Privacy Policy

    1. How is my data processed?

    The following points:

    • Access logs (log files)
    • What are cookies and how are they used?

    apply to everyone using our website. Further details depend on how you use bettermarks. Please select the relevant section:

    • I am browsing bettermarks without logging in
    • I am a student learning with bettermarks
    • I am a teacher using bettermarks
    • I am applying to bettermarks via email

    2. Access Logs (Log Files)

    2.1. What data is processed?

    When you visit our website, we only log the data that your browser automatically transmits to us:

    • Information about the browser used (type/version/language)
    • Operating system and interface (type and version)
    • Your IP address
    • Date and time of access
    • Time zone difference to Greenwich Mean Time (GMT)
    • Content of the request (specific page)
    • Previously visited webpage (referrer)
    • Transferred data volume and access status (file transferred, file not found, etc.)

    In case of attacks or suspicious access, the associated content is temporarily stored for analysis. These technical data are not stored, linked, or combined with other data.

    2.2. For what purpose are my data used in log files?

    These data are stored to help us defend against attacks and analyze technical issues. No evaluation for marketing or other purposes takes place.

    2.3. Why is this allowed? What is the legal basis for this?

    We must ensure the security and stability of our website. Therefore, we have a legitimate interest in processing the data for the purposes mentioned in section 2.2. The legal basis is Article 6, Section 1, Letter f of the GDPR.

    2.4. How long are my data stored?

    Log files are automatically deleted after 7 days. Any data stored in case of attacks or suspicious access is deleted immediately after analysis.

    2.5. How can I object to this use of my data?

    Collecting data to provide the website and storing them in log files is necessary for the operation of the website. Therefore, we cannot refrain from collecting them or delete them prematurely.

    3. Content Delivery Network (CDN) and Web Application Firewall (WAF)

    To protect all our websites, systems, and the data processed within them from attacks, we use services from Cloudflare. All web traffic is routed through Cloudflare’s systems, with an encrypted connection from your PC to the nearest Cloudflare data center and another encrypted connection from there to us.

    3.1. What are a Content Delivery Network and a Web Application Firewall?

    A Content Delivery Network (CDN) consists of multiple servers that store copies of static data from the bettermarks system (e.g., images and unchangeable texts). These servers are located in data centers near you with high-speed internet connections, delivering elements quickly without overloading bettermarks' central systems.

    A Web Application Firewall (WAF) analyzes incoming requests for attack patterns and blocks them. About 1% of data is randomly selected for evaluation to identify attack patterns. Since the sample is completely random, it may contain personal data, but such data is irrelevant for attack detection and is not considered.

    3.2. What data is processed?

    When you visit a bettermarks page, the following data is processed:

    • Browser information (type/version/language)
    • Your IP address
    • Date and time of access
    • Time zone difference to GMT
    • Content of the request (specific page)
    • Technical metadata (HTTP headers)

    3.3. For what purpose are my data used in CDN and WAF?

    Data are used to:

    • Deliver your requests faster via CDN caching
    • Defend against attacks on the bettermarks system (CDN and WAF)
    • Keep this protection updated (WAF sampling)

    3.4. Why is this allowed? What is the legal basis?

    We must ensure the security and stability of our website. Therefore, we have a legitimate interest in processing the data for the purposes mentioned in section 3.3. The legal basis is Article 6, Section 1, Letter f of the GDPR.

    3.5. How long are my data stored?

    The data are stored for up to 7 days.

    3.6. How can I object to this use of my data?

    Data collection in CDN and WAF is necessary to protect the bettermarks system according to current technical standards. Therefore, we cannot refrain from processing these data or delete them prematurely.

    4. What are cookies and how are they used?

    We use cookies on our website. Cookies are small data packets that our server sends to your browser, which stores them on your computer and sends them back to the server on each subsequent visit. Cookies make the website more user-friendly and efficient.

    You can delete cookies at any time in your browser settings or prevent them from being stored altogether.

    4.1. What are "essential cookies"?

    Some cookies are necessary for our website to function properly. For example, we use cookies to remember your cookie preferences or to secure logins.

    These cookies are used exclusively to implement the website's basic functions and are not shared with third parties. They remain on your computer only as long as necessary for the respective functions.

    If you disable these cookies, parts of our website may not function properly.

    4.2. What about other cookies?

    Other cookies enable additional website functions, such as web analytics or embedded services. Explanations regarding these cookies are provided in the relevant sections.

