§ LEGAL INFORMATION
Company: Appollo Systems GmbH
Street, No.: Michael-Breunig-Straße 22
Countrycode, Postcode, City: D-63927 Bürgstadt
Commercial Register No.: HRB 13544
Managing Directors: Dr. Eckhard Herdt, Mario Herdt
Phone: (+49) 9371 6692 89-0
E-Mail: [email protected]
As of: 15.05.2018
- Basic Information on Data Processing and legal Bases
- We refer the terms used, such as “personal data” or their “processing”, to the definitions in Art. 4 of the Data Protection Basic Regulation (DSGVO).
- The personal user data processed within the scope of this online offer include inventory data (e.g., names and addresses of customers), contract data (e.g., services used, names of administrators, payment information), usage data (e.g., websites visited on our online offer, interest in our products) and content data (e.g., entries in the contact form).
- The term “user” covers all categories of persons affected by data processing. These include our business partners, customers, interested parties and other visitors to our online offering. The terms used, such as “user”, are to be understood as gender-neutral.
- We process users’ personal data only in compliance with the relevant data protection regulations. This means that the data of the users will only be processed if there is a legal permission. This means, in particular, if the data processing is necessary for the provision of our contractual services (e.g. processing of orders) and online services, or is required by law, a consent of the users, as well as due to our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online services within the meaning of Art. 6 Para. 1 lit. f. of the German Data Protection Act). DSGVO, in particular for range measurement, the creation of profiles for advertising and marketing purposes as well as the collection of access data and the use of third-party services.
- We point out that the legal basis of the consents Art. 6 Para. 1 lit. a. and Art. 7 DSGVO, the legal basis for the processing to fulfill our services and implementation of contractual measures Art. 6 Para. 1 lit. b., the legal basis for the processing to fulfill our services and implementation of contractual measures Art. 6 Para. 1 lit. b. and Art. 7 DSGVO. DSGVO, the legal basis for processing to fulfil our legal obligations Art. 6 para. 1 lit. c. DSGVO, and the legal basis for processing to safeguard our legitimate interests Art. 6 para. 1 lit. f. DSGVO.
- Safety Precautions
- We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
- The security precautions include in particular the encrypted transmission of data between your browser and our server.
- Disclosure of data to third parties and third-party providers
- Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is necessary for contractual purposes, e.g. on the basis of Art. 6 Para. 1 lit. b) DSGVO or on the basis of legitimate interests pursuant to Art. 6 Para. 1 lit. f) DSGVO. DSGVO in the economic and effective operation of our business.
- If we use subcontractors to provide our services, we will take appropriate legal precautions as well as appropriate technical and organisational measures to ensure the protection of personal data in accordance with the relevant statutory provisions.
- If content, tools or other means from other providers (hereinafter jointly referred to as “third party providers”) are used within the scope of this data protection declaration and their registered office is located in a third country, it is to be assumed that a data transfer to the registered office states of the third party providers takes place. Third countries are countries in which the DSGVO is not a directly applicable law, i.e. basically countries outside the EU or the European Economic Area. Data is transferred to third countries either if there is an appropriate level of data protection, user consent or other legal permission.
- Provision of contractual Services
- We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 Para. 1 lit b. DSGVO.
- Users can optionally create a user account, in particular by viewing their orders. Within the framework of registration, the required mandatory information will be communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data will be deleted with regard to the user account, subject to its retention for commercial or tax reasons pursuant to Art. 6 para. 1 lit. c DSGVO. It is the responsibility of the users to secure their data before the end of the contract in the event of termination. We are entitled to irretrievably delete all user data stored during the term of the contract.
- Within the scope of registration and renewed registrations as well as use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. These data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation pursuant to Art. 6 para. 1 lit. c DSGVO.
- We process usage data (e.g., the websites visited on our website, interest in our products) and content data (e.g., entries in the contact form or user profile) for advertising purposes in a user profile in order to show the user, e.g. product information based on the services they have previously used.
- How to contact us
- When contacting us (via contact form or e-mail), the user’s details will be processed in order to process the contact request and its processing in accordance with Art. 6 Para. 1 lit. b) DSGVO.
- Collection of Access Data and Log Files
- On the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f., we collect DSGVO data on each access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
- Log file information is stored for security reasons (e.g. to clarify abuse or fraud actions) for a maximum period of 14 days and then deleted. Data, the further storage of which is necessary for evidence purposes, is excluded from deletion until the respective incident has been finally clarified.
