GfK SE
DE|EN
Privacy policy

Privacy policy

Last updated: July 15, 2019

About SENSIC.net and GfK

GfK SE in Germany (legal information below) owns the domain SENSIC.net which serves the purposes of online advertisement effectiveness research and digital media audience measurement, using cookies and similar technologies. GfK SE predominantly holds market research companies in several countries in Europe and abroad which together form the „GfK Group“ („GfK“, „we“, „us“, „our“). All GfK companies may use the services of SENSIC.net for their own market research activities. Since GfK SE is based in the European Union, we process personal data collected through SENSIC.net in compliance with applicable European data protection laws and other statutory provisions.

GfK does not advertise to consumers / private internet users directly. The use of the information collected through SENSIC.net is restricted to research purposes. In particular, we do not target individuals or their connected devices with any advertisements.

Personal data

Personal data means any information that either directly or indirectly identifies you as an individual. „Directly“ meaning, for example, your name and address, „indirectly“ meaning when combined with other information.

Unless with your prior informed consent given as a participant in a market research or media measurement panel or other project conducted by GfK using SENSIC.net technologies,

  • - we do not hold any personal data about you to which we could link to the data collected through SENSIC.net in order to identify you,
  • - we report the results of our research to our customers in a form that does not allow them to identify individuals.
  • About cookies and similar technologies

    What are cookies?

    Cookies are a small text files that contain a string of characters and may uniquely identify a browser. Operators of websites you visit or third parties send them to a computer or mobile device. Most browsers are initially configured to accept cookies by default. You may be able to change your browser settings to cause your browser to refuse third-party cookies (which are set by websites other than the currently viewed one) or to indicate when a third-party cookie is being sent. Check your browser’s „Help“ files to learn more about handling cookies.

    What is local storage?

    Local storage means a technology that allows websites to store data on your computer or mobile device. While this is similar to cookies, local storage can take larger amounts of data and this data is not automatically transferred with each request to the site that stored it. Cookies typically expire (are automatically deleted) after a certain period of time. Data in local storage will usually persist until you delete it manually. Check your browser’s „Help“ files to learn more about handling local storage.

    What is the Mobile Advertising ID?

    The Mobile Advertising ID is a online identifier of a mobile device that you can manually reset. It allows the recognition of recurring devices by mobile apps, typically for advertising purposes. On Android devices, the Mobile Advertising ID is known as the „Android Advertising ID“, on Apple devices as the „ID for advertiser (IDFA)“. The Mobile Advertising ID applies to a device and is accessible by apps that you use. It is not used by websites you visit. Check your mobile operating system’s „Help“ files to learn more about the Mobile Advertising ID.

    How does SENSIC.net use cookies, local storage and the Mobile Advertising ID?

  • (a) Data collection among general internet and mobile app audience
  • We may set cookies in your browser when you see certain advertisements whose effectiveness we study on behalf of our customers when you visit websites that display such advertisements. Each of these cookies has a name that consists of letters and numbers and includes, in an encoded form, a randomly generated unique identification number, information that identifies the respective advertising campaign, creative and placement and the date and time when the advertisement was displayed and how often. As we set the cookies, we log on our servers the same information that we store in the cookies. These cookies expire after two years, at the latest, unless you delete them manually.

    When you play streaming media content or view other content that is accessible to a broad audience on websites that you visit or in mobile apps that you use we may do one of the following:

  • • store a randomly generated unique identifier in your browser’s local storage
  • • or capture the Mobile Advertising ID.
  • With streaming media measurement, together with the Mobile Advertising ID or unique identifier stored in Local Storage, we record for how long the streaming content is played and when it is stopped and paused and when you rewind and fast-forward.

    When we set cookies, store data in your browser’s local storage, capture your Mobile Advertising ID or measure streaming content usage in online media players, we store anonymized IP addresses and referrer URLs (internet addresses of websites). We anonymize these data by removing the last octet of each IP address and by truncating referrer URLs behind the top-level domain (like „.com“, „.co.uk“ or „.de“).

    Before we store anonymized IP addresses, we use them to determine which country and region or city you are using the service from.

