Privacy Policy

Data protection on our website

Protecting your privacy when processing personal data is important to us. When you visit our website, our web servers automatically store the IP address of your internet service provider, the website from which you visit us, the pages you visit on our site, as well as the date and duration of your visit. This information is necessary for the technical transmission of web pages and for secure server operation. No personalized evaluation of this data is carried out.

If you send us data via a contact form, this data will be stored on our servers as part of the data backup. We use your data exclusively to process your request. Your data will be treated strictly confidentially and will not be disclosed to third parties.

Responsible:

daenet Gesellschaft für Informationstechnologie mbH
Hanauer Landstr. 204
60314 Frankfurt
Email: info@daenet.de
Phone: +49 (69) 242408 - 21

Personal Data

Personal data refers to data about an individual that can identify them, such as their name, address, and email address. You are not required to provide any personal data to visit our website. However, in some cases, we may need your name, address, and additional information to provide you with the requested service.

The same applies in the event that we provide you with informational material upon request or when we respond to your inquiries. In these cases, we will always inform you accordingly. Additionally, we only store the data that you have automatically or voluntarily transmitted to us.

When you use one of our services, we generally only collect the data that is necessary to provide you with our service. We may ask you for additional information, but this is of a voluntary nature. Whenever we process personal data, we do so in order to offer you our service or pursue our commercial objectives.

Contact information

When contacting us (e.g., via contact form, email, telephone, or social media), the information provided by the inquiring individuals will be processed as necessary to respond to the contact inquiries and any requested actions.

The response to contact inquiries within the scope of contractual or pre-contractual relationships is carried out to fulfill our contractual obligations or to respond to (pre)contractual inquiries. In other cases, it is based on the legitimate interests in answering the inquiries.

  • Types of processed data: Master data (e.g., names, addresses), contact details (e.g., email, telephone numbers), content data (e.g., inputs in online forms).
  • Data subjects: Communication partners.
  • Purposes of processing: Handling contact inquiries and communication.
  • Legal bases: Fulfillment of a contract and pre-contractual inquiries (Art. 6 Abs. 1 lit. b. DSGVO), Legitimate interests (Art. 6 Abs. 1 lit. f. DSGVO).

Automatically stored data

Server log data

The provider of the pages collects and automatically stores information in so-called server log files, which your browser automatically transmits to us. This includes:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • Web browser used and operating system used
  • Full IP address of the requesting computer
  • Amount of data transmitted

These data are not merged with other data sources. The processing is carried out in accordance with Art. 6(1)(f) of the GDPR based on our legitimate interest in improving the stability and functionality of our website.

For reasons of technical security, especially to defend against attack attempts on our web server, we store this data temporarily. It is not possible for us to draw conclusions about individual persons based on this data. After a maximum of seven days, the data is anonymized by shortening the IP address at the domain level, so that it is no longer possible to establish a reference to the individual user. In anonymized form, the data is also processed for statistical purposes; there is no comparison with other data sets or disclosure to third parties, even in excerpts. Only within the scope of our server statistics, which we publish every two years in our activity report, is the number of page views presented.

Registration for educational and training services:

When you register for one of our educational and training services on our website, we use your data to provide you with our training services. The processing is carried out in accordance with Art. 6(1)(b) of the GDPR.

The data processed in this context, the type, scope, purpose, and necessity of their processing, are determined by the underlying contractual and training relationship.

Cookies

Cookies are small text files that are stored on your computer. We only use technically necessary cookies. We do not use cookies for tracking or marketing purposes as a matter of principle.

SOCIAL PLUGINS FROM FACEBOOK, TWITTER, INSTAGRAM, LINKEDIN, etc.

On our website, social buttons from social networks are used. These are simply embedded as HTML links on the page, so when you visit our website, no connection is made to the servers of the respective provider. When you click on one of the buttons, the website of the respective social network opens in a new window of your browser. There, you can, for example, click on the like or share button.

