Privacy Policy

The responsible party takes the protection of your personal data very seriously. This privacy policy is intended to inform you about the manner in which personal data is processed, insofar as either alone or jointly with others, the purposes and means of data processing are decided. It is important to the processor to inform you as transparently as possible about the type, scope, purpose, duration and legal basis of the data processing.

Privacy policy: Website

In the following, the responsible party would like to inform you about the data processing of your personal data on this website.

On the one hand, your data is collected by you providing it yourself. This can be, for example, data that you have shared in a contact form, order form or via different digital means of communication. 

On the other hand, technical data may be collected in the form of log data (so-called server log files). The log file usually consists of: 

  • The page from which the page was requested (so-called referrer URL) 
  • The name and URL of the requested page 
  • The date and time of the request 
  • The description of the type, language and version of the web browser used 
  • The IP address of the requesting computer, which is shortened, so that a personal reference can no longer be established 
  • The amount of data transferred 
  • The operating system 
  • The message whether the call was successful (access status/ http status code) 
  • The GMT time zone difference  

Data processing for the purpose of analyzing user behavior (through analysis programs, cookies and/or device fingerprinting) will only take place with your consent.

The responsible party points out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible. 

Definitions

In order to make this data protection declaration as comprehensible as possible for the reader, the definitions of Art. 4 of the GDPR shall be presentedas a basis: 

"Personal data" (Art. 4 No. 1 GDPR)

All data relating to a person by which you are identified or can be personally identified are personal data within the meaning of Art. 4 No. 1 GDPR. In the case of data that is completely anonymized, there is no longer a reference to a person. It is no longer personal data.

"Processing" (Art. 4 No. 2 GDPR) 

Almost any operation involving personal data, regardless of whether it is automated (digital) or analog, is a processing operation within the Meaning of Art. 4 No. 2 GDPR. It includes any type of processing from collection, storage, modification to disclosure and deletion. This term is deliberately understood broadly and includes almost any operations in the context of your personal data.

"Controller" (Art. 4 No. 7 GDPR)

The controller within the meaning of Article 4 No. 2 of the GDPR is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

"Third Party" (Art. 4 No. 10 GDPR)

Any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who are authorized to process the personal data under the direct responsibility of the controller or processor is a third party within the meaning of Art. 4 No. 10 GDPR. 

"Processor" (Art. 4 No. 8 GDPR) 

means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller, in particular in accordance with the controller's instructions (e.g. IT service provider). In terms of data protection law, a processor is not a third party. 

"Consent" (Art. 4 No. 11 GDPR) 

exists if an action has taken place that clearly indicates that the data subject voluntarily, for the specific case, in an informed manner and unambiguously agrees to the processing of his or her data.

Purposes of data processing 

Personal data is only processed for unambiguous purposes (Art. 5 (1) point (b) GDPR). As soon as the purpose of processing ceases to apply, your personal data will be deleted or protected by technical and/or organizational measures (e.g. by anonymization), unless this conflicts with a legal obligation to store the data for a longer period of time or to disclose it to third parties (in particular to law enforcement authorities). In other cases, the storage period and type of data collected as well as the type of data processing depends on which functions you use in each individual case.

Legal basis 

The processing of your personal data is only allowed under certain conditions of the GDPR and national data protection laws. Your data will not be processed without one of the following legal bases.

Consent (Art. 6 (1) point (a), Art. 9 (1) point (a) GDPR)

If you have given your consent to process your data for one or more specific purposes.

Performance of a contract (Art. 6 (1) point (b) GDPR)

If the processing of your data is necessary for the performance of a contract you have concluded with us, your data may be processed accordingly.

Fulfillment of a legal obligation (Art. 6 (1) point (c) GDPR)

Insofar as a legal obligation for data processing exists, this will be complied with. 

Protection of vital interests (Art. 6 (1) point (d) GDPR)

An authorization to process your data exists if it is necessary for the protection of your vital interests. 

Performance of a task in the public interest (Art. 6 (1) point (e) GDPR)

There is an authorization to process data if the processing of your data is carried out in the public interest or in the exercise of official authority.

Legitimate interests (Art. 6 (1) point (f) GDPR)

If there is a legitimate interest in the data processing, there is an authorization for data processing, except where such interests are overridden by the interest or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. 

