DATA PROTECTION

DATA PROTECTION INFORMATION

BS Systems GmbH & Co. KG

General Provisions

Every natural person has the constitutionally guaranteed right to determine the use to which their own personal data may be put. We, the BS Systems GmbH & Co. KG, take the protection of the personal data of our customers as well as those interested in our offers very seriously. For this reason, it is our duty to protect the users entrusted to us when visiting our website. We are very much concerned with the protection of the privacy of our website users at all times. If and insofar as the user voluntarily provides personal data, these are collected and stored in accordance with the statutory data protection provisions of the EU General Data Protection Regulation (DSGVO) and the Telemedia Act (TMG). Of course, all data shall be treated confidentially. With the following data protection information, we would like to explain in more detail which data is collected, what happens with these data and which security measures we have taken to protect these data from misuse. By providing this transparent and comprehensible information of our data protection regulations we wish to ensure that visitors and customers are well informed about the collection, processing and use of personal data.

Personal data

Personal data is any information relating to an identified or identifiable natural person (such as, but not limited to, name, address, telephone number, date of birth, etc.). As a rule, our online offer can be used without providing personal information. However, the use of certain services may require the provision of personal information. In general, the collection, processing and use of personal data for the use of our website is limited to the required extent and the required data. If you wish to use services that require concluding a contract, we shall ask you to register. As part of the registration, we collect the personal data required for the establishment and fulfilment of the contract as well as, possibly, other data on a voluntary basis.

When contacting us by e-mail or using a contact form, the data voluntarily provided by you (e-mail address, possibly, name, address, etc.) shall be saved in order to answer your questions. We delete the data related to this context after the storage is no longer required, or limit their processing if there are statutory retention requirements.

If we rely on contracted service providers for individual functions of our offer or wish to use your data for advertising purposes, we shall inform you in detail below about the respective procedures. In doing so, we shall also name the specified criteria for the storage duration.

Responsible authority

The responsible authority for the collection, processing and use of your personal data acc. to Art. 4 Sec. 7 DSGVO is the

BS Systems GmbH & Co. KG
Am Innovationspark 2
86441 Zusmarshausen

Phone: +49 (0)8291 8502300
Mail: info@l-boxx.de

Name and address of the data protection officer

You can contact the data protection officer of the BS Systems GmbH & Co. KG under the following contact details:

SECUWING GmbH & Co. KG | Data Protection Agency
Mr Maximilian Hartung
Frauentorstraße 9
86152 Augsburg
Phone: +49 (0)821 90786450
E-mail address: epost@datenschutz-agentur.de

 

Your rights

You have the right:

• in accordance with Art. 15 DSGVO, to request information about your personal data processed by us. In particular, you can request information with respect to the processing purposes, the category of personal data, the categories of recipients to whom your data has been or shall be disclosed, the planned retention period, the existence of the right to rectification, deletion, limitation of processing or objection, the existence of the right to complain, the source of your data, if not collected from us, and the existence of an automated decision-making process including profiling and, possibly, meaningful information about the details thereof;
• in accordance with Art. 16 DSGVO, to immediately demand the correction of incorrect or completion of incomplete personal data stored by us with respect to you;
• in accordance with Art. 17 DSGVO, to request the deletion of your personal data stored by us, except in cases when the processing is required for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for assertion, exercise or defence of legal claims;
• in accordance with Art. 18 DSGVO to demand the restriction of the processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, you, however, reject their deletion and we no longer require the data, but you require the said data in order to assert, exercise or defend legal claims, or if you have objected to the processing according to Art. 21 DSGVO;
• in accordance with Art. 20 DSGVO to receive your personal data provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible;
• in accordance with Art. 7 Sec. 3 DSGVO to revoke the consent you have granted towards us at any time. As a result, we shall not be allowed to continue the data processing based on this consent for the future and
• in accordance with Art. 77 DS-BER, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.

1. Collection of personal data for visits of our website

1.1 In the case of the use of our website www.l-boxx.systems for informational purposes only, i.e. if you do not register or otherwise provide us with information, we shall only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data that are technically necessary for us to display our website and to ensure stability and security:

• IP address
• Date and time of the request
• Time Zone Difference to Greenwich Mean Time (GMT)
• Content of the request (concrete page)
• Access status / HTTP status code
• respectively transmitted amount of data
• Website from which the request originates
• Browser
• Operating system and its interface
• Language and version of the browser software.

