Privacy Policy / Data processing information

Hereby we inform you about the processing of your personal data by the disy Informationssysteme GmbH and your entitled rights.

1. Who is responsible for the data processing and how do I contact the data security officer?

Responsible according to Art. 4 Nr. 7 GDPR for the data processing is:

disy Informationssysteme GmbH

Ludwig-Erhard-Allee 6, 76131 Karlsruhe

+49 (0)721 16006000, +49 (0)721 1600605

datenschutz@disy.net

Represented by: Claus Hofmann

You can contact our data security officer at the contact details above or by mail: datenschutz@disy.net

2. What is the purpose of the processing of my personal data and on which legal basis does it take place?

We process your personal data respecting the stipulations of the General Data Protection Regulation (GDPR), the new national privacy law (BDSG-neu) as well as all other relevant laws only as far as it is necessary for the information and services on this website.

In case of a strictly informational use of the website, e.g. when you don’t sign up or register for the use of the website, we do not collect personal data from you, except your browser passes data to enable your visit on our website. These are:

  • IP-Adresse
  • Date and time of the request
  • Difference of time zones to Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Status of access/HTTP-Statuscode
  • Respectively passed amount of data
  • Website of origin of the request
  • Browser
  • Operating system and surface
  • Language and Version of browser software.

To ensure the functionality of the website, we save the logfiles. Additionally, this data helps to ensure the safety of our IT-systems and to optimize the website.

Art. 6 Abs. 1 lit. f DSGVO bildet die Rechtsgrundlage für die vorrübergehende Speicherung der Daten und Logfiles.

Art. 6 Abs. 1 lit. f GDPR provides the legal basis of the temporary saving of the data and logfiles.

If the processing of personal data is justified by an consent of the affected, the legal basis is Art. 6 Abs. 1 lit. a GDPR.

In case our company is subject to a commitment, whereas its execution requires the processing of personal data, Art. 6 Abs. 1 lit. c GDPR is the legal basis.

Art. 6 Abs. 1 lit. d GDPR is also the legal basis, if vitally important interests of the affected persons or another individual requires the processing of the personal data.

If personal Data is processed in order to maintain the company’s or a third party’s interests, the interests, fundamental rights and freedoms of the affected persons are subordinated. Art. 6 Abs. 1 lit. f GDPR is the legal basis of this processing.

Personal Data can be passed to our IT-service provider in order to facilitate this website.

3. Data security

We maintain current technical measures to ensure data security, in particular to protect your personal data from dangers while transferring data as well as acquaintance of third parties. These will be modified according to the most recent technical standards.

4. Cookies

Furthermore, there will be “Cookies” saved on your computer while using this website. Cookies are small text files which will be saved on your hard drive and is assigned to the browser you use. The website which places the cookie on your hard drive (in this case us) receives certain information. Cookies cannot run programs or transmit viruses on your computer. They serve the purpose of making the internet offering more user-friendly and effective.

As soon as our website is accessed, the user is informed about the usage of cookies for analysis purposes. The user’s consent is requested, in order to process the personal data used in this procedure.

The website uses cookies in the following extent: transient cookies (temporal use), persistent cookies (temporal restricted use), third-party cookies (from third-party providers), flash-cookies (permanent use).

  1. Transient cookies are being automatically deleted, if you close the browser. These include explicitly the session-cookies. They save a so-called session-ID, which allow the allocation of different browser-requests to a corporate session. This allows your computer to be recognized, when you return to the website. The session-cookies will be deleted when you log out or close the browser. Without the use of cookies, certain applications of our website cannot be used. They require, that the browser is recognized after the change of the website.
  2. Persistent cookies will be deleted automatically after a given amount of time that can vary, depending on the cookie. You can also delete cookies in the security-settings of your browser.
  3. You can configurate the browser-settings according to your wishes and you can deny third-party cookies or even all cookies for example. We want to point out that given this case, certain applications of the website cannot be used.
  4. The used flash-cookies are not being detected by your browser, but by your flash-plug-in. They save the necessary data regardless of the used browser and they have no automatic expiry date. If you do not wish the processing of flash-cookies, you have to install a corresponding add-on, e.g. “better privacy” for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or Adobe-Flash-Killer-Cookie for Google Chrome.
  5. Analysing cookies. In order to improve the content and quality of our website, we use analyse-cookies. These allow us to understand how our website is being used. Thereby we can steadily optimize our offering.

