Controller:
tisoware Gesellschaft für Zeitwirtschaft mbH
Ludwig-Erhard-Str. 52
D – 72760 Reutlingen
Email: info@tisoware.com
Authorised representatives:
Markus Steinberger – Managing Director
Link to Legal Notice:
http://www.tisoware.com/impressum
Unseren DatenYou can contact our Data Protection Officer as follows:
Nicolas Hermann
Senior Consultant Data Protection
Qualified Lawyer
Phone: +49 711 601 453 - 08
Mobile: +49 151 285 796 83
Email: NHermann@intersoft-consulting.de
or datenschutz@tisoware.com
This Privacy Statement explains in detail to you, as a user of our website, how, to what extent and for what purpose we or third-party providers collect and use data about you.
Your personal data are collected and used strictly in accordance with the provisions of the EU’s General Data Protection Regulation (GDPR-EU), German data protection law (Data Protection Amendment and Implementation Act, DSAnpUG-EU) and the German Telemedia Act (TMG), as applicable.
We are committed to ensuring the confidentiality of personal data concerning you and therefore work strictly within the limits set by law.
Where possible, any personal data collected are provided on a voluntary basis. Furthermore, such data will only be shared with third parties with your express consent.
We use SSL encryption to ensure a high level of security for particularly sensitive data such as payments or any enquiries you make to us.
At this point, however, we would like to emphasise the general dangers related to using the Internet, over which we have no control. Especially in email communications, unprotected personal data are not secure and may, under certain circumstances, be read by third parties.
Key concepts
“Personal data” are any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, geographical location data, an online identifier (e.g. a cookie) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” is any operation or set of operations which is performed on personal data, whether or not by automated means. This is a broad concept which covers practically any form of data usage.
“Controller” refers to the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data
Relevant legal basis
Pursuant to Art. 13 GDPR-EU, we hereby inform you about the legal basis for data processing on our website. If the legal basis is not indicated in the Privacy Statement, the following applies:
Cooperation with processors and third parties
In cases where we disclose personal data to other persons or business enterprises (processors or third parties) in the context of our processing, transmit personal data to them or otherwise grant them access to personal data, this shall only take place on the basis of
In cases where we commission third parties with the processing of data based on a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR-EU.
Transfer to a third country
If we process personal data in a third country (i.e. in states outside the European Union (EU) or the European Economic Area (EEA)), or if this occurs due to the use of third-party services or to the disclosure and / or transfer of personal data to third parties, this is only done where necessary
Subject to legal or contractual authorisations, we process personal data, or have personal data processed, in a third country only where the particular conditions of Art. 44 ff. GDPR-EU are met. This means, for example, that processing is carried out on the basis of special safeguards, such as the officially recognised setting of the level of data protection corresponding to the EU (e.g. for the USA by the “Privacy Shield”) or compliance with officially recognised special contractual obligations (known as “standard contractual clauses”).
Rights of the data subject
Right to request information – Art. 15 GDPR-EU
Art. 15 GDPR-EU gives you the right to request confirmation as to whether or not personal data concerning you are being processed and, where that is the case, to receive information regarding the personal data as well as any further information and a copy of the personal data. The exceptions to this right laid down in section 34 DSAnpUG (BDSG) apply.
Right to rectification – Art. 16 GDPR-EU
Art. 16 GDPR-EU gives you the right to have incomplete personal data concerning you completed or to request the rectification of inaccurate personal data concerning you.
Right to erasure – Art. 17 GDPR-EU
Art. 17 GDPR-EU gives you the right to have personal data concerning you erased without undue delay. However, this right shall only apply if the personal data concerning you are no longer needed or have been unlawfully processed, or if you withdraw your consent on which the processing was based.
The exceptions to this right laid down in section 34 DSAnpUG (BDSG) apply, for example where the storage of personal data is necessary for compliance with a legal obligation or for the purposes of proper business administration.
We will erase your personal data on request provided their erasure is not barred by any statutory archiving obligations. We will block your personal data if archiving obligations apply. To enable personal data to be blocked at any time, we keep data in a blacklist for control purposes.
