Privacy Policy

With this privacy policy, we would like to inform you as a user of our internet presence (hereinafter referred to as “website”) according to the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data, on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”).

 

1. Name and Contact Details of the Controller

The controller in the sense of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:

  • Braintower Technologies GmbH
  • Schlackenbergstr. 41 a
  • 66386 St. Ingbert
  • Phone +49 6894 92966-0
  • Fax +49 6894 92966-20
  • Email info@braintower.de

You can reach our data protection officers at datenschutz@braintower.de

 

2. Purpose, Legal Basis, and Duration of Processing

 

2. a) When Accessing the Website

Every time our website is accessed, the browser used on the user’s device automatically sends information to our website server. The following information transmitted by the user’s system is temporarily stored in so-called log files:

  • Browser type and version used,
  • User’s operating system,
  • User’s internet service provider,
  • IP address of the accessing computer,
  • Date and time of access,
  • Websites from which the user’s system reaches our website and
  • Websites accessed by the user’s system through our website.

The processing of this information is carried out (1) to ensure a smooth connection setup of the website, including the delivery of the website to the user’s computer, (2) to ensure comfortable use of our website, (3) for the evaluation of system security and stability, and (4) for further administrative purposes.
The legal basis for data processing is Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data processing listed above. An evaluation of the data for marketing purposes or for the purpose of drawing conclusions about your person does not take place in this context.

The data for the provision of the website will be deleted as soon as they are no longer required to achieve the purpose, i.e., at the end of the respective session. Data stored in log files will be deleted after a maximum of 14 days.

Furthermore, we use cookies as well as analysis and other services when accessing our website. Further explanations can be found under numbers 3 and 4 of this privacy policy.

2. b) Jira Service Desk

Our website offers you the possibility to contact us via the Jira Service Desk platform and report technical malfunctions.
To use this platform, you must register and create a user account by providing personal data. The data is entered into an input mask and transmitted to us and stored. A valid email address and your full name are required for registration. At the time of registration, the IP address of the calling computer as well as the date and time of sending are also stored.

The registration of the user serves the purpose of making it easier to process customer malfunction reports, as the customer’s details are automatically incorporated into the processing process.

If you report a malfunction via the platform, it may contain further personal data. These additional personal data will also only be processed for the purpose of handling the malfunction report.

As far as it is necessary for the processing of your malfunction report, we will forward the personal data concerning you to third parties (e.g., manufacturers, suppliers, and service providers). Personal data may also be transferred to a third country in this context.

The legal basis for the processing of the data is Art. 6 (1) sentence 1 lit. a GDPR in case of the user’s consent and otherwise Art. 6 (1) sentence 1 lit. f GDPR. If the registration and malfunction report are related to the fulfillment of a contract of which the user is a party or the implementation of pre-contractual measures, then an additional legal basis for the processing of the data is Art. 6 (1) sentence 1 lit. b GDPR.

The additional personal data processed for the handling of the malfunction report will be deleted after the statutory retention periods have expired, unless you have consented to further storage according to Art. 6 (1) sentence 1 lit. a GDPR. In general, the processed personal data are to be deleted 6 years after the end of the calendar year in which the contractual relationship ended; for invoice documents, the general retention period is 10 years. Exceptionally, we may be obliged to longer storage due to tax and commercial law storage and documentation obligations (from HGB, StGB, or AO). As far as no statutory retention periods are to be observed, we will immediately delete the processed personal data as soon as they are no longer necessary for the handling of the malfunction report or for the observance of legal retention periods.

 

3. Cookies

We use so-called cookies on our website. Cookies are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. The cookie stores information that arises in connection with the specifically used end device.
The use of cookies serves on the one hand to make the use of our website as comfortable as possible for you. Thus, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site. To optimize user-friendliness, we also use temporary cookies that are stored on your device for a specified period of time. These cookies contain information that enables your browser to be uniquely identified when you visit the website again. This serves the purpose of automatically redoing the inputs and settings you made during your previous visit to our website. However, we do not immediately obtain knowledge of your identity through the identification of your browser.

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 (1) sentence 1 lit. f GDPR.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These cookies also enable your browser to be uniquely identified when you visit the website again. Further explanations can be found under number 4 of this privacy policy.

Browsers are usually set to automatically store cookies on the user’s device. You can prevent or restrict this by changing the settings of your browser. You can also delete already stored cookies at any time, whereby deletion can also be automated. If cookies for our website are deleted or deactivated, it may no longer be possible to use all functions of the website without restrictions.

 

4. Matomo

We use the open-source software Matomo for the analysis and statistical evaluation of the use of the website. Cookies are used for this purpose. The information obtained about the website usage is exclusively transmitted to our servers and summarized in pseudonymous user profiles. We use the data to evaluate the use of the website. There is no transfer of the collected data to third parties.
The IP addresses are anonymized (IP masking), so that an assignment to individual users is not possible.

The processing of the data is based on Art. 6 (1) sentence 1 lit. a GDPR. We thereby pursue our legitimate interest in optimizing our website for our external presentation.

You can revoke your consent at any time by deleting the cookies in your browser or changing your privacy settings.

