Data Privacy Policy PROTAKT

1.    Information about the collection of personal data

(1)  We inform you about the collection of personal data when using our website. Personal data is all data that is assigned to you personally, eg. Name, address, e-mail addresses and user behavior (information relating to an identified or identifiable natural person (Article 4 (1) of the EU General Data Protection Regulation (GDPR)).

(2)  Controller acc. Art. 4 (7) GDPR is PROTAKT - Projekte & Business Software AG (hereinafter: PROTAKT), Frankfurter Landstraße 20, 61231 Bad Nauheim, Germany, represented by the board members Kerstin Miotke, Nicole Gebhard, Lothar Kinnschewski and Dr. Sven Odermatt.

The contact details of our data protection officer can be found at    http://xdsb.eu

Alternatively you can reach the data protection officer at our postal address with the addition "the data protection officer".

(3)  When contacting us by e-mail or through a contact form, the information you provide (your e-mail address, your name and telephone number if applicable) will be stored by us to answer your questions. We will delete the data collectedin this context after the storage is no longer required or limit the processing if there are statutory retention requirements.

(4)  As far as we rely on engaged service providers for individual functions of our offer oruse your data for advertising purposes, you will find the details regarding the respective processes below including the specified criteria of storage duration


2.   
Your Rights

(1)   You have the following rights with respect to the personal data concerning you:

  • Right to information
  • Right to rectification or cancellation
  • Right to restriction of processing
  • Right to object to the processing
  • Right to data portability

(2)   You also have the right to lodge a complaint with a supervisory data protection authority about the processing of your personal data by us.

(3)   In the case of manifestly unfounded or excessive requests, we may charge a reasonable fee. Otherwise, the information will be provided free of charge (Art. 12 (5) GDPR).

(4)   In the event of reasonable doubts about the identity of the person claiming the above rights, we may request the provision of additional information necessary to verify the identity (Art. 12 (6) GDPR).

 

3.    Secure data transfer

For transport encryption we offer HTTPS with Forward Secrecy and the current encryption protocol TLS 1.2.
We recommend that you keep your Internet browser up to date so you can safely transfer your data on the transport route.

 4.    Collection of personal data when visiting our website

(1)  In the case of merely informative use of the website, if you do not register or otherwise provide information, we will only collect the personal data that your browser transmits to our server according to the settings you have made. In order to view our website, we collect the data that is technically required for this purpose and for the purpose of ensuring stability and safety in accordance with Art. 6 (1) S. 1 f) GDPR :

  • Domain
  • Your IP-address
  • Inquiry (content of the request)
  • Daten and time of the request (Time Stamp)
  • Browser (User Agent)
  • Access status/HTTP status code

(2)  Use of cookies: In addition to the aforementioned data, cookies are stored on your computer when using our website. Cookies are small text files that are stored by the browser you use and that give us (the server of our website) certain information. Cookies can not run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective, and above all, faster. There are session cookies (transient cookies) and persistent (persistent) cookies.

Transient cookies are automatically deleted when you close the browser. These include in particular the session cookies. Session cookies store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

We use session cookies and persistent cookies. Flash cookies are not used by us.

(3)  You can configure your browser settings according to your wishes and i.e. refuse to accept any or all cookies. Please be aware that you may not be able to use all functions of this website in this case.

 

5. Collection of personal data when using PROTAKTs customer support services

For support inquiries and processes, personal data from these requests via email (contact details, namely, name, email address, telephone number of the requestor) are stored on local servers at PROTAKT for the purpose of performing the support services.

 

6.    Opposition or revocation against the processing of your data

(1)  If you have given your consent to the processing of your data, you can revoke it at any time for the future. Such revocation only affects the admissibility of the processing of your personal data after your revocation.

(2)  As far as we base the processing of your personal data on a balance of interests (Art. 6 (1) f) GDPR), you can object to the processing. This is the case if, in particular, the processing is not required to fulfill a contract with you, which we explain in the following functional descriptions. In the event of such a disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing.

(3)  Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us about your objection on advertising cat the following e-mail address: opt-out@protakt.de.

 

7.    Using Google Analytics (with anonymization function)

(1)  This website uses Google Analytics with anonymization function), a web analytics service provided by Google Inc. (following: Google). Google Analytics uses so-called "cookies", i.e. text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these websites, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data.

(2)  The purpose of the data processing is the evaluation of the use of the website and the compilation of reports on activities on the website. Based on the use of the website and the Internet, other related services will be provided. The processing is based on the legitimate interest of the website operator.

