We are delighted about the visit of our website. We would like to inform you below about the processing of your personal data on our website.
devicenow GmbH
Franz-Beer-Straße 111
88250 Weingarten Germany
E-mail: info@devicenow.com
DDSK GmbH
Eva Schmidt
Dr.-Klein-Str. 29
88069 Tettnang
Contact:
E-mail: dataprotection@devicenow.com
The special terms used in this privacy policy are to be understood as legally defined in Art.4 GDPR.
The terms "user" and "website visitor" are used synonymously in our privacy policy.
Recipients of data are named in our privacy policy under the respective category/heading.
The categories of data subjects are website visitors and other users of online services.
Our website can be visited without actively providing personal information about the user. However, every time our website is accessed, we automatically store access data (server log files), such as the name of the internet service provider, the operating system used, the website the user visited us from, the date and duration of the visit and the name of the file accessed, as well the IP address of the device used (for security reasons, such as to recognise attacks on our website) for a period of 7 days. This data is not merged with other data sources. We process and use the data for the following purposes: provision of the website, prevention and detection of errors/malfunctions, and the abuse of the website.
Data categories: Meta and communication data (e.g. IP address, date and time of access, time, type of HTTP request, website from which access is made (referrer URL), browser used and, if applicable, operating system of the accessing computer (user agent))
Purpose of the processing: Prevention and detection of errors/malfunctions, detection of abuse of the website
Legal basis: Legitimate interest according to Art. 6 para. 1 lit. f) GDPR
Legitimate interests: Fraud prevention to detect abuse of the website
We use cookies on our website to enable the use of the basic functions on our website and to provide the service requested by the user. Cookies are a standard Internet technology for storing and retrieving information for website users. Cookies represent information and/or data that can be stored on the user's end device, for example. With classic cookie technology, the user's browser is instructed to store certain information on the user's device when a specific website is accessed.
Strictly required cookies are used to provide a telemedia service expressly requested by the user, e.g:
Some of the cookies used (session cookies) are erased after the end of the browser session, i.e. after closing the browser.
Cookies can be erased by users afterwards to remove data that the website has stored on the user's computer.
The data processing described may also relate to information that is not personal but constitutes information within the meaning of the TDDDG. In these cases, this information may be necessary for the use of an expressly requested service and may therefore be stored in accordance with Section 25 TDDDG.
Opt-Out:
Firefox:
https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen
Google Chrome:
https://support.google.com/chrome/answer/95647?hl=de
Microsoft Edge:
Opera:
https://help.opera.com/en/latest/security-and-privacy/
Safari
https://support.apple.com/de-de/HT201265
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR in conjunction with § 25 para. 2 no. 2 TDDDG), consent (Art. 6 para. 1 lit. a) GDPR in conjunction with § 25 para. 1 TDDDG
Legitimate interests: Storage of opt-in preferences, ensuring the functionality of the website, maintaining user status across the entire website
Beyond the required scope, user data may be processed by cookies, similar technologies or application-related technologies, e.g. for the purpose of (cross-website) tracking or personalized advertising etc.. Data may be transmitted to third-party providers. The storage and further processing of user data that is not necessary to provide the telemedia service, is then carried out on the basis of consent within the meaning of Art. 6 para. 1 lit. a) GDPR (if applicable in conjunction with § 25 para. 1 sentence 2 TDDDG).
We use a consent management procedure on our online offering in order to be able to prove, store and manage the consent granted by our website visitors in accordance with the requirements of the GDPR. The consent management platform used helps us to identify all cookies and tracking technologies and to control them based on the consent status. At the same time, visitors to our website can use the consent management service we have integrated to manage the consents and preferences granted (optional setting of cookies and other technologies that are not required) or revoke consent at any time using the button.
The status of the consent is stored on the server and/or in a cookie (so-called opt-in cookie) or a comparable technology in order to be able to assign the consent to a user or their device. The time of the declaration of consent is also recorded.
