Thank you for visiting the websites of the Haufe Group. Protecting your personal data is very important to us. The purpose of this privacy policy statement is to inform you about how your personal data is handled when you visit our websites, and about your rights in this regard.
We are the
Haufe Service Center GmbH
A Haufe Group Company
Munzinger Straße 9
79111 Freiburg
Germany
Email: service@haufe.de
and as a “controller” in the sense of the GDPR, we are responsible for protecting your personal data. Our data protection officer, Raik Mickler, will be happy to assist you with any questions you may have about data processing, your rights, or this privacy policy statement. He can be reached at: dsb@haufe-lexware.com
This section explains what data is collected when you visit our websites, the purposes for which it is processed, the legal basis on which the data is processed, what options you have to control the collection and processing of the data yourself, and when the data is deleted.
A. Log files
Data collected:
When you visit our website, your browser automatically transmits the following data to us:
• Your IP address
• The website you are coming from
• Websites that you access from our site
• The pages you click on, and
• Time when the page was accessed
• Name of your Internet service provider
• Your browser type and version
• The operating system used on your device
• The date and duration of your visit.
Purposes for which the data is processed:
Temporary storage of this data is necessary to display the website on your computer and to ensure that the website functions properly. We also use this data to compile statistics about how our websites are used. Another reason for collecting this data is to track and prevent unauthorized access to the web server and any improper use of the web pages, and to secure our information technology systems.
Legal basis:
We temporarily store this data on the basis of legitimate interests (Art. 6 (1)(f) GDPR). It is in our legitimate interest to achieve the purposes described above.
Storage period and control options:
The data is deleted when it is no longer needed to achieve the described purposes. Log files are deleted after a maximum of 90 days.
B. General information about cookies and targeting technologies
Data collected:
Our website uses “cookies”, which are small text files that are stored on your device. Cookies typically contain a unique character sequence called the cookieID which can be used to identify your browser the next time you visit our website.
We also use “tags”, i.e. small pieces of code with which we can measure our users’ behavior and determine the success of our advertising activities.
Depending on the type of cookies or tags used, different types of data are collected and processed after pseudonymization.
We use both our own cookies and cookies from other providers (third-party cookies). The third-party cookies are described in detail below, in Section 2 C.
Purposes for which the data is processed:
Some cookies are technically necessary for the functioning of our websites. Certain functions used on our websites cannot be offered without the use of cookies.
Functionality cookies are used to make our websites more user-friendly and to ensure that certain functionalities are available, e.g. the ability to consistently display the shopping cart icon from one page to the next with the number of items in your cart, or storage of your login data so that you can have access to the data and settings you have already entered when you return to the page.
Analysis cookies and tags enable us to generate overall statistics, e.g. the number of times a given page has been accessed, which areas of our pages are most frequently viewed, and information on locations and the average amount of time spent on each page. This helps us to improve the quality of our websites and their content.
Advertising cookies and retargeting technologies enable us to provide you with offers and information tailored to your specific needs. This helps us to provide you with a more interesting experience at our websites, and to reach out to you on other websites with personalized advertising based on your interests.
Legal basis:
We use technically necessary cookies and functionality cookies on the basis of legitimate interests (Art. 6 (1)(f) GDPR). It is in our legitimate interest to ensure that our websites function as intended and to provide optimal usability for visitors to our websites.
We use analytics cookies and advertising cookies, as well as tags and retargeting technologies on the basis of legitimate interests (Art. 6 (1)(f) GDPR, Recital 47). It is in our legitimate interest to tailor our websites to our customers’ specific interests.
Storage period and control options:
Some of the cookies we use are automatically deleted after closing the browser (so-called session cookies), while others are stored permanently on your device and enable us to recognize your browser (so-called persistent cookies).
You have full control over the use of cookies and can delete cookies in your browser, completely deactivate the storage of cookies, or selectively accept certain cookies. Use your browser’s help function to learn how you can change these settings. Note that such changes may limit the functionality of our websites.
C. Third-party cookie and tracking technologies
Econda:
Data collected:
We use solutions and technologies from econda GmbH, Eisenlohrstraße 43, 76135 Karlsruhe, Germany (“Econda”). Econda uses cookies to create pseudonymous user profiles that persist across multiple pages. To do this, data is collected so that your browser can be recognized. Your IP address will be made unrecognizable immediately upon receipt to prevent it from being associated with user profiles.
Purposes for which the data is processed:
We use Econda to optimize our websites and adapt them to our users’ needs.
Legal basis:
We use Econda after you have given your consent. When you visit our website, we obtain your consent via the cookie banner at the bottom edge of the page.
Storage period and control options:
Econda stores this data and deletes it regularly.
You can block Econda from collecting and processing your data by configuring your browser settings accordingly, or through this link.
Facebook:
Facebook-Pixel and Facebook Custom Audience (Remarketing)
Data collected:
On our website we deploy the so-called "Facebook pixel" of the company "Facebook" (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland). The Facebook pixel enables us to classify the visitors to our website into specific target groups in order to be able to display corresponding advertisements ("ads") on Facebook. The data collected (e.g. IP addresses, information about the web browser, the location of the website, buttons clicked, pixel IDs if applicable and other features) cannot be viewed by us, but can only be used within the scope of the display of certain advertisements. Within the scope of using the Facebook pixel code, so-called cookies are also used.
