Privacy Policy

Deutsche Fassung siehe hier.

1. Definitions

In accordance to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or GDPR) this Privacy Policy uses the definitions of the GDPR

  • „personal data“ (Art. 4 No. 1 GDPR) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • „processing“ (Art. 4 No. 2 GDPR) means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • „controller“ (Art. 4 No. 7 GDPR) means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  • „processor“ (Art. 4 No. 8 GDPR) means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • „third party“ (Art. 4 No. 10 GDPR) means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
  • „consent“ (Art. 4 No. 11 GDPR) of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

2. Controller

Controller is the

Articy Software GmbH & Co. KG
Massenbergstrasse 15
44787 Bochum
Germany
Phone: +49 (0)234 / 54 45 89 55
E-Mail: info@articy.com

Represented by: Mr. Carsten Schröder

You can reach the controller via the above contact info.

3. Data Protection Officer

For all questions and as a contact person on the subject of data protection, our data protection officer is available to you at any time. The contact details are:

Carsten Schröder
Articy Software GmbH & Co. KG
Massenbergstrasse 15
44787 Bochum
Germany
Phone: +49 (0)234 / 54 45 89 55
E-Mail: info@articy.com

4. Purpose and Legal Bases of Processing

We process your personal data according to the terms of the GDPR, the German Data Protection Act (BDSG) and all other governing acts as far as necessary in order to allocate information on this website as well as our services.

a) Visiting our Website

If you should use our website for informational purposes only, which means that you won’t log into a web account, register for a web account or submit any other kind of information, we won’t collect any individual related data except the data that’s submitted by your browser in order to be able to visit our website. This is:

  • IP-Address
  • Date and time of your inquiry
  • Time zone difference to Universal Time Coordinated (UTC)
  • Content of your inquiry (precise site)
  • Access status/HTTP-status code
  • Respectively submitted volume of data
  • Website of the inquiry
  • Browser
  • Operating system and its UI
  • Language and Version of the browser software.
  • In order to ensure the functionality of this website the above mentioned personal data will be stored in log files. These files also serve the purpose to ensure the security of our IT Systems and improving our website.

    The above mentioned personal data is processed on the bases of Article 5 (3) of the directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (ePrivacy Directive) and on the bases of Article 6 (1) lit. f) GDPR.

    We collect further personal data from you if you explicitly give your consent. If the act of processing personal data is vested by the consent of the affected person then section 6 (1) lit. a) GDPR serves as statutory source.

    Article 6 (1) lit. b) GDPR serves as statutory source for processing personal data in order to fulfil contracts if one of the contract parties is the affected person. This also applies to pre-contractual measures which require processing activities.

    In case our company has to comply with legal obligations in order to process personal data, then Article 6 (1) lit. c) GDPR serves as statutory source.

    Article 6 (1) lit. d) GDPR serves as statutory source in cases when vitally important interests of an affected person or another natural person requires the processing of personal data.

    When personal data is processed in order to preserve the interests of our company or a third party, then the interests, basic rights and freedoms of the affected person have to succumb. Article 6 (1) lit. f) GDPR serves as statutory source in this case.

    Personal data can be passed on to our IT service providers in order to allocate this website.

    b) Subscribing to our Newsletter

    When you sign up for the Articy Newsletter, we process the following personal data:

    • email address

    The above mentioned personal data is only processed with your consent. A users consent according to Section 6 (1) lit. a) forms the statutory source in order to process the required data after a request to subscribe a newsletter by that user. As soon as the data that is required to fulfil this purpose is not required anymore it will be deleted. Accordingly the data of newsletter subscribers is only stored for the length of their subscription.

    To subscribe our newsletter we use the so-called Double-Opt-in-method for your registration. This means that after you provide us with your email address we will send you a confirmation email to the provided email address and ask you to confirm your registration to subscribe our newsletter. If you don’t confirm your request to subscribe our newsletter within the next 24 hours we will delete your request to subscribe our newsletter automatically. If you confirm the subscription of our newsletter we will store your email address until you unsubscribe from our newsletter. The storage of your email address enables us to send you the newsletter. We furthermore store your IP Address and the time stamp of your request and your confirmation to subscribe our newsletter to prevent misusage of your personal data.

    Providing your email address is obligatory for transmitting the newsletter.

    You can at any time withdraw your consent to subscribe our newsletter by clicking on the corresponding link which is provided in every newsletter email or by using this web form or by sending a message to the contact address provided in the imprint of the website. Your data will not be relayed to a third party.

    c) Contact Form

    We collect your personal data when you provide it by completing the contact form. The data provided is exclusively processed and used to provide you with the requested information. Any further processing and use of your data for advertising purposes or for market research will only take place with your express consent.

