, you may unsubscribe at any time.

We use MailChimp, a marketing platform owned and operated by Rocket Science Group LLC, 675 Ponce De Leon Ave NE#5000m Atlanta, Georgia 30308, USA, to disseminate our newsletter. If you sign up for our newsletter, your email address and the above-mentioned data will be stored on MailChimp’s US-base servers. MailChimp shall only use your information for the purpose of sending out the newsletters on our behalf. Moreover, MailChimp may use the collected data to improve its services, or for internal operational procedures, e.g. to determine the newsletter recipients’ countries of residence. MailChimp will not use your personal data to contact you or share your information with any third parties. MailChimp complies with the EU-US Privacy Shield framework, adhering to EU data privacy and protection rules. Read MailChimp’s Privacy Policy here.
Our newsletter code contains a web beacon, meaning a tiny file that is accessed by the MailChimp servers to create a server log containing information relating to the type and version of the browser you use, your IP address, and date and time of the request. MailChimp uses this information to improve their services with regard to service features, target audience, and recipient preferences based only on location (detected by the recipient’s IP address). MailChimp also collects data on whether the newsletters are read, when they’ve been read, and which of the embedded links were clicked in the process. These data may be correlated to individual newsletter subscribers for technical reasons. However, neither we nor MailChimp will track individual newsletter readers over time. We collect the information for the sole purpose of identifying the reading preferences of our subscribers in order to serve more personalized content.

Job Applicants & Shortlisted Candidates

Applying for a job at our company involves providing a wide range of information, including your personal details, your contacts, your professional background, work experience, and qualifications. You may also submit cover letters and letters of reference in electronic form.
Moreover, in and compliance with Germany’s Equality Act (Allgemeines Gleichbehandlungsgesetz), please do not provide any personal information relating to your ethnic background, race, gender, religion, ideology, disabilities, age, sexual identity or sexual orientation, union memberships, and physical or mental illnesses, as well as information that might infringe the copyrights, intellectual property right or any statutory right held by a third party.
We collect and use your personal information for purposes related to your application, seeking employment at our company. We do not pass on your data to third parties. If you submit your application online, we collect your name, home address, telephone number, email address, and other details solely for the purpose to contact you with regard to your application. If your application is successful, we may use your information for administrative purposes. Your online application will be processed by a designated HR team that will not share your personal information with anyone else. Your data will not be stored on servers based outside of Germany.
If your application does not result in employment at our company, we are required by law to hold on to your information for a period of up to six months, to be able to answer questions related to the process and success of your application. We may keep your information longer than the period stipulated by law after obtaining your prior written consent, to inform you of future job opportunities arising at our company that fit your profile. Otherwise, your personal data will be deleted.

Data Protection

We have taken suitable physical and electronic, organizational, and technical measures to prevent unauthorized access or disclosure, damage, or loss of your personal information. Both, our members of staff and our suppliers are providing services in full compliance with the current data protection laws. We encrypt all personal information we collect and process prior to the transfer, thereby ensuring that no third party can access your data. Moreover, we are continually improving our safety measures aimed at protecting your details, regularly updating our Privacy Policy in the process. Please make sure you are always referring to the latest version.

Your Rights

You have the right to be notified if your personal data are collected, to request the personal data we hold about you to be disclosed to you, to request your personal data to be amended, deleted or their use by us to be limited, to data portability and the right to make a complaint to the respective data protection authority of your country. Your principal rights under data protection law are

Right to Access

You may request to be informed as to whether we collect your personal information, and if we do, how we use your data.

Right to Rectification

If we process personal data that are incomplete or incorrect, you may request the respective information to be supplemented/amended at any time.

Right to Erasure

You may request the personal information we hold on you to be deleted if our use of your data is against the law, or constitutes an infringement of your interest deemed unacceptable. We will delete your personal information immediately unless required otherwise by law.

Right to Restrict Processing

You may request limited processing of your personal information if:

  • you contest the accuracy of the data we hold on you. In this case, we limit the use to an absolute minimum until we have ascertained whether your personal detail is correct;
  • our use of your data does not conform with the law, however, you do not want your data to be deleted but requesting limited use instead;
  • we do no longer require your data for the purpose they were collected for but you still need the information to exercise your rights or make a complaint;
  • you objected to your personal information being processed by our company.
Right to Portability

You have the right to receive your personal data from us in a structured, commonly used and machine-readable format that enables you to transfer the information to another party without the necessity of our involvement if:

  • the data processed with your consent or for the purpose of fulfilling a contractual agreement entered into by you and us, and
  • such processing is carried out by automated means.

