As of February 2023
Thank you for visiting our website www.drooms.com and for your interest in our company and our offers.
We collect, use and store your personal data only within the context of the provisions of the GDPR. Below, we inform you about the type, scale and purpose of data collection and use.
Contents
1. Controller for the processing of your personal data
2. Collection and storage of personal data as well as the type and purpose of its processing
3. Passing on and transmission of personal data
4. Rights of the data subject
5. Data erasure and storage period
6. Use of Zoho CRM
7. Cookies
8. Online marketing/analysis measures
9. Embedded media
10. Social media plugins
11. Data privacy in case of applications and the application procedure
12. Data security
13. Topicality and changes to this Data Protection Statement
14. Name and contact details of the data protection officer
1. Controller for the processing of your personal data
The controllers within the meaning of the EU General Data Protection Regulation (“GDPR”) are Drooms GmbH and Drooms AG (hereinafter: “we”).
Drooms GmbH
Eschersheimer Landstr. 6, 60322 Frankfurt am Main, Germany
Phone: +49 69 478640-0
Email: office@drooms.com
Managing Director: Alexandre Grellier
Website: www.drooms.com
Drooms AG
Industriestrasse 13 c, CH-6003 Zug, Switzerland
Phone: +41 41 7674410
Email: office-ch@drooms.com
Managing Director: Alexandre Grellier, Jan Hoffmeister
Website: www.drooms.com
Representative for Drooms AG within the meaning of Article 27 GDPR:
Drooms GmbH, Eschersheimer Landstr. 6, 60322 Frankfurt am Main, Germany
2. Collection and storage of personal data as well as the type and purpose of its processing
a) When you visit our Drooms website – server log files
Any access to our website and any access to a file stored on this website will be logged. The following data is recorded without any action on your part and stored until automatic erasure:
· internet protocol address of the requesting computer, as well as device identifier or individual device ID and device type;
· name of the file accessed and data volume transferred, as well as date and time of access;
· a report on successful access;
· requesting domain;
· description of the type of internet browser used and the operating system of your end device, as well as the name of your access provider;
· location data, including location data of your mobile device. Please note that you can control or deactivate the use of location services in the settings menu of most mobile devices.
Our legitimate interest according to Article 6(1)(f) GDPR in collecting the files is based on the following purposes:
· ensuring a smooth connection set-up and convenient use of the website;
· evaluating system security and stability;
· further administrative and statistical purposes.
The use of server log files forms part of the technical and organisational measures pursuant to Article 32 GDPR to protect the security of data processing by our website. In this sense, the provision of this data by the user is to be regarded as obligatory within the meaning of Article 13(2)(e) GDPR.
When using this general data and information, we do not draw any conclusions about your person. The data is not passed on or used in any other way. However, we reserve the right to examine the server log files at a later date in the event of any specific indications of unlawful usage. Disclosure of your data may become necessary if according to Article 6(1)(c) GDPR the controller is lawfully required to hand over your data by a state or public authority. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
Further personal data is only recorded if you freely provide additional information while using the website as described below.
b) When using our contact form
We offer you the option of contacting us using a form provided on the website. As a minimum, you must provide a valid email address, your first and last name, the name of the company and the company’s registered office so that we know who the enquiry is from and are able to respond to it as satisfactorily as possible. You can also opt to provide a telephone number for a callback.
Processing activities for the purpose of contacting us take place according to Article 6(1)(a) GDPR based on your freely given consent. You can withdraw your consent at any time in accordance with Article 7(3) GDPR. To do so, you can use the contact details listed in this Data Protection Statement (email, telephone, post). Withdrawing consent shall not affect the lawfulness of the processing carried out on the basis of the consent until withdrawn. Withdrawing consent means that the data will be deleted immediately and will no longer be processed in any way.
This personal data is not passed on to any third parties. You have no legal or contractual obligation to provide the personal data collected here. The provision is made on a voluntary basis. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
Alternatively, you may contact us via the email addresses listed on the contact request website or the email address provided for support, support@drooms.com, if you have any general questions, issues with set-up and use, as well as software error messages. In this case, the user’s personal data transmitted with the email will be processed for the purpose of handling the enquiry on the basis of Article 6(1)(b) GDPR.
The personal data collected by us for use of the contact form and the personal data indicated by you when you use our contact email addresses will be deleted automatically after completion of the request filed by you, provided that the contact request did not lead to any contractual or pre-contractual relationship or such a relationship was already present, so that further processing is not required on the legal basis of Article 6(1)(b) GDPR. In any case, the data will be deleted after the purposes of processing have been fulfilled.
c) When downloading Drooms Whitepapers
We offer you the opportunity to download Drooms Whitepapers free of charge on our website.
In order to provide the download, you consent to the collection of your first and last name, email address, telephone number, your company including the company’s registered office and industry category. As part of the input process, we refer you to this Data Protection Statement and inform you that by clicking on the “Download Whitepaper” button you agree to be contacted by Drooms GmbH or Drooms AG by email or telephone. For the purpose of contacting you in the most satisfactory way possible, this data is processed.
The processing of this data, in particular in the process of contacting us, is therefore carried out in accordance with Article 6(1)(a) GDPR on the basis of your voluntary consent. You can withdraw your consent at any time in accordance with Article 7(3) GDPR. To do so, you can use the contact details listed in this Data Protection Statement (email, telephone, post). Withdrawing consent shall not affect the lawfulness of the processing carried out on the basis of the consent until withdrawn. Withdrawing consent means that the data will be deleted immediately and will no longer be processed in any way.
This personal data is not passed on to any third parties. You have no legal or contractual obligation to provide the personal data collected here. The provision is made on a voluntary basis. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
d) When requesting a software demo
On our website, we offer you the option of a free online presentation of our Drooms demo data room by phone and internet.
In order to provide the personal software demo, you consent to the collection of your first and last name, email address, telephone number, your company including the company’s registered office and industry category. As part of the input process, we refer you to this Data Protection Statement and inform you that by clicking on the “Submit” button you agree to be contacted by Drooms GmbH or Drooms AG by telephone. For the purpose of contacting you and providing you with the software demo in the most satisfactory way possible, this data is processed.
