Due to the nature of the business, data protection is of particularly high importance to the Fabasoft Group. Fabasoft AG and its subsidiary companies (known as: “Fabasoft”) have dedicated themselves to the protection of data and, in particular, of personal data. Mindbreeze GmbH is a subsidiary of Fabasoft AG (in the following referred to as “Mindbreeze”). Exactly how Mindbreeze uses and protects personal data, such as first and surnames, email addresses or telephone numbers, will be outlined in more detail in this privacy statement. The use of personal data complies with the requirements of the EU’s General Data Protection Regulation also referred to in the following as “GDPR” and the relevant country-specific data protection regulations. The transfer of data for processing, both within and outside Mindbreeze, for the purpose of job processing, is exclusively based on data processing agreements.
Valid as of February 2025 | PDF Download of the Mindbreeze Privacy Statement
A. General Information
A.1 Who is responsible for data processing? - The Group’s Structure
Depending on which Group company is entrusted with data processing, this company is deemed to be the data controller.
You will find all Fabasoft companies listed via the following link:
https://www.fabasoft.com/en/about-us/locations
Additional Information:
This privacy statement serves to elaborate on the general privacy statement of Fabasoft (available at www.fabasoft.com/privacy), the general privacy statement of Fabasoft 4teamwork (available at https://www.4teamwork.ch/datenschutzerklaerung/), the general privacy statement of Mindbreeze (available at www.mindbreeze.com/privacy), , the general privacy statement of Fabasoft Talents (available at https://knowledgefox.net/datenschutzerklaerung/) and to provide more information for applicants.
Contact Data Privacy Team
Mindbreeze has a data security team (“Privacy Team”) entrusted with legal data security issues. You can contact the Privacy Team as follows:
privacy@mindbreeze.com
Mindbreeze GmbH, c/o Privacy Team, Honauerstrasse 2, 4020 Linz, Austria
If required by EU-GDPR or national regulations, Mindbreeze has appointed data protection officers whom you can contact directly using the contact data below:
Austria:
Hochleitner Rechtsanwälte GmbH
dpo-at@fabasoft.legal,
Mindbreeze GmbH, c/o Data Protection Officer AT, Honauerstrasse 4, 4020 Linz, Austria
A.2 Which data are processed? Where does the data come from (the data sources)?
1. Data collected from the data subject
Mindbreeze processes the following personal data that has been collected directly from the data subject.
- Mindbreeze processes personal data that it obtains through its business relations (with customers, suppliers, partners or support requests) in order to fulfil a contract or to implement pre-contract procedures.
- Mindbreeze processes personal data supplied directly by the customers.
- Mindbreeze processes personal data that are required in order to fulfil a legal obligation.
Mindbreeze processes personal data for which consent has been granted, for various reasons, by the data subject.
Personal data includes especially title, first name(s), surname, email, IP address(es), home address(es), telephone number(s), fax number, date of birth (if provided), contract details (incl. contact details of the contracting parties as well as contact persons), company details, other relevant information (correspondence history, contact details, data relating to reminders and actions).
When you make use of our support, we process data about your support inquiry (among others problem description, log files, attachments, screenshots, communication, documentation of troubleshooting, contact details of the involved persons).
2. Data not directly collected from the data subject
This includes, in particular, the following data: address and contact details (e.g. email address, telephone number, first name and surname), job title, gender, company name, company size, title, industry, street, postcode, city and country. This data comes from publicly accessible registers, company websites, from education partners after events initiated by us and information published by individuals on business platforms (XING, LinkedIn, X) or on social media platforms.
A.3 Why is personal data processed and what is the legal basis for doing this?
- The fulfilment of contractual and pre-contractual obligations.
Processing personal data is important for providing products and services that are appropriate for the required/commissioned scope of the project. The purpose of data processing is strictly aligned with the commissioned product or service. You will find more detailed information on this topic on our website www.mindbreeze.com. Relevant personal data include names, address data and telecommunication data. Such data can also be enquiry, offer and order data, data from the performance of our contractual obligation, product data, documentation data as well as other data comparable with the categories mentioned. Personal data is processed in accordance with Article 6(1)(b) of the GDPR for the purpose of fulfilling existing contracts with customers/suppliers or in the context of initiating a contract.
- The fulfilment of legal obligations.
Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 (1) (c) GDPR serves as the legal basis for data processing. Special legal obligations exist, for example, due to our company's stock market listing and its organization as a joint-stock company, for example in connection with holding the Annual General Meeting or due to international accounting regulations.