(3)  You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install: Browser Add On to disable Google Analytics.

(4)  In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking this link: deactivate Google Analytics Tracking
An opt-out cookie will be installed on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.

(5)  Further informatioin regarding the GDPR compliance of Google services can be found here: https://www.google.com/intl/de_at/cloud/security/gdpr/.

 

8.    Facebook and Instagram

(1) Use of the PROTAKT Facebook page

PROTAKT Projekte & Business Software AG uses the technical platform and services of Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland for the information service offered here (https://www.facebook.com/PROTAKT). Facebook Ireland Ltd. processes personal data when using Facebook products, even from persons who are not logged into any of the Facebook services.
We would like to point out that you use this Facebook page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via this page on our website (https://www.protakt.de).
When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is present in the form of cookies on your PC. This information is used to provide us, as operators of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more detailed information on this under this link (http://de-de.facebook.com/help/pages/insights).
The data collected about you in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union in the process. Facebook describes in general terms what information it receives and how it is used in its data usage guidelines. There you will also find information on how to contact Facebook and on the settings options for advertisements. The data usage guidelines are available at this link (http://de-de.facebook.com/about/privacy).
Facebook's full data policies can be found here (https://de-de.facebook.com/full_data_use_policy).

In what way Facebook uses data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties, is not conclusively and clearly stated by Facebook and is not known to us.

When you access a Facebook page, the IP address assigned to your terminal device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for "German" IP addresses) and deleted after 90 days. Facebook also stores information about the end devices of its users (e.g. as part of the "login notification" function); this may enable Facebook to assign IP addresses to individual users.
If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is located on your end device. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Facebook pages. Via Facebook buttons embedded in websites, it is possible for Facebook to record your visits to these website pages and assign them to your Facebook profile. Based on this data, content or advertising can be offered tailored to you.
If you want to avoid this, you should log out of Facebook or deactivate the "stay logged in" function, delete the cookies present on your device and exit and restart your browser. In this way, Facebook information through which you can be directly identified will be deleted. This will allow you to use our Facebook page without revealing your Facebook identifier. When you access interactive features of the page (like, comment, share, message, etc.), a Facebook login screen will appear. After any login, you will again be recognizable to Facebook as a specific user.
Information on how to manage or delete information about you can be found on these Facebook support pages (https://de-de.facebook.com/about/privacy#).
We, as the provider of the information service, do not collect and process any data from your use of our service beyond this.
You can find this privacy policy in its current version here. You can also find the link to it on our Facebook page.


2) Use of the PROTAKT Instagram page

PROTAKT Projekte & Business Software uses the technical platform and services of Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland for the information service offered here (https://www.instagram.com/protakt.ag/). Facebook Ireland Ltd. processes personal data when using Facebook products, even from persons who are not registered with any of the Facebook services. What data this is in detail, how, for what purposes and on what legal basis it is processed is described by Facebook in its data policy (https://help.instagram.com/519522125107875?helpref=page_content), which applies to all Facebook products. There you will also find information on how to contact Facebook as well as on the settings options for advertisements, cookies, etc.
We would like to point out that you use this Instagram page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via this page on our website (https://www.protakt.de).

When you visit our Instagram page, Facebook collects, among other things, your IP address. Together with other information that Facebook receives through cookies, Facebook provides us as the operator of the Instagram page with statistical information about the use of this Instagram page (so-called page insights) This enables the anonymous evaluation of the reach, page views, dwell time for video posts, actions (likes, comments, sharing of posts) as well as by age, gender and location (as specified by users in their respective Instagram profiles). These page insights may be based on personal data collected by Facebook in connection with a user's visit to or interaction with our Instagram page and its content. It is not possible to draw conclusions about individual persons. Facebook provides more detailed information on this here: https://www.facebook.com/about/privacy

The legal basis for this data processing is Article 6 (1) (e) DSGVO.
The data collected about you in this context will be processed by Facebook Ltd. and, if necessary, transferred to countries outside the European Union. What information Facebook receives and how it is used is described in general terms by Facebook in its data usage guidelines. There you will also find information on how to contact Facebook and on the settings options for advertisements. The data usage guidelines are available at this link (http://de-de.facebook.com/about/privacy).
Facebook's full data policies can be found here (https://de-de.facebook.com/full_data_use_policy).

In what way Facebook uses data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties, is not conclusively and clearly stated by Facebook and is not known to us.
We, as the provider of the information service, do not collect and process any data from your use of our service beyond this.

