We place great emphasis on the protection of your personal data that are collected, processed, and used in connection with your visit to our website. This section provides information on which personal data we process, for what purpose, on what basis, and for how long.
Content
Name and Contact Details of the Controller
Controller responsible for the collection and use of personal data in the meaning of data protection law:
Congree Language Technologies GmbH
Tullastraße 62
76131 Karlsruhe
Germany
represented by Stefan Kreckwitz, Managing Director
Telephone: +49 (0) 721 667757-0
Fax: +49 (0) 721 667757-44
E-mail: webmaster@congree.com
Entry in the commercial register:
Register court: Mannheim
Register number: HRB 710819
VAT ID according to Section 27 a of the German VAT Act (UStG):
DE 273 766 880
Further information on our company is available in the legal notice of our website at https://www.congree.com/en/legal-notice/.
Contact Details of the Controller's Data Protection Officer
Data protection officer appointed for the above-mentioned controller:
Markus Geiger
MaGe Solutions GmbH
Lilienstr. 17/1
71272 Renningen
Germany
Telephone: +49 7159 4965728
E-mail: datenschutz@mage-solutions.de
A. General Information con or Processing Personal Data
Generally, the following applies to the processing of personal data by us:
- Where we obtain the consent of the data subject for processing personal data, point (a) of Art. 6 (1) of the General Data Protection Regulation (GDPR) serves as the legal basis for processing personal data.
- Where personal data need to be processed for the performance of a contract with the data subject, point (b) of Art. 6 (1) GDPR serves as the legal basis. This also applies if the processing is required in order to take steps prior to entering into a contract.
- Where personal data need to be processed to comply with a legal obligation to which our company is subject, point (c) of Art. 6 (1) GDPR serves as the legal basis.
- Where personal data need to be processed in order to protect the vital interests of the data subject or those of another natural person, point (d) of Art. 6 (1) GDPR serves as the legal basis.
- If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, point (f) of Art. 6 (1) GDPR serves as the legal basis for the processing.
Note concerning Special Right to Ob
Where we, by way of exception, process personal data on the basis of point (f) of Art. 6 (1) GDPR due to of legitimate interests, you have the right to object to our processing of personal data concerning you at any time for reasons relating to your particular situation. If we cannot demonstrate any compelling legitimate grounds for the further processing that override your interests, rights, and freedoms or if we process the respective data for direct marketing purposes, we will no longer process your data (see Art. 21 GDPR).
An objection in this meaning may also be a technical procedure that you use, e.g. clear technical information that your web browser sends us ("do not track" notification).
Data Erasure and Storage Duration
We erase or block the personal data as soon as the purpose of the storage no longer applies. Moreover, data may be stored if provided for by the European or national legislator in regulations under Union law, laws, or other provisions that we as the controller are subject to. The data will also be blocked if a storage period specified in the said standards ends, unless the data need to continue to be stored for the conclusion or performance of a contract.
In practice, this means:
Where we process personal data on the basis of consent given to the processing of data (point (a) of Art. 6 (1) of the General Data Protection Regulation (GDPR)), the processing will end when you withdraw this consent, unless another legal basis exists for processing the data, which is the case if we, at the time of the withdrawal, are still entitled to process your data for the purpose of the performance of a contract or if the processing of data is required in order to protect our legitimate interests (see below).
Where we, by way of exception, process the data on the basis of our legitimate interests (point (f) of Art. 6 (1) GDPR) according to the previous balancing of interests, we will store these until the legitimate interest no longer exists, the balancing of interests results in a different conclusion, or you effectively object pursuant to Art. 21 GDPR (see highlighted "Note concerning Special Right to Object").
Where we process the data for the performance of a contract, we will store the data until the contract has been performed and settled and no more claims can be asserted under the contract, i.e. until the end of the limitation period. The general limitation period pursuant to Section 195 of the German Civil Code (BGB) is three (3) years. However, certain claims, such as claims for damages, only expire after 30 years. If there is justified reason to assume that this is relevant in the individual case, we will store the personal data for this period. The said limitation periods begin at the end of the year (i.e. on December 31) in which the claim accrues and the creditor learns of the circumstances establishing the claim and of the person of the debtor or should have learned of these if he had not been guilty of gross negligence.
Note: Additionally, we are also subject to statutory retention periods for accounting and tax-related reasons. These require us to retain certain data, which may also include personal data, for a period of six (6) to ten (10) years as accounting evidence. These retention periods have priority over the above-mentioned erasure obligations. The retention periods also begin at the end of the respective year, i.e. on December 31.
Source of the Personal Data
The personal we data we process largely originate directly from the data subjects, e.g. when they
- as users of the website, transmit information about the web browser and the user's technical system, e.g. the IP address;
- request information material or an offer from us (prospective customers);
- place an order or conclude a contract with us (customers);
- request information material, press releases, opinions, etc. (press representatives);
- supply us with goods or perform services etc. for us as agreed (suppliers).
