Information on data protection regarding our processing of customer and prospective customer data for the purpose of implementing contractual relationships or within the context of implementing pre-contractual measures can be downloaded here as a pdf file: Data Protection Information for Customers and Potential Customers.
1. Introduction and General
Thank you for your interest in our website. The protection of your personal data is very important to us. In the following you will find information on the handling of your data that is collected through your use of our website. Your data will be processed in accordance with the legal data protection regulations.
Responsible in Terms of the GDPR
+49 (0)611 167790-40
Contact Details of the Data Protection Officer
PROLIANCE GmbH / www.datenschutzexperte.de
2. Access to and storage of information in terminal equipment
By using our website, information (e.g. IP address) may be accessed or stored (e.g. cookies) in your terminal equipment. This access or storage may involve further processing of personal data within the meaning of the GDPR.
In cases where such access to information or such storage of information is absolutely necessary for the technically error-free provision of our services, this is done on the basis of Section 25 (1) Sentence 1, (2) No. 2 TTDSG.
In cases where such a process serves other purposes (e.g. the needs-based design of our website), this will only be carried out on the basis of Section 25 (1) TTDSG with your consent in accordance with Article 6 (1) a DSGVO. The consent can be revoked at any time for the future. The requirements of the DSGVO and the Federal Data Protection Act (BDSG) apply to the processing of your personal data.
For more information on the processing of your personal data and the relevant legal bases in this context, please refer to the following sections on the specific processing activities on our website.
3. Server Log Files
When you visit our website, it is technically necessary that data is transmitted to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your Internet browser and our web server:
- Date and time of the request
- Name of the requested file
- Page from which the file was requested
- Access status
- Web browser and operating system used
- (Complete) IP address of the requesting computer
- Amount of data transmitted
We collect the listed data to ensure a smooth connection of the website and to enable a comfortable use of our website by the users. In addition, the log file serves to evaluate system security and stability as well as for administrative purposes. The legal basis for the temporary storage of the data or log files is Art. 6 para. 1 lit. f GDPR.
This website is hosted by an external service provider (1und1). Personal data collected on this website is stored on the hoster’s servers. This may include IP addresses, contact requests, meta and communication data, website accesses and other data generated via a website.
We collect the listed data in order to ensure a smooth connection of the website and a technically error-free provision of our services. The processing of this data is absolutely necessary to provide you with the website. The legal basis for processing the data is our legitimate interest in the correct presentation and functionality of our website in accordance with Art. 6 (1) lit. f DSGVO.
We have concluded an order processing contract with the provider in accordance with the requirements of Art. 28 DSGVO, in which we oblige him to protect the data of our customers and not to pass them on to third parties.
In some cases, cookies are used to simplify website processes by saving settings (e.g. the retention of previously selected options). Insofar as personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the execution of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit. You can set your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for specific cases or in general, and to activate the automatic deletion of cookies when closing the browser.
The cookie settings can be managed for the respective browser under the following links.
You can also individually manage the cookies of many companies and functions that are used for advertising. To do this, use the appropriate user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices. Most browsers also offer a “do-not-track” feature, which allows you to indicate that you do not wish to be “tracked” by websites. When this feature is enabled, the browser tells ad networks, websites and applications that you do not want to be tracked for behavioral advertising and the like.
For information and instructions on how to edit this feature, please refer to the links below, depending on the provider of your browser:
Please note that if you disable cookies, the functionality of this website may be limited.
6. Third Party Tools
On this website we use HubSpot for our online marketing activities. HubSpot is a software company from the USA with a subsidiary in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500. Through standard contractual clauses according to guideline 95/46/EG, the legal data transfer from the EU to the USA/third countries is guaranteed by HubSpot. HubSpot is an integrated software solution that we use to cover various aspects of our online marketing. These include among others: Email marketing (newsletters and automated mailings, e.g. to provide downloads), social media publishing & reporting, reporting (e.g. traffic sources, access, etc. …), contact management (e.g. user segmentation & CRM), landing pages and contact forms.
HubSpot is certified by TRUSTe for corporate data protection, among other things. In addition, their data center solution meets compliance certifications such as ISO 27001, SOC 2 Type II, ISO 27018 and FedRAMP accreditation. There is a Data Processing Agreement between HubSpot and bluetelligence.
With the help of the cookie settings you can prevent the tracking of your data.
More information about HubSpot’s data protection policy.
More information from HubSpot regarding EU data protection regulations.
More information about the cookies used by HubSpot can be found here & here.
b) Google Analytics
Our website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. (“Google”). Google Analytics uses so-called cookies. These are text files which are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area, which means that a personal reference can be excluded.