ONLINE PRESENCE ON FACEBOOK, TWITTER, INSTAGRAM, LINKEDIN

If you have given your consent pursuant to Art. 6(1)(a) of the GDPR to the respective social media platform operator, your data may be automatically collected and stored for market research and advertising purposes when you visit our online presence on the aforementioned social media platforms. This data is used to create usage profiles using pseudonyms. These profiles can be used, for example, to display advertisements within and outside the platforms that are presumed to be of interest to you. Usually, cookies are used for this purpose. For detailed information on the processing and use of data by the respective social media platform operator, as well as your contact options and your rights and privacy settings, please refer to the privacy policies of the providers linked below. If you need assistance regarding this matter, please feel free to contact us.

LinkedIn: https://www.linkedin.com/legal/privacy-policy

Facebook: https://www.facebook.com/about/privacy/

Instagram: : https://instagram.com/about/legal/privacy

Twitter: https://twitter.com/de/privacy

Online forms

Our website uses form.taxi, a web service provided by the website. https://form.taxi (below “form.taxi”). To provide you with the functionality of the form, we send the data you provide to form.taxi. This data is processed, stored, and forwarded to us via email by form.taxi. In addition, form.taxi collects other data such as your IP address, browser type, domain of the website, date, and time of access to provide the desired functionality of the form. The legal basis for using form.taxi is Art. 6(1)(f) of the GDPR (legitimate interest). The data processing and storage take place within the European Union. For more information, please refer to form.taxi’s privacy policy. taxi: https://form.taxi/de/privacy.

Newsletter

This website uses Zoho Campaigns for sending newsletters. The provider is Zoho Corporation Pvt. Ltd., Estancia IT Park, Plot No. 140–151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, India (“Zoho Campaigns”).

Zoho Campaigns is a service that enables, among other things, the organization and analysis of newsletter distribution. The data you enter for the purpose of subscribing to the newsletter is stored on Zoho Campaigns’ servers.

With the help of Zoho Campaigns we can analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links were clicked. This allows us to determine, among other things, which links are clicked particularly often. We can also recognize whether certain predefined actions were carried out after opening/clicking (conversion rate), e.g. whether you made a purchase after clicking the newsletter. If you do not want analysis by Zoho Campaigns, you must unsubscribe from the newsletter. We provide a corresponding link in every newsletter email. Zoho Campaigns also enables us to categorize newsletter recipients (“clustering”), e.g. by age, gender or place of residence, in order to better adapt newsletters to the respective target groups. If you do not want analysis by Zoho Campaigns, please unsubscribe using the link in every newsletter.

Detailed information about Zoho Campaigns’ functions can be found here:
https://www.zoho.com/campaigns/features.html

Zoho’s privacy and GDPR information can be found here:
https://www.zoho.com/privacy.html and https://www.zoho.com/gdpr.html

Processing is based on your consent (Art. 6(1)(a) GDPR). You can revoke your consent at any time with effect for the future.

Data transfers to third countries are based on the EU Standard Contractual Clauses. Details:
https://www.zoho.com/privacy/dpa/DPA_zoho_com.pdf

The data you provide to subscribe to the newsletter will be stored by us until you unsubscribe from the newsletter (with us or the newsletter service provider) and will be deleted from the newsletter distribution list after you unsubscribe or when the purpose no longer applies. We reserve the right to delete or block email addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Art. 6(1)(f) GDPR. Data stored by us for other purposes remains unaffected.

After you unsubscribe from the newsletter distribution list, your email address may be stored in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). Blacklist storage is not time-limited. You can object to the storage if your interests outweigh our legitimate interest.

We have concluded a Data Processing Agreement (Art. 28 GDPR) with the above-mentioned provider. This legally required contract ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Zoho Forms and CRM

We use Zoho Forms and Zoho CRM on this website. Provider: Zoho Corporation Pvt. Ltd., Estancia IT Park, Plot No. 140–151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, India.

