monaco software - Datenschutz

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation (GDVO) and other data protection laws is:

monaco software
Michael Clausnitzer
Finkenstraße 8
76437 Rastatt

Phone: 07222 200932

Email: info(at)monaco-software.de
Internet: www.monaco-software.de

General information on data processing

Legal basis for the processing of personal data

Pursuant to Article 13 of the GDPR, we inform you of the legal basis for the processing of personal data. If the legal basis is not mentioned in the data protection notice, the following applies: The legal basis for obtaining consents is Article 6(1)(a) and Article 7 of the GDPR. The legal basis for the processing of data for the performance of our services and for the implementation of contractual measures as well as for the response to inquiries is Article 6(1)(b) of the GDPR. The legal basis for the processing of data for the fulfillment of our legal obligations is Article 6(1)(c) of the GDPR. If the processing of personal data is necessary to protect the legitimate interests of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not prevail, Article 6(1)(f) of the GDPR serves as the legal basis for the processing. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Article 6(1)(d) of the GDPR serves as the legal basis.

Deletion of data and storage period

We adhere to the principles of data avoidance and data economy. We store your personal data only for as long as is necessary to achieve the purposes stated herein or as provided for by the legal retention periods. After the purpose has ceased to exist or after these retention periods have expired, the corresponding data will be routinely blocked or deleted in accordance with the legal provisions.

Note on data transfer to third countries

On our website, we also use tools from companies based in third countries (including the USA). If these tools are active, your personal data may be transferred to the servers of the respective companies. The level of data protection in third countries does not generally correspond to that of the EU Data Protection Regulation. There is therefore a risk that your data may have to be disclosed to security authorities in these countries, and that these authorities may process your data for control and monitoring purposes, without you having any legal recourse.

Rights of the data subject

You have the right to obtain information about the origin, recipient and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances. In addition, you have a right of appeal to the competent supervisory authority.

For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time at the contact details given in the imprint.

As a data subject within the meaning of the GDPR, you have the possibility to assert various rights. The data subject rights arising from the GDPR are the right of access (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority and the right to data portability (Article 20).

Right of revocation:

Some data processing operations can only be carried out with your express consent. You have the option to revoke your consent at any time. The lawfulness of the data processing up to the time of revocation is not affected by this.

Right of objection:

If the data processing is based on Article 6(1)(e) or (f) of the GDPR, you as the data subject have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. If we do not demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms or if the processing serves the assertion, exercise or defense of legal claims, we will no longer process your personal data. If the processing of personal data serves direct marketing purposes, you have the right to object to the processing of your personal data for the purpose of such advertising at any time; this also applies to profiling, insofar as it is related to such direct marketing. If you object, we will no longer process your personal data for these purposes.

Right to lodge a complaint with a supervisory authority:

If you are of the opinion that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, workplace or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy.

Right to data portability:

To the extent that your data is processed on the basis of consent or for the fulfillment of a contract, you have the right to have this data made available in a structured, common and machine-readable format. You also have the right to request the transfer of this data to another controller, insofar as this is technically feasible.

Right to information, correction and deletion:

You have the right to request information about your personal data processed by us, including the purpose of the data processing, the categories of data, the recipients and the storage period. Furthermore, you have the right to know whether a right to correction, deletion or restriction of the processing of your personal data exists. If you have any questions on this topic or on other topics related to personal data, you can contact us at any time using the contact options provided in the imprint.

Right to restriction of processing:

You can assert your right to restriction of processing of your personal data at any time. To do so, you must meet one of the following conditions: You dispute the accuracy of the personal data. For the duration of the verification of the accuracy, you have the right to request restriction of processing. The processing is unlawful and you refuse to delete the personal data and instead request restriction of use. We no longer need your personal data for the purposes of processing, but you need the data to assert, exercise or defend legal claims. You have lodged an objection to the processing pursuant to Article 21(1) of the GDPR, pending the verification whether our legitimate interests outweigh yours.