If you have a Facebook account and are signed in, your visit to this website will be associated with your Facebook user account.
We also partly utilise the remarketing function "Custom Audiences" of the company "Facebook". This enables users of the Site to display interest-based ads ("Facebook Ads") when visiting Facebook or other websites that also use this method. In this respect, we pursue your interest in displaying advertisements that correspond to your interests in order to make our website more appealing to you.
In order to exchange the respective data, your browser automatically establishes a direct connection with the Facebook server. We have no control over the extent and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our state of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding website of our website or clicked on an advertisement from us. If you are registered with a "Facebook" service, "Facebook" may assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible for the provider to trace and store your IP address and other identification features.
Insofar as you have consented to this, we may forward your telephone number or e-mail address to "Facebook" in order to be able to display advertisements corresponding to your interests.
To find out how Facebook pixel is deployed for advertising campaigns, please visit https://www.facebook.com/business/learn/facebook-ads-pixel
For more information about Facebook's privacy policy, please visit https://www.facebook.com/policy.php
For more information about Facebook's data processing practices, please visit https://www.facebook.com/about/privacy
Purposes for which the data is processed:
We employ these functions in order to be able to provide you with advertising offers corresponding to your interests.
Legal basis:
We process your data on the basis that you have consented to this or that we have a legitimate interest in processing the data pursuant to Art. 6 para. 1, sentence1 (a) and (f) GDPR.
Storage period and control options:
We store your data as long as we require it for the respective purpose (display of interest-based advertising) or provided you have not objected to the storage of your data or revoked your consent.
The deactivation of the function "Facebook Custom Audiences" is possible for logged in users at
https://www.facebook.com/settings/?tab=ads#_
If you are logged in to Facebook you can adjust your ad settings in Facebook at
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Google:
Data collected:
Google Analytics: On our websites, we use Google Analytics, a web analyticss ervice provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin4, Ireland ("Google"). Google Analytics stores cookies on your device that make it possible to evaluate your use of our websites.
To do so, Google collects various data, including data to uniquely identify your browser and information about when and how often you have visited our websites, how much time you have spent on our websites, and how you have interacted with our websites (more information available here).
We have added the code "get._anonymizeIP();" to Google Analytics. This causes Google to shorten your IP address, thereby allowing for anonymous analysis. IP addresses are shortened within the EU or the European Economic Area. Only in exceptional cases is the full IP address sent to a Google server in the United States and shortened there. The IP address sent by your browser for Google Analytics is not merged with other Google data. The data collected through the use of cookies is usually transmitted to a Google server in the United States and stored there. Google shares data with third parties if permission has been given, if necessary for legal reasons, or to have the third parties process this data on Google's behalf.
Google Remarketing and DoubleClick: We use Google Remarketing and Google DoubleClick. This technology uses cookies to track how you use our website, and to help us recognize your browser when you visit websites that are part of the Google advertising network. To do this, the Google Analytics tracking code uses so-called DoubleClick cookies in addition to the usual Google Analytics cookies. DoubleClick cookies collect data about which third-party websites you have visited in the Google Display Network, and which ads you have clicked on. Data from first-party cookies (e.g. Google Analytics cookies) is also linked with data from third-party cookies (e.g. Google cookies for display preferences). This allows us to evaluate how advertisements are displayed and how you interact with them.
Google AdWords Conversion Tracking: We use Google AdWords Conversion Tracking. This technology stores cookies when you interact with one of our advertisements, e.g. by clicking on it. The cookies are then used to analyze what happens after you interact with an ad, such as whether you bought our product, accessed the ad from a cell phone, downloaded our app, or subscribed to a newsletter.
Google Tag Manager: Google Tag Manager is a solution that we use to manage web page tags from an interface (allowing us to integrate f. e. Google Analytics, or other Google marketing services, into our online offering). The tag manager itself (which implements the tags) does not process personal information. With regard to the processing of personal data, reference is made to the information relating to the respective Google services. The Google Tag Manager usage policy can be viewed here: https://www.google.com/intl/de/tagmanager/use-policy-html
Google reCAPTCHA: We use Google's reCAPTCHA service in some of our forms. For this service, Google collects certain data to determine whether a human being or a machine is accessing our websites; this data may include your IP address, your screen and window resolution, your browser’s language settings, the time zone where you are located, the browser's user agent and what browser plugins you have installed. We have added the code "get._anonymizeIP();" to this service. This causes Google to shorten your IP address. For more information about shortening IP addresses, see the explanation of Google Analytics above.
Google Signals: In parts we also use the function Signals of Google Inc.’s. Google Signals recognizes single users across different devices (so called Cross Device Tracking). As a result we receive anonymized data in report form. The reports show patterns in user behavior.
The function is only activated, if you
1. have a Google account,
2. are logged in to this Google account while using the according Haufe Group websites,
3. and have activated the option ‘Ads personalization’ in your Google account’s Ads Settings.
Purposes for which the data is processed:
Google Analytics: Google uses the data collected via Google Analytics on our behalf in order to evaluate how our websites are used, compile reports on website activity, and to provide other services relating to website and Internet use.