If you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, the processing on this website is for the purpose of website analysis.
A click on the following link prevents Google Analytics from recording the data by setting an opt-out cookie.
Our website uses the web analysis service Hotjar of Hotjar Ltd. Hotjar Ltd. is a European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe, Tel.: +1 (855) 464-6788).
This tool allows you to track movements on the websites where Hotjar is used (so-called heat maps). For example, it can be seen how far users scroll and which buttons users click on and how often. Furthermore, the tool also makes it possible to obtain feedback directly from the users of the website. Most importantly, Hotjar’s services improve the functionality of the Hotjar-based website by making it more user-friendly, more valuable and easier for end users to use.
When using this tool, we pay special attention to the protection of your personal data. For example, we can only track which buttons are clicked, the course of the mouse, how far it scrolls, the screen size of the device, device type and browser information, geographic location (country only), and the preferred language to display our website. Areas of the websites where personal information about you or third parties is displayed are automatically hidden by Hotjar and therefore cannot be traced at any time. In order to exclude the possibility of direct personal references, IP addresses are only stored and processed anonymously. However, Hotjar uses various third-party services such as Google Analytics and Optimizely. It may therefore be the case that these services collect data that is transmitted by your browser in the context of web page requests. These would be, for example, cookies or your IP address. In these exceptional cases, this processing is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your consent for the purpose of statistical analysis of user behavior for optimization and marketing purposes.
Hotjar offers each user the possibility of preventing the use of the Hotjar tool by means of a “Do Not Track” header, so that no data about the visit to the respective website is recorded. This is a setting that is supported by all common browsers in current versions. To do this, your browser sends a request to Hotjar to disable the tracking for the respective user. If you use our websites with different browsers/computers, you must set up the “Do Not Track” header separately for each of these browsers/computers.
When you visit a Hotjar-based website, you can prevent Hotjar from collecting your information at any time by going to our opt-out page https://www.hotjar.com/legal/compliance/opt-out and clicking on deactivate Hotjar.
For more information about Hotjar Ltd. and the Hotjar tool, please visit: https://www.hotjar.com.
This website was created with Elementor (Company: Elementor Ltd.). Elementor is a plug-in to WordPress.
f) Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
The purpose of reCAPTCHA is to verify whether data entry on our website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyses the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information, e.g.
• IP address
• length of time the website visitor spends on the website
• mouse movements made by the user
The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses might run in the background. Website visitors might not be made aware that an analysis is taking place. The data processing is based on Art. 6 para. 1 lit. f GDPR.
We have a legitimate interest in protecting our website from abusive automated spying and from unwanted automated mailings (spam).
Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 Para. 2 lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.
We do not store any personal data from the use of reCAPTCHA. In general, personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies.
g) Consent Management (Borlabs)
In order to manage cookies in a data protection compliant manner, we use the software solution of the company Borlabs- Benjamin A. Bornschein, Georg- Wilhelm-Str. 17, 21107 Hamburg, Germany.
When visiting our website, an essential cookie is stored in the user’s browser, in which the consent given or the revocation of consent is stored. This data is not passed on to the provider of Borlabs cookie.
The collected data will be stored until you request us to delete it or delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
7. Existing Web Forms on the Website
On our website you will find the following web forms which you can use to contact us: Web form to request a quotation, web form to receive a test version, web form to arrange a web session, contact form.
Integration ReCaptcha: An integration of ReCaptcha is used in the forms to exclude spam requests. It should be prevented that search engine robots fill out the forms and send meaningless requests. In this case you must agree to the ReCaptcha with a check mark before you can submit the form.
a) Web Form to Request a Quotation, Web Form to Receive a Test Version, Contact Form
The transmission of personal data via the web forms is exclusively encrypted. The data entered in the input mask is transmitted to us and stored. These are
- User’s e-mail address (required),
- First and last name (required)
- Company if necessary
- Phone number if necessary
- Message if necessary.
When sending the message, the following data is also saved: date, time.
Legal basis for the processing of the transmitted data: Execution of pre-contractual measures or a contract according to Art. 6 para. 1 lit. b GDPR as well as according to Art. 6 para. 1 lit. f GDPR.
We use HubSpot to provide the forms (for details see above under “4a) Third party tools”). HubSpot processes your data further and makes them available in the software. The data is encrypted in Frankfurt in the Google Cloud Platform (GCP). Only when this has been done will the data be forwarded to US servers and stored there. Through the encrypted, the data is encrypted and useless for third parties.
If you do not want data transfer with HubSpot, you should not fill out a form and contact us by phone or e-mail.