You dispute the accuracy of the personal data. For the duration of the verification of the accuracy, you have the right to request restriction of processing.
The processing is unlawful and you refuse to delete the personal data and instead request restriction of use.
We no longer need your personal data for the purposes of processing, but you need the data to assert, exercise or defend legal claims.
You have lodged an objection to the processing pursuant to Article 21(1) of the GDPR, pending the verification whether our legitimate interests outweigh yours.

Restriction of processing means that the personal data will only be stored by us and not otherwise processed without your consent, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms or if the processing serves the assertion, exercise or defense of legal claims.

Provision of the website web hosting

If we do not operate this website on our own server, but rather have it operated on the server of an external service provider (web hosting company), the data collected on this website will be stored on the servers of the hosting company.

In addition to the data mentioned above, this may include, for example, contact requests, contact data, names, website access data, meta and communication data, contract data and other data generated via a website. The legal basis for the processing of data by commissioning a web hosting company is our legitimate interest in a secure, fast and efficient provision of our online services (Article 6(1)(f) of the GDPR). Another legal basis can be the fulfillment of the contract with our potential and existing customers (Article 6(1)(b) of the GDPR). If we commission a web hosting company, a data processing agreement is concluded with this service provider.

Use of cookies

Our website uses "cookies". Cookies are information that a web server (a server that provides web content) stores on your terminal device to identify it. They are either stored temporarily for the duration of a session (session cookies) and deleted after the end of your visit to a website, or they are stored permanently (permanent cookies) on your terminal device until you delete them yourself or an automatic deletion occurs through your web browser.

Cookies can also be stored on your terminal device by third-party companies when you visit our site (third-party requests). This enables us, as the operator, and you, as the visitor to this website, to use certain services of third parties that are installed on this website. Examples include cookies for payment services or cookies for displaying videos.

Cookies have various applications, e.g. they can improve the functionality of a website, control shopping cart functions, increase the security and comfort of website use, and can allow the analysis of visitor flows and behavior, creation of heat maps, recognition of website access, measurement of the duration of stay or bounce rates, and recognition of the origin of website visitors (city, country, from which page the visitor comes). Depending on the individual functions, cookies can be assigned to the following categories: Necessary, statistical, comfort and marketing cookies.

The use of cookies is based on the legal basis of consent (Article 6(1)(a) of the GDPR). The data subject has consented to the processing of their personal data with their voluntary, express and prior consent. Without separate consent, personal data will not be processed by us in the manner described above, provided that there is no other justification under Article 6(1) of the GDPR on which we base the processing. We also proceed in the same way if data subjects revoke their consent. The lawfulness of the processing that took place until the revocation remains unaffected.

Use of external services

Our website uses external services. External services are services provided by third-party providers that are used on our website. This can be done for various reasons, for example, for embedding videos or for security reasons. If we do not have a legitimate interest in using these services, we will obtain your consent as a visitor to our website before using them.

Analytics

The processing of personal data of our website visitors enables us to analyze the surfing behavior of our website visitors. We are able, through the evaluation of the data obtained, to compile information on the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. By using the analytics tools, user profiles can be created for the display of targeted or interest-based advertising, our website visitors can be recognized when they visit our website again, their click/scroll behavior and downloads can be measured, heat maps can be created, page views can be recognized, and the origin of our website visitors (city, country, from which page they come) can be determined.

The data processing is based on the legal basis of consent (Article 6(1)(a) of the GDPR). The data subject has consented to the processing of their personal data with their voluntary, express and prior consent. Without separate consent, personal data will not be processed by us in the manner described above, provided that there is no other justification under Article 6(1) of the GDPR on which we base the processing. We also proceed in the same way if data subjects revoke their consent. The lawfulness of the processing that took place until the revocation remains unaffected.

Google Analytics

We use the Google Analytics service on our website. The provider of the service is Google Ireland Limited, which is based in Gordon House, Barrow Street Dublin 4, Ireland.

Through the use of the service, data may be transferred to a third country (USA).

Further information can be found in the manufacturer's data protection information under the following URL: https://policies.google.com/privacy

Rating platform

We use rating platforms to display collected ratings on our website and to build trust with users or to enable new ratings to be submitted. The collected ratings are presented in a clear manner on our website. When the website is accessed, a connection to the respective provider's server is established and the visitor's data is transmitted. Personal data processed in this context includes, for example, the IP address.

