Privacy & Data Protection Policy

Data Protection Policy

We are delighted that you are interested in our company. Data protection is particularly important to IQSER Technologie GmbH. Use of the Internet site of IQSER Technologie GmbH (hereinafter referred to as „the controller“, „we“ or us“) for information purposes is fundamentally possible without providing any personal data. Insofar as a user of the website (II.) or of INSTANTLI (III.) (hereinafter referred to as the „data subject“ or „user“) wishes to make use of specific services of our company through our website or INSTANTLI, processing of personal data may, however, be necessary. If processing of personal data is required and there is no legal basis for such processing, we shall obtain the consent of the data subject.

As of 05.25.2018 personal data, for example the name, address, email address or telephone number of a data subject, shall always be processed in accordance with the General Data Protection Regulation and always in line with the country-specific data protection provisions that apply to those responsible (currently, in particular, the Federal Data Protection Act („BDSG“)).

The controller has implemented numerous technical and organizational measures to ensure protection of the personal data processed via this website that is as complete as possible. Nevertheless, Internet-based data transfers may, as a matter of principle, have security loopholes, with the result that absolute protection cannot be guaranteed. Every data subject is therefore free to provide personal data to us by an alternative method, such as by telephone.

I. General regulations

1. General provisions

The data processing policy of the controller is based on the terminology that was used by the European regulator in issuing the General Data Protection Regulation and which can also be found to a large extent in the country-specific data protection provisions. The data protection policy should be easy to read and comprehensible for both the public and our customers and business partners. With this in mind, we would like to explain the key terms at the outset.

The terms we use in this data protection policy include the following:

1.1 Personal data

Personal data is any information that relates to an identified or identifiable natural person. A natural person is regarded as identifiable if they can be identified, either directly or indirectly, in particular by means of association with an identifier such as a name, an ID number, location data, an online ID or with one or more distinctive features that may indicate the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1.2 Data subject

The data subject is any identified or identifiable natural person whose personal data is processed by the controller.

1.3 Processing

Processing is any operation or set of operations, carried out with or without the aid of automated processes, in connection with personal data such as collection, recording, organization, sorting, saving, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or another form of provision, alignment or combination, blocking, erasure or destruction.

1.4 Restricting processing

Restricting processing comprises marking personal data that has been saved, with the aim of restricting its future processing.

1.5 Profiling

Profiling is any type of automated processing of personal data that consists in using this personal data to assess certain personal aspects of a natural person, in particular to analyze or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behavior, place of residence or change of location of that natural person.

1.6 Pseudonymization

Pseudonymization involves processing personal data in such a way that the personal data can no longer be associated with a specific data subject without drawing on additional information, provided that such additional information is stored separately and is subject to technical and organizational measures that guarantee that the personal data cannot be associated with an identified or identifiable natural person.

1.7 Controller

The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing of personal data. If the purposes and means of that processing are determined by EU legislation or the legislation of the Member States, the controller or the specific criteria for its nomination may be designated by Union law or the law of the Member States.

1.8 Processor

A processor is a natural or legal person, public authority, agency or other body that processes data on behalf of the controller.

1.9 Recipient

A recipient is a natural or legal person, public authority, agency or other body to which personal data is disclosed, irrespective of whether it is a third party or not. Public authorities which may receive personal data in the framework of a particular inquiry under EU law or the law of the Member States are not, however, regarded as recipients.

1.10 Third party

A third party is a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorized to process personal data.

1.11 Consent

Consent is any declaration of intent made voluntarily by the data subject in the specific case in an informed and unmistakable way, in the form of a declaration or other action clearly indicating confirmation, by means of which the person makes it clear that he agrees to processing of the personal data relating to him.

2. Name and address of the controller

The controller within the meaning of the BDSG, the future General Data Protection Regulation, other data protection legislation and other provisions relating to data protection that apply in the member states of the European Union is:

IQSER Technologie GmbH

Heinrich-Lanz-Straße 19-21
68165 Mannheim

VAT reg. no.: DE311363213

Tel.: +49 621 1806577-0
Email: google.extensions@iqser.com
Website: iqser.cloud

II. Provisions for the website

1. Collection of general data and information when using the website for information

1.1 Type, scope, and purposes of the data processing

1.1.1 The controller’s website collects a set of general data and information every time the website is accessed by a user or an automated system. This general data and information is saved in the log files of the server. The following may be recorded: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the pages that are activated on our website via an accessing system, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information that serves to protect against risk in the event of attacks on our information technology systems.

