Data protection declaration in ENGLISH:
your data will be protected in accordance with General Data Protection Regulation GDPR:
In the following, we will inform you about the type, scope and purpose of the processing of personal data by our company in accordance with the legal requirements of data protection law (in particular according to BDSG n.F. and the European General Data Protection Regulation 'GDPR'). This data protection declaration also applies to our websites and social media profiles. With regard to the definition of terms such as "personal data" or "processing", we refer to Art. 4 GDPR.
Name and contact details of the person responsible
Our responsible (hereinafter "responsible") i.S.d. Art. 4 no. 7 GDPR is:
Düchting Software & Consulting GmbH
Old way 2
53547, Kasbach-Ohlenberg, Germany
Managing director Stefan Düchting
Commercial Register / No .: HRB 23713
Register court: Montabaur District Court
Fax: +49 2644 6023314
Types of data, purposes of processing and categories of data subjects
Below we inform you about the type, scope and purpose of the collection, processing and use of personal data.
1. Types of data that we process
Inventory data (name, address etc.), contact details (telephone number, email, fax etc.), payment data (bank data, account data, payment history etc.), contract data (subject of the contract, term etc.), content data (text input, videos, Photos etc.),
2. Purposes of processing according to Art. 13 Para. 1 c) GDPR
Processing contracts, fulfilling contractual obligations, customer service and customer care, providing websites with functions and content,
3. Categories of data subjects according to Art. 13 Para. 1 e) GDPR
Visitors / users of the website, customers, interested parties, applicants, employees, employees of customers or suppliers,
The data subjects are collectively referred to as "users".
Legal basis for the processing of personal data
Below we inform you about the legal basis for the processing of personal data:
1. If we have obtained your consent for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a) GDPR legal basis.
2. If processing is necessary to fulfill a contract or to carry out pre-contractual measures that take place at your request, Art. 6 para. 1 sentence 1 lit. b) GDPR legal basis.
3. If processing is necessary to fulfill a legal obligation to which we are subject (e.g. statutory retention requirements), Art. 6 Para. 1 S. 1 lit. c) GDPR legal basis.
4. If processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6 para. 1 sentence 1 lit. d) GDPR legal basis.
5. If processing is necessary to safeguard our or the legitimate interests of a third party and your interests or fundamental rights and freedoms do not outweigh this, Art. 6 para. 1 sentence 1 lit. f) GDPR legal basis.
Disclosure of personal data to third parties and processors
We will never pass on any data to third parties without your consent. If this is the case, then the transfer takes place on the basis of the aforementioned legal basis, e.g. when data is passed on to online payment providers for the purpose of fulfilling the contract or on the basis of a court order or due to a legal obligation to disclose the data for the purposes of law enforcement, to avert danger or to enforce intellectual property rights.
We also use processors (external service providers, e.g. for web hosting of our websites and databases) to process your data. If data is passed on to the processor in the context of an order processing agreement, this is always done in accordance with Art. 28 GDPR. We carefully select our processors, check them regularly and have given us the right to issue instructions regarding the data. In addition, the processors must have taken appropriate technical and organizational measures and the data protection regulations in accordance with BDSG n.F. and comply with GDPR
Data transfer to third countries
The adoption of the European General Data Protection Regulation (GDPR) created a uniform basis for data protection in Europe. Your data is therefore mainly processed by companies for which GDPR applies. If processing by third parties takes place outside the European Union or the European Economic Area, they must meet the special requirements of Art. 44 ff. GDPR. This means that the processing takes place on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU or the observance of officially recognized special contractual obligations, the so-called “standard contractual clauses”. For US companies, submission to the so-called “Privacy Shield”, the data protection agreement between the EU and the USA, meets these requirements.