The processing of this data, in particular in the process of contacting us, is therefore carried out in accordance with Article 6(1)(a) GDPR on the basis of your voluntary consent. You can withdraw your consent at any time in accordance with Article 7(3) GDPR. To do so, you can use the contact details listed in this Data Protection Statement (email, telephone, post). Withdrawing consent shall not affect the lawfulness of the processing carried out on the basis of the consent until withdrawn. Withdrawing consent means that the data will be deleted immediately and will no longer be processed in any way.
This personal data is not passed on to any third parties. You have no legal or contractual obligation to provide the personal data collected here. The provision is made on a voluntary basis. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
The data will also be deleted when the purpose of the software demo provision has been fulfilled and if no contractual or pre-contractual relationship has subsequently arisen and further processing is therefore not required on the legal basis of Article 6(1)(b) GDPR.
e) When participating in events
We use the online service Zoho Bookings to register and conduct our appointment bookings. When booking an appointment via the registration form on our website, we make reference to this Data Protection Statement. The data entered in the registration form (email address, first and last name, company, telephone number if applicable) is transferred to us and processed. The legal basis for this processing is Article 6(1)(b) GDPR. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
f) When booking webinars
To register for and for us to deliver our webinars, for which you can register via our website, we use the livestorm service from the service provider LIVESTORM SAS., 24 rue Rodier 75009 Paris, France (hereinafter “livestorm”). When registering for a webinar, we provide a link on our website to a registration form on livestorm’s website. The webinar participant must enter their email address and first and last name here. This data is transferred to livestorm and processed there. The legal basis for this processing is Article 6(1)(1)(b) GDPR. We have concluded a processing contract pursuant to Article 28(3) GDPR with livestorm. You can find further information in livestorm’s privacy policy at:
https://livestorm.co/privacy-policy/.
The data entered will also be entered into the customer relationship management system we use (see also Section 6). The legal basis for this processing is Article 6(1)(b) GDPR. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
g) When registering for and using our Drooms data room platform
In order to use the Drooms data room platform, you must authorise yourself as a user and register for the Drooms data room platform. To do this, you must enter the data requested in the registration screen. The data required is your first and last name, email address, password, company name, if applicable, and country. In addition, you can voluntarily provide information on your job title, department and industry, as well as a contact telephone number.
Drooms processes your data exclusively for the purpose of your registration and use of the data rooms. The legal basis for the data processing is Article 6(1)(b) GDPR or, for the information you provide voluntarily, Article 6(1)(a) GDPR. Your data collected here will be deleted if you request the deletion of the email address you provided to Drooms for registration or if the email address you provided for registration with regard to the use of the Drooms platform has been inactive for a defined period of time.
Please find information below about what personal data is collected when you use the Drooms data room platform. When you visit the Drooms data room platform, the following data is collected and processed separately for each data room:
· your email address;
· your IP address;
· the documents and index points you click on in the data room;
· the date and time the document/index is accessed;
· the duration of the visit to the data room platform and the index/document level you accessed;
· data you uploaded to the data room and processed there.
The legal basis for this storage of data is Article 6(1)(b) GDPR. As per the contract, our data room customer receives a data room in which he/she can manage the documents, the users and user groups, and the authorisations of the users in order to control the user behaviour in the data room. Drooms acts here as processor for its data room customer.
The storage of this data is limited to the duration of the respective existing data room contract with our data room customer and is deleted from the Drooms platform one month after the end of the respective data room. Upon request, the data room customer shall receive data carrier sets of data uploaded in the data room and evaluation protocols and shall be the controller for this in the sense of Article 4(7) GDPR.
The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
h) When concluding a contract via our online shop
When accessing our online shop (https://shop.drooms.com/home/), as with every access to our website, the respective accesses are logged via server log files. This represents data processing as described in Section 2a). In addition, the following personal data is collected in the online shop when a contract is concluded or when registering as a user of a data room via our Drooms online shop:
· data that personally identifies you, such as email address, name, address, telephone number;
· IP address;
· any data that identifies your company, such as company name, address, communication data (email address, phone number), VAT ID or tax number;
· if applicable, the payment processing information (see Section 2i) );
· other personal data, that we are required or permitted to collect and process by law and that we need for your authentication, identification or to verify the data collected by us.
The data named is processed for the purpose of processing the contract. The data will be processed based on Article 6(1)(b) GDPR. The storage period is limited to the contractual purpose and, if applicable, statutory and contractual archiving obligations.
This personal data is not passed on to any third parties. This does not include third parties who need to have access to the data in order to fulfil the contract (e.g. payment service providers) or who are permitted to have access to the data processing due to legal provisions (e.g. within the scope of official audits). You have a contractual obligation to provide the personal data collected here, where this is necessary for the conclusion of a contract. No contract can be concluded without the provision of this data. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
i) When using payment service providers
If you use paid services on our web pages in our online shop, you must also provide us with your bank, credit card or other payment processing data and your address as well as possibly other information during the order process. As a matter of course, we always handle all the data you provide in accordance with the legal requirements. The provision of data for payment processing is a contractual requirement. No contract can be concluded without the provision of this data. Payment processing data is transferred within the scope of statutory provisions to our payment service provider PayPal Pte. Ltd. (5 Temasek Boulevard, #09-01 Suntec Tower Five, Singapore 038985) for the purpose of processing the payment via the Braintree payment platform. Braintree is a service of PayPal (Europe) S.à.r.l. et Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg). We do not store credit card data. The legal basis for forwarding the data in this case is Article 6(1)(b) GDPR.
Beyond this, data will not be passed on to third parties. An exception to this is processing within the scope of legal obligations pursuant to Article 6(1)(c) GDPR, e.g. in the case of an official inspection. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
The personal data you provide and which is relevant for payment processing is subject to the security and data protection provisions of PayPal Pte.Ltd. Further information from PayPal can be found at:
https://www.paypal.com/de/webapps/mpp/ua/privacy-prev
https://www.braintreepayments.com/en-de/legal/braintree-privacy-policy
https://www.braintreepayments.com/en-de/features/data-security
j) When registering for our newsletter
You may sign up for our Drooms newsletter at various locations on our website by way of the double opt-in procedure, thereby voluntarily giving your consent. Please refer in this regard to the declaration of consent (https://drooms.com/de/einwilligungserklaerung) and this Data Protection Statement.
