act’o-soft Logo

Privacy information for visitors to the website

I. Introduction

Responsible body
We, act'o-soft GmbH Informationssysteme, Brackweder Str. 51, 33790 Halle (Westf.), phone: +49 5201 18047 0, e-mail: post@actosoft.de, as the responsible party, would like to explain to you below what data we process from you and how.

Data Protection Officer

If you have any questions regarding data protection, please contact our data protection officer Thomas Werning.

 

He can be reached at:
werning.com GmbH - Dieselstraße 12 - 32791 Lage,
E-mail: datenschutz@actosoft.de, Tel.: +49 5232 980-4700

 

Below you will find information on which personal data (this is all data that identifies or makes identifiable you as a natural person (hereinafter "data subject"), such as name, address, e-mail address or also user behaviour) we collect during your visit to our site and how this is used. Data subjects are visitors to our website and users of our online services.

 

Data Security/Encryption
This website uses "Hypertext Transfer Protocol Secure" (https). The connection between your browser and our server is encrypted.

II. Data subject rights

Your rights as a person affected by data processing

Right of appeal
If you are of the opinion that the processing of personal data concerning you violates the General Data Protection Regulation, you have the right to lodge a complaint with the data protection supervisory authority responsible for us, the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia, https://www.ldi.nrw.de/, as well as with any other data protection supervisory authority.

Right of revocation
Consents given can be revoked by you with effect for the future in accordance with Art. 7 DSGVO.

Right to information, deletion and correction
Pursuant to Art. 15 DSGVO, you have the right to obtain information about the personal data stored about you - including any recipients and the planned storage period. If incorrect personal data is processed, you have the right of rectification in accordance with Art. 16 of the GDPR. If the legal requirements are met, you can request the deletion or restriction of processing as well as object to the processing (Art. 17, 18 and 21 DSGVO).

If you wish your data to be deleted but we are still legally obliged to retain it, access to your data will be restricted (blocked). The same applies in the event of an objection. You can exercise your right to data portability insofar as the technical possibilities are available to the recipient and to us.

Mr. Thomas Werning will be happy to be your contact person regarding your data subject rights under the above contact details.

Obligation to provide
Without correct information from you, it is generally not possible to conclude a contract.

Automated decision making and profiling
Does not currently take place.

Intention to process in third countries
Does not currently take place.

Categories of recipients
Within the scope of providing special services, we use service companies which we have separately committed to secrecy and data protection. Access to personal data cannot be excluded in this context.

These categories of recipients are:

Processors used by us (Art. 28 DSGVO), in particular in the area of IT services, taxes, logistics and printing services, who process your data for us in accordance with instructions.

Public bodies and institutions (tax authorities) in the event of a legal or official obligation.

Other bodies for which you have given us your consent to transfer data.

Data will only be passed on to the authorities if overriding legal provisions apply.

III. Here you will find information about data processing on our website.

III. 1. Website general

Purposes of the processing
Presentation of the company, provision of services and/or sale of products as well as communication via the Internet. The purpose of data processing on this website is to provide information about products and services of our company and, if necessary, to process applications with the possibility for users to contact the contact persons in the company in a targeted manner.

 

General
Insofar as you have provided us with personal data, we use this to answer your enquiries, to advise you and process contracts concluded with you and for technical administration. Your personal data will only be passed on or transmitted to third parties if this is necessary for the purpose of processing the contract, if this is necessary for accounting purposes or if you have given your prior consent. You have the right to revoke your consent at any time with effect for the future, see "Right of revocation".

 

The legal basis for the collection, processing and forwarding of the data is Art. 6 para. 1 lit. b DSGVO in the context of contract processing.

This data is deleted after expiry of the applicable statutory retention obligations. Insofar as we are not subject to any statutory retention obligations, the data will be deleted when the purpose ceases to apply.

You have the right to information and the right to object to your data stored by us at any time. You can find further information under "Data subject rights" and "Right of revocation".

 

III. 2. Server data collection

Purpose of processing
When you visit our site, various data (server statistics) are automatically stored that your browser transmits to our provider's server: Among other things, the IP address of your device, date and time of access, name and URL of accessed files, website (from which access is made or from which you were directed to our site (referrer URL)), browser used and, if applicable, the operating system of your device as well as the name of your provider are logged.

The aforementioned data is processed by us for the purpose of smooth connection set-up and system security. This data is not merged with other data sources. The IP address is anonymised. The accruing connection data is automatically deleted, usually after a maximum of seven days. If the website is misused, log data whose further storage is necessary for evidence purposes will be retained until the incident has been clarified.

