Data protection for this website

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

Data collection on our website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the Group page of this website.

How do we collect your data?

Your data is collected when you communicate it to us. This can be, for example, data that you enter in a contact form or newsletter signup form.

Other data are automatically recorded by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected in order to ensure that the website is error-free. Other data can be used to analyze your user behavior.

Any data you enter into a contact form or newsletter signup form is used for Marketing purposes. We may share this information with our approved and trusted partners if appropriate, e.g. joint initiatives or promotions.

You are able to remove your consent at any time. You can do this by clicking the unsubscribe link on our email newsletter or by contacting [email protected]

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.

Analysis tools and third party tools

When you visit our website, your surfing behavior can be statistically evaluated. This is done primarily with cookies and so-called analysis programs. Your surfing behavior is usually analyzed anonymously; surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this in the following data protection declaration.

You can object to this analysis. We will inform you about the possibilities of objection in this data protection declaration.

General information and mandatory information Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This data protection declaration explains which data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.

Note on the responsible body

The responsible body for data processing on this website is:

Roboyo Group Limited
5 Upper St. Martins Lane
London, WC2H 9EA

Email: [email protected]

The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke your consent at any time. An informal e-mail to us is sufficient. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

Right of appeal to the competent supervisory authority

In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.gov.uk/data-protection/make-a-complaint .

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done if it is technically feasible.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this site uses an SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line.

If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, their origin and recipient and the purpose of the data processing and, if necessary, a right to correct, block or delete this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.

Objection to advertising mails

We hereby object to the use of the contact data published as part of the imprint obligation for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.

Data protection officer

Statutory data protection officer

We have appointed a data protection officer for our company.

Roboyo Group Limited
5 Upper St. Martins Lane
London, WC2H 9EA

Email: [email protected]

Cookies

Some of the internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions you require (e.g. shopping cart function) are stored on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these will be treated separately in this data protection declaration.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type and browser version
• operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

This data will not be merged with other data sources.

The basis for data processing is Article 6 (1) (f) GDPR, which allows the processing of data for the fulfillment of a contract or pre-contractual measures.

Contact form

If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the request and in case of follow-up questions. We do not pass on this data without your consent.

The processing of the data entered in the contact form takes place exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. An informal e-mail to us is sufficient. The legality of the data processing operations carried out before the revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Analysis tools and advertising

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files that are saved on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

The storage of Google Analytics cookies is based on Art. 6 Para. 1 lit.f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

IP anonymization

We have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. The full IP address will only be sent to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out, however, that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/gaoptout?hl=en-GB .

Objection against data collection

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to this website: Deactivate Google Analytics .

You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://policies.google.com/privacy?hl=en-US .

Data processing

We have concluded a contract data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic characteristics in Google Analytics

This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be created that contain information on the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. These data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.

Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter . Further data is not collected or is only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter registration form takes place exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you have stored with us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. This does not affect data that we have stored for other purposes (e.g. e-mail addresses for the members’ area).

Plugins and Tools

YouTube

Our website uses plugins from YouTube, operated by Google. The operator of the website is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages equipped with a YouTube plug-in, a connection to the YouTube servers will be established. The YouTube server is informed which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit.f GDPR.

You can find more information on handling user data in YouTube’s data protection declaration at: https://policies.google.com/privacy?hl=en-GB .

Google Web Fonts

This page uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that our website has been accessed via your IP address. The use of Google Web Fonts takes place in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit.f GDPR.

If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s data protection declaration: https://www.google.com/policies/privacy/ .

Google Maps

This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored by Google on servers in the United States. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy findability of the places we have indicated on the website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit.f GDPR.

You can find more information on handling user data in Google’s data protection declaration: https://policies.google.com/privacy?hl=en-GB .

Google Tag Manager

This website uses the Google Tag Manager. The Google Tag Manager is a solution operated by Google LLC 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”), with which marketed website tags can be managed via an interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not register any personal data. The tool activates other tags which, in turn, can register data under certain circumstances. The Google Tag Manager does not access this information. If the recording has been deactivated at domain or cookie level, this setting is retained for all tracking tags implemented with Google Tag Manager.

reCAPTCHA

We use Google reCAPTCHA from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) to prevent spam.

The legal basis for its use is Article 6 (1) f (lawfulness of processing), because there is a legitimate interest in protecting this website from bots and spam.

reCAPTCHA is a free service that protects websites from spam and abuse. It uses advanced risk analysis techniques to tell people and bots apart. With the new API, a significant number of your valid human users will pass the reCAPTCHA challenge without having to solve a CAPTCHA. We use reCAPTCHA to secure forms.

By using reCAPTCHA, data is transmitted to Google, which Google uses to determine whether the visitor is a person or a (spam) bot. You can read which data is collected by Google and what this data is used for at https://policies.google.com/privacy?hl=en-GB .
You can read the terms of use for services and products from Google at https://policies.google.com/terms?hl=en-US .

