Data Protection Declaration EASY SOFTWARE AG
As the operator of this website, EASY SOFTWARE AG takes the protection of your personal data very seriously. We treat your personal data confidentially, in accordance with statutory data protection rules and based on this data protection declaration. In this document, when we speak of data in general, this always refers to personal data in the sense of the General Data Protection Regulation or the DSAnpUG-Eu (Act to Adapt Data Protection Law, new BDSG).
SCOPE OF DATA COLLECTION AND STORAGE
PURPOSE OF DATA PROCESSING
In general, it is not necessary to provide personal data in order to use our website. However, to enable us to provide our services, we may require your personal data. This applies to sending you informational material as well as answering individual queries.
AGREEMENT TO DATA PROCESSING
If we perform any of the actions described below, or other, or provide services, we would like to collect, track and store your personal data. We will request your express agreement to this in the relevant place on our website, for example in the
- personalization of our website,
- analysis of user behavior.
If you request information or use personalized services, we will collect additional data (see the section “Newsletter and other advertising”)
WHAT CATEGORIES OF PERSONAL DATA ARE PROCESSED?
We store the following data:
For tracking purposes, we set a cookie. Using this information allows identification on a subsequent visit to the website. The tracking tool we use anonymizes the IP address and then stores it anonymously.
Webtracking and analytics
We use the systems of the following providers for analysis.
Hubspot
We use HubSpot for our online marketing activities. This is an integrated software solution that covers a variety of aspects of our online marketing. HubSpot allows us to use data for the following purposes:
- Content management (website and blog),
- Social media publishing & reporting,
- Reporting (e.g. traffic sources, accesses, etc.),
- Landing pages and contact forms.
We use HubSpot based on the EU standard contract clauses. You can find the scope of the data collection and storage by HubSpot and the privacy guidelines at https://legal.hubspot.com/privacy-policy.
Google Analytics
This website uses Google Analytics, a web analysis service from Google Inc. (“Google”). Google Analytics uses text files known as cookies which are stored on your computer and allow the analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports about website activities for the website operator and to provide more services connected with website and Internet use. Google may also transmit this information to third parties if this is prescribed by law or if third parties process this information on behalf of Google. In no case will Google connect your IP address with other data stored by Google.
You can prevent the installation of cookies with the appropriate setting of your browser software; however, we advise you that in this case you may not be able to use all functions of this website in their full scope. By using this website, you declare that you agree to the processing of the data about you collected by Google as described above and to the above-named purpose.
You want to no longer participate in Google Analytics (opt out)?
google ads
The website operator uses Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display ads in the Google search engine or on third-party websites, if the user enters certain search terms into Google (keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g., location data and interests; target group targeting). As the website operator, we can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks.
The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revoke your consent at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://business.safety.google/controllerterms/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
google conversion-tracking
This website uses Google Conversion Tracking. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With the assistance of Google Conversion Tracking, we are in a position to recognize whether the user has completed certain actions. For instance, we can analyze the how frequently which buttons on our website have been clicked and which products are reviewed or purchased with particular frequency. The purpose of this information is to compile conversion statistics. We learn how many users have clicked on our ads and which actions they have completed. We do not receive any information that would allow us to personally identify the users. Google as such uses cookies or comparable recognition technologies for identification purposes.
The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revoke your consent at any time.
For more information about Google Conversion Tracking, please review Google’s data protection policy at: https://policies.google.com/privacy?hl=en
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Clarity
In some of our products we use Microsoft Clarity, a technology that helps us to learn how our products are used, which images and text passages attract attention and to recognize how we can create an even better user experience.
The provider, Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, https://docs.microsoft.com/en-us/clarity/ (hereinafter “Clarity”) is certified in accordance with the “EU-US Data Privacy Framework” (DPF), an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Every DPF-certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider.
Clarity uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or the use of device fingerprinting). Your personal data is stored on Microsoft servers (Microsoft Azure Cloud Service) in the USA.
We hide sensitive areas and do not analyze them. We collect standard visitor data such as IP address, location, browser information, screen resolution, language settings, subpages visited, date/time of access to the website and mouse movements.
The use of Clarity requires your individual consent, which can be revoked via the settings in your profile.
If consent has been obtained, the above-mentioned service is used exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. If no consent has been obtained, the use of this service is based on Art. 6 para. 1 lit. f GDPR; further details on Clarity’s data protection can be found here.
