Data protection policy

We are delighted about your interest in our services and take your privacy very seriously. This data protection policy sets out and explains the nature, scope and purpose of the processing of personal data ("data") through the services and presence of ATT Trading Signals UG (limited liability) and the related websites (e.g., or social websites), features, content, business processes and external offline and online services (all of which are referred to herein as “service(s)”. With regard to the legal terms used, reference should be made, in particular, to the definitions in Art. 4 of the GDPR (General Data Protection Regulation).


ATT Trading Signals UG (limited liability), Potsdamer Platz 1, 10785 Berlin
+49 (0)15757816923
Executive director: Ali Taghikhan
(hereinafter “ATT-Signals” or “we” or “us”)

Categories of affected persons (data subjects)

Users, visitors, interested parties, clients (also described as "subscribers") and business partners of ATT-Signals services (hereinafter all categories are referred to as "users")

Categories of processed data

Inventory data (e.g., name, postal address), contact details (e.g., email address, telephone number), content data (e.g., submitted or transmitted texts, photographs, videos or other content), usage data (e.g., visited websites, content-related interests, time and duration of access), metadata and communication data (e.g., information about accessing devices, type of browser, IP addresses), as well as business-related processing of contract data (e.g., commencement of contract, duration, subject matter of the contract, preferred means of communication), payment details (bank details, currency, payment history)

Purposes of data processing

- Provision, maintenance and optimisation of the services including their functions and content
- Answering contact and support requests and communicating with users
- Security and integrity
- Marketing and determination of reach
- Additional business-related contract fulfilment, provision of services, customer care as well as marketing, advertising and market research

Legal bases and terms

In accordance with the requirements of Art. 13 GDPR, we are informing you of the legal bases of our data processing. If the legal basis is not mentioned in this data protection policy, the following applies:
As far as permissible, ATT-Signals uses the data processing of cookies and so-called tracking (analysis of visitor behaviour, measurement of reach, among other things) with regard to the users, in return for the services we provide free of charge, including support.
The legal basis for obtaining consent is Art. 6 (1)(a) and Art. 7 GDPR, the legal basis for the processing of data for the performance of our services and the execution of contractual measures as well as the response to inquiries is Art. 6 (1)(b) GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, such as in cases of inquiries about our services or the utilisation of the test phases. The legal basis for processing in order to comply with our legal obligations is Art. 6 (1)(c) GDPR, the legal basis for processing in order to protect our legitimate interests is Art. 6 (1)(f) GDPR. Art. 6 (1)(d) GDPR serves as the legal basis in the case of essential interests of the affected person or of another natural person as a necessity for the processing of personal data.
- Responsible
is the natural or juridical person, authority, agency or other body that, alone or together with others, decides on the purposes and means of processing personal data
- Third-party
is a natural or juridical person, authority, agency or body other than the affected person, the responsible person, the order processor and the persons authorised under the direct responsibility of the responsible person or the order processor, to process the personal data
- Personal data
refers to all information that is about an identified or identifiable natural person (hereinafter "the affected person"); a natural person is considered to be identifiable, directly or indirectly, particularly through association with an identifier such as a name, an identification number, location data, an online identifier (e.g., a cookie) or one or more special features, which can identify the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person
- Processing
is any process or series of operations related to personal data carried out with or without the assistance of automated processes; this term is extensive and includes practically every manner of handling data
- Profiling
refers to all kinds of automated processing of personal data which consists of using that personal data to evaluate certain personal aspects about a natural person, in particular to analyse or predict aspects relating to work performance, economic situation, health, personal preferences, interests, reliability, behaviour, whereabouts or location of this natural person
- Pseudonymisation
refers to the processing of personal data in such a manner that personal data can no longer be ascribed to a specific data subject (affected person) without the need for additional information, provided that such additional information is kept separate and subject to technical and organisational measures, which ensure that the personal data cannot be ascribed to an identified or identifiable natural person
- Order processor
is a natural or juridical person, authority, agency or other body that processes personal data on behalf of the responsible person
- Consent
refers to a voluntary statement from the affected person, in an informed and unequivocal manner, in the form of a declaration or other unambiguous confirmatory act expressing that this person agrees to the processing of the personal data concerning him/her

Affected persons (data subjects) have the right...