Zoho Forms allows us to embed forms on the website with a direct connection to our CRM. Zoho CRM enables us, among other things, to manage existing and potential customers and contacts and to organize sales and communication processes. Using the CRM system also allows us to analyze and optimize our customer-related processes. Customer data is stored on Zoho CRM’s servers. Details on Zoho CRM features:
https://www.zoho.com/de/crm/help/getting-started/key-features.html

Use of Zoho Forms and CRM is based on Art. 6(1)(f) GDPR (legitimate interest in efficient customer management and communication). Where consent is requested (e.g., for storing cookies or accessing information on the user’s device under the TDDDG), processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG. Consent can be revoked at any time.

Data transfers to third countries outside the EU are based on the EU Standard Contractual Clauses. Details:
https://www.zoho.com/privacy/dpa/DPA_zoho_com.pdf

Zoho privacy & GDPR: https://www.zoho.com/privacy.html and https://www.zoho.com/gdpr.html

We have concluded a Data Processing Agreement (Art. 28 GDPR) with Zoho to ensure processing in accordance with our instructions and the GDPR.

Website Analysis

We use the privacy-friendly web analytics service provided by Plausible.io (Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia, www.plausible.io) to collect anonymous statistics about the usage of our website. Based on anonymized data, the analysis does not allow any conclusions to be drawn about individual persons. The following data is processed within the EU:

  • URL of the page
  • HTTP referer
  • Browser
  • Operating system
  • Device type
  • Country (the IP address is not stored)

The processing of this data is based on our legitimate interest in measuring the reach of our website (Art. 6(1)(f) of the GDPR).

For further information about Plausible, please visit their website at https://plausible.io/data-policy

Security

We have implemented technical and administrative security measures to protect your personal data against loss, destruction, manipulation, and unauthorized access. All our employees and service providers working on our behalf are obligated to comply with applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before transmission. This means that your data cannot be misused by third parties. Our security measures are subject to ongoing improvement, and our privacy policies are constantly revised. Please make sure you have the latest version available to you.

Rights of the Data Subject

You have the right to obtain information about, correct, delete, or restrict the processing of your stored data at any time. You also have the right to object to the processing of your data, as well as the right to data portability and the right to lodge a complaint in accordance with the provisions of data protection law.

Right to Information:

You have the right to request information from us about whether and to what extent we process your data.

Right to Rectification:

If we process your data that is incomplete or incorrect, you have the right to request their rectification or completion from us at any time.

Right to Erasure:

You have the right to request the erasure of your data from us if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests. Please note that there may be reasons that prevent immediate deletion, such as legal retention obligations.

Regardless of your exercise of the right to erasure, we will promptly and completely delete your data unless there is any contractual or legal obligation to retain it.

Right to Restriction of Processing:

You have the right to request the restriction of processing of your data from us in the following situations:

- If you dispute the accuracy of the data, for a period that allows us to verify the accuracy of the data.

- If the processing of the data is unlawful, but you refuse to have it deleted and instead request the restriction of its use.

- If we no longer need the data for the intended purpose, but you still need the data for the assertion or defense of legal claims.

- If you have objected to the processing of the data.

Right to Data Portability:

You have the right to request that we provide you with your data, which you have provided to us, in a structured, commonly used, and machine-readable format, and that you have the right to transmit this data to another controller without hindrance from us, provided that:

- We process this data based on your revocable consent or for the performance of a contract between us, and

- This processing is carried out by automated means.

Where technically feasible, you may request that we transmit your data directly to another controller.

Right to Object:

If we process your data based on legitimate interests, you have the right to object to such processing at any time, including profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims. You have the right to object to the processing of your data for the purpose of direct marketing at any time without providing reasons.

Right to Lodge a Complaint:

If you believe that we are in violation of German or European data protection laws in processing your data, we kindly ask you to contact us to clarify any questions. You also have the right to lodge a complaint with the supervisory authority responsible for you, the respective State Office for Data Protection Supervision.

