This website is using Cookies to guarantee best service. If you keep on using this website you agree with the use of cookies.

I agree [x]

Data Privacy Statement

 

The following provides you with information about how we process your personal data and the claims and rights to which you are entitled under data protection regulations.

This privacy statement explains the nature, scope and purpose of the processing of personal data within our website (hereinafter referred to as “the website"). This privacy statement applies regardless of the domains, systems and devices (e.g. desktop, mobile, etc.) used.

Personal data is all data that is personally identifiable to you, e.g. name, address, email addresses, user behaviour. Which data is processed in detail and how it is used depends largely on the services used.

 

1. Who is responsible for data processing and who can I contact?

The responsible body is:

proventis GmbH

Alte Jakobstr. 83-84

10179 Berlin

Tel: +49 (0) 30 - 293 63 99 - 0

Fax: +49 (0) 30 - 293 63 99 – 50

Email: kontakt@proventis.net

 

You can contact our company data protection officer at: 

mip Consult GmbH

Asmus Eggert, Solicitor

Alte Jakobstr. 77

10179 Berlin

Tel: +49 (0) 30 - 293 63 99 - 0

datenschutz@proventis.net

www.sofortdatenschutz.de 

 

2. What sources and data do we use?

We process personal data that we receive from you as part of your use of our website and, if applicable, our business relationship.

For purely informational use of the website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. When you visit our website, we collect the following access data, which is technically necessary for us to display our website to you and to ensure stability and security. The access data includes the IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (i.e. name of the specifically accessed website), access status/HTTP status code, data volume transmitted in each case, referrer URL (previously visited page), browser type and version, operating system and its interface, language and version of the browser software, notification of successful retrieval.

We also receive your personal data if you contact us via contact form or email. Personal data here refers to name, address, email, telephone number (hereinafter referred to as "contact data"), for example.

 

3. Why do we process your data and on what legal basis?

We process personal data in accordance with the provisions of the European Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) for the following purposes and on the following legal basis:

 

Purpose

Legal basis

If you have given us your consent to process personal data for specific purposes (e.g. when contacting us via our contact form or by email for processing and handling the inquiry, sending newsletters, advertising by telephone, email, SMS, etc.), the legality of this processing is given on the basis of your consent. Given consent can be revoked at any time. Please note that the revocation will only take effect in the future. Processing that took place before the revocation is not affected by this.

 

Consent, Art. 6 Par. 1a GDPR

When contacting us (via contact form or email), your details will be processed in addition to any consent given for the processing of the contact enquiry and its handling, also on the basis of the implementation of pre-contractual measures, Art. 6 para. 1b GDPR.

 

Implementation of pre-contractual measures on request of the person, Art. 6 para. 1b GDPR

We process your access data (see above under point 2) to protect our legitimate interests or those of third parties. We pursue the following legitimate interests in particular: 

  • Ensuring IT security, in particular the security of the website;
  • Advertising or market and opinion research, as long as you have not objected to the use of your data;

Asserting legal claims and defence in legal disputes;

In the context of balancing interests to protect legitimate interests, Art. 6 para. 1f GDPR

 

 

If we receive your data when you download our whitepapers, we process your data on the basis of your consent to inform you about Blue Ant.

 Consent, Art. 6 Par. 1a GDPR

 


4. Who gets my data?

The departments needed to fulfill our contractual and regulatory obligations within the organization will have access to your information.

Contractors used by us (Art. 28 GDPR) may also receive data for the aforementioned purposes. These are companies in the categories IT services, printing services, telecommunications, consulting and sales and marketing. If we use contract processors to provide our services, we take appropriate legal precautions as well as appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.

Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is necessary, e.g. on the basis of Art. 6 para. 1 lit. b) GDPR for contractual purposes or on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f. GDPR to an economic and effective operation of our business or if you have consented to the data transmission. In the purely informational use of the website, we do not pass on any data to third parties.   

 

 

5. How long will my data be stored?

For security reasons (e.g. to investigate misuse or fraud) log file information is stored for a maximum of fourteen days and then deleted (see point 2 above). Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.

If necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and processing of a contract via contact form or by email.

In addition, we are subject to various storage and documentation obligations, which result, among other things, from the German Commercial Code (HGB) and the Tax Code (AO). The periods for storage and documentation specified here range from two to ten years.

Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 ff. of the German Civil Code (BGB) may as a rule be 3 years, but in certain cases also up to thirty years, whereby the regular limitation period is 3 years.

 

 

6. Is data transferred to a third country or to an international organisation?

The data provided will be processed within the European Union and in the USA. Please note that we either ensure with recipients of your data for countries without a Commission adequacy decision under Article 45 GDPR, as is the case with the US, that they are certified under the EU-US Privacy Shield (such as Google) or that we have agreed EU standard data protection clauses with these recipients. This is in order to protect your data and to achieve an appropriate level of protection for your personal data. You have the option of obtaining or viewing copies of the EU standard data protection clauses. If required, please contact us using the contact details given above under point 1.