(3) Your rights
In principle, you have the following rights vis-à-vis the data controllers with regard to the personal data concerning you:
- Right to information, Art. 15 DSGVO
- Right to rectification, Art. 16 DSGVO
- Right to erasure, Art. 17 DSGVO
- Right to restriction of processing, Art. 18 DSGVO
- Right to object to the collection, processing and/or use, Art. 21 DSGVO
- Right to data portability, Art. 20 DSGVO
- Insofar as the processing of personal data is based on your consent (Article 6(1)(a) DSGVO), you may revoke it at any time for the relevant purpose. The lawfulness of the processing based on your consent given remains unaffected until receipt of your revocation.

(4) Basic reference to the data protection risks of social media services.
Social media services are often multi-level provider relationships in which the respective information or communication service is offered on a platform provided by third parties and in which users' data is processed as part of the platform operators' own business purposes. This makes social media services difficult to understand from the user's perspective and often problematic from a legal perspective, especially with regard to existing responsibilities. Especially in the case of non-European platform operators/providers, social media services often do not comply with the General Data Protection Regulation from a data protection perspective.
In particular, this regulation requires that users be adequately informed and that they give their consent before personal data is processed.
Social media services beyond the offer of our presence, we have no influence and only limited information.

The privacy policy of the platform operator can be found at the following Internet address:
Facebook data usage policy:
https://de-de.facebook.com/about/privacy
Full data policy of Facebook:
https://de-de.facebook.com/full_data_use_policy


9.   LinkedIn

We operate a company profile (https://www.linkedin.com/company/protakt-projekte-&-business-software/?viewAsMember=true) on the online platform of the social network of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"), where personal data is processed.

(1) Joint responsibility
PROTAKT Projekte & Business Software AG, together with LinkedIn, is jointly responsible for the processing of personal data in connection with our company profile, in particular in connection with the "Page Insights" function in accordance with the provisions of the General Data Protection Regulation (GDPR), Art. 4 No. 7 GDPR. When visiting our company profile, personal data is processed by LinkedIn and us as joint controllers. With this data protection information, we explain to what extent your personal data is processed by us in the process.

(2) Terms of use of LinkedIn
The use of our company profile is based on the terms of use, in particular the "Page Insights Joint Controller Addendum" of LinkedIn. These terms of use (including the other conditions and guidelines listed therein) are solely authoritative. The "Page Insights Joint Controller Addendum" can be accessed at: https://legal.linkedin.com/pages-joint-controller-addendum. The privacy policy of LinkedIn can be found at: https://www.linkedin.com/legal/privacy-policy.

(3) Purposes of data processing
The processing of personal data is necessary for the operation of our company profile on LinkedIn.

The purpose of operating our company profile on LinkedIn is to get in touch with users and visitors of the LinkedIn social network and to engage in an exchange. In doing so, we provide information about our company and the associated offers. This concerns, for example, events held by us or current events, special promotions and offers, but also current job postings. If you get in touch with us, we can retrieve the data provided by you as a LinkedIn member on LinkedIn. This potentially concerns your name, your current job, your qualification, the country, your industry or even your employee status. Data that you yourself have entered and published on LinkedIn (e.g. your user name, the content you have published on your LinkedIn account), share or recommend our content, comment or if you refer to our company page within LinkedIn, this information may also be processed by us.

With the "Page Insights" service, LinkedIn provides us with information on visits and visitors to our company page. These are created by LinkedIn and enable us to better and more specifically manage the marketing of our activity. This is aggregated data with which no direct reference to your person can be made. Data processing within the scope of the "Pages Insights" service is the sole responsibility of LinkedIn. We have no possibility to access personal data, with the exception of information in aggregated form.

(4) Legal basis and legitimate interests of our data processing.
The processing of personal data by us is based on our legitimate interests in exchanges with users on LinkedIn, visitors to our company profile and in connection with communication with users on LinkedIn, including our company presentation pursuant to Art. 6 (1) f) DSGVO. If direct communication via LinkedIn relates to the conclusion of a contract, the legal basis for data processing is Art. 6 (1) b) DSGVO. The legal basis for data processing in the case of job advertisements and applications is generally Section 26 BDSG. Accordingly, the processing of data required in connection with the decision on the establishment of an employment relationship is permissible. Should the processing of this data be necessary for legal prosecution after completion of the application process, if applicable, data processing may be carried out to safeguard our legitimate interests pursuant to Art. 6 (1) f) DSGVO, namely for the assertion and/or defense of claims.