- Protecting legitimate interests
It is in Mindbreeze’s legitimate interest due to Art 6 (1) (f) GDPR to continuously improve its products and services and allow the active participation of all interested parties in the sustainable development of our company (key topics). In order to receive feedback, Mindbreeze invites all interested parties to participate in surveys on key topics within the framework of a sustainable development of our company. These surveys can be answered without disclosing personal data. The provision of personal data is voluntary and not a requirement. These findings serve to further improve the products and services of Mindbreeze.
It is in the legitimate interest of Mindbreeze customers and interested persons/companies to provide the best possible information about market trends and market developments. Mindbreeze also makes comprehensive research papers available for download free of charge in which Mindbreeze products and services have been evaluated by renowned analyst firms. In addition, Mindbreeze strives to provide the best possible support and advice for customers and interested persons/companies.
It is in Mindbreeze's legitimate interest to document our events and inform the general public about our activities. To this end, picture or video recordings are regularly made at our events for the purpose of public relations and published on our website, our social media channels or on another publicly accessible website. The storage period is limited to the purpose.
You have the right to object to this data processing on grounds relating to your person. To exercise this right, contact: privacy@mindbreeze.com.
In the legitimate interest (in particular direct advertising) due to Art 6 (1) (f) GDPR of Mindbreeze customers (contractual relationship), it is important for Mindbreeze to provide regular information on the ongoing development of their products and services as well as on trends in this sector and topics that are relevant to the market. Mindbreeze also hosts their own events, presents the company at events, holds webinars, and provides information by means of e-mail newsletters.
Those data received by Mindbreeze in the course of its contractual relationship with the customer, will be processed by Mindbreeze in order to send emails, letters or advertising brochures to customers for the purpose of depicting and presenting Mindbreeze products (Art. 6 (1) (f) GDPR). The customer has the right to object to this processing of the customer's data for the purpose of direct advertising, said right can be exercised at any time without giving reasons by means of letter to Mindbreeze c/o Privacy or email to privacy@mindbreeze.com. Mindbreeze will process the customer data for this purpose for as long as the customer lodges no objection, however, up to a maximum of 3 years after the last activity.
Where other forms of direct advertising (e.g., newsletter) are concerned, Mindbreeze will only process the customer data if the customer has given its express consent to the processing of its data (Art. 6 (1) (a) GDPR). If the customer has given its consent to the data processing, it can revoke this consent without giving reasons by means of letter to Mindbreeze or email to privacy@mindbreeze.com. The processing performed until objection is made against such processing or until consent is revoked shall remain lawful.
- Data processing and consent
Irrespective of the above-mentioned legal bases, Mindbreeze may require consent due to Art 6 (1) (a) GDPR for certain processing operations and obtain it from the person concerned. If Mindbreeze is granted consent to the processing of personal data, the data will be processed exclusively for the purposes specified in this consent, such as sending information in product specific e-mail newsletters, information on webinars and events, blog articles, downloading resources or research reports. The consent may be revoked at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the revocation.
A.4 Who receives the personal data?
Within Mindbreeze, the individual employees, departments or Fabasoft companies, that require it in order to fulfil contractual or legal obligations, such as legitimate interests, receive the personal data.
Furthermore, if necessary, we will transfer your data to tax consultants and auditors for purposes of tax consultancy and auditing and, in individual cases, to lawyers and courts, if necessary for legal advice or law enforcement purposes. In individual cases, we also forward your data to our responsible data protection officer in order to obtain advice on the implementation of data protection regulations, e.g. if you assert claims against us. In addition, Mindbreeze uses various business partners and processors to whom personal data is transferred in order to fulfil the respective service.
All sub-contractors are required to use the data solely for the purpose of providing the service that has been clearly defined by Mindbreeze.
Through contractual agreements, Mindbreeze collaborates with the following providers when dealing with marketing and communication:
- LogMeIn. Inc. located in Boston, Massachusetts, USA
Service: Platform for the organisation and implementation of webinars. At the express request of the customer the webinar is recorded and made available to the customer.
Information on compliance with the GDPR: https://www.logmeininc.com/gdpr/gdpr-compliance.
Standard contractual clauses have been concluded and additional measures taken to protect personal data.
- Act-On Software, located in Portland, Oregon, USA.