 

7. What are my data protection rights?

Each person concerned has

  • The right to information in accordance with Art. 15 GDPR,
  • the right to correction in accordance with Art. 16 GDPR,
  • the right to deletion in accordance with Art. 17 GDPR,
  • the right to restrict processing in accordance with Art. 18 GDPR, and
  • the right to data transferability under Art. 20 GDPR.

Furthermore, you can revoke your consent with effect for the future in general. In addition, there is a right of appeal to a data protection supervisory authority (Art. 77 GDPR i.V.m. § 19 BDSG). In addition, we would like to draw your attention to your right of objection under Art 21. GDPR:

 

Information about your right of objection according to Art. 21 GDPR

You have the right to object at any time for reasons arising from your particular situation to the processing of personal data concerning you under Article 6(1)(e) GDPR (Data Processing in the Public Interest) and Article 6(1)(f) of the General Data Protection Regulation (Data Processing on the basis of a balance of interests), including profiling based on this provision within the meaning of Article 4(4) GDPR, which we use for questionnaire evaluation or for promotional purposes. 

If you object, we will no longer process your personal information unless we can establish compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.

In individual cases we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising. If you object to the processing for direct advertising purposes, we will no longer process your personal data for these purposes.

The objection can be made informally and no costs other than transmission costs according to basic tariffs need be incurred. The objection should, if possible, be addressed to:

proventis GmbH

Alte Jakobstr. 83-84

10179 Berlin

or by email to:

widerspruch@proventis.net

 

8. To what extent is there automated decision making in individual cases, including profiling?

When accessing our website or contacting us by form or email, we do not use fully automated automatic decision-making in accordance with Article 22 GDPR. Should we use these procedures in individual cases, we will inform you separately, insofar as this is required by law. We do not process your data automatically with the aim of evaluating certain personal aspects (profiling).

 

9. Is there an obligation for me to provide data?

Within the framework of our website, you must provide the personal data that is technically necessary for IT security reasons or for the use of our website. If you do not provide this information, you may not use our website.

When contacting us by form or email, you only need to provide the personal data required to process your request. Otherwise we will not be able to process your request.

 

10. Newsletter

The following information informs you about our newsletter and the registration and shipping procedure and informs you about your rights. If you subscribe to our newsletter, you agree to receive the newsletter and the described procedures.

We will only send our calendar of events and other emails containing advertising information (hereinafter "Newsletter") with the consent of the recipients or on a legal basis. You will then receive our newsletter with information about proventis, Blue Ant and our events.

The registration for our newsletter takes place in the so-called double opt-in procedure, i.e. after registration for the newsletter we will send you an email asking you to confirm your registration. This confirmation serves to ensure that only persons who actually have access to the email address specified in the form register for our newsletter. We log the registrations for the newsletter in order to be able to prove the registration process according to the legal requirements. This includes the storage of the time of registration and confirmation as well as the IP address. The newsletter is sent using Sugar CRM, which is hosted on a server rented by us and located in Germany.

To subscribe to the newsletter, simply enter your email address. We give you the option of entering a name in the newsletter in order to address you personally.

The newsletter is sent on the basis of the recipient's consent pursuant to Art. 6 para. 1a GDPR and § 7 para. 2 no. 3 UWG (Federal law against unfair competition), or on the basis of the legal permission of § 7 para. 3 UWG.

The registration procedure is logged on the basis of our legitimate interests pursuant to Art. 6 para. 1f GDPR and serves as proof of consent to receipt of the newsletter.

You can cancel the receipt of our newsletter at any time, i.e. revoke your consent at any time with effect for the future. You will find a link to cancel the newsletter at the end of each of our newsletters. If users have only subscribed to the newsletter and cancelled their subscription, their personal data will be deleted.

 

11. Cookies

Cookies are information that is transferred from our web server or third party web servers to the user's web browser and stored there for later retrieval. Cookies are small files or other types of information storage. Cookies are used for security purposes or are required to operate our website (e.g. for optimal presentation of the website on various end devices) or to save your decision when confirming our cookie banner.

We use "session cookies", which are only stored for the duration of the current visit to our website and in some cases enable the use of our online content in the first place. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. Session cookies are deleted at the latest when you have finished using our website and close your browser.

We inform you about the use of cookies in the context of website tracking in the following sections.

If you do not want cookies to be stored on your computer, you can deactivate the corresponding option in the system settings of your browser. Stored cookies can be deleted in the system settings of the browser. Please note that the deactivation of cookies can lead to functional limitations of this website.

You can opt out of the use of cookies for website tracking and advertising purposes via the http://optout.networkadvertising.org/ network advertising initiative or the American website http://www.aboutads.info/choices or the European http://www.youronlinechoices.com/uk/your-ad-choices/ website.

