Data Protection
Every citizen has the constitutional right to determine how their personal data is used.
For this reason, it is our duty to guarantee the security of the data you entrust to us when you visit our website. In the following, we explain which data of yours we have, what happens to it and what security measures are in place to protect it from inappropriate use..
Scope
This privacy policy applies to our entire website, but not to the sites of other providers, to whose sites our webpages may provide links.
Security measures
Our IT department continuously updates our technological security measures according to current circumstances and needs.
Logging
Each time a user accesses a page on our website, and each time a file is retrieved, access data pertaining to this procedure is stored in a log file on our server.
- date
- time
- IP address
- browser type
- browser settings
- operating system
- webpage visited
Based on this data, statistics are generated which help us to further adjust our web portal to your needs. It is not possible for us to derive a personal reference from the data; your data, including excerpts, is only transferred to third parties in instances where Controlware is required to do so by law.
Users have the right, upon request, to be informed as to which personal data of theirs we have stored. Further, they have the right to have this data rectified and/or deleted, as well the right to have the processing of their data restricted and to receive their data in portable form.
Cookies
We utilise session cookies on our website. Data is not stored permanently. Cookie is a term for information which a webserver sends to a browser, and which the browser sends back when the webserver is accessed. Session cookies are only stored for the duration of a session. Most browsers are configured to accept cookies automatically. You can however deactivate cookie storage or have your browser notify you when cookies are sent.
Twitter plugin
Functionalities of the service, Twitter, are integrated on our webpages. These functionalities are provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the ‘re-tweet’ function, the websites you visit are linked to your Twitter account, and this is made known to other users; data is also transferred to Twitter. Please note that we, as the provider of the pages, do not have any knowledge of the contents of the transmitted data or its use by Twitter. Further information can be found in Twitter’s privacy policy at: twitter.com/privacy.
Your Twitter privacy settings can be changed in the account settings at: twitter.com/account/settings.
LinkedIn plugin
Our website utilises functionalities of the network, LinkedIn, provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you retrieve one of our pages with LinkedIn functionalities embedded in it, a connection is established with LinkedIn servers, and LinkedIn is informed that you have visited our website with your IP address. When you click on LinkedIn’s ‘recommend button’ while logged onto your LinkedIn account, LinkedIn is able to attribute your visit to our website to you, and to your user account. Please note that we, as the provider of the pages, do not have any knowledge of the contents of the transmitted data or its use by LinkedIn.
Further information can be found in LinkedIn’s privacy policy at: www.linkedin.com/legal/privacy-policy.
XING Plugin
Our website utilises functionalities of the network, XING, provided by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time you retrieve a page of ours with XING functionalities embedded in it, a connection is established with XING servers. To the best of our knowledge, no personal data is stored. In particular, IP addresses are not stored and user behaviour is not analysed.
Further information regarding data protection and the XING share button can be found in XING’s privacy policy at: www.xing.com/app/share.
Processing of personal data
In some parts of our website we offer you the possibility of getting in touch with us or of making use of certain services. We shall only utilise any personal data transferred to us in this regard for the unique purpose for which it was provided to us. Your data is not transferred to third parties.
Security of personal data
To guarantee the confidentiality of our communication with you, we use so-called SSL encryption. According to the current state of knowledge, the 128-bit encryption this provides is to be regarded as secure. All younger generation browsers offer this level of security. It may be advisable to update the browsers on your computer.
Amendments to this privacy policy
According to current circumstances, e.g., amendments to the EU General Data Protection Regulation (GDPR) or other relevant statutory provisions, we shall, if necessary, update this privacy policy.
Legal bases for data processing
Personal data may be processed on the basis of various statutory provisions, which we refer to below:
- Insofar as we process personal data concerning you on the basis of your consent, this is done in accordance with Art. 6 Para. 1 a) GDPR in conjunction with Art. 4, No. 11 and Art. 7 GDPR.
- Data relating to the initiation, execution or termination of contractual relationships is processed on the basis of Art. 6 Para. 1 b) GDPR. Exempt from this, is data relating to the initiation, execution or termination of employment contracts. This data is processed on the basis of Section 26 of the German Federal Data Protection Act (BDSG).