Service: The forwarding of marketing information material, for example newsletters, webinar invitations and product information, as well as product information concerning client relations (for example, tips on new releases)
Information on compliance with the GDPR: https://act-on.com/privacy-policy/
Data storage and the sending of the emails if effected via Act-On (data location: Frankfurt); the data are processed and secured within the EU. Standard contractual clauses have been concluded and additional measures taken to protect personal data, by means of the encryption of personal data, among others.
EPOS Marketing GmbH, located in Düsseldorf, Germany.
Service: The agency provides services for Mindbreeze concerning public relations. Information on compliance with GDPR: https://epos-marketing.com/datenschutz/TerminApp GmbH, located in Munich, Germany
Service: Provision of the ‘Timify’ appointment booking solution for Mindbreeze. Information on compliance with GDPR: https://www.timify.com/en/pages/eu-general-data-protection-regulation/- Lamano GmbH & CoKG, located in Berlin, Germany
Service: Conducting online surveys with "LamaPoll" (customer/partner satisfaction surveys/stakeholder surveys). Information on compliance with GDPR: https://www.lamapoll.de/Support/Datenschutz
- Fabasoft International Services GmbH
Service: The provision of services for the whole Fabasoft Group. In terms of data protection law, for example, maintenance of a group procedure directory, provision of a central contact point for data subjects in compliance with § 26 (1)(3) GDPR and the assumption of liability for claims asserted by data subjects and regular updating and management of technical and organisational measures.
LinkedIn Ireland Unlimited Company located in Dublin
Service: LinkedIn Paid Ads campaign and subsequent success analysis of the reach of the advertising campaign. Information on compliance with GDPR: https://www.linkedin.com/legal/l/dpa- Google Ireland Limited („Google”), Gordon House, Barrow Street, Dublin 4, Ireland
Service: Reach measurement and/or analysis of visitor numbers, success analysis of marketing campaigns, improvement of website usability, content optimization.
Information on compliance with GDPR: https://policies.google.com/privacy?hl=en&gl=en
- Papoo Software & Media GmbH, CCM19, located in Bonn, Germany
Service: Collecting, managing, documenting and sharing the consent of Fabasoft website users regarding cookie settings.
Information on compliance with GDPR: https://www.ccm19.de/en/privacyclarification.html
Mouseflow, ApS, Flaesketorvet 68, 1711 Copenhagen V, Denmark
Service: Analysis tool to analyze the mouse, scroll and click movements of website visitors. Information on compliance with GDPR: https://mouseflow.com/legal/gdpr/
Insofar personal data are to be transmitted to the USA or any other country with a less stringent level of data protection, Mindbreeze ensures in advance that a suitable level of data protection is in place. The appropriate or adequate guarantees agreed in each case, as well as the possibility to obtain a copy, can be requested at privacy@mindbreeze.com.
Data processing within the Fabasoft Group
There are different interfaces and data processing steps within the Fabasoft Group, in which the different individual personal data processing services are carried out among the companies within the group. The regulations defined in the “Framework agreement for internal data processing within the Fabasoft group” reflect the respective roles of the companies of the Fabasoft Group as joint controllers in a transparent manner pursuant to Art 26 GDPR or as controller and processor pursuant to Art 28 GDPR as well as the lawful form of this legal relationship, in particular in compliance with the regulations of the GDPR or the respective national data protection regulations. In the case of a breach of the framework agreement and/or applicable data protection provisions, Fabasoft International Services GmbH, FN 271303a, Honauerstrasse 4, 4020 Linz, has undertaken to assume liability for claims by a data subject. Thus, a place of jurisdiction within the EU is available to the data subjects for the assertion of their rights.
The Framework Agreement is available for download on the Fabasoft Website: https://www.fabasoft.com/en/about-us/transparency.
Mindbreeze’s partner network
Mindbreeze maintains an extensive partner network and places a high value on exclusivity and quality; there are only a small number of partners in each country or area who ideally complement Mindbreeze, in particular in terms of technological expertise and sales strength. In order to provide the best possible service to international customers and potential customers in their national language and in their own time zone, Mindbreeze recruits partners in the respective country or region and provides them with the necessary voluntarily provided personal data such as first name, last name, e-mail address, business address, telephone number, and company name in a separate secure system. The data will only be disclosed to these select partners with your prior consent. In this case, we always ask you for a consent. Personal data will only be processed to the extent that is contractually agreed with our partners. All partners of Mindbreeze are contractually obliged to use this data for the specific intended purpose(s) only (contact on behalf of Mindbreeze and its products) and not to disclose it to third parties. An overview of all current Mindbreeze partners is available at: https://www.mindbreeze.com/our-partner.html
A.5 For how long is data stored?