4. a) Objection to Data Collection

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

 

5. Rights of the Data Subject

If personal data of yours are processed, you as the data subject have the following rights against the controller:

5. a) Right of Access

According to Art. 15 GDPR, you have the right to request information about your personal data processed by us.
The right of access extends in particular to

  1. the purposes of processing,
  2. the categories of personal data being processed,
  3. the recipients or categories of recipients to whom your personal data have been or will be disclosed,
  4. the planned duration of storage of your personal data or, if specific information is not possible, criteria for determining the storage period,
  5. the existence of a right to rectification or deletion of your personal data, a right to restriction of processing by the controller or a right to object to such processing,
  6. the existence of a right to lodge a complaint with a supervisory authority,
  7. if the personal data are not collected from the data subject, any available information as to their source,
  8. the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Furthermore, you can request information about whether your personal data are transferred to a third country or an international organization. In this context, you can request to be informed about the appropriate safeguards according to Art. 46 GDPR in connection with the transfer.

5. b) Right to Rectification

According to Art. 16 GDPR, you have the right to immediately request the correction of incorrect or completion of your personal data stored by us.

5. c) Right to Erasure

According to Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us.
The prerequisites for deletion are that

  1. your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,
  2. you withdraw your consent on which the processing is based according to Art. 6 (1) sentence 1 lit. a or Art. 9 (2) lit. a GDPR, and where there is no other legal ground for the processing,
  3. you object to the processing according to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing according to Art. 21 (2) GDPR,
  4. your personal data have been unlawfully processed,
  5. the deletion of your personal data is required to fulfill a legal obligation under Union or Member State law to which we are subject,
  6. your personal data have been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.

The right to erasure does not exist insofar as the processing is necessary

  1. for exercising the right of freedom of expression and information,
  2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller,
  3. for reasons of public interest in the area of public health in accordance with Art. 9 (2) lit. h and i and Art. 9 (3) GDPR,
  4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 (1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
  5. for the establishment, exercise or defense of legal claims.

 

5. d) Right to Restriction of Processing

According to Art. 18 GDPR, you have the right to request the restriction of processing of your personal data.
The prerequisites for the restriction of processing are that

  1. you contest the accuracy of your personal data for a period enabling us to verify the accuracy of the personal data,
  2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead,
  3. we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims,
  4. you have objected to processing pursuant to Art. 21 (1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

 

5. e) Right to Object

According to Art. 21 GDPR, you have the right to object to the processing of your personal data based on legitimate interests according to Art. 6 (1) sentence 1 lit. f GDPR, on grounds relating to your particular situation.
If your personal data are processed for direct marketing purposes, you have the right according to Art. 21 (2) GDPR to object at any time to the processing of your personal data for such marketing; this also applies to profiling to the extent that it is related to such direct marketing.

5. f) Right to Data Portability

According to Art. 20 GDPR, you have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to request the transmission to another controller, insofar as this is technically feasible.
For a request, you can contact us at any time at dsgvo-widerruf@braintower.de.

5. g) Right to Withdraw Consent to Data Processing

According to Art. 7 GDPR, you have the right to withdraw your consent to data processing at any time.
In the event of withdrawal, we may no longer continue the data processing that was based on this consent for the future. The lawfulness of the processing carried out on the basis of the consent until the withdrawal is not affected by the withdrawal.

For a request, you can contact us at any time at dsgvo-widerruf@braintower.de.

5. h) Right to Lodge a Complaint with a Supervisory Authority

According to Art. 77 GDPR, you have the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.

 

6. Data Security

Within the website visit, we use the widespread SSL (Secure Socket Layer) method in conjunction with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. Whether an individual page of our internet presence is transmitted encrypted is indicated by the closed representation of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

 

7. Currency and Amendment of this Privacy Policy

This privacy policy is currently valid and has the status of March 2024.
Due to the further development of our website and offers above or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. The current privacy policy can be accessed and printed at any time on the website at https://www.braintower.de/datenschutz.”

We want to inform you about data protection on our website. Data protection is important to protect your personal data. We do this in accordance with the rules of the General Data Protection Regulation (GDPR), which applies in the EU.

 

 

Who are we?

Braintower Technologies GmbH
Address: Schlackenbergstr. 41 a, 66386 St. Ingbert
Phone: +49 6894 92966-0
Email: info@braintower.de

Our data protection officer can be reached at datenschutz@braintower.de.

 

 

Why and how we use your data:

When you visit our website:

Every time you visit our website, we automatically collect information such as:

  • Which browser and operating system you are using,
  • Your IP address and when you accessed our site,
  • Which website you came from.

This information helps us keep the website running smoothly and securely. We delete this data after a maximum of 14 days or when it is no longer needed.

When you use the Jira Service Desk:

Through our Jira Service Desk, you can contact us and report technical problems. For this, you need to sign in with your email and name. We use this data to help you better. We only share your data if it is necessary to solve your problem.

 

 

Cookies:

We use cookies, which are small files stored when you visit our website. Some cookies are necessary for the website to function properly. Others help us understand how visitors use our site. You can delete or block cookies in your browser at any time, but then not everything on the site might work.

 

 

Matomo:

We analyze how visitors use our site with Matomo. The data stay with us and are anonymized, so we cannot directly identify anyone. If you do not want your data to be used for analysis, you can set this in your browser.

 

 

Your rights:

You have many rights regarding your data, such as:

  • The right to know which data we have about you,
  • The right to have incorrect data corrected,
  • The right to have your data deleted,
  • The right to object to the use of your data,
  • The right to get your data in a readable format.

If you have any questions or want to exercise any of your rights, just send us an email.

 

 

Security:

We do a lot to keep your data secure, for example, through encryption and security measures that we continuously improve.

 

 

Changes:

This privacy policy is currently valid. Sometimes we need to update it, which last happened in March 2024. Thank you for taking the time to read this. We hope it was understandable and helpful!