- Insofar as we process your data for the purpose of fulfilling legal obligations that apply to us, e.g. relating to tax law or social-security law, this is done on the basis of Art. 6 Para. 1 c) GDPR.
- Finally, we may process personal data concerning you on the basis of an overriding legitimate interest on Controlware’s part, taking your opposing interests in protection into consideration. The legal basis for this is Art. 6 Para. 1 f) GDPR.
Your rights as the data subject
Access, Art. 15 GDPR
You have the right to access the data we have stored concerning you. This includes:
- The categories of personal data that are processed
- The purposes of the processing
- The recipients or categories of recipient
- The envisaged period for which the data will be stored
- The existence of your rights to rectification, erasure, restriction of processing, or objection to processing
- The right to lodge a complaint with a supervisory authority.
Access requests should be addressed to: Controlware GmbH
Frank Jander
Data Protection Officer
Waldstrasse 92
63128 Dietzenbach
Germany
Email: datenschutz(at)controlware.de
Please enclose a copy of your personal ID, showing your name, address and date of birth, so we can establish your identity and effectively prevent data from being transmitted to unauthorised parties.
Rectification, Art. 16 GDPR
You have the right to obtain from us the rectification of incorrect data we have stored concerning you. You also have the right to have incomplete data sets completed.
Erasure, Art. 17 GDPR
You have the right to obtain from us the erasure of the personal data we have stored concerning you. This does not apply if we are legally obliged to store the data, or if we require the data for the fulfilment of contractual obligations or for legal prosecution. In these cases, the right to erasure shall be replaced by the right to restrict the processing of personal data.
Restriction of processing, Art. 18 GDPR
Where one of the following applies, you have the right to obtain from us the restriction of processing of the personal data we have stored concerning you:
- If you contest the accuracy of the personal data concerning you, for a period enabling us to verify the accuracy of the data;
- If the processing is unlawful and you oppose the erasure of the personal data, instead requesting that its use be restricted;
- If we no longer require the personal data for the original processing purposes, but you require it for the establishment, exercise or defence of legal claims, or
- If you have objected to processing pursuant to Art. 21 Para. 1 GDPR and it has not yet been determined whether the legitimate interests of the controller override your legitimate interests.
If the processing of personal data concerning you has been restricted, we may – with the exception of storage – only process this data with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.
Should we intend to lift the restriction of processing of personal data concerning you, you will be informed of this beforehand.
Right to data portability, Art. 20 GDPR
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller, where
- the processing is based on consent pursuant to Art. 6 Para. 1 a GDPR or a contract pursuant to Art. 6 Para. 1 b GDPR, and
- we carry out the processing by automated means.
In this context, you have the right to ask us to transmit the relevant data directly to another controller you name, insofar as this is technically feasible and does not encroach on the rights and freedoms of others.
Objection, Art. 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, insofar as we are processing your data based on Art. 6 Para. 1 e) or f) GDPR.
In the event of an effective objection, we will no longer process the personal data concerning you unless we have compelling grounds for processing, which override your interests, rights and freedoms or if processing serves the establishment, exercise or defence of legal claims.
If personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing; this includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, we will no longer process personal data concerning you for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
Right to revoke your consent
Insofar as we process personal data concerning you based on your consent pursuant to Art. 6 Para. 1 a) GDPR, you may revoke this consent at any time, effective for the future, without stating any reasons. As a result of this revocation, we may no longer be able to render our services for you, or only to a limited extent, or you may no longer be able to use certain services.
Objections should be addressed to:
Controlware GmbH
Frank Jander
Data Protection Officer
Waldstrasse 92
63128 Dietzenbach
Germany
Email: datenschutz(at)controlware.de
Erasure periods
Controlware generally erases personal data immediately, once it is no longer required for the purposes for which it was collected. In some cases, however, there are legal retention periods to which we are, of course, bound. In such cases, the data shall be erased once the respective period has elapsed. Data collected through IP logging is generally erased after 12 months.
Right to lodge a complaint
If you feel that our data processing has breached your rights or basic freedoms, you have the right to lodge a complaint with our company’s data protection officer or a supervisory authority.
Contact details for our company’s data protection officer:
Controlware GmbH
Frank Jander
Data Protection Officer
Waldstrasse 92
63128 Dietzenbach
Germany
Email: datenschutz(at)controlware.de