The stated data are processed by us for the following purposes:

• ensuring a smooth connection set-up to the website,
• ensuring comfortable use of our website,
• evaluation of system security and stability, and
• for further administrative purposes.

The legal basis for data processing is Art. 6 Sec. 1 s. 1 lit. f DSGVO. Our legitimate interest follows from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions regarding you.

In addition, we use cookies and analysis services for visits of our website. Further details can be found in paragraphs 9 to 11 of this data protection declaration.

2. Further features and offers of our website

2.1. In addition to the purely informative use of our website, we offer various services that you can use if you are interested. To do this, you generally need to provide further personal data that we use to provide the respective service and for which the aforementioned data processing principles apply. The legal bases therefore are Art. 6 Abs. 1 s. 1 lit. a, b and f DSGVO.

2.2. In part, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and undergo regular inspections.

2.3. Furthermore, we may pass on your personal data to third parties if contracts or similar services are offered by us jointly with partners. You receive further information in this respect when entering your personal data or in the description of the offer possibly used.

2.4. Insofar as our service providers or partners are based in a state outside the European Economic Area (EEA), we shall inform you of the consequences of this circumstance in the description of the offer possibly used.

2.5. Within the website we use the popular Secure Socket Layer (SSL) method in conjunction with the respectively highest encryption level supported by your web browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we shall use 128-bit v3 technology instead. Whether an individual page of our website is encrypted is indicated by the closed representation of the key or lock icon in the bottom status bar of your browser.

2.6. We also take appropriate technical and organizational security measures in order to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are constantly being improved in line with technological developments.

3. Newsletter

3.1. With your consent, you can also separately get information about current and future projects (by telephone, e-mail, telephone).

3.2. For the registration for reception of this information by e-mail newsletter we use the so-called double-opt-in-procedure. This means that after you have registered, we shall send you an e-mail to the e-mail address specified in which we ask you to confirm that you wish to receive the newsletter. 158/5000 If you do not confirm your registration within 24 hours, your information will be suspended and automatically deleted after one month. In addition, we store your IP addresses and times of registration and confirmation. The purpose of the procedure is to prove your registration and, if necessary, to inform you about possible misuse of your personal data.

3.3. The only requirement for sending you the newsletter is your e-mail address. The specification of additional, separately indicated data is voluntary and shall be used to address you personally. After your confirmation, we shall save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 Abs. 1 S. 1 lit. a DSGVO.

3.4. You can cancel your consent at any time and unsubscribe from receiving the information about current and future projects. You can declare the cancellation by clicking on the link provided in every newsletter e-mail, by e-mail to info@l-boxx.de or by sending a message to the above stated contact details.

3.5. Please note that we evaluate your user behaviour when sending a newsletter. For this evaluation, the e-mails sent include so-called web beacons or tracking pixels that represent one-pixel image files stored on our website. For the evaluations, we link the data mentioned in point 1 and the web beacons with your e-mail address and an individual ID.

Also the links in the newsletter contain this ID. With the data obtained in this way, we create a user profile to tailor the newsletter to your individual interests. In doing so, we record the times when you read our newsletters, which links in those you click on and make therefrom conclusions about your personal interests. We link these data with the actions you have taken on our website.

4. Product ratings by our customers

We request our prospective buyers and customers (hereinafter generally referred to as “customers”) to consider the following for the publication of ratings:

By submitting a rating, you agree to the publication of the text on our website as well as in catalogues and newsletters. The name of the author is abbreviated, so that in the publication only the first letter is given for the first name and the last name. Please note that your name and contact details are stored by us in accordance with the data protection regulations. The legal basis is Art. 6 Abs. 1 s. 1 lit. f DSGVO.

As a customer, you are responsible for ensuring that your publication does not infringe illegally on the rights of third parties. This means, in particular, that you must ensure that your texts have not been copied unlawfully, that they are factual and that their content is truthful. In the event that claims are made against us by third parties for infringements based on a publication of the customer, the customer shall release us of these claims and compensate us the resulting damage (for example, the costs required for a legal defence).

Texts that contain advertising for third-party products, whether they are in competition with us or not, are generally undesirable. We reserve the right to take action against such advertising publications in the event of an infringement.

We are not obliged to publish texts. We also reserve the right to delete published texts at any time.