By way of exception, the personal data processed by us may originate from third parties, e.g. when a person acts on behalf of a third party.
Specific Categories, Purposes, and Legal Basis for Processing Personal Data
We process the following categories of personal data:
- Users of our website
- Interested persons
- Press representatives
- Customers
- Suppliers
Depending on the category of data in question, we process personal data for the following purposes and in accordance with the indicated legal basis of the General Data Protection Regulation (GDPR).
User data: Data of users of our website are collected and processed by us on a non-personal basis. We cannot map these data to particular persons. The IP address is only processed in anonymized form. If, by way of exception, personal data should be involved, we process these for the purpose of protecting our legitimate interests on the basis of point (f) of Art. 6 (1) GDPR. Our legitimate interests in this meaning are our interest in the security and integrity of our website and of the data on our web server (especially malfunction and error detection as well as tracking of unauthorized access), marketing interests, and interests in statistical surveys (to improve our website, our services, and our offerings). By balancing the various considerations, we have come to the conclusion that the processing of data is necessary to protect the said legitimate interests and are not overridden by your interests or fundamental rights and freedoms, which require the protection of personal data.
Data of potential customers/press representatives: Where we process data of potential customers of our services or press representatives, this is only done where you enter and submit these data to us by way of an input field or by e-mail. You are free to provide this information. We will only process these data for the purpose of handling your inquiry to us. The processing of these data freely submitted to us for the purpose of obtaining information about our services takes place in the form of processing prior to entering into a contract pursuant to point (b) of Art. 6 (1) GDPR as well as on the basis of the consent given by you through the transmission pursuant to point (a) of Art. 6 (1) GDPR.
Customer data: We process our customers' data for contract processing purposes pursuant to point (b) of Art. 6 (1) GDPR and/or on the basis of consent given pursuant to point (a) of Art. 6 (1) GDPR. This also applies if the processing is required in order to take steps prior to entering into a contract (e.g. for the preparation and negotiation of offers).
Data of suppliers/business partners: We process the data of our suppliers and business partners for contract processing purposes pursuant to point (b) of Art. 6 (1) GDPR and/or on the basis of consent given pursuant to point (a) of Art. 6 (1) GDPR. This also applies if the processing is required in order to take steps prior to entering into a contract (e.g. for the preparation and negotiation of offers).
Recipients/Categories of Recipients of Personal Data
Your personal data will only be forwarded or otherwise transmitted to third parties if this is necessary for the performance of the contract (e.g. to process an order) or for billing purposes (e.g. to handle a payment in connection with the purchase of goods or services) or with your effective prior consent.
Possible categories of recipients:
- Delivery service providers, suppliers
- Payment service providers, banks
Data Processing in Connection with Newsletters
On our website or by sending us a request, you can subscribe to a free newsletter. We only send this newsletter on the basis of the recipients' consent or a statutory permission. If, within the scope of the subscription to the newsletter, its contents are specified in detail, these shall be relevant to the consent given by the users. Apart from this, our newsletters contain information about news, products, events, and subjects related to our business as well as language technology, translation services, and language technologies in general.
The data you enter in the input screen when subscribing to the newsletter are sent to us. These are:
- E-mail address
- Your first name and last name
Additionally, subscription to the newsletter involves the collection of the following data:
- IP address of the user
- Date and time of the registration
The newsletter subscriptions are logged in order to be able to demonstrate the subscription process in accordance with legal requirements. Moreover, the logging serves the prevention of abuse of the services and of the data subject's e-mail address.
The subscription to our newsletter takes place by means of a double opt-in procedure, i.e. upon subscription, you will receive an e-mail requesting you to confirm your subscription. This confirmation is necessary in order to prevent others from subscribing with your e-mail address.
In the course of the subscription process, your consent to the processing of the data will be obtained, and reference will be made to this Privacy Policy.
If you purchase goods or services on our website and enter your e-mail address while doing so, the e-mail address may subsequently be used for the delivery of a newsletter. In such a case, the newsletter will only contain direct advertising for similar goods or services of our company.
The data will not be forwarded to any third parties. However, this does not apply if the data need to be forwarded due to a statutory obligation. The data will be used exclusively for the purpose of delivering the newsletter.
Use of the Delivery Service Provider CleverReach
The newsletters are delivered via CleverReach, a newsletter delivery service provider of CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany.
The e-mail addresses of our newsletter recipients as well as their other data as described herein are stored on the servers of CleverReach. CleverReach uses this information for the delivery and analysis of the newsletters on our behalf. Moreover, CleverReach may use these data for the purpose of optimizing or improving its own services, e.g. for the technical optimization of the transmission and display of the newsletters or to determine which countries the recipients come from. However, CleverReach does not use the data of our newsletter recipients for the purpose of contacting them directly and does not forward these data to any third parties.