Data that we receive to carry out pre-contractual measures or a contract is also transferred to our CRM (Customer Relationship Management). The data you enter for the purpose of an inquiry (e.g. e-mail address) will be stored on ZOHO CORPORATION’s (ZOHO CORPORATION B. V., Beneluxlaan 4B, 3527 HT UTRECHT, The Netherlands) servers in the USA until 23.10.2020. From 24.10.2020, the servers in the EU will be used and no more data will be transferred to the USA.
ZOHO CORPORATION (ZOHO CORPORATION B. V., Beneluxlaan 4B, 3527 HT UTRECHT, The Netherlands) and bluetelligence GmbH have a so-called Data Processing Addendum, which discloses the processing of the data on the part of ZOHO CORPORATION and clarifies further questions upon request.
b) Web Form for the Arrangement of a Web Session by Microsoft Bookings
A web form is provided on our website where you can contact us to arrange a free individual web session on our products. The transmission of personal data via the web form is exclusively encrypted. If you use this option, the data entered in the input mask will be transmitted to us and stored. These data are:
- E-mail adress of the user
- First and last name
When sending the message, the following data is also saved: Date and time. The form is made available via Microsoft Booking, which means that data is exchanged within the tool itself. Data centers are located in Berlin and Frankfurt. Legal basis for processing the transmitted data: Implementation of pre-contractual measures or a contract according to Art. 6 para. 1 lit. b GDPR as well as according to Art. 6 para. 1 lit. f GDPR.
The form is provided by Microsoft with the service Microsoft Bookings. Microsoft has invested in the operational processes necessary to meet the high requirements of the model clauses for the transfer of personal data to data processors. The implementation of the provisions of the strict requirements have been fulfilled.
More information about the Microsoft EU standard clause: https://docs.microsoft.com/en-us/microsoft-365/compliance/offering-eu-model-clauses?view=o365-worldwide
The data you enter for an inquiry (e.g. e-mail address) is also transferred to our CRM (Customer Relationship Management). ZOHO CORPORATION and bluetelligence have a so-called Data Processing Addendum, which discloses how the data is processed on the side of ZOHO CORPORATION and will gladly answer any further questions upon request.
c) Webinar Registration
You have the possibility to register for webinars or recorded webinars. For this we use the service of GoToWebinar.
GoToWebinar is provided by LogMeIn: LogMeIn Ireland Limited, Bloodstone Building Block C, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland. Locations and subcontractors of GoToWebinar data processing are located in Europe (Frankfurt, Amsterdam, Dublin). The receipt/deletion of data is strictly controlled by SPOC – Security and Privacy Operational Controls and is recorded here. The data will not be passed on to third parties. This is recorded in the existing Data Processing Addendum (DPA). The DPA has been adapted and covers the changes to the Privacy Shield Agreement.
Official statement: https://www.logmeininc.com/legal/privacy-shield
If you are interested in a webinar and have clicked on it, you will be redirected to a page provided by GoToWebinar. Here you can register for a LIVE webinar or a recorded webinar. By entering your contact information (name, title, email address) you register for the webinar. The data will be further processed by GoToWebinar and transferred to bluetelligence. A Data Processing Agreement exists between bluetelligene and GoToWebinar (LogMeIn). Your data will only be stored in order to send you further information after the webinar. If you do not wish this, you can object to the processing of your personal data at any time in accordance with article 6 para. 1 lit. f GDPR. If you generally do not want GoToWebinar to process your data, you should not register for a webinar.
Further Information: https://www.logmeininc.com/trust
If you would like to receive the newsletter offered on the website with regular information about our offers and products, we need your e-mail address as mandatory information. Additional data is provided to address you personally in the newsletter or to identify you if you wish to exercise your rights as a data subject. We use the so-called double opt-in procedure for sending the newsletter. This means that we will only send you our newsletter by e-mail and add you to the newsletter list after you have confirmed that you agree to receive newsletters. In the first step, you will receive an e-mail with a link that you can use to confirm that you, as the owner of the corresponding e-mail address, wish to receive newsletters in the future. With the confirmation you give us your consent according to Art. 6 para. 1 lit. a GDPR that we may use your personal data for the purpose of the desired newsletter dispatch.
When you register for the newsletter, we store, in addition to the e-mail address required for sending the newsletter, the IP address you used to register for the newsletter as well as the date and time of registration and confirmation, in order to be able to trace possible misuse at a later date.
You can unsubscribe from the newsletter at any time using the link included in each newsletter or by sending an e-mail to the person responsible as described above. Once you have cancelled your subscription, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to the continued use of the data collected or the continued processing is otherwise permitted by law.
The newsletter form was created with the software HubSpot and the dispatch is carried out by HubSpot (for details see above under 4a) Third party tools).