Data categories: Consent data (consent ID and number, time consent was given, opt-in or opt-out), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Fulfillment of accountability, consent management
Legal basis: Legal obligation (Art. 6 para. 1 lit. c) GDPR in conjunction with Art. 7 GDPR)
Manage consent/revocation: https://devicenow.com/#gdpr_cookie_modal
Recipient: CookieYes Limited, 3 Warren Yard Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, UK
Third country transfer: Based on the adequacy decision of the European Commission for the country United Kingdom
Privacy policy: https://www.cookieyes.com/privacy-policy/
Recipient: Moove Agency Ltd, 20 Wenlock Road, London, N1 7GU, United Kingdom | Company registration number: 07291892
Third country transfer: Does not take place.
Privacy policy: https://www.mooveagency.com/privacy-policy/
Our website is hosted by an external service provider. Data of visitors to our website, in particular log files, are stored on the servers of our service provider. By using a specialized service provider, we can provide our website efficiently. The hosting provider we use does not process the data for its own purposes.
We also use a Content Delivery Network (CDN) to deliver the content of our website more quickly. When visitors access graphics, scripts, or other content, these are provided efficiently and in an optimized manner through regionally and internationally distributed servers. When retrieving such data, a connection is established with the servers of a CDN provider, during which personal data of visitors to our website is processed, such as the IP address and browser data.
Data categories: User data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses)
Purposes of the processing: Correctly presentation and optimization of the website, faster and location-independent accessibility of the website,
Legal basis: Consent (Article 6 paragraph 1 letter a GDPR); legitimate interests (Article 6 paragraph 1 letter f GDPR)
Legitimate interests: Prevention of unplanned availability time, high scalability, reduction of the bounce rate on the website
Recipient: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen
Legal basis: Legitimate interests (Article 6 paragraph 1 letter f GDPR)
Third country transfer: Does not take place.
Privacy policy: https://www.hetzner.com/legal/privacy-policy/
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Legal basis: Consent (Article 6 paragraph 1 letter a GDPR)
Third country transfer: Based on the adequacy decision of the European Commission for the United States of America
Privacy policy: https://policies.google.com/privacy?hl=en-US
Recipient: Cloudflare Inc. 101 Townsend St, San Francisco, CA 94107, USA
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Third country transfer: The recipient is a participant in the Data Privacy Framework. Additionally, standard contractual clauses were agreed upon, including supplementary measures and a risk assessment for the third country transfer.
Privacy policy: https://www.cloudflare.com/de-de/privacypolicy/
Note: This service is only used after prior consent has been provided via our consent management tool.
We have commissioned a web agency to provide support and advice for services and applications on our website. This agency supports us in all activities related to the design and functionality of our website. In this context, the web agency selected by us receives the access data for our website in order to make necessary adjustments and changes, such as the design of forms or other programming activities.
The web agency also supports us in maintaining and managing our social media accounts, our content management system and our accounts with search engine providers.
Access to personal data, such as data from forms or log data of website visitors, cannot be ruled out. The web agency therefore acts as a processor for us and only acts on our instructions. Data is not processed for any other purpose.
Data categories: Usage data (e.g. access times), Meta and communication data (e.g. device information, IP addresses), Contact data (e.g. email address), Content data (e.g. text information), Analysis data from social media accounts (e.g. anonymized statistics)
Purposes of processing: Support for web analysis and optimization, analysis of user behavior on the website (website interaction) for web optimization and reach measurement, checking the utilization of the website
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: Support and assistance with website maintenance through high level of technical expertise, efficiency through outsourcing
Recipient: Interactive Agency Proformat, 5 Januszowicka Street, 53-125 Wrocław, Poland, VAT-ID: 8943121626
Third country transfer: Does not take place.
Privacy policy: https://www.proformat.pl/polityka-prywatnosci/
We use technologies on our website aimed at optimizing its display. These are used to improve the loading times of the website in general, as well as on frequently visited pages. Performance optimization is also used to distribute traffic evenly across multiple servers, thereby enhancing server performance. User behavior is analyzed to identify bottlenecks. By storing user settings and preferences, the website can respond more quickly to individual needs and provide a personalized user experience.
