‍General privacy policy statement

A. Data privacy objectives

‍At Securovin, we want to ensure that our customers are highly satisfied in every respect. As part of that, we focus in particular on establishing and nurturing a personal relationship with our customers and gearing all other objectives of our company to that. A key part of those relationships is founded on trust. That is why we are fully committed to protecting privacy and the right to protection of data. Our goal is to offer employees, customers and visitors a secure, risk-free service.

In order to ensure that data is processed in compliance with statutory requirements, we gear our processes and their technology to the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other relevant legislation. In particular, we aim to ensure that personal data is collected to an extent no greater than is required for the specific purpose and that it is easy for data subjects to exercise their rights.

This Data Privacy Policy relates to data processing as part of our web offering. Even though we have taken organizational and technical measures to make sure that this offering is protected as comprehensively as possible, it is naturally not possible to completely rule out security loopholes occurring in electronic communication channels. Consequently, visitors to the website are free to obtain information about us, or send information to us, by other means.


‍B. Brief overview of data processing

‍The usage and communication data gathered as a result of your visit to our web offering is processed by us for the purpose of delivering this web offering. It is not used above and beyond that. Additional processing operations may be performed by the integrated third-party services we use to enhance the presentation or functions of this web offering.


‍C. Definitions

Personal data
‍“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

‍Processing
‍“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.Pseudonymization“Pseudonymization” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

Controller
‍“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

‍Processor
‍“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

‍Recipient
‍“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

‍Third-party
‍“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

‍Consent
‍“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.


‍D. General disclosures

Controller
‍The controller within the meaning of the General Data Protection Regulation (GDPR) is the company:

Securovin GmbH
Friedrich-List-Str. 12
97688 Bad Kissingen, Germany
Phone: +49 171 414 77 93
E-mail: info@securovin.com

‍Nature and scope of the processed data
‍In general, usage data (such as websites visited, access times) and communication data (such as browser information, IP addresses) are processed.

‍Browser and server data
‍Please note that your browser transmits information to us only when the website is used. The purpose of that is to ensure that you are technically able to visit the website. The data is required to enable information to be called. The type of information transmitted thus also depends on your settings and technical specifications. That means the following data may be recorded when you access our Internet offering:
- Your IP address
- The time you accessed the website
- The page or name of the file you called (URL)
- Status information (e.g. error codes)
- The amount of data transferred
- Browser information (the web browser and operating system you use, its language setting, etc.)

The data is used for statistical and security-related purposes. It is not passed on to any third party. This Internet offering itself does not use any technologies that are intended to analyze access behavior by individual users. Personal user profiles are not created. The data is stored for the specified purposes for a maximum of seven days.

‍Cookies
‍Cookies are stored on your computer system when you use this offering. Their use is lawful under Section 15 (1) and Section 15 (3) of the German Telemedia Act (TMG) and Article 6 (1) point (f) GDPR. Cookies are small text files that are stored on your hard drive by the browser you use. They send specific information to the party that sets them. Cookies are a technical means of ensuring the website remains operable and of enhancing the user experience. They are used, for example, so that information can be stored across multiple pages.

We use cookies for the following purposes:
- To store user settings.
‍
We use the following types of cookie:
- Transient cookies (temporary use)
- Persistent cookies (use for a limited time)
‍
The latter may be used by third-party providers. The cookies help us to improve our web offering and ensure it is easy to use.

Transient cookies are deleted automatically when you close your browser. Persistent cookies are deleted automatically after a predefined time, which may differ depending on the cookie. The times they are deleted are defined by the third-party provider in question.You can delete the cookies at any time in your browser’s security settings.

You can also set your browser so that it rejects certain or all cookies. However, we point out that if you do so, there may be restrictions to the website’s range of functions. The information obtained using cookies is stored by us separately from other data that may be provided to us. This data is explicitly not linked to your other data.

‍Categories of data subject
‍Visitors to our web offerings are affected by data processing by our website.

‍Purpose of processing
- Delivery of an online presence
- Providing users with means of interaction
- Security measures

‍Length of storage
‍The criterion for the period of time for storing personal data is the respective statutory retention period and the purpose of processing. When this period ends, the data in question is routinely erased, if it is no longer required for achieving the purpose for which it is processed.

The specific storage periods are defined for the individual data processing operations in this Data Privacy Policy.

‍Legal grounds
‍There are several possible legal grounds permitted by the General Data Protection Regulation. First, Article 6 (1) point (a) GDPR is the legal basis for processing operations for which your consent is obtained. The legal basis for processing operations required for steps prior to entering into a contract, such as inquiries about our products and services, is Article 6 (1) point (b) GDPR. In the case of fulfillment of tax-related obligations, processing is based on Article 6 (1) point (c) GDPR. In the case of this web offering, the legal basis for data processing is mainly Article 6 (1) point (f) GDPR. Such processing is permissible if it is necessary to safeguard legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

The specific interests are indicated at the point at which the processing operations are carried out.

‍Technical security measures
‍We maintain up-to-date technical and organizational measures to ensure data security, in particular to protect your personal data against risks during its transfer and to prevent third parties gaining knowledge of it. These measures are updated to reflect the current state of the art.


‍E. Third-party service providers

‍If we allow third parties to process your data as well, that is done solely if authorized by the law and in compliance with statutory provisions. Such authorization may be your consent, a legal obligation or our legitimate interests.