1.1.2 The data is required (1) to deliver the content of our website correctly, (2) to optimize the content of our website and the advertising for it and (3) to ensure the continuous functional capacity of our information technology systems and the technology of our website. The IP addresses of the users are erased or anonymized when they leave the website. In the case of anonymization, the IP addresses are changed in such a way that the individual details about personal or material relationships can no longer be associated with a specific or identifiable natural person, or this can only be done with a disproportionate commitment of time, money, and effort. The data and information collected are therefore recorded by the controller for statistical purposes on the one hand and, on the other hand, are evaluated with the aim of increasing data protection and data security in our company, in order ultimately to ensure the optimal level of protection for the personal data processed by us. The general data in the server log files is saved separately from all personal data provided by a data subject.

1.2 Legal basis and period of storage

1.2.1 The legal basis for processing the personal data of the data subject in connection with use of the website for information purposes as of May 25, 2018 is Art. 6 (1) sentence 1 letter b of the European General Data Protection Regulation (EU) 2016/679.

1.2.2 We erase the data collected during the website visit which may allow identification of the data subject immediately after the website visit.

2. Contact option via the website

2.1 Type, scope, and purposes of the data processing

On the basis of statutory regulations, the controller’s website has information which allows fast electronic contact with our company and direct communication with us, including a general address for so-called electronic mail (email). If a data subject makes contact with the controller by email or via a contact form, the personal data provided by the data subject is stored automatically. Such personal data provided on a voluntary basis by the data subject to the controller is saved for processing purposes or to make contact with the data subject. This personal data will not be passed on to third parties.

2.2 Legal basis and period of storage

2.2.1 The legal basis for processing the personal data of the data subject in connection with contact made with us as of May 25, 2018 is Art. 6 (1) sentence 1 letter b of the European General Data Protection Regulation (EU) 2016/679.

2.2.2 We erase the data collected when contact is made with us which may allow identification of the data subject immediately after the inquiry has been processed, provided that the data is not required for purposes connected with the inquiry.

3. Data protection in relation to applications and in the application process

3.1 Type, scope, and purposes of the data processing

3.1.1 The controller collects and processes the personal data of applicants for the purposes of completing the application procedure. Processing may also be carried out electronically. This is the case, in particular, if the applicant submits corresponding application documents to the controller electronically, by email for example, or via a web form on the website. If the controller concludes an employment contract with an applicant, the data transferred will be saved for the purposes of handling the employment relationship in accordance with the statutory regulations.

3.2 Legal basis and period of storage

3.2.1 The legal basis for processing the personal data of the data subject in connection is Art. 6 (1) sentence 1 letter b and f of the European General Data Protection Regulation (EU) 2016/679 as of May 25, 2018.

3.2.2 If no employment contract is concluded by the controller with the applicant, the application documents are erased two months from notification of the rejection, provided that erasing them is not at odds with any other legitimate interest of the controller. Other legitimate interests within the meaning of Art.6 (1) sentence 1 letter f of the European General Data Protection Regulation (EU) includes, for example, an obligation to provide evidence in proceedings under the German General Equal Opportunities Act (AGG).

4. Registration

4.1 Type, scope, and purposes of the data processing

4.1.1 The data subject has the option to register on the controller’s website by providing personal data. Registration of the data subject with voluntary provision of personal data serves to allow the controller to offer the data subject content or services that can only be offered to registered users on the basis of execution of the contractual relationship. Which personal data is submitted to the controller is determined by the respective input screen used for registration. The controller may arrange for transfer to one or more processors which are associated with the controller and which also make use of the personal data for internal purposes only.

4.1.2 During registration on the controller’s website, the IP address allocated by the data subject’s Internet service provider (ISP), the date and the time of registration are also saved. This data is saved in the context of the fact that misuse of our services can only be prevented in this way, and that this data allows investigation of criminal acts if necessary. As a matter of principle, this data is not transferred to third parties unless there is a legal obligation to do so or such a transfer facilitates investigation of a criminal act.

4.1.3 The controller also collects, saves, and processes the registration data for its own marketing purposes, provided that the data subject has expressly consented to this. The registration data is used for marketing purposes to send out a newsletter about certain products or marketing campaigns and recommend products or services that may be of interest to the data subject. The so-called double opt-in process is used to send out the newsletter, i.e. the newsletter will only be sent out by email if the data subject has first expressly confirmed that the newsletter service is to be activated. The data subject then receives a notification email with the request to click a link in the email to confirm that the data subject wishes to receive the newsletter.

4.1.4 Registered persons have the opportunity to alter the personal data provided on registration at any time or to have it erased completely from the controller’s database.

4.2 Legal basis and period of storage

4.2.1 The legal basis for processing the personal data of the data subject in connection with registration as of May 25, 2018 is Art. 6 (1) sentence 1 letter a and b of the European General Data Protection Regulation (EU) 2016/679.

4.2.2 The registration data is stored by us as long as required to provide the respective service or to fulfill the purpose for which it was collected.

