This statement is intended for all visitors to our website, employees, applicants, customers and partners and becomes important whenever we receive data about you. It does not matter whether you have become a customer or whether any contract exists between us. In any case, the purpose of this statement is to make it clear to you how we handle data.
We explain here what information we collect during your visit to our websites, how and for what purpose we use this information and with whom we share it. We also explain your rights in relation to the processing of your personal data, such as the right to be informed, make corrections, object and demand deletions.
We will only use your personal data (hereinafter: “data”) in accordance with applicable data protection law. If we use your data for purposes other than those stated in this privacy statement, we will inform you of these purposes and obtain your consent where necessary.
1. Responsible Office
The office legally responsible for data is the company named on our website under “Impressum”. You can contact the management specified there or our data protection officer. A data protection officer is not bound by instructions issued by the management. You can reach the DPO by email: email@example.com or by post sent to the address indicated in the impressum with “Attn Data Protection Officer” added.
2. Process and Purpose of Storage
Whenever you visit our website, your computer sends us your IP address and, depending on how you use our website and your computer’s settings, we store small text files on your hard drive (called “cookies”). We create these files to make our website work better for you. It is a kind of short-term memory for your browser. You can block this short-term memory through corresponding settings in your browser.
We also create text files on our system which may contain the following information about you: the browser type and version, operating system used, URL of the website you came from, name of your computer and time of your visits (called “log files”). The log files cannot be assigned to any specific person.
We do not merge this data with cookies or IP addresses. However, we reserve the right to subsequently analyze this data in individual cases if we have specific indications of unlawful use. The log files help us to understand what kind of computers our websites need to function on and when particularly many (or few) people are using our websites. This lets us adapt the website structure, server and database systems accordingly.
When you create a user account with us or enter into a contract with us as a customer (such as by ordering goods, sending newsletters, etc.), we create a customer account in our system containing your master data, your order, your order number and, if applicable, your billing data (“customer data”). We store and process these data because we would not otherwise be able to fulfil our contract with you. If you enter into a contract with us as a customer, we will also use your customer data to inform you about current promotions and attractions we are offering if you have not objected to such use.
If you send us an application, we will use all the information contained in it to process your application. If you receive a rejection, your data will be deleted six months after the rejection unless you allow us to contact you again before then.
If you are an employee with us, your application documents, master data, payroll data and insurance data will be stored in order to implement the employment relationship and – to the extent necessary for easier administration and implementation of the employment relationship – managed with the help of the partner companies listed below.
3. Basis for Storage
In most case, the main basis for storing data is your agreement with us, whether you have signed up for a newsletter on one of our websites or negotiated a contract with Statista on behalf of your employer. The following bases are possible:
• Your consent pursuant to Art. 6 (1) sentence 1 (a) and Art. 7 GDPR (such as for product information or advice through our newsletter).
• Fulfilment of the contract to which you or your employer are a party or for the fulfilment of pre-contractual obligations towards you pursuant to Art. 6 (1) sentence 1 (b) GDPR
• Legitimate interests of Statista pursuant to Art. 6 (1) sentence 1 (f) GDPR (such as for the provision, maintenance, protection and improvement of our services, for the development of new services and for our protection and the protection of our users, for further improvement of IT system’s security or for communicating with you)
In addition, legal obligations pursuant to Art. 6 (1) sentence 1 (c) GDPR may be a basis for the fulfilment of and compliance with applicable laws, regulations or legal proceedings or an enforceable official order, for example.
4. Place of Storage and Transfer of Data to Third Parties
We do not process your data entirely ourselves, but we also use the programmes and services of other companies (“tools”). We change the tools we use from time to time as we see fit for legal, technical or commercial reasons.
We store customer data worldwide to ensure that our customers have access to our services anywhere in the world (such as if they want to access Statista during a business trip abroad or if their company has various branches). We have the following storage locations:
• United States of America
We currently use a number of tools for managing and providing data (including customer data, the IP address, cookies and log files).
Here you will find a list of the tools used.
If you refuse to consent to the use of these tools, we may no longer be able to fulfil existing contracts between us or may have to switch to solutions that are less convenient for you.
More information on data processing through the use of Google Analytics can be found at the following link: www.google.com/policies/privacy/partners/ .
5. Procedures and Deletion Periods
We use normal procedures for securing data, such as by creating rights and roles in all applications, ensuring backups and upgrading our systems when the state of the art dictates this.
We retain your data until the reason for which the data was provided to us has been fulfilled or until the statutory retention periods have expired. These primarily result from Sec. 257 HGB (Handelsgesetzbuch [German Commercial Code]), which regulates the retention of business records. In the case of job applications and employment contracts, a legitimate interest of ours in the continued storage of data may also arise from questions involving the implementation of the application process or in relation to accounting issues.
The law allows you to request information about the data we have on you at any time. If, despite our efforts to keep data correct and up to date, incorrect information about you has been stored, we will correct this as soon as possible following your request. If processing is based on your consent, you can revoke this at any time with future effect.
7. Supervisory Authority
If you feel that we are not fulfilling our obligations to inform you, you have the right to complain to a supervisory authority (such as the data protection officers of the federal states in Germany) at any time.
8. Data Provided Voluntarilyn
Processing your data to the extent described above is necessary to conclude and implement contracts between you and us. Revoking your consent to data processing therefore only has an effect on data that we do not require for implementing the contract and which you have voluntarily provided to us.
If we intend to process such data further for a purpose other than that for which the data were collected, we will provide you with specific information about that other purpose and the reason for our intention before processing them further.
9. Technical and Organisational Measures
You can find our “Technical and Organisational Measures” (as defined in Art. 32 (1) sentence 2 (g) GDPR) to ensure implementation of the provisions of the data protection laws at the link below.
End of privacy statement / updated September 2023