Deletion of data and storage period
Unless expressly stated in this data protection declaration, your personal data will be deleted or blocked as soon as the purpose for the storage ceases to exist, unless their further storage is necessary for evidence purposes or if this is contrary to statutory retention obligations. This includes, for example, commercial law retention requirements for business letters in accordance with Section 257 (1) HGB (6 years) and tax retention requirements in accordance with Section 147 (1) AO for documents (10 years). If the prescribed retention period expires, your data will be blocked or deleted, unless the storage is still necessary for the conclusion of a contract or for the fulfillment of the contract.
Existing automated decision making
We do not use automatic decision making or profiling.
Provision of our website and creation of log files
1. If you only use our website for informational purposes (i.e. no registration and no other transmission of information), we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data: • IP address;
• Internet service provider of the user;
• date and time of access;
• browser type;
• Language and browser version;
• content of the call;
• time zone;
• Access status / HTTP status code;
• amount of data;
• websites from which the request comes;
• Operating system.
This data is not stored together with other personal data from you.
2. These data serve the purpose of the user-friendly, functional and secure delivery of our website to you with functions and content as well as their optimization and statistical evaluation.
3. The legal basis for this is our legitimate interest in data processing according to Art. 6 Para. 1 S.1 lit. f) GDPR.
4. For security reasons, we save this data in server log files for the storage period of days. After this period, these are automatically deleted, unless we need to keep them for evidence purposes in the event of attacks on the server infrastructure or other legal violations.
• Session cookies: We use so-called cookies to recognize multiple uses of an offer by the same user (e.g. if you have logged in to determine your login status). If you call up our page again, these cookies provide information in order to automatically recognize you. The information obtained in this way is used to optimize our offers and to make it easier for you to access our website. If you close the browser or log out, the session cookies are deleted.
• Persistent cookies: These are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
• Third-party cookies: According to your wishes, you can configure your browser settings and e.g. B. Refuse to accept third party cookies or all cookies. However, we would like to point out that you may not be able to use all functions of this website. Read more about these cookies in the respective data protection declarations of the third-party providers.
The legal basis for this processing is Art. 6 Para. 1 S. lit. b) GDPR, if the cookies for contract initiation e.g. placed with orders and otherwise we have a legitimate interest in the effective functionality of the website, so that in the case of Art. 6 para. 1 sentence 1 lit. f) GDPR is the legal basis.
Objection and "opt-out": You can generally prevent cookies from being saved on your hard drive by selecting "do not accept cookies" in your browser settings. However, this can result in a functional restriction of our offers. You can opt out of third-party cookies for advertising purposes by opting out of this American website (https://optout.aboutads.info) or this European website (http://www.youronlinechoices.com/de / preference management /) contradict.
Contact via the contact form / email / fax / post
1. If you contact us by contact form, fax, post or email, your details will be processed for the purpose of processing the contact request.
2. If you have given your consent, the legal basis for processing the data is Art. 6 Para. 1 S. 1 lit. a) GDPR. The legal basis for processing the data transmitted in the course of a contact request or email, letter or fax is Art. 6 Para. 1 S. 1 lit. f) GDPR. The person responsible has a legitimate interest in the processing and storage of the data, in order to be able to answer user inquiries, to preserve evidence for reasons of liability and, if necessary, to be able to meet his legal storage obligations for business letters. If the contact is aimed at the conclusion of a contract, then an additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) GDPR.
3. We can save your details and contact request in our customer relationship management system (“CRM system”) or a comparable system.
4. The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified. We store inquiries from users who have an account or contract with us up to two years after the contract has ended. In the case of statutory archiving obligations, deletion takes place after their expiry: end of commercial law (6 years) and tax law (10 years) retention requirements.
5. You have the option at any time to withdraw your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) Revoke GDPR for the processing of personal data. If you contact us by email, you can object to the storage of your personal data at any time.
Contact by phone
1. When you contact us by phone, your telephone number will be processed to process the contact request and its processing and temporarily saved or displayed in the RAM / cache of the telephone device / display. The data is stored for liability and security reasons in order to be able to provide proof of the call and for economic reasons to enable a call back. In the event of unauthorized advertising calls, we block the phone numbers.
