2. What do we use your personal data for, on what legal basis and for how long?
2.1 Your enquiries
Should you submit enquiries to us via a contact form or per email, we process the information given therein to answer your query as well as the IP address and date/time of the request in order to avoid misuse of the contact form.
The legal basis for the processing is our legitimate interest pursuant to Art. 6 (1) letter f GDPR in providing you with the respective service you requested (e.g. request for contact). If your query concerns the initiation or processing (including customer service or warranty) of a contract, the additional legal basis for the processing is Art. 6 (1) letter b GDPR.
You may oppose the processing of your data on grounds of Art. 6 (1) letter f GDPR. In this case, upon proving mandatory reasons for the processing we can continue the processing. This can, in such case, be particularly necessary in order to prove past queries and communications with you. If no such mandatory reasons exist, we will cease our communication with you and delete already collected data.
This data will be deleted when our communication with you or the respective relationship established by your enquiry has ended, i.e. when the factual situation at issue has been conclusively clarified and no further legitimate interest exists for the storage, respectively no further statutory obligations exist to store such data.
2.2 Advertising and product development (user data, newsletters, etc.), right to object
We also wish to use the data entered by you in any event or collected during your use of the websites to inform you about products and services relating to the product range (“Quality Execution System”) (advertising) or to improve our product offers and services (product development).
2.2.1 Anonymised usage data
We use the anonymized and/or aggregated data to be able to understand the surfing behavior of all visitors and therewith improve the design of our website and of our product range in general.
2.2.2 Personalized and pseudonymized usage data
Moreover, we use your usage data to understand your surfing behavior and thereby improve the offers displayed to you and to offer personalized information.
2.2.3 Direct marketing
On our website, you may subscribe to our newsletter, which is free of charge. The data collected upon subscription will be processed (the data provided in the mandatory fields are indispensable for receipt of the newsletter, data in the voluntary fields only serve the purpose of a more personalized contact and selection of the displayed information).
We will contact you by email with information, offers and promotional offers regarding Services that are personally tailored to you and your interests and use, either on the basis of your express consent, or – if you have previously acquired similar products or services and in this context have provided your email address – also without separate consent. In this context, we will also process data on your user conduct after we have sent you emails (e.g. click behavior).
By telephone, we will only contact you with your respective express consent with information, offers and promotional offers regarding Services that are personally tailored to you and your interests and use.
Also without consent, we may inform you where appropriate within the legally permissible scope by written mail advertising of Services.
You may at any time wholly or partially object to the creation of pseudonymized data, the use of your personal data for advertising and product-development purposes as well as the ensuing contact for such purposes in a specific form or may revoke any consents you may have granted. Please use the corresponding functions that are already provided for your use (e.g. the unsubscribe function in your personal customer account) or address a corresponding written notification (reference: data protection) or email to the contact details given in clause 9.
The legal basis for the processing is your consent (Art. 6 (1) letter a GDPR) and our legitimate interests (Art. 6 (1) letter f GDPR, where applicable in connection with Sec. 7 para. 3 German Unfair Competition Act (UWG).
This data will be deleted by us following your objection, respectively revocation of any consents given, or otherwise upon the end of your use at the latest, respectively it will only be stored in aggregated, anonymized form. To the extent necessary, we will store the fact that you have objected in order to prevent you being contacted further.
2.3 Provision of the website and rendering of services
The processing of the server log data is necessary for technical reasons in order to provide the website and render the services and thereafter to ensure the system security.
The legal basis for the processing is our legitimate interest in providing the website with our services (Art. 6 (1) letter f GDPR). The processing is a mandatory prerequisite for the use of our website; no objection right is hence available.
This data is deleted after 14 days at the latest.
The server log data may then be assessed in anonymized form for statistical purposes and to improve the quality of our internet presence. There is no link between the server log data and your personal data nor is the server log data combined in any way with other personal data sources.
3. Transfer of the data
3.1 Transfer of data to data processors
We partially use service providers, in observance of the statutory requirements, by means of data processor relationships, i.e. processing is performed on the basis of a respective contract, for our account, according to our directions and subject to our control.
Data processors are, in particular
- technical service providers whose services we retain for the provision of the website, e.g. service providers for software maintenance, data-processing operations and hosting
- technical service providers, whose services we retain for the provision of functionalities, e.g. technically required Cookies.
- service providers for the practical execution of advertising and marketing measures, e.g. service providers for email distribution.
In such cases we remain responsible for the data processing; the transfer and processing of personal data to or by our data processors is made on the legal basis upon which we are permitted to process data in each case. No separate legal basis is required.
3.2 Data transfer to third parties
We partially also transmit your data to third parties, i.e. partners with whom we collaborate outside of a contracted processing. Such partners render their services on their own responsibility; the processing of your data by our partners is exclusively governed by the data protection notices of such third party.
3.2.1 Data transfers to other group entities of SMS group GmbH
We may forward your enquiry together with the data specified by you to other responsible SMS group subsidiaries in Germany or other countries whenever this may be required to answer your enquiry (e.g. because your enquiry refers to a business transaction or quotation from another country). The legal basis for the transfer is the performance of a service requested by you, Art. 6 (1), letter b GDPR, and/or our legitimate interest to answer your enquiry, Art. 6 (1), letter f GDPR.