... to revoke their consent according to Art. 7 (3) GDPR with effect in the future (right of revocation).
... to contradict to future processing of the data concerning them according to Art. 21 GDPR at any time (right of contradiction). The objection can particularly be made against processing for direct marketing purposes.
... to request a confirmation as to whether relevant data is being processed and to information about this data, as well as to further information and a copy of the data in accordance with Art. 15 GDPR.
... to demand the completion of the data concerning them or the correction of the incorrect data, in accordance with Art. 16 GDPR.
... to demand that relevant data be deleted immediately according to Art. 17 GDPR or, alternatively, according to Art. 18 GDPR, to demand limitation of the data being processed.
... to demand that the data about you, which you provided to us, be obtained in accordance with Art. 20 GDPR and to request the transmission thereof to other responsible persons.
..., to make a complaint with the responsible supervisory authority pursuant to Art. 77 GDPR. The responsible supervisory authority in matters of data protection law is the state data protection officer of the federal state in which ATT-Signals has its headquarter. A list of data protection officers and their contact details can be found under the following link:

Duration of storage, deletion of data

The data processed by us is deleted or limited in accordance with Art. 17 and Art. 18 GDPR. Unless expressly stated in this data protection policy, the data stored by us is deleted as soon as it is no longer necessary for its purpose and the deletion does not conflict with any statutory storage requirements. If the data is not deleted because it is required for other legitimate purposes, the processing thereof is limited. In these cases, the data is blocked and not processed for other purposes. This is the case, for example, with data that must be kept in order to comply with commercial, tax or real estate law.

Cooperation with externals and transfer/transmission to third countries

If we disclose data to external persons or companies (order processors or third parties), transmit data to third parties or otherwise grant others access to the data, then only on the basis of juridical consent (e.g., transmission of data to a payment service provider in accordance with Art. 6 (1)(b) GDPR for fulfilment of the contract), if the affected person has given his/her consent, if there is a legal obligation to do so or if it is based on our legitimate interests. The processing of data by third parties through our order based on a so-called processing contract takes place in accordance with Art. 28 GDPR.
If we process data outside of the European Union (EU) or the European Economic Area (EEA), or if we utilise third-party services or disclosure or transmit data to third parties, this will only be done if it is necessary to fulfil our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or if it is justified based on our legitimate interests. Subject to legal or contractual permission, we only process or have the data processed in a third country if the special conditions of Art. 44 et seqq. GDPR are complied with. Specifically, processing takes place, for example, based on specific guarantees, such as the officially recognised level of data protection (implemented for the USA by the "Privacy Shield") or the compliance with officially recognised special contractual obligations ("standard contractual clauses").

Data processing regarding contractual relationships

ATT-Signal enters into a manifold of contractual relationships and pre-contractual relationships. These include contractual relationships with contractual partners such as customers and ordering parties, but also with interested parties and other users (collectively "contractual partners"). We process the data of our contractual partners in accordance with Art. 6 (1)(b) GDPR in order to fulfil our contractual or pre-contractual services. The processed data itself, the nature, the scope, the purpose and the necessity of its processing are determined by the underlying contractual relationship.
The processed data includes the master data of the contractual partner (a.o. name, address), contact details (a.o. address, email address, telephone number), as well as contract data (a.o. services utilised, content of the contract, contractual communication, name of a contact person) and payment data (bank details, payment history, etc.,). In principle, we do not process any special categories of personal data, except when these are part of contracted or contractual processing.
We process data required for the establishment and fulfilment of the contractual services. We hereby point out the necessity of the indication, insofar as this is not obvious to the contractual partner. Disclosure to external persons or companies will only take place if this is necessary to fulfil the contract or service. When processing the data provided to us through an order, we act in accordance with the instructions of the client and the legal requirements.
When utilising our services, we can store the IP address and the time of the respective action of the user. The storage takes place based on our legitimate interests as well as the interests of the users with regard to protection against misuse and other unauthorised use. In principle, this data will not be disclosed to third parties unless this is necessary in order to pursue our claims pursuant to Art. 6 (1)(f) GDPR, or there is a legal obligation pursuant to Art. 6 (1)(c) GDPR. The data will be deleted if it is no longer required to fulfil contractual or statutory duties of care and any warranty, consumer protection or similar obligations. For this purpose, the necessity of keeping the data is reviewed every three years. Furthermore, statutory storage requirements apply.