 

12. Google Analytics

On the basis of our legitimate interests, i.e. our interest in optimizing and economically operating our website, we use the web analysis service Google Analytics from Google Inc. "("Google"). The web analysis service Google Analytics uses cookies. The information generated by cookies about the use of our website is usually transferred to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thereby offers a guarantee to comply with European data protection law, see https://www.privacyshield.gov/.

Google will use this information on our behalf to evaluate the use of our website by our users, to compile reports on the activities within this website and to provide us with further services associated with the use of this website. Pseudonymous user profiles can be created from the processed data.

We use Google Analytics with IP anonymization enabled. This means that Google will reduce the IP address of users within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user's browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the website and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de

Duration of data storage
The data sent by us and linked with cookies, user IDs or advertising IDs are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

 Further information on data use by Google, setting and objection options can be found on Google's website: https://www.google.de

 

13. Other services

Retargeting/Remarketing

We use the remarketing services ("Google Remarketing Services") of Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google") on the basis of our legitimate interests, i.e. our interest in analysing and optimising our website within the meaning of Art. 6 Para. 1f GDPR.

Google is certified under the EU-US Privacy Shield Agreement, thereby guaranteeing compliance with European data protection law (https://www.privacyshield.gov).

Remarketing refers to the display of ads for products or other services that a user has been interested in on other websites. Ideally, users are then only presented with ads that correspond to their potential interests. The Google Remarketing Services allow us to technically implement this and to display advertisements for our website and/or products and services on other websites in a more targeted manner.

For this purpose, Google program code is used when our or other websites on which Google remarketing services are active are accessed and so-called "web beacons" (invisible graphics) are integrated into the website. In addition, individual cookies are placed on the user's device. These cookies record which websites the user has opened, what content they are interested in and which ads they have clicked. Furthermore, technical information about the browser and operating system, referring websites, visit time and other information about the use of the website are stored. The IP address of the users is also recorded. Within the framework of Google Analytics, however, the IP address within member states of the European Union or in other signatory states to the Agreement on the European Economic Area is shortened and only in exceptional cases completely transferred to a Google server in the USA and shortened there. The above data can also be linked by Google with data from other sources. If the user subsequently visits other websites, ads tailored to their interests will be displayed.

User data is processed pseudonymously within the framework of Google Remarketing Services. This means that Google does not process personal data such as the user name or email address, but only cookie-related data within pseudonymous user profiles. In this respect, from Google's point of view, the data is not managed and displayed for a specifically identified person, but only for the device on which the respective cookies are located. If a user has expressly permitted Google to process the data without being pseudonymised, the above does not apply. The collected data is then transmitted to Google and stored on Google servers in the USA.

We use the online advertising program "Google AdWords" for remarketing. Here, a dedicated "conversion cookie" is set for each AdWords customer by Google, including us. The information collected using this cookie is used to generate conversion statistics for us as AdWords customers. This tells us the total number of users who clicked on our ads and were redirected to our conversion tracking tagged page. However, we do not receive any information that personally identifies users.

Further information on the use of data by Google can be found at https://www.google.com; Google's privacy statement can be accessed at https://www.google.com/policies/privacy

If you wish to object to interest-based advertising by Google, you can use the "opt-out" options provided by Google: http://www.google.com/ads/preferences.

 

 

Range of services

Based on our legitimate interests within the meaning of Art. 6 para. 1f GDPR, i.e. our interest in an optimal website, we use services from third-party providers on our website. The IP address of the user is transmitted to these third party providers. The IP address is technically required for the contents to be displayed. Third-party providers can use so-called web pixels (invisible graphics, also known as "web beacons") for evaluation or marketing purposes. The web pixels allow information such as visitor traffic to be evaluated. The third party providers can store information in cookies on the user's device.

We use the following third parties on our website:

  • External fonts from Google, LLC, https://www.google.com/fonts ("Google Fonts"). The integration of the Google Fonts takes place via a server call with Google (usually in the USA). Privacy Policy: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated.
  • “Google Maps" maps from third-party provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
  • “YouTube" videos from third-party provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated.
  • We use the live chat of Zendesk (Zendesk Chat). The provider is Zendesk Inc, ("Zendesk"), 1019 Market St, San Francisco, CA 94103, USA. Cookies are used to enable the functionality of the chat. You may refuse the use of cookies by selecting the appropriate settings on your browser. When the chat window is opened, a connection to Zendesk's servers is established. Your IP address will be transmitted and stored. All data collected in connection with the chat (e.g. date and time of the request, name of the specifically accessed website, access status/HTTP status code, referrer URL (previously visited page), browser type and version) is stored exclusively on Zendesk's European servers. The chat history will be deleted by us after four weeks at the latest. If you send us job application documents via chat tool, they will be downloaded and saved for the application process. If no employment contract is entered into, the application documents will be deleted after six months. For further information, please refer to Zendesk's privacy policy: https://www.zendesk.de/company/customers-partners/privacy-policy