1. Name and address of the responsible person
The person responsible within the scope of the General Data Protection Regulation (GDPR), other data protection laws in the EU Member States and other data protection provisions is:
Tel.: +49 (0) 40 320 17 200
Fax: +49 (0) 40 320 17 220
2. Data Protection Officer
You can reach the Data Protection Officer of globalerp.de gmbh at the above address c/o Data Protection Officer or at firstname.lastname@example.org.
3. Information on data transfer to the USA
Our website uses, in particular, tools from companies based in the USA. When these tools are active, your personal information may be transferred to the US servers of these companies. We must point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are required to release personal data to security authorities without you as the data subject being able to take legal action against this. The possibility cannot therefore be excluded that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence over these processing activities.
4. Collection and storage of personal data, as well as the nature and purpose of its use
a) During your Website visit
When you visit our website www.globalerp.de to obtain information, the browser used on your device automatically sends information to our website’s server. The information is temporarily stored in s so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:
- Referrer (previously visited website)
- The name of the file or website
- The transmitted data volume
- The access status (file transferred, file not found, etc.)
- The type and the version of web browser used
- Your device’s operating system and device type
- Date and time of access
- IP address in anonymous form (used only to determine the location access)
This information is temporarily stored in a so-called log file. The data are collected exclusively for statistical evaluation and technical optimization of the website.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. In no case shall we use any collected personal data for the purpose of drawing conclusions about your person.
Cookies contain information pertaining to the specific device, which accessed our website. However, this does not give us direct knowledge of your identity.
We use so-called session cookies to recognize that you have already visited individual pages on our website. There are automatically deleted after leaving our website.
In addition, we also use temporary cookies to optimize user-friendliness. These cookies are stored on your end device for a specific limited time period. If you visit our website again to use our services, it will automatically recognize your device as prior visitor and remembers your settings and preferences. You will not have to enter these parameters again.
The data processed by cookies are for the purposes mentioned in order to protect our legitimate interests as website owners and serve the legitimate interests of third parties according to Article 6 para.1, page 1 lit. f GDPR.
Most browsers are pre-set to automatically accept cookies. However, you can adjust your browser settings in such a way that:
- cookies are displayed before being saved or
- cookies are accepted and when you close the browser, all cookies will be deleted or
- all cookies are declined, but this can lead to the fact that you cannot use all functions of our website.
c) Using our contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your consent.
We use the data provided by you without your separate consent only for the necessary fulfillment and processing of the services offered, for the purpose of fulfilling our contractual obligations and services in accordance with Art. 6 para. 1 lit. b GDPR. In all other cases, the processing is based on your consent (Art. 6 para. 1 lit. a GDPR) and/or on our legitimate interests (Art. 6 para. 1 lit. f GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.
The information you provide in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or delete the purpose for data storage (for example, after your request has been processed). Mandatory statutory provisions – especially retention periods – remain unaffected.
d) Request by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not share this information without your consent.
The processing of this data is based on Art. 6, para.1 lit.b GDPR, if your request is related to the performance of a contract or is required to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Art.6 para.1 lit.a GDRP) and/or on our legitimate interests (Art.6 para.1 lit. f GDRP), since we have a legitimate interest in the effective processing of requests addressed to us.
The information you provide via contact requests remain with us until you ask us to delete it, revoke your consent to storage or delete the purpose for data storage (e.g. after your request has been completed). Mandatory statutory provisions – especially statutory retention periods – remain unaffected.
e) Using our customer login
As part of our service, we also grant you access to our Service Portal. The collected data from you is solely used to carry out the contractual technical support.
The legal basis for this is the execution of the contractual relationship with you according to Art. 6, para.1 lit.b GDPR.
The recorded data in the Service Portal will be stored by us as long as you are registered there as our customer and use our services. Collected customer data will be deleted after termination of the business relationship. Legal retention periods remain unaffected.
5. Data transfer to third parties
There is no transfer of personal data to non-European countries, unless this is mentioned separately.
We only disclose your personal data to third parties under certain strict conditions. Below we inform you about these requirements.
We will only pass on your personal data to third parties if you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit.a GDPR.
b) Representation of legal rights
According to Art. 6 para.1 S.1 lit.f GDPR, we may disclose your personal data to third parties if this will be necessary to assert, exercise or defend legal claims, and there is no reason to assume that you have an overriding interest in non-disclosure of your data.
c) Legal obligation
There is legal obligation for the transfer of your data in accordance with the Art. 6 para. 1 S.1 lit.c GDPR.
A disclosure of your personal data to third parties will only take place, if this is necessary for the execution of the contract with you and is this is permitted by law.