Wordfence
We have included Wordfence on this website. The provider is Defiant Inc, Defiant, Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”). Wordfence is designed to protect our website from unwanted access or malicious cyberattacks. To accomplish this, our website establishes a permanent connection with Wordfence’s servers, which check and block their databases against access to our website. The use of Wordfence is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the most effective protection of his website against cyberattacks. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time. Data transmission to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/
STORAGE PERIOD OF THE DATA
Data collected for tracking purposes are incorporated into a pool of statistical data, allowing the tools to evaluate user behaviour across all accesses.
PURCHASE OF A PRODUCT OR PERFORMANCE OF SERVICES
PURPOSE OF DATA PROCESSING
If you commission us to perform a service, we strictly collect and store your personal data only to the extent that is necessary to perform the service or to carry out the contract. Furthermore, we use your e-mail address to provide you with information regarding the products used and information about our range of products and consulting services. The collection of this information is based on § 28 Par. 1 lit. 1 BDSG and, as of May 25, 2018, on Art. 6 Par. 1 lit. B EU-DSGVO.
WHAT CATEGORIES OF PERSONAL DATA ARE PROCESSED?
We record the following personal data:
- Salutation
- First name
- Surname
- Email address
- Organisation
- Street
- Postcode
- City
- Country
- Function in Company
- Department
- Amount of employees
- Industrial sector
- ERP-system
- Phone
RECIPIENTS OF THE DATA AND TRANSMISSION TO A THIRD COUNTRY
For the various tasks, we use internal systems and the following providers:
- HubSpot (USA) based on standard EU contract clauses
- SAP Business ByDesign (Germany) based on standard EU contract clauses
- Salesforce (USA) with the European storage location based on the EU Model Clauses
- Nextcloud (Germany) based on standard EU contract clauses
Within the company, we provide the data to associated companies for the purpose of fulfilling an order.
If necessary for reasons of privacy laws or other reasons, we will end our cooperation with individual providers, or accept new ones, while retaining the legally required data privacy standards.
STORAGE PERIOD OF THE DATA
We retain your data necessary for the performance and execution of a contractual relationship in accordance with the mandatory retention periods required by commercial and tax law. If the contractual relationship is no longer active, the data set is marked as inactive and no longer actively used. Following the expiration of the prescribed retention period, the data set is deleted or blocked.
NEWSLETTER, ADVERTISING AND PROSPECTIVE CUSTOMER ACQUISITION
PURPOSE OF DATA PROCESSING
If you have registered for our newsletter with your e-mail address and providing us with other data, we would like to use your e-mail address for our own advertising purposes beyond the performance of a contract until you unsubscribe from the newsletter – for the following purposes, among others:
- delivery of a variety of newsletters,
- additional services and offers for which your express agreement is required for their data collection,
- participation in drawings and promotions.
YOUR AGREEMENT AND OTHER NOTES
During the registration process, you will be asked to provide the following declaration:
Consent to processing data according to our privacy declaration: I agree to EASY SOFTWARE AG using my personal data, which I provide here, for the purpose of information, customer service, customer surveys and marketing until further notice, and that for these purposes, it will contact me, even on a regular basis, via e-mail or telephone. I agree to allow EASY SOFTWARE AG to transmit these data for the above purposes to companies or sales partners associated with it. Complete notice of this declaration of consent is possible anytime by sending a corresponding message to EASY SOFTWARE AG at .
Security
Your personal data will be transmitted via the Internet in encrypted form. We take technical and organizational measures to protect our website and other systems and keep your data from being lost or destroyed, and from being accessed, altered or disseminated by unauthorized persons. Despite routine checks, however, it is not possible to fully protect your data against all risks.
If your personal data are already stored by EASY SOFTWARE AG, they will be transferred to a customer database. This transmission is also encrypted. Your data in the joint database can be updated every time you make contact through EAY SOFTWARE AG or its partners.
Regarding the possibility of revoking this consent, please see the section “Deletion and data autonomy” below.
WHAT CATEGORIES OF PERSONAL DATA ARE PROCESSED?
We record the following personal data during the registration process:
- Salutation
- First name
- Surname
- Email address
- Organisation
- Street
- Postcode
- City
- Country
- Function in Company
- Department
- Amount of employees
- Industrial sector
- ERP-system
- Phone
RECIPIENTS OF THE DATA AND TRANSMISSION TO A THIRD COUNTRY
Your data may be transmitted to companies associated with EASY SOFTWARE AG for the stated purposes. We also use the following services, and will transmit data to them:
- HubSpot (USA) based on standard EU contract clauses
- SAP Business ByDesign (International) based on standard EU contract clauses
- Salesforce (USA) with the European storage location based on the EU Model Clauses
- Nextcloud (Germany) based on standard EU contract clauses
STORAGE PERIOD OF THE DATA
We will store the data for sending newsletters and other advertising measures until your explicit cancelation.
