Privacy policy
1. data protection at a glance
General notes
The following notices provide a simple overview of what happens to your personal data when you visit our website or use one of our software products. Personal data is any data that can be used to identify you personally. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.
Responsible body
Data processing on our website as well as within our software products (e.g. Apps, WebApps, COSYS Cloud) is carried out by:
Cosys Ident GmbH
Am Kronsberg 1
31188 Holle
Fon: +49 5062 900 0
Fax: +49 5062 900 30
E-Mail:info@cosys.de
Managing Director: Dirk Baule
Commercial register: Amtsgericht Hildesheim HRB 1196
Umsatzsteuer-ID: DE 115 970 788
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This can be, for example, data that you enter in a contact form.
Other data is collected automatically by our IT systems when you visit the website or use our software products. This is mainly technical data (e.g. internet browser, operating system, device ID or time of use). The collection of this data takes place automatically during use.
What do we use your data for?
The data you provide for the use of our goods and / or services are processed by us for the purpose of contract execution and are necessary to this extent. Conclusion and execution of the contract are not possible without the provision of your data.legal basis for the processing is Art. 6 para. 1 lit. b) DSGVO.
Some of the data is collected to ensure error-free provision of the website or our software products. Other data may be used to analyze your user behavior and to send you information.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have a right to request the correction, blocking or deletion of this data. You can contact our data protection officer at any time with regard to this and other questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
No obligation to provide & consequences of non-provision
The provision of personal data is not required by law or contract and you are not obliged to provide data. We will inform you during the input process if the provision of personal data is required for the respective service (e.g. by designating it as a "required field"). In the case of required data, failure to provide it will result in the relevant service not being provided. Otherwise, the non-provision may have the consequence that we cannot provide our services in the same form and quality.
Third-party analytics and tools
When visiting our website or using apps for Windows, Android or iOS devices, your browsing and usage behavior may be statistically analyzed. This is done primarily with cookies and with so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this in the following privacy policy.
You can object to this analysis. We will inform you about the objection options in this privacy policy.
Data Protection Officer
We have appointed a data protection officer for our company.
Cosys Ident GmbH
Data Protection Officer
Am Kronsberg 1
31188 Holle
Tel. +49 5062 / 900 0
Fax: +49 5062 / 900 30
Email:datenschutz@cosys.de
2 General notes and mandatory information
Privacy
We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use our website or our software products (such as Apps, WebApps, COSYS Cloud), various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We point out that data transmission over the Internet (eg communication by e-mail) security gaps. A complete protection of the data against access by third parties is not possible.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right of complaint to the competent supervisory authority
In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection commissioner of the federal state in which our company is based. A list of the data protection officers and their contact details can be found in the following link:https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
SSL or TLS encryption
For security reasons, we use SSL or TLS encryption for our websites and for the communication of our software products and to protect the transmission of confidential content, such as orders or requests that you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
Hosting with external service providers
Our data processing is carried out, among other things, using so-called hosting service providers who provide us with storage space and processing capacity in their data centers. We do not pass on personal data to our hosting service providers. However, such data may be stored in an encrypted database on the servers provided by our hosting service providers.
Contract processing
The data you provide for the use of our goods and / or services are processed by us for the purpose of contract execution and are necessary to this extent. Conclusion and execution of the contract are not possible without the provision of your data.legal basis for the processing is Art. 6 para. 1 lit. b) DSGVO.
Specifically, the following data in particular is processed for the purpose of providing contractual services, service and customer care, marketing, advertising and market research from our customers, prospective customers and business partners:
- Identification data (e.g. name, address and contact details)
- Data in connection with the performance of the business relationship (e.g. order data, bank details, contract data, payment data, logs on remote maintenance).
- Tax relevant data
- Correspondence (e.g. correspondence)
- Advertising and sales data
- Data from publications (e.g. Internet presence)
Within the scope of contract processing, we pass on your data to the transport company commissioned with the delivery of the goods or to the financial service provider, insofar as the transfer is necessary for the delivery of the goods or for payment purposes.