Data categories: Usage data (e.g. websites visited, interest in content, access times), demographic characteristics (e.g. age, gender), meta and communication data (e.g. device information, anonymized IP addresses, location data), contact data (e.g. e-mail address), content data (e.g. text details)
Purposes of processing:Optimization of the user experience
Legal basis:Consent (Art. 6 para. 1 lit. a) GDPR)
Provider: webhoster.de AG, Zum Haunert 22, 59519 Möhnesee
Recipient: No data is transferred to third parties
Provider: OnTheGoSystems Limited, 22/F 3 Lockhart Road, Wanchai Hong Kong
Third country transfer: Does not take place, the tool is implemented on our servers.
We use tools on our website to analyze user behavior and measure reach. These tools collect information about users’ interactions, interests, or demographic characteristics in order to identify areas of the website that may require improvement (e.g. placement of forms or call-to-action buttons).
In addition, we analyze click and scroll behavior to determine when and where our website, its features, or content are most actively used.
This data collection is enabled by specific technologies (e.g. cookies), which are stored on users’ devices through client-side tracking when visiting our website. Each visitor is assigned an identification number (ID), which is stored in a pseudonymized user profile. IP addresses are anonymized and the storage duration of cookies is limited.
We do not process any plain personal data (e.g. name or email address) for this analysis. All activities serve statistical purposes only, to enhance the user experience and improve our online presence.
Data categories: Usage data (e.g. visited pages, interest in content, access times), demographic characteristics (e.g. age, gender), meta and communication data (e.g. device information, anonymized IP addresses, location data), contact data (e.g. email address), content data (e.g. text entries)
Purposes of processing: Performance evaluation and goal tracking for all online activities, website optimization (interaction, reach, lead generation, conversions), analysis of server load, revenue enhancement, budget efficiency
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Note: This data is collected only after users have given their consent via our consent management tool.
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR);
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://policies.google.com/privacy?hl=en-US
Recipient: HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA
Legal basis: legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://legal.hubspot.com/de/privacy-policy
Recipient: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland
Third country transfer: The recipient is a participant in the Data Privacy Framework. Additionally standard contractual clauses Have been signed.
Privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
Recipient: Hotjar Ltd., Level 2, St. Julians Business Centre, 3 Elia Zammit Street, St. Julians STJ 1000, Malta
Third country transfer: does not take place
Privacy policy: https://www.hotjar.com/legal/policies/privacy
Recipient: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement
We use search engine marketing methods. Search engine marketing includes all measures that are suitable for improving the visibility of our website in the organic or non-organic search results of search engines, increasing our reach and through there increasing traffic (visitor traffic) to our website. We can also use search engine marketing to generate new prospects (leads). The search engine provider sells us advertising space on the search engine results page or on websites of partners of the search engine providers.
The ads can therefore be displayed on various external platforms or websites. The ads are displayed to users in the form of text, display or video ads.
We create a campaign for search engine advertising via our tracking tool and store various dimensions to be collected by the search engine provider, e.g. user location, device information and target groups (demographic characteristics). This enables us to gain further insights into the interests in our content/products and, if necessary, to recognize trends.
The process is implemented using a cookie or similar technology. When a visitor visits our website or searches for a specific keyword within the search engine used (e.g. Google), a cookie or similar technology is set on the website visitor's end device. This data may include, for example, user locations and device information, which is transmitted to the search engine provider's server. The search engine provider aggregates this data and makes it available to us automatically in the form of a statistical analysis via a dashboard in our account with the search engine provider.
The statistics provide us with information about which of our ads were clicked on, how often and at what prices, and if our marketing measures led to an event (e.g. downloading a PDF or playing a video) or a conversion (e.g. purchase of a product or registration on our website). The evaluation serves to analyze the success of our online activities. Each click on our ad incurs costs, which are then recorded in our tracking tool via a platform or website. The recording is used for budget and success control. We cannot identify individual users on the basis of this information.
Note:
Website visitor data (e.g. name and e-mail address) can be assigned directly if they are logged into their account with the search engine provider. If assignment via the profile is not desired, the website visitor must log out of the search engine provider before visiting our website.
