We are pleased that you are visiting our website. KUMAVISION AG (hereinafter "we" or "us") attaches great importance to the security of user data and compliance with data protection regulations. We would like to inform you below about the processing of your personal data on our website.
Agreement according to §26 S.1 Abs.1 DSGVO ("jointly responsible")
Table of Contents
- Contact details of those responsible
- Contact details of the Data protection officer
- Concepts
- Recipients of data
- General information on data processing
- Automated data processing (log files etc.)
- Consent management tool
- Use of cookies (general, functionality, opt-out links, etc.)
- Web analysis and optimization
- hosting)
- Online marketing
- Social media presences
- Plugins and embedded content from third parties
- Online conferences, meetings and webinars
- Live chat
- External customer portal
- promotional communication
- Contacting us
- Online Events and Events
- KUMAVISION Downloads
- Support and remote maintenance
- data transmission
- Retention period
- Automated Decision Making
- Legal basis
- Rights of the persons concerned
- Instructions for cancellation
- External links
- amendments
Contact details of those responsible
KUMAVISION AG
Oberfischbach 3
88677 Markdorf (Lake Constance)
Germany
Contact:
Tel.: + 49 7544 966-300
http://www.kumavision.com
Contact details of the Data protection officer
German Data Protection Law Office - Maximilian Musch
External data protection officer: Maximilian Musch
Richard-Wagner-Straße 2
88094 top rings
Germany
Contact: Tel.: 07542 949 21 - 02
Email:
Website: www.ddsk.de
Concepts
The technical terms used in this data protection declaration are to be understood as legally defined in Art. 4 GDPR.
Recipients of data
Service providers (recipients of data) used in connection with the processing of data via the website are named in our data protection declaration under the respective category/heading.
General information on data processing
Automated data processing (log files etc.)
In principle, the website can be visited without active information about the person of the user. However, access data (server log files) are automatically saved each time the website is accessed, e.g. B. the name of the Internet service provider, the operating system used, the website from which the user visits the website, the date and duration of the visit or the name of the requested file, as well as for security reasons, e.g. B. to detect attacks on the website, the IP address of the end device used for a period of 7 days. This data does not allow any conclusions to be drawn about the person of the user. This data is not merged with other data sources.
The legal basis for processing the data is Art. 6 (1) (c) GDPR i. In conjunction with Art. 32 GDPR and Art. 24 GDPR.
The data will be processed and used for the following purposes:
- Provision of the website
- improving our websites
- Prevention and detection of errors/malfunctions and abuse of the website.
Processing is necessary to ensure the functionality and error-free and secure operation of the website and to adapt this website to user requirements.
Consent management tool
A process for consent management is used on the website in order to be able to verifiably store and manage the consent given by visitors to the website in accordance with the requirements of the GDPR. At the same time, website visitors can use the integrated service to manage the consent and preferences they have given or the revoke consent.
The consent status is stored on the server side and/or in a cookie (so-called opt-in cookie) or a comparable technology in order to be able to assign the consent to a user or his device. In addition, the time of the declaration of consent is recorded.
Categories of affected persons:
Website visitors who use the consent management tool
Categories data:
User data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses), consent data (consent ID, consent number, time of submission of consent, opt-in or opt-out, banner language , customer setting, template version)
Purposes of processing:
Fulfillment of accountability, consent management
Legal basis:
Legal obligation (Art. 6 Para. 1 lit. c) GDPR i. in conjunction with Art. 7 GDPR)
usercentrics
Recipient: Usercentrics GmbH, Sendlinger Strasse 7, 80331 Munich, Germany
Privacy Policy: https://usercentrics.com/de/datenschutzerklaerung/
Use of cookies (general, functionality, opt-out links, etc.)
In order to make visiting the website attractive and to enable the use of certain functions, so-called cookies are used on the website. Cookies are a standard Internet technology used to store and retrieve login and other usage information for all users of the website.
