If you are residing in the European Union or are subject to the GDPR, the following policy is effective:
The following data privacy declaration applies to the use of the website https://www.inloox.com/ hereinafter referred to as "website" or "online offer".
Data protection is important to us. Your personal data is collected and processed in compliance with the applicable data protection regulations, especially the General Data Protection Regulation (GDPR). We collect and process your personal data to be able to offer you this website. This document describes how and for what purpose your personal data is collected and used and what options you have regarding your data.
1 Responsible Body
Responsible for the collection, processing and use of your personal data in terms of the GDPR is
Phone +49 (0) 89 358 99 88 - 0
Fax +49 (0) 89 358 99 88 - 99
Managing Directors: Dr. Andreas Tremel, Dr. Tiziano Panico
1.2 General information
Types of Data Processed:
- Contact information (e.g. e-mail, telephone numbers);
- Content (e.g. text input, photographs, videos);
- Usage data (e.g. visited websites, interest in content, access date and time);
- Meta data and communication data (e.g. device information, IP addresses);
Categories of persons concerned
Visitors and users of the website. In the following, we will also summarize the persons concerned as "users".
Purpose of Processing
- Provisioning of the website, its functions and contents;
- Answer contact requests and communicate with users;
- Register for SaaS services;
- Testing and purchasing products and services;
- Security measures;
- Traffic measurement/marketing
"Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified directly or indirectly, in particular by assignment to an identification such as a name, an identification number, location data, an online identification (e.g. cookie) or to one or more special features that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
"Processing" means any operation carried out with or without the aid of automated procedures or any such series of operations in connection with personal data. The term goes a long way and covers practically every handling of data.
"Responsible body" means the natural or legal person, authority, institution or other body that alone or together with others decides on the purposes and means of processing personal data.
Additionally, we process
- contract data (e.g. subject matter of the contract, term, customer category).
- payment data (e.g. bank details, payment history)
- support data (e.g. suggestions for improvement, error messages and databases that may contain personal data such as names, e-mail addresses or telephone numbers)
- productive data (e.g. project data in InLoox now! that may contain personal data such as names, e-mail addresses or telephone numbers)
from our customers, prospects and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online offering.
Here we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 lit. f GDPR in conjunction with. Art. 28 GDPR (conclusion of an Order Processing Contract).
2 General Use of This Website
2.1 Access Data
InLoox collects information about you when you use this website. We automatically collect information about your usage behavior and interaction with us and record data about your computer or mobile device. We collect, store and use data about every access to our online offer (so-called server log files). The access data includes name and URL of the accessed file, date and time of access, transferred data volume, notification of successful access (HTTP response code), browser type and browser version, operating system, referrer URL (i.e. the previously visited page), IP address and the requesting provider.
We use this log data without allocation to your person or other profiling for statistical evaluations for the purpose of operation, security and optimization of our online offer, but also for anonymous recording of the number of visitors to our website and the extent and type of use of our website and services, as well as for billing purposes in order to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content, analyze traffic, troubleshoot and correct errors, and improve our services. We reserve the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or for the provision or billing of a service, e.g. if you use one of our offers (see point 7). We also store IP addresses if we have a concrete suspicion of a criminal offence in connection with the use of our website. In addition, we store the date of your last visit as part of your account (e.g. when registering, logging in, clicking on links, etc.).
2.2 Contact via E-mail, Web Forms and Chat
When you contact us (e.g. via contact form, chat or e-mail), we store your details for processing the request and in the event that follow-up questions arise. We only store and use further personal data if you give your consent or if this is legally permissible without special consent.
2.3 Access Measurement
InLoox uses Google Analytics, a web analysis service provided by Google Inc. "("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by page visitors is usually transferred to a Google server in the USA and stored there.
However, if IP anonymization is activated on this website, Google will reduce your IP address within Member States of the European Union or in other countries party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on this website. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website and Internet use.
The user can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en
As an alternative to the browser plug-in or within browsers on mobile devices, you can click the following link to set an opt-out cookie to prevent future collection by Google Analytics within this website (this opt-out cookie only works in this browser and only for this domain. If you delete the cookies in your browser, you must refresh this link: Deactivate Google Analytics
This website uses etracker technology (http://www.etracker.com) to collect and store data for marketing and optimization purposes. These data can be used to create user profiles under a pseudonym. Cookies may be used for this purpose. The data collected using etracker technologies will not be used to personally identify the visitor to this website and will not be combined with personal data about the bearer of the pseudonym without the separately given consent of the person concerned. The collection and storage of data can be revoked at any time with effect for the future.