You may request your personal data being transferred directly from us to a party of your choice subject to the technical requirements being in place.

Right to Withdraw Consent

To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. If you withdraw your consent we will stop collecting and using your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. However, you withdraw your consent to us processing your personal information for marketing purposes without giving a reason.

Activate Opt-Out

Right to Complain to Supervisory Authority

If you believe our processing of your personal information infringes on German or EU data protection laws, please get in touch immediately. It goes without saying that you may also contact the respective supervisory data protection authority in your country. If you would lodge a complaint please call or email our data protection officer. N.B. We are entitled to ask for proof of identity.

Policy Amendments

We reserve the right to amend this policy at any time, particularly if new information technology should require us to do so. Please make sure you always refer to our latest policy version. All significant changes to our Privacy Policy will be announced on our webpage.

Privacy Policy of enway.ai/en/

This Application collects some Personal Data from its Users.

This document can be printed for reference by using the print command in the settings of any browser.

Owner and Data Controller

ENWAY GmbH
c/o The Drivery
Mariendorfer Damm 1
12099 Berlin

Owner contact email: info@enway.ai

Types of Data collected

Among the types of Personal Data that this Application collects, by itself or through third parties, there are: Tracker; Usage Data.

Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.
Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services. In cases where this Application specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Any use of Cookies – or of other tracking tools – by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available.

Users are responsible for any third-party Personal Data obtained, published or shared through this Application and confirm that they have the third party's consent to provide the Data to the Owner.

Mode and place of processing the Data

Methods of processing

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.

Legal basis of processing

The Owner may process Personal Data relating to Users if one of the following applies:

  • Users have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
  • provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
  • processing is necessary for compliance with a legal obligation to which the Owner is subject;
  • processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
  • processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.

In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Place

The Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.

Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.

Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.

If any such transfer takes place, Users can find out more by checking the relevant sections of this document or inquire with the Owner using the information provided in the contact section.

Retention time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
  • Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.

The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

The purposes of processing

The Data concerning the User is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activity, as well as the following: Analytics, Tag Management, Interaction with external social networks and platforms and Displaying content from external platforms.

For specific information about the Personal Data used for each purpose, the User may refer to the section “Detailed information on the processing of Personal Data”.

Detailed information on the processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

Analytics

The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.

Google Analytics

Google Analytics is a web analysis service provided by Google LLC or by Google Ireland Limited, depending on the location this Application is accessed from, (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

Personal Data processed: Tracker; Usage Data.

Place of processing: United States – Privacy PolicyOpt Out; Ireland – Privacy PolicyOpt Out.

Displaying content from external platforms

This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.

Font Awesome (Fonticons, Inc. )

Font Awesome is a typeface visualization service provided by Fonticons, Inc. that allows this Application to incorporate content of this kind on its pages.

Personal Data processed: Usage Data.

Place of processing: United States – Privacy Policy.

Interaction with external social networks and platforms

This type of service allows interaction with social networks or other external platforms directly from the pages of this Application.
The interaction and information obtained through this Application are always subject to the User’s privacy settings for each social network.
This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.
It is recommended to log out from the respective services in order to make sure that the processed data on this Application isn’t being connected back to the User’s profile.

Twitter Tweet button and social widgets (Twitter, Inc.)

The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.

Personal Data processed: Tracker; Usage Data.

Place of processing: United States – Privacy Policy.

Tag Management

This type of service helps the Owner to manage the tags or scripts needed on this Application in a centralized fashion.
This results in the Users' Data flowing through these services, potentially resulting in the retention of this Data.

Google Tag Manager

Google Tag Manager is a tag management service provided by Google LLC or by Google Ireland Limited, depending on the location this Application is accessed from.

Personal Data processed: Usage Data.

The rights of Users

Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.

Users may exercise certain rights regarding their Data processed by the Owner.

In particular, Users have the right to do the following:

  • Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
  • Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
  • Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
  • Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
  • Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
  • Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User's consent, on a contract which the User is part of or on pre-contractual obligations thereof.
  • Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.

Details about the right to object to processing

Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.

Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to exercise these rights

Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.

Cookie Policy

This Application uses Trackers. To learn more, the User may consult the Cookie Policy.

Additional information about Data collection and processingLegal action

The User's Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.

Additional information about User's Personal Data

In addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.