5. Comment function

5.1 Type, scope, and purposes of the data processing

5.1.1 For the comment function on this site, information about the time at which the comment was created, the email address and, unless posted anonymously, the username of the data subject are saved in addition to the comment itself.

5.1.2 Saving the IP address

Our comment function saves the IP address of the user who makes the comment. As we do not check comments on our website before they are released, we require this data to take action against the author in the case of breaches of the law such as libel or propaganda.

5.1.3 Subscription to comments

Users of the site can subscribe to comments following registration. They receive a confirmation email to check that they are the owners of the email address provided. They can cancel this function at any time by means of a link in the information email.

5.2 Legal basis and period of storage

5.2.1 The legal basis for processing the personal data of the data subject in connection with the comment function is Art. 6 (1) sentence 1 letter a of the European General Data Protection Regulation (EU) 2016/679 as of May 25, 2018.

5.2.2 The data is stored by us as long as required to provide the comment function or to fulfill the purpose for which the personal data was collected.

6. Cookies

6.1 Type, scope, and purposes of the data processing

6.1.1 Depending on the settings of the data subject’s browser, the controller collects information about the use of the website by using so-called cookies. Cookies are small text files that are saved on the data subject’s data carrier and which save certain settings and data used to interact with the controller’s system via the browser. Most of the cookies used are erased from the data subject’s hard drive at the end of the browser session (session cookies). Session cookies are required, for example, to offer the login information over several pages. Other cookies remain on the data subject’s computer and make it possible to recognize the computer on the next visit (persistent cookies).

6.1.2 Using cookies makes it possible for the controller to provide users of the website with user-friendly services which would not be available without storing the cookies.

6.1.3 A cookie can be used to tailor the information and services offered on our website to the user.

6.1.4 The data subject can refuse to accept cookies from our website at any time with the appropriate setting in the browser used and therefore reject storage of cookies permanently. Cookies that have already been set can also be erased by means of a web browser or other software programs (e.g. Firefox: Extras > Settings > Data protection > Show cookies > Remove cookie/Remove all cookies; Internet Explorer: Extras > Internet options > Delete general browser history/cookies). This is possible in all standard web browsers. If the data subject deactivates cookies in the web browser used, it may be that some of the functions on our website are unavailable to their full extent.

6.2 Legal basis and period of storage

6.2.1 The legal basis for processing the personal data of the data subject in connection with cookies is Art. 6 (1) sentence 1 letter a and b of the European General Data Protection Regulation (EU) 2016/679 as of May 25, 2018.

6.2.2 The data collected by us via cookies is stored as long as required to provide the respective service or to fulfill the purpose for which the personal data was collected or until cookies are deactivated.

7. Google Web Analytics services that use cookies

7.1 Type, scope, and purposes of the data processing

7.1.1 Data protection provisions for the use of Google Analytics (with anonymization function)

7.1.1.1 The controller has integrated the Google Analytics component (with anonymization function) into this website. Google Analytics is a web analysis service. Web analysis is the recording, collection, and evaluation of data about the behavior of visitors to the website. A web analysis service records, among other things, the website from which a data subject has come to the website (so-called referrer), which pages of the website have been accessed and how often and for what period a page has been viewed. Web analysis is used to optimize a website and for cost-benefit analysis of Internet advertising.

7.1.1.2 The operating company for the Google Analytics component is Google Inc. („Google“), 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

7.1.1.3 The controller uses the suffix „_gat._anonymizeIP“ for web analysis via Google Analytics. By means of this suffix, the IP address of the data subject’s Internet connection is abbreviated and anonymized by Google if access to our website comes from another member state of the European Union or from another signatory to the Agreement on the European Economic Area.

7.1.1.4 Google Analytics places a cookie on the information technology system of the data subject. A description of what cookies are has already been provided above. When the cookies have been placed, Google is able to analyze use of our website. When each of the individual pages of the website operated by the controller and on which the Google Analytics component has been integrated is accessed, the web browser on the information technology system of the data subject is prompted by the Google Analytics component to transfer data to Google for the purposes of online analysis. Within the framework of this technical process, Google is provided with information about personal data, such as the IP address of the data subject, which Google uses, among other things, to identify the origin of the visitor and clicks, and subsequently to facilitate calculation of commission.

7.1.1.5 Personal information, such as the access time, the location from which access is made and the frequency of the visits to our website by the data subject, is saved by means of the cookie. On every visit to our website, this personal data, including the IP address of the Internet connection used by the data subject, is sent to Google in the United States of America. This personal data is stored by Google in the United States of America. Under certain circumstances, Google may pass this personal data collected by means of the technical process to third parties.