Data transfer to third countries (Art. 44 et seq. GDPR)

Insofar as your personal data is processed in third countries, the data processing will only take place if an adequacy decision is in place or if the standard contractual clauses are agreed upon. A third country transfer always takes place in accordance with the legal requirements of Art. 44 et seq. GDPR.

Device fingerprinting (§ 25 TTDSG) 

Insofar as consent has been given for the storage of cookies and access to information on your terminal device, the additional requirements of the TTDSG are always observed.

Responsible person for the data processing

The person responsible for processing the data on this website is:

Cordes Design 
Matthias Cordes 
Heitmannstr. 43 
22083 Hamburg 

mail@matthiascordes.com

Storage Period 

Unless a more specific storage period is stated within this privacy policy, your personal data will be stored until the purpose for data processing ceases to apply. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless there are other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

Data subject rights

In the following, the responsible party would like to inform you about your rights as a data subject of a data processing of your personal data.

Right to information (Art. 13 and 14 GDPR)

You have the right to know who collects your personal data, why it is collected and how it is used. This information should be provided in a clear and understandable way. 

Right of access (Art. 15 GDPR) 

You have the right to request a copy of your personal data processed by data controllers. This includes the right to receive information about the origin of your data, the recipient or category of recipient, the purpose and duration of the storage of your data. 

Right to rectification (Art. 16 GDPR) 

If your personal data is inaccurate or incomplete, you have the right to request that it be corrected or completed. The organization processing your data should implement this as soon as possible. 

Right to erasure (‘right to be forgotten’) (Art. 17 GDPR) 

Under certain circumstances, you can request the deletion of your personal data. If your data is no longer needed for the original purpose, you have withdrawn your consent or the processing is unlawful, the controller must delete your data.

Right to restrict processing (Art. 18 GDPR)

You have the right to restrict the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful or the organization no longer needs the data. While processing has been restricted, your data may only be used in limited ways. 

Right to data portability (Art. 20 GDPR) 

You have the right to receive your personal data in a structured, commonly used and machine-readable format and to transfer this data to another controller. This applies if the processing is based on your consent or a contract. 

Right to object (Art. 21 GDPR) 

You may object to the processing of your personal data if it is used for direct marketing purposes or if the processing is carried out in the public interest or in our legitimate interests as defined in Art. 6 (1) point (f) GDPR, unless there are compelling legitimate grounds for doing so. This includes in particular the cases of direct advertising or newsletter marketing.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the Hamburg State Commissioner for Data Protection and Freedom of Information. 

Contact details:

Thomas Fuchs
Ludwig-Erhard-Str 22
7TH FLOOR 
20459 Hamburg  

Phone: 040 / 428 54 - 4040 
Email: mailbox@datenschutz.hamburg.de

Prerequisite for the transfer of personal data to third countries

In the course of our business relationships, your personal data may be transferred or disclosed to third party companies. These may also be located outside the European Economic Area, i.e. in third countries. Such processing takes place exclusively for the fulfillment of contractual and business obligations and for the maintenance of your business relationship with the responsible party (legal basis is Art. 6 (1) point (b) or point (f) in each case in conjunction with Art. 44 et seq. GDPR). You will be informed below about the respective details of the transfer at the relevant points. Some third countries are certified by the European Commission through so-called adequacy decisions to have data protection comparable to the EEA standard (a list of these countries and a copy of the adequacy decisions can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en ). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. If this is the case, care is taken to ensure that data protection is adequately guaranteed. This is possible via binding company regulations, standard contractual clauses of the European Commission for the protection of personal data pursuant to Art. 46 (1), (2) point (c) GDPR (the 2021 standard contractual clauses are available at: https://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32021D0914&from=DE ), certificates or recognized codes of conduct. Please contact our data protection officer if you would like to receive more information on this. 

SSL or TLS encryption 

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. 

If SSL or TLS encryption is activated, the data you transmit to the responsible party cannot be read by third parties.

