Datenschutzerklärung

1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website or use one of our software products. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

Responsible position

Data processing on our website and within our software products (e.g. apps, WebApps, COSYS Cloud) is carried out by:

Cosys Ident GmbH
Am Kronsberg 1
31188 Holle

Fon: +49 5062 900 0
Fax: +49 5062 900 30
E-Mail:info@cosys.de

General Manager: Dirk Baule
Commercial register: Local court: Hildesheim HRB 1196

Sales tax ID: DE 115 970 788

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.)

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically by our IT systems when you visit the website or use our software products. This is primarily technical data (e.g. internet browser, operating system, device ID or time of use). This data is collected automatically during use.

Wofür nutzen wir Ihre Daten?

The data transmitted by you to make use of our range of goods and/or services is processed by us for the purpose of processing the contract and is necessary in this respect. Conclusion and execution of the contract are not possible without the provision of your data; the legal basis for processing is Art. 6 (1) (b) GDPR.

Some of the data is collected to ensure the error-free provision of the website or our software products. Other data may be used to analyze your user behavior and to send you information.

Welche Rechte haben Sie bezüglich Ihrer Daten?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact our data protection officer at any time with regard to this and other questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.

No obligation to provide & Consequences of non-provision

The provision of personal data is not required by law or contract and you are not obliged to provide data. We will inform you during the input process if the provision of personal data is required for the respective service (e.g. by marking it as a “mandatory field”). If data is required, failure to provide it will mean that the service in question cannot be provided. Otherwise, failure to provide the data may mean that we are unable to provide our services in the same form and quality.

Analysis tools and tools from third-party providers

When you visit our website or use apps for Windows, Android or iOS devices, your surfing and usage behavior may be statistically evaluated. This is primarily done using cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information on this can be found in the following privacy policy.

You can object to this analysis. We will inform you about the objection options in this privacy policy.

Data Protection Officer

We have appointed a data protection officer for our company.

Cosys Ident GmbH
Data Protection Officer
Am Kronsberg 1
31188 Holle

Tel. +49 5062 / 900 0
Fax: +49 5062 / 900 30
Email:datenschutz@cosys.de

2. General notes and mandatory information

Data protection

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use our website or our software products (e.g. apps, WebApps, COSYS Cloud), various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory

In the event of breaches of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link:https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

SSL- bzw. TLS-Verschlüsselung

For security reasons, we use SSL or TLS encryption for our websites and for the communication of our software products and to protect the transmission of confidential content, such as orders or inquiries that you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.

Hosting with external service providers

Our data processing includes the use of hosting service providers who provide us with storage space and processing capacity in their data centers. We do not pass on personal data to our hosting service providers. However, such data may be stored within an encrypted database on the servers provided by our hosting service providers.

Contract processing

In particular, the following data is processed for the purpose of providing contractual services, service and customer care, marketing, advertising and market research by our customers, interested parties and business partners:

Identification data (e.g. name, address and contact details)
Data in connection with the implementation of the business relationship (e.g. order data, bank details, contract data, payment data, remote maintenance logs)
Tax-relevant data
Correspondence (e.g. correspondence)
Advertising and sales data
Data from publications (e.g. website)

As part of the contract processing, we pass on your data to the transport company commissioned with the delivery of goods or to the financial service provider, insofar as the transfer is necessary for the delivery of goods or for payment purposes.

Checking creditworthiness and scoring

If we offer you the basic option of paying by invoice as part of our range of goods or services and you make use of this option, we reserve the right to obtain credit information from a credit agency (e.g. Creditreform, Schufa) on the basis of mathematical-statistical procedures. For this purpose, your data will be forwarded to the credit agency if it is relevant to the contract, e.g. your name and address. We use the subsequent information on the statistical probability of a payment default to decide whether to offer you payment by invoice.

The legal basis for this processing is our legitimate interest in the security of the claim in accordance with Art. 6 para. 1 lit. f) GDPR.

3. data collection on our website

Cookies

Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions desired by you (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy. These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP-Adresse

This data is not merged with other data sources.

The basis for data processing is Art. 6 para. 1 lit. f GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Contact form

If you send us inquiries via the contact or callback form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The data entered in the form is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email.The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Registration on our websites

You can log in/register in certain areas of our website in order to use additional functions on the site. We will only use the data you enter for the purpose of using the respective offer or service for which you have registered - for example, to register for an event or download an information brochure. The mandatory information requested during registration must be provided in full. Otherwise we may refuse your registration.

In the event of important changes, for example to the scope of the offer or technically necessary changes, we will use the e-mail address provided during registration to inform you in this way.

The processing of the data entered during registration is based on your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. All you need to do is send us an informal email. The legality of the data processing that has already taken place remains unaffected by the revocation.

The data collected during registration will be stored by us for as long as you are registered on our website and will then be deleted. Statutory retention periods remain unaffected.

Links to other websites

As the provider of our website, we are responsible for our own content in accordance with general legislation. Our own content is to be distinguished from “links” to content provided by other providers. COSYS accepts no responsibility or liability for third-party content provided via links and does not adopt their content as its own. There is no influence on whether and how these providers comply with the data protection regulations.

4. Newsletter

Newsletterdata

On our websites and within our software products, you have the option of subscribing to our newsletter.

You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the unsubscribe link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

You can revoke your consent to receive the newsletter at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. All you have to do is inform us of your revocation or click on the unsubscribe link contained in every newsletter.

5. Integration of third-party providers (Google, Facebook, Twitter, etc.)

Google Analytics

On our websites we use Google Analytics, a web analysis service of Google Inc (hereinafter: Google). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these websites, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link:Browser-Add-on for deactivating goolge analytics.