Online shop Digistore24

We have transferred the entire sale of our services regarding our signal service to the online shop service provider Digistore24 (Digistore24 GmbH, St.-Godehard-Strasse 32, 31139 Hildesheim, Germany). Thereby, it is a transmission of functions and not order processing. Digistore24’s data protection policy can be found under this link:
Additionally, based on our legitimate interests (interest in the economic efficiency of our services in line with Art. 6 (1)(f) GDPR), we offer participation in the partner program of Digistore24, which is designed to provide a medium for websites. Based on this, there is the possibility of getting advertising cost reimbursement by placing advertisements and links on Digistore24 (Affiliation). Digistore24 uses cookies to be able to ascribe conclusion of contracts. Digistore24 can thereby retrace, among other things, who clicked on a corresponding partner link to our services and then entered into a contract with Digistore24. In this regard, too, Digistore24’s data protection policy provides information about the use of data and the objection options under the following link:

Data processing for processes and procedures typical for businesses

On the one hand, we process data in operational and corporate administration tasks, in the organisation of our operational and economic processes, in accounting and in the fulfilment of our legal obligations. Thereby, the same data is processed as in the provision of our contractual services. This all takes place in accordance with Art. 6 (1)(c) GDPR and Art. 6 (1)(f) GDPR. This concerns clients, interested parties, business partners and visitors of our websites. The purpose and interest in processing lies in the administration, financial accounting, office organisation and archiving of data in the maintenance of our business, fulfilment of our duties and provision of our services.
The deletion of data relating to contractual services and contractual communication is in accordance with the information provided in these processing operations. We disclose or transmit data to the financial administration, consultants (e.g., tax consultants, auditors), as well as fee/tax authorities and payment service providers. On the other hand, we store information on contractual partners based on our business interests in order to ensure, for example, communication and cooperation. We regularly store this company-related data permanently.

Hosting, log files, email dispatch

The hosting services we utilise are necessary to provide the following services: infrastructure and application services, computing and storage capacity, database services, email dispatch, as well as security and technical maintenance services, which we implement to operate our services.
Hereby, we, or if applicable, our hosting providers, process inventory data, contact details, content data, contract data, usage data, meta and communication data of clients, interested parties and visitors of our service on the basis of our legitimate interests in the efficient and secure provision of our services in accordance with Art. 6 (1)(f) GDPR in conjunction with Art. 28 GDPR (conclusion of processing contract). Our website is hosted by Amazon Web Service (AWS).
For the possible processing of data in this context, there is a corresponding order processing contract to ensure data protection. We or our hosting provider, collect(s) data on the basis of legitimate interests in line with Art. 6 (1)(f) GDPR about every access to the server, on which this service is located (so-called server log files). Access data includes the name of the visited website, file, date and time of visit, amount of data transferred, information about successful retrieval, browser type and version, user's operating system, referrer URL (previously visited page), IP address and the requested provider. Further basis for data processing in the corresponding case is Art. 6 (1)(b) GDPR, which allows the processing of data to fulfil contractual or pre-contractual measures. Log file information is used for security reasons, such as, for example, to investigation misuse or fraud, and is stored for a maximum of 7 days and deleted thereafter. Data, of which further retention is required for evidential purposes, shall be exempted from deletion until final clarification of the event.

