for the SaaS service
www.finbc.com as of October 2019
We attach great importance to data protection. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the EU Data Protection Basic Regulation (DSGVO). We collect and process your personal data in order to be able to offer you our website and our services. In accordance with Art. 13 DSGVO, we describe in this declaration which data we use, in what manner and for what purpose and scope, and which options and rights you have in connection with the use of your personal data.
1. responsible office
Finbc GmbH, represented by Stefan Grimm, Nieder-Olmer-Str. 17, 55270 Essenheim, Germany, is responsible for compliance with data protection on our website. We have not appointed a data protection officer. Please do not hesitate to contact us if you have any questions regarding data protection. You can contact us by e-mail: email@example.com
2. data collection on our website
a) Server log files: If you access our website http://www.finbc.de, information is automatically transmitted by your browser to the server of our website. This information is only stored briefly in a so-called log file and is automatically deleted. This includes the following data: Your IP address, date and time of the call, name and URL of the file you called up, website from which the call was made (referrer URL), information on the browser you used as well as operating system, name of your access provider. This data is used for the purpose of ensuring a smooth connection and comfortable use of our website as well as for the evaluation of system security and stability. The legal basis for data processing results from Art. 6 Para. 1 S. 1 lit. f DSGVO, since we have a legitimate interest in collecting data for the aforementioned purposes. In addition, a legal basis also arises from Art. 6 para. 1 lit. b DSGVO for the processing of data for the fulfilment of a contract or pre-contractual measures. The data will not be used to draw conclusions about your person.
b) Contact form / communication by e-mail: You will find a contact form on our website. Herewith we would like to give our customers the possibility to contact us in an uncomplicated way. You can also contact us directly by e-mail. If you would like to use our contact form, you must enter your name and a valid e-mail address. If you send us an e-mail, we will at least receive your e-mail address. All other data provided is optional. These data are given voluntarily by you. The data collection therefore takes place on the basis of a voluntarily given consent according to Art. 6 para. 1 lit. A DSGVO. We use the data provided by you exclusively to process your inquiry and delete your data after processing, insofar as there is no other legal basis for data storage.
c) Processing of customer and contract data: When initiating business, concluding contracts and fulfilling contracts, we use your necessary personal data for this purpose in accordance with Art. 6 Para. 1 lit. b DSGVO. Data will only be transferred to third parties if and insofar as this is necessary for contractual fulfilment, e.g. if a bank has been commissioned to process payments. This personal data will be deleted after the statutory warranty periods have expired or after the statutory retention periods have expired. You can also create a user account with us. For this it is necessary that you enter the data required in the registration. In the user account you can then view the profile data you have entered and stored as well as other information you have entered. The user account is not publicly accessible. If you delete your user account, all data will be deleted with the exception of data which we are obliged to store under commercial and tax law pursuant to Art. 6 Para. 1 lit. f DSGVO. With each registration, registration, order or other binding action, we store your IP address as well as day and time. This is done for your protection and in accordance with Art. 6 Para. 1 lit. F of our legitimate interest in proving that a claim has arisen and to prevent abuse or unauthorised use of our system.
d) Processing by payment service providers: In the case of chargeable services, we process your personal data, in particular payment data (account, credit card and other bank data) on the basis of Art. 6 Para. 1 lit. b DSGVO. This is done for the purpose of contract execution (payment processing/accounting). To the extent necessary, your payment data for the payment transaction and for billing will be transmitted to service providers (credit institutions, accounting service providers) or processed directly by them. Your payment data will be stored for the duration of the contractual relationship and deleted after complete termination of the contractual relationship (until the conclusion of all mutual contractual obligations), insofar as there is no other legal basis for data storage.
f) Google Analytics: On the basis of Art. 6 Para. 1 S. 1 lit. f DSGVO, we use Google Analytics, a web analysis service of Google Inc., 1600 AmphitheatreParkway, Mountain View, CA 94043, USA. The use of GoogleAnalytics is carried out in order to design and continuously optimise our website in line with requirements and to record and evaluate our website statistically. In this context, pseudonymised user profiles are created and cookies are used. Information about your use of this website such as your IP address, date and time of the call, name and URL of the file you called up, website from which the call was made (referrer URL), information about the browser you used as well as operating system, name of your access provider. This information is transferred to a Google server in the USA and stored there. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. The anonymous IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. As described above, you can prevent cookies from being stored on your computer. You can also prevent Google from using the data collected by cookies by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl You can find further information on data protection in connection with Google Analytics in the Google Analytics help (http://tools.google.com/dlpage/gaoptout?hl).