(5) Transfer of data
LinkedIn collects data when you visit our company profile. This data may be forwarded to the LinkedIn Corporation based in the USA and processed there. Incidentally, we do not pass on data to third parties as part of the operation of our company profile.

(6) Opt-out options via your LinkedIn account.
As a LinkedIn user, you can use the settings for advertising preferences in your LinkedIn account to configure the extent to which your user behavior may be recorded, for example, when visiting our company profile. LinkedIn also provides an objection form at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out


10. Xing

We operate an online presence within the XING network at https://www.xing.com/pages/protaktprojekte-businesssoftwareag and process personal data of XING users in this context in order to contact, communicate and provide you with information about us on the basis of our legitimate interests pursuant to Art. 6 Para. 1 S. 1 lit. f. DSGVO to contact and communicate with them and to provide them with information about us.

The types of data we process are limited to the information provided by the user himself, such as user name, contact details (e.g. e-mail, telephone numbers), entries in online forms or profile information and content published by the user. If we share users' posts, reply to them or refer to other users' profiles in our posts, this content may be included in our offer and made accessible to our followers.

Note: As the operator of XING, New Work SE reserves the right to process user data on the basis of its own legitimate interests. Insofar as XING processes your data transmitted to us for its own purposes, the provider of XING is therefore the controller for this type of processing in accordance with the DSGVO. Details can be found in XING's privacy policy at https://privacy.xing.com/de/datenschutzerklaerung

11. Twitter

PROTAKT uses the technical platform and services of Twitter, Inc.,1355 Market Street, Suite 900, San Francisco, CA 94103, USA to send short messages.

We would like to point out that you use the services and functions of Twitter on your own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, rating).

Twitter Inc. processes data collected about you when you use the service and may transfer this data to countries outside the European Union, especially the USA. This concerns, among other things, your IP address, the app you use, information about your terminal device (including device ID and app ID), information about websites you have visited, your location and your mobile carrier. If you are logged into your Twitter account, this data is assigned to the data of your Twitter account.

We have no influence on the type and scope of the data processed by Twitter, the type of processing and use or the transfer of this data to third parties. Information on what data is processed by Twitter and for what purposes can be found in Twitter's privacy policy and on the possibility of viewing your own data on Twitter (https://help.twitter.com/de/managing-your-account/accessing-your-twitter-data).

Furthermore, at https://support.twitter.com/forms/privacy and https://help.twitter.com/de/managing-your-account/how-to-download-your-twitter-archive you have the option of requesting information about data stored about you as well as your archive.

We, as the provider of the information service based on the technical platform of Twitter, do not collect and process any further data from your use of the service.

Information on the restriction of data processing can be found on the Twitter support pages .

In addition, it is possible for Twitter to record your visits to our websites and assign them to your Twitter profile via Twitter buttons or widgets embedded in our website. Based on this data, content or advertising can be offered tailored to you. Information on this and on settings and possible restrictions of this processing can be found at https://help.twitter.com/de/using-twitter/tailored-suggestions or https://help.twitter.com/de/rules-and-policies/twitter-cookies

12. YouTube

We embed YouTube videos on our website. For this purpose, we use the platform of YouTube, a subsidiary of Google. The operator of the portal is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in Europe. All relevant data protection information from Youtube and Google can be found in the joint data protection declaration .

When you call up a YouTube video embedded on our pages, your browser loads the respective video from the YouTube servers. In the process, data is transferred and cookies are set that store your IP address and other usage data. If you are logged into your Google or YouTube account, YouTube can assign your interactions with our website to your profile. This includes data such as session duration, bounce rate, your location, technical information of the browser used, your screen resolution or your internet access provider. Other data may include contact details, any ratings, sharing content via social media or adding to your favorites on YouTube.

The collected data is stored on Google servers, mostly in the USA, for different periods of time. Some data stored in your Google account will remain stored until you delete it or, depending on the decision you make in the settings in your Google account, for 3 or 18 months. Even if you are not signed into a Google Account, you can delete some data associated with your device, browser, or app.

 

13.    More features and offers of our website

(1)  In addition to the informational use of our website, we offer various services that you can use if you so decide, such as contact forms and contact options via e-mail. To do this, you will generally need to provide other personal information that we use to provide the service and for which the aforementioned data processing principles apply.

(2)  If you have questions of any kind and contact us by e-mail or contact form, you give us your consent for the purpose of establishing the contact. This requires the provision of a valid e-mail address. It serves for the assignment of the request and the subsequent answering of the same. The provision of further data is optional. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions. After completing the request your personal data will automatically be deleted.