TRANSMISSION OF DATA FOR PURPOSES OF AN APPLICATION PROCEDURE
PURPOSE OF DATA PROCESSING
We process your data for purposes of application procedure only.
YOUR AGREEMENT AND OTHER NOTES
If you provide data for an application procedure by using our web form you consent to data processing as following:
Consent to processing data according to our privacy declaration: I agree to EASY SOFTWARE AG using my personal data, which I provide here, for the purpose of the application procedure, and that for these purposes, it will contact me, even on a regular basis, via e-mail or telephone. I agree to allow EASY SOFTWARE AG to transmit these data for the above purposes to companies associated with it. Complete notice of this declaration of consent is possible anytime by sending a corresponding message to EASY SOFTWARE AG at .
Transmission of date by E-Mail
If you provide data for an application procedure by sending via electronic mail we will process date on base of a legal interest. By sending data we assume that you expect that data will be processed electronically on our side too.
Security
After transmitting to us, data will be stores in a digital human resource system. Access to data will only get members of the company which are included in the application process on basis of a strict need to know principle.
WHAT CATEGORIES OF PERSONAL DATA ARE PROCESSED?
We record the following personal data during the registration process:
- Salutation
- First name
- Surname
- E-Mail-address
- Organisation
- Street
- Postcode
- City
- Country
- Job-Titel
- Cover letter
- Letter of reference.
- Vita
- And perhaps other attachments of your choice
RECIPIENTS OF THE DATA AND TRANSMISSION TO A THIRD COUNTRY
Data will only be processed at members of the EASY Group. No other transmission will be done.
STORAGE PERIOD OF THE DATA
After finishing the process data will be stored for an additional period of 4 month. If you will be recruited date will remain in the system.
Hosting of a shareholders’ meeting
PURPOSE OF DATA PROCESSING
Any time we hold a shareholders’ meeting, we do so based on the obligations of the German Stock Corporation Act (AktG). The following data processing is compulsory in this case:
- Keeping lists of participants
- Preparation of a written transcript
- Communication with shareholders via the designated mailbox
The Annual General Meeting is held using a service provider that provides the platform for holding the meeting.
WHAT CATEGORIES OF PERSONAL DATA ARE PROCESSED
We collect the following personal data:
- Salutation
- First name
- Last name
- E-mail address
- Street address
- Zip code
- City
- Country
- Phone number
RECIPIENT OF THE DATA AND TRANSFER TO A THIRD COUNTRY
Our service is provided by Computershare, which is based in the EU.
DATA STORAGE PERIOD
- The lists of participants are kept for 2 years in accordance with Section 129 (4) of the German Stock Corporation Act (AktG). Effectively, the data will be deleted 3 years after creation at the latest.
- Data in the Computershare portal will be deleted after 3 years (see previous point).
- Meeting transcripts are notarial deeds and are therefore kept for 10 years after a potential liquidation or legal transformation of the company in accordance with Section 273 of the German Stock Corporation Act (AktG).
- Any correspondence with shareholders by e-mail is retained until the expiry of any objection periods. In case of doubt, the e-mails are treated like any other business correspondence and deleted no later than 10 years after they were created.
Keeping of the register of shareholders
PURPOSE OF DATA PROCESSING
Due to the obligations of the German Stock Corporation Act (AktG), we are required to maintain a register of shareholders. Each shareholder is recorded in this register as evidence of their rights. The data is transmitted to us by the shareholder’s custodian bank.
WHAT CATEGORIES OF PERSONAL DATA ARE PROCESSED
The shareholder’s contact details, the custodian bank and the number of shares are stored in the share register.
RECIPIENT OF THE DATA AND TRANSFER TO A THIRD COUNTRY
To maintain the register, we use the provider Computershare, which is based in the EU.
DATA STORAGE PERIOD
The data must be deleted from the shareholders’ register 1 year after the shares have been sold.
SOCIAL NETWORKS
On parts of our website, we offer the opportunity to copy pages or materials to social networks. These in turn have their own data protection declarations. Below, you will find notes on the social networks we have integrated.
DATA PROTECTION DECLARATION FOR THE USE OF YOUTUBE
As with most websites, the EASY SOFTWARE AG Internet presence includes software from YouTube in its range of information.
YouTube software uses cookies to collect data, and for statistical data analysis. Among other things, YouTube uses cookies to collect reliable video statistics, to prevent fraud, and to improve user friendliness. EASY SOFTWARE AG receives statistical figures from the YouTube cookies regarding the viewing of individual videos embedded in the website without any reference to individual users. The embedded YouTube videos are used as part of the permitted usage through YouTube, which all users must accept. If you notice a violation of copyrights, please report this directly to YouTube. You can find more details on the use of cookies at YouTube in the YouTube data protection declaration at: http://www.youtube.com/t/privacy_at_youtube.
DATA PROTECTION DECLARATION FOR THE USE OF FACEBOOK
Our site integrates plug-ins from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. When you visit our sites, a direct connection between your browser and the Facebook server is made via the plug-in. If you click on the Facebook Like button while you are logged into your Facebook account, you are able to link the content of our sites to your Facebook profile. As a result, Facebook can assign the visit to our site to your user account.
As the provider of the Facebook site https://www.facebook.com/EasySoftwareDE, we advise that we receive no knowledge of the content of the data transmitted or of their use by Facebook. You can find more information on this in the data protection declaration of Facebook at https://www.facebook.com/policy.php.
If you do not want Facebook to be able to assign your visit to our website to your Facebook user account, please log out of your Facebook account.
Additionally, we use a plugin which grants that data will only be forwarded in case of using the Share Button.
DATA PROCESSING AGREEMENT FOR USE OF XING SHARE BUTTONS
On this website we use the „XING Share-Button“. On using this site a single connection to webservers of XING SE („XING“) will be opened to grant that services of XING can be fulfilled (Counter). XING will not store any personal data. Even no IP-adresses. Further no analysis on basis of cookies will be done. Current data processing agreement for use of „XING Share-Button“ and additional information can be found on:
https://www.xing.com/app/share?op=data_protection
Additionally, we use a plugin which grants that data will only be forwarded in case of using the Share Button.
DATA PROCESSING AGREEMENT FOR USE OF LINKEDIN SHARE BUTTONS
On this website we use the „LinkedIn Share-Button“. By using a special plugin we grant that data will only transmitted to LinkedIn if you use this button. Concerning type of transmitted data we refer to the data processing agreement of LinkedIn:
https://www.linkedin.com/legal/privacy-policy
If you want to opt Out from use of cookies, please open:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
DATA PROTECTION DECLARATION FOR THE USE OF TWITTER
Functions of the Twitter service are integrated into our websites. These functions are offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. By using Twitter and the retweet function, websites which you visit are connected to your Twitter account and disclosed to other users. Data are also transmitted to Twitter.
As the provider of the site https://twitter.com/easy_software, we advise that we receive no knowledge of the content of the data transmitted or of their use by Twitter. You can find more information on this in the data protection declaration of Twitter at https://twitter.com/en/privacy.
You can change your privacy settings at Twitter in your account settings at https://twitter.com/settings/account.
DATA PROTECTION DECLARATION FOR THE USE OF NEXTCLOUD
Die EASY SOFTWARE nutzt für die Speicherung von Marketingmaterial sowie von Material der EASY Academy die Nextcloud. Sie teilt daraus Inhalte mit Dritten. Dieses Material kann personenbezogene Daten enthalten. Bezüglich der Verarbeitung und des Teilens von personenbezogenen Daten, verweisen wir auf die Datenschutzerklärung von Nextcloud.
DELETION AND DATA AUTONOMY
You can obtain information about your stored personal data from EASY SOFTWARE AG and request their correction, deletion or blockage at any time. You can also change or revoke a given declaration of consent at any time without providing a reason, with effect in the future. You will not be subject to any fees other than postal or transmission charges for this.
A revocation of the declaration of consent is possible at any time by sending a corresponding message (by letter or e-mail) to EASY SOFTWARE AG at .
A revocation for the purposes named above has no effect on your contractual relationships with EASY SOFTWARE AG.
TRANSFERABILITY OF DATA
Data subjects have the right to obtain data which they have directly provided themselves. We will make such data available upon the explicit request by the data subject in a machine-readable and structured format. Proof of identity of the data subject is required.
RIGHT OF APPEAL WITH A REGULATING AUTHORITY
As a data subject, you have the right to appeal to a data protection authority in your place of residence or work if you suspect a privacy violation.
The regulating authority in charge of EASY SOFTWARE AG is the data protection authority of the state of North Rhine-Westphalia.
CONTACT
Data Protection Officer:
Harald Eul Consulting GmbH
Auf der Höhe 34
50321 Brühl
Germany
Postal address:
EASY SOFTWARE
Data Protection Officer
Jakob-Funke-Platz 1
45127 Essen
Germany
LEGAL REPRESENTATIVES
Member of the Management Board:
Andreas Zipser (CEO)
Heino Erdmann
Jakob-Funke-Platz 1
45127 Essen
Germany
District Court Duisburg HRB 33965