DATA PROTECTION DECLARATION
Data protection is an important concern of abas Software AG and its partner companies.
Therefore, the data of our customers is processed exclusively in compliance with the applicable data protection regulations (e.g. GDPR, new German Federal Data Protection Act).
We collect and process personal data if you provide us with these data (e.g. by registering on the website, contact inquiries, surveys, etc.). We are entitled to collect, use and process the data on the basis of your consent or on the basis of legal regulations.
If we receive personal data about you from other companies, you will be informed as soon as possible, at the latest at the beginning of the processing of your data. These data too are only stored and processed on the basis of legal regulations.
1. Personal data
Personal data are all information relating to an identified or identifiable natural person (hereinafter, a "data subject").
We collect and process the following personal data:
last name, first name, home address, telephone number, date of birth, gender, e-mail address, password.
The personal data mentioned above will be processed by us for the following purposes:
- communication with you about products, services and projects, e.g. to process your inquiries;
- planning, execution and administration of the (contractual) business relation between us and you, e.g. to process orders for products and services, collect payments, for accounting, billing and debt collection purposes and to carry out deliveries, maintenance activities or repairs;
- preparation of individualised offers or cost estimates;
- performance of customer surveys, marketing campaigns, market analyses, contests, competitions or similar actions and events;
- provision of a newsletter and advertising for new products;
- maintaining and protecting the security of our products, services and websites by preventing and detecting security risks, fraud or other criminal or malicious activities;
- ompliance with legal requirements (e.g. tax and commercial law retention obligations) or existing obligations to carry out compliance screenings (to prevent white-collar crime or money laundering);
- settlement of legal disputes, enforcement of existing contracts and for asserting, exercising and defending legal claims.
The processing of personal data is necessary to achieve the above-mentioned purposes, including the performance of the (contractual) business relation with you. Unless expressly stated otherwise, the legal basis for data processing is – Article 6(1), Literi b and f of the General Data Protection Regulation or your express consent pursuant to Article 6(1)a of the General Data Protection Regulation.
If the above data are to be further processed for a purpose other than the original purpose for which they were collected, you will be informed of this before further processing. In this way, you have the opportunity to object to the processing of your data for another purpose.
Data of business customers:
We process the following data from our business partners:
- first and last names, business address, business telephone number, business mobile phone number, business fax number and business e-mail address;
- payment information required to process payment transactions or prevent fraud, including credit card information and card verification numbers;
- other information that is required to process a project or to execute a contractual relation with us or that is voluntarily provided by our business partners, such as orders placed, inquiries made or project details;
- information collected from publicly available sources, information databases or credit agencies.
Disclosure of data
All data you transmit to us will be treated confidentially. We will neither sell your personal data to third parties nor market the data in any other way.
Your data will not be made available to third parties for use unless you have given your consent or we are legally entitled and/or obliged to pass these data on.
To the extent permitted and required by law to comply with applicable law or to assert, exercise or defend against legal claims, we transmit personal data to courts, tax authorities and supervisory authorities. We take all measures to ensure suitable and adequate guarantees for the protection of your personal data.
If no explicit storage period is specified during the collection (e.g. within the framework of a declaration of consent), the personal data will be deleted if they are no longer necessary to fulfil the purpose of storage, unless statutory storage obligations (e.g. commercial and tax storage obligations) prevent deletion.
2. Data security
We take technical and organisational security measures to protect the data of yours which we store and process in our company against manipulation, loss of confidentiality, destruction and access by unauthorised persons. Our company's security measures are continuously improved in line with technological developments.
3. Rights of data subjects: right to information, correction, deletion or restriction of the processing of your personal data, right of objection and right to data transferability
Upon request, we will inform you in writing, in accordance with applicable law, whether and which personal data we store in our company. If you are registered as a user, we offer you the option to view your data yourself and to change or delete the data if necessary. If, despite our company's efforts to ensure data security and accuracy, incorrect information has been stored, we will correct it at your request.
You also have the right to request that our company restrict the processing of personal data. In addition, you may request to receive the data you have provided to our company in a structured, common and machine-readable format. You can also object to the processing of personal data by our company.
You also have the right to request the deletion of your personal data, provided that there are no legal retention periods to the contrary. We delete the data if we no longer need them for the purpose for which we have collected and processed them or if you revoke your consent and there is no other legal basis for further processing of your data. In addition, we delete these data if the processing was unlawful for reasons unknown to us or if you have objected to the processing and there are no overriding legitimate interests in the processing. Your data will also be deleted if we are legally obliged to do so. Our company has also implemented technical measures to inform all recipients of your data about your request for deletion or correction. This only applies in the event that we have disclosed or made these data public. All links, copies and replications of your personal data are to be deleted.
If you have consented to the processing of your personal data, you have the right to revoke your consent at any time with effect for the future. By revoking this consent, data processing in the past will not become unlawful.
The transmission of data to our company is voluntary. However, these data are required for the further conclusion of the contract or for answering your inquiries. If you do not wish to disclose your data, the contract may not be concluded or your enquiries may not be answered. The provision of the data is required for the conclusion of the contract.