2.4 Conversion Measurement and Remarketing
Google Tag Manager
This website uses the remarketing function of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). The purpose of this feature is to present interest-based ads to website visitors within the Google advertising network. The technology enables us to place automatically generated, target group-oriented advertising after your visit to our website. The ads are based on the products and services you clicked on the last time you visited our website. For this purpose, a so-called "cookie" is stored in the visitor's browser, which makes it possible to recognize the visitor when he or she accesses websites belonging to Google's advertising network. Cookies are small text files that are stored in your browser when you visit our website. Google usually saves information such as your web request, IP address, browser type, browser language, date and time of your request. This information is used to assign the web browser to a specific computer. On the pages of the Google advertising network, visitors may then be presented with advertisements relating to content previously accessed by the visitor on websites that use Google's remarketing function.
If you agreed to have your Google browser history linked to your Google Account at https://www.google.com/settings/u/0/ads/authenticated and information from your Google Account used to personalize ads, remarketing will also be cross-device. Google will collect your Google ID and use it for the purpose of cross-device recognition.
According to its own statements, Google does not collect any personal data during this process. However, if you do not wish to use Google's remarketing feature, you can disable it by making the appropriate settings at http://www.google.com/settings/ads or in the "My Account" section.
Google AdWords Conversion
Microsoft Bing Ads
On our pages we use the conversion tracking of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft Bing Ads stores a cookie on your computer if you access our website via a Microsoft Bing ad. Microsoft Bing and we can see in this way that someone has clicked on an ad, has been redirected to our website and has reached a previously defined target page (conversion page). We only see the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the identity of the user will be disclosed.
If you do not want information about your behavior to be used by Microsoft as described above, you can refuse the setting of a cookie required for this purpose - for example, using a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by Microsoft by clicking on the following link: http://choice.microsoft.com/en-US/opt-out to declare your objection. Further information on data protection and the cookies used at Microsoft and Bing Ads can be found on the Microsoft website at https://privacy.microsoft.com/en-US/privacystatement
Bing Universal Event Tracking (UET)
On our website, data is collected and stored using Bing Ads technologies, from which user profiles are created using pseudonyms. This is a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service enables us to track the activities of users on our website when they come to our website via ads from Bing Ads. If you access our website via such an advertisement, a cookie is placed on your computer. A Bing UET tag is integrated on our website. This is a code used in connection with the cookie to store some non-personal data about the use of the website. This includes the time spent on the website, which areas of the website were called up and via which display the users accessed the website. Information about your identity is not collected.
The information collected is transmitted to Microsoft servers in the United States and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by deactivating the setting of cookies. This may restrict the functionality of the website.
In addition, Microsoft may be able to track your usage across multiple electronic devices through cross-device tracking, enabling you to display personalized advertising on or in Microsoft Web pages and apps. You can disable this behavior at http://choice.microsoft.com/en-US/opt-out
2.5 Comments and Contributions
If you as a user leave comments or other contributions, e.g. in our blog, your IP addresses will be used on the basis of our legitimate interests within the meaning of Art. 6 (1) (f). GDPR on Disqus. This takes place for our safety, if someone leaves illegal contents in comments and contributions (insults, forbidden political propaganda, etc.). In this case we can be prosecuted ourselves for the comment or contribution and are therefore interested in the identity of the author.
2.6 Online Presence in Social Media
We maintain online presences within social networks and platforms in order to communicate with active customers, interested parties and users and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.
Integration of Third-party Services and Content
Within our online offer, we make no representations or warranties of any kind based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) offers content or services from third parties to incorporate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").
This always presupposes that the third party providers of this content perceive the IP address of the users, since without the IP address they could not send the content to their browser. The IP address is therefore required for the display of this content. We make every effort to use only those contents whose respective providers use the IP address only for the delivery of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offer, as well as may be linked to such information from other sources.
Our website contains the Google +1 button. Google +1 is a social network. This is provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. With Google +1 you have the possibility to publish personalized content on the Internet. However, Google will save information about the content you clicked +1. Google will also store information about your visit to the website that you have viewed. Your +1 clicks can and will usually be used in your +1 profile and other Google services, such as Google's search engine search results, or otherwise on pages on the Internet or Internet ads.