2. The legal basis for processing the telephone number is Art. 6 para. 1 sentence 1 lit. f) GDPR. If the contact is aimed at the conclusion of a contract, then an additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.
3. The device cache stores the calls for days and successively overwrites or deletes old data. When the device is disposed of, all data is deleted and the memory may be destroyed. Blocked phone numbers are checked annually for the need to block them.
4. You can prevent the phone number from being displayed by calling with the phone number suppressed.
- You can subscribe to our newsletter with your voluntary consent by entering your email address. This is the only requirement. The provision of further data is voluntary and only serves the purpose of a personal address. We use the so-called "double opt-in procedure" for registration. After you have registered with your email, we will send you an email with a link to confirm your registration. If you click this confirmation link, your email will be added to the newsletter distribution list and saved for the purpose of sending emails. If you do not click the confirmation link within hours, your registration data will be blocked and automatically deleted after days.
- In addition, we log your IP address used during registration as well as the date and time of the double opt-in (registration and confirmation). The purpose of this storage is the fulfillment of legal requirements regarding the proof of your registration as well as the prevention of misuse regarding your e-mail.
- As part of your declaration of consent, the content (e.g. advertised products / services, offers, advertising and topics) of the newsletter is specifically described.
- When sending the newsletter, we evaluate your user behavior. The newsletters contain so-called "web beacons" or "tracking pixels" that are called up when the newsletter is opened. For the evaluations, we link the web beacons with your email address and an individual ID. Links received in the newsletter also contain this ID. The data is only collected in a pseudonymized form, so the IDs are not linked to your other personal data, and it cannot be directly linked to a person. With this data, we can determine whether and when you opened the newsletter and which links in the newsletter were clicked. This serves the purpose of optimizing and statistically evaluating our newsletter.
- The legal basis for sending the newsletter, measuring success and storing the email is your consent in accordance with. Art. 6 para. 1 sentence 1 lit. a) GDPR in conjunction with § 7 Para. 2 No. 3 UWG and for the logging of consent Art. 6 Para. 1 S. 1 lit. f) GDPR, as this serves our legitimate interest of legal evidence.
- You can object to the tracking at any time by clicking the unsubscribe link at the end of the newsletter. In this case, however, the newsletter reception would also end. If you deactivate the display of images in your email software, tracking is also not possible. However, this can have restrictions with regard to the functions of the newsletter and the images contained will not be displayed.
- You can revoke your consent to the sending of the newsletter at any time. You can revoke your consent by clicking on the unsubscribe link at the end of the newsletter, by emailing or notifying the above contact details. We save your data as long as you subscribe to the newsletter. After you have unsubscribed, your data will only be saved anonymously for statistical purposes.
Jetpack (formerly: WordPress.com stats)
We have the web analysis service Jetpack (from Automattic Inc., 60 29 th Street # 343, San Francisco, CA 94110-4929, USA; the provider of the tracking technology is: Quantcast Inc., 201 3 rd St, Floor 2, San Francisco, CA 94103-3153, USA) integrated to analyze and improve the use of our website. The software sets cookies on your computer for analysis. The data will be transmitted, processed and stored on Jetpack servers in the USA. We have activated the extension to shorten your IP at Jetpack, which means that personal data is no longer possible. In addition, this IP will not be merged with other data we collect. Automattic Inc. has submitted to the Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
This data is collected and stored for the purpose of marketing, analyzing and optimizing our website.
The legal basis for this is our legitimate interest in data processing according to Art. 6 Para. 1 S.1 lit. f) GDPR.
You can object to the data collection and storage at any time free of charge with future effect. You can object to the installation of cookies in various ways or prevent them:
• You can prevent cookies in your browser by setting “do not accept cookies”, which also includes third-party cookies;
For more information on preventing cookies, see "Cookies" above.
Presence on social media
2. We process your data that you send us via these networks in order to communicate with you and to answer your messages there.