Google Remarketing and DoubleClick: We use this technology to display ads relevant to your interests on other sites in the Google advertising network. These ads relate to content that you have previously viewed on our websites.
Google AdWords Conversion Tracking: We use this technology to improve our offerings.
Google Tag Manager: We use this service to create, deploy and manage tags on our website.
Google reCAPTCHA: We use this service to distinguish whether the data entered in one of our web forms was entered by a human being or illegitimately by an automated process, which in turn helps us to protect our information technology systems.
YouTube: We use YouTube to embed videos on our websites.
Google Maps: We use Google Maps to make it easier for you to find our location, in which we have an interest. This is also the purpose of the data processing.
Google Signals: We are using the technology to recognize users across different devices. Thus we are able to present you interest based advertisements.
Legal basis:
We use the Google products listed above after you have given your consent. When you visit our website, we obtain your consent via the cookie banner at the bottom edge of the page.
We use Google reCAPTCHA on the basis of legitimate interests (Art. 6 (1)(f) GDPR). It is in our legitimate interest to prevent misuse of our forms and to protect our information technology systems.
Storage period and control options:
The data that is collected by these Google functions is stored and deleted regularly.
You may prevent the use of cookies by configuring the appropriate settings on your browser.
You can also prevent Google from collecting and processing this data by downloading and installing the browser add-on available at this link.
Google Dynamic Remarketing and DoubleClick and Google AdWords Conversion Tracking: You can refuse the storage of cookies and the associated data processing by deactivating personalized ads in your ad settings. You can deactivate the use of cookies by third-party providers through the Network Advertising Initiative’s opt-out page. DoubleClick cookies can also be deactivated by installing a browser plugin.
Note that such changes may limit the functionality of our websites.
For more information, see the Google Privacy Policy Statement.
Eloqua (Oracle):
Data collected
We use the service Eloqua of the provider ORACLE Deutschland B.V. & Co. KG, Riesstrasse 25, 80992 Munich. Eloqua sets a permanent cookie on your browser respective registration website.
Purpose for which the data is processed:
We use Eloqua to analyse the use of our websites so that we can continually improve them.
Legal basis:
We use Eloqua if you have consented to this. We obtain your consent when you call up our websites via the cookie banner, Art. 6. para. 1 lit. a DSGVO.
Storage period and control options:
Eloqua stores your data and this deleted regularly. You can prevent the collection and processing of data by Eloqua by making the appropriate setting in your browser or via the following link.
For more information, see Oracle's privacy policy.
LinkedIn Insights Tag:
Data collected:
On this website we use the LinkedIn Insight Tag. The LinkedIn Insight Tag creates a LinkedIn „Browser Cookie“, which collects the following data:
- IP address,
- time stamp,
- page Activities,
- demographic data from LinkedIn, if the user is an active LinkedIn user.
Purpose of data processing:
We process your data to rate campaigns and gather information about website visitors who may have reached us through our LinkedIn campaigns.
Legal basis:
We process your data because you have consented to this or because we have a legitimate interest in processing the data, Art. 6 para. 1 sentence 1 lit. a. and f EU-GDPR.
Storage duration and control options:
We save your data as long as we need them for the respective purpose (campaign evaluation), as long as you have not objected to the storage of your data or have revoked your consent.
The collected data is encrypted. More information can be found here. Here you will find the LinkedIn privacy policy, as well the LinkedIn Opt-Out.
Lead forms
If you submit a so-called lead form on the LinkedIn website, we process your personal data in order to be able to provide the information you have requested. Subject to you consent, we will transfer the information you enter in the lead form to our customer database (CRM system) and link it to any other information you provide, in order to provide you with future offers that suit you preferences. If you have consented to this, you may revoke the relevant use of your data at any time. You may revoke your consent at any time:
1. In repect of your LinkedIn data within 90 days click here;
2. In respect of the data stored at Haufe at any time by email to dsb@haufe-lexware.com
Microsoft:
Data collected:
Bing Universal Event Tracking: We use Bing Universal Event Tracking (“UET”), a service of Microsoft Corporation, One Microsoft Way, Redmond WA 98052-6399, USA (“Microsoft”). When you access our websites through ads provided by Bing Ads, a cookie is placed on your computer. In addition, a UET tag is integrated on our websites. A UET tag is a code that is used together with the cookie to store pseudonymized data about how the website is used. In combination with the cookie, the tag records pseudonymized data to track what actions you perform on our websites after clicking on an ad from Bing Ads. The data collected include the amount of time spent on the website, which areas of the website were viewed, and what ad led you to the website. In addition, Microsoft can use cross-device tracking to track your usage across multiple electronic devices. The collected data is sent to a Microsoft server in the United States.
Bing Webmaster Tools: Bing Webmaster Tools from Microsoft stores both cookies and so-called “beacons” on your computer. Beacons, or tracking pixels, are small invisible graphics that can be used to register whether a web page has been accessed.
Purposes for which the data is processed:
Bing Universal Event Tracking: UET enables us to track your activities on our websites when you have accessed our websites via ads from Bing Ads; this, in turn, enables us to improve our online offerings. Cross-device tracking enables Microsoft to display personalized advertising.