    The following data is stored at the time the message is sent:

    • E-Mail address of the user
    • Name of the user
    • Company name (free indication) of the user

    In order to be able to process your data as part of the transmission process, we kindly ask for your consent and refer to this Privacy Statement.

    You can also contact us via an alternatively provided e-mail address. Our company will store the personal data of the user sent along with the e-mail.

    Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 (1) lit. a GDPR. If the contact by e-mail is intended to conclude a contract, the legal basis is Art. 6 (1) lit. b GDPR.

    Our company processes the personal data from the input mask only for the purpose of processing the contact. This is also the legitimate interest that is required for processing personal data, if the contact is made by e-mail. The processing of other personal data during the transmission process is based on the prevention of possible misuse of the contact form, as well as on the security of our information technology systems.

    Once the data is no longer needed to achieve the original purpose for which it was collected, it will be deleted. Personal data collected from the input form of the contact form on the website or sent to us by e-mail will no longer be required if communication with the user ceases. This is the case when, when considering the facts, it becomes clear that this is also finished for the future and that no further communication takes place.

    Additional personal data collected during the transmission process will be deleted within a period of seven days.

    The revocation of his consent to the processing of his personal data is possible for the user at any time. When contacting by e-mail, the user can revoke his consent to the processing of his personal data at any time. However, further communication can no longer take place, as all personal data stored in the context of the contact is deleted in this case.

    d) Creating a User Account

    When you create a user account on our website, we process the following personal data:

    • first and last name,
    • email address,
    • IP-address,
    • time and date of the registration,
    • payment data,
    • purchase history,
    • position in the company (for example, owner/manager, CEO/CFO),
    • login information (for example, the number, date and time of login operations).

    The Lawfulness of the processing follows from Article 6 (1) lit. b) GDPR. The processing is necessary for the performance of a contract to which you are party.

    Furthermore, you give your consent to the processing with the creation of the user account (Article 6 (1) lit. a) GDPR).

    Once the data is no longer needed to achieve the original purpose for which it was collected, it will be deleted. Data collected during a registration process will be deleted if the registration is cancelled or changed on the website. Data stored in the course of registering to implement a contract or to perform pre-contractual measures will be deleted if it is no longer required for the performance of the contract.

    In order to be able to fulfil legal or contractual obligations, it may be necessary to store personal data of the contracting party even after concluding a contract.

    An early deletion of data that is required to implement a contract or to carry out pre-contractual measures is only possible if there are no contractual or legal obligations for further storage.

    If you should pay via PayPal, Credit Card via PayPal, direct debit via PayPal or – if offered – “purchase on ac-count” or “deferred payment” via PayPal, we will pass on your payment details that are required to process your payment to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (consecutively “PayPal”).

    The transmission of your payment details results according to Section 6, Paragraph 1, lit. b GDPR but only insofar as this data is required to fulfil the payment process.

    PayPal reserves the right to obtain a credit report for the offered payment methods Credit Card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “deferred payment” via PayPal.

    Based upon the legitimate interest of PayPal to determine your ability to meet your financial obligations and in accordance with Section 6, Paragraph 1, lit. f GDPR your payment details can be transferred to credit inquiry agency for this purpose if necessary.

    The result of your credit report in reference to the statistical payment default probability is used by PayPal to decide about the allocation of the respective payment method.

    The credit report can contain probability values (so called score values). Should score values be are part of a credit report, then they are based upon acknowledged mathematical-statistical methods. The computation of a score value includes among other data, but not solely, address data. For more details regarding data privacy and related information, like for instance commissioned credit inquiry agencies, please see PayPal’s data privacy policy.

    By sending a message to PayPal you can express your dissent to process your data. But PayPal will remain authorized to process personal related data as far as this is necessary in order to fulfil the contractual obligation to handle and process payments.

    e) Using our Applications

    In addition to the data processed because of the creating of the user account we process data while you use our applications in order to ensure the functionality of the software and to be able to ensure that you comply with the End User License Agreement (EULA). While using our applications we process the following personal data of the user:

    • IP-address
    • time, date and duration of the usage
    • login information (for example, the number, date and time of login operations),
    • number of users.

    The Lawfulness of the processing follows from Article 6 (1) lit. b) GDPR. The processing is necessary for the performance of a contract to which you are party.

    f) Application Procedure

    We only process applicant data for the purpose of the application process according to legal requirements. Processing of applicant data takes place to fulfil our precontractual or contractual obligations in the course of the application process according to Article 6 (1) lit. b) and f) GDPR as far as the data processing is necessary, i.e. in the context of legal procedures (in Germany § 26 BDSG applies as well).