Google stores information about your activities on Google +1 and requires you to create a public profile and profile name on Google in order to use the +1 button. Google +1 and all Google services will use your profile name. Your identity behind the profile may be disclosed to anyone who has knowledge of your email address or other information with which you can be identified.
Google uses, according to its own statements and in compliance with its data protection regulations, the information transmitted by you. Google also compiles statistics on Google +1 activities, which may be published and shared with third parties.
Usage of Facebook Social Plugins
On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) Social Plugins ("Plugins") of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are identified by one of the Facebook logos (white "f" on blue tile, the terms "like", "like" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
When a user calls up a function of this online offer that contains such a plugin, his device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user's device and integrated into the online offer. The processed data can be used to create user profiles. We therefore have no influence on the amount of data Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.
By integrating the plugins, Facebook receives information that a user has called up the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. When users interact with the plugins, such as pressing the Like button or posting a comment, the information is sent directly from your device to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to obtain and store their IP address. According to Facebook, only an anonymized IP address is stored in Germany.
The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for the protection of users' privacy, can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/
If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and link it to his membership data stored on Facebook, he must log out of Facebook before using our online offer and delete his cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
Mail Service Provider
Newsletters are sent by the mail service provider "MailChimp", a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The data protection regulations of the shipping service provider can be viewed here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection level (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The dispatch service provider is used on the basis of our legitimate interests according to Art. 6 Para. 1 letter f GDPR and an order processing contract according to Art. 28 Para. 3 S. 1 GDPR.
The shipping service provider can use the recipient's data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes. However, the shipping service does not use the data of our newsletter recipients to write them down itself or to pass the data on to third parties.
The newsletters contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a shipping service provider, from whose server. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected.
This information is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our endeavor, nor, if used, that of the shipping service provider, to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.
2.8 Content Delivery Networks (CDNs)
A Content Delivery Network (CDN) shortens the load time of common web content (e.g. script libraries, components, and fonts) by transferring files from fast, near-location or under-utilized servers. Among other things, your IP address is transmitted to the operator of the respective CDN.
Google Hosted Libraries
2.9 Hosting and Infrastructure Providers
We are leasing data centers in Microsoft Azure to operate and provide this website. These data centers are certified to ISO 27001 and are operated by Microsoft Corporation (One Microsoft Way, Redmond, Washington 98052, USA).
The data centers are located in the European Union and in the United States of America. Where personal data is transferred by EU citizens to data centers outside the European Union, the same level of protection exists for these data centers through Privacy Shield or standard contractual clauses.
2.10 Legal Bases and Storage Period
The legal basis for data processing in accordance with the above paragraphs is Art 6 para. 1 letter f) GDPR. Our interests in data processing are in particular to ensure the operation and security of the website, to investigate the manner in which visitors use the website, and to simplify the use of the website.
Unless specifically stated, we only store personal data for as long as is necessary to fulfil the purposes pursued.
3 Your Rights as a Data Subject
According to the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please direct your request to the website operator by e-mail or by post, clearly identifying yourself (see section 1). As the person concerned, you have the following rights:
3.1 Right to Information
You have the right to receive confirmation from us at any time as to whether we are processing personal data relating to you. If this is the case, you have the right to receive from us free of charge information about the personal data stored about you together with a copy of this data. Furthermore, you have the following rights:
When personal data are transferred to a third country or an international organization, you have the right to be informed of the appropriate guarantees under Article 46 GDPR in relation to the transfer.
3.2 Right to Correction
You have the right to request us to correct any inaccurate personal data concerning you without delay. Taking into account the purposes, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.
3.3 Right to Cancellation ("Right to Oblivion")
You have the right to request us to delete personal data concerning you immediately and we are obliged to delete personal data immediately if one of the following reasons applies:
If we have made personal data public and we are obliged to delete it, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that they have requested the deletion of all links to this personal data or of copies or replications of this personal data.
3.4 Right to Limitation of Processing
You have the right to request us to restrict processing if one of the following conditions is met:
3.5 Right to Data Transferability
You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another person in charge without our interference, provided that
When exercising your right to data transferability pursuant to para. 1, you have the right to obtain that the personal data be transferred directly by us to another person responsible, insofar as this is technically feasible.
