We ComDocks GmbH (“we” or “us”) are committed to protecting your privacy when you access and use our Websites and use and/or receive our Services and to ensure the security and integrity of your personal data in accordance with applicable data protection laws.
Personal data means any information relating to an identified or identifiable natural person.
A. DATA CONTROLLER
The data controller for the processing of personal data is
- ComDocks GmbH
- c/o The Office Group
- Schopenstehl 13 , 20095 Hamburg
B. COLLECTION OF PERSONAL DATA
We collect your personal data when
- you use our Websites or use and/or receive our Services,
- you contact us via any means, including via phone, email, social media or contact forms,
- you disclose or submit information via channels operated by or for us (including our Websites and Services, blogs and community forums) or register for or log-in to such channels operated by us, and
- third parties (e. g. calendar service providers, social media providers, business partners, users, resellers, subcontractors) provide us with your personal data in accordance with applicable data protection laws.
It is necessary for us to collect personal data in order to offer you our Websites and Services. If you do not provide us with the personal data that we request, we may not be able to offer you our Websites and Services properly.
C. TYPES OF DATA COLLECTED
We may collect the following data of you:
- Contact Data: Personal information such as first name, last name, address, email address, and company information.
- Contract Data: Information relating to any contract between you and us such as customer numbers, contract numbers and contractual dates.
- Transaction Data: Details about transactions made between you and us.
- Payment Data: Information such as bank account data and credit card data.
- Preferences: Information regarding how you wish to interact with us such as information regarding how you wish to be contacted by us and how you wish to use and/or receive our Services.
- Input Data: Information you provide when you contact us or information you disclose or submit within channels operated by or for us (including our Websites, our Services, blogs and community forums) or when you register for or log-in to such channels operated by us.
- Usage Data: Information about how you use and interact on our Websites and in relation to our Services such as type, IP address, IP location and unique device identifiers of your internet access device, information on browser type and version, information on browser plug-in types and versions, log-in data, mobile network information, time zone settings, operating system and platform, URL clickstream to, through and from our Websites and Services, length and time of visit to our Websites and use of our Services, information on what features of our Websites and Services are being used, interactions with user interfaces, page interactions including scrolling and mouseovers.
D. PURPOSES OF PROCESSING | LEGAL BASIS OF PROCESSING | LEGITIMATE INTERESTS
We will only process your personal data insofar as such processing is permissible under applicable laws.
The following table describes for what purposes and on what specific legal basis we process your personal data and – where the processing is based on Art. 6 (1) 1 f) of the EU General Data Protection Regulation (GDPR) – gives details about our legitimate interests for such processing:
The respective legal basis mentioned in the above table is further described as follows:
- 6 (1) 1 a) GDPR: You have given your consent to the processing of your personal data by us.
- 6 (1) 1 b) GDPR: The processing by us is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such contract.
- 6 (1) 1 c) GDPR: The processing is necessary for us to comply with its legal obligations.
- 6 (1) 1 f) GDPR: The processing is necessary for the purposes of legitimate interests pursued by us or a third party, except where your interests or your fundamental rights and freedoms which require the protection of personal data override such legitimate interests.
We use cookie technology on our Websites. When you access and use our Websites, a cookie may be placed within the memory of your internet access device. A cookie is a small piece of data containing alphanumerical information that our Websites can store via your internet access device for later retrieval. We use such cookies to provide you with a personalized and improved user experience.
Our Websites use both transient cookies and persistent cookies.
- Transient cookies: Transient cookies are automatically deleted upon closing of your browser. Such transient cookies also include, in particular, session cookies. Session cookies contain a session identifier, allowing different requests from your browser to be assigned to your particular browsing session and will allow your internet access device to be recognized upon your return to our Websites.
- Persistent cookies: Persistent cookies will be automatically deleted after a specified period of time, which may vary depending on the type of cookie placed. We may use persistent cookies to help us to track use of our Websites, such as the number and frequency of visits to our Websites and which parts of our Websites are visited.
Many browsers accept cookies per default. However, your browser settings can be configured in order to prevent the storage of cookies. You may also delete cookies placed by our Websites at any time within your browser settings. Deactivating the storage of or deleting cookies may limit the functionality of our Websites.
F. RECIPIENTS OF PERSONAL DATA | THIRD-PARTY SERVICES
- Email service providers (Sendinblue GmbH),
- infrastructure providers (Amazon Web Services EMEA SARL),
- electronic signature solution providers (JN PROJECTS Inc.),
- data storage providers (Amazon Web Services EMEA SARL),
- marketing automation technology providers (Pipedrive OÜ, Celonis, Inc., Leadinfo B.V.), and
- data analytics providers (Google Ireland Limited).
Our Websites and Services make use of the following third-party services:
We may also disclose your personal data to third parties, if required by law, e.g., in order to respond to a court or government request.
G. RETENTION TIME
The criteria applied by us to determine the storage period include:
- The period of time over which we provide our Websites and Services to you,
- whether there is a legal retention obligation to which we are subject, and
- whether retention is advisable in view of our legal position.
H. DATA SUBJECT RIGHTS
You have the following rights under the GDPR with regards to the processing of your personal data:
- The right to obtain confirmation as to whether or not your personal data is being processed and, where that is the case, access to such personal data and certain relevant information. Such information includes, inter alia, the purposes of processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data is been or will be disclosed (Art. 15 GDPR). Please note that the rights and freedoms of other individuals may restrict your right of access.
- The right to obtain the rectification and completion of your personal data, where such data is inaccurate or incomplete (Art. 16 GDPR).
- The right to obtain the erasure of your personal data without undue delay under certain circumstances (“right to be forgotten”) (Art. 17 GDPR).
- The right to obtain the restriction of processing of your personal data under certain circumstances (Art. 18 GDPR).
- The right to receive your personal data in a structured, commonly used and machine-readable format and the right to transmit such data to another controller without hindrance from us (Art. 20 GDPR).
- The right to object to the processing of your personal data in certain circumstances, where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller pursuant to Art. 6 (1) 1 e) GDPR, is based on legitimate interests of us or a third party pursuant to Art. 6 (1) 1 f) GDPR, or such personal data is processed for direct marketing purposes (Art. 21 GDPR).
- The right to withdraw, at any time, any consent you had previously provided to us regarding our processing of your personal data. Such withdrawal will not affect the lawfulness of the processing prior to your withdrawal.
Irrespective of the above rights, you have the right to lodge a complaint with a competent supervisory authority.
I. CROSS-BORDER TRANSFERS
J. DATA SECURITY
We have established a privacy program designed to help protect your personal data. We maintain reasonable administrative and technical safeguards intended to protect against the loss, misuse, unauthorized access, alteration, or disclosure of your personal data. All data is securely stored and can only be accessed by entitled employees of us.
K. SENSITIVE DATA
We ask that you not disclose sensitive information (e.g. political opinions, religion, health, genetic or biometric information) to us through or in connection with our Websites and Services unless we have explicitly requested such disclosure from you.
Please contact us at firstname.lastname@example.org