We take the task of protecting your personal data very seriously. Naturally, we always handle your personal data in accordance with the statutory data protection provisions. We have appointed an expert and reliable external data protection officer. The external data protection officer is provided by UIMC Dr. Voßbein GmbH & Co. KG (https://datenschutz.uimc.de). In the following, we will inform you on how your personal data are processed.
Collection and Processing of Personal Data
The Controller, under Art. 4 (7) of the GDPR, is Babtec Informationssysteme GmbH, Clausenstraße 21, 42285 Wuppertal, Germany (see our Imprint).
If you make contact with us, the data that you share with us (your address, e-mail address, if required your name and telephone number) will be saved by us in order to answer your queries. In the event that you have any questions, we offer you the option of contacting us via a form that is provided on our Internet presence. Here, certain data have been labeled “mandatory.” These data are necessary to allocate and answer the request. Any other data can be provided voluntarily. Data for the purpose of contacting us is processed in accordance with Art. 6 (1) a of the GDPR, based on your voluntary consent. We will erase the data that is procured in this context once it is no longer necessary to retain this data, or we will restrict its processing if there are no legal obligations to save this data.
If we need to mandate another service provider to fulfill individual functions of our offer and are obliged to forward your personal data to third parties at this juncture, we will provide you with detailed information on the relevant processes. Here, we will also state the set criteria for the duration that the data will be stored by the mandated third party.
If you wish to conclude a contract with us, you must state the personal data that we require to process your order. This is necessary in order to conclude the contract. We will process the data that you have provided in order to execute your order. To this end, we may forward your payment data to our affiliated bank. Art. 6 (1) sentence 1(b) of the GDPR forms the legal basis for this. This also applies for measures which are required in order to execute pre-contractual measures.
If it is necessary to process personal data in order to fulfill a legal obligation that our company is subject to, then this shall occur within the scope of Art. 6 (1) sentence 1(c) of the GDPR.
If processing is necessary for the purposes of protecting our legitimate interests or the legitimate interests of a third party and if your interests, fundamental rights and freedoms do not override these legitimate interests, then Art. 6 (1) sentence 1(f) of the GDPR shall form the legal basis for the processing. The legitimate interests of our company are, in principle, in rendering the services due and/or constant optimization of our services and presentations.
Due to trade and fiscal provisions, we are obligated to store your address, payment and order data in accordance with the statutory regulations. However, we will place limitations on processing after two years have lapsed. This means that your data will only be used in order to comply with legal obligations.
A Qube user account will be created upon first registration for BabtecQube. A name and e-mail address are required information for this. Further information can be optionally added to the user profile, or edited there, by the user themselves. Alternatively, the user can also register via an existing Microsoft Azure account and will be transferred to Microsoft for authentication.
If you use BabtecQube, we will save the personal data that we require in order to fulfill the order, including information on the payment method, until you permanently delete your access account. Furthermore, we will save the data that you have voluntarily provided for the period during which you use the portal, unless you erase this data before that point. Art. 6 (1) sentence 1(f) of the GDPR forms the legal basis for this.
If you use BabtecQube, your data may be rendered accessible to other participants in BabtecQube. Users who are not logged in will not receive any information on you. Personal data are visible for registered users within BabtecQube under the following conditions. If the user has been assigned a company account, the administrator of the company account can view the personal data that have been entered upon registration or which have subsequently been added voluntarily. Other users assigned to the company account can also view these data. Outside the company account, the personal data cannot, in principle, be viewed unless the user actively changes their privacy settings and enables the data to be viewed. When exchanging messages on behalf of a company, the name of the sender is forwarded/displayed.
Logging and Protocol Functions
Every time you access our Internet presence, a log is created and processed for statistical purposes. In this process, the individual users remain anonymous:
Based on our legitimate purpose in accordance with Art. 8 (1) f of the GDPR, we process the aforementioned data for the following purposes:
We reserve the right to inspect this data at a later date if concrete evidence of illegal use becomes known to us. As soon as the data is no longer required to fulfill the purpose, it is erased immediately. The longest period that your data will be kept for is six months - after this it will be erased.
Transfer of Data
As a rule, there will be no transfer to third parties for commercial or non-commercial purposes without your explicit consent. We will only transfer your personal data to third parties if this is legally permitted (for example based on Art. 6 of the GDPR) and/or necessary. We sometimes use service providers within the scope of processing orders in accordance with Art. 28 of the GDPR, particularly within the remit of hosting a web page and maintaining it. We remain fully responsible for processing the data. In some instances, we furthermore use plug-ins by other providers on our Internet presence; for more details on this, please see below.
Liability for Own Content
The content of these pages has been created with the greatest possible care. We cannot, however, assume any liability for the accuracy, completeness, or currentness of the content. As a service provider, we are responsible for our own content on these pages under general law.
Liability for Links (Content of Third-party Providers)
Our own content is to be differentiated from cross-references (links) which are made available by other providers. We have no influence over their content; the particular provider or operator of the linked pages is always responsible for the content of its pages.
