Data protection declaration of UNIT4 GmbH & Co. KG
In this data protection declaration we inform you about the following topics:
- 1: Responsible for data processing and data protection officer; scope of application
- 2: General principles for processing your personal data
- 3: Informational use of our WEBSITE
- 4: Contact / feedback
- 5: Third party content
- 6: Business relationship
- 7: Application
- 8: Data security
- 9: Your rights
1. Responsible for data processing and data protection officer; scope of application
(1) We, UNIT4 GmbH & Co. KG, Regerstrasse 19, 70195 Stuttgart, Germany, Tel .: +49 (0) 711 263459-0, Fax: +49 (0) 711 263459-10, E-Mail: email@example.com, are the operator of the website, available at www.unit-4.com (hereinafter also “WEBSITE”), and responsible for the processing of personal data of you as a user of our WEBSITE (“you”) acc. Art. 4 No. 7 of the EU General Data Protection Regulation (“GDPR”).
Our data protection officer is: Ariane Schepp (Kuhn-privacy Dr. Norbert Kuhn), Heustraße 3, 70174 Stuttgart, Germany, email: firstname.lastname@example.org.
(2) In the following, we would like to provide you with detailed information about the processing of your personal data as part of our information obligations (see Section 2).
– as a visitor to our WEBSITE (see sections 3 – 5);
– as our business partner or as another person with whom we communicate in the course of our business (see Section 6);
– as our applicant (see Section 7)
to inform. Furthermore, we would like to inform you about the accompanying protective measures, which we have also taken in technical and organizational terms on our WEBSITE (Section 8), as well as your rights with regard to the processing of your personal data (Section 9).
General principles for processing your personal data(1) Personal data is all information that relates to an identified or identifiable natural person. Your personal data therefore includes all data that can be directly or indirectly assigned to you, such as your name, address, telephone number or email address.(2) Personal data are primarily processed by us only if and to the extentYou have given us your consent to data processing for one or more specific purposes (Art. 6 para. 1 subpara. 1 letter a GDPR);the processing is necessary for the performance of a contract to which you are a party or for the implementation of pre-contractual measures that are carried out at your request (Art. 6 Para. 1 Subsection 1 Letter b GDPR);
the data processing is necessary to fulfill a legal obligation to which we are subject (Art. 6 para. 1 subpara. 1 letter c GDPR), or
Data processing is necessary to safeguard our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms that require the protection of personal data outweigh them (Art. 6 Para. 1 Para. 1 Letter f) GDPR).
(3) In the following provisions of this data protection declaration, we will explain to you which of the legal bases listed in paragraph 2 or other legal bases we support the processing of your personal data in individual cases.
(4) We sometimes use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked. We can also pass on your personal data to third parties if we offer contracts or similar services together with partners. You will receive more information on this when you provide your personal data or in the following provisions of this data protection declaration. If our service providers or partners are based in a country outside the European Economic Area (EEA), we will also inform you about the consequences of this in the following provisions of this data protection declaration.
3. Informational use of our WEBSITE
3.1 Log data
(1) In connection with the use of our WEBSITE, we collect your data that your internet browser automatically transmits to our server. The following data is collected:
- IP address of the requesting computer
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status / HTTP status code
- amount of data transferred in each case
- Website from which the request came
- Language and version of the browser software.
(2) These data are technically necessary for us to enable you to use and function our WEBSITE, in particular to display the WEBSITE and to guarantee the security and stability of the WEBSITE. This data is not linked to the personal data of a specific natural person. Our legitimate interest lies in a functioning website. The legal basis is Art. 6 Abs. 1 UAbs. 1 Buchst. f DSGVO.
(3) We delete this data as soon as it is no longer required to achieve the purpose for which it was collected. Your data including your IP address will be stored for up to 14 days. Your IP address is shortened by the last octet (sub-segment) when it is collected and is therefore only saved in anonymised form. The temporary storage of the IP address by our system is necessary in order to remedy disruptions to our WEBSITE and to ward off dangers.
(2) Our WEBSITE uses the following types of cookies, the scope and functionality of which are explained below:
– transient cookies (see a)
– Persistent cookies (see b).
- a) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This enables your computer to be recognized when you return to a page on our WEBSITE. The session cookies are deleted when you log out or close the browser.
- b) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.
(3) If personal data are processed by individual cookies, the necessary cookies are processed in accordance with Art. 6 Para. 1 Subsection. 1 letter f GDPR to protect our legitimate interests in the best possible functionality of our WEBSITE. In the case of cookies for external media, processing is based on your consent in accordance with Art. 6 Para. 1 Subsection. 1 letter a GDPR.
(4) You can configure your browser settings according to your wishes and e.g. refuse to accept third-party cookies or all cookies. However, we would like to point out that in this case you may not be able to use all functions of our WEBSITE to their full extent.