We will use your email address, your (first/last) name and form of address (Mr or Ms/Mrs) that you transmitted in the input screen provided for this purpose on our website when subscribing to the newsletter, on the legal basis of Article 6(1)(a) GDPR in order to regularly send you our newsletter.
When you sign up for the newsletter, we will also store your internet protocol (IP) address and the date and time of the registration. The collection of this data serves to legally protect the controller and is based on our legitimate interest in the proper provision of the newsletter pursuant to Article 6 (1)(f) GDPR.
The newsletter of Drooms AG and Drooms GmbH is sent at regular intervals (approx. once per month) by email and informs you about news, functions and updates concerning any Drooms products and services, business activities and events of the Drooms group, and events with an economic, social or legal connection to the business environment of Drooms companies, as well as the option of participating in customer satisfaction surveys.
You can withdraw your consent to receive the newsletter at any time in accordance with Article 7(3) GDPR, for example via a link at the end of the newsletter. Alternatively, you can also send your withdrawal or unsubscribe request by email to marketing@drooms.com at any time (preferably using the subject: “Unsubscribe from newsletter”).
If you unsubscribe, the data entered to set up your subscription will be deleted. If data has been submitted to us for any other purposes and in any other location, we will continue to retain it.
The personal data collected whilst registering for the newsletter will only be used to send out our newsletter. To send the newsletter we use an external processor with whom we have concluded a processing contract in order to fully comply with the statutory data protection requirements (see also Section 6). Beyond this, data will not be passed on to third parties. You have no legal or contractual obligation to provide the data. The provision of the data is voluntary for the purpose of receiving the newsletter. You cannot subscribe to the newsletter without providing the data, however. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
Newsletter tracking: The Drooms newsletters contain tracking pixels that permit statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, Drooms will be able to see whether and when an email was opened by a data subject and which links in the email the data subject clicked. The legal basis for this is Article 6(1)(f) GDPR. Such personal data collected in the tracking pixels contained in the newsletters is stored by the controller for processing and evaluated in order to optimise the sending of the newsletter and to adjust the contents of future newsletters to the interests of the data subject even better in future. This personal data will not be passed on to any third parties. You can object to this processing according to Article 21(1) GDPR by unsubscribing from the newsletter as described above. Drooms will automatically consider unsubscription from the newsletter to be a withdrawal. You can also prevent tracking by the tracking pixel in the newsletter by configuring your email application so that external content in emails is not automatically accessed. This allows you to see the newsletter content without your interaction being tracked by Drooms.
k) Use of the chat function
We operate a live chat system on this website to answer your live queries (“chat function”). For this chat function, we use the service provider Zoho of ZOHO CORPORATION B. V. (Beneluxlaan 4B, 3527 HT Utrecht, The Netherlands). The following data is collected in the process:
· your IP address;
· the Drooms website you have just visited;
· the duration of your visit;
· your chat name;
· the chat content you provided.
If the information collected in this manner refers to a person, further processing will take place according to Article 6(1)(b) GDPR to perform or prepare a contract or according to Article 6(1)(f) based on our legitimate interest in effective customer support and the statistical analysis of user behaviour for optimisation purposes.
Cookies are used to operate the chat function. The cookies permit recognition of the visitor’s web browser in order to ensure differentiation between the individual users of our website’s chat function.
In order to avoid cookies being stored, you may set your web browser so that cookies can no longer be stored on your computer, or that cookies already stored will be deleted. Deactivation of all cookies may, however, render you subsequently unable to use the chat function and possibly other things on our website.
There is no legal or contractual obligation to use the chat function and to provide the associated data. You can object to data processing within the scope of the chat cookie by not using this service. This personal data is not passed on to any third parties. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
l) Collection of personal data in the context of direct business or business-initiating relationships
We collect, store and use personal data in our customer relationship management system (see also Section 6) that we receive in the course of direct contacts for the purpose of business or business-initiating relationships, such as business cards, trade fair contacts, etc. Processing and storage is carried out in accordance with Article 6(1)(b) GDPR. This personal data is not passed on to any third parties. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
m) When using the Drooms app or an API (application programming interface)
In Section 2g) we have provided information about data processing when using the Drooms platform via your browser. You also have other options for accessing the Drooms platform. You can use Drooms’ own customer application (“Drooms app”) as a mobile or desktop version and log in via this. It is also possible to gain access to the data rooms via an API (application programming interface), whereby the users themselves choose the extent to which the Drooms software is integrated into the proprietary IT systems.
With these options for accessing the Drooms platform, personal data is also processed. This includes:
· data that personally identifies you, such as email address, name, address, telephone number, IP address;
· any data that identifies your company, such as company name, address, communication data (email address, phone number), VAT ID or tax number;
· data on the files used as well as the files themselves being interacted with (uploaded/downloaded, edited), including photos, videos, documents and other types of user content, if applicable;
· app usage data, e.g. when, how long and which forms of app interaction;
· diagnostic data such as crash logs and performance data (e.g. load times, hang rate);
· if applicable, the payment processing information (see Section 2i);
· other personal data, that we are required or permitted to collect and process by law and that we need for your authentication, identification or to verify the data collected by us.
As already stated in Section 2g), the aforementioned data processing is part of the contract and is thus carried out on the basis of Article 6(1)(b) GDPR. As per the contract, our data room customer receives a data room in which he/she can manage the documents, the users and user groups, and the authorisations of the users in order to control the user behaviour in the data room. Drooms acts here as processor for its data room customer. The storage period is limited to the contractual purpose and, if applicable, statutory and contractual archiving obligations.
With regard to the data processed only for the provision of the Drooms app, processing is carried out on the basis of our legitimate interest pursuant to Article 6(1)(f) GDPR in the secure and optimised provision of our service to our customers. There is no legal or contractual obligation to use the Drooms app and to provide the associated data. You can object to data processing within the scope of the Drooms app by not using this service. This personal data is not passed on to any third parties. The data will not be used for the purposes of automated decision-making or profiling within the meaning of Article 22 GDPR.
n) Zoho Backstage
We use the event management tool Zoho Backstage to register and conduct our events. The registration process starts with the purchase of a ticket (“Buy Ticket”) for an event. The data entered in the registration form (email address, first and last name, company, telephone number if applicable) is transmitted to the Zoho CRM system and processed there. The legal basis for this processing is Article 6(1)(b) GDPR. After successful registration you will receive an automated confirmation email.
o) Zoho Survey
To continuously improve our data room platform, we conduct automated customer satisfaction surveys with platform users about our data room platform and individual data room functionalities, and use Zoho Survey to create these surveys and process responses. Participation in the survey is always voluntary after giving your express consent in accordance with Article 6(1)(a) GDPR.