    For these non-essential cookies, you have the option to choose:

    [Access personal cookie settings]

    4.3. What cookies does bettermarks use in the learning and teaching area (when I log in)?

    In the learning system, bettermarks only uses essential cookies necessary for system functionality, such as login management. These cookies are deleted immediately when no longer required.

    Web analytics (e.g., Stetic) is not integrated in this area, and no embedded services are used.

    5. I Get Information on Bettermarks Without Logging In

    5.1. Who is Responsible for Processing My Data?

    The responsible party according to Article 4, Section 7 of the General Data Protection Regulation (GDPR) is:

    bettermarks GmbH
    Skalitzer Straße 85-86
    10997 Berlin, Germany

    Tel.: +49 (30) 300 2440 00
    Fax: +49 (30) 300 2440 10
    Email: kontakt@bettermarks.com

    5.2. Who is the Data Protection Officer?

    Our Data Protection Officer:

    Johannes Endres
    Althammer & Kill GmbH & Co. KG
    Roscherstraße 7
    30161 Hannover, Germany

    Tel.: +49 (511) 330603 90
    Email: kontakt-dsb@althammer-kill.de
    Web: www.althammer-kill.de

    5.3. Contact Form and Contact via Email

    5.3.1. What Data is Processed?

    If you use our contact form, we process the data you enter in the form fields. Additionally, the date and time of form submission are recorded.

    If you send us an email to the address provided on the website, we store the data you send along with it. This includes technical data from the email transmission, such as date and time.

    5.3.2. For What Purpose is My Data from the Contact Form or Email Used?

    The data is used exclusively to answer your inquiry or process your request. It is not used for any other purpose and is not shared with third parties.

    5.3.3. Why is This Allowed? What is the Legal Basis?

    You voluntarily provide your data in the contact form or email and consent to its processing upon submission. The legal basis is Article 6, Section 1, Letter a of the GDPR.

    5.3.4. How Long is My Data Stored?

    The data is deleted as soon as it is no longer needed, meaning when your inquiry has been fully answered or your request has been completely processed.

    5.3.5. How Can I Object to the Use of My Data?

    You can withdraw your consent at any time. The best way to do this is by sending us an email from the same address.

    We will then delete your personal data immediately. However, this means we will no longer be able to process your inquiry or request.

    5.4. Blog Comments

    5.4.1. What Data is Processed?

    The data you enter in the comment form fields is processed. Additionally, the date, time, and your IP address are stored.

    5.4.2. For What Purpose is My Data Used?

    Your comment and the entered name are published on the blog page. Your email address may be used to follow up directly regarding your comment.

    Comments may contain illegal content, such as insults, prohibited hate speech, or other criminal offenses. Since we can be held legally responsible for such content, we must know the identity of commenters. For this purpose, we store the date, time, IP address, and email address.

    If a report is filed due to illegal content, the data will be used for law enforcement.

    5.4.3. Why is This Allowed? What is the Legal Basis?

    You voluntarily comment on our blog posts and consent to publication when submitting your comment. The legal basis is Article 6, Section 1, Letter a of the GDPR.

    Identifying the author of an illegal comment is in our legitimate interest. The legal basis for this is Article 6, Section 1, Letter f of the GDPR.

    If we are reported for illegal comments, we are legally obligated to cooperate with law enforcement authorities. The legal basis is Article 6, Section 1, Letter c of the GDPR.

    5.4.4. How Long is My Data Stored?

    Your comment and associated data are stored as long as the comment is published on the page.

    If a report is filed due to its content, we are required to store the data until the case is resolved.

    5.4.5. How Can I Object to the Use of My Data?

    You can withdraw your consent at any time. The best way to do this is by sending us an email from the address you provided when commenting, to kontakt@bettermarks.com.

    5.5. What is Web Analytics and What is Its Purpose?

    Web analytics refers to the study of website activity. We aim to design our website to be as user-friendly as possible for our visitors. To achieve this, we need to understand how users interact with different website elements. We analyze, for example, which pages are visited most frequently or the typical reading order of visitors.

    5.5.1. What Service Provider Does Bettermarks Use for Web Analytics?

    We use Stetic, a website statistics and analytics service. This provider supplies us with software tools to collect and analyze necessary data. Stetic operates exclusively on our behalf and does not use the data for other purposes.