System logs and maintenance

For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) use other Personal Data (such as the IP Address) for this purpose.

Information not contained in this policy

More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.

How “Do Not Track” requests are handled

This Application does not support “Do Not Track” requests.
To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.

Changes to this privacy policy

The Owner reserves the right to make changes to this privacy policy at any time by notifying its Users on this page and possibly within this Application and/or - as far as technically and legally feasible - sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.

Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.

Definitions and legal references

Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Usage Data

Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.

User

The individual using this Application who, unless otherwise specified, coincides with the Data Subject.

Data Subject

The natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor)

The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or Owner)

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.

This Application

The means by which the Personal Data of the User is collected and processed.

Service

The service provided by this Application as described in the relative terms (if available) and on this site/application.

European Union (or EU)

Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Cookie

Cookies are Trackers consisting of small sets of data stored in the User's browser.

Tracker

Tracker indicates any technology - e.g Cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting - that enables the tracking of Users, for example by accessing or storing information on the User’s device.

Legal information

This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

This privacy policy relates solely to this Application, if not stated otherwise within this document.

Latest update: February 17, 2021

PRIVACY POLICY WEBSITE

1. Introduction

In the following, we provide information about the collection of personal data when using

  • our website www.enway.ai
  • our profiles in social media.

Personal data is any data that can be related to a specific natural person, such as their name or IP address.

1.1. Contact details

The controller within the meaning of Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is Enway GmbH, Mariendorfer Damm 1, 12099 Berlin, Germany, email: info@enway.ai. We are legally represented by Julian Nordt, Bo Chen.

Our data protection officer is heyData GmbH, Kantstr. 99, 10627 Berlin, www.heydata.eu, E-Mail: datenschutz@heydata.eu.

1.2. Scope of data processing, processing purposes and legal bases

We detail the scope of data processing, processing purposes and legal bases below. In principle, the following come into consideration as the legal basis for data processing:

  • Art. 6 para. 1 s. 1 it. a GDPR serves as our legal basis for processing operations for which we obtain consent.
  • Art. 6 para. 1 s. 1 lit. b GDPR is the legal basis insofar as the processing of personal data is necessary for the performance of a contract, e.g. if a site visitor purchases a product from us or we perform a service for him. This legal basis also applies to processing that is necessary for pre-contractual measures, such as in the case of inquiries about our products or services.
  • Art. 6 para. 1 s. 1 lit. c GDPR applies if we fulfill a legal obligation by processing personal data, as may be the case, for example, in tax law.
  • Art. 6 para. 1 s. 1 lit. f GDPR serves as the legal basis when we can rely on legitimate interests to process personal data, e.g. for cookies that are necessary for the technical operation of our website.

1.3. Data processing outside the EEA

Insofar as we transfer data to service providers or other third parties outside the EEA, the security of the data during the transfer is guaranteed by adequacy decisions of the EU Commission, insofar as they exist (e.g. for Great Britain, Canada and Israel) (Art. 45 para. 3 GDPR).

If no adequacy decision exists (e.g. for the USA), the legal basis for the data transfer are usually, i.e. unless we indicate otherwise, standard contractual clauses. These are a set of rules adopted by the EU Commission and are part of the contract with the respective third party. According to Art. 46 para. 2 lit. b GDPR, they ensure the security of the data transfer. Many of the providers have given contractual guarantees that go beyond the standard contractual clauses to protect the data. These include, for example, guarantees regarding the encryption of data or regarding an obligation on the part of the third party to notify data subjects if law enforcement agencies wish to access the respective data.

1.4. Storage duration

Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and no legal obligations to retain data conflict with the deletion. If the data are not deleted because they are required for other and legally permissible purposes, their processing is restricted, i.e. the data are blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

1.5. Rights of data subjects

Data subjects have the following rights against us with regard to their personal data:

  • Right of access,
  • Right to correction or deletion,
  • Right to limit processing,
  • Right to object to the processing,
  • Right to data transferability,
  • Right to revoke a given consent at any time.

Data subjects also have the right to complain to a data protection supervisory authority about the processing of their personal data.

1.6. Obligation to provide data

Within the scope of the business or other relationship, customers, prospective customers or third parties need to provide us with personal data that is necessary for the establishment, execution and termination of a business or other relationship or that we are legally obliged to collect. Without this data, we will generally have to refuse to conclude the contract or to provide a service or will no longer be able to perform an existing contract or other relationship.

