Welcome to Quality Engine’s privacy notice
Quality Engine respects your privacy and is committed to protecting your personal data. This privacy notice will inform you how we look after your personal data when you visit our website or otherwise engage with us and tell you about your privacy rights and how the law protects you.
You can download a pdf version of the policy here:
Privacy and Cookie Policies
This privacy notice aims to give you information on how Quality Engine collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign up for membership, purchase a product or service, take part in a tender request or an open request. This website is not intended for children and we do not knowingly collect data relating to children.
Please read this privacy notice carefully. Contact us at [email protected], or write to us at the below address, ifyou have any questions about this privacy notice and/or our use of your personal data.
We may change our privacy notice from time to time. We will post any changes to our privacy notice on our website with the effective date of the change. We encourage you to check back often for updates to this notice. This version was last updated on 05/11/2020. Historic versions can be obtained by contacting us.
QUNIQUE GmbH, trading as Quality Engine is the controller and responsible for your personal data (collectively referred to as Quality Engine in this privacy notice). We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, our privacy practices or any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.
Full name of legal entity: QUNIQUE GmbH
Our data protection authority in Switzerland is the Federal Data Protection and Information Commissioner. You may also contact them if you have queries relating to data protection in Switzerland:
If you are a resident of the European Union, you may contact any data protection authority in any member state of the European Union, in particular at your place of residence, which will forward your query to the competent authority.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
We use Mollie B.V, Keizersgracht 313, 1016 EE Amsterdam, The Netherlands (Mollie) as our payment services provider. If you make payment via Mollie, the payment data and other transaction you have entered will be transmitted to Mollie and the corresponding payment provider (SOFORT Banking, PayPal, Bank Transfer). Mollie processes all credit card payment data for transactions conducted via our website in accordance with their privacy policies, see here https://www.mollie.com/en/privacy. Mollie is PCI-DSS level 1 certified. We do not process any credit card payment data ourselves. We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice. We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
This website includes links to third-party websites, social media services, customer relationship management applications (CRM), plug-ins and other applications (together third-party applications). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. This may include information about a visit to our website by you, whenever you are logged in at the same time on the third-party application during the time of the call-up to our website. This may occur whether you click on the third-party application plug-in or not. We do not control these third-party applications and are not responsible for their privacy policies. We encourage you to review the privacy notice of each third-party application and to adjust your privacy settings as you desire. We currently use the following social media providers and CRM and their plugins:
Depending on where you are resident different entities of the above companies may act as controllers of your personal data and have different privacy policies. Please check with each company as applicable.
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
How is your personal data collected?
We use different methods to collect data from and about you including through:
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
6. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
7. Except for essential cookies, all cookies will expire after 2 years.
(1) We use MapBox API, a service provided by MapBox Inc. (Address: 740 15th Street NW, 5th Floor, Washington, District of Columbia 20005, USA) hereinafter referred to as “MapBox”. We use MapBox to visually display geographic information. When using MapBox, MapBox also collects, processes and uses data about the use of the map functions by visitors.
(2) Through the certification according to the EU-US data protection shield (“EU-US Privacy Shield”) MapBox guarantees that the data protection requirements of the EU are also complied with when processing data in the USA. The legal basis is Article 6 Paragraph 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website.
(3) When you visit one of our websites in which the MapBox service is integrated, MapBox stores a cookie on your device via your internet browser. As a result, information about your use of our website, including your IP address, is transmitted to a MapBox server in the USA and stored there. These data are processed for the purpose of displaying the website or ensuring the functionality of the MapBox service. MapBox may pass this information on to third parties if this is required by law or if the information is processed by third parties on behalf of MapBox.
(5) The “Terms of Service” provided by MapBox at https://www.mapbox.com/tos/#maps contain further information about the use of MapBox and about the data obtained from MapBox.
(6) If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. You can find details on this under the heading “Cookies” above. The use of the MapBox service via our website is then no longer possible.
(7) At https://www.mapbox.com/privacy/, MapBox also offers further information on the collection and use of data as well as your rights and options for protecting your privacy.
We use Google Fonts on our website. These are the “Google Fonts” from Google Inc. For the European area, Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
You do not have to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts / fonts) are requested from the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don’t have to worry that your Google account details will be transmitted to Google while you are using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at what the data storage looks like.
Google Fonts (formerly Google Web Fonts) is a directory with over 800 fonts that Google makes available to its users free of charge.
Many of these fonts are released under the SIL Open Font License, while others are released under the Apache license. Both are free software licenses.
With Google Fonts we can use fonts on our own website, but don’t have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage, especially for use with mobile devices. When you visit our site, the small file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites. Thanks to the fast content delivery network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So we use Google Fonts so that we can present our entire online service as beautifully and consistently as possible.
When you visit our website, the fonts are downloaded from a Google server. This external call transmits data to the Google server. In this way, Google also recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end-user data to what is necessary for the proper provision of fonts. By the way, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software area.
Google Fonts securely stores CSS and font requests with Google and is therefore protected. With the usage figures collected, Google can determine how well the individual fonts are being received. Google publishes the results on internal analysis sites such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in Google Fonts’ BigQuery database. Entrepreneurs and developers use the Google BigQuery web service to examine and move large amounts of data.
It should be noted, however, that information such as language settings, IP address, version of the browser, screen resolution of the browser and the name of the browser are automatically transmitted to the Google server with every Google Font request. It is not clear whether this data is saved or not clearly communicated by Google.
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily e.g. can change the design or font of a website.
The font files are stored by Google for one year. Google’s goal is to fundamentally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase speech coverage, and improve design.
The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To be able to delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=311226932. In this case, you only prevent data storage if you are not visiting our site.