You can view the privacy policy of CleverReach here: https://www.cleverreach.com/en/privacy-policy/
CleverReach uses secure data centers that make use of state-of-the-art electronic monitoring and multi-factor access control systems. A TÜV-certified information security management system ensures data security and due compliance with data protection. The utilized data centers have submitted to independent certifications and audits. For further information on the data security at the provider CleverReach, see: https://www.cleverreach.com/en/data-security/
We have concluded an outsourced processing agreement with CleverReach. Under this agreement, CleverReach undertakes to protect the data of our users, to process them on our behalf according to its data protection provisions, and especially not to forward them to any third parties.
Statistical Surveys and Analyses
The newsletters contain a so-called "web beacon", i.e. a pixel-size file that is queried by the CleverReach server when the newsletter is opened. Within the scope of this query, technical information such as information about the browser and your system as well as your IP address and the access time, is collected. This information is used for the technical improvement of the services on the basis of the technical data, target groups and their reading behavior, access locations (which can be determined with the help of the IP address), and access times.
Statistical surveys also include the determination whether the newsletters have been opened, when they were opened, and which links are clicked. Though it is technically possible to map this information to the individual newsletter recipients, neither we nor CleverReach intends to monitor individual users. Rather, the analyses enable us to understand our users' reading habits and adapt our content to their needs or to send different content depending on our users' fields of interest.
Accessing the Website of CleverReach
In certain cases, we redirect the newsletter recipients to the CleverReach website. For example, our newsletters contain a link with which newsletter recipients can retrieve the newsletters online (e.g. if they are not displayed correctly in the e-mail program). Moreover, newsletter recipients can correct their data (e.g. the e-mail address) retroactively.
In this connection, please note that cookies are used on the CleverReach web pages and personal data are thus processed by CleverReach, its partners, and its service providers. This collection of data is beyond our control.
For more information, please refer to the privacy policy of CleverReach: https://www.cleverreach.com/en/privacy-policy/
Purpose of the data processing: The collection and processing of the user's e-mail address serves the delivery of the newsletter. We use the e-mail address for advertising purposes.
The collection of other personal data in the course of the subscription process serves the prevention of abuse of the services and of the utilized e-mail address.
Legal basis for processing the data: The legal basis for processing the data following the user's subscription to the newsletter with the user's consent is point (a) of Art. 6 (1) GDPR.
The legal basis for sending the newsletter due to the sale of goods or services is Section 7 (3) of the German Unfair Competition Act (UWG).
The other personal data collected during the subscription process are processed on the basis of legitimate interests pursuant to point (f) of Art. 6 (1) GDPR. In this context, our legitimate interest consists of the prevention of abuse of our services, web server, mail server, and e-mail address. With respect to the disclosure of the first name and last name, our legitimate interest consists of the personalization of the newsletter and the associated possibility of addressing the recipient directly.
Duration of the storage: The data will be erased as soon as they are no longer needed for the purpose of their collection. Accordingly, the user's e-mail address will be stored for as long as the newsletter subscription remains active.
The other personal data collected during the subscription process are usually deleted after seven days.
Objection and removal: The user can cancel the newsletter subscription informally and free of charge whenever he wishes. A link for this purpose is provided in every newsletter.
This also enables the withdrawal of the consent to the storage of the personal data collected during the subscription process.
B. Scope of the Processing of Personal Data via Our Website
As a matter of principle, we only collect and use personal data of the users of our website to the extent required for providing an operable website and our content and services. Usually, personal data of our users are collected and used only after the user gives his consent. An exception applies in cases in which, for valid reasons, it is not possible to obtain prior consent and/or the processing of the data is permitted by statutory regulations.
Provision of the Website and Creation of Log Files
When the website is accessed, our system automatically collects data and information for technical reasons. These are saved to the server's log files. These are:
- Access date and time
- URL (address) of the referring website
- Web pages that are accessed by the user's system via our website (outbound URLs)
- Screen resolution of the user
- Requested language and fallbacks
- Accessed file(s), contents, and notification about the success of the access
- Volume of the retrieved/transmitted data (upload and download)
- Browser, browser type and browser version, browser engine and engine version
- Operating system, operating system version, operating system type
- IP address of the user
These data are processed separately from other data. These data are not processed together with other personal data of the user. We cannot map these data to a particular person.
Purposes of the data processing: The temporary processing of the data by the system is necessary in order to enable delivery of the content of our website to the user's computer. For this, the user's IP address must be stored for the duration of the session.
The objective of the storage in log files is to ensure the operability of the website. Moreover, we use the data to optimize our offering and the website and to ensure the security of our information technology systems. In this connection, the data are not analyzed for any marketing purposes.
Legal basis for processing the data: The temporary storage of the data and of the log files takes place on the legal basis of point (f) of Art. 6 (1) GDPR. Our overriding legitimate interest in this data processing lies in the above-mentioned purposes.