Bing Webmaster Tools: This tool allows Microsoft to provide its Bing services and to optimize search results.
Legal basis:
We use Bing Tracking Tools after you have given your consent. When you visit our website, we obtain your consent via the cookie banner at the bottom edge of the page.
Storage period and control options:
Microsoft stores the data for a period of no more than 180 days. You can prevent your data from being collected and processed by deactivating the use of cookies. Note that such changes may limit the functionality of the websites in question. You can use this link to deactivate cross-device tracking.
For more information on Bing’s analytics services, please visit the Bing Ads website. For more information on data privacy at Microsoft and in Bing, see the Microsoft Privacy Statement.
Social plugins:
We use social plugins from the following social media sites:
• Facebook, which is operated by Facebook Inc, 1601 S. California Ave, Palo Alto CA 94304, USA (“Facebook”).
• Twitter, which is operated by Twitter Inc, 795 Folsom St., Suite 600, San Francisco CA 94107, USA (“Twitter”).
Instagram, which is operated as a product of Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA
LinkedIn, which is operated by LinkedIn Corporation, 1000 W. Maude Ave, Sunnyvale, California 95085, USA ("LinkedIn").
XING, which is operated as a product of New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.
When you visit a website that contains one of these plugins, your browser establishes a direct connection to the servers of the associated social media site. This integration provides the social media site with information about the website you have visited, even if you do not have a user profile or are not currently logged in. If you are logged in, Facebook can associate the website visit to your Facebook account. When you interact with the plugins, the associated information is sent to the social media site and stored there. Your IP address is stored in shortened form. Once collected, the data is transmitted directly from your browser to one of the social media site’s servers in the United States and stored there.
Purposes for which the data is processed:
The social plugins allow you to share website content on social media sites.
Legal basis:
We use social plugins after you have given your consent. When you visit our website, we obtain your consent via the cookie banner at the bottom edge of the page.
Storage period and control options:
You can block social media sites from collecting and processing your data by configuring your browser settings accordingly.
If you do not want social media sites to directly associate the information collected through our websites with your user profile, you must log out before visiting our websites. For more information, see the Facebook and Twitter, Instagram, LinkedIn and XING privacy policy statements.
Usercentrics:
Data collected:
We use the consent management service Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany ("Usercentrics"). Usercentrics is used on the website as a processor for the purpose of consent management.
The following data is collected: opt-in and opt-out data, referrer URL, user agent, user settings, consent ID, time of consent, consent type, template version, banner language.
Purposes for which the data is processed:
We use Usercentrics to comply with the legal obligations of consent storage.
Legal basis:
We use Usercentrics to comply with our legal obligation, Art. 6 para. 1 p. 1 lit. c DSGVO.
Storage period and control options:
The consent data (consent and revocation of consent) is stored for three years. The data will then be deleted immediately.
For more information, please see the Usercentrics privacy policy.
This sections explains what data is collected and processed when you contact us, order a newsletter or open an account; for what purposes and by which recipients it is processed; on what legal basis the data is processed; and when the data is deleted.
A. Contacting us
Data collected:
When you contact us through a contact form or via email, we collect and process the data you provide, such as your contact information, your name and your request. All data that you share with us is transmitted from your browser to our server in encrypted form.
Purposes for which the data is processed:
Data processing is performed by our customer service department or by service providers working on our behalf, exclusively on the basis of your request and in order to process that request.
Legal basis:
We process your data for the implementation of precontractual and contractual measures that are performed at your request (Art. 6 (1)(b) GDPR).
Storage period:
We store your data for as long as we need it for the specific processing purpose, or to guarantee or comply with statutory retention periods.
Transfers to third countries:
We deploy, among others, the service provider Salesforce.com (salesforce.com EMEA Limited, Company No. 05094083, registered in England; Floor 26 Salesforce Tower, 110 Bishopsgate, EC2N 4AY London; UK) for the administration of your data.
In principle Data is processed in European data centres, data mayalso be transmitted to third countries such as the USA whilst undertaking maintenance and support measures. In order to ensure that your data is adequately protected in such cases, we have obligated the service provider Salesforce Inc. to ad here to a data protection level that complies with EU law, using the corresponding EU standard contractual clauses for the transfer of personal data to processors established in third countries.
B. Customer surveys
Data collected:
For online surveys, we use the services of Netigate Deutschland GmbH, Untermainkai 27-28, 60329 Frankfurt am Main, Germany. Netigate processes the information provided by users for the sole purpose of evaluating surveys on our behalf, and as long as no personal data is requested, such as names or email addresses, it stores the information anonymously, i.e., in particular, without the users’ IP addresses. If personal data (e.g. name, mailing address, company, etc.) that goes beyond the topic of the survey is also requested in connection with the survey, we point out separately in connection with the survey that the data in question is additional, voluntarily provided data that we collect and use.
Purposes for which the data is processed:
We use Netigate to optimize our products and services and adapt them to our users’ needs.
Legal basis:
We use Netigate when you complete a questionnaire that uses this service. By submitting your answers, you give your consent.
Storage period:
For surveys with personal data, the personal data is automatically deleted after 13 months.
C. Newsletters
Data collected:
When you subscribe to our newsletter, we collect and process the data you provide, such as your name and email address.
