Privacy Policy

The responsible body within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

gradient.Systemintegration GmbH
Weiherstraße 10

D-78224 Singen (Hohentwiel)

t +49 (7731) 7 97 72 – 0
f +49 (7731) 7 97 72 – 16
info@gradient.de

If you have any questions about data protection, please send us an e-mail or contact the Data Protection Officer in our organisation directly:

Holger Klaussner
Weiherstraße 10
D-78224 Singen (Hohentwiel)

datenschutz@gradient.de

 

1 General

1.1 Scope of the processing of personal data

Generally, we process the personal data of our users only to the extent necessary to provide a functional website and our content and services. The personal data of our users is processed regularly only with the users’ prior consent. An exception is made in cases where prior consent cannot be obtained for valid reasons and the processing of data is permitted by applicable statutory provisions.

1.1  Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject to process their personal data, Art. 6 para. 1 lit. a of the EU Data Protection Regulation (GDPR) serves as the legal basis.

Where processing of personal data is necessary for the performance of a contract to which the data subject is a part, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing steps which are necessary prior to entering into a contract.

Insofar as processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

If vital interests of the data subject or another natural person require the processing of personal data Art. 6 para. 1 lit. d GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis.

1.2  Data deletion and storage period

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. Data will be blocked or deleted also in cases where a period of storage prescribed by the aforementioned norms expires, unless there is a need for further storage of the data for the purposes of concluding or performing a contract.

Provision of the website and generation of log files

2.1 Description and extent of data processing

Our website is hosted by a German provider (1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur). We have concluded a data processing agreement with this provider in accordance with Art. 28 GDPR.

Every time a user accesses our website, our system automatically collects data and information from the computer system from which the website is accessed.

The following data is collected:

  • Information on the browser type and version used
  • The user’s operating system
  • Time and date of access
  • Websites from which the user’s system accesses our website
  • Websites that are accessed by the user’s system via our website

The data is also stored in the log files of our system. This does not affect the user’s IP addresses or other data, which enable the data to be assigned to a user. Storage of this data together with other personal data of this user does not occur.

2.2 Legal basis for data processing

The legal basis for the temporary storage of data is Art. 6 para. 1 lit. f GDPR.

2.3 Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For that purpose, the user’s IP address must remain stored for the duration of the session.

These purposes also describe our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.

2.4 Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of data collected for the purpose of providing our website, this occurs when the respective session ends.

2.5 Possibility of objection and disposal

The collection of data for the provision of our website and the storage of data in log files is absolutely necessary for the operation of our website. There is, therefore, no possibility of objection on the part of the user.

Use of cookies

3.1 Description and extent of data processing

Our website uses cookies. Cookies are text files stored in the internet browser resp. by the internet browser in the user’s computer system. When a user accesses a website, a cookie may be stored in the user’s operating system. This cookie contains a typical sequence of characters by which the browser can be uniquely identified when the same website is visited the next time.

We use cookies in order to make our website more user-friendly. Some elements of our website require the calling browser to also be identified after a change to another site takes place.

This website uses only one cookie. Its lifetime will end at the end of the session. It contains session information and is required for the technical implementation of our website.

The user data collected in this way is pseudonymized by technical precautions. Therefore, it is no longer possible to assign the data to the user accessing the website. The data is not stored together with other personal data of the user.

3.2 Legal basis for data processing

The legal bases for processing personal data using cookies is Art. 6 para. 1 lit. f GDPR.

3.3 Purpose of data processing

The purpose of using technically necessary cookies is to make the website easier to use. Some functions our website cannot be made available without the use of cookies. For this reason, it is necessary that the browser is also identifiable after a site change.

User data collected by cookies that are technically required will not be used to generate user profiles.

These purposes also describe our legitimate interest in the processing of personal data according Art. 6 para. 1 lit. f of the GDPR.

3.4 Storage duration, possibility of objection and disposal

Cookies are stored in the user’s computer and transferred to our system from there. The user has full control of the ways is which cookies are used. You can disable or restrict the transfer of cookies by changing the settings in your internet browser. Cookies already stored can be deleted at any time. This can be done automatically. If cookies are disabled for our website, the full use of all functions of our website may not be available.