This information will be saved separately of other data which is passed to us.

Especially the data relating from the cookies will not be combined with other personal data from you. You can delete the recently saved cookies at any time. The deletion is also automated possible.

The processing of personal data when using technically necessary cookies is justified by Art. 6 para. 1 lit. f GDPR. If the user agreed on the processing of cookies for analyising purposes, this Agreement is the justification according to Art. 6 para. 1 lit. a GDPR.

You can configurate the browser-settings in order to prevent the storage of cookies. We want to point out that given this case, certain applications of the website cannot be used completely.

5. Disy-News 

You can subscribe to news-mailings that inform you regularly about certain topics (events, instructions, news about products and services, customer’s references, information about Disy) in the format of regular newsletters or mails due to a certain event by giving your consent.

We use the so-called “double-opt-in-process” for the registration to our newsflashes. This means, that we’ll send a confirmation e-mail to the given e-mail address, where we ask for your consent to receive newsletters. Not confirmed registrations will be deleted after two workdays at latest. If you confirm the wish to receive the newsletters after having received our news-mailings, we will save your e-mail address, as well as all the data you have provided. The storage serves the only purpose to send newsletters to you. Furthermore, we will save the date when you are logging in and confirming your IP-address, in order to prevent the misuse of your personal data.

The declaration of the e-mail address is obligatory for the reception of news. The declaration of further, explicitly marked information columns is optional and will be used for a personalization or clustering of the news-mailings.

Sent e-mails use so-called “Web-Beacons” or “Tracking-Pixels” for this evaluation. These are one-pixel picture files, that allow us to evaluate your user behaviour. This happens by processing the respective data and web-beacons, that are assigned to your e-mail-address and are linked to an own personal ID. Links contained in the news-mails also contain this ID.

We’d like to point out, that we use your personal data explicitly for shipment and aggregated for a statistical analysis of user behaviour (click-rate, opening-rate, type of e-mail-client, frequency of clicks on links in the e-mails). This serves the purpose of improving our offering for you. There are no conclusions being made regarding the user’s behaviour of single persons.

Your consent regarding the reception of news can be withdrawn at any time. The withdrawal can be declared by clicking on a link provided in every news-mail, per e-mail to disy-news@disy.net or by message to the address given in the imprint. Your provided Data will be explicitly passed on to the used service provider for the sending of the newsletter.

The consent of the user according to Art. 6 para. 1 lit. a GDPR is the legal basis for the processing of data after the news-registration by the user. As soon as data isn’t necessary anymore for the purpose it was collected for, the data will be deleted from the subscriber’s portfolio. Accordingly, data from newsletter’s subscribers will only be saved in the subscriber’s portfolio for the duration of the subscription.

6. Contact via e-mail

Contact can be established through the provided e-mail address. The personal data of the user transferred in the e-mail will be saved by us.

Legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR in the case of a given consent. Given the case, that the purpose of the established contact is to conclude a contract, the legal basis is Art. 6 para. 1 lit. b GDPR.

The personal data collected by us will be deleted upon request. Further communication can not be entertained in that case, as all personal data that has been saved in the course of the approach will be deleted.

7. Use of Google Analytics

This website uses Google Analytics, a web-analysis service from Google Inc. (“Google”). Google Analytics uses so called „Cookies“, which are text files, that will be saved on your computer and that analyses your usage of this website. The Information about the usage of the website that Cookies provide will generally being transmitted to a server from Google and saved in the U.S.A. Given the case, that the IP-Anonymsation on this website is activated, your IP-Address will be trimmed down by Google within the member states of the EU or in other contracting states of the European Economic Area. The whole IP-Address will be transmitted to a server of Google in the U.S.A. and shortened only exceptionally. On behalf of the operator of this website, Google will use these information, in order to evaluate the usage of the website, to create reports about the website traffic and to provide other services to the operator, linked with the use of the website.

The IP-address provided by Google Analytics via your internet browser will not be merged with other data from Google.

You can prevent this capture of data (incl. IP-address) by the website-cookie, if you download and install the Browser-Plug-in, which can be accessed via this link: tools.google.com/dlpage/gaoptout. We point out, that some applications of this website might not be able to be used entirely.