Rights of Data Subjects
We herewith inform you that you can exercise the following rights with us in accordance with Art. 15 et seq. of the GDPR under the conditions defined therein, to wit your right of access to the respective personal data and your right to rectification or to erasure or of restriction of processing or to object to data processing as well as the right to data portability. In addition, you also have the right to lodge a complaint with a data protection supervisory authority in accordance with Art. 77 of the GDPR if you are of the opinion that the processing of your personal data is in breach of this regulation. If processing is based on Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR (consent), you also have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Right of Access, Art. 15 of the GDPR
You have the right to obtain information on whether and to what extent your personal data are processed (particularly the purposes of the processing, recipients of the data, storage period etc.).
Right to Rectification, Art. 16 of the GDPR
You have the right to obtain rectification of your saved data if they are incorrect or incomplete. This also includes having incomplete data completed by supplementary statements or notifications.
Right to Erasure, Art. 17 of the GDPR
You have the right to obtain erasure of your personal data. This is possible, for example, if the data are no longer required for the purposes for which they were collected or if the data must be erased due to legal obligations. However, in individual cases, this right may be excluded.
Right to Restriction of Processing, Art. 18 of the GDPR
You have the right to restrict processing of your personal data. This is possible, for example, if your data have been recorded incorrectly or if processing of the data is executed unlawfully. In the event of restriction of processing, the data may only be processed in strictly defined cases.
Right to Data Portability, Art. 20 of the GDPR
You have the right to request that your personal data be handed over to yourself or any controller designated by yourself in any common electronic, machine-readable file format if you have provided the aforementioned data yourself.
Right to Object, Art. 21 of the GDPR
You have the right to object to processing of your personal data at any time on grounds relating to your particular situation, with future effect, insofar as the processing of the data is executed for the purposes of legitimate interests (see Art. 6 (1) sentence 1(e) and (f) of the GDPR). In the event of an objection, a check will be carried out in order to see whether the legal provisions which support processing of your data are present and, if this is not the case, any further processing of your data will be prohibited.
Right to Lodge a Complaint With a Data Protection Supervisory Authority, Art. 77 of the GDPR
You have the right to report any potential infringement of data protection regulations to the responsible supervisory authorities within the union or its member states at any time.
Contact Information for the Responsible Supervisory Authorities:
State Officer for Data Protection and Freedom of Information of North Rhine-Westphalia
40213 Düsseldorf, Germany
Tel.: +49 (0)211/38424-0
Amendments to our Data Protection Regulations
We reserve the right to occasionally amend this data protection statement to ensure that it is always in accordance with the current legal requirements or in order to implement changes to our services in the data protection statement, e.g. when introducing new services. Whenever you re-visit our site, the then current data protection statement shall apply.
Contact With the Data Protection Officer
If you have any questions with regard to the processing of your personal data, you can contact our data protection officer directly, who will also be available with his team in the event of requests for information, claims, or complaints.
The external data protection officer can be contacted
Dr. Jörn Voßbein (UIMC Dr. Vossbein GmbH & Co. KG)
Via post: Otto-Hausmann-Ring 113, 42115 Wuppertal, Germany
Via telephone: +49 202 946 7726 200
On our website, we employ various plug-ins from other service providers which we wish to inform you on in the following.
Web Analysis With Google Analytics
Our website uses plug-ins from YouTube, a page operated by Google, for marketing purposes. The operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit our page that is equipped with a YouTube plug-in, this establishes a connection to YouTube’s servers. At this juncture, the IP addresses of the visitors to our website will be shared with the YouTube server, along with which of our sites you have visited, if you have given us your consent to collect and transfer of your personal data in accordance with Art. 6 (1) a of the GDPR. This occurs regardless of whether you have a YouTube user account or not. If you are logged into your YouTube account, you enable YouTube to directly allocate your surfing behavior to your personal profile. You can prevent this by logging out of your YouTube account.
In addition, we have integrated YouTube videos into our online offer. These videos are saved on www.youtube.com and can be played directly on our website. These are all integrated into the expanded data protection mode, meaning that no data on you as a user will be transferred to YouTube provided that you do not play the videos. Data is only transferred when you play the videos. We have no influence on how YouTube uses the data, it may also be used for creating usage profiles. Please procure information on this directly from YouTube and adjust your privacy settings there. Furthermore, by clicking on the play button, you give consent that YouTube can, if required, set cookies on the end device that you are using. These cookies can also serve to provide analysis of usage behavior for market research and marketing purposes. We do not have any influence on this data transfer.
For more information on how user data is handled, please refer to YouTube’s data protection statement at: https://www.google.de/intl/de/policies/privacy [external page].
In certain instances, we use the reCAPTCHA service from the company Google LLC in accordance with Art. 6 (1) f of the GDPR (legitimate interests) in order to ensure sufficient data security for transferring forms. Above all, this serves to discern whether information has been entered by a natural person or has been entered by machine or automated processing, constituting misuse. If you visit one of our websites which has a reCAPTCHA integrated into it, your personal data, such as your IP address, screen and window resolution, set browser language, time zone, installed browser plug-ins and, if required, further data that Google needs for the reCAPTCHA, among other elements, will be collected and transferred to Google. The data protection provisions of Google LLC apply here. You can find further information on Google LLC’s data protection guidelines on http://www.google.de/intl/de/privacy [external link] or https://www.google.com/intl/de/policies/privacy/ [external link].
Google Tag Manager
For information on how to withdraw your consent to the processing of your data by the respective tags, please refer to the section on the respective tag listed in this data protection statement.