3. The legal basis for the processing of personal data is our legitimate interest in communicating with users and our external image for the purpose of advertising in accordance with Art. 6 Para. 1 S. 1 lit. f) GDPR. If you have given the person responsible for the social network consent to the processing of your personal data, the legal basis is Art. 6 Para. 1 S. 1 lit. a) and Art. 7 GDPR.
4. The data protection information, information and objection options (opt-out) of the respective networks can be found here:
• Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) - data protection declaration: https://twitter.com/de/privacy, opt-out: https://twitter.com/personalization , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
- We use social media plug-ins from social networks on our website. We use the so-called "two-click solution" from c’t or heise.de. When you access our website, no personal data is transmitted to the providers of the plug-ins. In addition to the logo or brand of the social network, you will find a controller with which you can activate the plug-in with a click. After activation, the provider of the social network receives the information that you have accessed our website and that your personal data is transmitted to the provider of the plug-in and stored there. These are so-called third party cookies. With some providers such as Facebook and XING, their IP is anonymized immediately after collection.
- The plug-in provider stores the data collected about the user as usage profiles. These are used for the purposes of advertising, market research and / or the needs-based design of his website. Such an evaluation is carried out in particular (also for users who are not logged in) to display needs-based advertising and to inform other users of the social network about the activities of the user on our website. The user has a right to object to the creation of these user profiles, whereby one must contact the respective plug-in provider to exercise this right.
- The legal basis for the use of the plug-ins is our legitimate interest in improving and optimizing our website by increasing our awareness through social networks as well as the possibility of interaction with you and the users among one another via social networks in accordance with Art. 6 Para. 1 S. 1 lit. f) GDPR.
- We have no influence on the data collected and data processing processes. We also have no knowledge of the scope of data collection, the purpose of processing and the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
- With regard to the purpose and scope of data collection and processing, we refer to the respective data protection declarations of the social networks. You will also find information on your rights and setting options for protecting your personal data.
- On our website we have plug-ins from the social network Facebook.com (company headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland) as part of the so-called “two-click solution "By Shariff. You can recognize this by the Facebook logo" f "or the addition" Like "," Like "or" Share ".
- As soon as you voluntarily activate the Facebook plug-in, a connection is established from your browser to the Facebook servers. Facebook receives the information, including your IP, that you have accessed our website and transmits this information to Facebook servers in the USA, where this information is stored. If you are logged into your account at Facebook, Facebook can assign this information to your account. When using the functions of the plug-in, e.g. When you click the "Like" button, this information is also transferred from your browser to the Facebook servers in the USA and stored there, as well as displayed in your Facebook profile and possibly with your friends.
- The purpose and scope of the data collection and its further processing and use of the data by Facebook as well as your rights and setting options for protecting your privacy can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/. Data collection with the "Like" button: https://www.facebook.com/help/186325668085084. You can manage and object to your settings regarding the use of your profile data for advertising purposes on Facebook here: https://www.facebook.com/ads/preferences/.
- If you log out of Facebook before visiting our website and delete your cookies, no data about your visit to our website will be assigned to your profile on Facebook when you activate the plug-in.
- You can also prevent the loading of the Facebook plug-in by so-called "Facebook Blocker", which you can install as an add-on for your browser: Facebook Blocker for Firefox, Chrome and Opera or 1blocker for Safari, iPad and iPhone.
- Facebook has submitted to the Privacy Shield and thus ensures that European data protection law is complied with: https://www.privacyshield.gov/EU-US-Framework.
- We have integrated plug-ins from the social network Twitter.com (Twitter Inc., 1355 Market St., Suite 900, San Francisco, California 94103, USA) on our website as part of the so-called “two-click solution” from Shariff , You can recognize these plug-ins by the Twitter logo with a white bird on a blue background. You can find an overview of Twitter buttons and tweets at: https://developer.twitter.com/en/docs/twitter-for-websites/overview.