The contact details of our company's data protection officer are:
The data protection authority responsible for our company is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (The Baden-Württemberg State Commissioner for Data Protection and Freedom of Information)
70025 Stuttgart, Königstraße 10a, 70173 Stuttgart, phone: +49 711/61 55 41 – 0
E-Mail: [email protected]
4. Newsletter; advertising
When you register to receive our company newsletter, the data you provide will be used exclusively for this purpose.
For an effective registration, your name and a valid e-mail address are required. In order to verify that the registration has actually been made by the owner of an e-mail address, we use the "double-opt-in" procedure. For this purpose, the subscription to the newsletter, the sending of a confirmation e-mail and the receipt of the requested answer are logged. The data will be used exclusively to send the newsletter and will not be passed on to third parties.
You can revoke your consent to the storage of your data and their use to send the newsletter at any time. You will find a corresponding link in each newsletter. You can also unsubscribe at any time directly on our company's website or inform us of your request by using the contact options specified at the end of this document.
If you no longer wish to receive advertising based on your interests, you can object at any time free of charge and with effect for the future. Just send an e-mail to [email protected]
5. Log files
When you access our company's website, for technical reasons your Internet browser automatically transmits the following data (hereinafter, “log data”) to our company's web server, which our company records in log files:
- date of access, time of access, URL of the referring website, accessed file, transferred data volume, browser type and version, operating system, IP address, domain name of your Internet access provider
This is exclusively information which does not allow any conclusions to be drawn about any natural person. This information is technically necessary for the proper display of the website content you request and is mandatory when using Internet offerings. The log data are evaluated strictly for statistical purposes in order to optimise our company's website and the technology behind it and are subsequently deleted.
The log data are stored separately from other data collected by our company during use.
6. Links to other websites
If abas Software AG refers directly or indirectly to external websites ("links"), abas Software AG is only liable if it has exact knowledge of the contents and it is technically feasible and reasonable for abas Software AG to prevent the use in case of illegal content.
abas Software AG hereby expressly declares that the linked pages did not contain any illegal content at the time the links were set. abas Software AG has no influence whatsoever over the current and future design of the linked pages. abas Software AG therefore expressly distances itself from all changes in content that are made to the linked pages after the links have been set. This also applies to external entries in the guest books, discussion forums and mailing lists set up by abas Software AG.
abas Software AG is not responsible for the content, availability, accuracy or precision of the linked pages, their offers, links or advertisements. abas Software AG is not liable for illegal, incorrect or incomplete content or in particular for damages arising from the use or non-use of the information offered on the linked pages.
In light of the discussion about the use of analysis tools with complete IP addresses, we would like to point out that this website uses Google Analytics with the extension "_anonymizeIp()" and therefore IP addresses are only processed further in abbreviated form in order to exclude direct personal references. You can object to the collection and use of information by Google at any time with future effect by installing the deactivation add-on provided by Google. (Browser add-on to disable Google Analytics).
Alternatively, you can install an opt-out cookie. This prevents Google Anayltics from collecting data for this browser, including this website, as long as it remains installed. To install the opt-out cookie, please click on this link.
Use of Google Adwords conversion tracking
We use the online advertising program "Google AdWords" and conversion tracking as part of Google AdWords. Google conversion tracking is an analysis service. When you click on an ad served by Google, a conversion tracking cookie is placed on your computer. These cookies lose their validity after 30 days, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognise that you clicked on the ad and were redirected to this page. Each Google AdWords customer receives a different cookie. This means that it is not possible to track cookies on the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers can see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users.
If you wish to deactivate cookies for conversion tracking, you can set your browser to block cookies from the following domain: "googleadservices.com". Further information on the subject of “privacy” in the context of Google AdWords can be found at this link: www.google.de/privacy_ads.html
Google web fonts
Our website uses so-called “web fonts” to display the font. These are provided by Google Inc. (http://www.google.com/webfonts/). The web fonts are transferred to the cache of the browser when the page is called up so that they can be used for display. This transfers to the Google server, usually a Google server in the United States, which of our website pages you have visited. The IP address of the browser of the visitor's terminal device is also stored by Google. If your browser does not support Google web fonts or does not allow access, the text will be displayed in a default font.
General information on data protection is available at the Google Privacy Centre:
Our website uses so-called social plugins ("plugins") of the social networks Facebook, Google+, and the microblogging service Twitter. These services are provided by Facebook Inc, Google Inc. and Twitter Inc. ("Providers").
Facebook is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). An overview of Facebook plugins and their appearance can be found here: https://developers.facebook.com/docs/plugins
Google+ is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). An overview of the Google plugins and their appearance can be found here: https://developers.google.com/+/web/
Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). An overview of the Twitter buttons and their appearance can be found here: https://twitter.com/about/resources/buttons
When you access a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook, Google or Twitter servers. The content of the plugin is transferred directly from the respective provider to your browser and integrated into the page. By integrating the plugins, the Providers receive the information that your browser has called up the corresponding page of our website, even if you do not have a profile or are not currently logged in. This information (including your IP address) is transmitted directly from your browser to a server of the respective provider in the US and stored there.