5. Product recommendations for our customers

You receive regular product recommendations from us by e-mail. These product recommendations are provided by us, regardless of whether you have subscribed to a newsletter. In this way, we wish to provide you with information about products from our offer that you may be interested in based on your recent purchases from us. The legal basis is Art. 6 Abs. 1 s. 1 lit. f DSGVO. If you no longer wish to receive product recommendations from us, you can object to this at any time. Please use the unsubscribe link included in each e-mail or send us a message to the above contact details.

6. Credit check and scoring

If we make a delivery before payment, for example, in the case of a purchase on account, then in order to safeguard our legitimate interests we may request a credit check based on mathematical-statistical procedures at diligently selected service providers. For this purpose, we shall forward the personal data required for a credit check to the relevant bodies and shall use the received information about the statistical probability of a default for making a balanced decision on whether the payment option should be granted. The collection, storage and forwarding are therefore carried out for the purpose of checking the creditworthiness in order to avoid a payment default and on the basis of Art. 6 Sec. 1 s. 1 lit. b DSGVO and Art. 6 Sec. 1 s. 1 lit. f, DSGMO. The credit report can contain probability values (score values) which are calculated on the basis of scientifically recognized mathematical-statistical methods and whose calculation includes, among other things, address data. Your protectable interests shall be considered in accordance with the statutory provisions. You can object to this check at any time with effect for the future. As a result, we may no longer be able to offer you certain payment options.
Currently we use information from the following service providers:

IHD Gesellschaft für Kredit-
und Forderungsmanagement mbH
Augustinusstraße 11B
D-50226 Frechen www.ihd.de

Further information according to Art. 14 DSGVO can be found at www.ihd.de/datenschutz/Selbstverpflicht.html

Creditreform Augsburg Frühschulz & Wipperling KG Beethovenstr. 4
86150 Augsburg www.creditreform-augsburg.de

7. Objection or revocation with respect to the processing of your data

7.1. If you have given your consent to the processing of your data, you can revoke it at any time. Such revocation, after you have stated it towards us, shall affect the admissibility of the processing of your personal data.

7.2. Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if, in particular, the processing is not required to fulfil a contract with you, which we describe in each case in the following description of the functions. In the event of such objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we shall examine the situation and shall either discontinue or adapt the data processing or point out to you our compelling legitimate reasons due to which we continue the processing.

7.3. Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us about your objection to advertising using the contact details mentioned in point 1.2 above

8. Use of cookies

8.1. In addition to the data mentioned in point 3, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using and by which the website that places the cookie (here – us) receives certain information. Cookies cannot run programs or transfer viruses to your computer. They serve to make the Internet offer overall more user-friendly and effective.

8.2. This website uses the following types of cookies, the scope and operation of which are explained below:

• Transient cookies, i. e. cookies that are automatically deleted when you close the browser. These include in particular the session cookies. They store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
• Persistent cookies, i. e. cookies in whose respect you can configure your browser settings according to your wishes. Here, for example, you can accept third-party cookies or reject all cookies. Please be aware that you may not be able to use all features of this site.

We use cookies to identify you for follow-up visits if you have an account with us. Otherwise you would have to log in anew for each visit.

The used Flash cookies are detected not by your browser but by your Flash plug-in. Furthermore, we use HTML5 storage objects, which are stored on your device. These objects store the required data regardless of your browser and do not have an automatic expiration date. If you do not want to process the Flash cookies, you must install an add-on such as, for example, “Better Privacy” for Mozilla Firefox (https://addons.mozilla.org/en/firefox/addon/betterprivacy/) or the Adobe-Flash killer-cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using private mode in your browser. In addition, we recommend that you regularly delete your cookies and the browser history manually.

9. Google Analytics

9.1. This website uses Google Analytics, a web analytics service provided by Google Inc. („Google“). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, in the event of activation of IP anonymisation on this website, your IP address shall be shortened prior to that by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide to the website operator other services related to website usage and internet usage.

9.2. The IP address provided by your browser within the framework of Google Analytics will not be merged with other Google data.

9.3. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. You can also prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

9.4. This website uses Google Analytics with the extension “_anonymizeIp ()”. As a result, IP addresses are processed in an abridged form, this eliminates direct reference to persons. Insofar as the data collected about you is assigned a personal reference, it will subsequently be immediately excluded and the personal data will be deleted immediately.