Cookies 

The responsible party uses cookies on this website. Cookies are small text files that are assigned to the browser you are using and stored on your hard drive by a characteristic string of characters through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer and therefore cannot cause any damage. They serve to make the internet offer as a whole more user-friendly and effective, i.e. more pleasant for you. Cookies can contain data that make it possible to recognize the device used. In some cases, however, cookies only contain information on certain settings that cannot be related to a specific person. However, cookies cannot directly identify a user. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. With regard to their function, a distinction is made between the following types of cookies:

  • Technical cookies: These are essential to navigate the website, use basic functions and ensure the security of the website; they do not collect information about you for marketing purposes, nor do they store which web pages you have visited.
  • Performance cookies: these collect information about how you use the website, which pages you visit and, for example, whether errors occur during website use; they do not collect information that could identify you. All information collected is anonymous and is used only to improve our website and to find out what interests our users; 
  • Advertising cookies, targeting cookies: these are used to provide the website user with tailored advertising on the website or third-party offers and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 13 months. 
  • Sharing cookies: These are used to improve the interactivity of our website with other services (e.g. social networks); sharing cookies are stored for a maximum of 13 months.

The legal basis for cookies that are absolutely necessary to provide you with the expressly requested service is Section 25 (2) No. 2 TTDSG. Any use of cookies that is not absolutely technically necessary for this purpose constitutes data processing that is only permitted with your express and active consent pursuant to Section 25 (1) TTDSG in conjunction with Art. 6 (1) point (a) GDPR. This applies in particular to the use of performance, advertising, targeting or sharing cookies. In addition, the responsible party will only disclose your personal data processed by cookies to third parties if you have given your express consent to do so in accordance with Art. 6 (1) point (a) GDPR.

Newsletter­

If you would like to receive the newsletter offered on the website, an e-mail address is required, as well as information that allows to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. This data is collected exclusively for the purpose of sending the requested information and will not be passed on to third parties.  

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 (1) point (a) GDPR). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter will be stored until you unsubscribe from the newsletter and deleted from the newsletter distribution list after unsubscribing from the newsletter or after the purpose has ceased to exist. The responsible party reserves the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of legitimate interest pursuant to Art. 6 (1) point (f) GDPR. Data that has been stored by the responsible party for other purposes remains unaffected by this.  

You may object to the storage if your interests outweigh the legitimate interest.

ConvertKit

To organize, analyze and design the newsletters the responsible party uses the tool "ConvertKit". The provider is ConvertKid LLC, 750 W. Bannock Street 761, Boise, USA. ConvertKid processes such data that is necessary to provide the newsletter.

ConvertKid collects personal data, such as IP address, name and email addresses. You can find more information here: https://convertkit.com/privacy

The data you enter will remain with the responsible party until you request to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Mandatory legal provisions - in particular retention periods - remain unaffected. The legal basis for data processing is Art. 6 (1)  point (f) GDPR. The controller has a legitimate interest in the reliable presentation and management of its newsletters. 

Further information can be found in the privacy policy of ConvertKit: https://convertkit.com/privacy 

Data processing agreement  

The responsible party has concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that this processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR. 

Certification according to the "EU-US Data Privacy Framework"

The company has a certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is a treaty between the EU and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Each certified company undertakes to comply with these data protection standards. The following link leads to further information:  https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt00000008RtoAAE&status=Active 

Contact form

If you send inquiries via the contact form, your data from the inquiry form including the contact data you provided will be stored by the responsible party for the purpose of processing the inquiry and in case of follow-up questions. 

The processing of this data is based on Art. 6 (1) point (b) GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to the responsible party (Art. 6 (1) point (f) GDPR) or on your consent (Art. 6 (1) point (a) GDPR) if this has been requested; the consent can be revoked at any time.

The data you enter in the contact form will remain until you request the responsible party to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after the responsible party has completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.

E-mail or telephone

If you contact me by e-mail or phone, your request including all resulting personal data (name, request) will be stored and processed by the responsible party for the purpose of processing your request. The responsible party will not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) point (b) GDPR, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. If your request is not thematically related to the initiation or execution of a contract, the responsible party processes this request within the scope of our legitimate interest according to (Art. 6 (1)  (f) GDPR So consent (Art. 6 (1) point (a) GDPR) if this was requested; the consent can be revoked at any time.

The data you send to the responsible party via contact requests will remain until you request the responsible party to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after the responsible party has completed processing your request). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

Hosting

Webflow 

The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter referred to as Webflow). When you visit our website, Webflow collects various log files including your IP addresses. Webflow is a tool for creating and hosting websites. Webflow may store cookies or other recognition technologies that are necessary for the presentation of the page, to provide certain website functions and to ensure security (necessary cookies).