If you are logged in to one of the services, the Providers can directly assign the visit to our website to your profile on Facebook, Google+, or Twitter. If you interact with the plugins, for example the “Like”, the “+1”, or the “Twitter” button, the corresponding information is also transmitted directly to a server of the Providers and stored there. The information is also published on the social network or on your Twitter account and displayed to your contacts.
The purpose and scope of the data collection and the further processing and use of the data by the Providers as well as your relevant rights and setting options for the protection of your privacy can be found in the data protection information of the Providers.
If you do not want Google, Facebook, or Twitter to associate the data collected via our website directly with your profile in the relevant service, you must log out of the relevant service before visiting our website. You can also completely prevent the loading of the plugins with add-ons for your browser, e.g. with the script blocker "NoScript" (http://noscript.net/).
We use the "conversion pixel" or visitor action pixel of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). By calling up this pixel from your browser, Facebook can then see whether a Facebook advertisement was successful, e.g. whether it led to an online transaction. We only receive statistical data from Facebook for this purpose without reference to a specific person. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. This is especially true if you are logged in to Facebook.
Please go to www.facebook.com/settings?tab=ads, if you wish to revoke your consent to conversion pixels.
LinkedIn conversion tracking
On our website we use the analysis and conversion tracking technology of the social network LinkedIn Inc. ("LinkedIn"). This enables us to evaluate campaigns and collect information about website visitors who may have reached us through our campaigns on LinkedIn. LinkedIn also provides us with aggregated and anonymous reports of ad activity and information about how you interact with our website. Further information on data protection at LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy#choices-oblig.You can object to the analysis of your usage behaviour by LinkedIn and the display of interest-based recommendations ("Opt-Out"); click on the field "Opt out on LinkedIn" (for LinkedIn members) or "Opt out" (for other users) under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Cloudflare content delivery network
We use a content delivery network (CDN) provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare is certified according to the Privacy Shield Agreement and thus guarantees compliance with European data protection law. (https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active). A content delivery network (CDN) is a network of regionally distributed and connected servers that work together to ensure rapid delivery of Internet content, especially large media files.
Integration of YouTube videos
To integrate videos, our website uses the provider YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. (“YouTube”).
For the purpose and scope of data collection and the further processing and use of the data by YouTube as well as your rights and setting options for the protection of your privacy, please refer to YouTube's data protection information concerning YouTube integration at https://www.google.com/policies/privacy/
Integration of Vimeo videos
ZopIM live chat tool
Use of Leaflet
This service uses the programming library Leaflet by Vladimir Agafonkin (http://leafletjs.com). This library is provided via Leaflet's server infrastructure. Loading the programming library for our service transmits the IP address to a Leaflet server. This is necessary to ensure the provision of the service. For efficiency reasons, the programming library is cached by your browser software for a certain period of time. This means that you do not always transmit your IP address to Leaflet's servers.
We provide programming libraries via our own server infrastructure, as far as this is legally possible.
The Lead Forensics product offers companies insights into their website visitors. Lead Forensics works on the basis of reverse business IP tracking. A small tracking code is placed on a company's website(s) to enable it to identify its website visitors' business IP addresses. Lead Forensics matches the identified business IP address with a global database of companies and business information.
Another feature of Lead Forensics is to provide customers with the contact information of key decision-makers from organisations that have proactively visited the company's website. Because this information includes information such as first name, last name, email address and LinkedIn profile, this aspect of Lead Forensics constitutes processing of personal data and must therefore be GDPR compliant.
Pursuant to the GDPR, Lead Forensics processes only the necessary personal data, which is limited to first name, last name, LinkedIn profile URL and e-mail address. Lead Forensics processes other business-relevant data such as business IP, company name, job function and business phone numbers. No sensitive personal data are collected or processed. The data contained in the Lead Forensics solution are processed and stored in a secure environment in the UK.
Inquiry about the object If you wish to opt out of the processing of your personal data for use by Lead Forensics software, we ask you to request this in writing:
by e-mail: [email protected]
or by post: Data Compliance, Lead Forensics, Building 3000, Lakeside, North Harbour, Portsmouth, PO6 3EN. All requests will be processed within 30 days. Your data will be added to a suppression file to ensure that your data can no longer be processed by Lead Forensics software in the future. Please note that this only applies to the processing of your personal data, not to business data that do not fall within the scope of applicability of the GDPR.
abas Software AG and its partner companies reserve the right to change this data protection declaration at any time without prior notice. Such a change shall apply immediately after its publication. Please review this data protection declaration periodically to ensure that you are aware of current provisions regarding the collection and treatment of confidential information. By continuously using and visiting the abas Software AG websites, you declare your agreement with the provisions of this data protection declaration (subject to changes).
Stand Juli 2018