Mindbreeze stores personal data for as long as is necessary for the duration of the entire business relationship, from the initiation to the execution through to termination of the contract as well in compliance with the legal retention and documentation obligations, which stem, for example, from the legal business and fiscal retention requirement (usually a period of 10 years) or from the limitation periods in compliance with European or national laws or other regulations to which the controller is subject (up to 30 years).
Personal information (for example for a newsletter, announcement, webinar etc) that is submitted to Mindbreeze with consent will be stored for a maximum of three years after its last activity, provided that it is not withdrawn before this period ends.
A.6 Where is the data stored?
Mindbreeze stores data on hardware owned by Fabasoft in highly secure, external data centres in Germany, Austria and Switzerland.
A.7 What are the data subject’s data protection rights?
You have the right to disclosure, correction, removal or restriction in the processing of your information. You have the right to object to the use of your personal information as well as the right to data portability in accordance with the requirements of the data protection law.
In the event that you withdraw consent to use your personal information, Mindbreeze will immediately stop using this data, provided that the use of this data is solely based on your consent. Exceptions arise as a result of legal or contractual obligations, which render storing data necessary, but this is only in the event of the aforementioned obligations. The legitimacy of the processing, for which consent was granted, remains intact until the consent is withdrawn.
All rights listed above can be claimed through the following channels.
By email: privacy@mindbreeze.com
By mail: Mindbreeze GmbH, c/o Privacy, Honauerstrasse 2, 4020 Linz, Austria
All rights asserted against Mindbreeze must be submitted in writing. To prevent any misuse of these rights by unauthorised parties, you are obliged to verify your identity vis-à-vis Mindbreeze in a suitable manner in case of reasonable doubt.
Mindbreeze is free to continue to use the personal data concerned provided they have been anonymised prior to such use in such a way that it is no longer possible to relate the data to an identified or identifiable individual.
Complaints should be directed to the Austrian Data Protection Authority or to another data protection authority within the European Union or Switzerland, preferably where you live or work.
A.8 Contact with Data Protection Officers
Mindbreeze has a data security team at its disposal that is dedicated to data protection issues (“Privacy Team”) The contact details for this privacy team are available at: https://www.mindbreeze.com/privacy The privacy team can be contacted at: privacy@mindbreeze.com
In addition, Mindbreeze has appointed external data protection officers The contact details of our data protection officers are available at: https://www.mindbreeze.com/privacy
A.9 Compulsory provision of personal information
In the context of the business contract or pre-contractual procedures, personal data necessary for the execution of the business contract, and to which Mindbreeze is legally obliged to collect, must be provided. If this information is not provided, the delivery of products and service, for example, will not be possible.
B. Additional Information About the Mindbreeze Website
B.1 Purpose of the data collection
The Mindbreeze website collects general data each time it is accessed. Such data includes, for example, the IP address, the browser type used, the language, the login times, the terminal device used, the data volumes transferred, the navigation history, and the referrer.
Mindbreeze does not draw any conclusions about the data subject from this transmitted data. This information is required in order to deliver website content correctly, to ensure permanent functionality or to provide the relevant information to authorities.
In addition, the Mindbreeze website offers extensive opportunities to register by providing personal data or to contact the companies via generally available e-mail addresses.
Data collection capabilities | The purpose of data collection |
Registration for product-specific e-mail newsletters | Sending product-specific news articles, white papers, and invitations to webinars and events |
Registration for events and webinars | Sending of information about the event, transmission of access data, registration status, as well as the post-event report, sending of information about similar events by mail |
Download resources Selected documents such as white papers, guidelines, case studies and webinar recordings are available via forms. | Sending the download link for the requested document by e-mail Sending of further supporting information on Mindbreeze products or services by e-mail |
Online applications | See separate privacy policy for applicants in the application process |
Contact the sales, support or M&A team via form | Contacting the sales, support or M&A team |
Registration for paid trainings | Sending information about the training, sending the registration status, sending information about similar trainings https://www.mindbreeze.com/academy/training/gtc |
Provision of information on products and services | Regular information on the technical development of the products such as release notes, software product information (SPI), knowledge base |
When registering for one or more of the purposes mentioned above, personal data will only be collected in the form of first name(s), surname(s), email address, company, UID number, job title, gender, telephone number, street, postcode, location and country. This information contributes to providing an efficient service and will be processed if consent is granted.
