Get started

Data Privacy

01

Name and address of the Controller

The Controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:

NativeResearch drw GmbH
Rostocker Straße 1
20099 Hamburg
Germany

Represented by:
Johannes Nass

Tel: 0176 ‐ 7828 6837
Email: contact@native-research.com
Website: www.native-research.com

External Data Protection Officer
Andrea Schweizer
Schneckenburgerstr. 22
81675 Munich
Germany
as@schweizer.eu

02

General information on data processing

The responsible operator of this site takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

Below we provide information about the collection of personal data when you use our website. Personal data is all data that can be related to you personally, e.g. name, address, email addresses, user behavior and also the IP address.

If we use service providers for individual functions of our offering or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. We also mention the defined storage period criteria.

03

Provision of the website and creation of log files

Every time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:

  1. Information about the browser type and version used
  2. The user’s operating system
  3. The user’s Internet service provider
  4. The user’s IP address
  5. Date and time of access
  6. Websites from which the user’s system accesses our website
  7. Websites that are accessed by the user’s system via our website
  8. The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

 

The temporary processing and storage of the IP address and the data provided by the system is necessary to enable delivery of the website to the user’s computer. We therefore have a legitimate interest in data processing in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. This data will be deleted when the respective session is ended, as the purpose of the collection has been achieved.

The data is stored in log files to ensure the functionality and stability of the website. The data also serves us to optimize the website and to ensure the security of our information technology systems. This results in our legitimate interest in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. The data will not be evaluated for marketing purposes in this context. This data will be deleted after seven days at the latest, the associated backups after 30 days. Any further storage will only take place in the event that your IP address is deleted or altered in such a way that it loses all personal reference and can no longer be assigned to you.

04

Use of cookies

In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is accessed again. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offering more user-friendly and effective overall. This is our legitimate interest in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.

This website uses the following types of cookies, the scope and functionality of which are explained below:
Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the shared session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete cookies at any time in your browser’s security settings.

You can configure your browser settings according to your wishes and e.g. refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all of the functions of this website. The following data can be transmitted in this way:

  • Page views
  • Use of website functions
Diese Cookie-Richtlinie wurde erstellt und aktualisiert von der Firma CookieFirst.com.

05

Use of survey software providers in the context of surveys - consent to data processing in the USA

To carry out the surveys, we use software from different providers. Which of these providers we use can be found in the invitation or the intro text of the survey. As little personal data as possible is processed during the survey. In principle, in addition to the data that you provide in the survey, only the following personal data will be processed:

IP address: This is only collected for technical reasons when you access the website and to avoid double participation and misuse (Art. 6 Para. 1 Letter f GDPR). In most cases, NativeResearch does not have access to the IP addresses.
Email address: This is only used if an invitation is sent directly by NativeResearch and NativeResearch has received it from your clients as part of a data processing agreement. The replies are not linked to the email address.
Further data: If further personal data is processed, you will be expressly informed and asked for your consent.

A. Quantilope
When using the software from Quantilope (quantilope GmbH, Charlottenstraße 26, 20257 Hamburg), the data is processed on servers in Europe. If these servers belong to companies whose parent companies are based in the USA, it is ensured that the necessary contracts have been concluded. For these companies there is an adequacy decision from the EU Commission that confirms an adequate level of data protection.

B. Dynata, CMIX – consent to data processing in the USA
When using the Cmix software from Dynata (Dynata, LLC; 4 Research Drive; Shelton, Connecticut 06484 USA), the data is processed on servers in the USA. There is no adequacy decision from the European Commission for the USA that confirms an adequate level of data protection for Dynata. There is therefore a risk that there is no adequate level of data protection in the USA and no appropriate safeguards. As generally in all cases of data transfers to the USA, among other things, there might be the following risks: insufficient protection of data from government access, the information rights of those affected may not be adequately guaranteed or the enforcement of these rights may be more difficult, control and sanctions in the event of violations are often inadequate. That’s why we need to get your consent. By participating, you agree that the data you provide and the IP address will be processed in the USA.

C. Sawtooth software, Lighthouse Studio – consent to data processing in the USA
When using the Lighthouse Studio (Sawtooth Software, Inc. 3210 N Canyon Rd Suite 202, Provo, Utah, 84604, USA), the data is processed on servers in the USA and the UK by Sawtooth and their subprocessors. For the UK there is an adequacy decision from the European Commission that confirms an adequate level of data protection. There is no adequacy decision from the European Commission for the USA that confirms an adequate level of data protection for Sawtooth. There is therefore a risk that there is no adequate level of data protection in the USA and no appropriate safeguards. As generally in all cases of data transfers to the USA, among other things, there might be the following risks: insufficient protection of data from government access, the information rights of those affected may not be adequately guaranteed or the enforcement of these rights may be more difficult, control and sanctions in the event of violations are often inadequate. That’s why we need to get your consent. By participating, you agree that the data you provide and the IP address will be processed in the USA.

D. Decipher, Dapresy Deutschland GmbH – consent to data processing in the USA
When using the software Decipher (Dapresy Deutschland GmbH; Engersche Str 176; Bielefeld, 33611 Germany), the data is processed on servers in Europe, UK and the USA. For the UK there is an adequacy decision from the European Commission that confirms an adequate level of data protection. There is no adequacy decision from the European Commission for the USA that confirms an adequate level of data protection for Decipher. There is therefore a risk that there is no adequate level of data protection in the USA and no appropriate safeguards. As generally in all cases of data transfers to the USA, among other things, there might be the following risks: insufficient protection of data from government access, the information rights of those affected may not be adequately guaranteed or the enforcement of these rights may be more difficult, control and sanctions in the event of violations are often inadequate. That’s why we need to get your consent. By participating, you agree that the data you provide and the IP address will be processed in the USA.