Proven Expert

We use the Proven Expert service on our website. The provider of the service is Expert Systems AG, which is based in Quedlinburger Straße 1, 10589 Berlin, Germany.

Further information can be found in the manufacturer's data protection information under the following URL: https://www.provenexpert.com/de-de/datenschutzbestimmungen/

Content Delivery Network (CDN)

We use a Content Delivery Network (CDN) to optimize the performance and availability of our website. For this purpose, the provider of this network stores your IP address and the information about when you visited our website.

We base this processing on a legitimate interest (Article 6(1)(f) of the GDPR).

Our legitimate interest in using a Content Delivery Network lies in being able to display our website as quickly, securely and reliably as possible.

Google Static

We use the Google Static service on our website. The provider of the service is Google Ireland Limited, which is based in Gordon House, Barrow Street Dublin 4, Ireland.

Through the use of the service, data may be transferred to a third country (USA).

Further information can be found in the manufacturer's data protection information under the following URL: https://policies.google.com/privacy

Payment services

Stripe

We use the Stripe service on our website. The provider of the service is Stripe Inc., which is based in 510 Townsend Street, San Francisco, CA 94103, USA.

Through the use of the service, data may be transferred to a third country (USA).

Further information can be found in the manufacturer's data protection information under the following URL: https://stripe.com/at/privacy

Social media

Social media presence (social media)

Purposes of processing

We are present on social media platforms to contact users of these platforms and to increase our reach (level of awareness). Communication with users takes place through the use of the functions available on the platforms. To measure the success of our activities, we use the evaluations or tracking functions offered by the respective manufacturer (e.g. for interest-/behavior-based profiling), cookies and remarketing functions. To promote the exchange of opinions or to acquire new customers, we maintain groups.

Notes on data processing by social networks

The operators of social networks have their headquarters mostly outside the European Union. As a result, data of users may also be processed in third countries (e.g. USA). There is a risk that data of users may not be processed in accordance with the data protection requirements of the European Union, or that rights of users may not be enforced or may be enforced only with difficulty.

Social networks process extensive data of users to create personal usage profiles. These usage profiles can be used, for example, for advertising purposes or market research. This may manifest itself in the form of advertisements displayed to users within or outside the social networks that match their interests. Furthermore, data such as the devices used, browsers, resolution, and usage behavior are usually assigned to the usage profile.

For a detailed presentation of the respective processing methods and possibilities of objection (opt-out), we refer to the data protection declarations and information of the operators of the respective networks.

Your rights as a data subject (e.g. right to information or deletion) can best be asserted with the respective provider. Only the operators of the social platforms have access to your data and can fulfill your data subject rights.

Processed data types

Personal identification data (e.g. names, addresses, e-mail address, phone number)
Electronic identification data (e.g. visited web pages, interest in content, access times, device information, IP addresses)

Legal basis

Legitimate interests (Article 6(1)(f) of the GDPR).

Facebook

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA;
Website: https://www.facebook.com;

Data protection declaration: https://www.facebook.com/about/privacy;

Possibility of objection (opt-out): Settings for advertisements: https://www.facebook.com/settings?tab=ads;

Additional information on data protection: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/terms/page_controller_addendum

Instagram

Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA;
Website: https://www.instagram.com;

Data protection declaration: https://inswebfontsram.com/about/legal/privacy

Twitter

Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA;

Data protection declaration: https://twitter.com/de/privacy,

(Settings) https://twitter.com/personalization.

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland;
Website: https://www.linkedin.com;

Data protection declaration: https://www.linkedin.com/legal/privacy-policy;

Possibility of objection (opt-out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Xing

XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany;
Website: https://www.xing.de;

Data protection declaration: https://privacy.xing.com/de/datenschutzerklaerung.

Facebook social plug-ins (like and share button)

This website uses plug-ins from the social network Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The collected data can also be transferred to the USA and other third countries.