If you wish to exercise any of the aforementioned rights against us, please contact our Data Protection Officer. We may request additional information to confirm your identity if necessary.

Changes to this Privacy Policy:

We reserve the right to amend our privacy policy if it becomes necessary due to new technologies. Please ensure that you have the latest version. If there are any fundamental changes made to this privacy policy, we will announce them on our website.

All interested parties and visitors to our website can contact us regarding privacy matters at:

Mr. Robert Heindl

Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

Tel.: 0941 2986930
Fax: 0941 29869316
E-Mail: anfragen@projekt29.de
Internet: www.projekt29.de

General Privacy Information in accordance with Art. 13 GDPR

The protection of your personal data is of particular importance to us. Therefore, we process your personal data (referred to as “data”) exclusively in accordance with the applicable legal provisions. With this privacy statement, we aim to provide you with comprehensive information in accordance with Art. 13 of the European General Data Protection Regulation (EU GDPR) regarding the processing of your data within our company, as well as your rights and entitlements under data protection law.

  1. Who is responsible for data processing and who can you contact?

The responsible party is

daenet Company for Information Technology GmbH Hanauer Landstr. 204
60314 Frankfurt
E-Mail-Adresse: info@daenet.de
Telefon: +49 (69) 242408 - 21

The company’s data protection officer is Robert Heindl
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

E-Mail: anfragen@projekt29.de

Tel.: 0941-2986930

  1. Which data is processed and from which sources does this data originate?

We process the data that we have received from you during the course of contract initiation or fulfillment, based on your consent, or as part of your application or employment with us.

The personal data includes:

Personal data includes your basic/contact information, which for customers may include first and last name, address, contact details (email address, telephone number, fax), and banking information.

For applicants and employees, this includes, for example, first and last name, address, contact information (email address, telephone number, fax), date of birth, data from resumes and employment references, bank details, religious affiliation, and photographs.

For business partners, this includes, for example, the designation of their legal representatives, company name, commercial register number, VAT identification number, business number, address, contact information of the designated contact persons (email address, telephone number, fax), and bank details.

For participants in our educational and training programs, this includes, for example, first and last name, address, contact information (email address, telephone number).

For visitors to our company, this includes name and signature.

In addition, we also process the following other personal data:

- Information about the nature and content of contract data, order data, sales and document data, customer and supplier history, as well as consulting documents, - Advertising and sales data, - Information from your electronic communication with us (e.g., IP address, login data), - Other data that we have received from you in the context of our business relationship (e.g., in customer meetings), - Data that we generate ourselves from master/contact data and other data, such as through customer needs and potential analyses, - Documentation of your consent for receiving newsletters, for example, - Photographs taken during events.

  1. For what purposes and on what legal basis are the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the applicable version of the Federal Data Protection Act 2018:

  • for the fulfillment of contractual obligations (Art. 6(1)(b) GDPR):

The processing of your data is carried out for the purpose of contract fulfillment, whether it be online or at one of our branches, and for the fulfillment of your employment relationship with our company. The data is processed particularly during business initiation and when executing contracts with you.

  • for compliance with legal obligations (Art. 6(1)(c) GDPR):

The processing of your data is necessary to fulfill various legal obligations, such as those arising from the Commercial Code or the Tax Code.

  • for the purpose of legitimate interests pursued by the data controller or a third party (Art. 6(1)(f) GDPR):

Based on a balance of interests, data processing may occur beyond the actual fulfillment of the contract in order to safeguard legitimate interests of ours or third parties. Data processing for the purpose of legitimate interests may occur in the following cases, for example:

- Advertising or marketing (see No. 4), - Measures for business management and further development of services and products, - Maintenance of a group-wide customer database for improving customer service, - Within the scope of legal enforcement, - Sending non-sales-promoting information and press releases.

  • Based on your consent (Art. 6(1)(a) GDPR):

If you have given us consent to process your data, for example, to receive our newsletter.