06

Web tracking via Google Analytics and use of the Google Tag Manager

(1) This website uses Google Analytics, a web tracking service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The purpose of our use of the tool is to enable us to analyze your user interactions on websites and in apps and to use the statistics and reports obtained to improve our offering and make it more interesting for you as a user. We use Google Tag Manager to simplify administration of the tool.

(2) We primarily record the interactions between you as a user of the website and our website using cookies, device/browser data, IP addresses and website or app activities. In Google Analytics, your IP addresses are also recorded to ensure the security of the service and to provide us as the website operator with information about the country, region or location from which the respective user comes (so-called “IP location determination”). For your protection, however, we naturally use the anonymization function (“IP masking”), i.e. Google shortens the IP addresses by the last octet within the EU/EEA.

(3) Google acts as a processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For these cases, Google has certified itself in accordance with the Data Privacy Framework and has undertaken to comply with applicable data protection laws when transferring data internationally. The necessary data protection contracts have been concluded.

(4) The legal basis for the collection and further processing of the information (which takes place for a maximum of 14 months) is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can withdraw your consent at any time without this affecting the lawfulness of processing up to the point of withdrawal. In apps, you can reset the advertising ID in the Android or iOS settings. The easiest way to revoke your consent is via our Consent Manager or by installing the Google browser add-on, which can be accessed via the following link: tools.google.com/dlpage/gaoptout?hl=en/.

(5) For more information on the scope of services provided by Google Analytics, please visit marketingplatform.google.com/about/analytics/terms/en/. Google provides information on data processing when using Google Analytics at the following link: support.google.com/analytics/answer/6004245?hl=en/. General information on data processing, which according to Google should also apply to Google Analytics, can be found in Google’s privacy policy at www.google.de/intl/de/policies/privacy/.

07

JW-Player (USA)

This website uses plugins from the video portal JWPlayer, LongTail Ad Solutions, Inc. d/b/a JW Player 2 Park Avenue, 10th Floor New York, NY 10016, USA. Each time you access a page that contains one or more JWPlayer video clips, a direct connection is established between your browser and a JWPlayer server in the USA. Information about your visit and your IP address will be stored there. The use of JW Player is based on our legitimate interest. The necessary data protection contracts (standard data protection clauses) have been concluded.

The privacy policy for JWPlayer with more detailed information on the collection and use of your data by JWPlayer can be found at https://www.jwplayer.com/privacy.

08

Contact via email or contact form

If you contact us by e-mail or via our contact form, the personal data you provide or those transmitted using the contact form will be stored:

  • First name
  • Surname
  • email address
  • Telephone number (optional)
  • Content of the message (free text)
  • IP address

 

The data entered via the contact form is transmitted to us in encrypted form (transport encryption). In this context, the data will not be passed on to third parties. The data is used exclusively to process the conversation in order to be able to answer your questions and inquiries. To enable us to do this, we have a legitimate interest in processing and storing data in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Article 6 Paragraph 1 Sentence 1 Letter b GDPR.

We delete the data arising in this context after storage is no longer necessary or restrict processing if there are statutory retention requirements. This is the case when the respective conversation with the user has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been finally clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

09

Rights of the data subjects

You can exercise the following rights against us as a Controller regarding your personal data without

  • Right of access by the data subject (Art. 15 GDPR),
  • Right to rectification (Art. 16 GDPR),
  • Right of erasure (Art. 17 GDPR),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to data portability (Art. 20 GDPR),
  • Right to object (Art. 21 GDPR),
  • Right to complain to a data protection supervisory authority about NativeResearch’s processing of your personal data.

 

If you have given your consent to the processing of your data, you can revoke this at any time (NativeResearch drw GmbH, Rostocker Straße 1, 20099 Hamburg, email: contact@native-research.com or external data protection officer Andrea Schweizer email as@schweizer.eu). Such a revocation affects the lawfulness of the processing of your personal data after you have given it to us for the future.

To the extent that we base the processing of your personal data on the legitimate interests (Art. 6 Para. 1 S. 1 lit. f GDPR), you can object to the processing (NativeResearch drw GmbH, Rostocker Straße 1, 20099 Hamburg, email: contact@native-research.com or external data protection officer Andrea Schweizer email: as@schweizer.eu). This is the case if the processing is not necessary to fulfill a contract with you, which is explained by us in the description of the functions.

10

Data security/technical-organizational measures

Technical measures are taken to ensure data security, in particular to protect your personal data.

11

Third Parties

In some cases, we use external service providers who we have carefully selected, commissioned in writing and in accordance with legal regulations, who are bound to our instructions and who are regularly checked by us. These service providers are not allowed to pass the data on to third parties.

12

Current status and changes to this data protection declaration

We reserve the right to change this data protection declaration at any time in compliance with legal requirements. This data protection declaration is currently valid and is dated February 2024. You can access and print out the current data protection declaration at any time on the website at https://www.native-research.com/data-privacy/.

NativeResearch. All rights reserved 2024.

NativeResearch. All rights reserved 2024.