B.2 Use of essential cookies
Cookies are small text files that are stored by the website operator via the browser on a storage medium of the end device used by the website user (PC, notebook, tablet, smartphone, etc.). This information is retrieved during subsequent visits to the website and enables the website to recognize the end device. Both personal and non-personal data can be stored in cookies.
When visiting our website, click on "Accept all cookies", then accept all types of cookies or click on "Settings" to find out more details and specify which cookies you want to decline. The settings you have made can be managed at any time under the item "Cookie settings" in the footer of the website.
Essential cookies enable basic functions and are necessary for the smooth functioning of the website.
Consent Management:
We currently set a cookie as part of our Consent Management platform CCM19 to ensure that when you return to our website, we know which cookie option you selected on your previous visit. This enables us to fulfill our legal obligation to document your consent.
The following essential cookies are used on the Mindbreeze website:
| Cookie name | Purpose/description | Lifespan |
|---|---|---|
| cookie_settings | Saves information concerning your cookie settings. | 30 days |
| WSAFFINITY bzw. fsc-public-session | Mindbreeze makes its downloads available via public links from its Fabasoft Cloud product. This cookie optimizes the performance distribution so that the downloads can be delivered with optimal performance. | < 1 day |
_apm:telemetryStatus#...:
| Performance measurement app.telemetry (needed for the search function on www.mindbreeze.com) The last response of the web.telemetry requests is saved in this value. This includes in particular the information concerning which instrumentation level the Client instrumentation is to be recorded on. This information is important at the start of the Client, so that even the first request can already be collected in the selected recording level, because the first web.telemetry request is not generally effected until after the first application request has been sent. | unlimited |
| apm:guid | Session ID for app.telemetry (needed for the search function on www.mindbreeze.com) This is a GUID that enables the possibility of assigning telemetry data to a Client even when the page is reloaded or the Client uses the navigation to switch to other pages of the application. | unlimited |
B.3 The use of analysis & tracking services
Analytics service Google Analytics
Our website uses the web analysis service Google Analytics, which is offered for people from Europe, the Middle East and Africa (EMEA) by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Europe. For all other persons, the service is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We integrate Google Analytics via the Google Tag Manager.
Google Analytics uses cookies and similar technologies to analyze our website based on your usage behavior so that we can improve our internet presence. Google uses the access data on our behalf to create pseudonymous user profiles and transmits these to a Google server in the USA. Google will use the information obtained by the cookies on our behalf to evaluate the use of our website, compile reports on website activity and provide other services relating to website activity and internet usage.
The data collected by Google Analytics as part of the usage analysis is enriched with data from the Google Search Console and linked with data from Google Ads, among other things, to measure the success of our advertising campaigns (so-called conversions).
Google Analytics can process the following data: anonymized IP address; referrer URL (previously visited page); pages viewed (date, time, URL, title, duration of visit); downloaded files; links clicked on to other websites; if applicable, achievement of certain goals (conversions); technical information (operating system; browser type, version and language; device type, brand, model and resolution); approximate location (country and possibly city, based on anonymized IP address).
We have implemented the following data protection settings in accordance with Art. 25 GDPR:
- Pseudonymization of the IP address
- Deactivation of Google signals and location-based services
- Retention period of 2 months
Google Analytics sets the following cookies for the specified purpose with the respective storage duration:
| Cookie name | Purpose/Description | Duration |
| _ga | to recognize and distinguish between website visitors by means of a user ID | 2 years |
| _gid | to recognize and distinguish between website visitors by means of a user ID | 24 hours |
| _gat | to reduce the number of requests to Google's servers | 1 minute |
| IDE | If necessary, third-party cookie to recognize and distinguish website visitors by means of a user ID, to record interaction with advertising and as part of the display of personalized advertising | 13 months |
Data is only collected by Google Analytics after consent to the processing of personal data by clicking on the button “Accept all cookies” or when selecting under “Manage settings”. This consent can be revoked at any time by changing the cookie setting (button “Manage settings” or “Cookie settings” in the footer of the website.
If you have not consented to the use of the analysis tools, your data will not be collected by Google Analytics. In addition to the option formulated above to revoke your consent or to adjust the selection of tools, you also have the following options to prevent web analysis by Google
You can set your browser to block cookies from Google Analytics.
You can customize your settings for advertising on Google.
For more information about Google Analytics, please see the Google Privacy Policy and the Google Analytics Privacy Policy, available at:
https://support.google.com/analytics/.