- Cookies & Range Measurement
- Cookies are pieces of information that are transferred from our web server or third party web servers to the user’s web browser and stored there for later retrieval. Cookies can be small files or other types of information storage.
- We use “session cookies”, which are only stored for the duration of the current visit to our online presence (e.g. to enable the storage of your login status or the shopping basket function and thus the use of our online offer at all). In a session cookie, a randomly generated unique identification number is stored, a so-called session ID. In addition, a cookie contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online service and log out or close your browser, for example.
- If the users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
- Google Analytics
- Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
- Google will use this information on our behalf to evaluate the use of our online services by users, to compile reports on activities within this online service and to provide us with other services related to the use of this online service and the Internet. Pseudonymous user profiles can be created from the processed data.
- We use Google Analytics to display ads placed by Google and its partners within advertising services only to users who have shown an interest in our online services or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) which we transmit to Google (so-called “remarketing” or “Google Analytics Audiences”). With the help of remarketing audiences, we would also like to ensure that our ads correspond to the potential interest of the users and do not appear annoying.
- We use Google Analytics only with IP anonymization enabled. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
- Further information on the use of data by Google, setting and objection options can be found on the websites of: https://www.google.com/intl/de/policies/privacy/partners („Use of data by Google when using the websites or apps of our partners“), http://www.google.com/policies/technologies/ads („Use of data for advertising purposes“), http://www.google.de/settings/ads („Manage information that Google uses to show you advertising“).
- Facebook Social Plugins
- On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer in the sense of Art. 6 Para. 1 lit. f. of the German Civil Code), we make use of the information provided on this website. DSGVO) Social Plugins (“Plugins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white “f” on a blue tile, the terms “like”, “like” or a “thumb up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of the Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
- Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
- When a user calls a function of this online service that contains such a plugin, his device establishes a direct connection to Facebook’s servers. The content of the plugin is transmitted directly from Facebook to the user’s device and integrated into the online service by the user. User profiles can be created from the processed data. We therefore have no influence on the extent of the data that Facebook collects with the help of this plugin and therefore inform the user according to our state of knowledge.
- By integrating the plugins, Facebook receives the information that a user has called up the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. When users interact with the plugins, for example by clicking the Like button or commenting, the corresponding information is transferred directly from your device to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to find out his IP address and save it. According to Facebook, only an anonymous IP address is stored in Germany.
- The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the relevant rights and setting options to protect the privacy of users can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy/.
- If a user is a Facebook member and does not want Facebook to collect data about him or her via this online service and link it to the member data stored on Facebook, he or she must log out of Facebook and delete his or her cookies before using our online service. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US-American page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.
- Integration of Third-Party Cervices and Content
- Within the scope of our online offer, we act on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. of the German Civil Code). DSGVO) content or service offers from third parties in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”). This always presupposes that the third-party providers of this content perceive the IP address of the user, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We make every effort to use only those contents whose respective providers only use the IP address to deliver the contents. Third party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring web pages, visit times and other information about the use of our online offering, as well as may be linked to such information from other sources.
- The following presentation provides an overview of third party providers and their contents, along with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, possible objections (so-called opt-out):
- Rights of Users
- Users have the right, upon request and free of charge, to obtain information about the personal data we have stored about them.
- In addition, users have the right to correct inaccurate data, limit the processing and delete their personal data, if applicable, to assert their rights to data portability and, in the event of the assumption of unlawful data processing, to lodge a complaint with the competent supervisory authority.
- Users can also revoke their consent, in principle with effect for the future.
- Deletion of Data
- The data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them. If the user’s data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to user data that must be stored for commercial or tax reasons.
- According to legal requirements, the data is stored for 6 years in accordance with § 257 Para. 1 HGB (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting records, etc.) and for 10 years in accordance with § 147 Para. 1 AO (books, records, management reports, accounting records, commercial and business letters, documents relevant for taxation, etc.).
- Right of Objection
- Users may at any time object to the future processing of their personal data in accordance with the statutory provisions. The objection can be made in particular against the processing for purposes of direct marketing.
- Changes to the Data Protection Declaration
- We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service or data processing. However, this only applies to declarations on data processing. If the user’s consent is required or if elements of the data protection declaration contain provisions governing the contractual relationship with the user, the changes will only be made with the user’s consent.
Users are requested to inform themselves regularly about the content of the data protection declaration.
+49 9371 6692 89-0