Newsletters that contain Eloqua technologies use tracking technologies. These technologies are used to collect information about whether our emails are opened and which links you click on.
Purposes for which the data is processed:
We process the data so that we can deliver the newsletter to you.
We use the data collected through Eloqua to find out which topics are of interest to you. We then use this information to improve the emails that we send you and the services we provide, and to link them to existing tracking or profiling information.
Legal basis:
After you register for a newsletter on one or more particular topics, we process your data with your consent so that we can keep you informed about the selected topics via email, as well as sending you relevant ads. Our approach here is based on the double opt-in principle, i.e. when you order a topic newsletter on our website, we send you a confirmation email with a registration link. Only after clicking on this link will you be added to our newsletter list.
We use Eloqua with your consent.
If we have obtained your email address in connection with the sale of a product, we use it to send you information about similar products on the basis of legitimate interests (Art. 6 (1)(f) GDPR). It is in our legitimate interest to address you directly with our advertising.
Storage period:
We store your data for as long as we need it for the specific processing purpose.
A. Revocation of consent
If you have consented to the processing of your personal data, you can revoke that consent at any time with future effect. Note that such revocation has no effect on the legality of previous data processing, and that it does not extend to data processing for which a statutory justification exists, and which may therefore take place even without your consent.
B. Additional rights of data subjects
In addition, you have the following rights as a data subject under Articles 15 to 21 and 77 of the EU General Data Protection Regulation (GDPR), provided that the statutory requirements are met:
Information:
You can request at any time that we provide you with information as to which of your personal data we process and how, and that we provide you with a copy of the stored personal data that relates to you, Art. 15 GDPR.
Correction:
You can request the correction of incorrect personal data and the completion of incomplete personal data, Art. 16 GDPR.
Deletion:
Regarding the deletion of your personal data: Please note that the right to deletion excludes data that we require for the execution and processing of contracts, and for the assertion, exercise and defense of legal claims, as well as data for which statutory, regulatory or contractual retention requirements apply, Art. 17 GDPR.
Restriction of processing:
Under certain circumstances, you may request that processing be restricted, e.g. if you believe that your data is incorrect, that the processing of your data is unlawful, or if you have objected to the processing of your data. The result of such a request is that your data may only be processed to a very limited extent without your consent, e.g. for the assertion, exercise and defense of legal claims or to protect the rights of other natural and legal persons, Art. 18 GDPR.
Objection to data processing:
You have the option to object at any time to data processing for purposes of direct advertising. In addition, if special reasons apply, you can object at any time to data processing on the basis of a legitimate interest, Art. 21 GDPR.
Data portability:
You have the right to receive the data that you have provided to us, and that we process based on your consent or in order to fulfill a contract, in a common, machine-readable format and, to the extent that this is technically feasible, to request that this data be transmitted directly to third parties, Art. 20 GDPR.
C. How to contact us
You can exercise your rights via the following contact channels:
Haufe Group
Mr. Raik Mickler
Data protection officer
Munzinger Straße 9
79111 Freiburg (Germany)
Email: dsb@haufe-lexware.com
You can also revoke your consent to receive the newsletter at any time by clicking the corresponding link in each newsletter.
D. Right of appeal to a regulatory authority
If you believe, for example, that our data processing is unlawful or that we have not protected the rights described above to the required extent, you have the right to file a complaint with the competent data protection authority.
Revision: March 2021
All data processing operations for personal data (collection, processing and use)
by Haufe Group strictly comply with the statutory data protection regulations.
We collect, process and use personal data, among other things, to carry out
orders to provide services and to execute the content and functionality of our
products, websites and services, as well as to continually improve, only
insofar as you have consented to herein, for purposes of advertising and market
research.
This Privacy Statement is to inform you about how we handle your personal data. It
applies to the collection, processing and use of personal data in the context
of the use of the websites of the Haufe Group, including the various shops. In
addition, it also applies to our products which are retrievable via our online
websites of the Haufe Group - possibly after registration and login for the
product. The concept of online products includes such products as Software as a
Service (“SaaS”). This means that the product is not stored on the personal
computer of the user as software. Rather, the software can be accessed via the
internet, so that the services can be provided as required. Finally, this
Privacy Statement also applies to the Haufe Group for their websites or
external app stores and retrievable Mobile Apps.
Only with your separate
agreement to this Privacy Statement (for example, by clicking a checkbox on a
web page that refers to this Privacy Statement), do you give your consent that
the relevant responsible entity uses the data collected on your web pages for
the purposes of advertising and market research on the websites.
In the following cases, we require personal data:
We store personal data primarily for business and order processing. For this purpose, we
disclose personal data to third parties who act for, or on behalf of, the
companies in the Haufe Group (section 11 BDSG [German Federal Data Protection
Act], so-called order data management). This is, for example, when suppliers
send you your order directly from the factory. These companies are not
authorized to use the data released by us for purposes other than those of
which we will inform you in this declaration.