Please contact our data protection officer if you have any questions or enquiries regarding the rectification, blocking or erasure of personal data. You can find the contact details either in this Privacy Statement or in the Legal Notice.
Right to restriction of processing – Art. 18 GDPR- EU
Art. 18 GDPR-EU gives you the right to request the restriction of processing of personal data concerning you. Amongst other things, the “data subject” has the option of temporarily preventing the further processing of personal data concerning him or her. In particular, the processing of personal data may be restricted pending verification of the exercise of other rights by the “data subject”.
Right to data portability – Art. 20 GDPR-EU
Art. 20 GDPR-EU gives you the right to receive the personal data concerning you which you have provided to us in a commonly used and machine-readable format. You also have the right to transfer these data to another controller. However, according to Art. 20(3) sentence 2 GDPR-EU, this right shall not apply to processing which is necessary for the performance of a task carried out in the public interest. This is the case with tisoware Gesellschaft für Zeitwirtschaft mbH, for example, where personal data are processed for taxation purposes.
Right to lodge a complaint – Art. 77 GDPR-EU
Art. 77 GDPR-EU additionally gives you the right to lodge a complaint with the competent supervisory authority:
State Commissioner for the Protection of Data Baden-Württemberg
Address: Postfach 10 29 32, 70025 Stuttgart, Germany
Urbanstr. 32, 70182 Stuttgart, Germany
Phone: +49 711 615541-0
Fax: +49 711 615541-15
Emailpoststelle@lfd.bwl.de
Internet: https://www.baden-wuerttemberg.datenschutz.de
Right to withdraw consent – Art. 7 GDPR-EU
Art. 7(3) GDPR-EU gives you the right to withdraw your consent to future processing.
Right to object – Art. 21 GDPR-EU
Art. 21 GDPR-EU gives you the right to object at any time to future processing of personal data concerning you. In particular, you may object to processing for direct marketing purposes.
We use various services, outlined below, for the purposes of analysing and optimising our websites. For example, we use these services to analyse how many users visit our site, what information is requested most often or how users locate content. Amongst other things, we record information about the website from which a user accesses our website (referrer URL), which pages of the website are accessed or how often and for how long each page is visited (length of stay). This helps us to improve our content and make it more user-friendly. The data we collect in this regard are not used to identify individual users personally.
Google Analytics: Provided you have given your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The legal entity responsible for users in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Google Analytics uses cookies, which help the website analyse how users use our site. The information collected by means of cookies about your use of the website will generally be transmitted to and stored by Google on servers in the United States. We use the user ID function. The user ID service enables us to associate one or more sessions (and activity within those sessions) to a unique, permanent ID and thereby analyse the behaviour of a user across multiple devices.
We use Google Signals: This allows Google Analytics to collect additional information about users who have activated personalised ads (interests and demographic data). Also, ads can be delivered to these users in the context of cross-device remarketing campaigns.
We use the ‘anonymizeIP’ function (so-called IP masking): If you activate the “anonymizeIP” option on this website, Google will remove the end of your IP address so it only locates you as within the member states of the European Union or other members of the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there. Google will never associate your IP address as transmitted by Google Analytics from your browser with any other data held by Google.
During your website visit the following data will be collected:
Google will use the above information on behalf of the operator of this website to evaluate how you use the website and compile reports on website activity. The reports provided to us by Google Analytics serve to analyse the performance of our website and the success of our marketing campaigns.
Recipient
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland in its capacity as processor. We have signed an agreement with Google to handle processing. Google LLC, based in California, USA, and in some cases US authorities, can access the data stored by Google.
Retention period
Data transmitted by us and associated with cookies are automatically erased after 14 months. Data that have been stored for the statutory retention period will be automatically erased once a month. Furthermore, you can prohibit Google from collecting and analysing the data generated by the cookie about your use of the website (including your IP address) by
a. Not giving your consent to the use of the cookie, or
b. Clicking HERE to download and install the Google Analytics Opt-out Browser Add-on.
You may also refuse the use of cookies by selecting the appropriate settings in your browser. However, if you configure your browser to refuse all cookies, you may not be able to use the full functionality of this or other websites.