Registration function

Users have the possibility to create an account. Upon registration, the required mandatory information is communicated to users and processed based on Art. 6 (1)(b) GDPR for purposes of providing the account (signal service) or to provide the service itself (copy trading). The processed data includes, in particular, the login information (name, email address, password if applicable). This data, as well as other data entered during registration, will be used for the purpose of providing the account and the use of related services.
The users can be informed by email about information that is related their account (e.g., technical changes). As soon as users have cancelled their account, or the term has expired, their data concerning the account will be deleted, subject to legal storage obligations. It is the users’ responsibility to back up their data before the end of the contract. We are entitled to irretrievably delete all user data stored during the contract duration.
When utilising our registration and login functions, as well as the account utilisation, we store the IP address and the time of the corresponding action of the user. This storage is based on our legitimate interests and on the interest of the user’s protection against misuse and other unauthorised use. Disclosure of this data to third parties does generally not take place unless it is necessary to pursue our claims or there is a legal obligation in accordance with Art. 6 (1)(c) GDPR. IP addresses are anonymised or deleted after 7 days at the latest.

Establishing contact

When contacting us (e.g., by contact form, email, telephone or on social networks), the user’s information is processed for the purpose of processing the request in accordance with Art. 6 (1)(b) GDPR (pre-contractual and contractual relationships) and Art. 6 (1)(f) GDPR (other inquires). User information can be stored in a Customer Relationship Management (CRM) system or a similar organisational system to optimise contact. We delete the contact inquiries, if it is no longer necessary to keep them. We check the necessity every two years. In all other cases, juridical archiving obligations apply.

Zendesk CRM

To process user inquiries faster and more efficiently, we use the Zendesk CRM system from Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA. Our legitimate interests are in accordance with Art. 6 (1)(f) GDPR. Zendesk is a certified participant of the Privacy Shield Agreement, thereby providing additional assurance of compliance with European data protection law.
Zendesk only uses the user’s data for the technical processing of inquiries and does not pass it on to third parties. To use Zendesk, the specification of a correct email address is required. Pseudonymous utilisation is possible. During the processing of service requests, it may be necessary to collect further data (name, address).
If users do not agree to Zendesk's data collection and storage in Zendesk’s external system, there are other ways to submit service requests by email, phone or post. Further information about Zendesk's data protection policy:


What follows is the explanation of the content of our regular (circa weekly) newsletter, as well as the registration, sending and statistical evaluation procedure, as well as the right of objection. By subscribing to our newsletter, you consent to the receipt and the procedures described.
Content of the newsletter:
We only send newsletters, emails and other electronic notifications with advertising information (hereinafter "newsletter") with the consent of the recipient or legal permission. Insofar as the contents of a newsletter are concretely outlined, they are essential for the consent of the users. In addition, our newsletters contain information about our services and our company itself.
Double opt-in and logging:
Registration for our newsletter is made using the double-opt-in method. After registration, an email is sent asking for confirmation of the registration. This confirmation is necessary so that nobody can register with strange email addresses. The registration for the newsletter will be logged in order to prove the registration process in line with legal requirements. This includes storing the login and confirmation times and the IP address. Likewise, changes to your data stored with the mailing provider will be logged.
Registration data:
To register for the newsletter, it is sufficient to enter your own correct email address.
We sometimes also ask for the name, so that it is possible to personally address the individual or in connection with a further contact request.
Performance measurement:
The dispatch of the newsletter and the associated performance measurement are based on the consent of the recipients in accordance with Art. 6 (1)(a) and Art. 7 GDPR in conjunction with § 7 (2)(3) UC. Otherwise, if consent is not required, based on our legitimate interests in direct marketing pursuant to Art. 6 (1)(f) GDPR in connection with § 7 (3) UC.
Logging of the application is based on our legitimate interests in line with Art. 6 (1)(f) GDPR. Our interest lies in the application of a user-friendly and secure newsletter process that serves our business interests and meets the expectations of our users. In addition, proof of consent should be possible for us.
Termination or revocation (cancellation, deregistration):
You can cancel the receipt of our newsletter at any time, in other words, revoke your consent. An unsubscribe link to cancel the newsletter can be found at the end of every newsletter. Alternatively, a corresponding message to the contact person specified in our imprint is sufficient. We can save the email addresses for up to three years based on our legitimate interests before we delete them, in order to be able to prove prior consent. The processing of this data is limited to the purpose of a possible defence against claims. An individual request for cancellation is possible at any time, if prior existence of consent is confirmed at the same time.