- If you are logged into your Twitter account while you willingly activate the Twitter plug-ins, Twitter can assign the call to our website to your Twitter profile. We do not know which data is transmitted to Twitter.
- If you want to exclude data transmission when the plug-in is activated on Twitter, log out of Twitter before visiting our website and delete your cookies.
- The purpose and scope of the data collection and its further processing and use of the data by Twitter, as well as your rights and setting options for protecting your privacy, can be found in Twitter's data protection information: https://twitter.com/de/privacy. Objection (opt-out): https://twitter.com/personalization.
- Twitter has submitted to the Privacy Shield and thus ensures that European data protection law is complied with: https://www.privacyshield.gov/EU-US-Framework
Data protection for applications and in the application process
- Applications that are sent to the responsible person electronically or by post are processed electronically or manually for the purpose of handling the application process.
- We expressly point out that application documents with "special categories of personal data" according to Art. 9 GDPR (e.g. a photo that gives conclusions about your ethnic origin, religion or your marital status), with the exception of a possible severe disability, which you from want to disclose freely, are undesirable. You should submit your application without this data. This has no impact on your application chances.
- The legal bases for processing are Art. 6 Para. 1 S.1 lit. b) GDPR and § 26 BDSG n.F.
- If an employment relationship is entered into with the applicant after the application process has been completed, the applicant data will be saved in compliance with the relevant data protection regulations. If you are not offered a job after completing the application process, your application letter and documents will be deleted 6 months after the rejection has been sent in order to be able to meet any claims and verification requirements under the AGG.
Rights of the data subject
Objection or revocation against the processing of your data
Insofar as the processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a), Art. 7 GDPR, you have the right to withdraw your consent at any time. This does not affect the lawfulness of processing based on consent before its withdrawal.
Insofar as we process your personal data based on the balancing of interests in accordance with Art. 6 Para. 1 S. 1 lit. f) support GDPR, you can object to the processing. This is the case if the processing is not particularly necessary to fulfill a contract with you, which is described by us in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adjust the data processing or show you our compelling reasons worthy of protection, on the basis of which we will continue the processing.
You can object to the processing of your personal data for advertising and data analysis purposes at any time. You can exercise the right to object free of charge. You can inform us about your objection to advertising using the following contact details:
Düchting Software & Consulting GmbH
Old way 2
53547, Kasbach-Ohlenberg, Germany
Managing director Stefan Düchting
Commercial Register / No .: HRB 23713
Register court: Montabaur District Court
Fax: +49 2644 6023314
Right to information
You have the right to request confirmation from us as to whether your personal data is being processed. If this is the case, you have the right to information about your personal data stored by us in accordance with Art. 15 GDPR. This includes, in particular, information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless it was collected directly from you.
Right to rectification
You have the right to correct inaccurate or correct data in accordance with Art. 16 GDPR.
Right to cancellation
You have the right to have your data stored by us deleted in accordance with Art. 17 GDPR, unless legal or contractual retention periods or other legal obligations or rights to further storage prevent this.
Right to restriction
You have the right to request a restriction in the processing of your personal data if one of the requirements in Art. 18 Para. 1 lit. a) to d) GDPR is fulfilled:
• If you contest the accuracy of your personal data for a period of time that enables the person responsible to check the accuracy of the personal data;
• the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
• the controller no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
• if you have objected to processing in accordance with Art. 21 Para. 1 GDPR and it is not yet certain whether the controller's legitimate reasons outweigh your reasons.
Right to data portability
You have the right to data portability in accordance with Art. 20 GDPR, which means that you can receive the personal data we have stored about you in a structured, common and machine-readable format or you can request the transfer to another person responsible.
Right to complain
You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority, in particular in the Member State of your residence, your place of work or the place of the alleged violation.
We have taken appropriate technical and organizational security measures to protect all personal data that are transmitted to us and to ensure that we, as well as our external service providers, comply with data protection regulations. That is why, among other things, all data is encrypted between your browser and our server via a secure SSL connection.
As of May 20, 2019