We point out that, insofar that we go into an advance payment, e.g. when making a purchase on account, the
data entered on a webshop by you (e.g. name and address) will be, if necessary,
transmitted to the credit reference agency creditreform, to protect our legitimate
interests by obtaining a forecast of the probability of payment / credit
information. We obtain, from the creditreform, credit information in the form
of probability values that are based on scientifically recognized mathematical
and statistical methods, including the involvement of address data, in order to
help us. We use the information obtained concerning the statistical probability
of default for a balanced decision on the creation, implementation or
termination of the contractual relationship.
Creditreform
Our company regularly reviews your credit standing when a contract is concluded, and in certain cases where there is a legitimate interest. For this we cooperate with Creditreform Freiburg Zimmermann KG, Jacob-Burckhardt-Str. 15-17, 79098 Freiburg, who is providing the necessary data. For this purpose, we are sending your name and contact details to Creditreform Freiburg Zimmermann KG. Further information on the data processing at Creditreform Freiburg Zimmermann KG is available at the following website: https://www.creditreform.de/freiburg/datenschutz
For the rest, we reserve the right to collect and use, for the purpose of deciding on the establishment,
implementation or termination of a contract, probability values to your future
ability to make payment, and to entrust agencies with the calculation of such
probabilities using scientifically recognized, mathematical and statistical
methods. For this purpose, the data you provide for an address will also be
used (but not exclusively). Your concerns will be considered in accordance with
the statutory provisions.
The processing and use of personal data is necessary in particular for the exclusive personal access to
order processing (“My Account”) or for subscribed online products, in order to
determine, for example, individual user settings and to modify them. Access to
this information is protected by a personal customer login and password.
To prevent the misuse of our internet services, communities and forums, when you visit our internet
offers, we collect several standard sets of data (such as IP address, time and
duration, operating system, browser, page view).
Only to the extent that you have, in addition, agreed by placing a tick in a checkbox herein separately,
will we send different newsletters to you, to inform you about the issues that
you are interested in. You may revoke, at any time, your consent to the sending
of the newsletter by an order of revocation, which will be shown at the end of
every newsletter with a link.You may revoke the collection, processing or use
of your personal data for the purpose of sending newsletter also, as described
under 2.
Responsible party and service provider of this website is the company Haufe Group as given in the
Legal Notice. If, hereinafter, the terms “we”, “us” or “Haufe Group” are mentioned,
this company is meant. By clicking on the link that carries the name “Legal
Notice” and is placed at the bottom of this statement, you can select the Legal
Notice with further information.
The Haufe Service Center GmbH processes all personal data centrally for Haufe-Lexware GmbH & Co. KG
and affiliates of the Haufe Group, as a data processor. A transfer of personal
data within the Haufe Group and to order service providers (suppliers, letter
shops) as a data processor will only take place in accordance with the
provisions described herein, and is exclusively earmarked.
In the context of data exchange between us and the other Group companies in the Haufe Group, Haufe may
allow a data transfer to other European countries. All Group companies of the
Haufe Group have an adequate level of data protection within the meaning of
sections 4b, c BDSG (German Federal Data Protection Act). All Group companies
of the Haufe Group have an adequate level of data protection within the meaning
of sections 4b, c BDSG (German Federal Data Protection Act).
With the use of your data for advertising and market research purposes we, and the other Group companies
of the Haufe Group, will process and use your personal data and other
information that we obtain from you, in particular, first name, name, address
and e-mail address, to distribute interesting offers and to personalize your
shopping experience with us individually, as well as to continuously improve
our service.
If, and when, we have received your express permission for this, we and the other Group companies of
the Haufe Group will also use your data to send you personalized offers and
information, and newsletters about products, services and marketing offers by
e-mail.
These consents can be revoked at any time for the future.
You can object or revoke your consent regarding the collection, processing or use of your personal data
for the purposes of advertising, or market and opinion research
Haufe Service Center GmbH
Munzinger Straße 9
79111 Freiburg
E-Mail: service@haufe.de
at any time by sending an informal message. Upon receipt of your objection or revocation, this data is no
longer used for advertising, marketing or opinion research purposes.
To protect the personal
data of our customers, we use a secure online transmission method, the
so-called “Secure Socket Layer” (SSL) transmission. This transfer method is
supported by most browsers. All data transmitted using this secure method is
encrypted before it is sent. Your personal data will be processed solely using
security technology, in industry standard (e.g. firewalls, password protection,
access control, etc.), protected data centers and computers.
We only retain personal data for as long as is necessary for the purposes for which it was collected or
to satisfy legal requirements on reporting, or document retention.
Please note that, in this context, the employee / Haufe Group are not entitled, by phone or in writing,
to retrieve your password from you. Therefore, never give your password if you
receive such a request. Please note, for the security of your own data, the
generally accepted rules when choosing your password, and do not transmit
passwords by e-mail, but these changes directly online within our internet
offer.
The processing of data that is subject to the legal profession data protection act (e.g. patient data,
client data for legal and tax counseling professions), by external service
providers may require the consent of the patient or the client. The customer is
responsible for ensuring that such a consent is mandatory and, if so, that the appropriate
consent declaration is available.
During the execution of SaaS solutions, we can gain access to personal data. In the processing and use
of personal data, we may act on a commissioned basis, and are, in accordance
with section 11 BDSG (German Federal Data Protection Act), obliged to strictly
follow the instructions from the client. The instruction must be in writing.