The legal basis  is Art. 6 para. 1 lit. f DSGVO and § 25 para. 2 TDDDG (in this case, however, only data such as browser or header information is transmitted inevitably or due to (browser) settings of the terminal device when calling up our website). This is not to be considered as "access to information already stored in the terminal device". Our legitimate interest according to Art. 6 (1) lit. f DSGVO results from the fact that we want to ensure secure operation of the website and detect any attacks.

 

III. 3. By e-mail

Purpose of the processing
Providing the telephone number for a callback is optional. If you send us a contact request by e-mail, we collect and store the e-mail address and the data contained in the e-mail.

 

The legal basis  is Art. 6 para. 1 lit. a DSGVO as you consent to the above-mentioned processing of your data when sending an e-mail. In addition, the legal basis also results from Art. 6 para. 1 lit. b DSGVO as the storage of the data is necessary for the fulfilment of a pre-contractual or possibly later contractual relationship.

The deletion of the data takes place when the purpose of the storage has ceased to exist, i.e. after answering your e-mail enquiry or when the matter connected with the enquiry has been conclusively clarified.

You have the right to withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent.

You can find information on the right to deletion and information under "Data subject rights".

 

III. 4 Cookies

Our Internet pages use so-called ‘cookies’. Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.

Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies can be used to analyse user behaviour or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

You can find out which cookies and services are used on this website in this privacy policy.

III. 4 Consent with Borlabs Cookie

Our website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, in which the consent you have given or the revocation of this consent is stored. This data is not passed on to the provider of Borlabs Cookie.

The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

III. 5 Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is summarised in a user ID and assigned to the respective end device of the website visitor.

We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modelling approaches to supplement the data records collected and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

IP anonymisation

Google Analytics IP anonymisation is activated. This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Google signals

We use Google signals. When you visit our website, Google Analytics records your location, search history and YouTube history as well as demographic data (visitor data), among other things. This data can be used for personalised advertising with the help of Google Signal. If you have a Google account, the visitor data from Google Signal is linked to your Google account and used for personalised advertising messages. The data is also used to compile anonymised statistics on the user behaviour of our users.

III. 6 Google Ads

The website operator uses Google Ads. Google Ads is an online advertising programme of Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display adverts in the Google search engine or on third-party websites when the user enters certain search terms into Google (keyword targeting). Furthermore, targeted adverts can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analysing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https: //policies.google.com/privacy/frameworks and https://business.safety.google/controllerterms/.

The company is certified in accordance with the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

III. 7 Google Ads Remarketing

This website uses the functions of Google Ads Remarketing. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

With Google Ads Remarketing, we can assign people who interact with our online offer to specific target groups in order to subsequently display interest-based advertising in the Google advertising network (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Ads Remarketing can be linked to Google's cross-device functions. In this way, interest-based, personalised advertising messages that have been adapted to you depending on your previous usage and surfing behaviour on one end device (e.g. mobile phone) can also be displayed on another of your end devices (e.g. tablet or PC).

If you have a Google account, you can object to personalised advertising by clicking on the following link: https://adssettings.google.com/anonymous?hl=de.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Further information and the data protection provisions can be found in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=de.

The company is certified in accordance with the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Target group formation with customer matching

Among other things, we use Google Ads Remarketing customer matching to create target groups. Here we transfer certain customer data (e.g. email addresses) from our customer lists to Google. If the customers concerned are Google users and are logged into their Google account, they are shown suitable advertising messages within the Google network (e.g. on YouTube, Gmail or in the search engine).

III. 8 Google Conversion Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google conversion tracking, Google and we can recognise whether the user has carried out certain actions. For example, we can analyse which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We find out the total number of users who have clicked on our adverts and what actions they have taken. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification purposes.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

You can find more information about Google Conversion Tracking in Google's privacy policy: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

III. 9. TWIPLA

TWIPLA is a website analysis service that records the data traffic on our website and general information about website visitors. We collect statistics to improve the experience of our website visitors. We never use cookies for this purpose.

As a website operator that uses TWIPLA to measure reach, we may process information about the device you are using and its characteristics, information about technical features of the website visit, the number of page visits and statistically relevant behaviour of our visitors on the website, depending on the level of data protection we have activated. The platform does not use the collected data to identify individual users or to match the data with additional information about an individual user.

Depending on the location from which you access our website, it is possible that TWIPLA will not collect any information about the device you are using due to our technical settings.

IV. Up-to-dateness and amendment of this privacy policy

We reserve the right to amend the content of this privacy policy at any time. This is usually done in the event of further development or adaptation of the services used. You can view the current privacy policy on our website. Status of this declaration: 22.11.2024

Further information on the handling of personal data can be found at

https://www.actosoft.de/en/data-protection-mandatory-information/