We conduct the surveys anonymously; it is not possible to draw conclusions about the respondent. Exception: In individual cases, we may design surveys in such a way that the respondent is able to provide personal data (such as name and email address), e.g. for the purpose of contacting you. The provision of this data is always voluntary. If you have voluntarily provided us with personal data via surveys, you have the right to view this data, correct it or have it deleted at any time.
Your data will not be transferred to third parties. Your participation in the Zoho Survey will help us to optimise your use of the platform to the best possible extent.
3. Passing on and transmission of personal data
Your data will not be transferred to any third parties for any other than the purposes listed below. We shall only pass on your data to third parties if:
· you have explicitly consented to this (Article 6(1)(a) GDPR); or
· this is necessary for the performance of a contract or in order to take steps prior to entering into a contract (Article 6(1)(b) GDPR); or
· there is a legal obligation to disclose the data (Article 6(1)(c) GDPR); or
· the disclosure serves to protect the vital interests of a natural person (Article 6(1)(d) GDPR); or
· the disclosure serves the legitimate interest in asserting, exercising or defending legal claims of the controller and there is no reason to assume that you have an overriding legitimate interest in not having your data disclosed (Article 6(1)(f) GDPR) and the scope of the data disclosed is limited to the minimum necessary.
Our data protection policy complies with the applicable data protection regulations. The primary data processing takes place in the Member States of the European Union and/or in Switzerland. Switzerland is a third country for which the European Commission has adopted an adequacy decision (2000/518/EC), confirming that Switzerland offers an adequate level of data protection. This adequacy decision forms the legal basis for the transfer of personal data to Switzerland in accordance with Article 45 GDPR.
We also correspond with our company in the United Kingdom (UK) and the associated employees in the United Kingdom, which left the EU on January 1, 2021. For these data transfers, the adequacy decision in accordance with Art. 45 GDPR forms the legal basis, which was adopted by the European Commission on June 28, 2021 and attests to an adequate level of protection of personal data in the United Kingdom.
If your personal data is transmitted to any third countries, this shall be done likewise only if a suitable safeguard has been given according to Article 46(2)(c) GDPR. In rare cases where there is no guarantee, the data transfer is carried out based on the exceptional circumstance either on the basis of your consent (according to Article 49(1)(a) GDPR) or for the performance of a contract or in order to take steps prior to entering into a contract (according to Article 49(1)(b) GDPR).
4. Rights of the data subject
a) Right to withdraw consent (Article 7(3) GDPR): You have the right to withdraw your consent granted according to Article 6(1)(a) GDPR at any time. This has the consequence that we will no longer continue the processing activities that were based on this consent in future. To do so, you can use the contact details listed in this Data Protection Statement (email, telephone, post). Withdrawing consent shall not affect the lawfulness of the processing carried out on the basis of the consent until withdrawn. Withdrawing consent means that the data will be deleted immediately and will no longer be processed in any way.
b) Right of access (Article 15 GDPR): Upon request, we will inform you of whether any and, if so, which personal data concerning you is stored by us, in particular about the purposes of processing, category of personal data, categories of recipients to whom your data has been or is disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing and to object, existence of a right to lodge a complaint, origin of your data if it was not collected at our site, and the existence of automated decision-making, including profiling.
c) Right to rectification (Article 16 GDPR): You also have the right to have any inaccurately collected personal data rectified, or incompletely collected data completed.
d) Right to erasure (right to be forgotten) (Article 17 GDPR): You also have the “right to be forgotten”, i.e. you may demand that we erase your personal data if statutory prerequisites for this are met. Independently of this, your personal data will be deleted by us automatically if the purpose of data collection no longer applies or if data has been processed illegally.
e) Right to restriction of processing (Article 18 GDPR): Furthermore, you have the right to demand that we restrict the processing of your data, provided that the statutory prerequisites for this are met.
f) Right to data portability (Article 20 GDPR): You have the right to demand to receive the personal data concerning you in a structured, common and machine-readable format or to demand its transfer to another controller.
g) Right to object (Article 21 GDPR): You have the right to object to the processing of your personal data at any time, provided that the processing is based on our legitimate interest pursuant to Article 6(1)(f) GDPR. This applies in particular to processing for direct marketing purposes. To do so, you can use the contact details listed in this Data Protection Statement (email, telephone, post). In case of effective withdrawal, your personal data will also be deleted by us automatically.
h) Right to lodge a complaint with a supervisory authority (Article 77 GDPR): If you feel that your rights have been violated by our data processing, you have the right according to Article 77 GDPR to lodge a complaint with the supervisory authority responsible for the controller. The contact details of the competent supervisory authority are:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Gustav-Stresemann-Ring 1, 65189 Wiesbaden
Postfach 31 63, 65021 Wiesbaden
Tel.: 0611 1408-0
Fax: 0611 1408-900
Email: poststelle@datenschutz.hessen.de
Internet: www.datenschutz.hessen.de
5. Data erasure and storage period
Erasure, blocking or restriction of processing of the stored personal data shall take place if the user of the website withdraws the consent given to storage, if knowledge of the personal data is no longer necessary to meet the purpose pursued by storage and erasure is not opposed by any statutory archiving periods (e.g. archiving periods under commercial or tax law) or if storage is inadmissible for any other legal reasons. Data for settlement purposes and accounting purposes shall not be affected by a demand for erasure.
6. Use of Zoho CRM
Personal data that you have communicated to us for the purpose of an enquiry or registration (via our website, email, telephone, fax or in person), a newsletter registration or direct business relations is processed and maintained by us with the aid of a customer relationship management system (CRM system for short).