7.1.1.6 As described above, the data subject can refuse to accept cookies from our website at any time with the appropriate setting in the browser, and therefore reject storage of cookies permanently. Setting the web browser in this way would also prevent Google from placing a cookie on the information technology system of the data subject. A cookie already placed by Google Analytics can also be erased at any time by the web browser or other software programs.

7.1.1.7 Furthermore, the data subject has the option to object to and prevent recording of the data generated by Google Analytics relating to use of this website and processing of that data by Google. The data subject must download and install a browser add-on for this purpose from the link https://tools.google.com/dlpage/gaoptout. This browser add-on notifies Google Analytics by JavaScript that no data or information about visits to websites may be sent to Google Analytics. Installation of the browser add-on is deemed to be an objection by Google. If the information technology system of the data subject is deleted, formatted or re-installed at a later date, the data subject must re-install the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within his control, there is the option to re-install or re-activate the browser add-on.

7.1.1.8 Further information and the relevant data protection provisions of Google can be accessed at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under the following link: https://www.google.com/intl/de_de/analytics/.

7.1.2 Data protection provisions for the use of Google AdWords

7.1.2.1 The controller has integrated Google AdWords into this website. Google AdWords is an Internet advertising service which makes it possible for advertisers to include adverts both in Google search engine results and in the Google advertising network. Google AdWords allows an advertiser to set keywords determined in advance, by means of which an ad is displayed in the search engine results of Google only when the user obtains a search result in the search engine that is relevant to a keyword. On the Google advertising network, ads are distributed over topic-related websites by means of an automatic algorithm, taking account of keywords determined in advance.

7.1.2.2 Google is the operating company of the Google AdWords services.

7.1.2.3 The purpose of Google AdWords is to advertise our website by displaying interest-related advertising on the websites of third-party companies and in the search engine results of the Google search engine and to display external advertising on our website.

7.1.2.4 If a data subject reaches our website via a Google ad, a conversion cookie is stored on the information technology system of the data subject by Google. A description of what cookies are has already been provided above. A conversion cookie ceases to be valid after thirty days and is not used to identify the data subject. Provided that the conversion cookie has not expired, it is used to determine whether certain pages are opened on our website, such as the shopping cart of an online shop system. By means of the conversion cookie, both we and Google can track whether a data subject who accesses our website via an AdWords ad generates a sale, i.e. has completed or cancelled the purchase of an item.

7.1.2.5 The data and information collected by means of the conversion cookie is used by Google to compile visit statistics for our website. These visit statistics are used by us in turn to determine the total number of users that are sent to us via AdWords ads, i.e. to measure the success or failure of the respective AdWords ad, and to optimize our AdWords ads in the future. Neither our company nor other advertising clients of Google AdWords receive information from Google by means of which the data subject could be identified.

7.1.2.6 Personal information, such as the websites visited by the data subject are saved by means of the conversion cookie. On every visit to our website, personal data, including the IP address of the Internet connection used by the data subject, is accordingly sent to Google in the United States of America. This personal data is stored by Google in the United States of America. Under certain circumstances, Google may pass this personal data collected by means of the technical process to third parties.

7.1.2.7 As described above, the data subject can refuse to accept cookies from our website at any time with the appropriate setting in the browser, and therefore reject storage of cookies permanently. An appropriate setting in the web browser used would also prevent Google from placing a conversion cookie on the information technology system of the data subject. A cookie already placed by Google AdWords can also be erased at any time by the web browser or other software programs.

7.1.2.8 Moreover, the data subject has the option to object to interest-related advertising from Google. To do so, the data subject must open the link www.google.de/settings/ads on each of the website browsers used and adjust the settings as required.

7.1.2.9 Further information and the relevant data protection provisions of Google can be accessed at https://www.google.de/intl/de/policies/privacy/.

7.2 Legal basis and period of storage

7.2.1 The legal basis for processing the personal data of the data subject in connection with web analytics services is Art. 6 (1) sentence 1 letter a, b and f of the European General Data Protection Regulation (EU) 2016/679 as of May 25, 2018. If we process your personal data on the basis of Art. 6 (1) sentence 1 letter f, this is based on the legitimate interest of designing our website in a user-friendly way and placing user-related advertising.

7.2.2 The data collected by us via cookies is stored as long as required to provide the respective service or to fulfill the purpose for which the personal data was collected or until cookies are deactivated.

8. Social plugins

8.1 Type, scope and purposes of the data collection, processing and use

8.1.1 Data protection for the social plugins used

8.1.2 The website includes buttons from various social networks using called „2-click solution“. In order to leave the decision as to whether data is transferred to these networks to the data subject, only a link to the respective function is provided initially, instead of the actual social plugin. Only when the link is clicked will the respective social plugin be activated, which leads to the data transfers described below.