Google Maps
This page uses the Google Maps map service via an API. The provider is Google Ireland Limited („Google”), Gordon House, Barrow Street, Dublin 4, Ireland. It is necessary to save your IP address in order to use the functions of Google Maps. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. Google Maps is used in the interest of presenting our online offers in an appealing manner and making it easier to find the locations we have indicated on the website. This constitutes a legitimate interest within the context of Art. 6 (1) (f) GDPR. You can find more information on the handling of user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.
Google Translate
This site uses the translation service Google Translate. The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). You can recognize this service by the “Select language” symbol on our site. Google Translate is not activated until you click on the “Select language” text, and data is not transferred to Google until then. In this process, the IP address and the URL of our site are transmitted to the USA and stored there. We have no influence on the data collected or the data processing procedures. We also do not know the extent of the data collection, the purposes and the storage periods. We would like to point out that the computer-generated translation sometimes only roughly matches the original text. Information on the purpose and scope of data collection and processing by Google can be found in the following data protection notice: https://policies.google.com/privacy?hl=en&gl=en
Google Translate sets the following cookies for the specified purpose, with the respective storage duration:
| Cookie name | Purpose/Description | Duration |
| googletrans | To save the language setting | < 1 day (session) |
| __Secure-BUCKET | Google security cookie used to confirm the authenticity of visitors, protect visitor data and prevent fraudulent use of login data. | 180 days |
| __Secure-ENID | To secure digitally signed and encrypted data from the unique Google ID and to store the last login time, which Google uses to identify visitors in order to prevent fraudulent use of login data and to protect visitor data from unauthorized persons. This may also be used for targeting purposes to display relevant and personalized advertising content. | 13 months |
| UULE | The UULE cookie is used to store a location or a precise position (with longitude and latitude). | 6 hours |
Data is only collected by Google Translate after consent to the processing of personal data has been given by clicking on the “Accept all cookies” button or when selecting “Manage settings”. This consent can be withdrawn at any time by changing the cookie settings (button “Manage settings” or “Cookie settings” in the footer of the website).
Mouseflow
This site uses the web analysis tool Mouseflow, which is used to analyze and optimize the user experience on websites. The provider is Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark (hereinafter Mouseflow). The data processing includes the recording of mouse movements, clicks, scrolling and other user interactions. This data is collected to create heat maps and session replays that allow a detailed analysis of user activity. The data comes directly from the website users and is collected by installing a tracking code on the website. The processing is automated and the data is stored in a database to prepare it for analysis.
The following data can be processed by Mouseflow: Clicks, mouse movements, hovering, scrolling, browser, device (desktop/tablet/mobile), language, operating system, screen resolution, visit duration, navigation (URLs), page content (HTML), ISP & location (city, state/region, country), keyboard input (only for non-EU/EEA data subjects in non-EU/EEA accounts and never for passwords, numbers or excluded fields), referrer URL, visitor type (first-time visitor/return visitor), individual tags or variables, answers in the feedback tool.
The data is stored for up to 3 months.
Information on the purpose and scope of data collection and processing by Mouseflow can be found in the data protection notice below: https://mouseflow.com/legal/gdpr/
Mouseflow sets the following cookies for the specified purpose, with the respective storage duration:
| Cookie name | Purpose/Description | Duration |
| mf_* | The cookie contains information about the current session, but no information that can be used to identify the visitor. | < 1 day (session) |
| mf_user | This cookie determines whether the user is a returning visitor or a first-time visitor. This is done simply by means of a yes/no checkbox, and no further information about the user is stored. | 90 days |
Mouseflow only collects data after you have given your consent to the processing of personal data by clicking on the “Accept all cookies” button or when selecting “Manage settings”. This consent can be withdrawn at any time by changing the cookie setting (“Manage settings” or “Cookie settings” button in the footer of the website).
Recording on all websites that use Mouseflow can be disabled globally for the browser currently in use at the following link: https://mouseflow.com/opt-out/
Web analysis service Act-on
For the statistical evaluation of visitor accesses, data for marketing purposes and for the recognition of companies is collected, processed and stored in the data center of Act-on Software, Inc. in Germany with the tool Act-On after consent has been granted. This consent can be revoked at any time by changing the cookie setting (button "Manage settings or cookie settings" in the footer of the website.
Act-on carries out address determination on the basis of this data - but only if it is ensured that it is a company and not an individual person. Cookies are also used for this purpose.