3.6 Right of Objection
You have the right to object at any time to the processing of personal data concerning you on the basis of Article 6(1)(e) or (f) GDPR for reasons arising from your particular situation; this also applies to profiling based on these provisions. We no longer process personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.
You have the right to object to the processing of personal data concerning you, for scientific or historical research purposes or for statistical purposes pursuant to Art. 9 para. 1 GDPR, for reasons arising from your particular situation, unless the processing is necessary for the performance of a task in the public interest.
3.7 Automated Decisions Including Profiling
You have the right not to be subject to a decision based exclusively on automated processing - including profiling - that has legal effect against you or significantly impairs you in a similar manner.
3.8 Right to Revoke Consent Under Data Protection Law
You have the right to revoke your consent to the processing of personal data at any time.
3.9 Right of Appeal to a Supervisory Authority
You have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or suspected of having infringed the law, if you believe that the processing of personal data concerning you is unlawful.
4 Data Security
We make every effort to ensure the security of your personal data in accordance with the applicable data protection laws and technical possibilities.
Your personal data will be transmitted encrypted. This applies to your orders and also to the customer login. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
To secure your data, we maintain technical and organizational security measures which we constantly adapt to the state of the art.
Furthermore, we do not guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are regularly and carefully secured.
5 Automated Decision Making
An automated decision making based on the collected personal data does not take place.
6 Disclosure of data to third parties,
no data transfer to non-EU/EEA countries
In principle, we only use your personal data within our company.
If and to the extent that we involve third parties within the scope of the fulfilment of contracts, these personal data are only received to the extent to which the transfer is necessary for the corresponding service.
In the event that we outsource certain parts of data processing ("Order Processing"), we contractually oblige our contractors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.
Data transmission to places or persons outside the EU and outside the cases mentioned in this declaration does not take place and is not planned.
7 Collection of Personal Data When Using InLoox Products
As a rule, you can access our Internet pages without providing any personal information. When you register for our personalized databases or purchase InLoox products, you will be asked for personal information such as your name, e-mail address, payment method and credit card number. All data and information regarding your identity are stored on the server of InLoox and the corresponding contractual partners; however, only if you expressly provide us with this information. This happens for you recognizable and only with your explicit consent.
We do not pass on your personal data to unauthorized third parties. We reserve the right to pass on the data to authorized partners who are bound to a data protection and confidentiality agreement by InLoox.
If you as a customer of our product "InLoox now!" appoint one of our partner companies as account manager, your personal data will be transferred to the named partner company insofar as this is necessary for the settlement of commission payments by InLoox to the partner company nominated by you. In addition to your company name, this includes the type and number of InLoox products you have purchased, the date of conclusion of the contract for your first purchase of online services and the duration of your contractual relationship with InLoox. We take special care to provide only the information about you and your contractual relationship with InLoox, which is necessary for the purpose, to the supporting partner company.
If you use our products, we collect anonymous usage statistics and error reports on our products as part of the "User-Friendliness Improvement Program" (CEIP), unless you object to this. Further information can be found at: www.inloox.com/ceip
If you want to prevent your browser from accepting additional cookies, want to be notified when you receive new cookies or if you want to deactivate all cookies, call the help function in the menu bar of your web browser.
If you want to prevent your browser from accepting additional cookies, want to be notified when you receive new cookies or if you want to deactivate all cookies, call the help function in the menu bar of your web browser. Similar features such as Flash cookies, which are used by browser add-ons, can be turned off or deleted by either changing the settings of the browser add-on or following the instructions on the manufacturer's website.
8 Data Protection Officer
If you have any questions about our data protection or this data protection declaration or wish to exercise your rights, please contact our data protection officer email@example.com or InLoox GmbH in writing (for contact details, see section 1 and in the imprint).
9 Changes to the Data Protection Declaration
InLoox reserves the right to change the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service or data processing. However, this only applies with regard to declarations on data processing. If user consents are required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the users' consent.
Users are asked to inform themselves regularly about the contents of the data protection declaration. You can save and print out this data protection declaration at any time.
These document is available in German language at any time from: https://www.inloox.de/datenschutzerklaerung. Other language versions are only for information and translation purposes. In case of conflicts in interpretation or wording between different language versions of this document, the German version shall always be the overriding and binding version.