Data categories: User and interaction data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, anonymized IP addresses), location data if applicable, contact data (e.g. email addresses)
Purposes of processing: Increase in sales and reach, conversion measurement, target group formation, identification of trends for the development of marketing strategies
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR )
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://policies.google.com/privacy?hl=en-US
Recipient: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement
Recipient: HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA
Legal basis: legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://legal.hubspot.com/de/privacy-policy
We have a company profile on social networks and career platforms to increase our visibility among potential customers and interested parties and to make our company visible to the public.
Social networks help us to increase our reach and actively promote interaction and communication with users. Social media activity and communication is very important in attracting new customers and employees. Social media and the website can be used to share relevant information about our company, publish events and communicate important short-term announcements and job postings. They also help us to communicate quickly and easily with users.
Social media platform operators create user profiles based on user behavior, for example by listing interests (likes, shares). These are used to adapt advertisements to the interests of target groups. When users are active on social media channels, cookies or other technologies are regularly stored on users' end devices, in some cases regardless of whether they are registered users of the social network.
Insights (statistics)
The data evaluated from the social media platform operators is provided to us in the form of anonymized statistics, which means that it no longer contains any personal data of users. We can use the statistics to see, for example, how often and at what time our social media profile was visited. It is currently not possible for fan page operators to deactivate this function. We therefore have no influence on the extent to which data is processed by social media platforms.
Data categories: User names (e.g. surname, first name), contact data (e.g. e-mail address), content data (e.g. text details, photographs, videos), usage and interaction data (e.g. websites visited, interests, likes, shares, access times), meta and communication data (e.g. device information, IP address, location data if applicable)
Purposes of the processing: Increasing reach, awareness-raising activities, rapid networking
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR), consent (Art. 6 para. 1 lit. a) GDPR)
Legitimate interests: Interaction and communication on social media presence, profit increase, insights about target groups, leads generation
Recipient: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR),
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://www.linkedin.com/legal/privacy-policy
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer (link – if available)
Privacy policy: https://policies.google.com/privacy?hl=de&gl=de
We use our social media channels to advertise our products and services. Our aim is to reach a broad community that we cannot reach via traditional advertising channels, e.g. offline marketing (e.g. flyers). The social media advertising is shown to users in the form of text, display or video ads on their social media channels.
Targeting
As part of our social media channels, we use targeting methods to track some user activities (interactions) to ensure that our ads are delivered to specific target groups. We use the procedures and technologies of various social media providers. One common technology is the pixel.
We install this pixel in the source code of our website. This ensures that user navigation is recorded. When users interact with our website or our ad on social media, the pixel records the people and the actions they take (e.g. clicks on ads, bounces on websites) and saves which pages and subpages have been accessed.
Products and services in our ads that have been viewed but not purchased are analyzed using existing technologies. We use these insights to display real-time and behavior-based advertising to potential customers on different social media platforms. The aggregated data transmitted by the social media provider enables us to determine the success of our advertisements (conversion measurement). This allows us to track if our marketing measures led to a event (e.g. downloading a PDF or playing a video) or a conversion (e.g. purchase of a product or registration on our website). The evaluation can be viewed in the form of statistics in our tracking tool and is used to analyze the success of our online activities (success control).
Data categories: Usage and interaction data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP address, location data if applicable)
Purposes of the processing: Expansion of reach, reach analysis and statistical evaluations
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Recipient: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://www.linkedin.com/legal/privacy-policy
We have integrated content and functions from third-party providers into our website. These include, for example, videos, media elements, buttons, or contributions (hereinafter referred to as “content”).
When this third-party content is accessed by website visitors (e.g. by clicking or playing media), information and data are collected and linked to the visitor’s device using cookies or other technologies (e.g. pixels, JavaScript commands, or WebAssembly). This data is then transmitted to the server of the respective third-party provider.
The provider thereby receives usage and interaction data from the website visitor and makes this available to us in the form of anonymized statistics via a dashboard. The statistics we receive do not contain any directly identifiable personal data.
Without this processing activity, loading and displaying such third-party content would not be possible.
