Privacy notice
Data controller
According to data privacy laws, in particular the EU’s General Data Protection Regulation (GDPR), the data controller is:
soft-nrg Development GmbH
Karl-Hammerschmidt-Straße 40
85609 Aschheim
T +49 89 452280-0
[email protected]
We have appointed the following as our data protection officer:
activeMind AG
Management- und Technologieberatung
Potsdamer Straße 3
80802 München
T +49 89 919294-900
[email protected]
Data protection rights
Using the contact details provided for our data protection officer, you have the right of access at any time to the data we store about you and to information about how it is processed (Art. 15 GDPR), the right to the rectification of inaccurate personal data (Art. 16 GDPR), the right to the erasure of data we store about you (Art. 17 GDPR), the right to the restriction of data processing, unless we are not permitted to delete your data for legal reasons (Art. 18 GDPR), the right to object to our processing of your data (Art. 21 GDPR) and the right to data portability, as long as you have consented to data processing or have signed a contract with us (Art. 20 GDPR).
If you have given us your consent, you can withdraw this consent at any time with future effect.
You can also lodge a complaint with a supervisory authority at any time, e.g. with the responsible supervisory authority in the federal state in which you live or with the authority responsible for us as the data controller.
You will find a list of supervisory authorities (for the non-public sector) with their addresses at https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.
Visiting our website
When you access our website, i.e. you do not register or otherwise submit information, information of a general nature is recorded automatically. This information (server log files) includes the type of web browser, the operating system used, the domain name of your internet service provider, your IP address and the like.
It is used for the following purposes:
- ensuring problem-free website connectivity,
- ensuring trouble-free use of our website,
- analysis of system security and stability and
- for other administrative purposes.
We do not use your data to draw conclusions about you as a person. Where required, we use such information for statistical analysis in order to optimize our internet presence and the underlying technology.
The processing takes place according to Art. 6(1)(f) GDPR, based on our legitimate interest in improving the stability and functionality of our website.
The recipients of the data are technical service providers who act as processors on our behalf for the operation and maintenance of our website.
The data is deleted as soon as it is no longer required for the reason it was collected. This is generally the case for data that is used to make the website available, when the respective session is ended.
The provision of the personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website cannot be guaranteed. Individual services may also be unavailable or restricted. For this reason, objection is not possible.
Contact
When you contact us (e.g. using the contact form, by e-mail, telephone or via social media) the data you provide will be used for the purpose of processing your enquiry and for individual communication with you.
The data you enter in the contact form will be processed based on a legitimate interest (Art. 6(1)(f) GDPR). We provide the different contact options because we want to make it easy for you to get in touch with us. The details you provide will be stored to process the query and any subsequent questions.
If you contact us to request a quote, the data provided will be processed for the purpose of implementing pre-contractual measures (Art. 6(1)(b) GDPR).
Our website and our e-mail system are maintained by a service provider who acts as a processor on our behalf. If you send us an enquiry regarding a quote, service providers used by us may receive data for these purposes, insofar as they need the data to provide their respective service (e.g. IT services).
Your data will be deleted no later than six months after the enquiry has been processed. If a contractual relationship is formed, we will then be subject to statutory retention periods and will delete your data after six or ten years.
The provision of your personal data is voluntary. However, we can only process your enquiry if you provide us with your name, e-mail address and the reason for your enquiry.
You can read information about your right to object according to Art. 21 GDPR below.
Newsletter
When registering to receive our newsletter, the data you provide will only be used for this purpose. Subscribers can also follow updates on services or registration via e-mail (e.g. changes to the newsletter subscription or technical issues).
To make a registration valid, we require your title, first name, surname, company name and a valid e-mail address. In order to check whether a registration originates from a valid e-mail address, we use the “double opt-in” procedure. For this, we record the newsletter order, dispatch of the confirmation e-mail and receipt of the required answer. No other data is collected. The data is only used to send the newsletter and it is not passed on to third parties.
Based on your explicit consent (Art. 6(1)(a) GDPR), we will regularly send you our newsletter or similar information by e-mail to the address you have provided.
The consent to storage of your personal data and its use for sending the newsletter can be revoked at any time. The corresponding link can be found in each newsletter. Consent can also be withdrawn by unsubscribing from the newsletter on the website or via any of the other contact options indicated on the website.
We use a service provider for mailing and any subsequent evaluations, and they act as a processor on our behalf.
Data is only processed in this context if the corresponding consent has been given. It is then deleted.
The provision of your personal data is voluntary, based solely on your consent. Unfortunately, we cannot send you our newsletter if you have not given your consent.
Use of cookies
We use so-called “cookies” to make our website more appealing for visitors and to enable the use of certain functions. These are small text files that are stored on your device. Some of the cookies we use are deleted again at the end of the browser session, i.e. when you close your browser (so-called “session cookies”). Other cookies remain on your device and enable us or third-party providers to recognize your browser the next time you visit (so-called “persistent cookies”). If cookies are set, they individually collect and process certain user information, such as browser and location data and IP address values. Persistent cookies are automatically deleted after a specified time period which may vary depending on the cookie.
If personal data is also processed by cookies we implement, this processing takes place either in accordance with Art. 6(1)(1)(b) GDPR to perform a contract or in accordance with Art. 6(1)(1)(f) GDPR for the purposes of our legitimate interest in the best possible functionality of the website or the customer-friendly and effective design of the website for visitors.
The provision of personal data for necessary cookies is neither legally nor contractually required. However, without this data, the service and functionality of our website cannot be guaranteed. Individual services may also be unavailable or restricted.
Our website can, of course, also be used without statistics cookies and external media cookies. Internet browsers are usually set up to accept cookies. You can deactivate the use of cookies at any time via your browser settings or withdraw consent via the cookie settings.