This website uses Google Analytics with the help of the add-on „_anonymizeIp()“. Thus, shortened IP-addresses get further processed, a direct reference to a person however is not possible. As far as complied data are personally referable, they will be excluded immediately and the personal data will be deleted without further delay.

We use Google Analytics to analyse the usage of our website in order to regularly improve it. Using the collected statistics, we can improve our services to you and develop them to be more interesting for you. For exceptional cases, where personal data will be transferred to the U.S.A., Google has subordinated itself under the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework. Legal basis for the usage of Google Analytics is Art. 6 Abs. 1 S. 1 lit. f GDPR.

Legal basis for the processing of personal data of the users is Art. 6 Abs. 1 lit. f GDPR. The processing of personal data of the users allows us to analyse the behaviour of our users. By evaluating the collected data, we can assemble information about single components of our website. This helps us to improve the ease of use of our website. This purpose states our authorised interest according to Art. 6 Abs. 1 lit. f GDPR. The interest of the users in protection of their personal data is assured sufficiently by the anonymisation of the IP-address.

The data will be deleted, as soon as they will be no use for our recording purposes.

Contact details of the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User Conditions: www.google.com/analytics/terms/de.html, Spreadsheet data protection: www.google.com/intl/de/analytics/learn/privacy.html, data privacy statement: http://www.google.de/intl/de/policies/privacy.

8. Inclusion of  YouTube-Videos

We included YouTube-Videos in our online range of products, which are saved on www.YouTube.com and are directly playable from our Website. These are all included in the “extended data-protection-mode”, which means, that no data about you as a user will be given to YouTube, if you don’t play the videos. The two types of data mentioned above will only be transmitted when playing the video. We don’t have any influence on this process.

By visiting the website YouTube receives the information, that you have accessed the sub-website on our website. Additionally, the Data mentioned in “2.” of this declaration will be transmitted. This happens independent of the circumstance, if this third-party provider provides a user account, where you are logged in to, or if there isn’t any user account. If you are logged in to your Google account, data will be directly referred to your account. If you do not wish the reference to your profile at YouTube, you need to log out before clicking on the button.

YouTube saves the data as user’s profiles und uses these for the purpose of advertisement, market research and/or the at-scale composition of its website. An evaluation like this takes place (also for users, that are not logged in) in order to generate scaled advertisement und to inform other users of the social network about the activities on our website. They have a right of objection against the composition of these user’s profiles. They have to address their objection to YouTube.

Legal basis for the processing of the personal data of the users is Art. 6 Abs. 1 lit. f GDPR. We offer you the possibility to interact with social networks and other users in order to improve our products and to be more attractive to you as a user.

Contact details of the third-party provider: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, : policies.google.com/technologies/product-privacy and www.google.de/intl/de/policies/privacy. Google processes your personal data in the U.S.A. as well and has therefore subordinated itself under the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

9. Inclusion of Google Maps

We use the service of Google Maps on this website. We can hereby show interactive maps directly on the website and facilitate the comfortable use of the maps application.

 

By visiting the website YouTube receives the information, that you have accessed the sub-website on our website. Additionally, the Data mentioned in “2.” of this declaration will be transmitted. This happens independent of the circumstance, if this third-party provider provides a user account, where you are logged in to, or if there isn’t any user account. If you are logged in to your Google account, data will be directly referred to your account. If you do not wish the reference to your profile at Google, you need to log out before clicking on the button.

Google saves the data as user’s profiles und uses these for the purpose of advertisement, market research and/or the at-scale composition of its website. An evaluation like this takes place (also for users, that are not logged in) in order to generate scaled advertisement und to inform other users of the social network about the activities on our website. They have a right of objection against the composition of these user’s profiles. They have to address their objection to Google.

Contact details of the third-party provider: Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; www.google.de/intl/de/policies/privacy and policies.google.com/technologies/product-privacy. Google processes your personal data in the U.S.A. as well and has therefore subordinated itself under the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

10. Use of Google Adwords Conversion

We use Google Adwords, in order to highlight our attractive offers on external websites with the help of advertising mediums (so called Google Adwords). We can determine in relation to the data of the advertising campaign, how successful the individual advertising mediums are. We are interested in showing you advertisements that are of interest to you, to make our website more interesting to you and to achieve a fair calculation of advertising costs.