The Facebook plug-ins can be recognized by the Facebook logo or the "Like" button ("I like") on this website. An overview of the Facebook plug-ins can be found at: https://developers.facebook.com/docs/plugins/?locale=de_DE.

If you visit this website, a direct connection is established between your browser and the Facebook server. Facebook is informed that you have visited this website with your IP address. If you click the Facebook "Like" button while you are logged in to your Facebook account, Facebook can assign your visit to this website to you and your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or how it is used by Facebook. Further information can be found in Facebook's data protection declaration at: https://de-de.facebook.com/privacy/explanation.

If you do not want Facebook to assign your visit to this website to your Facebook user account, please log out of your Facebook user account.

The use of Facebook plug-ins is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in being as widely visible as possible on social media. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6(1)(a) of the GDPR; the consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Instagram plug-in

This website uses functions of the Instagram service. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If you click the Instagram button while you are logged in to your Instagram account, you can link the content of this website to your Instagram profile. This allows Instagram to assign your visit to this website to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or how it is used by Instagram. Further information can be found in Instagram's data protection declaration at: https://instagram.com/about/legal/privacy/.

The storage and analysis of the data is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in being as widely visible as possible on social media. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6(1)(a) of the GDPR; the consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.

LinkedIn plug-in

This website uses functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

When you access a page on this website that contains LinkedIn functions, a connection is established to LinkedIn's servers. LinkedIn is informed that you have visited this website with your IP address. If you click the LinkedIn "Recommend" button while you are logged in to your LinkedIn account, LinkedIn can assign your visit to this website to you and your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or how it is used by LinkedIn. Further information can be found in LinkedIn's data protection declaration at: https://www.linkedin.com/legal/privacy-policy.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Further information can be found in LinkedIn's data protection declaration at: https://www.linkedin.com/legal/privacy-policy.

Xing plug-in

This website uses functions of the Xing network. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

When you access a page on this website that contains Xing functions, a connection is established to Xing's servers. According to our knowledge, Xing does not store any personal data. In particular, no IP addresses are stored or usage behavior is evaluated.

Further information on data protection and the Xing Share button can be found in Xing's data protection declaration at: https://www.xing.com/app/share?op=data_protection

Consent management

In order to comply with data protection requirements, we have implemented a consent management tool on our website. With this tool, we obtain the necessary consents for the setting of cookies or the use of external services. The consents are stored accordingly.

The processing is necessary for the fulfillment of a legal obligation to which the controller is subject. The legal basis for the processing is therefore Article 6(1)(c) of the GDPR.

Usercentrics

We use the Usercentrics service on our website. The provider of the service is Usercentrics GmbH, which is based in Sendlinger Straße 7, 80331 Munich, Germany.

Further information can be found in the manufacturer's data protection information under the following URL: https://usercentrics.com/de/datenschutzerklaerung

Interface software

Business processes can be carried out more cost-effectively, quickly and error-free if they are automated with the help of software via interfaces. This allows them to be efficiently integrated into our website or social networks. We use interface software on our website to connect different applications and to securely transfer personal data from one application to another.

Google Tag Manager

We use the Google Tag Manager service on our website. The provider of the service is Google Ireland Limited, which is based in Gordon House, Barrow Street Dublin 4, Ireland.

Through the use of the service, data may be transferred to a third country (USA).

Further information can be found in the manufacturer's data protection information under the following URL: https://policies.google.com/privacy

Appointment scheduling

You have the possibility to make an appointment with us directly on our website. If you enter the requested data and the desired date in the provided form, our system will suggest free dates. The data you enter (name, e-mail address and optionally phone number) will be used by us for the planning, implementation and, if necessary, follow-up of the appointment.

Cituro

We use the Cituro service on our website. The provider of the service is Cituro GmbH, which is based in Gustav-Stresemann-Str. 13, 86199 Augsburg, Germany.

Web fonts

This site uses so-called web fonts to display fonts uniformly. These web fonts are provided by an external provider and loaded by your browser when you access the website. This allows the provider of the web font to know that you have accessed our website from your IP address.

Google Fonts

We use the Google Fonts service on our website. The provider of the service is Google Ireland Limited, which is based in Gordon House, Barrow Street Dublin 4, Ireland.