  1. Processing of personal data for advertising purposes

You can object to the use of your personal data for advertising purposes at any time, either in full or for specific measures, without incurring any costs other than the transmission costs at the basic rates.

Under the legal conditions of § 7(3) of the German Unfair Competition Act (UWG), we are entitled to use the email address you provided during the conclusion of a contract for direct advertising of our own similar goods or services. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter.

If you do not wish to receive such recommendations by email from us, you can object to the use of your address for this purpose at any time, without incurring any costs other than the transmission costs at the basic rates. A notification in written form is sufficient for this purpose. Of course, every email also contains an unsubscribe link.

  1. Who will receive my data?

If we use a service provider for order processing, we remain responsible for the protection of your data. All data processors are contractually obliged to treat your data confidentially and to process it only within the scope of service provision. The data processors we engage will receive your data if they require the data to fulfill their respective services. These may include IT service providers that we need for the operation and security of our IT system, as well as advertising and address publishers for our own advertising campaigns.

In the event of a legal obligation or in the context of legal proceedings, authorities, courts, and external auditors may be recipients of your data.

In addition, for the purpose of contract initiation and fulfillment, insurance companies, banks, credit agencies, and service providers may be recipients of your data.

  1. How long will my data be stored?

We process your data until the termination of the business relationship or until the expiration of applicable statutory retention periods (e.g., from the Commercial Code, the Tax Code, or the Working Time Act). Furthermore, we will store the data until the termination of any potential legal disputes in which the data is required as evidence.

  1. Will personal data be transferred to a third country?

In general, we process your data within the EU. If a transfer to a third country takes place, it will only be based on an adequacy decision of the European Commission, standard contractual clauses, appropriate safeguards, or your explicit consent.

  1. What data protection rights do I have?

You have the right to request information, correction, deletion, or restriction of the processing of your stored data, the right to object to the processing, as well as the right to data portability and the right to lodge a complaint, in accordance with the conditions of data protection law.

Right to information:

You have the right to request information from us about whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can request its correction or completion at any time.

Right to deletion:

You can request the deletion of your data from us if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests for data protection. Please note that there may be reasons that prevent immediate deletion, such as statutory retention obligations.

Regardless of exercising your right to deletion, we will promptly and completely delete your data unless there is a contractual or legal obligation to retain it.

Right to restriction of processing:

You can request the restriction of the processing of your data from us if:

- you contest the accuracy of the data, for a period that allows us to verify the accuracy of the data.

- the processing of the data is unlawful, but you oppose its deletion and request a restriction of its use instead.

- we no longer need the data for the intended purpose, but you still need it for the establishment, exercise, or defense of legal claims, or

- you have objected to the processing of the data.

Right to data portability:

You can request that we provide you with your data that you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit this data to another controller without hindrance from us if:

- we process this data based on your revocable consent or for the performance of a contract between us, and

- the processing is carried out by automated means.

Where technically feasible, you can request us to transmit your data directly to another controller.

Right to object:

If we process your data based on legitimate interests, you can object to this data processing at any time, including profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims. You can object to the processing of your data for the purpose of direct marketing at any time without stating any reasons.

Right to lodge a complaint:

If you believe that the processing of your data by us violates German or European data protection law, we kindly ask you to contact us to clarify any questions. You also have the right to lodge a complaint with the competent supervisory authority, the respective State Office for Data Protection Supervision.

If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity

  1. Am I obliged to provide data?

The processing of your data is necessary for the conclusion or fulfillment of the contract you have entered into with us. If you do not provide us with this data, we will generally have to refuse the conclusion of the contract or will no longer be able to carry out an existing contract and therefore have to terminate it. However, you are not obliged to give your consent to the processing of data that is not relevant or legally required for the fulfillment of the contract.

  1. Changes to this Privacy Policy

We reserve the right to modify our privacy policy if necessary due to new technologies or processing activities. Please ensure that you have the latest version of the policy.

Effective May 2022