Please note that this may, depending on your enquiry, involve a transfer or your personal data to countries outside the European Economic Area that do not necessarily provide the same level of data protection. We have ensured an adequate level of protection by signing the EU model clauses (Art. 46 (2) GDPR), and you may get a copy of the relevant parts from the contact person named in clause 8.
3.2.2 Logistic enterprises
In order to transport any materials, etc., that you may have ordered, we transmit your address and contact details, to the extent necessary, to parcel transportation enterprises. The legal basis for the transfer is the performance of the contract with you, Art. 6 (1) letter b GDPR.
3.2.3 Social networks
To the extent you want to share one of our websites in a social network (e.g. Facebook or Twitter) and for this purpose click one of the “share” buttons, the respective information will be transferred to the social network. Of course, you have to be logged into the respective social network. The legal basis for the transfer is our legitimate interest to provide you with the opportunity to “share”, Art. 6 (1) letter f GDPR.
4.1 What are Cookies?
We use so-called “Cookies” to fashion our website in a most user-friendly way. Cookies are small files stored on the user’s device. They allow the storage of information for a determinate period of time and the identification of the user’s device. For this purpose, also tracking-pixel might be used that are not stored on the user’s hard drive, but that may in the same way help to recognize a user’s device. When using the term “Cookie”, this refers to Cookies in the technical sense as well as tracking pixel and other technologies.
4.2 What Cookies do we use on what legal basis and for how long?
On this website we use only one type of Cookies: Cookies required for technical purposes, without which the functionality of our website would be reduced.
The legal basis for this processing is our legitimate interest (Art. 6 (1) lit f GDPR).
These Cookies are specifically set for individual sessions and expire when you leave the website and end the session.
4.3 How can I deactivate Cookies?
If you wish to generally deactivate analytics, targeting and advertising Cookies, you may deactivate individual Cookies by clicking on one of the links in the above table (opt out). Finally, you may prevent the use of any Cookies whatsoever by adjusting the settings in your browser accordingly. We wish to point out, however, that in such case the functionality of our website will be reduced, if Cookies required for technical purposes are also blocked.
For further information on Cookies and individual providers, you may e.g. refer to www.youronlinechoices.com, where you may also object to usage-based online advertising via certain or any tools. Click here to be forwarded directly to the preferences manager.
We use links to other internet presences of us on websites and services of third parties, e.g. to social media channels such as Facebook, Twitter or YouTube. These third parties are exclusively responsible for the data processing by such other service providers on their websites and their data protection notices apply.
We and our service providers take technical and organizational security measures to protect your personal data managed by us against accidental or deliberate manipulation, loss, destruction or access by unauthorized persons. Our data processing and our security measures are improved on a constant basis according to the technical developments.
During the transfer of your personal data to us it is encrypted with Secure Socket Layer (SSL). Personal data which is exchanged between you and us or other participating enterprises is fundamentally transmitted via encrypted connections which meet the latest technical standards.
Our employees and our retained service providers are naturally obliged to maintain confidentiality.
7. Your rights to information, correction, blocking or deletion
Every natural person whose personal data we process has, in principle (i.e. depending on the respective preconditions), the following rights vis-à-vis us:
- Should you have questions regarding our processing of your personal data, we would be pleased to provide you at any time and at no charge with information on the data stored about you (Art. 15 GDPR).
- You have a right to the correction of incorrect data as well as completion of incomplete data (Art. 16 GDPR).
- You have a right to the blocking/limitation of the processing or to deletion of personal data concerning you which is no longer required or stored on grounds of legal obligations (Art. 17, 18 GDPR).
- You have a right to the transfer of the data in a structured, standard and machine-readable format, insofar as you have provided us with the data on grounds of a consent or contract between us and you (Art. 20 GDPR).
- You have the right to object at any time to the processing of your data for direct marketing purposes (cf. also clause 2; Art. 21 para. 2 and 3 GDPR).
- You have the right to object to a processing on the basis of legitimate interest, in which case we are entitled to demonstrate our compelling reasons (Art. 21 para. 1 GDPR). We have pointed out above (clause 2) in which cases this right applies.
- Insofar as you have consented to a data processing, you can revoke this consent at any time with effect for the future, i.e. the legality of the data processing remains unaffected until the date of the revocation. After a revocation of consent, you may no longer be able to use our services.
Please address your concerns in writing (reference: data protection) or by email to the contact details given in point 8 below. We reserve the right to check your identity to ensure that your personal data is not disclosed to unauthorized persons.
Furthermore, you are entitled to file a complaint with a supervisory authority for data protection.
8. Data protection officer/Contacts
Please send your requests in writing to QuinLogic GmbH, Heider-Hof-Weg 23, 52080 Aachen, Germany, quoting “Data protection”, or email us at firstname.lastname@example.org.
From time to time, the content of this data protection notice may have to be modified. We therefore reserve the right to amend them at any time. We will also publish the amended version of the data protection notice at this place. When you revisit us, you should therefore reread the data protection notice.
Version [●] 2018