- Contact / feedback(1) If you contact us, for example to provide us with your feedback, the processing of your contact details (e.g. first and last name, email address, telephone number) will be processed to answer your questions via the contact form, by email or on other requests and / or suggestions. The processing of your data serves exclusively to process the establishment of contact as well as to prevent misuse and to guarantee the security of our information technology systems.(2) The legal basis for processing the data is Art. 6 Para. 1 Subsection. 1 letter f GDPR. If your message is aimed at concluding a contract, the additional legal basis for the processing of your data is Art. 6 Para. 1 Subsection. 1 letter b GDPR.(3) If there is no legal or contractual retention period for deleting your personal data, we will delete it as soon as it is no longer necessary to achieve the purpose for which it was collected.
(2) If you play YouTube videos on our WEBSITE, YouTube receives the information that you have accessed the corresponding subpage of our WEBSITE. In addition, the under. 3.1 of this declaration. This takes place regardless of whether YouTube provides a user account that you are logged in to or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your YouTube profile to be assigned, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and / or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our WEBSITE. You have the right to object to the creation of these user profiles, but you must contact YouTube to exercise them.
(3) The legal basis for the use of YouTube on our WEBSITE is your consent in accordance with Art. 6 para. 1 subparagraph. 1 letter a GDPR. Further information on the purpose and scope of data collection and processing by YouTube can be found in Google’s data protection declaration.
(4) When using YouTube, it cannot be ruled out that personal data will be transmitted to the servers of Google LLC in the USA.
5.2 Google Maps
(1) On our WEBSITE we use Google Maps from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). This enables us to show you interactive maps directly on the WEBSITE and enables you to use the map function conveniently, provided you have given us your prior consent.
(2) If you give us your consent for the use of Google Maps on our WEBSITE, Google receives the information that you have accessed the corresponding subpage of our WEBSITE. In addition, the under. 3.1 of this declaration. This takes place regardless of whether Google provides a user account that you are logged in to or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your profile to be assigned to Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and / or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our WEBSITE. You have the right to object to the creation of these user profiles, although you must contact Google to exercise them.
(3) The legal basis for the use of Google Maps is your consent in accordance with Art. 6 para. 1 subparagraph. 1 letter a GDPR. The processing of your personal data for the purpose of providing the map content takes place in a joint collaboration between us and Google. For this we have a contract with Google on shared responsibility. Art. 26 GDPR closed, which you can see under the following link: https://cloud.google.com/maps-platform/terms/maps-controller-terms.
(4) Further information on the purpose and scope of data collection and processing by Google can be found in Google’s data protection declaration.
(5) When using Google Maps, it cannot be ruled out that personal data may be transmitted to the Google LLC servers in the USA.
- Business relationship(1) If you are a business partner (e.g. customer or supplier) of us, we process information about your company as well as information about you (e.g. contact details) or other people within your company. Your personal data are essentially collected directly by yourself (e.g. through orders) or in the course of processing by us, if this is necessary for the execution of the business relationship. Changes to contacts in your company can also lead to further collection of personal data in connection with employees of your company.(2) Your data is primarily stored and processed electronically for the purpose of contract processing between us and you. For communication within the scope of contract processing (e.g. offers, orders, order confirmations, delivery notes and / or invoices), we can contact you via the data you have entered. This can be done via the postal address (es), e-mail address (es) or the telephone and fax number (es). The technical and content-related design of contracts, in particular content, specifications and prices, can also be processed with the stored data. The legal basis for this is Art. 6 Para. 1 Subsection. 1 letter b GDPR.(3) We can also send you information and notifications about your business relationship with us using the data you have provided, as well as offer you opportunities to initiate new business. The legal basis for this is Art. 6 Para. 1 Subsection. 1 letter f GDPR. If we receive feedback from you about these communications, which is aimed at entering into a contract with us, then the additional legal basis for the processing of your data is Art. 6 Para. 1 Subsection. 1 letter b GDPR.
(4) To fulfill our contractual obligations, we sometimes use different service providers. Your data will only be passed on to third parties if this is necessary for the execution of the contract or if you expressly consent to the transfer. The legal basis for this is Art. 6 Para. 1 Subsection. 1 letter b GDPR or Art. 6 para. 1 subpara. 1 letter a GDPR in the case of your consent.
(5) In principle, we do not transmit your personal data to countries outside the European Union or the European Economic Area (third countries). However, in the course of obligations arising from contracts between us and you as a business partner, data may have to be transferred to a third country. This transmission only takes place after a precise examination and assessment and only if the special requirements of Art. 44 ff. GDPR are met (e.g. adequacy decision of the Commission, standard data protection clauses, approved rules of conduct).
(6) If there is no legal or contractual retention period for deleting your personal data, we will delete it as soon as it is no longer necessary to achieve the purpose for which it was collected. This is usually the case if a business relationship with your company no longer exists or if you have left the company as a contact person.