To protect the personal data of our website visitors, we have implemented safeguards to prevent the automatic transmission of data to third-party providers. Data is only transmitted once users actively use the buttons or click on the third-party content.
Data categories: Usage data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, anonymized IP address)
Purposes of processing: Sharing posts and content, interest- and behavior-based marketing, statistical evaluation, cross-device tracking, increasing reach on social media
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Third-country transfer: The recipient participates in the Data Privacy Framework. In addition, standard contractual clauses have been agreed upon.
Privacy policy: https://policies.google.com/privacy?hl=en-US
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Legal basis: Consent (Article 6 paragraph 1 letter a GDPR)
Third country transfer: Based on the adequacy decision of the European Commission for the United States of America.
Privacy policy: https://policies.google.com/privacy?hl=en-US
Recipient: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, United States of America
Third country transfer: Based on the standard contractual clauses including supplementary measures and a risk assessment for the third-country transfer.
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Third country transfer: The recipient participates in the Data Privacy Framework. In addition, standard contractual clauses have been agreed upon.
Privacy policy: https://policies.google.com/privacy?hl=en-US
By granting consent to the use of YouTube on our website, additional cookies will be set. These include, among others, Google Fonts, Google Play, and Google APIs.
Affiliate partners (website operators and publishers):
We participate in an affiliate program and promote our own products and services through advertisements (e.g. text or banner ads) placed on the websites of our advertising partners (so-called “affiliate partners”). This helps us increase sales and expand our reach beyond our own website.
The affiliate tracking code may include various tracking technologies, such as URL tracking, session tracking, cookies, or pixel tracking. This tracking code is activated when a website visitor clicks on an advertisement and completes a specific action (conversion) on our website — for example, making a purchase or clicking a button.
If such a conversion occurs, the affiliate partner receives a commission from us. The tracking enables us and, if applicable, the affiliate network to attribute the conversion to the correct advertising partner and process the commission payment.
Data categories: Usage data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP address), conversion data (e.g. clicks, purchases, payment details), and possibly user data (e.g. basic information, address data)
Purposes of processing: Revenue generation, expansion of reach, performance analysis and statistics, commission payouts
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Third-country transfer: The recipient participates in the Data Privacy Framework. Additionally, standard contractual clauses have been agreed upon.
Privacy policy: https://policies.google.com/privacy?hl=en-US
Recipient: 6Sense Insights, Inc., 450 Mission Street, Suite 201, San Francisco, CA 94105, USA
Third-country transfer: Based on standard contractual clauses including additional safeguards and a risk assessment for the third-country transfer.
Privacy policy: https://6sense.com/privacy-policy/
Recipient: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, United States of America
Third country transfer: Based on the standard contractual clauses including supplementary measures and a risk assessment for the third-country transfer
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement
We offer our customers the opportunity to use our online store on our website to purchase our products.
We collect the data required from users and buyers for the initiation and execution of the contract.
If users visit our online store and place items in their shopping cart, cookies are stored on the user's device to ensure that the items remain in the shopping cart until the order process is completed. During the process, no data is transferred to third parties via cookies. Also, we have not integrated any third-party elements via the shopping cart function.
Users or customers receive an automatically generated e-mail from us after completion of the order process, which confirms the successful completion of the order. We may inform our customers separately by e-mail about the status of their order (e.g. expected delivery date).
Direct marketing
In addition, customers who have ordered via our online store, receive advertising or discounts tailored to their interests by email. The e-mail is sent separately and independently of the order process. Our customers can object to receiving advertising at any time. The unsubscribe link in our email can be used for this purpose.
After completion of the order process, we pass on user data to third parties who assist us in processing the order. In addition, it may be necessary to pass on data to third parties after the order process if we are legally obliged to provide certain data.