In addition, Act-on collects information on surfing behaviour for those persons who have submitted a form or who have registered for an e-mail service. The following information is collected: which websites are visited on www.mindbreeze.com, which e-mails from Mindbreeze are opened, which forms are submitted. This data is kept as long as the data of this person is processed according to the stated purposes. This information is used to constantly improve the information offered and to optimize the browsing experience.
| Cookie | Act-On Tracking Cookie |
| Provider | Act-On Software, Inc. |
| Purpose | Evaluation of visitor access, identification of companies |
| Privacy Policy | https://www.act-on.com/privacy-policy/ |
| Cookie name | wp45113 |
| Cookie lifespan | 1 year |
Data is not collected by Act-On Beacon unless consent has been given for the processing of personal data by clicking on the button "Accept all cookies" or by a selection made under "Manage settings". This consent can be revoked at any time by changing the cookie setting (button "Manage settings" or "Cookie settings" in the footer of the website).
Google Ads
In addition, we use Google Ads to serve advertisements and to generate aggregate statistical reports without personally identifiable information about the success rate of our advertising campaigns, i.e., the total number of users who responded to our ad. These aggregated statistics include the origin of visitors, their time spent on individual pages, and search engine usage. This allows us to optimize our content.
LinkedIn Ads
Furthermore, we use LinkedIn Ads to serve advertisements or ads/campaigns, and to generate aggregated statistical reports without personal data about the success rate of our campaigns, i.e., the total number of users who responded to our ads. This allows us to optimize our content.
Right to withdraw consent and deletion with regard to. Tracking and Analytics Services:
You may withdraw your consent regarding tracking and analytics services at any time in your browser. If you would like to request deletion of your personal data or have questions about our use of your personal data, please contact us at privacy@mindbreeze.com.
B.4 Requests to general contact addresses
The Mindbreeze website also provides general e-mail addresses for contacting Mindbreeze. If you send a message to an e-mail address, this e-mail will automatically be forwarded to the relevant persons for the purpose of processing your inquiry.
B.5 Data security
Your personal data, if you disclose it to us, will be transmitted over the Internet in encrypted form (SSL - Secure Sockets Layer). You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://". If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
In addition, we secure our website and other systems through technical and organizational measures against loss, destruction, access, modification and distribution of your data by unauthorized persons.
B.6 Links and buttons to other websites
The website contains links to other websites. Mindbreeze is not responsible for the data protection policies or their content.
Mindbreeze also provides links on this website to the following social media sites: X, Meta, YouTube, Xing, LinkedIn and Instagram. Some of these links are displayed as icons. When you click on these social media icons (links) you will be subsequently redirected from the Mindbreeze website to the respective social media site.
When you click on one of these links, you will be redirected to the respective website and are thus allowing the respective site operator to access your personal information. No personal data are collected by Mindbreeze via these links.
Embedding YouTube videos in expanded data protection mode
YouTube videos are embedded (framing) on our website exclusively in “expanded data protection mode”. As soon as you open the page, a connection is made to YouTube and its DoubleClick network (responsible for the marketing of YouTube), which allows YouTube access to the browser storage. Due to the “expanded data protection mode” of YouTube, no cookies are placed as long as you do not click on the embedded video.
C. Privacy Information for visitors to our Social Media Platforms
C.1. Privacy information for visitors to our Facebook Fan Page
Operators of a fan page together with Meta Platforms Ireland Limited (abbr. "Meta", formerly: Facebook) are so-called "joint controllers" within the meaning of Art 26 GDPR. The privacy policy of Meta (formerly: Facebook) and the allocation of responsibilities can be found at www.facebook.com/privacy/explanation. Under this link you can find out how you can assert your rights against Meta and contact Meta. If you visit our fan page (https://www.facebook.com/Mindbreeze/) on Facebook, we will process personal data in process personal data in connection with this visit, regardless of whether you are registered or logged in on Facebook or not. The data provided directly by you and by Meta will be used exclusively for the purpose of communicating with customers and communication with interested parties as an overriding legitimate interest within the meaning of Art 6 lit f GDPR, to provide you with the most interesting information for you.
Meta provides fan page operators with the "Page Insights" function, with the help of which we receive anonymized statistical data about the users and visitors of our fan page. These "Page Insights" are summarized statistics that are based on certain actions (so-called certain actions (so-called "events") that are logged by Meta, when users and visitors interact with our fan page and the content associated with it.