We use the customer relationship management system Zoho CRM, a service of ZOHO CORPORATION B. V. (Hoogoorddreef 15, 1101 BA, Amsterdam, The Netherlands; hereinafter “Zoho”). Zoho Corporation Pvt. Ltd. (Estancia IT Park, Plot No. 140 & 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, India) is involved in the provision of Zoho. Please note that although there is no adequate level of data protection in India as a third country and there is no adequacy decision by the EU Commission, Zoho Corporation Pvt. Ltd has provided sufficient guarantees to ensure an adequate level of data protection. Specifically, we have concluded a contract for commissioned processing pursuant to Article 28(3) GDPR with ZOHO CORPORATION B. V. and Zoho Corporation Pvt. Ltd on the basis of the EU standard contractual clauses for commissioned processing in third countries. For details on Zoho’s privacy policy and settings for the protection of your personal data, please refer to Zoho’s privacy notices: https://www.zoho.eu/privacy.html
For more information on GDPR compliance, please visit Zoho’s website: https://www.zoho.eu/de/gdpr.html
a) Zoho Helpdesk
In addition we use the helpdesk system, Zoho Desk from Zoho. The data transmitted to the Zoho CRM is only used for the purpose of contacting you and transmitting the information you have requested. The helpdesk system obtains the necessary contact details from the CRM in order to process your support requests.
b) Zoho Campaign
The newsletter tool Zoho Campaign is primarily used to send newsletters to newsletter subscribers and information about system updates and changes to data room users. The data is also only used for this purpose. A separate consent is required for the regular newsletter (see Section 2j) ). After the initial contact, we invite our visitors to choose for themselves how much or how little they want to share with us. This data is not shared or distributed to any third parties. We use this information to suggest good set-ups and to speed up the set-up process.
7. Cookies
In order to optimally present and continuously improve the content on our website, we use cookies and comparable technologies on our website for the statistical collection and analysis of general user behaviour based on access data. Cookies are text files that your browser creates automatically and that are stored on your end device when you visit our website. Cookies are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your browser. In some cases, cookies from third-party companies may also be stored on your end device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behaviour or display advertising.
Technically necessary cookies: If cookies are absolutely necessary for the operation of this site, we can store cookies on your device without having to obtain your consent beforehand. This is the case, for example, with cookies that are necessary to carry out the electronic communication process or to provide certain functions (e.g. for the shopping basket function). The associated data processing is performed on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in storing cookies on your computer to enable it to provide you with a technically flawless and optimised service.
Optional cookies: All other cookie types are considered optional and require your permission before they can be set and processed. Optional cookies and similar technologies such as scripts are mainly used for marketing and analysis purposes as well as for website functions that are merely an additional offer, such as the chat function. As these optional cookies are only set if you give your consent, the associated data processing is carried out in accordance with Article 6(1)(a) GDPR. If the processing involves the transfer of data to a third country, this is carried out in accordance with Article 49(1)(a) GDPR.
You can give your consent by using our cookie banner, which will be displayed to you on at least your first visit to our website. You can change your consents at any time when you visit our website by changing your selection on the cookie banner or by deleting your cookies manually or via the browser settings on your end device. If you would like to prevent the use of cookies in general, you can refuse the acceptance of cookies by configuring your browser accordingly. In this case, even technically necessary cookies will not be set, but this may result in the website not being displayed correctly or desired functions not being performed. You can also set your browser to inform you about the placing of cookies and to allow cookies only in certain cases, to exclude the acceptance of cookies in specific cases or in general as well as to activate automatic deleting of cookies when you close your browser. Please refer to the instructions of your browser provider for details on how this works.
Cookie banner: Our website uses the cookie consent technology of Cookiebot to obtain your consent to the storage of certain cookies on your end device and to document this in accordance with data protection law. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “Cookiebot”). When you enter our website, a connection is established to Cookiebot’s servers in order to obtain your consents and other declarations regarding cookie use. Cookiebot then stores a cookie in your browser in order to be able to allocate the consents granted to you and/or the withdrawal of these. The data collected in this way is stored until you request us to delete it, delete the Cookiebot cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected. Cookiebot is used in order to obtain the legally required consents for the use of cookies. The legal basis for this is Article 6(1)(c) GDPR. As Cookiebot processes data on our behalf, we have concluded a corresponding processing contract pursuant to Article 28(3) GDPR.
If you leave our website using a link or by clicking any banner ads and you reach any external pages this way, it is possible that the target page will also place cookies. We are not legally responsible for these cookies. For use of such cookies and the information stored on them by our advertising partners, please see their data protection statements.
8. Online marketing/analysis measures
We use online marketing measures and tracking tools on our website in order to analyse behaviour of the users. With this statistical recording, we want to design our website in a demand-oriented manner and adjust it continually, and to optimise use. The online marketing and tracking measures we use are only used if you have given your consent, thereby on the basis of Article 6(1)(a) GDPR. Below you will find information on the individual measures we use.
It is worth mentioning that with all of the following providers the collected data is as a general rule first processed within the EU. However, other data recipients of the providers include partner companies based in the USA. Here, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you having any options to object. It is also possible that the data will be transferred via the recipients to other third countries, i.e. a country outside the European Union and the European Economic Area, which does not offer an adequate level of data protection. Please consider this possibility when deciding whether you wish to use the services listed.
a) Google Analytics
For the purpose of demand-oriented design and the ongoing optimisation of our websites, we use Google Analytics, a web analytics service from Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) (hereinafter “Google”) (see also: https://www.google.de/intl/de/about/). In this context, pseudonymised user profiles are compiled and cookies are used (also see Section 6).
When using this service, the following (personal) data is collected:
· App updates
· Browser information
· Click path
· Date and time of visit
· Device information
· Downloads
· Flash version
· Location information
· IP address
· JavaScript support
· Pages visited
· Purchase activity
· Referrer URL
· Usage data
· Widget interactions
The information produced by the cookie regarding your use of this website is transferred to a server of Google in the EU and saved there. The IP address is anonymised before storage. The information is used in order to evaluate use of the website to compile reports on website activity and in order to provide further services connected to use of the website and use of the internet for the purpose of market research and demand-oriented design of these websites.
This information may also be transferred to third parties if this is required by law or as far as third parties process this personal data based on a contract. In no case will your internet protocol address be combined with any other personal data of Google. The internet protocol addresses are rendered anonymous so that they cannot be assigned (IP masking).
The data sent by us and linked to cookies, user IDs or advertising IDs is automatically deleted after a defined period. Erasure of data of which the archiving period has expired shall take place automatically once per month.
For more detailed information on the usage conditions and the data protection of Google Analytics, see:
http://www.google.com/analytics/terms/de.html and
http://www.google.com/intl/de/analytics/privacyoverview.html.