    5.5.2. What Data is Processed?

    Stetic collects the following data on our behalf:

    • The first three bytes of the IP address (the last digit is masked before storage, e.g., 192.0.0.*).
    • Browser type.
    • Operating system.
    • Screen resolution.
    • Platform (PC, Mac, mobile device).
    • Type of mobile device (if applicable).
    • Browser technologies (e.g., JavaScript enabled, cookies enabled).
    • Referring website.
    • Search term used (if the referring website is a search engine).
    • Country, region, city (based on IP address).
    • Accessed page or event.
    • Timestamp of access.

    5.5.3. For What Purpose is My Data Used?

    The data is used solely to improve our website.

    5.5.4. Why is This Allowed? What is the Legal Basis?

    Upon your first visit to our website, we displayed a dialog asking for your consent to use cookies for statistical purposes. We activated Stetic only if you consented. The legal basis is Article 6, Section 1, Letter a of the GDPR.

    5.5.5. How Long is My Data Stored?

    The data is stored by Stetic for 10 years.

    5.5.6. How Can I Object to the Use of My Data?

    You can withdraw your consent by reopening the cookie settings and disabling "Statistics Cookies."

    5.6. Embedded Services: Vimeo Videos

    We store videos with Vimeo and embed them in certain parts of our website. Using Vimeo ensures that you can watch the videos quickly and in high quality.

    5.6.1. What Happens to My Data If I Have Consented to Cookie Usage?

    Upon your first visit to our website, you saw a dialog asking for your consent to use cookies for "External Media." If you provided consent, a connection to Vimeo is established when you visit a page with an embedded video. Vimeo then stores your IP address and sets cookies in your browser.

    Technically, this is equivalent to accessing the video directly on the Vimeo website. Therefore, Vimeo's privacy policy applies, which you can read here: https://vimeo.com/privacy.

    5.6.2. Why is This Allowed? What is the Legal Basis?

    A connection to Vimeo is only established if you have agreed to cookie usage. The legal basis is Article 6, Section 1, Letter a of the GDPR.

    5.6.3. What Happens to My Data If I Object to Cookie Usage?

    If you did not consent to the use of cookies for "External Media," no data is transferred to Vimeo. Instead, you will see a notice explaining how to access the video.

    5.6.4. How Can I Withdraw My Consent Later?

    You can withdraw your consent by reopening the cookie settings and disabling "External Media." This will prevent future automatic connections to Vimeo.

    However, this does not delete the data that Vimeo has already collected based on your prior consent. To request deletion, you must contact Vimeo directly, as explained in their privacy policy: https://vimeo.com/privacy.

    6. I am a student and learn with bettermarks

    6.1. Who is responsible for processing my data?

    That depends on the federal state in which you go to school:

    In Berlin, Bremen, Hamburg, Lower Saxony, and Rhineland-Palatinate, there is a contract between bettermarks and the responsible authority of the federal state. This contract states that the federal state is responsible. You need to ask your school how to contact the responsible authority.

    Other federal states: In most cases, there is a contract between your school and bettermarks, sometimes even between your teacher and bettermarks. In this case, your school is usually responsible for processing the data. So, you should ask your school administration.

    Bettermarks does not process your data for its own purposes but exclusively on behalf of the entities mentioned above and only as they request. This is called "data processing on behalf of a controller."

    Therefore, for legal questions regarding data protection, you must contact the relevant authority. Most of the time, this will be your school; otherwise, they should know who is responsible.

    The following answers are purely technical information about how our system works. If you have further questions, we will be happy to answer them.

    6.2. Who is the data protection officer?

    The responsible data protection officer is always the one of the authority responsible in your federal state. Unfortunately, we cannot provide more specific details, so if in doubt, please ask your school.

    6.3. What data does bettermarks collect about me?

    Even though it may sound surprising: none.

    For you to learn math with bettermarks, we do not need to know your name. We only work with your login name. Your math teacher assigns this login name to you, and only they know which person receives which login name. Bettermarks does not know which person is using which login name and has no interest in finding out.

    This is called "pseudonymous" data: From our perspective, the data is anonymous, and only the teacher can associate it with a real person. Bettermarks does not collect any personal data about you, only the math results achieved under a login name.

    6.4. So why does my name appear when I log in?

    There can be several reasons for this, depending on how you log into bettermarks:

    6.4.1. Access via a school cloud

    If you log into your federal state’s access system (e.g., the Lower Saxony School Cloud) and continue to bettermarks from there, the school cloud will display a frame that also contains your name. Within this frame, bettermarks runs separately from the frame. This means that bettermarks has no access to any parts of the frame, including the displayed name.

