You will also receive information about your rights. Data protection is very important to us and we naturally adhere to the applicable data protection regulations, in particular also to the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
For explanations of terms see "IV. Help with data protection terms" may help you. If you have any questions about data protection, you can also contact us using the contact details below.
Responsible for data processing:
22453 Hamburg, Germany
Telephone (head office): +49 (0)40 5700 2014
I. Data processing when you visit our public website and use or platform services (when logged in)
In connection with the visit to our website or when using our platform services which are available to users logged in to their FLETEC account only, we may process personal data. This is done for the purposes and to the extent described below. We only pass your data on to third parties as described below.
You can withdraw or modify your consent to our processing of your personal data by using the cookies bannner when visiting our public website or by configuring your web browser settings to decline cookies. To decline processing of personal data when using our platform services you can deactivate tracking in your account settings.
1.a Provision of our public website
When you visit our public website and you have allowed not necessary cookies we automatically collect, process and share the following data from you with our web analytics partner to improve the functionality of our website:
- Date and time of your access
- Your IP address, shortened (= anonymized, untraceable)
- the address of the website from which you came to us
- Information about your internet browser (browser type and version)
- the operating system of the device with which you access our website
- Your internet service provider
For security reasons, this information may be stored in log files. Log files will be deleted after 7 days. The data in the log files are saved separately from other data.
Longer storage is only necessary in individual cases (e.g. suspected misuse or fraud). In these cases, the respective log files are saved until the facts are clarified and the necessary measures that follow are completed.
The legal basis for the processing of your data for the provision of our website and services is Article 6 paragraph 1 sentence 1 letter f) GDPR. We have a legitimate interest in processing your data so that we can offer you our website in a technically flawless, secure and optimized manner for your needs. The data of the server log files are stored separately from other data.
1.b Provision of our platform services (when logged in)
When you log on to our platform and tracking is activated we collect, process and share the following data from you with our web analytics partner to be able to understand the behavior of our users, so that we can optimize our platform services to your needs:
- Date and time of your access
- Your user ID, hashed (= anonymized, untraceable)
- Information about your internet browser (browser type and version)
- the operating system of the device with which you access our services
- Your internet service provider
You cannot have an user account without submitting your name, email address and a password (not known to us).
For security reasons, this information may be stored in log files. The data in the log files are saved separately from other data.
The legal basis for the processing of your data for the provision of our website and services is Article 6 paragraph 1 sentence 1 letter f) GDPR. We have a legitimate interest in processing your data so that we can offer you our services in a technically flawless, secure and optimized manner for your needs. The data of the server log files are stored separately from other data.
Cookies are small text files that are stored on your device via your internet browser. You can find out more about the term and function of cookies and other data protection and technical terms below under "IV. Help with data protection terms".
When you visit our website or use our platform services, we collect and use data from you so that you can use our website and be enabled to use our platform services. This is provided by necessary technical cookies. Technical cookies are required to collect information to provide a requested service by you as a user. This includes navigation or session cookies that enable navigating and use of website or platform services.
Additionally, we allow our web analytics partner to use analytics cookies on our website and our platform services for web tracking to make your surfing behavior traceable and to better understand the intention of our users. We generally use the most privacy-friendly option, for example by pseudonymizing or anonymizing your data as early as possible.
The legal basis for the processing of your data is Article 6 paragraph 1 sentence 1 letter f) GDPR. We have a legitimate interest in doing web analysis on a pseudonymized basis in order to better understand our users, optimize our website accordingly.
A more detailed description of which services we use and how your personal data will be processed:
On this website we use the web analytics service Google Analytics (with anonymization function) from Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA. The purpose of the Google Analytics component is to analyze how visitors use our website. Google, as our processor, provides us with reports in accordance with Article 28 GDPR, with which we can display and evaluate the activities on our website.
A Google Analytics cookie is saved on the device with which you visit our website. By calling up individual pages of this website, the Internet browser on your device is automatically prompted by the Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google receives knowledge of your personal data, in particular information about the browser type / version, operating system used, the page you visited previously, the host name of the accessing device, IP address and the time of the request, which Google uses, among other things, to trace the origin of visitors and clicks. However, this data will not be merged with other data about you. We also use the function in which the IP address of your Internet connection is automatically shortened by Google and thus made anonymous if our website is accessed from a member state of the European Union or from another contracting state to the Agreement on the European Economic Area. If, in exceptional cases, data is processed outside the EEA, where there is no data protection level corresponding to the European standard, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/PrivacyShield/ApplyNow
Alternatively, you can also use the browser add-on, which you can download and install here: https://tools.google.com/dlpage/gaoptout
The installation of the browser add-on represents a contradiction. If your device is later deleted, formatted or reinstalled, you must reinstall the browser add-on.