    The application process requires applicants submitting their applicant data. Required applicant data is labelled if we provide an online form, otherwise it results from the job description. As a matter of principle personal details, postal and contact addresses, and related documents to the application like cover letter, curriculum vitae and certificates belong to the applicant data. Applicants can provide us with additional voluntary information.

    With the transmission of the application the applicant agrees to the processing of their data for the purpose of the application process with respect to nature and extent of this data privacy statement.

    If as part of the application process specific categories of personal data according to Article 9 (1) GDPR are voluntarily transmitted, they will be processed additionally according to Article 9 (2) lit. b) GDPR (i.e. health data like severe disability, or ethnic origin). If as part of the application process specific categories of personal data according to Article 9 (1) GDPR are requested from applicants, they will be processed additionally according to Article 9 (2) lit. a) GDPR (i.e. health data if it is necessary to exercise the profession).

    If available, applicants can submit their application via an online form on our website. Data will be encrypted according to the state of the art.

    Additionally applicants can submit their application via email. Please note that emails in general are not sent encrypted, so that applicants have to take care of encryption by themselves. We cannot take any responsibility for the transmission route of the application between sender and reception on our server, and therefore recommend using an online form or postal delivery. Additionally to using the online form or email applicants can send us applications by mail as well.

    Data provided by applicants can be further processed by us in case of successful application for the purpose of the employment. If the application is unsuccessful the applicant’s data will be deleted. The applicant’s data will also be deleted if the application is withdrawn, which may be done by the applicant at any time.

    Subject to revocation, data deletion takes place after a period of six months, so that we can handle possible follow-up questions about the application, and meet the obligation to provide proof according to the equal treatment act. Invoices for possible travel expenses will be archived according to tax law.

    5. Data Security

    We maintain up to date technical measures to warrant the protection of your data and especially to protect your personal data from hazards caused by data transition and to prevent knowledge acquisition by a third party. These measures are accordingly adjusted to the respective up to date technology.

    6. Use of Google Analytics

    This website uses Google Analytics. Google Analytics is the web analytics service of Google Inc.. It uses cookies being installed on your computer. These text files allow us to analyse your use of our website. All information generated about your use by these cookies are generally transferred to a google server in the US and likewise stored there. If you activate the IP-anonymisation on this website, Google shortens your IP address within the European Union or other countries which are members of the Treaty on the European Economic Area before storing.

    Your full IP address is transferred to a google server in the US and shortened there only in exceptional cases. On behalf of the operator of this website Google will use this information to analyse your usage of this website and to create reports on website activities and to fulfil further website related as well as internet usage related services for the website operator.

    Your IP Address, which is submitted by your browser within the framework of Google Analytics, won’t be merged with other data collected at Google.

    You can prevent the collection of your data that’s related to the usage of the website and generated by the cookie as well as the processing of this data by Google if you click on the this link to download and install the available browser plugin. However installing and using the plugin may lead to a limited ability to use this website.

    This website uses Google Analytics with the enhancement „anonymizeIp“. It enables the processing of shortened IP Addresses but a person related reference is excluded. As far as the collected data can be related to you as a person this reference will be excluded immediately and the personal related data is deleted at once.

    We use Google Analytics to analyse the usage of our website and to constantly improve it. With the collected data we’re able to improve our services and to make them more attractive for our users. For those exceptional cases when person related data is transferred into the US, Google has contractually agreed to guarantee data protection. Article 6 (1) lit. f GDPR is the statutory source for the usage of Google Analytics.

    The statutory source for processing person related data is Section 6, paragraph 1 lit. f GDPR.

    The processing of person related data of our users enables us to analyse how our users surf the web. With the collection of this data we’re able to gain information about the usage of particular components of our website. This enables us to constantly improve our website and its user friendliness. These are the main reasons for our vested interest in processing data according to Section 6, paragraph 1 lit. f GDPR. By anonymization of person related data the interests of users to protect person related data is preserved.

    This data is deleted as soon as it isn’t required anymore for our recording purposes.

    Information about third party providers:
    Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

    Terms of usage: https://www.google.com/analytics/terms/us.html,
    Data Privacy: https://www.google.com/intl/en/analytics/learn/privacy.html,
    Data Privacy Statement: https://policies.google.com/privacy?hl=en-US

    7. Integration of YouTube

    We have integrated YouTube videos into our online service, which are stored at “YouTube.com” and are accessible directly from our website. All videos are integrated in the “advanced data protection mode”, meaning if you do not play a video, no personal data about you will be transmitted to YouTube. Only if you play videos, the data mentioned in paragraph 2 will be transmitted. In addition YouTube receives the information that you visited the correlating subpage on our website. We have no control over this data transmission. This happens whether this third-party supplier offers a user account into which you are logged in, or if no user account exists. If you are logged into Google, the data will be assigned to your account. If you do not want an association between your profile and YouTube you should log out before pressing the play button.

    YouTube stores this data in user profiles and uses them for advertising, market research and/or need-based design of their website. This analysis happens especially (even for users not logged in) to provide demand-actuated advertising and to inform other users on social media about your activities on our website. You have the right to object the creation of a user profile, which you have to address directly to YouTube.

    Legal basis for the processing of personal data is Article 6 (1) lit. f) GDPR. By the means of plug-ins we give you the option to interact with social media and other users, so that we can improve our service and make it more interesting for you.

    Information regarding the third-party supplier:
    YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA,
    https://policies.google.com/technologies/product-privacy?hl=en-US and
    https://policies.google.com/privacy?hl=en-US.

    8. Your Rights

    If not contrary to provisions under special regulations you have the following rights:

    • According to Article 7 paragraph 3 GDPR you can revoke your given consent to us at any time. This results in us no longer being allowed to process the personal data your consent was based on.
    • According to Article 15 GDPR you have the right to request information about your personal data we process at any time. In particular, you can demand disclosure of processing purposes, the category of the personal data and their origin, the categories of recipients towards whom your data was disclosed to or will be disclosed to, as well as the purpose and the planned storage period. In addition, you can request information about the existence of rights of adjustment, erasure, data processing limitation, objection, appeal, the origin of your data, in cases where it was not compiled by us, and the existence of an automated decision-making including profiling. Where applicable, you can request meaningful information about their specifics.
    • According to Article 16 GDPR you have the right to request the immediate revision of incorrect personal data, or the completion of the personal data we store about you.
    • According to Article 17 GDPR you have the right to request the erasure of your personal data, unless the processing is necessary for the exercise of freedom of expression and information, the fulfilment of a legal obligation, on grounds of public interest, or for the establishment, exercise or defence of legal claims.
    • According to Article 18 GDPR you have the right to request the limitation of the processing of your personal data, if you dispute the accuracy of the data, if the processing is unlawful, but you decline data deletion, if we no longer need your personal data, but you need it for the establishment, exercise, or defence of legal claims, or if you objected to the processing of your data according to section 21 GDPR.
    • According to Article 20 GDPR you have the right to receive your personal data in a structured, common, and machine-readable format, or have your data transferred to a third party.
    • According to Article 77 GDPR you have the right to raise a complaint with a supervisory authority. Usually, you can contact a supervisory authority at your usual place of residence or workplace, or at the place of our law office address.

    Please direct all information requests or objections regarding the data processing to info@articy.com or our address mentioned above.

    You have the right to object the processing of your personal data for the purpose of direct marketing without giving any reasons. If we process your data to preserve legitimate interests, you can object to this for reasons arising from your specific situation. We will stop processing your personal data, unless we can provide compelling and legitimate reasons, which predominate your interests, rights, or liberties, or if the processing is necessary for establishment, exercise or defence of legal claims.

    To provide the website for users and to ensure the operation of the website, data acquisition and the storage in log files is necessary. As a result, there is no possibility of objection for users.

    As far as log files are stored, they will be deleted at the latest after seven days. Further processing does not take place.

    9. Children

    We do not process personal data of minors. In the case of an unwitting data collection, we will erase them immediately.

    10. Processors

    As with any larger company, we also use external domestic and foreign service providers to handle our business transactions. For example, we do not operate our servers ourselves, but through a subcontractor.

    Subcontractors are only active on our instructions and have been contractually obligated by us to comply with data protection regulations in accordance with Article 28 GDPR.

    If personal data of yours is passed on to other companies by us or is passed on to us by other companies, this is done on the basis of existing order processing relationships.

    11. States Data Protection Agency

    If you consider our processing of your personal data to be illegal, or a potential infringement of the data protection law for other reasons, you can raise a complaint with the responsible supervisory authority:

    The state representative for data protection in North Rhine-Westphalia
    Kavalleriestraße 2-4
    40213 Düsseldorf
    Germany

    12. Storage of your personal Data

    Personal data will only be stored on servers in the European Union unless we explicitly indicate a different storage location.

    13. Further Information

    If you have any questions, please contact our data protection officer.

    14. Amendments

    We reserve the right to update this data privacy statement from time to time. Updates of this data privacy statement will be published on our website, and are in effect as soon as published. It is recommended to visit this page on a regular basis to stay informed about updates.

    Last update: January 2022