In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking on this link. This will install an opt-out cookie on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future as long as the cookie remains installed in your browser.

Usage of Google Maps

Our websites use Google Maps API to display geographical information visually. When using Google Maps, Google also collects, processes and uses data about the use of the map functions by visitors. You can find more information about data processing by Google in the Google privacy policy. You can also change your personal data protection settings there in the data protection center.

Google reCAPTCHA

We also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”) on our websites. This function is primarily used to differentiate whether an entry is made by a natural person or abusively by machine and automated processing. The service includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 GDPR.

(1) lit. f GDPR on the basis of our legitimate interest in determining individual responsibility on the Internet and avoiding abuse and spam. In the context of the use of Google reCAPTCHA, personal data may also be transmitted to the servers of Google LLC. in the USA Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/

Embedded YouTube videos

We embed YouTube videos on some of our websites. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. YouTube is informed which pages you visit. If you are logged into your YouTube account, YouTube can assign your surfing behavior to you personally. You can prevent this by logging out of your YouTube account beforehand.

When a YouTube video is started, the provider uses cookies that collect information about user behavior.

If you have deactivated the storage of cookies for the Google Ad program, you will not have to expect any such cookies when watching YouTube videos. However, YouTube also stores non-personal usage information in other cookies. If you wish to prevent this, you must block the storage of cookies in your browser.

For more information about data protection on "YouTube", please refer to the provider's privacy policy at:https://www.google.de/intl/de/policies/privacy/

Webanalysis etracker

We use etracker on our websites. This is a web analytics service provided by etracker GmbH, Erste Brunnenstr. 1, 20459 Hamburg, hereinafter referred to as “etracker.” etracker helps us analyze user behavior on our website. The legal basis is Article 6(1)(f) of the GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our online presence.

To analyze user behavior, etracker stores cookies on your device via your internet browser and creates a pseudonymous usage profile. However, the data processed in this context will not be used to personally identify you without your explicit consent. Nor will this data be merged with other personal data. If you do not agree to this processing, you can prevent the storage of cookies by adjusting your browser settings accordingly. For more information, please refer to the section above titled Cookies.

You also have the option to opt out of the analysis of your usage behavior. By clicking the linkhttp://www.etracker.de/privacy?et=V23Jbba cookie will be stored on your device via your internet browser that prevents further analysis. Please note, however, that you will need to click the above link again if you delete the cookies stored on your device.

6. Data Collection Within Our Apps and Software Products

Types of different data

As part of working with the hardware and software solutions offered by COSYS, you have the opportunity to record information relevant to your business processes within a software-based system. This may also include the following types of personal data:

Inventory data (e.g. names, addresses)
Contact details (e.g. email addresses, phone numbers)
Content data (e.g. text entries)
Usage data (e.g. access times, logins)
Profile data (e.g. usernames, passwords)
s
- Employees
- Customers
When using our apps and software products, you are under no obligation to provide personal data. The provision of personal data is neither legally nor contractually required, and you are not obliged to provide such data. During the input process, we will inform you if the provision of personal data is necessary for the respective service (e.g. by marking it as a “required field”). If required data is not provided, the corresponding service cannot be delivered. In all other cases, not providing data may result in our services being unavailable in the same form or quality.When using our apps and software products, you are under no obligation to provide personal data. The provision of personal data is neither legally nor contractually required, and you are not obliged to provide such data. During the input process, we will inform you if the provision of personal data is necessary for the respective service (e.g. by marking it as a “required field”).If required data is not provided, the corresponding service cannot be delivered. In all other cases, not providing data may result in our services being unavailable in the same form or quality.

Collection of Access Data and Log Files
Based on legitimate interests pursuant to Article 6(1)(f) of the GDPR, COSYS collects data on every access to servers hosting COSYS software solutions (server log files). The access data includes the name of the accessed software or file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

Log file information is stored for a period of 30 days for software maintenance and security purposes (e.g. to investigate misuse). Data that must be retained for evidence purposes is excluded from deletion until the respective incident has been fully resolved.

Purpose of Processing
Based on the legal grounds outlined below and for the purposes listed, data collected through COSYS solutions and software packages may be processed.

For the execution of the customer's business processes
Data is processed within the respective solution or product used for the execution of the customer's business processes.

For the fulfillment of contractual obligations (Art. 6(1)(b) GDPR)
Data is processed for the execution of orders and contracts with our customers. The specific purposes of data processing depend on the particular product and the contractual documentation.

Based on a Balancing of Interests (Art. 6 Abs. 1 Buchst. f DSGVO)
Data may also be used on the basis of a balancing of interests to safeguard legitimate interests. This is done for the following purposes:
- General business management
- Further development of services, systems, and products
- Fulfillment of internal requirements and requirements for auditing or administrative purposes
- Ensuring IT security and IT operations
- Assertion of legal claims and defense in legal disputes
Our interest in the respective processing arises from the stated purposes and is otherwise of an economic nature (efficient task fulfillment, sales, avoidance of legal risks).

Protection of stored data
To protect the security of information during transmission, Secure Sockets Layer (SSL) software is used. This software encrypts the information transmitted via forms and input fields. COSYS maintains physical, electronic, and procedural security measures in connection with the collection, storage, and disclosure of our customers' personal information. Sensitive entries such as passwords are stored in encrypted form.

7. Additional Notes
Changes to Our Privacy Policy
We reserve the right to amend this privacy policy from time to time to ensure it complies with current legal requirements or to reflect changes in our services, such as the introduction of new offerings. The updated privacy policy will apply to your next visit.

Objection to Promotional Emails
The use of contact details published in accordance with legal disclosure requirements for the purpose of sending unsolicited advertising and informational materials is hereby expressly prohibited. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.