Performance measurement of newsletters and Trading-Signals

The newsletters and the ordered Trading-Signals contain a so-called Web-Beacon. This is a pixel-sized file which is retrieved by our server when you open the newsletter/Trading-Signals message or from the server of a mail service provider. Upon retrieval, technical information, for example information about the browser and the computer system, as well as your IP address and the time of retrieval are collected. This information is used for the technical improvement of the services based on the technical data, the target groups and their reading behaviour, which is based on the location that the information is retrieved (can be determined with the help of the IP address) or the access times. Statistical surveys also include determining if the newsletter/Trading-Signals messages were opened, when they were opened, and which links were clicked on. Although this information can be technically ascribed to the individual recipients, there is no intention on our part or the mail service providers to monitor individual recipients. Instead, the evaluations serve to identify the reading habits of the recipients and to adapt our content to suit these habits or to send different content according to the interests of the recipients. A separate revocation of the performance measurement is not possible. In order to do this, the newsletter itself or the Trading-Signals subscription would have to be cancelled.


ATT-Signals does not send the newsletter itself, but via the mail service provider MailChimp, a US-American based provider by Rocket Science Group LLC, 675 Ponce De Leon Ave NE#5000, Atlanta, GA 30308, USA. The data protection policy of the mail service provider can be found here: The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European privacy standards ( ) This mail service provider is used based on our legitimate interests in accordance with Art. 6 (1)(f) GDPR and a contract processing agreement (Data Processing Agreement) in accordance with Art. 28 (3)(1) GDPR. By subscribing to our newsletter, you consent to receiving the newsletter and the procedures described in this context.
The mail service provider may use the data of the recipient in a pseudonymous form, meaning without being ascribed to an individual user, to optimise or improve their own services, e.g., for the technical optimisation of the mailing and the presentation of the newsletter or for statistical purposes. However, the mail service provider does not use the data of the recipients from our newsletter to write them personally and does not pass this data onto third parties.


ATT-Signals uses the mail service provider SendGrid, a US-American based company by SendGrid, Inc., 1801 California Street, Suite 500, Denver, CO 80202, USA for the delivery of the ordered Trading-Signals. SendGrid is a service which allows the dispatch of emails, among other things, to be organised and analysed. If users enter data such as, for example, an email address, it will be stored on the SendGrid servers in the USA. The data protection policy of the mail service provider can be found here SendGrid is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European privacy standards ( ). With the help of SendGrid, we are able to analyse the sent emails. This allows us to determine whether a message has been opened and which links have been clicked on. In addition, technical information is collected (e.g., time of retrieval, IP address, browser type and operating system). This solely serves for statistical analysis of the emails. The results of these analyses can be used to better identify delivery problems. This mail service provider is used based on our legitimate interests in accordance with Art. 6 (1)(f) GDPR and a contract processing agreement (Data Processing Agreement) in accordance with Art. 28 (3)(1) GDPR.