Data Privacy Framework  

The company has certification under the so-called "Data Privacy Framework" between the European Union and the USA. This is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TT9jAAG&status=Active

Data processing agreement  

The responsible party has concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that this processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

Amazon AWS

Webflow hosts the website using the Amazon CloudFront CDN content delivery network (CDN). The provider is Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxembourg (hereinafter "Amazon").

Amazon CloudFront CDN is a globally distributed content delivery network. This technically routes the transfer of information between your browser and our website through the Content Delivery Network. This allows the responsible party to increase the weldast-wide accessibility and performance of our website.

Webflow uses the Amazon CloudFront service to ensure increased downtime protection and shorter loading times. 

The legal basis for the use is Art. 6 (1) point. (f) GDPR, as the Webflow development platform can only be used meaningfully in the context of the use of Amazon CloudFront CDN.

For further details, please refer to the privacy policy of AWS here: https://aws.amazon.com/de/privacy/?nc1=f_pr .  

Cloudflare

Webflow uses the service "Cloudflare". The provider is Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA (hereinafter "Cloudflare").

Cloudflare offers a globally distributed content delivery network with DNS. This technically routes the transfer of information between your browser and our website through Cloudflare's network. This enables Cloudflare to analyze traffic between your browser and our website and serve as a filter between our servers and potentially malicious traffic from the Internet. In doing so, Cloudflare may also use cookies or other technologies to recognize Internet users, but these are used solely for the purpose described herein.

The use of Cloudflare serves to establish compatibility with older browsers and is thus based on our legitimate interest in providing our website as error-free and secure as possible, especially since a use of the Webflow development platform would not be useable in a meaningful way without the use of Cloudflare (Art. 6 (1) point. (f) GDPR).

You can find more information about security and data protection at Cloudflare here: https://www.cloudflare.com/privacypolicy/

Privacy policy: YouTube 

The responsible party maintains its own profile on the social network Youtube of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Youtube) (URL of the profile: https://www.youtube.com/@matthiascordes/). By interacting with this profile, data processing operations are initiated. This also involves the processing of personal data. Youtube processes personal data that you have made available to Youtube, such as your name, your age, your nationality or your industry or company affiliation. Youtube also processes your data for the purpose of user analysis, such as how you have interacted with our profile or whether you have followed us. Other data published by you may also be processed in the process. 

In addition, Youtube uses so-called cookies, which are stored on your end device when you visit our profile, even if you do not have your own Youtube profile or are not logged into it during your visit to our profile. These cookies allow Youtube to create user profiles based on your preferences and interests and to show you advertising (within and outside Youtube) tailored to these. Cookies may remain on your terminal device until you delete them.

The legal basis for the data processing is according to Art. 6 (1) point (f) GDPR. The responsible party has a legitimate economic interest in the external presentation of our company. 

The legal basis for the publication of images is Art. 6 (1) point (a) GDPR, provided consent has been given. If a contractual agreement exists in this regard, the legal basis is Art. 6 (1) point (b) GDPR, In exceptional cases, image publication may also be based on a legitimate interest pursuant to Art. 6 (1) point (f) GDPR, in conjunction with § 23 (1) no. 3 KUG. 

If the data subject contacts the responsible party via our Youtube presence (e.g. by responding to one of the posts or by sending private messages), the data provided will be processed by the responsible party solely for the purpose of contacting the data subject. The legal basis is Art. Art. 6 (1) point (a) GDPR, if consent has been given and Art. 6 (1) point (b) GDPR, if the data processing serves the implementation of contractual or pre-contractual measures.

The stored data will be deleted as soon as their storage is no longer necessary or the data subject requests to delete them and there are no legal retention obligations to the contrary. 

Further details on data processing on Youtube can be found here: 

https://policies.google.com/privacy 

Data processing agreement

The data processor has concluded a data processing agreement (DPA) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of the website visitors only according to the instructions and in compliance with the GDPR. 