For the admissibility of data collection, processing and use, and for the
exercise of the rights of those affected, the customer is responsible.
We can assign access permissions to the data made available, only to our own employees to the extent
necessary for their particular task. If one of our employees leaves the
company, or there is a change in activity, with the consequence that the
employee does not require access to the data of the user, the access rights of
this employee are to be deleted immediately.
We undertake to make any copies or other records of the available personal data transferred for
processing, or to tolerate such by a third party, or to transfer this to a
third party. This does not include copies or other records that are absolutely
necessary in the course of proper data processing.
Outside of the instructions given, we may not allow access to this data released for processing for our own
purposes, or for the purposes of any third party, or allow any third parties
access. If the customer is
obligated by applicable data protection regulations against another person to
provide information regarding the collection, processing or use of data of this
person, we will help to provide this information.
We only use employees and
contractors who are obliged to maintain data secrecy.
We back up all data
effectively, insofar as this is possible at a technically and economically
acceptable cost, against unauthorized access, alteration, destruction or loss,
unauthorized transmission, or otherwise unlawful processing and other abuse. If
another type of threat to the data and SaaS solution cannot be eliminated with
a technical and economical solution of reasonable expense, we reserve the right
to delete the damaged data content. We will notify the customer by e-mail to
the email address provided, of any such intention.
Under the German Federal Data Protection Act, you have a right to free information about your stored
data, and a right to rectification, blocking or deletion of data. Excluded from
this is data for which the rectification, blocking or deletion is in conflict
with statutory or contractual retention periods, as well as data used for the
establishment, content formation or change to your contractual relationship
with us, or data that must be stored for billing purposes.
If you have questions regarding the use of your data set, please contact our Data Protection Officer.
Haufe Group
Herrn Raik Mickler
Datenschutzbeauftragter
Munzinger Straße 9
79111 Freiburg
E-Mail: dsb@haufe-lexware.com
On our website we use so-called cookies (text files which are stored through your visit to a Web page
on the user’s computer) that allow us to make your use of our website as
enjoyable and efficient as possible. Cookies are small data packets generated
by our web server and your computer in communication with the Web server and
are stored on the permanent memory (hard drive, memory etc.) of your device
(computer, smart phone, tablet, or the like).
We use both our own cookies and cookies from other suppliers (so-called third-party cookies). When using
third-party cookies data is collected, processed and used by the respective
provider. On our web site, third-party cookies can be used. If you do not want
to allow this, you may not only make use of your general right of objection
regarding the use of any cookies, but also - without prejudice to - make use of
the special rights of objection regarding the use of the various third-party
cookies.
Of course, you can object
to the use of our cookies and also the third-party cookies at any time, by
setting your browser to not accept cookies. For details of this, please refer
to the help function of your internet browser. However, we would like to point
out that we cannot rule out that some features of our website will not be
(fully) available.
We use session cookies.
With a webshop, for example, this allows for a cross-page shopping cart screen
where you can see how many articles are currently in your shopping cart.
Session cookies are deleted when you close the browser again.
In addition, the use of
persistent cookies is possible to enable us, for example, to store your login
information if you - as is the case in particular for online products - only
select individual web offers after registration with your user name and
password. Then, persistent cookies enable in particular that you can access
your data that you already entered, and settings you made if a web page is
newly selected. Persistent cookies are stored, therefore, for a limited period
and, in particular, serve to make our website more user-friendly, effective and
more secure.
To improve our products,
websites and services further and to align them with demand, we collect
statistical information on user behavior; personal data is either not
submitted, or only in anonymous form if necessary, in accordance with the data
protection regulations. We use the following solutions and technologies.
Specific inputs of the user are not covered here.
For the appropriate design
and the optimization of these websites, solutions and technologies econda GmbH,
Eisenlohr Straße 43, 76135 Karlsruhe, is used to capture and store the
anonymous data and, from this data, to create user profiles using pseudonyms.
For this purpose, cookies may be used that allow the recognition of an internet
browser. User profiles are not merged with information about the bearer of the
pseudonym, without the express consent of the visitor. In particular, IP
addresses are made unrecognisable immediately after receipt, making an
assignment of user profiles to IP addresses not possible. Website visitors may
object to the collection and storage of this data at any time in the future by
clicking
On some of our websites, we use a so-called "cookie banner" to inform you that cookies are being
used. For these banners, we use the "Cookiebot" service by Cybot A/S,
Havnegade 39, 1058 Copenhagen, Denmark. Details about how this service uses
your data can be found
. This service makes it possible to keep track of your consent to the use of cookies, so that the
cookie banner is only shown on your first visit to a Haufe Group website. To
achieve this, the service stores a cookie under both Cookiebot's domain and the
domain of the visited website. The following data are logged and linked to this
cookie: your computer's IP address (in shortened form), date and time of
agreement, the web browser you were using, the URL of the website you visited
and your consent status. Logging this data is a required part of compliance
with § 13 Para. 2 German Telemedia Act (TMG), and therefore cannot be revoked.
Furthermore, some of our
web pages offered contain advertisements or job offers of third parties for
whom we are not responsible. We do not transmit any personally identifiable
customer information to these companies. However, these companies sometimes use
technologies through which your IP address will be automatically transmitted.