    We process personal data that we collect through cookies and similar technologies among general internet and app audience for purposes of our legitimate interest pursuant to art. 6 (1) lit. f of the European General Data Protection Regulation.

  • (b) Data collection among participants in market research panels and other market research projects conducted by GfK or a client or partner using our technologies
  • As a participant in an online market research panel or other project run by GfK or another party that uses our technologies, you may have given your consent to either us (in case of a GfK project) or the other party to analyze data collected from you through SENSIC.net in connection with your participant number. This participant number allows either us (in case of a GfK project) or the other party to identify you as an individual. Please refer to the consent form and/or privacy policy for the respective panel or project you are taking part in.

    In this case, an additional cookie (whose name consists of four or five letters) or additional Local Storage information will be placed on your device, for example, when you visit the web portal of your panel provider or take part in an online survey. This cookie or Local Storage information includes your panelist identification number and the information when it was stored and last updated. This allows either us (in case of a GfK project) or the other party to attribute measured exposure to relevant online advertisements, media and content to identifiable market research participants. We may combine the data that we collect from your device through SENSIC.net, including Mobile Advertising IDs, with other data that we collect from or about you in the course of a market research project in order to prepare reports on audience structure for our customers. We report such audience data in an anonymized form to our customers, usually as statistics (for example number and percentage of male and female market research participants per age group and region who saw the relevant content).

    GfK companies and other parties who use SENSIC.net technologies are obliged to include a link to this privacy policy in their own website privacy policies.

    We process personal data that we collect through cookies and similar technologies from participants in our market research activities on the legal basis of the data subjects’ consent pursuant to art. 6 (1) lit. a of the European general Data Protection Regulation.

    Opt-out cookie

    Applying a „Do Not Track“ (DNT) setting in the browser (see https://allaboutdnt.com/) will not(!) block cookies, local storage data from SENSIC.net or the collection of Mobile Advertising IDs. In order to block all cookies and local storage data from SENSIC.net and to erase or fully anonymize all other cookies and local storage data from SENSIC.net from your device immediately, you may set an opt-out cookie and create an opt-out local storage entry instead. Please note that this opt-out takes effect only on the device and in the web browser where it is set and only as long as it is not deleted! Also please note that this opt-out does not prevent the collection and usage of your device’s Mobile Advertising ID. Please review the privacy policies of the apps you are using in respect of your choices concerning the Mobile Advertising ID.

    Click here to set the
    opt-out cookie
    in the current browser
    on the device that you are currently using.

    Data retention periods

    We retain the data collected through SENSIC.net for a period of two years at the longest.

    Your legal rights

    You have legal rights to

  • - information regarding personal data we hold about you
  • - receive one copy of your personal data, free of charge
  • - obtain rectification and erasure of your personal data and to restriction of processing of your personal data while we verify its accuracy pursuant to your request or you prefer restriction of processing over erasure in certain situations
  • - object to the processing of your personal data at any time without stating a reason
  • - in case of an alleged infringement of applicable data protection law, to lodge a complaint with the data protection authority in your country or in the country where the alleged infringement occurred.
  • No identification

    Please note that when you make a request to GfK in exercise of your legal rights, we may not be able to identify you based on your name or your email address. In such cases, where we cannot identify you as a data subject, we are not able to comply with your request to execute your legal rights as described in this section, unless you provide additional information enabling your identification.

    If you take part in a market research panel conducted by GfK or another research company using SENSIC.net technologies on their websites or within their mobile apps, the data collection through SENSIC.net is typically subject to your prior informed consent. In these cases, we recommend that you contact the helpdesk of the respective panel in all data protection matters concerning SENSIC.net.

    As a visitor of websites or a user of mobile apps that use SENSIC.net technologies to measure streaming media viewership, please also review the privacy policies of the respective websites or apps with regarding your choices in respect of cookies and the Mobile Advertising ID.

    How we share personal data

    We will disclose your personal data only for the purposes and to those third parties, as described below – unless with your specific consent to transfers of personal data to other categories of third parties given elsewhere, such as through the consent form for a specific Panel. GfK will take appropriate steps to ensure that your personal data are processed, secured, and transferred according to applicable law.