Cookies are small text files that are stored on the end device. They make it possible, among other things, to save user settings so that the website can be displayed in a format tailored to the user's device. Some of the cookies used are deleted after the end of the browser session, i.e. after closing the browser (so-called session cookies). Other cookies remain on the user's end device and enable the browser to be recognized on the next visit (so-called permanent cookies).
The browser can be set in such a way that users are informed about the setting of cookies and can decide individually whether to accept them or exclude the acceptance of cookies for certain cases or in general. Furthermore, the cookies can be deleted afterwards in order to remove data that the website has stored on the user's device. The deactivation of cookies (so-called opt-out) can lead to some limitations in the functionality of the website.
Categories of affected persons: Website visitors, users of online services
Opt-Out:
Internet Explorer: https://support.microsoft.com/de-de/help/17442
Firefox: https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen
Google Chrome: https://support.google.com/chrome/answer/95647?hl=en
Safari: https://support.apple.com/de-de/HT201265
Legal basis:
Consent (Art. 6 Para. 1 lit. a) GDPR), legitimate interests (Art. 6 Para. 1 lit. f) GDPR)
The relevant legal basis is specifically named for the corresponding tool.
Legitimate interests:
Storage of opt-in preferences, presentation of the website, ensuring the functionality of the website, preservation of user status over the entire website, recognition for next website visitors, user-friendly online offer, ensuring chat functions
Web analysis and optimization
Tools for web analysis and range measurement are used so that visitor flows on the website can be evaluated. For this purpose, information about the behavior, interests or demographic information about website visitors, such as age, gender or similar, is collected. This makes it possible to recognize at what time the website, its functions or content are most frequented or invite repeated visits. In addition, the information collected can be used to determine whether the website requires optimization or adjustment.
The information collected for this purpose is stored in cookies or similar processes are used and are used for range measurement and optimization. The data stored in the cookies may include content viewed, online presences visited, settings and functions and systems used.
As a rule, no clear user data is processed for the purposes described. In this case, the data is changed in such a way that the actual identity of the user is not known to either the person responsible or the provider of the tool used (e.g. via IP address anonymization options). The anonymized data can be displayed via a dashboard. This can be used to deliver key figures or statistics about visits to the website. This includes e.g. B. Key figures, which provide information about the period within which the website was visited the most. It can be used to discuss where the website is still adaptable and what content can best be placed where and when.
Categories of affected persons:
Website visitors, users of online services
Categories data:
User data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses), contact data (e.g. e-mail address, telephone number), content data (e.g. text information, photographs, videos)
Purposes of processing:
Website analysis, range measurement, utilization and evaluation of website interaction, lead evaluation
Legal basis:
Consent (Art. 6 Para. 1 lit. a) GDPR); Legitimate interests (Art. 6 Para. 1 lit. f) GDPR)
Legitimate interests:
Optimization and further development of the website, increase in profits, customer loyalty and acquisition, cookieless analysis, success control of marketing measures for B2B customers
Hotjar
Recipient: Hotjar Ltd., Level 2, St Julians Business Centre, 3 Elia Zammit Street, St Julians STJ 1000, Malta
Privacy Policy: https://www.hotjar.com/legal/policies/privacy
Opt-Out Link: https://www.hotjar.com/legal/compliance/opt-out
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR)
Dealfront (cookieless use)
Recipient: Dealfront Group GmbH, Durlacher Allee 73, 76131 Karlsruhe, Germany
Privacy Policy: https://www.dealfront.com/privacy-notice/
Legal basis: Legitimate interest (Art. 6 Para. 1 lit. f) GDPR)
Opt-Out Link: https://privacycockpit.dealfront.com/
LinkedIn Analytics
Recipient: LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR
Matomo (local integration)
Provider: InnoCraft Ltd, 150 Willis St., 6011 Wellington, New Zealand
Privacy Policy: https://matomo.org/privacy-policy/
Legal basis: Legitimate interests (Art. 6 Para. 1 lit. f) GDPR)
Opt-Out Link:
Hosting (incl. content delivery network)
The website is hosted by an external service provider. Personal data of visitors to the website, in particular so-called log files, are stored on the service provider's servers. It can also be data that arises or is collected during active use of the online offer. By using a specialized service provider, the online offer can be made available securely and efficiently. The data is not processed by the hosting provider used for their own purposes.