Unlike other web fonts, Google allows us unrestricted access to all fonts. We can therefore have unlimited access to a sea of fonts and thus get the most out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311226932. Although Google deals with data protection issues there, it does not contain any really detailed information about data storage. It is relatively difficult to get really precise information about stored data from Google.
You can also find out which data is generally recorded by Google and what this data is used for at https://policies.google.com/privacy
We also use videos from Vimeo on our website. The video portal is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. With the help of a plug-in, we can show you interesting video material directly on our website. Certain data can be transferred from you to Vimeo. In this data protection declaration we show you what data is involved, why we use Vimeo and how you can manage or prevent your data or data transfer.
Vimeo is a video platform that was founded in 2004 and has been able to stream videos in HD quality since 2007. Since 2015 it has also been possible to stream in 4k Ultra HD. Use of the portal is free of charge, but paid content can also be published. Compared to the market leader YouTube, Vimeo attaches priority to high-quality content in good quality. On the one hand, the portal offers a lot of artistic content such as music videos and short films, but on the other hand it also offers interesting documentaries on a wide variety of topics.
The aim of our website is to provide you with the best possible content. As easily accessible as possible. We are only satisfied with our service when we have achieved this. The video service Vimeo supports us in achieving this goal. Vimeo offers us the opportunity to present you high quality content directly on our website. Instead of just giving you a link to an interesting video, you can watch the video right away with us. This extends our service and makes it easier for you to access interesting content. In addition to our texts and images, we also offer video content.
When you visit a website on our website that has embedded a Vimeo video, your browser connects to the Vimeo servers. This results in a data transfer. This data is collected, saved and processed on the Vimeo servers. Regardless of whether you have a Vimeo account or not, Vimeo collects data about you. This includes your IP address, technical information about your browser type, your operating system or very basic device information. Vimeo also stores information about which website you use the Vimeo service and which actions (web activities) you carry out on our website. These web activities include, for example, session duration, bounce rate or which button you clicked on our website with a built-in Vimeo function. Vimeo can track and save these actions with the help of cookies and similar technologies.
If you are logged in as a registered member of Vimeo, more data can usually be collected, as more cookies may have already been set in your browser. In addition, your actions on our website are linked directly to your Vimeo account. To prevent this, you must log out of Vimeo while you are “surfing” our website.
Below we show you cookies that are set by Vimeo when you are on a website with an integrated Vimeo function. This list is by no means exhaustive and assumes that you do not have a Vimeo account.
Purpose: This cookie saves your settings before you play an embedded Vimeo video. This will give you your preferred settings the next time you watch a Vimeo video.
Expiry date: after one year
Purpose: This cookie collects information about your actions on websites that have embedded a Vimeo video.
Expiry date: after 2 years
Note: These two cookies are always set as soon as you are on a website with an embedded Vimeo video. If you watch the video and click the button, for example to “share” or “like” the video, additional cookies are set. These are also third-party cookies such as _ga or _gat_UA-76641-8 from Google Analytics or _fbp from Facebook. Exactly which cookies are set here depends on your interaction with the video.
The following list shows a selection of possible cookies that are set when you interact with the Vimeo video:
Value:% 5B% 5D
Purpose: This Vimeo cookie helps Vimeo to remember the settings you have made. This can be, for example, a preset language, a region or a user name. In general, the cookie stores data about how you use Vimeo.
Expiry date: after one year
Purpose: This cookie is a first-party cookie from Vimeo. The cookie collects information on how you use the Vimeo service. For example, the cookie saves when you pause or play a video again.
Expiry date: after one year
Purpose: This cookie is a third-party cookie from Google. By default, analytics.js uses the _ga cookie to save the user ID. Basically, it is used to differentiate between website visitors.
Expiry date: after 2 years
Purpose: This third-party cookie from Google AdSense is used to improve the efficiency of advertisements on websites.
Expiry date: after 3 months
Purpose: This is a Facebook cookie. This cookie is used to show advertisements or advertising products from Facebook or other advertisers.
Expiry date: after 3 months
Vimeo uses this data, among other things, to improve its own service, to communicate with you and to set its own targeted advertising measures. Vimeo emphasizes on its website that only first-party cookies (i.e. cookies from Vimeo itself) are used for embedded videos as long as you do not interact with the video.
Vimeo is headquartered in White Plains, New York State (USA). However, the services are offered worldwide. The company uses computer systems, databases and servers in the USA and in other countries. Your data can therefore also be stored and processed on servers in America. The data remains stored by Vimeo until the company no longer has any economic reason to store it. Then the data will be deleted or anonymized. Vimeo corresponds to the EU-U.S. Privacy Shield Framework and is therefore allowed to collect, use and transfer data from users from the EU to the USA.
You always have the option of managing cookies in your browser as you wish. For example, if you do not want Vimeo to set cookies and thus collect information about you, you can delete or deactivate cookies at any time in your browser settings. This works a little differently depending on the browser. Please note that after deactivating / deleting cookies, various functions may no longer be fully available. The following instructions show how to manage or delete cookies in your browser.
Chrome: Delete, activate and manage cookies in Chrome
Safari: manage cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer
Internet Explorer: deleting and managing cookies
Microsoft Edge: Deleting and managing cookies
If you are a registered Vimeo member, you can also manage the cookies used in the Vimeo settings.
Since personal data is transferred to the USA, further protective mechanisms are required to ensure the data protection level of the GDPR. To ensure this, we have agreed standard data protection clauses in accordance with the GDPR with the provider. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases in which this cannot be ensured even by this contractual extension, we will endeavor to provide additional regulations and commitments from the recipient in the USA.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. The data will be deleted no later than 13 months after their collection. You can permanently object to the collection of data by HubSpot and the setting of cookies by preventing the storage of cookies through your browser settings. You can object to the processing of your personal data at any time with future effect by sending an email to [email protected].