Cookies, right to contradict to direct advertising

A cookie is a small file that is stored on a user’s computer. Different information can be stored within the cookie. A cookie is primarily used to store information about a user or the device during and after the user’s visit to an online service. A temporary cookie, session cookie, or transient cookie is a cookie that is deleted after a user leaves an online service and closes the browser. In a cookie of this nature, the login status or subscription status can be stored. A cookie is referred to as permanent or persistent when it remains in storage even after the browser has been closed. This allows, for example, the login status to be saved when users return to the online service after a few days. Likewise, such cookies may store the interests of the users, which is used to establish the reach or for marketing purposes. Third party cookies are cookies that are offered by providers other than the provider responsible for running the online service. With a cookie set by the responsible provider, one refers to it as a first-party cookie. ATT-Signals can use temporary and permanent cookies and explains this in this data protection policy. If users do not want cookies to be stored on their computers, they can use the appropriate option in the system settings of the browser to disable this process. Saved cookies can be deleted in the system settings of the respective browser. The exclusion of cookies can lead to functional limitations of this service.
A general objection to the use of cookies used for the purpose of online marketing can be declared in a variety of services, especially in the case of tracking through cookies, via the US-American website or the EU website Furthermore, the storage of cookies can be deactivated by switching off this function in the settings of the browser. It should be noted that not all features of this service can then be used.

Disable cookies

Google Analytics

Based on our legitimate interests (interest in the analysis, optimisation and economic operation of our services in line with Art. 6 (1)(f) GDPR), we use Google Analytics, a web analytics service provided by Google LLC ("Google"). Google uses cookies. The information generated by the cookie about the use of the online service by users is regularly transmitted to Google's servers in the US and stored there.
Google Analytics is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European data protection law ( ).
Google uses information on our behalf to evaluate the use of our services by users, to compile reports on the activities within the services, and to provide us with other services related to the use of our services and internet usage. Thereby, pseudonymous usage profiles of the users can be created from the processed data.
We only use Google Analytics with activated IP anonymisation. The IP addresses of Google users will be shortened within member states of the European Union or other parties of the Agreement in the European Economic Area. Only in exceptional cases is the full IP address sent to a Google server in the USA and shortened there. The IP address submitted by the user's browser will not be merged with other data provided by Google. Users can prevent the storage of cookies through the respective setting on their browser. In addition, users can prevent the collection of data generated by the cookie and related to their use of our service, and the processing of this data by Google, by downloading and installing the browser plug-in available under the following link: .
For more information about Google's data usage, settings and objection options, please refer to Google's data protection policy ( ) as well as the settings for advertising by Google ( ).
The personal data of users will be deleted or anonymised after 14 months.

Disable Google Analytics

Facebook Pixel

Within our services, based on our legitimate interests in analysis, optimisation and the economic operation of our service, and only for these purposes, the so-called Facebook Pixel (conversion pixel/visitor action pixel) by the social network Facebook, which is published by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook) is used. If the user is located in the EU, Facebook Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland is the operator of Facebook. Facebook is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European data protection law ( ).
With the help of Facebook Pixel, it is possible for Facebook to determine the online visitors of our service as a target group to present advertisements (so-called "Facebook ads"). Accordingly, we use Facebook Pixel to only display the Facebook Ads which we submit to those Facebook users who have shown an interest in our service or who have certain characteristics (e.g., relevant interests in certain topics or products, which are determined through the visited websites), which we transmit to Facebook (so-called "Custom Audiences"). With the help of Facebook Pixel, we also want to ensure that our Facebook ads meet the potential interest of users and avoid annoying or harassing users. Furthermore, we can use Facebook Pixels to understand the effectiveness of the Facebook Ads for statistical and market research purposes, by means of being informed whether users have been redirected to our website after clicking on Facebook Ads (so-called "conversion").
The processing of data by Facebook is done according to the data usage policy of Facebook. General tips for displaying Facebook Ads are also available in Facebook's data usage policy: . Details about Facebook Pixel and how it works are available in the help section of Facebook:
The collection and use of your data by Facebook Pixel to display Facebook Ads can be objected to here: . To change the types of ads you see on Facebook, you can visit the website set up by Facebook and follow the instructions for the usage-based advertising settings: .
You can also object to the use of cookies, which serve to measure the reach and for advertising purposes, on the deactivation page of the network advertising initiative ( and the US-based website ( or on the European website (