    6.4.2. Direct access to bettermarks

    Your teacher may not always have the list of login names on hand. Therefore, they can store a reminder in bettermarks indicating who has which login name. Ideally, this should not be your full name, but rather an abbreviation. If your full name is displayed and this bothers you, please speak to your teacher.

    Bettermarks only displays this reminder but does not use it for any other purposes. We also do not know whether it is your real name, as your teacher could assign a fictional name like "Matthi Mustermann" to a student named "Mathilda Matheass." We cannot verify this, nor is it relevant for us.

    6.5. How long is my data stored?

    An account is regularly deleted from the system if it has not been used for an entire school year. If the responsible authority (see 6.1) requests it or if the contract with us ends, we will delete the account sooner.

    Some selected data is kept beyond that to be analyzed statistically and to examine whether using bettermarks actually improves math learning. However, we remove your user ID and login name from the data, making it completely anonymous. Even with your school’s name list, no one can associate the data with you.

    All data that is not required for statistical and scientific analysis is deleted entirely.

    6.6. How can I request the deletion of my data before then?

    You need to contact your school for this. The reasons are:

    1. We only process data as instructed by the responsible authority (usually your school). This includes only deleting data when instructed to do so.
    2. We cannot delete your data ourselves because we do not know which data belongs to you. As explained above, only your teacher knows which person has which login name.

    7. I am a teacher and use bettermarks

    7.1. Who is responsible for processing my data?

    The responsible entity under Article 4(7) of the General Data Protection Regulation (GDPR) is:

    bettermarks GmbH
    Skalitzer Straße 85-86
    10997 Berlin, Germany
    Tel.: +49 (30) 300 2440 00
    Fax: +49 (30) 300 2440 10
    Email: kontakt@bettermarks.com

    7.2. Who is the data protection officer?

    Our data protection officer:

    Johannes Endres
    Althammer & Kill GmbH & Co. KG
    Roscherstraße 7
    30161 Hannover, Germany
    Tel.: +49 (511) 330603 90
    Email: kontakt-dsb@althammer-kill.de
    Website: www.althammer-kill.de

    7.3. What data is processed?

    When registering, we process the data you enter into the online forms. Additionally, the date and time of submission are recorded.

    When using the learning system, we process the data you enter and interact with. We only process the personal data that you can view within the system.

    7.4. What is my data used for?

    During registration, we create your account so you can access the teacher section. We verify with your school whether you are authorized to use bettermarks. We also need your registration data to reset your password if you forget it.

    The data you enter while using the system is solely used to provide you with access to bettermarks.

    7.5. Why is this allowed? What is the legal basis?

    The use of bettermarks and the required registration are voluntary, and by registering, you consent to the processing of your data. The legal basis is Article 6(1)(a) of the GDPR.

    7.6. How long is my data stored?

    If you do not log in for a full school year, your account will be deleted.

    Some selected data is retained for statistical analysis and to study the didactic effectiveness of the system. However, we remove the user ID and any other links to your account, making the data completely anonymous.

    All data not required for statistical and scientific analysis is fully deleted.

    If you have booked a license in your name, it may be necessary to store personal data longer to comply with contractual or legal obligations.

    7.7. How can I object to the use of my data?

    You can revoke your consent at any time with future effect. The best way to do this is to email us from your registered email address.

    8. I am applying to bettermarks via email

    8.1. Who is responsible for processing my data?

    bettermarks GmbH
    (Same contact details as above)

    8.2. Who is the data protection officer?

    (Same as above)

    8.2.1. What data is processed and for what purpose?

    We process the data you send us in your application to assess your suitability for the position and conduct the application process.

    Access to your data is limited to those involved in the hiring process.

    9. Does bettermarks transfer my data to countries outside the GDPR jurisdiction?

    We use cloud services from US providers but only store non-personal data with them. We ensure this by:

    • Routing necessary requests through our servers so your IP address is not visible.
    • Encrypting backups so cloud providers cannot access them.
    • Pseudonymizing learning data further.

    Therefore, your data remains protected, and legally, there is no "third-country transfer."

    10. Your Data Protection Rights

    You have the rights to access, correction, deletion, restriction, and data portability. If data is processed based on consent, you may revoke it anytime.

    For complaints, contact the Berlin Data Protection Commissioner or your local authority.

    Published: November 18, 2024, 15:59

    Published