You can find further information and the applicable data protection regulations of Google at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under this link: https://www.google.com/intl/de_de/analytics/
We have configured Google Analytics so that the data on which the reports are based are deleted after 26 months at the latest.
3. Contacting us
You have the opportunity to contact us in different ways. This includes, in particular, contacting us by email. The data processing that takes place in the context of contacting us can serve different purposes depending on the content of your message. As a rule, we store and process the data provided in order to be able to process the matter for which you have contacted us.
The legal basis for processing your data when contacting us is Article 6 paragraph 1 sentence 1 letter f) GDPR. We have a legitimate interest in processing your data so that we can offer you quick contact and ensure that your request is processed in a way that is in line with your interests. Something else only applies if the content of your contacts directly serves to carry out a contractual relationship between us. In these cases, we base the processing of your data on Article 6 paragraph 1 sentence 1 letter b) GDPR.
4. Use of our newsletter
We may send newsletters to customers with whom we are in direct contact or who have given us their express approval for this.
The legal basis for the processing of your data when sending our newsletter is your consent in accordance with Article 6 paragraph 1 sentence 1 letter a) GDPR or Article 6 paragraph 1 sentence 1 letter f) GDPR our legitimate interest in processing your data , so that we can notify you of new functionalities of our services, interesting offers and other information.
5. Registration and use of our services
Registration of users and use of our platform's services is arranged in the FLETEC General Terms and Conditions which are made available to Subscribers of our services.
Contact us for more information about using our software and services: email@example.com
6. Use of web analysis services
II. Routine deletion and blocking of data
We only store your data for the period of time necessary to achieve the storage purpose or if this is specified by the European directives and regulations or another legislator in laws or regulations to which we are subject. For Germany, there is in particular an obligation to store data for 6 years in accordance with Section 257 (1) of the German Commercial Code (in particular trading books, inventories, opening balance sheets, annual accounts, commercial letters, accounting vouchers) and for 10 years in accordance with Section 147 (1) tax code (in particular books, records, Management reports, accounting vouchers, commercial and business letters, documents relevant for taxation). If the purpose of storage no longer applies or if a legally prescribed storage period expires, your personal data will be routinely blocked or deleted in accordance with the statutory provisions. Please also note the specific information on individual storage and deletion periods in this data protection declaration.
III. Your rights
As a person affected by data processing (Article 4 No. 1 GDPR), you have numerous rights against us, which we would like to inform you about below. You can also find details on this in Articles 15 to 21 of the GDPR and Sections 32 to 37 BDSG (as of May 25, 2018).
1. Right to information
You have the right to receive information from us as to whether and which data we process about you. This includes, among other things, information on how long and for what purpose we process the data, where these strains come from and to which recipients or recipient categories we pass them on. You can also get a copy of this data from us.
2. Right to rectification
You have the right that we immediately correct any information about you that is wrong or no longer applicable. You can also request the completion of your incomplete personal data. If this is required by law, we will also inform third parties about this correction if we have passed on your data to them.
3. Right to erasure ("right to be forgotten")
You have the right to ask us to delete your personal data immediately if one of the following reasons applies:
- Your data is no longer necessary for the purposes for which it was collected or the purpose has been achieved;
- You withdraw your consent and there is no other legal basis for the processing;
- You object to the processing and there are no overriding legitimate reasons for the processing;
- Your personal data has been processed unlawfully;
- The deletion of your personal data is necessary to fulfill a legal obligation under European Union law or the law of the member states to which we are subject.
Please note that your right to erasure may be restricted by law. These include in particular the restrictions that are listed in Article 17 GDPR and Section 35 of the Federal Data Protection Act (as of May 25, 2018).
4. Right to restriction of processing (blocking)
You have the right to request that we restrict the processing of your personal data if one of the following conditions is met:
- You contest the accuracy of your personal data for a period of time that enables us to verify the accuracy of the personal data;
- the processing is unlawful and you refuse to delete the personal data and instead request that the use of your personal data be restricted;
- We no longer need your personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
- You have objected to the processing as long as it is not certain whether our legitimate reasons outweigh yours.