Categories of affected persons:
website visitors
Categories data:
User data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses)
Purposes of processing:
Proper design of the online offer
Legal basis:
Consent (Art. 6 Para. 1 lit. a) GDPR), legitimate interests (Art. 6 Para. 1 lit. f) GDPR)
Legitimate interests:
Proper presentation and optimization of the website, faster website accessibility, avoidance of downtime, high scalability
Mittwald web hosting
Recipient: Mittwald CM Service GmbH & Co. KG, Königsberger Str. 4 – 6, 32339 Espelkamp, Germany
Privacy Policy: https://www.mittwald.de/datenschutz
Legal basis: Legitimate interests (Art. 6 Para. 1 lit. f) GDPR)
Online marketing
In order to constantly increase the range and awareness of the online offer, personal data is processed as part of online marketing, in particular with regard to potential interests and measuring the effectiveness of the marketing measures used.
For the purpose of measuring the effectiveness of marketing measures and identifying potential interests, relevant information is stored in cookies or similar processes are used. The data stored in the cookies may include content viewed, online presences visited, settings and functions and systems used. As a rule, no clear user data is processed for the purposes described. The data is changed in such a way that the actual identity of the user is not known. The data changed in this way is regularly stored in user profiles.
If user profiles are stored, the data can be read out, supplemented and supplemented on the server of the online marketing provider when visiting other online offers that use the same online marketing process.
Whether advertisements were successful can be determined on the basis of summarized data made available to the person responsible by the provider of the online marketing process (so-called conversion measurement). As part of these conversion measurements, it can be traced whether a marketing measure has led to a so-called conversion of the visitor to the online offer. This evaluation is used to analyze the success of online marketing.
Categories of affected persons:
Website visitors, users of online services, interested parties, communication partners, business and contractual partners
Categories data:
Usage and interaction data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses), if applicable location data, contact data, content data (e.g. text information)
Purposes of processing:
Marketing (partly interest-based and behavioral), conversion measurement, target group formation, click tracking, development of marketing strategies and increasing the efficiency of campaigns
Legal basis:
Consent (Art. 6 Para. 1 lit. a) GDPR); Legitimate interests (Art. 6 Para. 1 lit. f) GDPR)
Legitimate interests:
Optimization and further development of the website, increase in profits, customer retention and acquisition
Google Ads
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy Policy: https://policies.google.com/privacy?hl=en-US
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR)
Microsoft Azure
Recipient: Microsoft Ireland Operations Ltd. One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521, Ireland
Privacy Policy: https://aka.ms/privacyresponse
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR)
Microsoft Dynamics365 for marketing
Recipient: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR)
Social media presences
The person responsible makes offers (e.g. fan pages) available online on various social media platforms, which contain various information.
Social media channels are used to increase visibility among potential prospects, customers and employees and to make those responsible visible to the public. Social networks have proven themselves in increasing reach and promoting interaction and communication with interested parties.
Some of the data from users in social networks is used to conduct market research and thus to pursue advertising purposes. User profiles can be created and used based on the usage behavior of users, for example by specifying interests, in order to adapt advertisements to the interests of target groups. For this purpose, cookies are regularly stored on the users' end devices, sometimes regardless of whether they are registered users of the social network.
In connection with the use of social media, the associated messengers may be used in order to be able to communicate easily with users. It is pointed out that the security of individual services may depend on the user's account settings. Even in the case of end-to-end encryption, the service provider can draw conclusions that and when users communicate with us and, if necessary, collect location data.
Depending on where the social network is operated, user data may be processed outside the European Union or outside the European Economic Area. This can result in risks for users, for example because it makes it more difficult to enforce their rights.