Checking creditworthiness and scoring
Insofar as we offer you the basic option of payment by invoice as part of our range of goods or services and you make use of this option, we reserve the right to obtain a credit report from a credit agency (such as Creditreform, Schufa) on the basis of mathematical-statistical methods. For this purpose, your data, insofar as they are relevant to the contract, such as your name and address, will be forwarded to the credit agency. We use the subsequent information about the statistical probability of non-payment for our decision whether to offer you payment by invoice.
The legal basis for this processing is our legitimate interest in the fail-safe nature of the receivable pursuant to Art. 6 para.1 lit. f) DSGVO.
3. data collection on our website
Cookies
The Internet pages partly use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for the analysis of your surfing behavior) are stored, these are treated separately in this privacy policy.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
The basis for the data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Contact form
If you send us inquiries via contact or callback form, your data from the inquiry form including the contact data you provided there will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
The processing of the data entered in the form is therefore based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.
Registrations on our websites
You can log in/register in certain areas of our website to use additional functions on the site. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered - for example, registering for an event or downloading an information brochure. The mandatory information requested during registration must be provided in full. Otherwise, we may reject the registration.
For important changes, for example in the scope of the offer or in the case of technically necessary changes, we use the e-mail address provided during registration to inform you in this way.
The processing of the data entered during registration is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing already carried out remains unaffected by the revocation.
The data collected during registration will be stored by us as long as you are registered on our website and will then be deleted. Legal retention periods remain unaffected.
Links to other websites
As the provider of our Internet presence, we are responsible for our own content in accordance with general laws. Links" to content provided by other providers are to be distinguished from our own content. COSYS assumes no responsibility or liability for third-party content provided via links and does not adopt their content as its own. There is no influence on whether and how these providers comply with data protection regulations.
4. Newsletter
Newsletter data
On our websites and within our software products you have the possibility to register for our newsletter.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g. e-mail addresses for the member area) remains unaffected by this.
In accordance with Art. 7 (3) DSGVO, you can revoke your consent to receive the newsletter at any time with effect for the future. To do so, you simply need to inform us of your revocation or click on the unsubscribe link contained in each newsletter.
5. integration of third-party providers (Google, Facebook, Twitter, etc.)
Google Analytics
On our websites, we use Google Analytics, a web analytics service provided by Google Inc (hereinafter: Google). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these web pages, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link:Browser-Add-on zur Deaktivierung von Google Analytics.
In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking this link. This will install an opt-out cookie on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.
Use of Google Maps
Our websites use Google Maps API to visually display geographical information. When using Google Maps, Google also collects, processes and uses data about the use of the map functions by visitors. You can find more information about data processing by Google in the Google privacy policy. There you can also change your personal privacy settings in the Privacy Center.
Google reCAPTCHA
On our websites, we also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function is primarily used to distinguish whether an entry is made by a natural person or is misused by machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6.
(1) lit. f DSGVO on the basis of our legitimate interest in establishing indi vidual personal responsibility on the Internet and preventing misuse and spam. The use of Google reCAPTCHA may also result in the transmission of personal data to the servers of Google LLC. in the U.S.A. Further I nformation on Google reCAPTCHA as well as Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/
Embedded YouTube videos
We embed YouTube videos on some of our websites. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. This tells Youtube which pages you are visiting. If you are logged into your Youtube account, Youtube can assign your surfing behavior to you personally. You can prevent this by logging out of your Youtube account beforehand.
When a Youtube video is started, the provider uses cookies that collect information about user behavior.
Those who have deactivated the storage of cookies for the Google Ad program will not have to expect any such cookies when watching Youtube videos. However, Youtube also stores non-personal usage information in other cookies. If you would like to prevent this, you must block the storage of cookies in the browser.