Through the use of the service, data may be transferred to a third country (USA).

Further information can be found in the manufacturer's data protection information under the following URL: https://policies.google.com/privacy

Adobe Typekit

We use the Adobe Typekit service on our website. The provider of the service is Adobe Systems Software Ireland Limited, which is based in 4-6 Riverwalk, Citywest Business Campus, Dublin 24, D24 DCW0, Ireland.

Through the use of the service, data may be transferred to a third country (USA).

Further information can be found in the manufacturer's data protection information under the following URL: https://www.adobe.com/de/privacy/policy.html

Web security

We use tools on our website that protect us from unauthorized access, spam and other attacks. This serves our security and, in further consequence, also the security of our website visitors.

We base this processing on a legitimate interest (Article 6(1)(f) of the GDPR).

Our legitimate interest lies in being able to guarantee the security of our website and protect ourselves against unauthorized access, spam and other attacks.

Google Recaptcha

We use the Google Recaptcha service on our website. The provider of the service is Google Ireland Limited, which is based in Gordon House, Barrow Street Dublin 4, Ireland.

Through the use of the service, data may be transferred to a third country (USA).

Further information can be found in the manufacturer's data protection information under the following URL: https://policies.google.com/privacy

Contact form

On our website, there is the possibility to contact us via a contact form. For this purpose, we ask for certain information, in particular a description of the request and a contact option. At least this information is mandatory and must be provided for the use of the contact form.

The legal basis for answering contact inquiries is the fulfillment of a contract or the implementation of pre-contractual measures. Furthermore, there may be a legitimate interest in maintaining business relationships.

The legal basis for the processing of your data is therefore Article 6(1)(f) of the GDPR or Article 6(1)(b) of the GDPR.

The data will be deleted as soon as we have answered your inquiry to your satisfaction and if there are no other retention periods (e.g. tax retention periods).

E-mail traffic and contact via telephone

We have provided a phone number and e-mail address on our website, in accordance with legal requirements. The data transmitted to us by phone or e-mail will be automatically stored by us to process the respective inquiries or to contact the data subject. Data that we obtain in this way will not be passed on to third parties without consent.

The telephone contact and e-mail traffic serve pre-contractual and contractual purposes, and the data processing associated with this is carried out by us on the basis of Article 6(1)(b) of the GDPR.

Handling of applicant data

You have the possibility to send us an application (e.g. by post, online application form or by e-mail). The personal data received in this way will be stored and processed by us for the purpose of deciding whether to establish an employment relationship.

The basis for the processing is Article 6(1)(b) of the GDPR, as well as Article 6(1)(a) of the GDPR, provided that consent has been given. If German law is applicable, § 26 of the BDSG is also a legal basis for the processing (initiation of an employment relationship). You can revoke your consent at any time. The lawfulness of the processing that took place until the revocation remains unaffected.

If an employment relationship results from the application, the collected data will be stored for the purpose of implementing the employment relationship in accordance with Article 6(1)(b) of the GDPR. Insofar as it does not come to an employment relationship, the data will be stored on the basis of Article 6(1)(f) of the GDPR for up to 6 months after the end of the application procedure. We have a legitimate interest in storing the data, in order to be able to defend ourselves against possible claims or allegations. If consent has been given, the data will be stored for a longer period on the basis of Article 6(1)(a) of the GDPR. You can revoke your consent at any time. The lawfulness of the processing that took place until the revocation remains unaffected.

Applicant pool

If it does not come to an employment relationship, the applicant can be included in our applicant pool. All information from the application will be stored for this purpose, in order to be able to contact the person concerned in the event of suitable job postings.

The storage of data in the applicant pool is done exclusively on the basis of consent (Article 6(1)(a) of the GDPR). This consent can be revoked at any time, whereupon the corresponding data will be deleted, unless there are statutory retention reasons. Deletion will take place at the latest two years after the consent has been given. The lawfulness of the processing that took place until the revocation remains unaffected.

Note

This data protection notice was created by the service ww.einfach-dsgvo.de.