You may prevent the recording of the data generated by the Google Analytics cookie and referring to your use of the website (incl. your IP address) and the processing of this personal data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de
The installation of the browser add-on is classed by Google as an objection. Further data protection information regarding Google Analytics is also provided by Google via the above-mentioned link.
As an alternative to the browser add-on, in particular for browsers on mobile end devices, you can prevent recording by Google Analytics by clicking on: javascript:gaOptout(). An opt-out cookie is set that will prevent the future recording of your personal data when visiting this website. The opt-out cookie will only be valid for this browser and only for our website; it is stored on your device. If you delete the cookies in this browser, you need to set the opt-out cookie again.
Google Tag Manager: We also use the Google Tag Manager tool to better integrate and manage the Google analysis and marketing services on our website. This applies to Google Analytics as well as to the following tools: Google Ads Conversion and Google AdWords Remarketing.
Google Tag Manager sets a cookie that controls the other Google cookies and/or scripts. The associated data processing serves only to implement the user’s cookie selection. As a result, the Google Tag Manager cookie is a technically necessary one that is permitted to be set on the basis of Article 6(1)(f) GDPR.
Users may deactivate use of cookies by Google by accessing the page to deactivate Google advertisements:
https://safety.google/privacy/privacy-controls/
b) Google Ads Conversion Tracking
We use conversion tracking within the framework of “Google Ads”. Google conversion tracking is an analysis service provider from Google. Google Ads is an internet advertising service that allows ads to be displayed both in Google’s search engine results and in the Google advertising network. The purpose of Google Ads is to promote our website by displaying interest-relevant advertisements on the websites of third-party companies and in the search engine results of the Google search engine and to display third-party advertisements on our website. In the Google advertising network, the ads are distributed to topic-relevant websites by means of an automatic algorithm and in compliance with the previously defined keywords.
When using this service, the following (personal) data is collected:
· Browser information
· Cookie ID
· Date and time of visit
· Device information
· IP address
· Information about the operating system
· Referrer URL
· Web request
If you access our website via an ad placed by Google, a cookie for conversion tracking will be stored on your end device. These conversion cookies will be rendered invalid after 30 days, contain no personal data and are therefore not used to identify you in person. If you visit specific pages of our website before the cookie has expired, we and Google will be able to tell that you have clicked the ad and were forwarded to this site. Every Google Ads client receives a different cookie. It is therefore not possible for cookies to be tracked across websites of different Ads clients.
The information collected by the conversion cookie is used to compile conversion statistics for Ads clients who have decided to use conversion tracking. This way, the clients learn the total number of users who have clicked their ad and have been forwarded to a site supplied with a conversion tracking tag. However, they will not receive any information with which the users can be identified in person.
Further information and the data privacy policy of Google can be viewed at:
http://www.google.com/policies/technologies/ads/
http://www.google.de/policies/privacy/
Users may deactivate use of cookies by Google by accessing the page to deactivate Google advertisements:
https://safety.google/privacy/privacy-controls/
c) Google AdWords Remarketing
This website uses Google Remarketing, a remarketing service from Google, which can be used to place advertisements on websites. Third-party providers, including Google, use Cookies to place ads based on previous visits of a user to the website.
When using this service, the following (personal) data is collected:
· Web request
· Cookie ID
· Browser information
· Usage data
· Pages visited
· Device Information
· Date and time of visit
· Referrer URL
· IP address
Users may deactivate use of cookies by Google by accessing the page to deactivate Google advertisements:
https://safety.google/privacy/privacy-controls/
d) Zoho SalesIQ
This website uses Zoho SalesIQ, a web analytics service provided by ZOHO CORPORATION B. V. (Hoogoorddreef 15, 1101 BA, Amsterdam, The Netherlands; hereinafter “Zoho”). Zoho Corporation Pvt. Ltd. (Estancia IT Park, Plot No. 140 & 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, India) is involved in the provision of Zoho. Zoho SalesIQ uses JavaScripts that are executed on your computer and that permit analysis of your use of the website. The information produced by the script regarding your use of this website (including your IP address) is transferred to a server of Zoho in the USA and saved there. Zoho will use this information to evaluate your use of the website, in order to compile reports on the website activities and to render further services connected to website use and internet use for the website operators. Zoho will also transfer this information to third parties if this is required by law or as far as third parties process this personal data based on the order of Zoho. In no case will Zoho combine your IP address with any other personal data of Zoho. Processing by Zoho SalesIQ only takes place if you have consented to it in the cookie banner. The legal basis for this processing is therefore Article 6(1)(a) GDPR. You can change your consents at any time when you visit our website by changing your selection on the cookie banner or by deleting your cookies manually or via the browser settings on your end device.
For more information, please see the privacy policy of Zoho Corporation under the following link: https://www.zoho.com/de/gdpr.html
e) Facebook Pixel and Custom Audiences
We use the “Facebook pixel” of the social network Facebook operated by
Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland) (hereinafter “Facebook”). The Facebook pixel can be used to track the behaviour of users after they have clicked on a Facebook advertisement. With the help of the Facebook pixel, we can understand how our marketing measures are received on Facebook and take optimisation measures if necessary.
When using this service, the following (personal) data is collected:
· Advertisements viewed
· Browser information
· Content viewed
· Device information
· Geographical location
· HTTP header
· Interactions with advertising, services and products
· IP address
· Marketing information
· Non-confidential user-defined data
· Pixel ID
· Referrer URL
· Success of marketing campaigns
· Usage data
· User behaviour
· Facebook User ID
· Usage/click behaviour
Processing by the Facebook pixel only takes place if you have consented to it in the cookie banner. The legal basis for this processing is therefore Article 6(1)(a) GDPR. You can change your consents at any time when you visit our website by changing your selection on the cookie banner or by deleting your cookies manually or via the browser settings on your end device. Facebook stores and processes the data for its own advertising purposes in accordance with the Facebook data policy:
https://www.facebook.com/policy.php
We also use the additional function “advanced matching” when using the Facebook Pixel. This transmits data to Facebook in encrypted form for the creation of target groups (“Custom Audiences” or “Lookalike Audiences”).