Duration of the storage: The data will be erased as soon as they are no longer needed for the purpose of their collection. Where the data are collected to provide the website, this is the case as soon as the respective session ends. Where data are stored in log files, this is the case after no more than seven days. However, the data may continue to be stored. In this case, the IP addresses of the users will be deleted or anonymized so that the requesting client can no longer be mapped.
Objection and removal: The collection of data to provide the website and the storage of data in log files is necessary for the operation of the website. Accordingly, the user cannot object to this.
Contact Forms and E-Mail Contact
Our website features contact forms that can be used for electronic contacts. If a user makes use of this option, the data entered in the input screen will be transmitted to us and stored by us.
Data in the contact request form:
- Last name
- E-mail address
- Free text field for your message to us
- Salutation (optional)
- Title (optional)
- First name (optional)
- Preferred date and telephone number for quick contact (optional)
Data in the form for making an appointment for a product demonstration:
- Last name
- E-mail address
- Free text field for your message to us
- Salutation (optional)
- Title (optional)
- First name (optional)
- Preferred date and telephone number for quick contact (optional)
- Free text field for further comments (optional)
Data in the support request form:
- First name and last name
- E-mail address
- Company
- Position
When the message is transmitted, the following data are stored additionally:
- IP address of the user
- Date and time of the transmission
In the course of the transmission process, your consent will be obtained for processing the data, and attention will be drawn to our legitimate interest in the data processing. You will be informed once again about the data processing and be referred to this Privacy Policy.
Alternatively, contact may be established via the provided e-mail address. In this case, the user's personal data that are transmitted in the e-mail will be stored.
In this context, the data will not be forwarded to any third parties. The data will only be used for the purpose of processing the conversation.
Purposes of the data processing: The processing of the personal data from the input screen exclusively serves our processing of the contact and your inquiry. In the event of a contact, this also represents the legitimate interest in processing the data.
The other personal data processed during the transmission process serve the prevention of abuse of the contact form and the security of our IT systems.
Legal basis for processing the data: If consent has been given by the user, point (a) of Art. 6 (1) GDPR is the legal basis for processing the data. Otherwise, our legitimate interest in processing the data pursuant to point (f) of Art. 6 (1) GDPR is the legal basis for the processing.
If the contact or your request aims at the conclusion of a contract, point (b) of Art. 6 (1) GDPR is an additional legal basis for the processing (steps prior to entering into a contract).
If a contract already exists (e.g. in the event of a support request), we process the data for the performance of the contract pursuant to point (b) of Art. 6 (1) GDPR.
Duration of the storage: The data will be erased as soon as they are no longer needed for the purpose of their collection.
For the personal data from the input screen of the contact form and those transmitted by e-mail, this is the case when the respective conversation with the user is finished. The conversation will be deemed finished as soon as the circumstances imply that the respective matter has been conclusively clarified.
The personal data collected additionally during the transmission process will be erased after no more than seven days.
Where data are processed for the performance of a contract, we will erase the data at the latest when the contract is terminated and no more claims can be asserted under the contract.
Objection and removal: The user may withdraw any previously granted consent to the processing of personal data or object to the further data processing due to legitimate interests (see "Note concerning Special Right to Object" above). In such a case, the conversation cannot be continued.
The withdrawal of consent or the objection to the further processing of the data can be declared by sending us an informal notice (e.g. by e-mail).
In this case, all personal data stored in connection with the contact will be erased.
Where the data processing may be (partially) continued on other legal bases (e.g. for the performance of contracts), the data to which this applies will continue to be processed in a permissible way.
Use of Cookies
When individual pages are accessed, we set so-called "cookies". These are little text files that are stored on the user's device (PC, smartphone, tablet). When a user accesses a website, a cookie may be saved to the user's operating system. This cookie contains a specific character sequence that enables unique identification of the browser when the website is accessed again.
Additionally, third-party cookies might be used. If this is the case, we will inform you separately in this Privacy Policy under the sections concerning the individual third-party provider tools (e.g. analysis tools, plugins, etc.).
We use cookies in order to make our website more user-friendly. Some elements of our website require the identification of the accessing browser even after going to a different page. In this context, the following data are stored in cookies and transmitted:
- Language settings
- Selection of the time zone to display time information (converted to the user's time zone)
- Server user session cookie to map server sessions to the respective visitor in order to enable the processing of scripts (pure session cookie that is deleted after the user's session/concerns all forms on the website, e.g. contact form and newsletter form).
When accessing our website, the user is informed about the use of cookies for analysis purposes, and his consent is obtained for the processing of the personal data used in this connection. In this context, reference is also made to this Privacy Policy.
Purpose of the data processing: The purpose of the use of technically necessary cookies is to facilitate the use of the website for the user. Some of the functions of our website cannot be offered without the use of cookies. For this, it is necessary for the browser to be recognized even after switching pages.
We need cookies for the following applications:
- To apply language settings
- To apply the user's time zone
The user data collected by technically necessary cookies are not used for the purpose of creating user profiles.