    Within GfK Group

    GfK is part of a global organization (the „GfK Group“), consisting of several companies in and outside the European Union, all primarily owned by GfK SE in Germany. Your personal data may be transferred to one or more GfK Group affiliated companies as needed for data processing and storage, providing you with access to our services, providing customer support, making decisions about service improvements, content development and market or media research purposes. We do not disclose your personal data to third parties outside GfK unless you have declared your prior explicit consent for the specific purpose.

    External service providers

    Where necessary, we will commission other companies and individuals to perform certain tasks contributing to our services on our behalf within the framework of data processing agreements. We may, for example, provide personal data contractors or partners for hosting our databases and applications or for data processing services. We will only share with or make accessible such data to external service providers to the extent required for the respective purpose. This data may not be used by them for any other purposes, in particular not for their own or third party purposes. GfK’s external service providers are contractually bound to respect the confidentiality of your personal data.

    Business transfers

    In connection with any reorganization, restructuring, merger or sale, or other transfer of assets (collectively „Business Transfer“), we will transfer data, including personal data, in a reasonable scale and as necessary for the Business Transfer, and provided that the receiving party agrees to respect your personal data in a manner that is consistent with applicable data protection laws. We will continue to ensure the confidentiality of any personal data and give affected users notice - by updating the information on http://sensic.net/ ahead of time or contacting GfK market research participants directly - before personal data become subject to a different Privacy Policy.

    Public bodies

    We will only disclose your personal data to public bodies where this is required by law. GfK will for example respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence.

    International transfers of personal data

    Under specific circumstances, it will also be necessary for GfK to transfer your personal data to countries outside the European Union/ European Economic Area (EEA), so called „third countries“. Such third country transfers may refer to all processing activities describes under Sec. 3 of this Privacy Policy. This Privacy Policy shall apply even if we transfer personal data to third countries, in which a different level of data protection applies than in your country of residence. In particular, an international data transfer may apply in the following scenarios:

    GfK legal entities

    GfK’s legal entities outside the European Union have entered into intra-company data protection agreements using standard contractual clauses adopted by the European Commission to safeguard your privacy and legitimize international data transfers.

    Other third parties outside the European Union (EU) and the European Economic Area (EEA)

    Any transfers of personal data to third parties outside the GfK Group will be carried out with your prior knowledge and, where applicable, with your consent. Any transfers of personal data into countries other than those for whom an adequacy decision regarding the level of data protection was made by the European Commission, as listed on https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en, occur on the basis of contractual agreements using standard contractual clauses adopted by the European Commission or other appropriate safeguards in accordance with the applicable law.

    Security

    GfK takes data security seriously. We apply an appropriate level of security and have therefore implemented reasonable physical, electronic, and administrative procedures to safeguard the data we collect from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements. Access to your personal data is granted only to those personnel, service providers or GfK affiliates with a business need-to-know or who require it in order to perform their duties.

    In the event of a data breach containing personal data, GfK will follow all applicable data breach notification laws.

    Changes to this Privacy Policy

    We reserve the right, at our discretion, to modify our privacy practices and update and make changes to this Privacy Policy at any time. For this reason, we encourage you to refer to this Privacy Policy on an ongoing basis. This Privacy Policy is current as of the „last revised“ date indicated above. We will treat your personal data in a manner consistent with the Privacy Policy under which they were collected, unless we have your consent to treat them differently.

    Legal / contact information

    GfK SE
    Nordwestring 101
    90419 Nuremberg
    Germany

    Management:

    Peter Feld (CEO)
    Lars Nordmark (CFO)

    T +49 911 395-0 (Switchboard), gfk@gfk.com

    Chairman of the Supervisory Board: Ralf Klein-Bölting

    Registered office: Nuremberg
    Entered in the Commercial Register at the District Court:
    Nuremberg: HRB 25014

    Data Protection Officer:

    Michael Adling

    (postal address as above, email: dpo_germany@gfk.com)

    Email contact for questions in data protection matters concerning SENSIC.net:
    privacy.sensic@gfk.com