The legal basis and right of objection for such data processing is your consent pursuant to Art. 6(1) point a GDPR. You may withdraw your consent to future processing at any time by opening the cookie settings in our Consent Management Platform (tap the fingerprint icon in the bottom left corner) and changing your preferences there. For more information on the Google Analytics Terms of Service and Google’s privacy policy, see https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.
This website uses HubSpot, a marketing, content management, web analytics and search engine optimisation service provided by HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. The information is used for statistical and marketing purposes.
The following list contains all (personal) data collected by or through the use of this service.
The legal basis and right of objection for such data processing is your consent pursuant to Art. 6(1) point a GDPR. You may withdraw your consent to future processing at any time by opening the cookie settings in our Consent Management Platform (tap the fingerprint icon in the bottom left corner) and changing your preferences there.
Data retention
Cookie information and information collected by other tracking technologies is stored for a reasonable period from the date on which it was created. Personal data which you make available to us are stored for as long as legitimate business interests exist. If no legitimate reason exists for processing the personal data, they will be erased or anonymised. We retain information about marketing preferences for a reasonable period of time from the date the user last expressed interest in our content.
Recipients of the data
The processor’s data protection officer has the following email address. privacy@hubspot.com
Transfer to a third country
This service can transfer the data that has been collected to other countries. Please note that the service may transfer data outside the European Union and the European Economic Area to a country that does not provide an adequate level of data protection. If the data are transferred to the USA, be aware that your data may be processed by US authorities for control and surveillance purposes, with no effective redress mechanism. A list of countries to which data may be transferred can be found below. This could be necessary for various purposes, e.g. for storage or processing.
Ireland, the United States of America and other countries where HubSpot partners operate
Click here to read the processor’s privacy policy: https://legal.hubspot.com/privacy-policy?_ga=2.80487636.2109353776.1547219595-1840724365.1539588495
HubSpot Forms
This website uses HubSpot forms, an online form creation service provided by HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. The service is used to build online forms. Cookies are placed for this purpose. The following list contains all (personal) data collected by or through the use of this service.
The legal basis and right of objection for such data processing is your consent pursuant to Art. 6(1) point a GDPR. You may withdraw your consent to future processing at any time by opening the cookie settings in our Consent Management Platform (tap the fingerprint icon in the bottom left corner) and changing your preferences there. The data will be erased as soon as they are no longer needed for processing purposes.
The processor’s data protection officer has the following email address:
privacy@hubspot.com
Click here to read the processor’s privacy policy: https://legal.hubspot.com/privacy-policy?_ga=2.235906625.1720821622.1549963287-1840724365.1539588495
Albacross
We inform you regarding the processing of personal data on behalf of Albacross Nordic AB (“Albacross”).
Information collected from cookies set in your device that qualify as personal data will be processed by Albacross, a company offering lead identification and ad targeting services with offices in Stockholm and Krakow. Please see below for full contact details.
The purpose for the processing of the personal data is that it enables Albacross to improve a service rendered to us and our website (e.g “Lead Generation” service), by adding data to their database about companies. The Albacross database will in addition to “Lead Generation” be used for targeted advertising purposes towards companies and for this purpose data will be transferred to third party data service providers. For the purpose of clarity, targeted advertising regards companies, not towards individuals.
The data that is collected and used by Albacross to achieve this purpose is information about the IP-address from which you visited our website, and technical information that enables Albacross to tell apart different visitors from the same IP-address. Albacross stores the domain from form input in order to correlate the IP-address with your employer.
For the full information about our processing of personal data, please see Albacross’ Privacy Policy (https://albacross.com/privacy-policy).
Newsletter
You can subscribe to our newsletter on our website. Your email address is all we need to register you as a newsletter subscriber. Additional voluntary information such as your title or your first and last name only serves to personalise the newsletter. The data collected in this context will only be used to send and receive the newsletter. We send our newsletter using the “Inxmail” service by “Inxmail GmbH" of Freiburg, Germany. Any personal data which are stored when you register to receive our newsletter are transmitted to “Inxmail GmbH” and stored by “Inxmail GmbH”. We do not transfer personal data entered by you when you subscribe to any other third parties.