The use of the analysis tools and/or of the analysis cookies serves the purpose of improving the quality of our website and its content. By means of the analysis cookies, we learn how the website is used and can thus continually optimize our offering.
Legal basis for processing the data: The legal basis for processing personal data using cookies is point (f) of Art. 6 (1) GDPR, i.e. a legitimate interest on our part. Our legitimate interest lies in the purposes specified above.
Where the user has given his consent, the legal basis for processing personal data using cookies for analysis purposes is also point (a) of Art. 6 (1) GDPR.
Duration of the storage, objection and removal: Some of the cookies we use are deleted from your hard disk after the end of the browser session (so-called "session cookies"). Other cookies remain on your device and enable us or our partner companies to recognize your browser the next time you visit the website (persistent cookies).
Cookies are stored on the user's computer, from where they are transmitted to us. Thus, you as the user have full control over the use of cookies. You can deactivate or limit the transmission of cookies by changing the settings of your web browser. Previously stored cookies can be deleted whenever you wish. This can even take place automatically. We will construe such a "do not track" setting of your browser as an objection to the further collection and use of your personal data. Note: If cookies are deactivated for our website, it might no longer be possible to fully use all functions of the website.
C. Rights of Data Subjects
Where personal data relating to you are processed, you are the "data subject", and as such have the following rights vis-à-vis us as the controller:
Right of Access
You have the right to obtain from us confirmation, free of charge, as to whether or not personal data concerning you are being processed by us. Where that is the case, you have a right of access to the personal data and further information pursuant to Art. 15 GDPR. For this purpose, you can contact us by mail or e-mail.
Right to Rectification
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement. For this purpose, you can contact us by mail or e-mail.
Right to Erasure
You have the right to obtain the erasure of personal data concerning you without undue delay where one of the grounds specified in Art. 17 GDPR applies. For this purpose, you can contact us by mail or e-mail.
Right to Restriction of Processing
You have the right to obtain from us restriction of processing where one of the grounds specified in Art. 18 GDPR applies. For this purpose, you can contact us by mail or e-mail.
Right to Notification
If you have asserted the right to rectification, erasure, or restriction of processing vis-à-vis us, we shall communicate this rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
You have a right vis-à-vis us to be notified about these recipients.
Right to Data Portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance by us where the grounds specified in Art. 20 GDPR apply. For this purpose, you can contact us by mail or e-mail.
Right to Object in the Case of Processing due to Our Legitimate Interests
Where we, by way of exception, process personal data on the basis of point (f) of Art. 6 (1) GDPR (i.e. for the purposes of legitimate interests), you have the right to object to our processing of personal data concerning you at any time for reasons relating to your particular situation. If we cannot demonstrate any compelling legitimate grounds for the further processing that override your interests, rights, and freedoms or if we process the respective data for direct marketing purposes, we will no longer process your data (see Art. 21 GDPR). For this purpose, you can contact us by mail or e-mail. An objection in this meaning may also be a technical procedure that you use, e.g. clear technical information that your web browser sends us ("do not track" notification).
Right to Object if Consent Has Been Granted
You may revoke any previously granted consent to the collection and use of personal data at any time with effect for the future. For this purpose, you can contact us by mail or e-mail. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Automated Decision-Making including Profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless the decision is necessary for entering into, or performance of, a contract between you and us, is authorized by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or is based on your explicit consent.
Freedom of Provision of Data
If the provision of personal data is required by law or contract, we will always indicate this when collecting the data. Some of the data collected by us are required for the conclusion of a contract, namely if we could otherwise not or not sufficiently fulfill our contractual obligation toward you. You are under no obligation to provide personal data. However, in the event of non-provision, we might be unable to perform or offer a service, action, measure, etc. requested by you or conclude a contract with you.
Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other rights, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes data protection law.
Revision: May 2018
Data Protection Information for Existing and Prospective Customers
pursuant to Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR)
We attach a lot of importance to data protection. Below, we inform you how we process your data and which rights you have.
1. Who Is Responsible for the Data Processing and Whom Can You Contact?
Congree Language Technologies GmbH
Stefan Kreckwitz
Tullastraße 62
76131 Karlsruhe
Germany
2. Contact Details of the Data Protection Officer
datenschutz@mage-solutions.de
3. Purpose of the Processing and Legal Basis
Your personal data are processed according to the provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other relevant data protection regulations. The processing and use of the individual data depends on the agreed or requested service. Please refer to our contract documents, forms, declarations of consent, and other information provided to you (e.g. on the website or in the general terms and conditions) for further details and explanations concerning the purposes of the processing.
3.1 Consent (Point (b) of Art. 6 (1) GDPR)
If you have given us your consent to the processing of personal data, the consent constitutes the legal basis for the respective processing.You can withdraw your consent at any time with effect for the future.