Zoho

When applying for a job, the user’s data is stored for the purpose of processing the request and for follow-up questions. We use Zoho’s communication services to communicate with the applicant (so-called “Zoho Recruit”). Zoho Recruit offers us the opportunity to get in touch with them faster and more directly and to process their inquiries, in accordance with the expectations of the users. With Zoho Recruit, we can send messages to users via email within the scope of the law.

• measure and analyze traffic and browsing activity on our site(s);
• show advertisements for our products and/or services to you on third-party sites;
• measure and analyze the performance of our advertising campaigns;

Salesforce

When individuals make inquiries, their contact information (name, email, and company details) is securely stored in Salesforce CRM and Marketing Cloud Account Engagement. This information allows us to respond to requests and follow up as needed. Through these platforms, we also gather insights on website usage to better understand and improve areas that provide value to our customers. With double-opted-in consent, we send newsletters and updates to those interested in staying informed. Additionally, we analyze website traffic and engagement to enhance user experience and assess the impact of our communications.

Information obligation pursuant to Art. 13 and Art. 14 GDPR for clients

The protection of your data and transparency regarding its processing is very important to us. We therefore hereby fulfill our obligation to provide information about the circumstances of processing in accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR).

The processing of your personal data gives you the following rights:

1. Right to rectification (see Art. 16 GDPR)
2. Right to erasure (see Art. 17 GDPR)
3. Right to restriction of processing (see Art. 18 GDPR)
4. Right to object (see Art. 21 GDPR)
5. Right to data portability (see Art. 20 GDPR)

Right to withdraw consent: If the processing is based on Art. 6 GDPR paragraph 1 letter a or Art. GDPR 9 paragraph 2 letter a, you have the right to withdraw your consent at any time. Data processed prior to the withdrawal remains unaffected by the withdrawal.

Contact details of the data protection officer: Regina Stoiber, Datenbeschützerin GmbH, Unterer Sand 9, 94209 Regen, Email: [email protected], Phone: 0 99 21 88 22 9000

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data is unlawful.

Note on the responsible body

The responsible body for data processing on this website is

Roboyo GmbH
Sophie-Germain Straße 3-5, 90443 Nuremberg
Phone: +49 (0) 911 477 16 10
Email: [email protected]

Supervisory authority:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Phone: +49 (0) 981 180093-0
Email [email protected]  

The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Data will only be transferred to third countries (countries outside the European Economic Area – EEA) if this is necessary for the performance of the service contract, if you have given us your consent, or if this is otherwise permitted by law. In this case, we will take measures to ensure the protection of your data, for example through contractual provisions. We only transfer data to recipients who ensure the protection of your data in accordance with the provisions of the GDPR for transfers to third countries (Articles 44 to 49 GDPR).

Data processing in the context of order processing

Order entry and processing

In order to process your order or request, we collect personal data from contact persons (name, address, email address, telephone number, mobile phone number) as part of the process. Your data is entered into our central system (Zoho, see No. 2.1.) and stored there.

The processing is based on a contract or pre-contractual measure in accordance with Art. 6 (1) (b) GDPR.

Zoho Projects is used for project management. The data is forwarded internally to the necessary departments and, if necessary, to external parties (e.g., business partners/subcontractors) in order to process the order further.

The data is stored in accordance with statutory retention requirements. If no contractual relationship is established, your data will be deleted after one year without active contact.

Automation and hosting on behalf of

In order to process your order or request, we collect personal data from contact persons (name, address, email address, telephone number, mobile phone number) as part of the process. When carrying out orders, it cannot be ruled out that employees may have access to and insight into the client’s systems and thus also to personal data (such as log files, IP addresses, etc.).

Various technical software programs are used to handle automation projects, including code analysis, investigations for RPA-suitable processes, project planning tools, etc.

The data is forwarded internally to the necessary departments and, if necessary, to external parties (e.g., subcontractors/manufacturers) in order to continue processing the order.

The data is stored in accordance with legal retention requirements.

Communication

In order to contact you, we will send you an email with further information to process your inquiry, your order, or as part of our general business relationship. For this purpose, your email address, the email content, and the communication history will be recorded. The emails are hosted by Microsoft Exchange. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

We may also call you on the telephone number or mobile phone number you have provided us with.

The processing of data is based on the fulfillment of a contract in accordance with Art. 6 (1) (b) GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures (customer relationship, contracts with business partners).

Microsoft is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when processing data in the US. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TN8pAAG&status=Active

Data will only be passed on if this has been agreed with you or is necessary for the current business transaction.

Your data will be stored on our systems in accordance with the statutory retention requirements.

Data processing in IT systems

Zoho Campaigns

Zoho CRM

To manage all contact information for business partners and customers, we store the contacts in our Zoho CRM system, which stores the name, contact person (if applicable), address, telephone number, mobile phone number, and email address. The provider is Zoho Corporation Pvt. Ltd., Estancia IT Park, Plot No. 140 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, India (hereinafter “Zoho CRM”).