8.2 Data protection provisions for the use of Facebook

8.2.1 The controller has integrated components of the company Facebook into this website.

8.2.2 The operating company of Facebook is Facebook Inc. („Facebook“), 1 Hacker Way, Menlo Park, CA 94025, USA. The personal data controller if the data subject lives outside the USA or Canada is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

8.2.3 Following activation of the social plugin, every time one of the individual pages of the website operated by the controller and on which a Facebook component (Facebook plugin) has been integrated is accessed, the web browser on the information technology system of the data subject is prompted by the Facebook component to download a representation of the corresponding Facebook component from Facebook. A general overview of all the Facebook plugins can be accessed at https://developers.facebook.com/docs/plugins/?locale=de_DE. Within the framework of this technical process, Facebook is provided with information about which specific page of our website is being visited by the data subject.

8.2.4 If the data subject is simultaneously logged in to Facebook, Facebook detects which specific page of our website the data subject is visiting every time our website is accessed by the data subject and throughout the time he spends on our website. This information is collected by the Facebook component and associated by Facebook with the Facebook account of the data subject. If the data subject clicks one of the Facebook buttons integrated into our website, the „Like“ button for example, or if the data subject posts a comment, Facebook associates this information with the personal Facebook user account of the data subject and saves this personal data.

8.2.5 If the data subject does not want this information to be transferred to Facebook in this way, the transfer can be prevented by logging out of his Facebook account before accessing our website.

8.2.6 The data policy published by Facebook, which can be accessed at https://de- de.facebook.com/about/privacy/, provides information about collection, processing, and use of personal data by Facebook. An explanation can also be found there of the settings options offered by Facebook to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transfer to Facebook, such as Facebook Blocker from the provider Webgraph, which can be purchased at http://webgraph.com/resources/facebookblocker. Such applications can be used by the data subject to suppress a data transfer to Facebook.

8.3 Data protection provisions for the use of LinkedIn

8.3.1 The controller has integrated components of the LinkedIn Corporation into this website. LinkedIn is an Internet-based social network that connects the user with existing business contacts and allows new business contacts to be made.

8.3.2 The operating company of LinkedIn is the LinkedIn Corporation („LinkedIn“), 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection issues outside the USA.

8.3.3 Following activation of the plugin, the LinkedIn component prompts the browser used by the data subject to download a corresponding representation of the LinkedIn component every time our website is accessed. Further information about LinkedIn plugins can be accessed at https://developer.linkedin.com/plugins. Within the framework of this technical process, LinkedIn is provided with information about which specific page of our website is being visited by the data subject.
8.3.4 If the data subject is simultaneously logged in to LinkedIn, LinkedIn detects which specific page of our website the data subject is visiting every time our website is accessed by the data subject and throughout the time he spends on our website. This information is collected by the LinkedIn component and associated by LinkedIn with the LinkedIn account of the data subject. If the data subject clicks a LinkedIn button integrated into our website, LinkedIn associates this information with the personal LinkedIn user account of the data subject and saves this personal data.

8.3.5 If the data subject does not want this information to be transferred to LinkedIn in this way, the transfer can be prevented by logging out of his LinkedIn account before accessing our website.

8.3.6 LinkedIn provides the option to switch off email messages, SMS messages and targeted ads and to manage advertising settings at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may use cookies. Such cookies may be rejected at https://www.linkedin.com/legal/cookie-policy. The applicable data protection provisions of LinkedIn can be accessed at https://www.linkedin.com/legal/privacy-policy. The cookie policy of LinkedIn can be accessed at https://www.linkedin.com/legal/cookie-policy.

8.4 Data protection provisions for the use of Twitter

8.4.1 The controller has integrated components of Twitter into this website. Twitter is a multilingual, publicly accessible microblogging service on which users can publish and disseminate tweets, short messages that are limited to 140 character.

8.4.2 The operating company of Twitter is Twitter Inc. („Twitter“), 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

8.4.3 Following activation of the plugin, every time one of the individual pages of the website operated by the controller and on which a Twitter component (Twitter button) has been integrated is accessed, the web browser on the information technology system of the data subject is prompted by the Twitter component to download a representation of the corresponding Twitter component from Twitter. Further information about the Twitter buttons can be accessed at https://about.twitter.com/de/resources/buttons. Within the framework of this technical process, Twitter is provided with information about which specific page of our website is being visited by the data subject. The purpose of integrating the Twitter component is to allow our users to disseminate the content of the website, raise awareness of the website in the digital world and increase the number of visitors.

8.4.4 If the data subject is simultaneously logged in to Twitter, Twitter detects which specific page of our website the data subject is visiting every time our website is accessed by the data subject and throughout the time he spends on our website. This information is collected by the Twitter component and associated by Twitter with the Twitter account of the data subject. If the data subject clicks a Twitter button integrated into our website, the data and information transferred as a result is associated with the personal Twitter user account of the data subject and is saved and processed by Twitter.