Disable Facebook Pixel

Incorporation of third-party services and contents

Within our service, based on our legitimate interests in the analysis, optimisation and economic operation of our services in line with Art. 6 (1)(f) GDPR, we incorporate third-party content or service offers into our content and services (hereinafter "content"). This always presupposes that the third-party providers of this content detect the IP addresses of the users, since they would not be able to send the content to the users' browsers without the IP address. The IP address is therefore required for the presentation of this content. We make a concerted effort to only use content whose respective providers solely use the IP address for the delivery of content. Third parties may also use so-called Pixel-Tags (invisible graphics, also referred to as Web-Beacons) for statistical or marketing purposes. The Pixel-Tags can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include, among other things, technical information about the browser and operating system, referring web pages, visiting time, and other information regarding the use of our services.


We include videos from the YouTube platform by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Data protection policy
Opt-out .


We include the trading software of the developer MetaQuotes Software Corp., 21 Iridos Street, Mesa, Yitonia, Limassol 4004, Cyprus.
Data protection policy
Cookie policy

Our online presence on social networks and information platforms

We are present on social networks and platforms in order to communicate with (potential) clients, interested parties, business partners and users, and to inform them about our services there.
Hence, data of users outside of the European Union can thereby be processed. This may result in risks for the users. For example, the enforcement of user rights could be made more difficult. Regarding US providers, who are certified under the Privacy Shield, we would like to note that they are committed to upholding the EU's data privacy standards.
Furthermore, user data is regularly processed for market research and advertising purposes. Thus, for example, user profiles can be created from the user behaviour and recognisable interests of the users. These user profiles may be used to place advertisements or the like within and outside the networks, which may be in the interests of the users. For this purpose, cookies are usually stored on the computers of the users, in which the user behaviour and the interests of the users are stored. In addition, the user profiles can also store data independently of the devices used by the users. This happens, in particular, when the users are members of the respective social network and are logged in.
The processing of users' personal data takes place in accordance with our legitimate interests in effectively informing users and communicating with users in accordance with Art. 6 (1)(f) GDPR. If users of a social network provider are asked to consent to data processing, the legal basis for processing is Art. 6 (1)(a) and Art. 7 GDPR.
We would like to take the opportunity to refer to the statements of the providers of the following networks. The links contain a detailed description of the respective processing and the objection options.
In the case of requests for information and the assertion of user rights, these can be most effectively asserted with the relevant providers because only the providers have the required access to the user data and can immediately implement measures or provide information. Furthermore, we are always available as a contact should you require information.

Facebook Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
- Data protection policy
- Opt-out and
- Privacy shield

Google/YouTube Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
- Data protection policy
- Opt-out
- Privacy shield

Instagram Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA
- Data protection policy and opt-out

Twitter Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
- Data protection policy
- Opt-out
- Privacy shield

Linkedin LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland
- Data protection policy
- Opt-out
- Privacy shield

Protection and security measures

In accordance with Art. 32 GDPR, ATT-Signals takes into account the currency of technology, the costs of implementation, and the type, scope, circumstances and purposes of processing, as well as the different probabilities of occurrence and severity of the risk to the rights and freedoms of natural persons, and appropriate technical and organisational measures to ensure a level of protection appropriate to the risk incurred. This includes, above all, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data and controlling access, input, disclosure, security of availability and separation of such data. In addition, there are procedures that introduce observance of data subject rights, data deletion and responses to data threats. Furthermore, according to Art. 25 GDPR, the protection of personal data is already taken into account in the development and selection of hardware, software and procedures, in accordance with the principle of data protection, through the design of technology and privacy-friendly default settings.