Zoho CRM enables us, among other things, to manage existing and potential customers and customer contacts and to organize sales and communication processes. The use of the CRM system also enables us to analyze and optimize our customer-related processes. Customer data is stored on Zoho CRM’s servers. Details on the functions of Zoho CRM can be found here: https://www.zoho.com/de/crm/help/getting-started/key-features.html.

The use of Zoho CRM is based on Art. 6 (1) lit. f GDPR. The controller has a legitimate interest in customer management and customer communication that is as efficient as possible.

Data transfers to third countries outside the European Union are based on the standard contractual clauses of the EU Commission.

For details, please refer to the Zoho CRM privacy policy at https://www.zoho.com/privacy.html and https://www.zoho.com/gdpr.html.

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

Only our employees have access to this system.

Your data will be stored in our system for the duration of the business relationship and beyond until the expiry of the statutory retention period.

Microsoft Dynamics Finance & Operations

Enterprise Resource Planning (ERP)

We process customer-related personal data in our Enterprise Resource Planning system Microsoft Dynamics 365 Finance & Operations.
This includes contact details, contractual information, transaction data, and communication records required to manage customer relationships, process orders, and handle invoicing and payments.

The ERP system is provided by Microsoft as a cloud-based service. Microsoft processes data on our behalf solely to operate, maintain, and secure the system and to ensure its availability.

Access to personal data is restricted to authorized personnel and protected by appropriate technical and organizational security measures. Customer data is stored only for as long as necessary for the respective business purpose.

The provider for Dynamics Finance & Operations is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details on data processing can be found in the Microsoft Teams privacy policy:https://privacy.microsoft.com/de-de/privacystatement.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when processing data in the US. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000KzNaAAK&status=Active.

We have concluded a contract for order processing (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Audio and video conferences

Data processing

We use online conference tools, among other things, to communicate with our customers. The specific tools we use are listed below. When you communicate with us via video or audio conference over the Internet, your personal data is collected and processed by us and the provider of the respective conference tool.

The conference tools collect all data that you provide/use to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, the start and end (time) of participation in the conference, the number of participants, and other “context information” related to the communication process (metadata).

In addition, the tool provider processes all technical data required to handle online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded, or otherwise made available within the tool, it is also stored on the tool provider’s servers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the corporate policy of the respective provider. For further information on data processing by the conference tools, please refer to the privacy policies of the respective tools, which we have listed below this text.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 (1) (b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest within the meaning of Art. 6 (1) (f) GDPR). If consent has been requested, the use of the relevant tools is based on this consent; consent can be revoked at any time with effect for the future.

Storage period

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to its storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the storage period of your data stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conference tools used

We use the following conference tools:

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details on data processing can be found in the Microsoft Teams privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when processing data in the US. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000KzNaAAK&status=Active.

We have concluded a contract for order processing (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Finance

Financial accounting

For financial accounting, we have mapped a process in Microsoft Dynamics Finance & Operation and DATEV in our IT systems. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. The provider of DATEV is DATEV eG, Paumgartnerstr. 6 – 14, 90429 Nuremberg, Germany.

It is possible that personal data of contact persons or invoice information (name, address, email address, telephone number, mobile phone number) may be processed as part of the process.

The processing is based on a legal requirement under Art. 6 (1) (c) GDPR. The processing is necessary to fulfill a legal obligation to which the controller is subject (principles of proper accounting).

Data transfers from Microsoft to the US are based on the EU Commission’s standard contractual clauses. Details can be found here: https://www.hubspot.de/data-privacy/privacy-shield.

Microsoft is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when data is processed in the US. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TN8pAAG&status=Active.

We have concluded a contract for order processing (AVV) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

The data is forwarded to our responsible tax advisor.

The data is stored in accordance with the statutory retention obligations.

Facility management

Video surveillance system (access protection)

The data is recorded by video cameras within the premises at the Nuremberg location to ensure that only authorized persons enter the office and to provide evidence to law enforcement authorities in the event of trespassing.

The processing of the data is based on a business purpose in accordance with Art. 6 (1) lit. f GDPR. The controller has a legitimate interest in regulating access to the company premises and in preventing or detecting criminal offenses.

The video material is deleted after 72 hours.

Other

Paper file disposal / data carrier disposal

Paper documents and data carriers containing personal data that are no longer required are destroyed. This ensures that the deletion periods after the retention period are complied with.

All data relating to the customer relationship may be contained in the documents and paper media.

The processing of the data is based on a legal requirement under Art. 6 (1) (c) GDPR; the processing is necessary for compliance with a legal obligation to which the controller is subject.

The data is transferred to the certified disposal company commissioned by the controller to destroy and dispose of it. A data processing agreement has been concluded with the disposal company.

Data protection management

You can contact the external data protection officer at any time by email at [email protected] or by phone at 09921 88 22 9000.

Your name, reason for the request, facts of the case, and any data of the data subject stored in the system will be collected and stored.

The processing of the data is based on the fulfillment of the contract in accordance with Art. 6 (1) lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures (service contract).

The information will only be passed on with your consent.

Your personal data will be stored for as long as necessary for the purpose. Statutory retention obligations remain unaffected.