‍Hosting
‍The hosting services we use enable us to provide the following services: Infrastructure and platform services, software tools, computing capacity, storage space and maintenance services we require to operate this online offering.

The hosting provider processes the usage data on the basis of our legitimate interests in effective and secure delivery of this online offering in accordance with Article 6 (1) point (f) GDPR.

The usage data includes the data defined in the section “Nature and scope of the processed data.” This data is erased after seven days.

‍Links to other websites
‍Our Internet presence contains links to third-party websites. This Data Privacy Policy applies only to content of our Internet pages and does not cover the third-party websites to which this site is linked. We have no influence on the lawfulness of the content on those websites, nor how personal data is used by them. If you have questions on the content or data protection policies of such third-party providers, please contact them.
‍
Google Fonts
‍We integrate Google Fonts from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can find the privacy policy of this service at: https://www.google.com/policies/privacy/. A means for you to control processing of your data by the provider is offered at: https://adssettings.google.com/authenticated. We integrate the online maps and navigation service “Google Maps” from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can find the privacy policy of this service at: https://www.google.com/policies/privacy/. A means for you to control processing of your data by the provider is offered at: https://adssettings.google.com/authenticated. This service helps us enhance the visual design of the web offering. Google LLC is certified under the Privacy Shield Framework and so offers a safeguard that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).
Google Analytics
‍
YouTube
‍We use the option of integrating videos stored on the platform “YouTube” from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated . Google LLC is certified under the Privacy Shield Framework and so offers a safeguard that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).
‍
Social plugins – Links
‍Our website contains links to our offers on social media websites. No data is transferred to their platforms through the display of these links. However, should you visit one of these websites, please note that you are leaving the application area covered by this privacy policy with respect to platform operation.


‍F. Download of technical documentation and software
‍Our website offers you the option of downloading technical documentation and software for our products if you provide your contact information. In order to begin the download, you must give us basic work-related data via your contact information. When you send this form, you give your consent to our storage and use of your personal data to improve our service. You also consent to our informing you via e-mail, telephone and postal mail about our products and contacting you about product-related topics. Your data will not be made available to third parties, and will be processed only for the stated purpose for which it was collected. It will be stored in our CRM system for the duration of the legally permitted period for storing the data of prospective customers. The legal basis for that is Article 6 (1) sentence 1 point (a) GDPR. You may revoke your consent at any time. Even if you revoke your consent, you may continue to use the technical documentation and software you have downloaded.


‍G. Contact form
‍You can use the contact form to send a message to our departments. It is primarily used as a means for prospective customers to contact us about our products and services. Please note that your message cannot initially be assigned to a specific recipient, but is instead forwarded by the responsible body to the contact persons at our company. If you wish to address your inquiry directly to a specific contact person without other contact persons at our company gaining knowledge of it, please submit your inquiry over the phone or by regular mail, stating the name of the specific contact person.The only information you must always disclose when sending the contact form is your e-mail address. The other, separately indicated data can be provided optionally and is used to be able to address you personally. If you do not wish to state your name, you can also specify a pseudonym.We erase inquiries if they are no longer required and there is no further legal obligation to retain them. We regularly review whether they are still required; there are also statutory archiving obligations that may apply, in particular under fiscal and commercial law.


‍H. Rights of data subjects
‍You have the right to ask us to inform you about what data we have stored on you at any time, without the need to state reasons why, as well as about its origin and the recipients or categories of recipient to whom the data is disclosed and the purpose for which it is stored. You have the right, at any time, to demand the data we collect concerning you be rectified or erased or processing of it be restricted, as well as to exercise your right to data portability. You also have means of objecting to processing of your data.

‍Rectification, erasure or restriction of processing: You have the right to obtain from Securovin without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

‍Right to object: If processing of personal data concerning you is based on Article 6 (1) point (f) GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of that data. We will no longer process that personal data unless Securovin demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

‍Right to withdraw consent: Where processing is based on your consent, you have the right to withdraw consent at any time, without this affecting the lawfulness of processing based on consent before its withdrawal. To do that, you can get in touch with our Data Protection Officer at any time under the above contact data.

‍Right to erasure: You have the right to obtain from Securovin the erasure of personal data concerning you without undue delay and Securovin has the obligation to erase personal data without undue delay where one of the following grounds applies:
- the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
- you object to the processing and there are no overriding legitimate grounds for the processing;
- the personal data concerning you has to be erased for compliance with a legal obligation in Union or Member State law to which we are subject. This shall not apply if processing is required for compliance with a legal obligation which requires processing by Union or Member State law to which we are subject.

‍Right to restriction of processing: You have the right to obtain from Securovin restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;
- the processing is unlawful and you oppose the erasure of the personal data and request restriction of its use instead;
- Securovin no longer needs the personal data for the purposes of processing, but it is required by you for the establishment, exercise or defense of legal claims, or you have objected to processing pending verification whether our legitimate grounds override yours.
- Where processing of personal data concerning you has been restricted, the data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
If you have obtained restriction of processing, you shall be informed by us before the restriction of processing is lifted.

‍Right to lodge complaints: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the General Data Protection Regulation (GDPR). You can also contact Securovin via:

info@securovin.com

Phone: +49 171 414 77 93

If you have any further questions on our Data Privacy Policy, data protection and processing of your personal data, please do not hesitate to contact us at any time. You can also find more information on the subject of data protection in the Federal Republic of Germany at www.bfd.bund.de.