3.2 Performance of Contractual Obligations (Point (b) of Art. 6 (1) GDPR)
We process your personal data for the performance of our contracts with you, i.e. especially for the performance of software maintenance, software support, and other services associated with our software.Additionally, your personal data are processed for the performance of measures and activities within the scope of pre-contractual relationships.
3.3 Compliance with Legal Obligations (Point (c) of Art. 6 (1) GDPR)
We process your personal data where this is necessary for the compliance with legal obligations (e.g. commercial/tax laws).In particular, this concerns the archiving of data for data protection and data security purposes and audits conducted by tax authorities and other authorities. Furthermore, it may be necessary to disclose personal data within the scope of official/judicial measures for the purpose of furnishing proof, prosecution, or enforcement of claims under civil law.
3.4 Legitimate Interests of Us or Third Parties (Point (f) of Art. 6 (1) GDPR)
Furthermore, based on a balancing of interests, we may use your personal data to protect our legitimate interests or those of third parties.This is done for the following purposes:
- For advertising or market research, unless you have objected to the use of your data
- To obtain information and engage in data exchange with credit agencies, if this exceeds our economic risk
- For the restricted storage of your data, if erasure proves impossible or involves disproportionate effort due to the special type of storage
- To further develop services and products as well as existing systems and processes
- To disclose personal data in the course of a due diligence, e.g. in the event of a merger or acquisition
- To enrich our data by using or researching publicly accessible data
- For statistical or market analyses
- To assert legal claims and for the defense in legal disputes not directly associated with the contractual relationship
- For internal and external investigations and/or security checks
- For the certification of official matters or matters under private law
4. Categories of Personal Data Processed by Us
The following data are processed:
- Personal details (name, marital status, profession/industry, and similar data)
- Contact details (address, e-mail address, telephone number, and similar data)
- Customer history
Additionally, we process personal data from public sources (e.g. Internet, media, press).
5. Who Receives Your Data?
We forward your personal data within our company to the units that need these data for the performance of contractual and statutory obligations and for pursuing our legitimate interests.
Additionally, the following bodies may receive your data:
- Processors engaged by us (Art. 28 GDPR), especially in the field of support for IT applications
- Public bodies and institutions, if a statutory or official obligation is on hand according to which we must provide, report, or forward data or the forwarding of the data serves public interests
- Bodies and institutions due to our legitimate interests or the legitimate interests of the third party for the purposes specified in section 3.4 (e.g. authorities, credit agencies, debt collection agencies, lawyers, courts, appraisers, affiliated companies, committees, and supervisory authorities)
- Other bodies for which you have given your consent to the transmission of data
6. Transmission of Data to Third Countries or an International Organization
No data are processed outside the EU/EEA.
7. For How Long Do We Store Your Data?
To the extent necessary, we process your personal data for the duration of our business relationship; this also includes the initiation and winding-up of a contract.
Moreover, we are subject to various retention and documentation obligations, e.g. under the German Commercial Code (HGB) and the German Tax Code (AO). The retention and document periods stipulated therein amount to up to 10 years after the end of the business relationship or pre-contractual legal relationship.
Finally, the storage period is also determined by the statute of limitations, which e.g. pursuant to Sections 195 ff of the German Civil Code (BGB), usually amount to three years but may amount to up to 30 years in certain cases.
8. Does Automated Individual Decision-Making (Including Profiling) Take Place?
We do not use any fully automated individual decision-making procedures pursuant to Art. 22 GDPR. Should we use these procedures in individual cases, we will inform you of this separately insofar as this is required by law.
9. Your Data Protection Rights
You have the right of access pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Art. 17 GDPR, the right to restriction of processing pursuant to Art. 18 GDPR, and the right to data portability pursuant to Art. 20 GDPR. Furthermore, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Art. 77 GDPR. As a matter of principle, you have the right to object to our processing of personal data pursuant to Art. 21 GDPR. However, this right to object only applies if particular circumstances of your personal situation are on hand; rights of our company may override your right to object. To exercise one of these rights, please contact our data protection officer (geiger@mage-solutions.de).
10. Extent of Your Obligation to Give Us Your Data
You merely need to provide the data that are required for initiating and performing a business relationship or a pre-contractual relationship with us or that we are required to collect by virtue of law. Without these data, we are usually unable to conclude or perform a contract. This may also pertain to data required later on within the scope of the business relationship. Where we request data from you beyond this scope, you are expressly informed that this is voluntary.
11. Information on Your Right to Object (Art. 21 GDPR)
You may at any time object to the processing of your data on the basis of point (f) of Art. 6 (1) GDPR (processing of data on the basis of balancing of interests) or point (e) of Art. 6 (1) GDPR (data processing in the public interest), especially if there are grounds relating to your particular situation. This also applies to any profiling on the basis of this provision in the meaning of Art. 4 no. 4 GDPR.