When using this service, the following (personal) data is collected:
· Browser information
· Browser type
· Conversions
· Cookie ID
· Device operating system
· Geographical location
· Hardware/software type
· Information from third-party sources
· IP address
· Non-confidential user-defined data
· Pixel specific data
· Referrer URL
· Social media friends network
· Transaction information
· Usage data
· User agent
· Views and interactions with content and ads
· Facebook cookie information
· Facebook User ID
The extended processing by the Facebook pixel in the context of “Custom Audiences” only takes place if you have consented to this in the cookie banner. The legal basis for this processing is therefore Article 6(1)(a) GDPR. You can change your consents at any time when you visit our website by changing your selection on the cookie banner or by deleting your cookies manually or via the browser settings on your end device. Facebook stores and processes the data for its own advertising purposes in accordance with the Facebook data policy:
https://www.facebook.com/policy.php
f) LinkedIn Pixel and/or LinkedIn Insight Tag
This website uses the analytics and conversion tracking technology of the LinkedIn platform. This allows us to show you more relevant ads based on your interests. We also receive aggregated and anonymous reports from LinkedIn of ad activity as well as information about how you interact with our website.
Processing by the LinkedIn pixel only takes place if you have consented to it in the cookie banner. The legal basis for this processing is therefore Article 6(1)(a) GDPR. You can change your consents at any time when you visit our website by changing your selection on the cookie banner or by deleting your cookies manually or via the browser settings on your end device. LinkedIn stores and processes the data for its own advertising purposes in accordance with the LinkedIn privacy policy:
https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
You can also find the LinkedIn cookie policy here:
https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy
You can also object to the analysis of your usage behaviour by LinkedIn and the display of interest-based recommendations via an opt-out cookie. To do so, follow the link below:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
g) Crazy Egg
This website uses the Crazy Egg optimisation tool from Crazy Egg Inc. (16220 Ridgeview Lane, La Mirada, CA, 90638, USA). Crazy Egg sets cookies that enable an analysis of the use of the website. The information produced by the cookie regarding your use of this website is transferred to a server of Crazy Egg in the USA and stored there.
The processing by Crazy Egg only takes place if you have consented to it in the cookie banner. The legal basis for this processing is therefore Article 6(1)(a) GDPR. You can change your consents at any time when you visit our website by changing your selection on the cookie banner or by deleting your cookies manually or via the browser settings on your end device. Crazy egg stores and processes data in accordance with the Crazy Egg privacy policy: https://www.crazyegg.com/privacy
Another way to withdraw consent to processing by Crazy Egg is described on the following page:
https://www.crazyegg.com/opt-out
9. Embedded media
a) Vimeo
On our site we use videos from the Vimeo video service provided by Vimeo, Inc. (555 West 18th Street, New York, New York 10011) to provide information about the operation of the software platform. The videos are therefore not stored on our servers, but rather on the servers of Vimeo in the USA. In order to ensure that accessing our websites with embedded videos does not automatically lead to content being downloaded from Vimeo, we only display locally stored preview images of the videos in a first step. This means that no data is initially transmitted to Vimeo.
Only after clicking on the preview image will content from Vimeo be downloaded. Vimeo then receives the information that you have accessed our site as well as the technically necessary usage data, e.g. data of your browser or your end device. In addition, Vimeo is then able to implement cookies and similar tracking technologies. We have no influence on the further data processing by Vimeo. By clicking on the preview image, you give us your consent to download content from the third-party provider.
The associated data processing is based on your consent according to Article 6(1)(a) GDPR.
For the use of data from your browser or end device associated with the playing of a video, please refer to the provider’s privacy policy. For more information on data processing and data protection information by Vimeo, please visit: https://vimeo.com/privacy
b) Google Maps
We use Google Maps, a map service from Google, to visually display geographical information. The display of the map only starts after you have clicked on the preview image of the map, which also indicates that the use involves data processing by Google. By clicking on the map, you consent to data processing by Google, which is therefore performed on the basis of Article 6(1)(a) GDPR. As a result, Google will also set a cookie called “NID” in your browser that processes information about your use of Google Maps. If you wish to withdraw your consent to Google Maps processing, you must delete the cookie (NID) and refrain from clicking on the Google Maps preview in the future.
When using Google Maps, Google transmits or processes data about the use of the Maps functions by website visitors, which may include in particular the IP address and location data. We have no influence on this data processing.
For further information on data processing by Google, see:
https://policies.google.com/privacy
The terms of use for Google Maps can be found here:
https://www.google.com/intl/de_de/help/terms_maps/
10. Social media plugins
We use social media plugins of the following social networks on our website.
a) Facebook
Our website uses social media plugins (“Plugins”) of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA (“Facebook”). If you open our website with the plugin, it will directly connect to the servers of Facebook via your browser. This way, information that you have accessed the page will be transmitted to Facebook. If you are logged in with your Facebook account, clicking on the plugin may directly assign the visit to our website to your profile. Even if you do not have any profile, it cannot be excluded that your IP address will be stored by Facebook. For the purpose and scale of data collection and further processing and use of the personal data by Facebook as well as your rights in this regard and setting options to protect your privacy, see Facebook’s data policy:
https://www.facebook.com/about/privacy/
If you are a member of Facebook and do not want Facebook to collect any data concerning you through our website and link it to your stored membership data, you need to log out of Facebook before you visit our website and delete the corresponding Facebook cookies. It is also possible to block Facebook social plugins with add-ons for your browser, such as the “Facebook Blocker”.
b) Twitter
Our website also integrates functions of the service Twitter. These functions are offered by Twitter Inc., Twitter, Inc. 1355 Market St., Suite 900, San Francisco, CA 94103, USA. Using Twitter and the function “Re-Tweet” will link the website visited by you to your Twitter account and disclose it to other users. Data will also be transmitted to Twitter in the scope of this. Note that we as providers of our website do not have any knowledge of the content of the transmitted personal data and the use of this by Twitter. For more information on this, see Twitter’s privacy policy at: http://twitter.com/privacy
You may change your data privacy settings at Twitter in your account settings at http://twitter.com/account/settings
In order to prevent Twitter from collecting the data when you visit our website, log out of Twitter before the visit. In order to prevent general access of Twitter to your data via websites, you can exclude Twitter social plugins with an add-on for your browser (e.g. “Twitter-Blocker”, https://disconnect.me).
c) Xing
Our website uses plugins of the social network XING (XING AG, Dammtorstraße 30, D-20354 Hamburg, Germany). When you click the XING button on our website, your browser will briefly connect to the servers of XING with which the “XING Share-Button” functions (in particular calculation/display of the counter value) are rendered, in order to observe your visitor behaviour concerning the “XING Share Button” if necessary. Note that we as providers of our website do not have any knowledge of the content of the actually transmitted personal data and the use of this by XING. For more information and the latest version of the data protection statement for the “XING Share Button”, see: https://dev.xing.com/plugins/share_button/privacy_policy
d) LinkedIn
Our website integrates plugins of the social network LinkedIn. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. When you click the LinkedIn button, a connection with the servers of LinkedIn will be established. The content of the plug-in will be directly transmitted to your browser by LinkedIn and integrated into the website by it. This way, the information that you have visited our website will be forwarded to LinkedIn. If you are logged in with your LinkedIn account, clicking of the LinkedIn button may directly assign the visit to our website to your profile. Even if you do not have any profile, it cannot be excluded that your IP address will be stored by LinkedIn.
Note that we as providers of our website do not have any knowledge of the content of the transmitted personal data and the use of this by LinkedIn. For more information on the privacy policy of LinkedIn, see:
https://www.linkedin.com/legal/privacy-policy
e) YouTube
Our website uses plugins of YouTube (belonging to Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). If you open our website, it will directly connect to the servers of YouTube via your browser. This way, information that you have accessed the website will be transmitted to YouTube. If you are logged in with your YouTube account, your visit to our website and any interaction you perform in connection with the plugin (e.g. clicking the YouTube button) can be assigned to your YouTube profile and stored by YouTube – even if you do not have any YouTube profile, it cannot be excluded that YouTube will store your IP address. Please also observe the YouTube data protection directive: https://www.google.de/intl/de/policies/privacy/
In order to prevent YouTube from collecting the data when you visit our website, log out of YouTube before the visit. In order to prevent general access of YouTube to your data via websites, you can exclude YouTube plugins with an add-on for your browser.
YouTube’s privacy policy is the same as Google’s:
https://policies.google.com/privacy?hl=de
You can find YouTube’s terms of use here:
https://www.youtube.com/t/terms
f) Instagram
The Instagram social media button is used on our website. This is only integrated into the page as an HTML link, meaning that no connection is established with the Instagram servers when our website is accessed. If you click on the button, the website of the respective social network opens in a new window of your browser. There you can click on the Like or Share button, for example.
Instagram is a service of Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook Ireland”). The information automatically collected by Facebook Ireland about your use of our online presence on Instagram is generally transmitted to a server of Facebook, Inc, 1601 Willow Road, Menlo Park, California 94025, USA and stored there.
You can find Instagram’s privacy policy here:
https://help.instagram.com/519522125107875
11. Data privacy in case of applications and the application procedure
Our own data protection statement for applications and the application process currently only exists in English. It can be found here:
https://drooms.jobs.personio.de/privacy-policy?language=en
12. Data security
We take all technical and organisational security measures in order to store your personal data so that it is not accessible to any third parties or the public. In addition to maintaining confidentiality, the measures used ensure the integrity and availability of the data. If you want to contact us by email, please note that confidentiality of the information transmitted cannot be fully ensured on this communication path. We therefore recommend that you only provide us with confidential information by post.
13. Topicality and changes to this Data Protection Statement
This Data Protection Statement is currently valid and was updated in August 2021. Further development of our website and offers through it or changed statutory and/or authority specifications may require changes to this Data Protection Statement. You can access and print the respective current Data Protection Statement at any time at: https://drooms.com/de/datenschutz
14. Name and contact details of the data protection officer
We have appointed a data protection officer. The contact details are:
Data Screen Consult Gesellschaft für Unternehmensberatung mbH
Mr Arnd Harnischmacher
Kaiser-Friedrich-Promenade 111a
61348 Bad Homburg v.d.H.
Email: datenschutz@drooms.com
One data room. Many possibilities.
Drooms is the leading virtual data room provider in Europe. In addition to securely handling confidential business processes such as commercial real estate sales, mergers & acquisitions and NPL transactions via its suite of products, Drooms can also map all stages across the entire lifecycle asset management process on a single platform. Drooms therefore provides clients with the ability to safely store and process sensitive documents and make transactions faster and more efficient.
As a leading data room provider, all data transfers at Drooms are carried out exclusively via SSL-secured connections and encrypted with AES 256-bit to ensure maximum security.
Drooms is an ISO 27001:2022 certified company committed to continuously improving security and meeting all necessary regulations. Both internal and external security audits are regularly conducted. The contractually agreed data processing takes place exclusively in Germany or Switzerland, and any relocation to another third country requires the customer’s consent. To secure access to data, Drooms offers various functions such as two-factor authentication and precise access controls that allow customers to retain control over their data.
Drooms FLEX:
For straightforward, smaller transactions or simple and secure online document management, our self-service product Drooms FLEX is best for you. Here you can set up and manage your data room independently on a monthly basis.
Drooms TRANSACTION:
For complex transactions and due diligence processes, we recommend our Drooms TRANSACTION data room. Here, you benefit from the advantages that using a complete software and service solution from a single source brings. A Drooms Customer Success Manager supports you with all aspects of your virtual data room with personal support 24/7. In addition, the services of our Real Estate Services team can also be added. Our expert team supports you during the preparation phase of the transaction and check the content of your data room to ensure that it is complete, consistent and up to date. They also support you with the research and sourcing of all asset and transaction-relevant documents in order to prepare for the due diligence.
Setting up a virtual data room is always advisable when your company regularly shares confidential information with business partners or customers, or when sensitive data needs to be securely stored and accessible. Especially in the real estate industry, but also in the legal, scientific, financial, and healthcare sectors, implementing a data room can be beneficial.
No. Drooms works on almost all devices and does not require hardware / servers on site. The only requirement is a web browser and an internet connection. In addition, we offer a separate app for iOS devices that can be downloaded from the App Store.
When looking for the right data room provider, you should focus primarily on the issues of security and data protection. Questions such as where the servers are located, whether the provider is ISO certified, and how GDPR issues are handled are particularly important. In addition, it is recommended to gather information about different data room providers on various review platforms, such as Capterra.
Have questions?
Ask us!