g) Google Web Fonts: On the basis of Art. 6 Para. 1 S. 1 lit. f DSGVO, we use Google Web Fonts from Google Inc., 1600 AmphitheatreParkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”, for the purpose of a customer-friendly and appealing presentation of our website. Here, Google retrieves fonts from your browser and loads them into the browser cache in order to display content, texts and fonts correctly. Information about your provider, operating system, browser and IP address may be transmitted to Google. The data protection regulations of Google apply here: https://www.google.com/policies/privacy/
3. data transfer
Your personal data will not be passed on to third parties. However, data may exceptionally be transmitted for the following reasons: Insofar as you have given your express consent, Art. 6 para. 1 sentence 1 lit. a DSGVO, insofar as disclosure is required pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO and there is no overriding legitimate interest in the non-disclosure of your data, insofar as we are legally obliged to disclose the data, Art. 6 para. 1 sentence 1 lit. c DSGVO, insofar as disclosure pursuant to Art. 6 para. 1 sentence 1 lit. b DSGVO is permissible and necessary for the settlement of contractual relationships with you. Insofar as your data is processed by third parties commissioned by us, this is done on the basis of Art. 28 DSGVO by means of an order processing contract.
4. rights concerned
Right to information Art. 15 DSGVO You have the right to request confirmation from us as to whether we process your personal data. If this is the case, you can request information about this personal data and about the following information: the purposes of the processing; the categories of personal data to be processed; the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; if possible, the intended duration for which the personal data will be stored or, if that is not possible, the criteria for determining such duration; the existence of a right to rectify or erase the personal data concerning you or to limit the processing or to object to such processing; the existence of a right of appeal to a supervisory authority; if the personal data are not collected from you, all available information on the origin of the data; the existence of automated decision making including profiling in accordance with Article 22(1) and (4) DSGVO and, at least in these cases, meaningful information on the logic involved and the scope and intended impact of such processing on the data subject. Correction right Art. 16 DSGVO You may immediately request the correction of incorrect or incomplete personal data stored by us. Right to deletion (right to be forgotten) of your data, Art. 17 DSGVO You may request the deletion of your data stored with us, insofar as the personal data were not collected for the purposes for which they were collected or processed in any other way, or you withdraw your consent on which the processing is based pursuant to Article 6 paragraph 1 letter a DSGVO or Article 9 paragraph 2 letter a DSGVO and thereupon there is no other legal basis for the processing; you object to the processing pursuant to Article 21 paragraph 1 DSGVO and there are no prior legitimate reasons for the processing or you object to the processing pursuant to Article 21 paragraph 2 DSGVO; the personal data have been unlawfully processed; the erasure of the personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which they are subject; the personal data have been collected in relation to Information Society services offered pursuant to Article 8(1) DSGVO. We are obliged to delete the data upon presentation of the conditions, unless the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims. Right to limitation of processing, Art. 17 DSGVO You have the right to demand from us the restriction of the processing insofar as the accuracy of the personal data is disputed by you, but only for the duration which enables us to verify the accuracy of the data; the processing is unlawful and you do not immediately want the deletion of your personal data, but instead demand the restriction of the use of the personal data; we no longer need the personal data for the purposes of processing, but you need it for the assertion, exercise or defence of legal claims, or you have lodged an objection against the processing in accordance with Article 21 paragraph 1 DSGVO, as long as it is not yet clear whether the legitimate reasons on our part outweigh you. Insofar as processing is restricted, we may process your personal data – apart from its storage – only with your consent or for the assertion, exercise or defence of legal claims or to protect the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State. You shall be informed again before the restriction is lifted. Right to data transfer Art. 20 DSGVO You have the right to receive your personal data which you have provided to us in a structured, common and machine-readable format or to request transfer to another responsible person. Right of objection Art. 21 DSGVO Pursuant to Art. 21 DSGVO, you have the right to object to the processing of your personal data if it is processed on the basis of a legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO. However, this only applies if there are reasons arising from your particular situation or if the objection is directed against direct marketing. Right of revocation Art. 7 para. 3 DSGVO You have the right to revoke your consent given to us pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO at any time. This revocation applies exclusively to future use. You have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or our registered office, if you are of the opinion that the processing of your personal data violates the Basic Data Protection Ordinance. To the extent that you wish to exercise your rights, you may also do so by sending an e-mail to firstname.lastname@example.org .
5. data security
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and also by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. In addition, we have taken precautions in the form of technical and organizational measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties.
6. topicality and change of this data security explanation
This privacy statement is currently valid and as of July 2019. To ensure that our privacy statement always complies with current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection declaration has to be adapted due to new or revised services, for example new services. The new data protection declaration will then take effect the next time you visit our website. Our data protection declaration is available to you at https://www.finbc.de for viewing and printing at any time.
7. complaints and warnings
Should you feel that your rights have been infringed or otherwise disadvantaged, we ask you to inform us of this yourself. You will then receive a personal, individual reply. As part of your duty to minimise damage, we would like to point out that costs will not be borne by a lawyer appointed out of court by you without prior contact with us. There is expressly no will on our part that you instruct an attorney with a cease-and-desist request, delivery of a punishment-reinforced cease-and-desist declaration. Consequently, it is not possible to rely on a presumed will.