8.4.5 Twitter always receives a notification that the data subject has visited our website if the data subject is logged in to Twitter at the time he accesses our website. If the data subject does not want this information to be transferred to Twitter in this way, the transfer can be prevented by logging out of his Twitter account before accessing our website.

8.4.6 The applicable data protection provisions of Twitter can be accessed at https://https://twitter.com/privacy?lang=de.

8.5 Data protection provisions for the use of Xing

8.5.1 The controller has integrated components of Xing into this website. Xing is an Internet-based social network that connects the user with existing business contacts and allows new business contacts to be made.

8.5.2 The operating company of Xing is XING AG („Xing“), Dammtorstrasse 30, 20354 Hamburg, Germany.

8.5.3 Following activation of the plugin, every time one of the individual pages of the website operated by the controller and on which a Xing component (Xing plugin) has been integrated is accessed, the web browser on the information technology system of the data subject is prompted by the
Xing component to download a representation of the corresponding Xing component from Xing. Further information about Xing plugins can be accessed at https://dev.xing.com/plugins. Within the framework of this technical process, Xing is provided with information about which specific page of our website is being visited by the data subject.

8.5.4 If the data subject is simultaneously logged in to Xing, Xing detects which specific page of our website the data subject is visiting every time our website is accessed by the data subject and throughout the time he spends on our website. This information is collected by the Xing component and associated by Xing with the Xing account of the data subject. If the data subject clicks a Xing button integrated into our website, the „Share“ button for example, Xing associates this information with the personal Xing user account of the data subject and saves this personal data.

8.5.5 Xing always receives a notification that the data subject has visited our website if the data subject is logged in to Xing at the time he accesses our website; this happens irrespective of whether the data subject clicks on a Xing component or not. If the data subject does not want this information to be transferred to Xing in this way, the transfer can be prevented by logging out of his Xing account before accessing our website.

8.5.6 The data policy published by Xing, which can be accessed at https://www.xing.com/privacy, provides information about collection, processing and use of personal data by Xing. In addition, Xing has published data protection information about the XING Share button at https://www.xing.com/app/share?op=data_protection.

8.5.7 Legal basis and period of storage

8.5.7.1 The legal basis for processing the personal data of the data subject in connection with social plugins is Art. 6 (1) sentence 1 letter a and b of the European General Data Protection Regulation (EU) 2016/679 as of May 25, 2018.

8.5.7.2 The data collected via social plugins is stored by us as long as required to provide the respective service or to fulfill the purpose for which the personal data was collected.

9. Payment method: Credit card

9.1 Type, scope and purposes of the data collection, processing and use

9.1.1 The controller has integrated a plugin for payment by credit card into this website.

9.1.2 During the order process in our online shop with the payment option
„credit card“, the data about the data subject required to make a payment by credit card is transferred automatically to the financial institution that issued the credit card in question and to the plugin provider (currently: Stripe, Inc.). The data subject consents to the transfer of the personal data required to process the payment.

9.1.3 The personal data transferred usually comprises the first name, surname, address, email address, IP address, telephone number, cell phone number or other data required to process the payment. Personal data relating to the respective order is also required to process that order.

9.1.4 The data is transferred for the purposes of processing the payment and preventing fraud.

9.1.5 The financial institution may pass the personal data on to affiliated companies, service providers or subcontractors, if this is necessary to fulfill the contractual obligations or processing of the data has been contracted out.

9.1.6 The data subject has the option to withdraw consent for handling of personal data at any time. A withdrawal does not apply to personal data that must be processed, used or transferred to transact the payment (in accordance with the Contract).

9.1.7 The controller does not have access to the data that the data subject enters via the plugin to process the payment.

9.2 Legal basis and period of storage

9.2.1 The legal basis for processing the personal data of the data subject in connection with payment by credit card is Art. 6 (1) sentence 1 letter a and b of the European General Data Protection Regulation (EU) 2016/679 as of May 25, 2018.

9.2.2 The data collected in the course of the payment is stored as long as required to fulfill the purpose for which the personal data was collected.

III. Provisions for the app and the GIN cloud

1. The app

1.1 INSTANTLI app is a program for Windows and OS X that has been developed and is provided by the controller.

1.2 INSTANTLI can be downloaded both from the controller’s website and from various app stores.

2. Handling data when downloading the app

2.1 Once INSTANTLI has been downloaded, the program checks an address for this domain every time it starts to determine whether there is an updated version. In this process, the user only sends the data required for Internet communication. The communication data is saved only to compile statistics about access to the Internet pages under Instantli.com.