These advertising materials are supplied by Google via so-called "ad servers". To do this, we use Ad Server Cookies, that can be evaluated by certain parameters of performance measurements, such as the overlay of advertisement or clicks of the user. If you access our website through a Google ad, Google Adwords will store a cookie on your computer. These cookies usually lose their validity after 30 days and are not intended to identify you personally. Additionally, to this cookie, the cookie ID, number of ad impressions per placement (Frequency), last impression (relevant to post-view conversions), and opt-out information (mark that the user does not want to be addressed anymore) are being stored as analysis values.

These cookies allow Google to recognize your Internet browser. If a user visits certain pages of an Adwords customer's website and the cookie stored on their computer has not expired, Google and the customer will be able to detect that the user clicked on the ad and was redirected to that page. Each Adwords customer is assigned a different cookie. Cookies cannot be tracked via the websites of Adwords customers. We do not collect and process any personal data in the aforementioned advertising measures. We receive only statistical evaluations provided by Google. On the basis of these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, in particular we cannot identify the users on the basis of this information.

Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no control over the extent and the further use of the data, which are raised by the employment of this tool by Google and inform you therefore according to our state of knowledge. By including AdWords Conversion, Google receives the information that you have accessed the relevant part of our website or have clicked on an ad from us. If you are registered with a service provided by Google, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, there is a chance that the provider will find and store your IP address.

You can prevent participation in this tracking process in several ways: a) by setting your browser software accordingly, in particular, suppressing third-party cookies will prevent you from receiving third-party ads; b) by disabling the cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com", www.google.de/settings/ads, whereas this setting will be deleted when you delete your cookies; c) by disabling the interest-based ads of the providers that are part of the “About Ads” self-regulatory campaign through the link www.aboutads.info/choices, this setting will be deleted, if you delete your cookies; d) by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome, by accessing the link http://www.google.com/settings/ads/plugin.  We point out that in this case you may not be able to use all the features of this offer entirely. The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR.

Information about the third party provider: Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.de/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively you can visit the website of Network Advertising Initiative (NAI) via www.networkadvertising.org. Google has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

11. Use of Social Media Plug-ins

We currently use the following social media plug-ins: Facebook, Twitter, Xing, LinkedIn. We use the so-called 2-click solution. This means that when you visit our site, initially no personal data will be passed on to the providers of these plug-ins. The provider of the plug-in can be identified by the marking on the box above its initial letter or logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field, the plug-in provider receives the information that you have accessed the corresponding website of our online service. In addition, the data mentioned under 2 of this declaration will be transmitted. In the case of Facebook and Xing, according to the respective providers in Germany, the IP address is anonymized immediately after collection. Activation of the plug-in means that personal data will be transmitted by you to the respective plug-in provider and stored there (with US providers in the USA). Since the plug-in provider carries out the data collection, in particular via cookies, we recommend that you delete all cookies before clicking on the greyed box via the security settings of your browser.

Neither we have no influence on the collected data and data processing operations, nor are we aware of the full extent of the data collection, the purpose of processing, the retention periods. We also have no information about the deletion of the data collected by the plug-in provider.

The plug-in provider stores these data as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles, whereby you must contact the respective plug-in provider to exercise this. Through plug-ins we offer you the opportunity to interact with social networks and other users so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. f GDPR.

The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider. If you click on the activated button and e.g. link the website, the plug-in provider will save this information also in your user account and will share them with your contacts publicly. We recommend logging out regularly after using a social network, but especially before activating the button, as this will prevent you from being assigned to your profile with the plug-in provider.

For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the privacy statements of these providers provided below. There you will also find further information about your rights and settings options for the protection of your privacy.

Addresses of the respective plug-in providers and URL with their privacy notices:

12. Remarketing

In addition to Adwords Conversion, we use the Google Remarketing application. This is a process, with which we would like to approach you again. This application allows you to see our ads after visiting our website as you continue to use the Internet. This is done by means of cookies stored in your browser, through which your usage behavior is recorded and evaluated when visiting various websites by Google. This is how Google determines your previous visit to our website. A combination of the data collected during the remarketing with your personal data, which may be stored by Google, does not occur according to Google. In particular, according to Google, pseudonymization is used in the remarketing process.

Legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR. Learn more about Remarketing by Google at support.google.com/adwords/answer/2453998 as well as data protection with Google in general: www.google. de/intl/de/policies/privacy. Alternatively you can visit the website of the Network Advertising Initiative (NAI) via www.networkadvertising.org. Google has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

13. DoubleClick by Google

This website also uses the online marketing tool DoubleClick by Google. DoubleClick uses cookies to serve ads that are relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads multiple times. Google uses a cookie ID to determine which ads are running in which browser and can prevent them from being displayed multiple times. In addition, DoubleClick uses cookie IDs to track conversions related to ad requests. For example, if a user sees a DoubleClick ad and later goes to the advertiser's website with the same browser and buys something there. According to Google, DoubleClick cookies do not contain personally identifiable information.

Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no control over the extent and continued use of the data collected through the use of this tool by Google and therefore inform you as far as we know: By including DoubleClick, Google receives the information that you access the corresponding part of our website or clicked an ad from us. If you are registered with a service provided by Google, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, there is a chance that the provider will find and store your IP address.

You can prevent participation in this tracking process in several ways: a) by setting your browser software accordingly, in particular, suppressing third-party cookies will prevent you from receiving third-party ads; b) by disabling the cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com", www.google.de/settings/ads, whereas this setting will be deleted when you delete your cookies; c) by disabling the interest-based ads of the providers that are part of the “About Ads” self-regulatory campaign through the link www.aboutads.info/choices, this setting will be deleted, if you delete your cookies; d) by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome, by accessing the link http://www.google.com/settings/ads/plugin. We point out that in this case you may not be able to use all the features of this offer entirely.

The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR.

Information about the third party provider: Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.de/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively you can visit the website of Network Advertising Initiative (NAI) via www.networkadvertising.org. Google has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

14. What rights am I entitled with in regard of data protection?

As far as no opposing professional code of practice is given, you are entitled to/with:

- Withdraw the consent you gave to us at any time, according to Art. 7 Abs. 3 GDPR. We will not be able to proceed processing the kind of data that was legitimated by the withdrawn consent. 

- Demand information about the processed personal data by us at any time according to Art. 15 GDPR. You can demand Information especially about processing purposes, the category of personal data, as well as its origin, the categories of addressees, where the personal data has been revealed to or will be revealed, as well as the purpose and the planned time of storage, the right of correction, deletion, constriction of processing or objection, the existence of a right of complaint, the origin of your data, as far as they haven’t been collected by us, as well as the existence of an automated decision finding, profiling and if necessary significant information about details included; 

- Demand the correction or completion of incorrect or incomplete of your personal data saved by us according to Art. 16 GDPR; 

- Demand the deletion of your personal data saved by us according to Art. 17 GDPR, if the processing is not necessary to execute one’s freedom of speech and information, to fulfil legal commitments, to claim, execute of defend legal rights or if no reasons of public interest justify the processing; 

- Demand to limit the processing of your personal data according to Art. 18 GDPR, if the accuracy of the data is denied by you, the processing is not authorised, you however decline the deletion and we have no further use for the personal data and you need the personal data to claim or defend legal rights or you file an objection against the processing according to Art. 21GDPR; 

- Demand to receive yourself or to pass on your personal data to another responsible, which you have supplied, in a structured and machine-readable format according to Art. 20 GDPR and 

- File a complaint to a surveying administration according to Art. 77 GDPR. Usually this is the surveying administration at your private or professional location or the location of our office. 

Please address all requests or objections regarding the data processing via e-mail to datenschutz@disy.net or to the address mentioned in the legal details.

15. Minors

We don’t collect personal information of minors. If this still happens to be by accident, we will delete the personal data without further delay.

16. Can I object the processing of my personal data?

You have the right to object a processing of your personal data, which is used for direct advertising purposes without explanation. If we process your personal data to preserve justified interests, you can object the processing, if you state a reason, which origins from your special personal situation. We will cease to process your personal data, if we don’t state a coercible reason that requires protection, that prevails your interests, rights and freedoms or is needed to claim or defend legal rights.

The collection of personal data and its storage in logfiles is essential to facilitate the website for users and in order to assure its operation. Because of this circumstance, there is no possibility to object for the user.

If logfiles will be saved, they are deleted within 30 days. A further going processing will not take place.

17. Do I have the possibility of complaint? 

If you think, that the processing of your personal data by us is unrightfully or violates the data protection laws in another way, you can file your complaint at a responsible survey administration:

The county’s agent for data protection and freedom of information in Baden-Württemberg

Königstraße 10a

70173 Stuttgart