If you object, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
We may also process your personal data for direct advertising purposes. If you do not want to receive any advertising, you can object to this at any time. This also applies to profiling insofar as it is associated with such direct advertising. We will observe this objection for the future.
We will no longer process your data for direct advertising purposes if you object to the processing for these purposes.
The objection can be sent to the address specified in section 1 without complying with any formal requirements.
12. Your Right to Lodge a Complaint with the Responsible Supervisory Authority
You have the right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR). The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart
Data Protection Information for Suppliers
pursuant to Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR)
We attach a lot of importance to data protection. Below, we inform you how we process your data and which rights you have.
1. Who Is Responsible for the Data Processing and Whom Can You Contact?
Congree Language Technologies GmbH
Stefan Kreckwitz
Tullastraße 62
76131 Karlsruhe
Germany
Contact Details of the Data Protection Officer
3. Purpose of the Processing and Legal Basis
Your personal data are processed according to the provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other relevant data protection regulations. The processing and use of the individual data depends on the agreed or requested service. Please refer to our contract documents, forms, declarations of consent, and other information provided to you (e.g. on the website or in the general terms and conditions) for further details and explanations concerning the purposes of the processing.
3.1 Consent (Point (b) of Art. 6 (1) GDPR)
If you have given us your consent to the processing of personal data, the consent constitutes the legal basis for the respective processing. You can withdraw your consent at any time with effect for the future.
3.2 Performance of Contractual Obligations (Point (b) of Art. 6 (1) GDPR)
We process your personal data for the performance of our contracts with you, specially when processing orders and utilizing your services. Additionally, your personal data are processed for the performance of measures and activities within the scope of pre-contractual relationships.
3.3 Compliance with Legal Obligations (Point (c) of Art. 6 (1) GDPR)
We process your personal data where this is necessary for the compliance with legal obligations (e.g. commercial/tax laws). In particular, this concerns the archiving of data for data protection and data security purposes and audits conducted by tax authorities and other authorities. Furthermore, it may be necessary to disclose personal data within the scope of official/judicial measures for the purpose of furnishing proof, prosecution, or enforcement of claims under civil law.
3.4 Legitimate Interests of Us or Third Parties (Point (f) of Art. 6 (1) GDPR)
Furthermore, based on a balancing of interests, we may use your personal data to protect our legitimate interests or those of third parties. This is done for the following purposes:
- To obtain information and engage in data exchange with credit agencies, if this exceeds our economic risk
- For the restricted storage of your data, if erasure proves impossible or involves disproportionate effort due to the special type of storage
- To assert legal claims and for the defense in legal disputes not directly associated with the contractual relationship
- For internal and external investigations and/or security checks
- For the certification of official matters or matters under private law
- To ensure and pursue our domestic authority by means of suitable measures (e.g. video surveillance)
4. Categories of Personal Data Processed by Us
The following data are processed:
- Personal details (name, profession/industry, and similar data)
- Contact details (address, e-mail address, telephone number, and similar data)
- Payment/cover confirmation for bank and credit cards
- Information about your financial situation (credit rating, i.e. data to assess the economic risk)
- Supplier/history
5. Who Receives Your Data?
We forward your personal data within our company to the units that need these data for the performance of contractual and statutory obligations and for pursuing our legitimate interests.
Additionally, the following bodies may receive your data:
- Processors engaged by us (Art. 28 GDPR), especially in the field of
- IT services
- Public bodies and institutions, if a statutory or official obligation is on hand according to which we must provide, report, or forward data or the forwarding of the data serves public interests
- Bodies and institutions due to our legitimate interests or the legitimate interests of the third party for the purposes specified in section 3.4 (e.g. authorities, credit agencies, debt collection agencies, lawyers, courts, appraisers, affiliated companies, committees, and supervisory authorities)
- Other bodies for which you have given your consent to the transmission of data
6. Transmission of Data to Third Countries or an International Organization
No data are processed outside the EU/EEA.
7. For How Long Do We Store Your Data?
To the extent necessary, we process your personal data for the duration of our business relationship; this also includes the initiation and winding-up of a contract.
Moreover, we are subject to various retention and documentation obligations, e.g. under the German Commercial Code (HGB) and the German Tax Code (AO). The retention and document periods stipulated therein amount to up to 10 years after the end of the business relationship or pre-contractual legal relationship.
Finally, the storage period is also determined by the statute of limitations, which e.g. pursuant to Sections 195 ff of the German Civil Code (BGB), usually amount to three years but may amount to up to 30 years in certain cases.
8. Does Automated Individual Decision-Making (Including Profiling) Take Place?
We do not use any fully automated individual decision-making procedures pursuant to Art. 22 GDPR. Should we use these procedures in individual cases, we will inform you of this separately insofar as this is required by law.