Data categories: Master data (e.g. name, address, country), contact data (e.g. e-mail address), contract data (e.g. order history, payment data and means of payment), meta and communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in products/services, access times), returns data (e.g. details of the item, processing request)
Purposes of processing: Contract initiation and execution, interest-based advertising, analyzing interactions to improve targeted marketing
Legal basis: Contract initiation and performance (Art. 6 para. 1 lit. b) GDPR), legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: Operational efficiency improvement, generate leads and increasing sales
Recipient: HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA
Legal basis: legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://legal.hubspot.com/de/privacy-policy
If we are providing or rendering services ahead of payment, we reserve the right to carry out an identity/credit check. To do so, we make use of certain service providers who usually assess the risk to us using mathematical and statistical procedures.
Using the results given to us by the service provider in question. In the event of a negative credit check, we reserve the right to refuse certain payment types or other types of services rendered ahead of payment.
Data categories: Master data (e.g. name, addresses), payment data (e.g. bank details, invoices, payment history), contact data (e.g. e-mail address, telephone number), contract data (e.g. subject matter of contract, term), creditworthiness data (incl. scoring values)
Purposes of processing: Avoidance of payment defaults and reduction of the default rate of payments, reduction of our credit risk
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: Financial protection, protection against payment defaults, reduction of creditor risk, profit generation
Recipient: ClariLab GmbH & Co. KG, Platz der Einheit 2, 60327 Frankfurt
Third country transfer: Does not take place.
Privacy policy: https://kycnow.de/en/privacy-policy/
On our online offering, we offer the option of contacting us directly or requesting information via various contact options. We use a CRM-System for these enquiries so that we always have an overview of contact that has been made with us.
In the event of contact being made, we process the data of the person making the enquiry to the extent necessary for answering or handling their enquiry. Which data is processed depends on the way in which contact is made with us.
Data categories: Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text input, photographs, videos), usage data (e.g. interests, access times), meta and communication data (e.g. device information, IP address).
Purposes of processing: Processing requests
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR), fulfillment or initiation of a contract (Art. 6 para. 1 lit. b) GDPR)
Recipient: HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country transfer
Privacy policy: https://legal.hubspot.com/de/privacy-policy
We make use of the opportunity to hold online conferences, meetings and/or webinars. To do so, we use offerings provided by other carefully selected providers. When actively using offerings of this nature, data regarding the participants in the communication is processed and stored on the servers of the third-party services used, provided this data is necessary for the communication process. When selecting providers, we ensure that communication via the selected services is end-to-end encrypted.
Data categories: Master data (e.g. surname, first name), contact data (e.g. e-mail address), content data (e.g. text input), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Processing of enquiries, increasing efficiency, promoting cross-company and cross-location cooperation
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Recipient: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin
Third country transfer: On the basis of the standard contractual clauses including additional measures and risk analysis for the third country
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement
We transfer the personal data of website visitors for internal purposes (e.g. for internal administration or to the HR department in order to comply with legal or contractual obligations). Internal data transfer or the disclosure of data only occurs to the extent necessary, under the pertinent data protection provisions.
It may be necessary for us to disclose personal data in order to perform contracts or to fulfill a legal obligation. If we are not receiving the personal data, it may not be possible to conclude the contract with the data subject.
If your data is processed outside the EU/EEA, in third countries (e.g. USA), we ensure that the legal requirements of Art. 44 et seq. GDPR are fulfilled. We take additional measures to ensure the highest possible level of protection for the personal data of data subjects. The guarantee applicable to the transfer to third countries is specified in our privacy policy under the respective recipients.
We are a part of a company group headquartered in Germany. The data of website visitors is stored in our central customer database in Germany, in compliance with the relevant data protection regulations, and is processed in this context throughout the Group for internal administrative purposes. Processing beyond administrative purposes does not take place.
HR and IT affaires are forwarded to our mother company. Legal regulations such as DPAs according to Art. 28 GDPR have been taken.
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: supporting management and administration within the company group to make use of synergy effects, cost savings, in-creased efficiency
Recipient: Hemmersbach GmbH & Co. KG, Sulzbacher Str. 9, 90489 Nürnberg, ,Germany
Privacy policy: https://www.hemmersbach.com/information/privacy-policy
Recipients of personal data may act as data processors. We have concluded "data processing agreements" with them in accordance with Art. 28 para. 3 GDPR. This means that the processors may only process your personal data on explicit instruction. Processors take adequate technical and organizational measures to process your data securely and in accordance with our instructions.
In principle, we store the data of visitors to our online offering for as long as needed to render our service or to the extent that the European body issuing directives and regulations or another legislator stipulates in laws and regulations to which we are subject. In all other cases, we delete personal data once the purpose has been fulfilled, with the exception of data that we need to continue to store to comply with legal obligations (e.g. if retention periods under tax law and trade law require us to keep documents such as contracts and invoices for a certain period of time).
Storage period for required cookies: 365 days.
Storage period for non-essential cookies/technologies:
_gat - 1 minute
_gid - 24 hours
_ga - 2 years
We do not use automated decision-making or profiling in accordance with Art. 22 GDPR.
The relevant legal bases are primarily arise from the GDPR. They are supplemented by national laws of the member states and can, if applicable, be applied alongside or in addition to the GDPR.
Consent: Art. 6 para.1 lit. a) GDPR serves as the legal basis for data processing activities for which we have obtained consent for a specific processing purpose.
Performance of a contract: Article 6 (1) (b) serves as the legal basis for processing re-quired to perform a contract to which the data subject is a contractual party or for taking steps prior to entering into a contract, at the request of the data subject.
Legal obligation: Article 6 (1) (c) GDPR is the legal basis for processing that is required to comply with a legal obligation.
Vital interests: Article 6 (1) (d) GDPR serves as the legal basis if the processing is necessary to protect the vital interests of the data subject or another natural person.
Public interest: Article 6 (1) (e) GDPR serves as the legal basis for processing that is necessary to perform a task in the public interest or to exercise public force that is transferred to the controller.
Legitimate interest: Article 6 (1) (f) GDPR serves as the legal basis for processing that is necessary to protect the legitimate interests of the controller or a third party, provided this is not out-weighed by the interests or fundamental rights and funda-mental freedoms of the data subject that require personal da-ta to be protected, particularly if the data subject is a child.
Right to information: Pursuant to Art. 15 GDPR, data subjects have the right to request confirmation as to whether we are processing data concerning them. They can request information about this data as well as the further information listed in Art. 15 para. 1 GDPR and a copy of their data.
Right to rectification: Pursuant to article 16 GDPR, data subjects have the right to request that data relating to them, and that we process, be rectified or completed.
Right to erasure: Pursuant to article 17 GDPR, data subjects have the right to request that data relating to them be erased without delay. Alternatively, they can request that we restrict the processing of their data, pursuant to article 18 GDPR.
Right to data portability: Pursuant to article 20 GDPR, data subjects have the right to request that data made available to us by them be provided and transferred to another controller.
Right to lodge a complaint: In addition, data subjects have the right to lodge a complaint with the supervisory authority responsible for them, under ar-ticle 77 GDPR.
Right to object: If personal data is processed on the basis of legitimate inter-ests pursuant to article 6 (1) (1) (f) GDPR, under article 21 GDPR data subjects have the right to object to the processing of their personal data, provided there are reasons for this that arise from their particular situation or the objection relates to direct advertising. In the latter case, data subjects have a general right to object that is to be put into effect by us without a particular situation being stated.
Some data processing activities are only possible with the explicit consent of the individuals concerned. You may withdraw any previously granted consent at any time without providing a reason. A simple email to: dataprotection@devicenow.com is sufficient.
Consent for data processing on our website can also be adjusted or withdrawn at any time via our Consent Manager.
The legality of any data processing that occurred prior to the withdrawal of consent remains unaffected.
Our website contains links to the online offerings of other providers. We would like to point out that we have no influence on the content of the linked websites and the compliance with data protection regulations by their providers.
We reserve the right to amend this information on data protection, in compliance with the applicable data protection provisions, if changes are made to our online offering so that it complies with the legal requirements.
At devicenow, we value transparency and compliance with data protection laws. To ensure you are fully informed, we provide detailed information about how we process personal data for employees, job applicants, and our business partners. Please find the relevant documents available for download below.
Information Obligations for Applicants
Information Obligations for Employees
This privacy policy was drawn by
DDSK GmbH
www.ddsk.de