These and other technical means are used to measure the effectiveness of
advertising / job offers or to make their content more personal. We have
neither access nor control over the technologies used. The handling of data by
these third parties and those web pages is not covered by this Privacy Statement.
Please get in direct contact with these companies in order to learn about their
privacy statements.
Our internet offer alsointegrates browser plugins and links to social networks (e.g. Facebook, XING,
Google Plus, LinkedIn, Twitter). These social networks are operated solely by
third parties which have their registered office, in part, outside of the EU or
the EEA - an adequate level of data protection acc. to § § 4b, 4c BDSG may,
therefore, not exist. The browser plugins and links are indicated by logos or
other notices in our web offerings. When you visit our web pages which contain
such a browser plugin, a connection will be automatically established between
your device (browser) and the server of the respective social network. In doing
so, the information that you have visited our web page will be forwarded to the
social network. The visit to our web pages will then be associated with your
account if you are logged on to your user account of the social network or log
in while on our web pages. By interacting with browser plugins or links, e.g.
by pressing a “Like” button or leaving a comment, this information will be
transmitted to the respective social network and stored there. The assignment
of the data to your account may be prevented logging out from your account (of
the respective social network) before visiting our web pages.
Please find purpose and scope of data collection through social networks and the local further
processing and use of your data as well as your rights in this respect and
settings options for protecting your privacy in the respective Privacy
Statements of the operators:
Facebook: HTTP://WWW.FACEBOOK.COM/POLICY.PHP
Provider: Facebook Inc., 1601 Willow Road, Nelo Park, CA 94025, USA
XING: HTTPS://WWW.XING.COM/PRIVACY
Provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland
GooglePlus: HTTP://WWW.GOOGLE.COM/INTL/DE/PRIVACY/
Provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ~C
LinkedIn: HTTP://WWW.LINKEDIN.COM/LEGAL/PRIVACY-POLICY
Provider: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA
Twitter: HTTP://TWITTER.COM/PRIVACY/
Provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
in our Internet sites. This makes it possible to track users’ behavior after they click on a Facebook ad
and are redirected to the provider’s website. This process allows us to
evaluate the effectiveness of Facebook ads for statistical and market research
purposes, and can help to optimize future advertising activities.
The data we collect are anonymized, and therefore cannot be used to determine
users’ identities. These data are saved and processed by Facebook, however.
Therefore, it is possible to trace them back to the user’s profile, allowing
Facebook to use the data for its own advertising purposes in accordance with
Facebook’s data use policy (
. Your data may be used to
let Facebook and its partners activate advertisements on Facebook and
elsewhere. A cookie may also be saved on your computer for this purpose.
Only users older than 13
years of age can consent to the use of the user action pixel. If you are
younger than this, please ask a parent or guardian for permission.
Purpose and Scope of the Collection, Processing and Use of Personal Data: If you want to use the
services of one of our Mobile Apps e.g. via smart phone, to be able to carry
any of our products on the go, it is necessary for the use of the functions of
the respective Mobile App that data be collected, processed and used. Depending
on the type of Mobile App, this may also involve a collection, processing or
use of sensitive data, such as financial data. This holds especially true for
the Quicken Mobile App, which processes information about your income and
expenses, accounts and account balances and transfers and also allows the input
of TANs for online banking. Due to the sensitivity of such data, it is
imperative that you protect your device against unauthorized access and you be
cautious that no unauthorized third party can gain access to this data
obtained. In that regard, please also note the safety instructions of the BSI
on THEME ONLINE-BANKING.
Your input to use the
mobile app of (personal) data is will be stored and processed in data centers
of our provider. The provider uses the information only for the provision of
the services. These includes in particular maintenance and repair work. In
carrying out this work, it cannot be excluded in every case that the relevant
employees of the provider or its subsidiaries and subcontractors will gain
knowledge of your (personal) data. In this case, your data may be collected,
processed and used in countries outside of the European Union and the European
Economic Area.
As a precaution, we would like to point out that, when using our products, web offerings and services via
so-called mobile devices (smart phones, mobile phones, tablets, etc.), precise
location data may be collected, used and shared, including the geographic location
of your mobile devices. In addition, further data may be collected, processed
and used as part of the conditions of use of your respective telecommunications
provider.
As far as you use online
products from us, the collection, processing and use of (personal) data is
necessary. These fees associated with the use, processing and use of online
products, will be used exclusively for carrying out the functions of the products.
Your input to use an online product of (personal) data will be stored and
processed in data centers of our providers. The providers use the data only for
the provision of the services. These includes in particular maintenance and
repair work. In carrying out this work, it cannot be excluded in every case
that the relevant employees of the provider or its subsidiaries and
subcontractors will gain knowledge of your (personal) data.
In addition, all online
products to improve the application also use their own cookies. You can object
to the use of cookies. To do this, please proceed as explained under 5 above.
Some of our web pages contain hyperlinks to other websites that are not
operated by the Haufe Group. We do not control these websites and are not
responsible for their content nor their handling of personal data.
Due to current circumstances, such as a change in the relevant data protection policy, we will
- if necessary - update this Privacy Policy.
Policy Version as at: June, 21 2019