2.2 If INSTANTLI has been downloaded from an app store, the check is carried out by the mechanisms of the app store. The data protection provisions of the respective app store operator apply in this case.

3. Handling data in the app

3.1 INSTANTLI checks the content of services that are activated in the program settings. This content also includes messages from friends from the social networks Facebook, LinkedIn, and Twitter, as well as related Amazon products.

3.2 The specified content is displayed, networked, and stored temporarily in INSTANTLI in order to provider the user with relevant content that is as comprehensive as possible and facilitate fast program response times. The user can deactivate retrieval of data in the settings of INSTANTLI at any time.

3.3 The user has the option to share the content visible in INSTANTLI with other people via email or on the social networks Facebook, LinkedIn, and Twitter. This function is always carried out via the account that the user has set up for his email correspondence or for the social networks. The controller cannot accept liability for content that the user shares with other people.

3.4 Fundamentally, INSTANTLI holds all data locally on the user’s Mac or PC and does not synchronize user data with the GIN server or any other server of the controller.

4. Handling data when using the GIN CLOUD

4.1 Insofar as INSTANTLI is used in conjunction with the GIN CLOUD, INSTANTLI also retrieves data from the GIN server for which the user has specified the address and access data in the program settings. The GIN server is a product of the controller that is operated by the user for data integration and analysis. The user can upload data from his PC to the GIN CLOUD.

4.2 Data, including personal data, that is retrieved by INSTANTLI via interfaces such as those with social networks are simply transmitted between the user’s PC and the social networks when using the GIN CLOUD. There is no redundant storage of this transferred data.

4.3 If the „Sidebar“ browser extension is used with INSTANTLI in conjunction with the GIN CLOUD, a specific key combination applied by the customer sends data, including personal data, from the selected website to the GIN server, where it is analyzed in terms of content and then erased again.

4.4 The data uploaded to the GIN CLOUD by the user, including personal data and data that is simply sent from or to the user via the GIN CLOUD, are only ever processed to provide the INSTANTLI and GIN CLOUD services due under the Contract. Only if the user has expressly consented to use beyond this is the data in the GIN CLOUD also used for other purposes, as specified in the consent in question.

5. Legal basis and period of storage

5.1 The legal basis for processing the personal data of the data subject in connection with the GIN CLOUD is Art. 6 (1) sentence 1 letter a and b of the European General Data Protection Regulation (EU) 2016/679 as of May 25, 2018.

5.2 The data collected via the GIN CLOUD is stored by us as long as required to provide the services contractually due or to fulfill the purpose for which the personal data was collected.

IV. Rights of the data subject

1. Right to information

1.1 Any data subject whose personal data is processed has the right to obtain information about the personal data stored about him free of charge at any time from the controller and to receive a copy of that information. Furthermore, the European regulator has granted the data subject the right to the following information:

1.1.1 the purposes of the processing;

1.1.2 the categories of personal data that are being processed;

1.1.3 the recipients or categories of recipients to whom the personal data has been disclosed or is still being disclosed, in particular in the case of recipients in third countries or in international organizations;

1.1.4 if possible, the planned period for which the personal data is stored or, if this is not possible, the criteria for determining that period;

1.1.5 the existence of a right to correction or erasure of the personal data about him or to restricting its processing by the controller or a right to object to that processing;

1.1.6 the existence of a right to complain to a supervisory authority;

1.1.7 if the personal data was not collected from the data subject: all available information about the origin of the data;

1.1.8 the existence of an automated decision-making process including profiling – as of May 25, 2018 in accordance with Art. 22 (1) and (4) of the European General Data Protection Regulation (EU) 2016/679 – and, insofar as an automated decision-making process takes place, full information about the logic involved, the scope and the intended effects of processing of this sort for the data subject.

1.2 Furthermore, the data subject has a right to information about transfer of personal data to a third country or an international organization. If this is the case, the data subject also has the right to receive information about the appropriate guarantees in relation to the transfer.

2. Right to correction

Every data subject affected by the processing of personal data has the right to demand immediate correction of personal data about them that is incorrect. Furthermore, the data subject has the right to demand completion of incomplete personal data (including by means of a supplementary statement) taking the purposes of the processing into account.