8. Helpdesk Registration
You have the possibility to create a profile in our helpdesk so that you can submit tickets for troubleshooting and feature requests. Behind this is the provider Atlassian with the software JIRA and Confluence. A data processing contract exists between Atlassian and bluetelligence. To create an account, we need your e-mail address and your first and last name. Furthermore, voluntary information may be provided (e.g. telephone number). Mandatory data, which are given for the purpose of registration, are marked in the input mask with an asterisk as mandatory field. The legal basis for data processing with consent is Art. 6 para. 1 lit. a GDPR or Art. 6 para. 1 lit. b GDPR, if the processing is necessary for the provision of the requested services. A change and/or deletion of your user account including the data you have provided can usually be made directly in your user account after logging in or sent to firstname.lastname@example.org.
9. Data Transfer and Recipient
Your personal data will not be transferred to third parties, except
- if we have explicitly pointed this out in the description of the respective data processing.
- if you have given your explicit consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
- if the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
- in the event that there is a legal obligation to pass on the data pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR and
- as far as this is necessary for the processing of contractual relationships with you according to Art. 6 para. 1 sentence 1 lit. b GDPR.
In addition, we use external service providers for the execution of our services, who we have carefully selected and commissioned in writing. They are bound by our instructions and are regularly checked by us. These are service providers for web hosting, the sending of e-mails as well as maintenance and servicing of our IT systems etc. The service providers will not pass on this data to third parties. With these service providers, we have concluded contracts for processing orders in accordance with Art. 28 GDPR.
10. Data Security
In accordance with Art. 32 GDPR and taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the varying probability of occurrence and severity of the risk to the rights and freedoms of natural persons, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk. This website uses SSL encryption for security reasons and to protect the transmission of confidential content.
11. Duration of Storage of Personal Data
The duration of the storage of personal data is determined by the relevant legal retention periods (e.g. from commercial law and tax law). After expiry of the respective period, the corresponding data is routinely deleted. If data is required for the fulfillment of a contract or the initiation of a contract, or if we have a legitimate interest in its further storage, the data will be deleted if it is no longer required for these purposes or if you exercise your right of revocation or objection.
12. Your Rights
In the following, you will find information on the rights of data subjects that the applicable data protection law grants you towards the person responsible for processing your personal data:
- Right of Access by the Data Subject according to Art. 15 GDPR
The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information on the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of rectification, cancellation, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details of the same.
- Right to Rectification according to Art. 16 GDPR
The right to demand, in accordance with Art. 16 GDPR, the immediate correction of incorrect or completion of your personal data stored with us.
- Right to Erasure according to Art. 17 GDPR
The right to demand the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
- Right to Restriction of Processing according to Art. 18 GDPR
The right to demand, in accordance with Art. 18 GDPR, the restriction of the processing of your personal data if the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to delete it and we no longer need the data, but you need the data for the assertion, exercise or defense of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR.
- Notification Obligation according to Art. 19 GDPR
If you have asserted the right to correct, delete or limit the processing of your personal data against us, we are obliged to inform all recipients of your personal data in accordance with Art. 19 GDPR, unless the communication is impossible or involves disproportionate effort. You have the right to be informed about these recipients.
- Right to Data Portability according to Art. 20 GDPR
The right, in accordance with Art. 20 GDPR, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party.
- Right to Lodge a Complaint according to Art. 77 GDPR
The right to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can turn to the supervisory authority of the federal state of our registered office mentioned above or, if applicable, that of your usual place of residence or workplace.
- Right to Withdraw Consents according to Art. 7 Para. 3 GDPR
You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will immediately delete the data concerned, unless further processing cannot be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
13. Right of Objection
If your personal data is processed by us on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right, in accordance with Art. 21 GDPR, to object to the processing of your personal data if this is done for reasons arising from your particular situation. Insofar as the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the need to indicate a special situation.
If you wish to exercise your right of revocation or objection, simply send an e-mail to email@example.com.
14. External Links
Social networks (Facebook, Twitter, Xing, YouTube and Google +) are integrated on our website as links to the corresponding services. After clicking on the embedded text/image link, you will be redirected to the page of the respective provider. Only after this redirection will user information be transferred to the respective provider. From here on, the data protection declaration of the respective pages in social media applies. For information on how your personal data is handled when using these websites, please refer to the respective data protection regulations of the providers you use.
15. Subject to Change
We reserve the right to adapt or update this data protection declaration if necessary, in accordance with the applicable data protection regulations. In this way, we can adapt it to current legal requirements and take into account changes in our services, e.g. when introducing new services. The most current version applies to your visit to our website.
© 2022 bluetelligence GmbH