By operating the fan page and in particular by using “Page Insights”, data is jointly processed by Mindbreeze and by Meta Platforms Ireland Limited in accordance with Art. 26 GDPR. For more information on data processing in connection with “Page Insights”, please refer to: https://www.facebook.com/legal/terms/page_controller_addendum?_rdr
The data collected about you in this context is processed by Meta Platforms Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland and may be transferred to countries outside the European Union. countries outside the European Union transferred. Which information Meta receives as data controller receives and how it is used is described in general terms in Meta's its data usage guidelines. There you will also find information on how to contact Meta and on the setting options for advertisements. The data usage guidelines are available under the following link:https://www.facebook.com/privacy/policy/ .
Information on how you can manage or delete information about you can be found on the following Facebook support pages: https://www.facebook.com/privacy/policy/
C.2. Privacy information for visitors to our Instagram account
Fabasoft uses the technical platform and services of Instagram Inc., 1601 Wilow Road, Menlo Park, CA, 94025, USA for the information service offered. Our Instagram presence enables us to present our company to the users of this network and to communicate with these persons. The data provided by you directly and by Instagram is used exclusively for the purpose of customer and prospect communication as an overriding legitimate interest in compliance with Art 6 (1) (f) GDPR, in order to be able to offer you the most interesting information for you.
Instagram is part of the Meta group of companies and shares infrastructure, systems and technology with Meta Platforms Ireland Limited.
The operation of the fan page and in particular the use of "Page Insights" results in the joint processing of data by Mindbreeze and Meta Plateforms Ireland Limited pursuant to Art. 26 GDPR. Further information on data processing in connection with "Page Insights" can be found at: https://m.facebook.com/legal/terms/page_controller_addendum
When you visit our Instagram page, Instagram and also its affiliated company Meta collect your IP address and other personal data in the form of cookies. For information on the legal basis for data processing, any recipients, any transfer of your data to a third country by Instagram, and any further information on data processing, please refer to Instagram's privacy information at: https://help.instagram.com/155833707900388?cms_id=155833707900388
C.3. Privacy information for visitors to our LinkedIn page
Mindbreeze operates a LinkedIn page. When operating this page, we rely on the legitimate interest as defined in Art 6 (1) (f) GDPR. Operators of the LinkedIn service together with Mindbreeze constitute so-called "joint controllers" as defined by Art 26 GDPR.
We process your inquiries or contributions in order to respond to you and to be able to contact you. The data is only kept as long as it is required for the purposes of collection or is subject to legal retention obligations.
The data processed by LinkedIn and your rights can be accessed at https://www.linkedin.com/legal/privacy-policy? Please note that the processing operations may result in data transfers to the USA.
C.4. Privacy information for visitors to our X page
Mindbreeze operates a X page. When operating this site, we rely on the legitimate interest in Compliance with Art 6 (1) (f) GDPR. Operators of the X service together with Mindbreeze constitute so-called "joint controllers" as defined by Art 26 GDPR.
We process your inquiries or contributions in order to respond to you and to be able to contact you. We only process the data you enter on X by retweeting or replying to your tweets, if applicable, or also by composing tweets from us that refer to your account. We store your personal data for this purpose exclusively on an occasion-related basis on our systems, i.e. outside of X, if and for as long as it is required for the purposes of collection or legal retention obligations exist. Via the dashboard provided by X, we can retrieve statistics on how often a tweet was opened and liked, how often the link in the tweet was clicked, how often the tweet was retweeted, how often the details about the tweet were called up and how often embedded images, videos or other media were clicked on. The recipient of the data is first X, where it may be shared with third parties for X's own purposes and under X's responsibility. The recipient of publications is also the public, i.e. potentially anyone.
The data processed by X and your rights can be found at https://twitter.com/en/privacy . Please note that the processing operations may result in data transfers to the USA.
C.5. Privacy information for visitors to our Youtube channel
Mindbreeze operates a YouTube channel. When operating this channel, we rely on the legitimate interest in compliance with Art 6 (1) (f) GDPR. Operators of YouTube (Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) together with Mindbreeze constitute so-called "joint controllers" as defined by Art 26 GDPR.
By using YouTube, your personal data will be processed by YouTube. We would like to point out that you use the YouTube channel offered here and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, commenting). Mindbreeze has no influence on the type and scope of the data processed by YouTube. YouTube processes your voluntarily entered data and evaluates any content you have shared or viewed.
The data processed by YouTube and your rights can be viewed at https://policies.google.com/privacy?hl=en