Categories of affected persons:
Registered users and non-registered users of the social network
Categories data:
Content data (e.g. text information, contributions, possibly videos), usage and interaction data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP address)
Purposes of processing:
Extension of reach, networking with interested parties, potential employees, employee branding, etc.
Legal basis:
Legitimate interests (Art. 6 Para. 1 lit. f) GDPR), consent (Art. 6 Para. 1 lit. a) GDPR)
Legitimate interests:
Interaction and communication on social media presence, increase in profits, insights into target groups
Recipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Privacy Policy: https://www.facebook.com/privacy/explanation
Opt-Out Link: https://www.facebook.com/policies/cookies/
Recipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Privacy Policy: https://help.instagram.com/519522125107875
Opt-Out Link:https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/
kununu
Recipient: New Work SE, Am Strandkai 1, 20457 Hamburg, Germany
Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung
Recipient: LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Recipient: Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland
Privacy Policy: https://twitter.com/de/privacy
Opt-Out Link: https://help.twitter.com/de/rules-and-policies/twitter-cookies#privacy-options
YouTube
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy Policy: https://policies.google.com/privacy?hl=en&gl=de
Recipient: New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany
Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung
Plugins and embedded content from third parties
The website includes functions and content obtained from third parties. For example, videos, representations, buttons or posts (hereinafter Content called) are included.
In order for content to be displayed to visitors to the website, the respective third-party provider processes the IP address of the user, among other things, so that the content can be transmitted to the browser and displayed. Without this processing operation, it is not possible to display third-party content.
In some cases, additional information is collected via so-called pixel tags or web beacons, whereby the third-party provider receives information about the use of the content or visitor traffic on the website, technical information about the user's browser or operating system, the time of visit or websites to which reference is made. The data obtained is stored in cookies on the user's end device.
In order to protect the personal data of visitors to the website, technical security precautions have been taken on the website to prevent this data from being automatically transmitted to third-party providers. This data is only transmitted when the user uses the buttons or clicks on the third-party content and gives their consent. Before using the button and giving consent, users are informed in advance of the associated risks of data transmission to third parties.
Categories of affected persons: Users of the plug-in or integrated third-party content
Categories data: Usage and interaction data (e.g. websites visited, interests, access time), meta and communication data (e.g. device information, IP address), contact data (e.g. e-mail address, telephone number), master data (e.g. name, address)
Purposes of processing: Designing our online offering, increasing the reach of advertisements on social media, sharing posts and content, interest and behavior-based marketing, cross-device tracking
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR)
Google Translate
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy Policy: https://policies.google.com/privacy?hl=en&gl=de
Instagram pixels
Recipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Privacy Policy: https://help.instagram.com/519522125107875
Opt-Out Link: https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/
LinkedIn Insight Day
Recipient: LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Vimeo
Recipient: Vimeo Inc., 555 West 18th Street New York, New York 10011, USA
Privacy Policy: https://vimeo.com/privacy
YouTube
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy Policy: https://policies.google.com/privacy?hl=en&gl=de
Opt-Out Link: https://tools.google.com/dlpage/gaoptout?hl=en
Online conferences, meetings and webinars
We make use of the opportunity to hold online conferences, meetings and/or webinars. For this we use the offer of other providers, which we have carefully selected.
When actively using such offers, the data of the communication participants are processed and stored on the servers of the third-party providers used, insofar as the data is required for the communication process. Furthermore, usage and metadata can be processed.
Categories of affected persons: Participants in the respective online offer (conference, meeting, webinar)
Categories data: Master data (e.g. name, address), contact data (e.g. e-mail address, telephone number), content data (e.g. text entries, photographs, videos), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Processing of inquiries, increasing efficiency, promoting cross-company or cross-location cooperation
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR)
Microsoft Teams
Recipient: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement
Live chat
Consultation services can be obtained using the live chat on the website. This is usually done by an employee of the company. The purpose of the data collection is based on the request made.
The text content entered into the chat mask as part of the live chat (names, request, any contact details) is voluntary. If the inquirers want further contact during the chat, they can use the contact form on the website.