9. Your Data Protection Rights
You have the right of access pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Art. 17 GDPR, the right to restriction of processing pursuant to Art. 18 GDPR, and the right to data portability pursuant to Art. 20 GDPR. Furthermore, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Art. 77 GDPR. As a matter of principle, you have the right to object to our processing of personal data pursuant to Art. 21 GDPR. However, this right to object only applies if particular circumstances of your personal situation are on hand; rights of our company may override your right to object. To exercise one of these rights, please contact our data protection officer (geiger@mage-solutions.de).
10. Extent of Your Obligation to Give Us Your Data
You merely need to provide the data that are required for initiating and performing a business relationship or a pre-contractual relationship with us or that we are required to collect by virtue of law. Without these data, we are usually unable to conclude or perform a contract. This may also pertain to data required later on within the scope of the business relationship. Where we request data from you beyond this scope, you are expressly informed that this is voluntary.
11. Information on Your Right to Object (Art. 21 GDPR)
You may at any time object to the processing of your data on the basis of point (f) of Art. 6 (1) GDPR (processing of data on the basis of balancing of interests) or point (e) of Art. 6 (1) GDPR (data processing in the public interest), especially if there are grounds relating to your particular situation. This also applies to any profiling on the basis of this provision in the meaning of Art. 4 no. 4 GDPR.
If you object, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
The objection can be sent to the address specified in section 1 without complying with any formal requirements.
12. Your Right to Lodge a Complaint with the Responsible Supervisory Authority
You have the right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR). The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart
Data Protection Information for Applicants
pursuant to Art. 13 and 14 of the General Data Protection Regulation (GDPR)
We attach a lot of importance to data protection. Below, we inform you how we process your data and which rights you have.
1. Who Is Responsible for the Data Processing and Whom Can You Contact?
Congree Language Technologies GmbH
Stefan Kreckwitz
Tullastraße 62
76131 Karlsruhe
Germany
Contact Details of the Data Protection Officer
datenschutz@mage-solutions.de
2. Purpose of the Processing and Legal Basis
Your personal data are processed according to the provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other relevant data protection regulations. Please refer to our contract documents, forms, declarations of consent, and other information provided to you (e.g. on the website or in the general terms and conditions) for further details and explanations concerning the purposes of the processing.
2.1 Consent (Point (b) of Art. 6 (1) GDPR)
If you have given us your consent to the processing of personal data, the consent constitutes the legal basis for the respective processing. You can withdraw your consent at any time with effect for the future.
2.2 Performance of Contractual Obligations (Point (b) of Art. 6 (1) GDPR)
We process your personal data for the purpose of processing the application procedure. The processing may also take place electronically. This is the case especially where you send us your application documents electronically, e.g. by e-mail or via a web form on the website.
2.3 Compliance with Legal Obligations (Point (c) of Art. 6 (1) GDPR)
We process your personal data where this is necessary for the compliance with legal obligations.
3. Categories of Personal Data Processed by Us
The following data are processed:
- Last name, first name
- Contact details (e.g. e-mail address, address, telephone number)
- Complete application documents (e.g. résumé, letters of recommendation, references)
4. Who Receives Your Data?
We forward your personal data within our company to the units that need these data for the performance of contractual and statutory obligations and for pursuing our legitimate interests.
Moreover, processors engaged by us (Art. 28 GDPR) may receive your data especially in the field of support/maintenance of IT applications.
5. Transmission of Data to Third Countries or an International Organization
No data are processed outside the EU/EEA.
6. For How Long Do We Store Your Data?
If the data controller concludes an employment contract with an applicant, the submitted data will be stored for the purpose of handling the employment relationship under consideration of the statutory regulations. If the data controller does not conclude any employment contract with an applicant, the application documents will be erased automatically three months after the notice of refusal, unless the erasure would conflict with other legitimate interests of the data controller. "Other legitimate interests" in this meaning include, but are not limited to, an obligation to furnish proof in proceedings under the German General Treatment Act (AGG).
7. Does Automated Individual Decision-Making (Including Profiling) Take Place?
We do not use any fully automated individual decision-making procedures pursuant to Art. 22 GDPR. Should we use these procedures in individual cases, we will inform you of this separately insofar as this is required by law.
8. Your Data Protection Rights
You have the right of access pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Art. 17 GDPR, the right to restriction of processing pursuant to Art. 18 GDPR, and the right to data portability pursuant to Art. 20 GDPR.
Furthermore, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Art. 77 GDPR. As a matter of principle, you have the right to object to our processing of personal data pursuant to Art. 21 GDPR. However, this right to object only applies if particular circumstances of your personal situation are on hand; rights of our company may override your right to object. To exercise one of these rights, please contact our data protection officer (geiger@mage-solutions.de).
9. Extent of Your Obligation to Give Us Your Data
You merely need to provide us with the data required for the application process. Without these data, we are usually unable to conclude an employment contract with you. Where we request data from you beyond this scope, you are expressly informed that this is voluntary.
10. Your Right to Lodge a Complaint with the Responsible Supervisory Authority
You have the right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR). The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart