Privacy Policy
Privacy Policy
The protection of your personal data is taken very seriously. Your personal data is treated as confidential as well as in compliance with the statutory data protection regulations and this Privacy Notice.
This Privacy Notice applies to our product “Cordaware bestzero®“. It explains the method, purpose and scope of the data collection in context of use. We point out that online data transmission can be subject to security loopholes. It is not possible to fully protect your data from being accessed by third parties.
Information regarding the party responsible
The party responsible for data protection is:
Cordaware GmbH Informationslogistik
Derbystraße 5
85276 Pfaffenhofen
Phone: + 49 (0) 8441 – 85 93 200
Fax: + 49 (0) 8441 – 85 93 300
Web: www.cordaware.com
E-Mail: info@cordaware.com
Data Protection Officer
Contact details of our Data Protection Officer:
Giovanni Di Terlizzi
Cordaware GmbH
85276 Pfaffenhofen
Telefon: +49 (0) 8441 – 8593-200
Web: www.cordaware.com
E-Mail: privacy@cordaware.com
General storage period of personal data
No personal data is stored in or via Cordaware bestzero®.
Lawfulness of processing personal data
Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which a consent for a specific processing purpose (e. g. with a voluntary specification of your personal data in the log-in form or in the context of the contact form) is obtained. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, the processing is based on Article 6(1) lit. b GDPR and the legal basis for processing for the purposes of the legitimate interests is Article 6 (1) lit. f GDPR, expcept where such interests are overridden by the interests of the data subject. If necessary the relevant legal bases are specificated separately within this Privacy Policy.
Encryption
For security reasons and to protect the transmission of confidential information Cordaware bestzero® uses SSL/TLS encryption (in combination with a Pre-Shared-Key=PSK).
SSL/TLS encryption secures, data transmitted from your App to your internal server cannot be read by third parties.
Changes of our Privacy Policy
We reserve the right to update this Privacy Policy at any time, without prior notice to you, to the extent permitted by applicable law.
Your rights
The GDPR grantes that every person whose personal data is proccessed has specific rights. At this point, we would like to inform you about them:
Withdrawing consent to process your data
Much data processing is only possible with your express consent. You may withdraw any consent previously given. This may be effected by an informal email. The legality of any data processing carried out prior to withdrawal of consent remains unaffected by such withdrawal.
THE RIGHT TO OBJECT AGAINST DATA COLLECTION IN SPECIAL CASES AS AGAINST DIRECT ADVERTISING (ARTICLE 21 OF THE GDPR)
WHEN DATA IS PROCESSED IN ACCORDANCE WITH ARTICLE 6, PARA. 1, POINT E OR F OF THE GDPR, YOU HAVE THE RIGHT FOR REASONS ARISING FROM YOUR SPECIAL SITUATION TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE SPECIFICATIONS. YOU CAN FIND THE APPLICABLE LEGAL BASIS ON WHICH SUCH PROCESSING RESTS IN THIS PRIVACY STATEMENT. IF YOU OBJECT, PROCESSING YOUR RELEVANT PERSONAL DATA IS CEASING UNLESS STRONG PROTECTION-BASED GROUNDS FOR CONTINUED PROCESSING ARE GIVEN THAT SUPERSEDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR DEMONSTRATE THAT CONTINUED PROCESSING SERVES THE ENFORCEMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION IN ACCORDANCE WITH ARTICLE 21, PARA. 1 OF THE GDPR).
If your personal data is processed for the purposes of direct advertising, you have the right at any time to object to the processing of your personal data for the purposes of such advertising; this also applies to profiling to the extent that it is connected to such direct advertising. If you object, your personal data will no longer be used for the purposes of direct advertising (objection in accordance with Article 21, Para. 2 of the GDPR).
Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infriges this regulation (GDPR).
Information, deletion and correction
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection.
Right to limit processing
You have the right to limit processing of your personal data. You may contact us at any time on this point using the details in the General section of this Privacy Policy (see I. General). The right to limit processing arises in the following circumstances:
- If you question the accuracy of your personal data stored, it generally requires time to check your claim. You have the right to limit processing of your personal data for the duration of our assessment of your personal data’s accuracy.
- If your personal data was or is being processed unlawfully, you may demand limitation to its processing rather than its deletion.
- If your personal data is no longer needed but you still need it for the exercise, defense or enforcement of your legal claims, you have the right to demand limitation to the processing of your personal data rather than its deletion.
- If you have raised an objection in accordance with Article 21, Para. 1 of the GDPR, a consideration of your and our interests must be carried out. While it remains unclear whose interests prevail, you have the right to demand limitation to the processing of your personal data.
If you have limited processing of your personal data, this data may only be processed – with the exception of its storage – with your consent or for the enforcement, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of an important public interest of the European Union or of one of its member states.
Right to data portability
You have the right to request for yourself or for third parties any data which is recorded as permitted by you or that was automatically processed as a result of your completion of a contract in any standard machine-readable format. In the event that you request the transmission of your data to another responsible party, this is only carried out if it is technically possible.
Collection of personal data in the contect of application use
General
When using Cordaware bestzero®, no personal data is stored on the systems hosted by the responsible party.
The following data is transmitted:
- Once the hash value (an encrypted value) of your email address.
- An internally assigned Company-ID (encrypted) and the address of the communication interface (a so-called webhook with FQDN=Fully Qualified Domain Name)
Data analytics
No personal data is processed for analysis purposes.
Published: January, 2021