If the live chat is used, the Internet browser automatically transmits certain data to the server for technical reasons at the beginning of use. This data is also processed for analysis purposes - without being assigned to a specific person.
Categories of affected persons: Chatbot users
Categories data: Master data (e.g. last name, first name), contact data (e.g. e-mail address), content data (e.g. text entries, inquiries), usage data (e.g. duration of use, access times), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Processing inquiries, increasing efficiency
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR), pre-contractual initiation, contract (Art. 6 Para. 1 lit. b) GDPR)
SmartSupp Chat
Recipient: Smartsupp.com, sro ID No.: 036 68 681, 602 00 Brno, Czech Republic, EU
Privacy Policy: https://www.smartsupp.com/de/help/privacy/
External customer portal
We link to a provider's customer portal on our website. Login is only possible for authenticated customers. These must have access to the portal activated in advance by KUMA support. This is usually done by creating a new user in the portal and assigning individual user names, e.g. B. the e-mail address and passwords by the provider of the portal. Access data can neither be viewed nor saved by us.
Relevant processes for support requests from customers are stored in the customer portal. As a rule, technical data and a transaction number are stored for this purpose.
There is no link tracking via the website. At no time can it be determined which website visitor has registered via the portal.
In order to change or delete links from user accounts, the settings within the user account must be changed at the respective method provider.
Categories of affected persons: users of the respective function
Categories data: User handles (e.g. username, authentication confirmation)
Purposes of processing: authentication user
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR), fulfillment or initiation of a contract (Art. 6 Para. 1 lit. b) GDPR)
Atlassian (JIRA)
Receiver: Atlassian. Pty Ltd, Level 6, 341 George Street, Sydney NSW 2000, Australia
Privacy Policy: https://www.atlassian.com/legal/privacy-policy
promotional communication
We also use the data provided to us for advertising purposes, in particular to provide information on various channels about news from us or from our portfolio of offers. Advertising on our part takes place within the framework of the legal requirements and - if required - after obtaining consent.
If the recipients of our advertising do not want this, they can inform us at any time. We will be happy to comply with the corresponding request.
Categories of affected persons: communication partner
Categories data: Master data (e.g. name, address), contact data (e.g. e-mail address, telephone number)
Purposes of processing: Direct marketing
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR), legitimate interests (Art. 6 Para. 1 lit. f) GDPR)
Legitimate interests: Retaining existing and gaining new contacts or contractual partners
Contacting us
On our online offer we offer the possibility to contact us directly or to obtain information about various contact options. In order to always have an overview of contacts with us, we use Microsoft Dynamics 365 CRM for processing corresponding requests.
If contact is made, we process the data of the requesting person to the extent necessary to answer or process the request. Depending on how you contact us, the processed data may vary.
Categories of affected persons: Inquiring people
Categories data: Master data (e.g. name, address), contact data (e.g. e-mail address, telephone number), content data (e.g. text input), usage data (e.g. interests, access times), meta and communication data (e.g. device information, IP address).
Purposes of processing: processing of inquiries
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR), fulfillment or initiation of a contract (Art. 6 Para. 1 lit. b) GDPR)
Microsoft Dynamics365 CRM
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement
Online Events and Events
Interested parties have the opportunity to register for free online events and activities via the website. A double opt-in procedure is implemented as part of the registration process, which prevents the misuse of data and ensures that the registration for the event is actually intended by interested parties. Participants will be informed of the details (e.g. time, content, registration link, etc.) by email before the event begins. The reminder and information e-mail is automatically generated and transmitted by the provider used. Early notification by e-mail is intended to ensure proper planning and execution of the event. The information required on the registration form is marked as mandatory. The provision of additional data is voluntary and not required for participation in the event.
Categories of affected persons: participants, interested parties
Categories data: master data (e.g. name, address), contact data (e.g. e-mail address, telephone number),
Purposes of processing: Implementation and planning of online events, marketing, acquisition of new customers, increase of reach, presence
Legal basis: Contract initiation and execution (Art. 6 Para. 1 lit. b) GDPR), consent (Art. 6 Para. 1 lit. a) GDPR)
Microsoft Dynamics365 CRM
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement
KUMAVISION Downloads
Via the website and on social networks e.g. B. LinkedIn, white papers and similar content can be downloaded in order to provide interested parties and potential customers with current or relevant information.