Contact form and e-mail contact

4.1 Description and extent of data processing

A contact form is available on our website for users to contact us by electronic means. If a user makes use of this option, the data entered in the input mask will be transferred to us and stored. This data includes:

  • Title
  • Name
  • E-mail address
  • Telephone number
  • Company name
  • Country
  • Request

For the processing of this data, your consent will be obtained during the sending process and reference will be made to this privacy policy.

Alternatively, you can contact us using the e-mail address provided. In this case, the user’s personal data will be transferred with the e-mail.

In both cases, the data will be transferred to our e-mail provider:

Microsoft Ireland Operations, Ltd., Attn: Data Privacy, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA

The data will only be stored in servers in the EU and we have a data processing agreement with Microsoft.
In this context, the data will not be passed on to third parties, with the exception of Microsoft. The data will be used exclusively for processing the conversation.

4.2 Legal basis for data processing

The legal basis for processing the data is the user’s consent Art. 6 para. 1 lit. a GDPR.

The legal basis for processing the data, which are transmitted in the course of sending an e-mail, is Art. 6 para. 1 lit. f GDPR. If the e-mail is sent in connection with the aim of concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.

4.3 Purpose of data processing

The processing of personal data from the input mask serves only to process the establishment of contact. In the case of e-mail contact, this is also the necessary legitimate interest in processing the data.

The other personal data processed during the sending process is used to prevent abuse of the contact form and ensure the security of our IT systems.

4.4 Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected and no legal archiving obligations apply. For personal data from the input mask of the contact form and the data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be concluded from the circumstances that the matter in question has been finally clarified.

4.5 Possibility of objection and disposal

The user can withdraw his consent to the processing of personal data at any time. If a user contacts us by e-mail, he can object to the storage of personal data at any time. In such a case, the conversation cannot be continued.

In order to withdraw consent or object to the storage of personal data, please contact our Data Protection Officer. Contact details can be found at the beginning of this privacy policy.

All personal data which was stored in the course of establishing contact with us will be deleted.

Social Media

We offer an online service on the social media platform Facebook to provide information and contact users.

When visiting our Facebook page, cookies will be stored by Facebook in the user’s browser. These will be used, for example, to display personalised advertising to the user. User data may be processed outside the EU. We have no influence on the cookies set and the processed data.

Personal data processing is based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) in communicating with our customers and providing a diverse external presentation of our company. If applicable, the user has given his consent to Facebook for data processing. The legal basis for processing in this case is Art. 6 para. 1 lit. a GDPR.

Data is processed by Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. The basis is the agreement on joint processing of personal data according to Art. 26 GDPR: https://www.facebook.com/legal/terms/page_controller_addendum

Facebook privacy policy: https://www.facebook.com/about/privacy/

It is possible to opt out under the following address: https://www.facebook.com/settings?tab=ads

External links

Our offer contains links to other websites. We do not have any influence on whether their operations comply with data protection regulations.

Rights of the data subject

By contacting our Data Protection Officer using the details provided, you can exercise the following rights at any time:

  • Obtain information about the data we have stored and its processing,
  • Rectification of incorrect personal data,
  • Deletion of the data stored by us,
  • Restriction of data processing, provided we are not yet permitted to delete your data due to legal obligations,
  • Objection to us processing of your data and
  • Data transferability if you have consented to data processing or have concluded a contract with us.

If you have given us your consent, you can revoke this at any time with effect for the future.

Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a relevant supervisory authority at any time. Your local supervisory authority will vary according to the country or federal state where you live, your employment or the suspected violation. A list of the supervisory authorities (for the non-public sector) with addresses can be found at: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm .

Data security

The TLS method is used to protect the transmitted data.
An encrypted connection can be recognized by the lock symbol in the browser line.

10 Change to our privacy policy

We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your next visit.

  • 30.09.2020: First version
  • 09.10.2020: Translation to English. URL for supervisory authorities changed to EU authorities instead of German authorities.
  • 14.10.2020: Edited details about the used cookie (3.1)

 

Last updated: 14.10.2020

Legal notice & Data protection

Copyright © gradient.Systemintegration GmbH 2021