If you have obtained a restriction of processing according to the above list, we will inform you before the restriction is lifted.
5. Right to withdraw consent
You can revoke your consent given to us at any time with future effect. This revocation can be in the form of an informal notification to the above. Contact addresses are given. If you withdraw your consent, the legality of the data processing carried out up to that point will not be affected. The consequence of a revocation is, as a rule, that you can no longer or not fully use our service, within the scope of which we have asked for your consent.
6. Right to data portability
You have the right to receive personal data that concern you and that you have provided to us in a structured, common and machine-readable format and to transmit this data to others. Details and restrictions can be found in Article 20 GDPR. Exercising this right does not affect your right to deletion.
7. Right to lodge a complaint with the supervisory authority
If you believe that the processing of your data by us violates applicable data protection law, you have the right to lodge a complaint with one of the responsible supervisory authorities, i.e. in particular the Hamburg representative for data protection and freedom of information or the respective supervisory authority in the member state of your residence, your place of work or the place of the alleged data protection violation.
8. Right to object in accordance with Article 21 GDPR
In accordance with Article 21 GDPR, you have the right in particular to object to the processing of your data at any time for reasons that arise from your particular situation if we base this processing on legitimate interests in accordance with Article 6 paragraph 1 sentence 1 letter f) DS Support GMOs. If you file an objection, we will no longer process your personal data, except in two cases:
- we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or
- the processing serves to assert, exercise or defend legal claims.
In particular, if we process your personal data for direct advertising (e.g. in the context of our newsletter), you have the right to object to the processing of your data for the purpose of such advertising at any time. If you object to the processing of your data for direct marketing purposes, we will no longer use your personal data for this.
IV. Help with data protection terms
We use some terms in this data protection declaration that were also used by the legislator, in particular in the European General Data Protection Regulation (GDPR). Since it is important to us that this data protection declaration is understandable to you, we will explain some important terms in alphabetical order below:
Processor: This is a natural or legal person, public authority, agency or other body that processes personal data on behalf of a responsible person.
Data subject: This is every identified or identifiable natural person whose personal data are processed by the controller.
Browser: This is a program for displaying websites on the Internet, for example the programs Mozilla Firefox or Google Chrome.
Third party: This is a natural or legal person, public authority, agency or other body (apart from the data subject), the controller, the processor and the persons who are authorized to process the personal data under the direct responsibility of the controller or processor.
Restriction of processing: This is a marking of stored personal data in such a way that its future processing (for example with a view to certain processing purposes) is restricted.
Consent: This is any expression of will voluntarily given by the data subject for the specific case in an informed manner and unequivocally in the form of a declaration or other clear confirmatory act, with which the data subject indicates that they are processing the personal data relating to them Data agrees.
Recipient: This is a natural or legal person, public authority, agency or other body to which personal data is disclosed, regardless of whether it is a third party or not.
IP address: This is an address that is assigned to your device (e.g. smartphone or computer) on the Internet so that your device can be addressed and reached there.
Pixel tags (web beacons): These are small, usually invisible graphics that are integrated into websites and other services in order to be able to carry out statistical evaluations, usually for marketing purposes.
Personal data: This is all information that relates to an identified or identifiable natural person (also called "data subject"). An identifiable person is a natural person who, directly or indirectly, in particular by assigning an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics, expresses the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person can be identified.
Pseudonymization: This is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without consulting additional information. This is especially the case if the additional information is kept separately and technical and organizational measures have been taken to ensure that the assignment to an identified or identifiable natural person is no longer possible with reasonable effort.
Processing: This is any process or series of processes carried out with or without the help of automated processes in connection with personal data such as the collection, organization, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction.
Responsible or responsible for processing: These are the natural or legal persons, authorities, institutions or other bodies that alone or together with others decide on the purposes and means of processing personal data.
We use technical and organizational security measures to protect your personal data against misuse, loss, destruction or against access by unauthorized persons.
VI. Validity and changes to the data protection declaration
The data protection declaration is currently valid and dated 20.05.2020.
Due to the further development of our website or the implementation of new technologies, it may be necessary to change this data protection declaration. We reserve the right, at any time to make appropriate changes.
VII. Your questions about data protection
If you have any questions about this data protection declaration or your rights, please contact us.