If downloads are made available via social media, the social media provider collects the IP address of the user and the e-mail address that the user entered via the form. The form we provide on social media is electronic via an interface in our CRM solution Microsoft Dynamics 365 integrated to provide automated notifications quickly and efficiently. The use of the lead-gen form is voluntary for users.
A download of the whitepaper is made dependent on the subscription to a newsletter and the consent to the data transfer to the Dynamics CRM. If this is intended, interested parties will be informed about the circumstance and they can voluntarily decide whether they want the white paper with reference to the newsletter and forwarding it to the CRM. In this case, consent is obtained separately for subscribing to download-related mailings via a double opt-in procedure, which can be given at any time revoked can be.
Categories of affected persons:
Interested parties who specifically download our information material
Categories data:
Form data (title, name, e-mail address, job title, company name), profile information of the user, metadata (time stamp, e.g. access times, user and campaign IDs), consent data (consent ID, consent number, time of the Submission of consent, opt-in or opt-out))
Purposes of processing:
Marketing, acquiring new customers, increasing sales
Legal basis:
Consent (Art. 6 Para. 1 lit. a) GDPR)
LinkedIn lead gen form
Recipient: LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Legal basis: Consent (Art. 6 Para. 1 lit. a) GDPR)
Microsoft Dynamics365 CRM
Recipient: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement
Support and remote maintenance
It is possible to receive support services via the website under the Remote Support area. The necessary customer data (e.g. name, support key) is processed to process the request. The data entered as part of the support remain with us until the purpose for data storage no longer applies. Mandatory legal provisions - in particular retention periods - remain unaffected. Without the specification of data, support is not possible within the scope of support.
A selected service provider is used to provide support. To protect the data, a so-called order processing contract was concluded with the provider in accordance with the specifications and content of Article 28 (3) GDPR. The data processing by the provider (processor) takes place exclusively on documented instructions from the client i. S.v. Art. 29 GDPR, which is also part of the contract.
Categories of affected persons:
customers, website visitors
Categories data:
Form data (salutation, name, support key), metadata (IP address)
Purposes of processing:
Fulfillment of contractual services, service
Legal basis:
Contract initiation and fulfillment (Art. 6 Para. 1 lit. b) GDPR), consent (Art. 6 Para. 1 lit. a) GDPR)
TeamViewer
Recipient: TeamViewer Germany GmbH, Bahnhofsplatz 2, 73033 Göppingen, Germany
Privacy Policy: https://www.teamviewer.com/de/datenschutzerklaerung/
data transmission
Personal data of visitors to the website will be passed on for internal purposes (e.g. for internal administration or the human resources department or sales, to comply with legal or contractual obligations). The internal data transmission or disclosure of the data takes place only to the extent necessary in compliance with the relevant data protection regulations.
In order to execute contracts or to fulfill a legal obligation, it may be necessary for personal data to be passed on. If the data required in this respect is not made available, it may be that the contract with the data subject cannot be concluded.
The data is processed using or accessing certain services, e.g. Google services (e.g. YouTube) or Microsoft forms, possibly also outside the EU/EEA, in so-called third countries (e.g. USA). . This cannot be ruled out even if we have always selected European data centers.
There is no adequacy decision by the European Commission for the transmission of data to the USA, which is considered an unsafe third country. Adequacy refers to the level of protection of the data in that third country or international organization in question. There is a risk for data subjects that data may be processed by US authorities for control and monitoring purposes without these having the right to appeal.
An agreement on data protection (order processing contract) or data processing agreements including standard contractual clauses in accordance with Art. 44 et seq. GDPR was concluded with the providers and additional measures were defined to ensure the highest possible protection for the personal data of data subjects.