3. Right to erasure (right to be forgotten)

3.1 Any data subject whose personal data is processed has the right to demand of the controller that the personal data about him be erased immediately, if one of the following grounds applies and provided that processing is not required:

3.1.1 The personal data was collected or processed for purposes for which it is no longer required;

3.1.2 The data subject withdraws the consent on which processing is based – as of May 25, 2018, in accordance with Art. 6 (1) letter a or Art. 9 (2) letter a of the European General Data Protection Regulation (EU) 2016/679 – and there is no other legal justification for processing;

3.1.3 The data subject objects to the processing – as of May 25, 2018, in accordance with Art. 21 (1) of the European General Data Protection Regulation (EU) 2016/679 – and there is no precedent legitimate reasons for processing, or the data subject objects to the processing – as of 05.25.2018, in accordance with Art. 21 (2) of the European General Data Protection Regulation (EU) 2016/679;

3.1.4 The personal data was processed illegitimately;

3.1.5 Erasure of the personal data is required to meet a legal obligation under Union law or the law of the Member States to which the controller is subject;

3.1.6 The personal data was collected in relation to information society services – as of May 25, 2018, in accordance with Art. 8 (1) of the European General Data Protection Regulation (EU) 2016/679.

3.2 If the personal data has been made public by the controller and if our company, as the controller – as of May 25, 2018, in accordance with Art. 17 (1) of the European General Data Protection Regulation (EU) 2016/679 – is obliged to erase the personal data, the controller shall implement appropriate measures, including of a technical nature, taking account of available technology and the implementation costs, to notify other controllers that process the published personal data that the data subject has demanded of these other controllers that they erase all links to that personal data or erase copies or replicas of that personal data, provided that processing is not required.

4. Right to restrict processing

Any data subject whose personal data is processed has the right to demand that the controller restrict processing of that data, if one of the following prerequisites is met:

4.1 The correctness of the personal data is contested by the data subject, for a period that enables the controller to verify the correctness of the personal data;

4.2 Processing is illegal, the data subject has declined erasure of the personal data and demands instead a restriction of the use of the personal data;

4.3 The controller no longer requires the personal data for the purposes of processing, but the data subject requires it to pursue, exercise or defend legal claims;

4.4 The data subject objects to the processing – as of May 25, 2018, in accordance with Art. 21 (1) of the European General Data Protection Regulation (EU) 2016/679 – and it has not yet been established whether the legitimate grounds of the controller outweigh those of the data subject.

5. Right to transferability of data

5.1 As of May 25, 2018, any data subject whose personal data is processed has the right to receive the personal data that the data subject has provided to a controller in a structured, standard format that can be read by a machine. He also has the right to transfer this data to another controller without interference from the controller to whom the personal data was provided, provided that the processing is based on consent pursuant to Art. 6 (1) letter a or Art. 9 (2) letter a of the European General Data Protection Regulation (EU) 2016/679 or on a Contract pursuant to Art. 6 (1) letter b of the European General Data Protection Regulation (EU) 2016/679 and processing is carried out with the aid of automated operations, insofar as the processing is not required to complete a task that is in the public interest or is carried out in exercise of official authority that has been vested in the controller.

5.2 Furthermore, the data subject has the right as of May 25, 2018 in exercising his right to data transferability pursuant to Art. 20 (1) of the European General Data Protection Regulation (EU) 2016/679 to arrange for the personal data to be transferred directly from one controller to another controller, provided that this is technically feasible and that no rights and freedoms of other persons are impaired as a result.

6. Right to object

6.1 Any data subject whose personal data is processed has the right to object at any time to processing of personal data about him, which is carried out as of May 25, 2018 on the basis of Art. 6 (1) letter e or f of the European General Data Protection Regulation (EU) 2016/679, for reasons resulting from his specific situation. This also applies to profiling based on these provisions.

6.2 The controller shall stop processing the personal data in the event of an objection, unless we can demonstrate compelling grounds for processing that are worthy of protection and that outweigh the interests, rights, and freedoms of the data subject, or the processing serves to pursue, exercise or defend legal claims.

7. Existence of an automated decision-making process

As a responsible company, we refrain from using any automated decision-making process or profiling.

8. Right to withdraw consent under data protection law

8.1 Every data subject whose personal data is processed has the right to withdraw consent for processing of personal data at any time.

8.2 If the data subject wishes to exercise his right to withdraw consent, he may do so at any time by contacting our Data Protection Officer or any other employee of the controller.

9. Exercising rights

All of the rights listed may be exercised by letter or email, without specific form, to the addresses specified under I 2 above.

10. TLS encryption

10.1 For reasons of security and to protect the transfer of confidential material, such as the inquiries that the data subject sends to us as the website operator, this website uses TLS 1.0 encryption. An encrypted connection can be recognized by the fact that the browser address bar changes from „http://“ to „https://“ and by the lock symbol on your browser bar.

10.2 When TLS encryption is activated, the data sent to us by the data subject cannot be read by third parties.

captcha
Bitte wiederhole den angezeigten Text hier:

Sende uns eine Nachricht

captcha
Bitte wiederhole den angezeigten Text hier:

IQSER

IQSER Technologie GmbH

Heinrich-Lanz-Str. 19-21
68165 Mannheim
Tel.: +49 621 1806577-0
Mail: info@iqser.com