Mandatory data are marked as such.

1.7. No automatic decision making in individual cases

As a matter of principle, we do not use a fully automated decision-making process in accordance with article 22 GDPR to establish and implement the business or other relationship. Should we use these procedures in individual cases, we will inform of this separately if this is required by law.

1.8. Making contact

When contacting us, e.g. by e-mail or telephone, the data provided to us (e.g. names and e-mail addresses) will be stored by us in order to answer questions. The legal basis for the processing is our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR) to answer inquiries directed to us. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.

1.9. Customer surveys

From time to time, we conduct customer surveys to get to know our customers and their wishes better. In doing so, we collect the data requested in each case. It is our legitimate interest to get to know our customers and their wishes better, so that the legal basis for the associated data processing is Art. 6 para. 1 s. 1 lit f GDPR. We delete the data when the results of the surveys have been evaluated.

2. Whitepapers

We offer whitepapers to download via our website. In return for providing the paper free of charge, we process the email address of recipients, may email them regularly about our products and company and may measure the open and click-through rates of these emails. The legal basis of the processing is the contract closed with every recipient about the receipt of the whitepaper.

Recipients may unsubscribe from these emails at any time, free of charge, e.g. by emailing to the email address listed in our contact details.

We send newsletters with the tool Mailchimp of the provider Rocket Science Group LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (privacy policy: https://mailchimp.com/legal/privacy/). The provider processes content, usage, meta/communication data and contact data in the process in the USA.

3. Data processing on our website

3.1. Informative use of our website

During the informative use of the website, i.e. when site visitors do not separately transmit information to us, we collect the personal data that the browser transmits to our server in order to ensure the stability and security of our website. This is our legitimate interest, so that the legal basis is Art. 6 para. 1 s. 1 lit. f GDPR.

These data are:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

This data is also stored in log files. They are deleted when their storage is no longer necessary, at the latest after 14 days.

3.2. Web hosting and provision of the website

Our website is hosted by Webflow, Inc. 208 Utah, Suite 210, San Francisco, CA 94103, USA (privacy policy: https://webflow.com/legal/eu-privacy-policy). The provider thereby processes the personal data transmitted via the website, e.g. on content, usage, meta/communication data or contact data. It is our legitimate interest to provide a website, so that the legal basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR.

3.3. Contact form

When contacting us via the contact form on our website, we store the data requested there and the content of the message.
The legal basis for the processing is our legitimate interest in answering inquiries directed to us. The legal basis for the processing is therefore Art. 6 para. 1 s. 1 lit. f GDPR.
We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.

3.4. Vacant positions

We publish positions that are vacant in our company on our website, on pages linked to the website or on third-party websites.

The processing of the data provided as part of the application is carried out for the purpose of implementing the application process. Insofar as this is necessary for our decision to establish an employment relationship, the legal basis is Art. 88 para. GDPR in conjunction with Sec. 26 para. 1 of the German Data Protection Act (Bundesdatenschutzgesetz). We have marked the data required to carry out the application process accordingly or refer to them. If applicants do not provide this data, we cannot process the application.
Further data is voluntary and not required for an application. If applicants provide further information, the basis is their consent (Art. 6 para. 1 s. 1 lit. a GDPR).

We ask applicants to refrain from providing information on political opinions, religious beliefs and similarly sensitive data in their CV and cover letter. They are not required for an application. If applicants nevertheless provide such information, we cannot prevent their processing as part of the processing of the resume or cover letter. Their processing is then also based on the consent of the applicants (Art. 9 para. 2 lit. a GDPR).

Finally, we process the applicants' data for further application procedures if they have given us their consent to do so. In this case, the legal basis is Art. 6 para. 1 s. 1 lit. a GDPR.

We pass on the applicants' data to the responsible employees in the HR department, to our data processors in the area of recruiting and to the employees otherwise involved in the application process.

If we enter into an employment relationship with the applicant following the application process, we delete the data only after the employment relationship has ended. Otherwise, we delete the data no later than six months after rejecting an applicant.

If applicants have given us their consent to use their data for further application procedures as well, we will not delete their data until one year after receiving the application.