9.5. We use Google Analytics to analyze and regularly improve the use of our website. Using the obtained statistics we can improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data are transferred to the USA, Google is submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US Framework. The legal basis for the use of Google Analytics is Art. 6 Sec. 1 s. 1 lit. f DSGVO.

9.6. Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User Conditions: http://www.google.com/analytics/terms/de.html, Overview on Data Protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the data protection declaration: http://www.google.de/intl/de/policies/privacy.

10. Facebook

10.1. We are currently using a social media plug-in from Facebook. For this we use the so-called two-click solution. In other words, when you visit our site, as a rule no personal data is initially passed on to the providers of the plug-ins. The provider of the plug-in can be identified by the marking on the box above its initial letter or logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. In addition, the data referred to in point 3 of this declaration shall be transmitted. In the case of Facebook, according to the provider in Germany, the IP address is anonymised immediately after collection. By activating the plug-in, personal data shall be transmitted from you to the plug-in provider and stored in the USA. Since the plug-in provider carries out the data collection, in particular via cookies, we recommend that you delete all cookies via the security settings of your browser before clicking on the greyed-out box.

10.2. We have no influence on the collected data or data processing operations, nor are we aware of the full extent of data collection, the purpose of the processing, the retention periods. We also have no information with respect to the deletion of the data collected by the plug-in provider.

10.3. The plug-in provider stores the data collected about you as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and for informing other users of the social network about your activities on our website. You have the right to object to the creation of the said user profiles, whereby to exercise your right you must contact the respective plug-in provider. Through the plug-ins we offer you the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-in is Art. 6 Sec. 1 s. 1 lit. f DSGVO.

10.4. The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider. If you press the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it with your contacts publicly. We recommend logging out regularly after using a social network, and especially before activating the button, as this will prevent you from being assigned to your profile with the plug-in provider.

10.5. Further information on the purpose and extent of the data collection and its processing by the plug-in provider can be found in the provider’s data protection declaration. There you will also find further information about your rights and settings options for the protection of your privacy.

10.6. Addresses of the respective plug-in providers and URL with their data protection notices:

Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US Framework

11. LinkedIn
11.1. This website uses the LinkedIn button. This plug-in is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA. This is indicated by the corresponding logo of LinkedIn. Further information about LinkedIn’s social plugins is available at the following Internet address: http://www.linkedin.com/legal/privacy-policy.
11.2. When a visitor visits a page of this Internet domain containing such a plug-in, a connection is established between the visitor’s browser and the LinkedIn servers. LinkedIn receives and stores data (including the IP address) that allow LinkedIn to recognize which page of our website was visited by the visitor. This applies regardless of whether a LinkedIn plug-in is pressed or not. When the visitor activates a LinkedIn plug-in, the corresponding information is transmitted to LinkedIn in the USA and stored there. If the visitor at the same time is logged in with his personal LinkedIn account, the forwarded data can be assigned to the specific account. The legal basis for use is Art. 6 Sec. 1 s. 1 lit. f DSGMO.
11.3. The nature, scope, purpose of collection, use, and further processing and use of the data by LinkedIn, as well as the rights and privacy settings of the user, can be read and customized in LinkedIn’s privacy policy (http://www.linkedin.com/legal/privacy-policy). Otherwise the exact data processing operations or storage periods and purposes are unclear.

12. YouTube

12.1. This website uses the YouTube button. This plug-in is operated by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066 USA. This is indicated by the corresponding logo of YouTube. Further information about YouTube social plugins is available at the following Internet address: https://developers.google.com/youtube/.

12.2. When a visitor visits a page of this Internet domain containing such a plug-in, a connection is established between the visitor’s browser and the YouTube servers. YouTube receives and stores data (including the IP address) that allow Xing to recognize which page of our website was visited by the visitor. This applies regardless of whether a YouTube plug-in is pressed or not. When the visitor activates a YouTube plug-in, the corresponding information is transmitted to YouTube in the USA and stored there. If the visitor at the same time is logged in with his personal YouTube account, the forwarded data can be assigned to the specific account. The legal basis for use is Art. 6 Sec. 1 s. 1 lit. f DSGVO.

12.3. The nature, scope, purpose of collection, use, and further processing and use of the data by YouTube, as well as the rights and privacy settings of the user, can be read and customized in YouTube privacy policy (https://www.google.de/intl/de/policies/privacy/). Otherwise the exact data processing operations or storage periods and purposes are unclear.