Subscriptions to our newsletter are managed using a so-called “double opt-in” procedure. In other words, after you ask to be subscribed, we send an email to the specified email address requesting you to confirm that you really do want to receive our newsletter.
We send newsletters in order to communicate general information, technical articles, information on forthcoming events as well as information on products and services by tisoware Gesellschaft für Zeitwirtschaft mbH. Apart from the information we need to send the newsletter, no other data are collected by our website. You may withdraw your consent to our sending you the newsletter and unsubscribe from the newsletter at any time.
You can notify us of your withdrawal of consent by clicking the link which is provided in every newsletter. We will store the data held by us for the purpose of sending you the newsletter until such time as you unsubscribe from the newsletter and will delete this data as soon as you unsubscribe. This shall not affect data which are stored by us for any other purposes.
Contact form
If you contact us by email or using a contact form on our website, we will store any personal data which you provide to us (company, first and last name, full postal address, email address, phone and possibly fax number as well as the industry in which you operate) to enable us to answer your questions. Personal data collected in this way will be deleted after we no longer need them or, in cases where a statutory retention period exists, we will restrict processing of these data. Your personal data will not be used for other purposes nor passed on to third parties outside tisoware Gesellschaft für Zeitwirtschaft mbH.
Privacy policy for online applicants
You can apply for a vacant position with us on our website.
If you apply to us in this way, we will collect and process the personal data which you provide to us for the purpose of processing your application. This data may also be processed electronically. In particular, we do this if you send us your application documents electronically, for example by email. If a contract of employment is concluded with you on the basis of this application, we will store the data transmitted to us for the purpose of processing the employment contract in compliance with legal regulations. If we cannot offer you the job you are applying for, we will keep your application documents for a period of six months after notifying you that your application was unsuccessful and will then delete them automatically provided there are no overriding legitimate interests. Overriding legitimate interests in this sense might be, for example, the burden of proof in a proceeding under the German General Equal Treatment Act (AGG).
YouTube
Our website uses plugins from YouTube, belonging to Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. As soon as you visit one of our pages featuring a YouTube plugin, you will be connected to the servers of YouTube. In doing so, the YouTube server will be informed which specific page of the website you have visited. If you are also logged in to your personal YouTube account, YouTube can associate your browsing behaviour directly with your profile. You can prevent this by logging out of your YouTube account. For more information on how Google processes user data, you can review the YouTube Privacy Policy at: https://www.google.de/intl/de/policies/privacy
Instagram plugin
Our website contains functions of the Instagram service. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged into your Instagram account, you can click the Instagram button to link the content of our pages with your Instagram profile. This means that Instagram can associate visits to our pages with your user account.
As the provider of this website, we expressly point out that we receive no information on the content of the transmitted data or its use by Instagram. For more information about how Instagram collects and uses personal data, you can review the Instagram Privacy Policy at http://instagram.com/about/legal/privacy/.
SSL encryption
When our website asks you to enter confidential or personal information, this information is protected with SSL encryption software. SSL encryption is used, for example, when processing payments or for enquiries which you send to us via our website.
Please note that you must have enabled SSL encryption in order to engage in such activities. You can recognise an encrypted connection easily in your browser’s address line when it changes from “http://” to “https://”. If SSL encryption is enabled, the data you transfer to us cannot be read by third parties. You should only transfer confidential information about yourself to us if SSL encryption is enabled; feel free to contact us if you are in any doubt.
Use of cookies on the tisoware website
When someone visits www.tisoware.com, we collect standard Internet protocol data and other information on user behaviour. Amongst other things, we use this information to determine the number of visitors to different sections of the site. Such data are collected completely anonymously. We do not make any attempt to find out the identity of visitors or associate the information gathered with any personal information from any source. If any personal information which can be used to determine a visitor’s identity are collected on the website, we communicate this openly beforehand. We will make it clear when we collect personal data and we will explain what we intend to use them for. The list below indicates which cookies are used and why.