You can configure your browser so that you are informed about the setting of cookies and decide individually whether to accept them or you can decline cookies in certain cases or on a general basis. Every browser differs in the way it manages cookie settings. This is described in each browser’s help menu and explains how to change your cookie settings. This can be found for the respective browsers via the following links:
Internet Explorer: https://support.microsoft.com/en-us/topic/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Microsoft Edge: https://support.microsoft.com/en-us/windows/microsoft-edge-browsing-data-and-privacy-bb8174ba-9d73-dcf2-9b4a-c582b4e640dd
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop
Chrome: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences
The recipients of the data may be technical service providers who act as processors on our behalf for the operation and maintenance of our website. To this end, we have concluded the appropriate contract processing agreements with these providers. Other recipients, details about the technical functionality of the tools used and information about how to prevent data transfer (tracking) can be found in the cookie settings.
Please be advised that certain functions on our website may not work if you have deactivated cookies.
Use of Google Maps
We use the features of Google Maps on this website. Google Maps is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter “Google”). It enables us to display interactive maps directly on the website and makes it easy for you to use the map function.
More information about how Google processes data can be found in Google’s privacy policy at https://policies.google.com/privacy?hl=en. You can also change your personal data protection settings in Google’s data protection center.
Further instructions on managing your data in relation to Google products can be found at https://support.google.com/accounts/answer/162744?hl=en.
The legal basis for the integration of Google Maps and the associated data transfer to Google is your consent (Art. 6(1)(a) GDPR).
When you visit the website, Google receives information that you have accessed the sub-page of our website. This happens regardless of whether Google provides a user account that you use to log in or if no user account exists. If you are logged into Google, your data will be assigned directly to your account.
If you do not want this assignment to occur in your Google profile, you must log out of Google before activating the button. Google will store your data as a usage profile and use it for the purposes of advertising, marketing and/or to tailor the design of its website. This kind of evaluation is carried out (including for users that are not logged in) to provide targeted advertising and to inform other users of the social network about your activities on our website. You have the right to object to creation of these user profiles, but you must contact Google to exercise this right.
We do not collect any personal data as a result of the integration of Google Maps.
Data is transferred to a third country, specifically the USA. This data transfer takes place based on the EU standard contract clauses.
If you do not want Google to collect, process or use data about you via our internet presence, you can deactivate JavaScript in your browser settings. If you do this, however, you may not be able to use our website or may only have limited use.
The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this may result in the functionality of the website being restricted.
Use of Google Fonts
We use Google Fonts by Google Inc. to ensure the uniform presentation of fonts on our website. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for this in the European region. We have embedded the Google fonts locally, i.e. on our web server, not on Google’s servers. This means that there is no connection with Google’s servers and therefore no transfer or storage of data.
Use of Awesome Fonts
We use Awesome Fonts by Fonticons Inc. to ensure the uniform presentation of fonts on our website. We have embedded the Awesome fonts locally, i.e. on our web server, not on Fonticons servers. This means that there is no connection with Fonticons servers and therefore no transfer or storage of data.
YouTube videos
Our website contains embedded YouTube videos. The operator for the relevant plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter “YouTube”). When you visit a webpage with the YouTube plugin, this establishes a connection to YouTube servers. This informs YouTube which pages you visit. If you are logged into your YouTube account, YouTube can assign your browsing behavior automatically. You can prevent this by logging out of your YouTube account.
When a YouTube video is started, the provider uses cookies, which collect information on user behavior.
Further information about the purpose and scope of the data collection and processing by YouTube can be found in Google’s privacy policy at https://policies.google.com/privacy?hl=en. You can also get additional information there about your rights in this respect and about the setting options for protecting your privacy.
The legal basis for the integration of YouTube and the associated data transfer to Google is your consent (Art. 6(1)(a) GDPR).
Initiating YouTube automatically triggers a connection with Google.
If you have deactivated the storage of cookies for the Google-Ad programme, this will not use such cookies for viewing YouTube videos. YouTube will also file non-personal user information using other cookies. If you wish to prevent this, then you must block the storage of cookies in your browser.
Data is transferred to a third country, specifically the USA. This data transfer takes place based on the EU standard contract clauses.
The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this may result in the functionality of the website being restricted.
Data security
We only handle personal data insofar as it is possible to do so in accordance with data protection regulations. We also always endeavor to implement all necessary technical and organizational measures to protect your personal data adequately against unauthorized access and misuse.
If we store or process any personal data, this is done at a high-security data center. In order to guarantee the safety of your data during transfers, we use HTTPS encryption (e.g. SSL). Firewalls and anti-virus protection are used to keep our servers secure. We use back-up and recovery procedures as well as role and authorization concepts as a matter of course.
Our employees are obliged to comply with GDPR and the German Federal Data Protection Act when handling data.
Changes to our privacy notice
We retain the right to amend this privacy notice, so that it matches the current legal requirements or changes to our services, e.g. when introducing new services. The new privacy notice will apply upon your next visit.
Right to object according to Art. 21 GDPR
Right to object on a case-by-case basis
You have the right to object at any time, on grounds relating to your particular situation, to the processing of data relating to you which is carried out on the basis of Art. 6(1)(f) GDPR (data processing based on a balancing of interests); this also applies to profiling based on this provision within the meaning of Art. 4(4) GDPR.
If you object, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing serves the assertion, exercising or defense of legal claims.
Recipient of an objection
The objection does not need to be in a particular form and should be sent with the reference “Objection”, and stating your name, address or other means of identification, to:
soft-nrg Development GmbH
Karl-Hammerschmidt-Straße 40
85609 Aschheim
T +49 89 452280-0
[email protected]