Guarantees used for third-country transfers (if available):
Standard contractual clauses in accordance with Article 46 (1), (2) (c) GDPR
Atlasian:
https://www.atlassian.com/legal/data-processing-addendum
https://www.atlassian.com/legal/data-transfer-impact-assessment
Google services (including YouTube):
https://privacy.google.com/businesses/processorterms/
https://privacy.google.com/businesses/processorterms/mccs/
Microsoft Services:
LinkedIn:
https://www.linkedin.com/legal/l/dpa
Vimeo:
https://de-1bbeae2b241b298db.getsmartling.com/data-processing
Retention period
Data from visitors to the website is generally stored for as long as is necessary to provide the service or insofar as this has been provided for by the European legislator for directives and regulations or another legislator in laws or regulations to which the person responsible is subject. In all other cases, personal data will be deleted once the purpose has been fulfilled, with the exception of data that must continue to be stored to fulfill legal obligations (e.g. obligations due to tax and commercial law retention periods, documents such as contracts and invoices). .
Automated Decision Making
Automated decision-making or profiling according to Art. 22 GDPR does not take place.
Legal basis
The relevant legal bases result primarily from the GDPR. These are supplemented by the national laws of the member states and may apply together with or in addition to the GDPR.
Consent: Article 6 paragraph 1 letter a) GDPR serves as the legal basis for processing operations for which we have obtained consent for a specific processing purpose.
Fulfillment of contract: Art. 6 (1) b) GDPR serves as the legal basis for processing that is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures that are carried out at the request of the data subject.
Legal obligation: Article 6 (1) (c) GDPR serves as the legal basis for processing that is required to fulfill a legal obligation.
Vital Interests: Article 6 (1) (d) GDPR serves as the legal basis if processing is necessary to protect the vital interests of the data subject or another natural person.
Public interest: Article 6 paragraph 1 letter e) GDPR serves as the legal basis for processing that is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible.
Legitimate interest: Article 6 (1) (f) GDPR serves as the legal basis for processing that is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject that require the protection of personal data prevail, especially when the data subject is a child.
Rights of the persons concerned
Right to information: In accordance with Art. 15 GDPR, data subjects have the right to request confirmation as to whether we are processing data relating to them. You can request information about this data as well as the further information listed in Art. 15 Para. 1 DSGVO and a copy of your data.
Right to rectification: In accordance with Art. 16 GDPR, data subjects have the right to request the correction or completion of the data relating to them and processed by us.
Right to erasure: Affected persons have the right according to Art. 17 DSGVO to demand the immediate deletion of the data concerning them. Alternatively, you can request us to restrict the processing of your data in accordance with Article 18 GDPR.
Right to data portability: In accordance with Art. 20 GDPR, data subjects have the right to request the provision of the data they have made available to us and to request their transmission to another person responsible.
Right of appeal: Affected persons also have the right to complain to the supervisory authority responsible for them in accordance with Art. 77 GDPR.
Right to object: If personal data is processed on the basis of legitimate interests pursuant to Article 6 (1) sentence 1 lit. f) GDPR, data subjects have the right to object to the processing of their personal data pursuant to Article 21 GDPR, insofar as this There are reasons that arise from your particular situation or the objection is directed against direct advertising. In the latter case, data subjects have a general right of objection, which we will implement without specifying a particular situation.
Instructions for cancellation
Some data processing operations are only possible with the express consent of the persons concerned. You have the option to revoke consent that you have already given at any time without giving reasons. An informal message or e-mail is sufficient for this
The granting of consent is voluntary and not required for the use of the online offer.
The legality of the data processing carried out before the revocation remains unaffected by the revocation.
External links
On our website you can find links to the online offers of other providers. We hereby point out that we have no influence on the content of the linked online offers and the compliance with data protection regulations by their providers.
amendments
We reserve the right to adapt this data protection information at any time in the event of changes to our online offer and in compliance with the applicable data protection regulations so that they comply with legal requirements.
This Privacy Policy was created by
German data protection law firm
- Maximilian Musch -