Contact of the data protection officer of Youtube: 

https://policies.google.com/privacy 

Privacy policy: X

The responsible party maintains its own profile (URL of the profile: https://X.com/matthiascordes) on the social network X of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103 USA (X). By interacting with this profile, data processing operations are initiated. This also involves the processing of personal data. X processes such personal data that you have provided to X, such as your name, age, nationality or industry or company affiliation. X also processes your data for the purpose of user analysis, such as how you have interacted with our profile or whether you have followed us. Other data published by you may also be processed in the process. 

In addition, X uses so-called cookies, which are stored on your end device when you visit our profile, even if you do not have your own X profile or are not logged into it during your visit to our profile. These cookies allow X to create user profiles based on your preferences and interests and to show you advertising (within and outside X) tailored to these. Cookies may remain on your terminal device until you delete them.

The legal basis for the data processing is according to Art. 6 (1) point (f) GDPR. There is a legitimate economic interest in the external presentation of our company. 

The legal basis for the publication of images is Art. 6 (1) point (a) GDPR, provided consent has been given. If a contractual agreement exists in this regard, the legal basis is Art. 6 (1) point (b) GDPR, In exceptional cases, image publication may also be based on a legitimate interest pursuant to Art. 6 (1) point (f) GDPR, in conjunction with § 23 (1) no. 3 KUG. 

If the data subject contacts the responsible party via our X-presence (e.g. by responding to one of the posts or by sending private messages), the data provided will be processed by the responsible party solely for the purpose of contacting the data subject. The legal basis is Art. Art. 6 (1) point (a) GDPR, if consent has been given and Art. 6 (1) point (b) GDPR, if the data processing serves the implementation of contractual or pre-contractual measures.

The stored data will be deleted as soon as their storage is no longer necessary or the data subject requests to delete them and there are no legal retention obligations to the contrary. 

Further details on data processing on X can be found here: 

https://X.com/en/privacy

Data processing agreement

The responsible party has concluded a data processing agreement (DPA) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of the website visitors only according to the instructions and in compliance with the GDPR. 

Contact of the data protection officer: 

https://support.X.com/forms/privacy 

Privacy policy: LinkedIn

The responsible party maintains his own profile (URL of the profile: https://www.linkedin.com/in/matthiascordes/) on the social network LinkedIn of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (LinkedIn). By interacting with this profile, data processing operations are triggered. This also involves the processing of personal data. LinkedIn processes such personal data that you have provided to LinkedIn, such as your name, age, nationality or industry or company affiliation. LinkedIn also processes your data for the purpose of user analysis, such as how you have interacted with our profile or whether you have followed us. Other data published by you may also be processed in the process. 

In addition, LinkedIn uses so-called cookies, which are stored on your end device when you visit our profile, even if you do not have your own LinkedIn profile or are not logged into it during your visit to our profile. These cookies allow LinkedIn to create user profiles based on your preferences and interests and to show you advertising (within and outside LinkedIn) tailored to these. Cookies may remain on your terminal device until you delete them.

The legal basis for the data processing is according to Art. 6 (1) point (f) GDPR. the responsible party has a legitimate economic interest in the external presentation of My company. 

The legal basis for the publication of images is Art. 6 (1) point (a) GDPR, provided consent has been given. If a contractual agreement exists in this regard, the legal basis is Art. 6 (1) point (b) GDPR, In exceptional cases, image publication may also be based on a legitimate interest pursuant to Art. 6 (1) point (f) GDPR, in conjunction with § 23 (1) no. 3 KUG. 

If the data subject contacts the responsible party via our LinkedIn-presence (e.g. by responding to one of the posts or by sending private messages), the data provided will be processed by the responsible party solely for the purpose of contacting the data subject. The legal basis is Art. Art. 6 (1) point (a) GDPR, if consent has been given and Art. 6 (1) point (b) GDPR, if the data processing serves the implementation of contractual or pre-contractual measures.

The stored data will be deleted as soon as their storage is no longer necessary or the data subject requests to delete them and there are no legal retention obligations to the contrary. 

Further details on data processing on LinkedIn can be found at: 

https://www.linkedin.com/legal/privacy-policy 

Data processing agreement

The data processor has concluded a data processing agreement (DPA) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of the website visitors only according to the instructions and in compliance with the GDPR. 

Contact LinkedIns data protection officer: 

https://www.linkedin.com/help/linkedin/ask/TSO-DPO