2. Procedures for periodic review, evaluation and evaluation
The employees of acantra GmbH are instructed in the data protection law at regular intervals and they are familiar with the procedural instructions and user guidelines for data processing on behalf, also with regard to the client's right to give instructions. Every employee is obliged to comply with the data protection requirements of the GDPR * in writing no later than the first day at the beginning of his / her job. Without this declaration, the employee will not be granted access to personal data. In the working environment of the acantra GmbH, the user is offered all possibilities that are necessary to process data in a DSGVO * compliant manner. acantra designs its technology and application in such a way that privacy-friendly default settings are always prepaid. There is a processing directory i. P. D. Art. 30 para. 1, 2 DSGVO * and a sequential assessment process (DSFA), which is carried out on a regular basis and is a permanent component of the evaluation and implementation of new functions within the acantra application.
3. Privacy statements of service partners
acantra GmbH uses cloud-based software from easybill GmbH (https://www.easybill.de) for the commercial processing of all offers, orders, delivery notes, invoices and reminders. easybill processes company and personal data on behalf of acantra GmbH i. P. D. Article 4 (8) and Article 28 of Regulation (EU) 2016/679 - General Data Protection Regulation (GDPR). Within the meaning of the DSGVO *, acantra GmbH has concluded an agreement with easybill GmbH for the protection of the data. This Agreement governs the rights and obligations of the parties in relation to the processing of personal data under the GDPR *. If the term "data processing" or "processing" (of data) is used in this contract, the definition of "processing" i. P. D. Art. 4 No. 2 GDPR. easybill processes personal data exclusively within the framework of the agreements made and / or in compliance with any additional instructions issued by acantra. Exempted from this are statutory provisions that may oblige easybill to process it differently. In such a case, easybill will inform the customer of these legal requirements prior to processing, unless the applicable law prohibits such notification because of a significant public interest. Purpose, type and scope of the data processing are otherwise exclusively based on this contract and / or the instructions of the customer. Any processing of data deviating therefrom is prohibited to easybill, unless acantra GmbH has agreed to this in writing. Acantra GmbH is responsible i. P. D. Art. 4 No. 7 DSGVO * for the processing of data on behalf of easybill. easybill has the right to inform the customer if any data processing that it believes to be illegal is the subject of the order and / or instruction.
The website of acantra GmbH uses the analysis service etracker. Provider is the etracker GmbH, First Brunnenstraße 1 20459 Hamburg Germany. From the data usage profiles can be created under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of your Internet browser. The cookies make it possible to recognize your browser. The data collected with the etracker technologies will not be used without the separate consent of the person concerned to personally identify visitors to our website and will not be combined with personal data about the bearer of the pseudonym. You can object to data collection and storage at any time with effect for the future. In order to counter data collection and storage of your visitor data for the future, you can obtain an opt-out cookie from etracker under the following link, which ensures that no visitor data from your browser will be collected and stored by etracker in the future: https://www .etracker.de / privacy? et = V23Jbb This sets an opt-out cookie named "cntcookie" by etracker. Please do not delete this cookie as long as you want to keep your objection. Further information can be found in the data protection regulations of etracker: https://www.etracker.com/de/datenschutz.html
The website of acantra GmbH uses functions of the web analytics service Google Analytics. Provider is the Google Inc. 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google information. You can prevent the storage of cookies by a corresponding setting of your browser software; However, please be aware that in this case you may not be able to use all features of this website. Contradiction via opt-out widget: You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google, by the under Download and install the following browser plugin: https://tools.google.com/dlpage/gaoptout?hl=de
acantra GmbH uses cloud-based software from dropbox Inc. (https://www.dropbox.com) for the storage of data for service processing. Dropbox Inc. provides a guide to security, compliance and privacy, and is certified to ISO / IEC 27018: 2014 certified privacy practices and complies with EU DSGVO *. Dropbox does not process personal data on behalf of acantra GmbH i. P. D. Article 4 (8) and Article 28 of Regulation (EU) 2016/679 - General Data Protection Regulation (GDPR) *. Acantra GmbH has concluded a contract for the protection of data with dropbox Inc. within the meaning of the DSGVO *. This Agreement governs the rights and obligations of the parties in relation to the processing of personal data under the GDPR *. This Agreement governs the access to and use of the Services and the Software. Customers and End Users may access the Services in accordance with this Agreement. Dropbox personnel with access to customer data are bound by the relevant secrecy agreements. For the transmission, storage and processing of customer data, Dropbox uses industry-standard technical and operational security measures which at least comply with the security measures. These security measures are intended to ensure the integrity of customer data and protect against unauthorized Data Processing. This Agreement represents Customer's instruction to Dropbox to process its Customer Data. Dropbox and its subcontractors process customer data only to provide the Services and to fulfill its obligations under this Agreement. Customer acknowledges that Dropbox and its subcontractors may also transmit, store and process customer information outside the country of residence. Dropbox will notify Customer of any legal requirement that prevents the Company from complying with customer instructions unless Dropbox is prohibited by law or for legitimate public interest. The parties agree that customer data may also include personal information. Which data is included and further information about the processing can be found in the data processing agreement. Dropbox is certified and compliant with the EU-US and Swiss-US Privacy Shield Agreements. In the event that the Privacy Shield Agreements become invalid, Dropbox will take commercially reasonable measures to comply with the terms of any other or any applicable communications agreement. Data Processing Agreement - If customer data is subject to European data protection laws and is processed by Dropbox on behalf of the customer, (I) Dropbox will use and process that customer data as directed by the customer to provide the services and comply with Dropbox's obligations under the Agreement; and (II) Customer agrees to Dropbox, Inc.'s data processing agreement for the transfer of personal information. The data processing agreement only applies to the services, it does not apply to the internet services.
1 & 1 Internet SE provides hosting services on behalf of acantra GmbH. In this context, it can not be ruled out that 1 & 1 Internet SE gains access to personal data or gains knowledge of them. Under Art. 28 DSGVO *, the conclusion of an agreement for processing on behalf of the contract is therefore required. Acantra GmbH has selected 1 & 1 Internet SE as a service provider within the framework of the due diligence obligations of Art. 28 DSGVO *. The precondition for the admissibility of data processing in the order is that the client assigns the contract to the contractor in writing or electronically. This contract contains, according to the will of the parties and in particular of the client, the order processing order i.S.d. Art. 28 para. 3 GDPR * and regulates the rights and obligations of the parties to data protection in connection with the provision of hosting services. Acantra GmbH has concluded such a contract with 1 & 1 Internet SE. The ownership of the personal data lies exclusively with the acantra GmbH as "responsible person" in the sense of the DSGVO *. Due to this responsibility, the client may demand the correction, deletion, blocking and release of personal data during the term of the contract and after termination of the contract.
4. Information, cancellation, blocking
At any time you have the right to free information about your stored personal data, their origin and recipient and the purpose of the data processing and a right to correct, block or delete this data. For further information on personal data you can contact us at any time at the address given in the imprint.
5. Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type / browser version
- used operating system
- Referrer URL
- Host name of the accessing computer
- Time of the server request
These data can not be assigned to specific persons. A merge of this data with other data sources will not be done. We reserve the right to check this data retrospectively, if we become aware of specific indications for illegal use.
The internet pages partly use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser. Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit. You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, the acceptance of cookies for certain cases or generally exclude and enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
7. Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your consent.
8. Contradiction to advertising mails
The use of published in the context of the imprint obligation contact information for sending unsolicited advertising and information materials is hereby rejected. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails. The cancellation of e.g. Newsletters are given.
* "Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of persons and repealing Directive 95/46 / EC".