For more information on data protection at "Youtube", please refer to the provider's privacy policy at:https://www.google.de/intl/de/policies/privacy/
Web analytics etracker
We use etracker on our websites. This is a web analytics service provided by etracker GmbH, Erste Brunnenstr. 1, 20459 Hamburg, Germany, hereinafter referred to as "etracker". etracker is used to analyze the usage behavior of our website. The legal basis is Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest lies in the analysis, optimization and economic operation of our website.
To analyze usage behavior, etracker stores cookies on your end device via your Internet browser and creates a pseudonymous usage profile. However, the data processed in this way will not be used to identify you personally without your separate consent. If you do not agree with this processing, you have the option to prevent the storage of the cookie by a setting in your Internet browser. You can find more information on this above under "Cookies".
In addition, you have the option to stop the analysis of your usage behavior by way of the so-called opt-out. By confirming the linkhttp://www.etracker.de/privacy?et=V23Jbba cookie is stored on your end device via your internet browser, which prevents further analysis. Please note, however, that you must click the above link again if you delete the cookies stored on your terminal device.
6. data collection within our apps and software products
Types of data processed
In the context of working with hardware and software solutions offered by COSYS, you are given the opportunity to record the information relevant to the handling of your own business processes within a software-based system. This also includes the following personal information such as:
- Inventory data (e.g. names, addresses)
- Contact details (e.g. e-mail, telephone numbers)
- Content data (e.g. text input)
- Usage data (e.g. access times, logins)
- Profile data (e.g. user names, passwords)
- Meta/communication data (e.g. device information, IP addresses)
For the following groups of persons, information can be collected within the solutions offered by COSYS:
- Employees
- Kunden
Collection of access data and log files
When using our apps & software products, there is no obligation for you to provide personal data. The provision of personal data is not required by law or contract and you are not obliged to provide data. We will inform you during the input process if the provision of personal data is required for the respective service (e.g. by designating it as a "required field"). In the case of required data, failure to provide it will result in the relevant service not being provided. Otherwise, the non-provision may have the consequence that we cannot provide our services in the same form and quality.COSYS collects on the basis of legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO, COSYS collects data about each access to servers on which COSYS software solutions are located (server log files). The access data includes the name of the software accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for the maintenance of the software and for security reasons (e.g. to clarify misuse) for a period of 30 days. Data whose further storage is required for evidentiary purposes is exempt from deletion until final clarification of the respective incident.
Purpose of processing
Auf Basis der nachfolgenden Rechtsgrundlage und für nachfolgend aufgeführte Zwecke können erfasste Daten durch von COSYS angebotene Lösungen und Softwarepakete verarbeitet werden.
To handle business processes of the customer
Data is processed within the scope of the respective solution/product used to handle the customer's business processes.
For the fulfillment of contractual obligations (Art. 6 para. 1 letter b DSGVO)
Data is processed for the execution of orders and contracts with our customers.The purposes of data processing depend in detail on the specific product and the contract documents.
Within the framework of the balancing of interests (Art. 6 para. 1 letter f DSGVO)
Data may also be used on the basis of a balance of interests to safeguard legitimate interests. This is done for the following purposes:
- General business management
- Further development of services, systems and products
- Compliance with internal requirements and requirements for audit or administrative purposes
- Ensuring IT security and IT operations
- Assertion of legal claims and defense in legal disputes
Our interest in the respective processing results from the respective purposes and is otherwise of an economic nature (efficient task fulfillment, sales, avoidance of legal risks).
Protection of the deposited data
To protect the security of information during transmission, Secure Sockets Layer software (SSL) is used. This software encrypts transmitted information from forms and input screens. COSYS maintains physical, electronic, and procedural safeguards related to the collection, storage, and disclosure of our customers' personal information. Critical inputs such as passwords are stored in encrypted form.
7. supplementary notes
Change to our privacy policy
We reserve the right to occasionally adapt this data protection declaration so that it always complies with the current legal requirements or in order to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new privacy policy will then apply to your next visit.
Objection to advertising e-mails
The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.