3.5. Technically necessary cookies

Our website sets cookies. Cookies are small text files that are stored in the web browser on the end device of a site visitor. Cookies help to make the offer more user-friendly, effective and secure. Insofar as these cookies are necessary for the operation of our website or its functions (hereinafter "Technically Necessary Cookies"), the legal basis for the associated data processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in providing customers and other site visitors with a functional website.
Specifically, we set technically necessary cookies for the following purpose or purposes:

  • cookies that adopt language settings
  • cookies that store log-in data

3.6. Third parties

3.6.1. ​Iubenda​

We use Iubenda to manage consents. The provider is iubenda s.r.l, Via San Raffaele, 1 - 20121 Milan, Italy. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.

The legal basis for the processing is Art. 6 para. 1 s. 1 lit. c DSGVO. The processing is necessary for the fulfillment of a legal obligation to which we are subject.

The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://www.iubenda.com/privacy-policy/94654098.

3.6.2. ​Weglot​

We use Weglot for translations. The provider is Weglot, 138, rue Pierre Joigneaux in BOIS-COLOMBES (92270), France. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.

The legal basis for the processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in automatically translating information on our website.

The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://weglot.com/de/privacy/.

3.6.3. ​Splitbee​

We use Splitbee for analytics. The provider is Tobias Lins e.U., Alserbachstraße 10, 1090 Wien, Austria. The provider processes meta/communication data (e.g. device information, IP addresses) in the EU.

The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

The data will be deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Further information is available in the provider's privacy policy at https://splitbee.io/privacy.

3.6.4. ​Google Webfonts​

We use Google Webfonts for fonts on the website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes meta/communication data (e.g. device information, IP addresses) in the USA.

The legal basis for the processing is Art. 6 para. 1 s. 1 lit. a GDPR. The processing is based on consent. Data subjects may revoke their consent at any time by contacting us, for example, using the contact details provided in our privacy policy. The revocation does not affect the lawfulness of the processing until the revocation.

The legal basis for the transfer to a country outside the EEA are consents.

Further information is available in the provider's privacy policy at https://policies.google.com/privacy?hl=en-US.

4. Data processing on social media platforms

We are represented in social media networks in order to present our company and our services there. The operators of these networks regularly process their users' data for advertising purposes. Among other things, they create user profiles from their online behavior, which are used, for example, to show advertising on the pages of the networks and elsewhere on the Internet that corresponds to the interests of the users. To this end, the operators of the networks store information on user behavior in cookies on the users' computers. Furthermore, it cannot be ruled out that the operators merge this information with other data. Users can obtain further information and instructions on how to object to processing by the site operators in the data protection declarations of the respective operators listed below. It is also possible that the operators or their servers are located in non-EU countries, so that they process data there. This may result in risks for users, e.g. because it is more difficult to enforce their rights or because government agencies access the data.

If users of the networks contact us via our profiles, we process the data provided to us in order to respond to the inquiries. This is our legitimate interest, so that the legal basis is Art. 6 para. 1 s. 1 lit. f GDPR.

4.1. Facebook

We maintain a profile on Facebook. The operator is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available here: https://www.facebook.com/policy.php. A possibility to object to data processing arises via settings for advertisements: https://www.facebook.com/settings?tab=ads.
We are joint controllers for processing the data of visitors to our profile on the basis of an agreement within the meaning of Art. 26 GDPR with Facebook. Facebook explains exactly what data is processed at https://www.facebook.com/legal/terms/information_about_page_insights_data. Data subjects can exercise their rights both against us and against Facebook. However, according to our agreement with Facebook, we are obliged to forward requests to Facebook. Data subjects will therefore receive a faster response if they contact Facebook directly.

4.2. Instagram

We maintain a profile on Instagram. The operator is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available here: https://help.instagram.com/519522125107875.

4.3. YouTube

We maintain a profile on YouTube. The operator is Google Ireland Limited Gordon House, Barrow Street Dublin 4. Ireland. The privacy policy is available here: https://policies.google.com/privacy?hl=de.

4.4. Twitter

We maintain a profile on Twitter. The operator is Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The privacy policy is available here: https://twitter.com/de/privacy. One way to object to data processing is via the settings for advertisements: https://twitter.com/personalization.

4.5. LinkedIn

We maintain a profile on LinkedIn. The operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy is available here: https://https://www.linkedin.com/legal/privacy-policy?_l=de_DE. One way to object to data processing is via the settings for advertisements: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

5. Changes to this privacy policy

We reserve the right to change this privacy policy with effect for the future. A current version is always available here.

6. Questions and comments

If you have any questions or comments regarding this privacy policy, please feel free to contact us using the contact information provided above.

Privacy Policy