6. Data Subject Rights
In accordance with the GDPR, as a data subject whose personal data are processed, you have the following rights:
a) Right of information
In accordance with Art. 15 GDPR, you are entitled to request information about your personal data which is processed by us. In particular, you may request the following information:
- the purposes of the processing;
- the categories of personal data processed;
- categories of recipients to whom your data was or is disclosed;
- the envisaged period for which the personal data will be stored;
- the right to demand rectification, erasure, restriction of processing and your right to object to the processing;
- the right to lodge a complaint with a supervisory authority;
- the origin of the data in case it was not collected by us;
- the existence of automated decision-making including profiling and, where applicable, meaningful information about the logic involved, as well as the
- significance and the envisaged consequences of such processing for the data subject.
b) Right of rectification
In accordance with Art. 16 GDPR, you have the right to obtain from the controller without undue delay:
- the rectification of your inaccurate personal data stored by us;
- the completion of your personal data stored by us.
c) Right of erasure
In accordance with Art. 17 GDPR you are entitled to demand the deletion of your personal data stored by us, unless the processing is necessary for:
- the exercise of the right to freedom of expression and information;
- for the fulfilment of a legal obligation;
- for reason of public interest;
- for assertion, exercise or defend legal claims.
d) Right of restriction of processing
In accordance with Art.18 GDPR, you are entitled to demand the restriction of the processing of your personal data, insofar as
- the accuracy of the data is disputed by you;
- the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims;
- you have lodged an objection to the processing in accordance with Art. 21 GDPR.
e) Right of data portability
In accordance with Art. 20 GDPR, you have the right to receive your personal data which you have provided to us in a structured, common and machine-readable format or to request the transfer to another responsible party.
f) Right of withdraw
In accordance with Art. 7 para.3 GDPR, you have the right to revoke your consent once given to us at any time. The consequence of this is that we may no longer continue the data processing based on this consent for the future.
g) Right to lodge a complaint
In accordance with Art. 77 GDPR, you are entitled to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.
h) Right to object
If your personal data is processed based on legitimate interests in accordance with Art. 6 para.1 sentence 1 (f) GDPR, you have the right in accordance with Art. 21 GDPR to object to the processing of your personal data if there are reasons for this which arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right to object that we will implement without giving reasons relating to your particular situation.
If you would like to exercise your right of revocation or objection, please send an email to: email@example.com.
7. Collaboration with Processors and Third Parties
If, in the context of our processing, we disclose data to other persons and companies (contract processors or third parties), transmit them to them or otherwise grant access to the data, this will only be done on the basis of a legal permission (e.g. the use of agents, webhosters, etc.), you have consented to a legal obligation or based on our legitimate interests. If we commission third parties to process data on the basis of a so-called “contract processing contract”, this is done on the basis of Art. 28 GDPR.
8. Automated decision-making and profiling
Automated decision-making and profiling according to Article 22 GDPR do not take place by us.
9. Social Networks
We maintain publicly accessible profiles in social networks. The social networks we use in detail can be found below.
Social networks such as Facebook etc. can usually analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). You will only find links to social networks on our website. You can recognize these by the corresponding icons (pictures). All icons are only designed as a link and not as a plugin. In other words, a connection to the server of the social network (e.g. Facebook) is only established when you click on the icon and thus follow the link.
Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:
If you are logged in to your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your end device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed both inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.
Our social media appearances are designed to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Article 6 paragraph 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases which must be specified by the operators of the social networks (e.g. consent within the meaning of Article 6 paragraph 1 lit. a GDPR).
Controller and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. As a matter of principle, you can exercise your rights (information, rectification, erasure, restriction of processing, data transferability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that, despite joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our possibilities depend largely on the corporate policy of the respective provider.
The data collected directly by us via the social media presence will be erased from our systems as soon as the purpose for their storage no longer applies, you ask us to delete them, withdraw your consent to store them or the purpose for storing the data no longer applies. Saved cookies remain on your device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their data protection declaration, see below).
We have a profile on Facebook. The Provider is Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the data collected will also be transferred to the USA and other third countries.
We have entered into a joint processing agreement (Controller Addendum) with Facebook. This agreement defines which data processing operations we or Facebook are responsible for when you visit our Facebook page.
You can view this agreement under the following link: https://www.facebook.com/legal/terms/page_controller_addendum
You can adjust your advertising settings independently in your user account.
To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads
Details can be found in the Facebook data protection declaration: https://www.facebook.com/about/privacy/
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Details of how they handle your personal information can be found in LinkedIn’s data protection declaration: https://www.linkedin.com/legal/privacy-policy
10. Google Web Fonts
This website uses so-called web fonts provided by Google for the uniform display of fonts. When you access a page, your browser loads the web fonts you need into its browser cache to display text and fonts correctly.
For this purpose, the browser you are using must connect to Google’s servers. This gives Google knowledge that our website has been accessed via your IP address. The us of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Article 6 para.1 lit.f GDPR.
11. Matomo – Web Analytics Application
Matomo Cookies remain on your device until you delete them.
The storage of Matomo cookies and the use of this analysis tool are based on Article 6 para.1 lit.f GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing will be carried out exclusively on the basis of Article 6 para.6 lit.a GDPR; the consent is revocable at any time.
The information generated by cookies concerning the use of this website shall not be shared with any third parties. You can prevent the storage of cookies at any time by making pertinent changes to your browser software settings; however, we have to point out that in this case you will not be able to use the full functionality of this website.
If you do not agree with the storage and use of your data, you can disable this feature here. In this case, an opt-out cookie will be stored in your browser to prevent Matomo from storing your usage data. If you delete your cookies, this will mean that the opt-out cookie will also be deleted. Your will then need to reactivate it when you return to our website if you wish your activity not be tracked.
For detailed information please follow this link: https://matomo.org/docs/privacy/
12. Data Security
We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when visiting our website. Any information provided by you is stored in encrypted form.
Unfortunately, the transmission of information via the Internet is not completely secure, wherefore we cannot guarantee the security of your data transmitted via the Internet on our Website.
However, we secure our website and other systems with technical and organizational measures against the loss, destruction, access, change or dissemination of your data by unauthorized persons.