(7) If you are already a customer of ours, we can set up a customer account for you on request. To create the customer account, it is necessary that you provide us with your email address and telephone number. We store all other data that you enter in the customer account for later inquiries and orders.
- Canditature(1) If you apply for a job in our agency, we process the personal data that you give us e.g. send by email. We do not need any information from you that cannot be used according to the General Equal Treatment Act (e.g. race, ethnic origin, religion or belief, age, sexual identity). We also do not ask you to provide us with information on pregnancy, political views, philosophical or religious beliefs and membership in a union.(2) Your personal data are processed exclusively for the purpose of filling positions within our agency. Your personal data will not be passed on unless you have given us your consent. In certain cases, however, personal data may have to be passed on to external bodies, e.g. public bodies (authorities and offices etc.), external service providers or other recipients.(3) The primary legal basis for the processing of your personal data is Art. 88 Para. 1 GDPR in conjunction. Section 26 (1) BDSG and, if applicable, Art. 6 (1) UAbs. 1 letter b GDPR.(4) If we are unable to offer you a job, we will delete your data no later than 3 months after the application process has ended, unless you give us your consent that we may store the applicant data for longer.
- Data security
(1) We use technical and organizational security measures to protect accrued or collected personal data, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are continuously improved in line with technological developments.
(2) Our WEBSITE is encrypted using SSL technology to prevent access by unauthorized third parties. You can recognize the secure transmission by the protocol name “https: //” in the URL line
- Your rights(1) With regard to the processing of your personal data, you are entitled to the rights listed below under letter a – h towards us under the legal conditions. For this, please contact us or our data protection officer. You can find the contact details under no. 1.You can acc. Art. 15 GDPR ask for confirmation as to whether personal data concerning you will be processed by us. In this case, you have Art. 15 para. 1 GDPR a right to information about the processing purposes, the categories of processed personal data, the recipients or categories of recipients to whom we have or will still disclose the personal data, the planned storage period or the criteria for the Determining the storage period, the existence of a right to correct or delete your personal data as well as restriction of processing or objection to the processing, the existence of a right to lodge a complaint with a supervisory authority, the origin of the data, unless we have collected your data from you Existence of automated decision-making including profiling and gem. Art. 15 para. 2 GDPR the right to be informed about the appropriate guarantees in accordance with. Art. 46 GDPR in the context of the transfer of personal data to third countries.Right to information
Right to rectification
You can acc. Art. 16 GDPR request the immediate correction and / or taking into account the purposes of the processing, the completion of your personal data if your data is incorrect or incomplete.
Right to cancellation
You can acc. Art. 17 GDPR require the immediate deletion of your personal data if there is a reason under Art. 17 para. 1 letter a-f GDPR. However, the right to deletion of your personal data does not exist in particular if their processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (Art 17 para. 3 GDPR).
Right to restriction of processing
You can limit the processing of your personal data by us in accordance with Art. 18 GDPR, as long as we check the correctness of your data that you disputed, if you refuse to delete your data due to unlawful processing and instead request the restriction of the use of your data if you need your data to assert, exercise or defend legal claims , or if you have objected to the processing, as long as it is not certain whether our legitimate reasons prevail.
Right to be informed
We share according to Art. 19 GDPR to all recipients to whom your personal data have been disclosed, any correction or deletion of your personal data or a restriction of their processing in accordance with Art. 16, 17 Paragraphs 1 and 18 GDPR, unless this proves to be impossible or is associated with a disproportionate effort. According to Art. 19 p. 2 GDPR gives us the right to be informed about these recipients on request.
f) Right to data portability
According to Art. 20 GDPR the right to receive your personal data, which you have provided to us, in a structured, common and machine-readable format and to transmit this data to another responsible person, provided the further requirements of Art. 20 GDPR are met, especially technically is feasible.
g) Right to object
Insofar as we process your personal data based on legitimate interests in accordance with Art. 6 Para. 1 Subsection. 1 letter f GDPR, you can acc. Art. 21 GDPR to object to processing. This is the case if the processing is not particularly necessary to fulfill a contract with you, which is shown by us in the description of the offers above. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will be Art. 21 para. 1 sentence 2 GDPR either no longer process the personal data or you can prove our compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms. Further processing is reserved if the processing serves to assert, exercise or defend legal claims.
Of course you can acc. You can object to Art. 21 Para. 2 GDPR at any time regarding the processing of your personal data for advertising and profiling purposes, insofar as it is related to direct advertising.
If you object, you can contact us or our data protection officer at the number in Inform 1 mentioned contact details.
h) Right to withdraw consent
According to Art. 7 Para. 3 GDPR the right to revoke any data protection consent given to us at any time with future effect. However, this does not affect the lawfulness of the processing that took place based on your consent up to the point of revocation.
(2) If you believe that the processing of your data violates data protection regulations, you also have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. Please contact a supervisory authority in the Member State of your residence, your place of work or the location of the potential violation.