Data privacy at e.solutions GmbH

Data Protection

We take the protection of your personal data very seriously. Therefore, we handle your data responsibly in all data processing procedures and observe the statutory provisions regarding data protection, in particular the provisions of the EU General Data Protection Regulation (GDPR) and of the German Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)).

1. Scope

This data privacy statement gives, in particular, an overview of the following information:

  • Which of your data are processed via our website (hereinafter also referred to as “offer”?
  • In what manner, to what extent, for what purposes and on what legal basis are these data used?
  • What security measures are taken to protect your data?
  • How can you object to individual data processing operations via our website?
  • How can you obtain access to the information provided to us and, if necessary, assert further data subject rights against us?

2. Who is your contact (controller responsible) for your data protection concern?

Controller within the meaning of the data protection regulation is:
e.solutions GmbH ("e.solutions")
Despag-Straße 4a
85055 Ingolstadt, Germany
Phone:+49 8458 3332-100
Fax: +49 8458 3332-333
www.esolutions.de

Chief Data Protection Officer:

Claudia Langer
e.solutions GmbH
Legal
Despag-Straße 4a
85055 Ingolstadt, Germany

Phone:+49 8458 3332 3100
E-mail:datenschutzbeauftragter@esolutions.de

Please send all inquiries concerning data protection and the assertion of data subject rights (see below in this data privacy statement) to the address stated above for the attention of our data protection officer.

3. On what legal basis may data processing be performed on our website?

If and when we obtain your consent to the processing of personal data, Article 6(1)(a) GDPR serves as the legal basis.

For the processing of personal data necessary for the performance of a contract to which you as the data subject are a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary for the implementation of pre-contractual measures.

If and when the processing of personal data is necessary for compliance with a legal obligation which we as the controller are subject to, Article 6(1)(c) GDPR serves as the legal basis.

In case that vital interests of you or another natural person necessitate the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

If the processing is necessary for the purposes of the legitimate interests pursued by us or a third party and your interests, fundamental rights and freedoms as the data subject do not override the first-mentioned interests, Article 6(1)(f) GDPR serves as the legal basis for the processing.

The concrete legal basis applicable to the respective processing can be found in the corresponding passage of this data privacy statement.

4. What technical access data/server log files are collected and stored when you use our offer?

We (and our webspace provider, respectively) collect and store your data on every access to the offer (called server log files and system and usage data, respectively). Access data include the following:

name of the called website, file, date and time of the call, transferred amount of data, report on successful retrieval, browser type incl. version, your operating system, referral URL (previously visited page), IP address, and accessing provider.

The legal basis for the storage of these data and the log files is Article 6(1)(f) GDPR.

We use the log data only for statistical evaluations for the purpose of operation, security, and optimisation of our offer. However, we reserve the right to subsequently examine the log data if there are concrete indications of the legitimate suspicion of illegal use. These purposes also constitute our legitimate interest in data processing pursuant to Article 6(1)(f) GDPR. In this context, no evaluation for marketing purposes takes place.

The data are erased as soon as they are no longer required to accomplish the purpose of their collection. In the case of collection of the data for the provisioning of the website, this is the case when the respective session is terminated. If the data are stored in log files, this will be the case after 14 days at the latest. A longer storage than that is possible. In this case, the users’ IP addresses will be erased or alienated so that the calling client can no longer be allocated. Moreover, in the case of misuse or, for example, a hacker attack, the data will be stored until the circumstances have been finally clarified.

Collection of the data for the provisioning of the website and storage of the data in log files is absolutely necessary for the operation of the website.

5. How do we handle your data when you use our offer?

Personal data are pieces of information with the help of which a person is determinable, i.e., data that can be traced back to a person. This includes the name, e-mail address, or phone number. However, also data on preferences, hobbies, memberships, or which websites were visited are rated among personal data.

We only collect, use, and pass on personal data if and when this is permitted by law or you consent to data collection.

Please note that in individual cases we are – by order of the competent authority – entitled to furnish particulars about data, provided that this is required for criminal prosecution purposes, to enable the police forces of the German federal states to prevent crimes, to fulfil the statutory tasks of the constitution protection authorities of the German federal government and the German federal states, the Federal Intelligence Service, or the Military Counter-Intelligence Service, or to assert rights to intellectual property. The legal basis for that is Article 6(1)(c) GDPR.

6. Contacting

If and when you contact us (e.g., by phone or e-mail), your data are stored for the purpose of handling your request and in case any follow-up questions arise.

The legal basis for the processing of the data transmitted in the course of the sending of an e-mail is Article 6(1)(f) GDPR. If contacting is aimed at concluding a contract, an additional legal basis for the processing is Article 6(1)(b) GDPR.

The sole purpose of the processing of the personal data from the contacting is the handling of your request. In the case of contacting by e-mail, this is also the necessary legitimate interest in the data processing. The data are erased as soon as they are no longer required to accomplish the purpose of their collection. This is the case when the respective conversation with the user has been completed. The conversion is completed when it can be understood from the circumstances that the relevant issue has been finally cleared up.

Right to object

The user may at any time object to the processing of their personal data, to the address stated above. In such a case, the conversation cannot be continued. In this case, any and all personal data stored in the course of the contacting will be erased.

7. What security measures have been taken to protect your data?

We implement up-to-date technical measures to ensure data security, in particular to protect your personal data against hazards during data transmission and disclosure to third parties. These measures are each adjusted to the current state of the art.

The databases of our offer are protected by physical and technical measures as well as procedural measures restricting access to the information to specifically authorised persons in accordance with this data privacy statement. The information system of our offer is located behind a software firewall to prevent access from other networks that are connected with the Internet. Only employees and authorised persons who need this information to fulfil a specific task are granted access to personal information. Employees and authorised persons are trained with regard to security and data protection practices.

We use the standardised SSL encryption technology for the collection and transmission of data via our offer.

8. Use of cookies: What does this mean for my data?

We currently do not use cookies under this subdomain.

9. Use of analysis tools: What happens to my data in the process?

We do not currently use any analysis tools.

10. Data subject rights

On request, e.solutions will give you information about the personal data concerning you stored at e.solutions pursuant to Art. 15 GDPR at any time. Moreover, you may have your personal data rectified pursuant to Art. 16 GDPR, erased pursuant to Art. 17 GDPR, or restrict their processing pursuant to Art. 18 GDPR by e.solutions at any time. Pursuant to Art. 20 GDPR you have the right to have delivered to you or to a third party data that we process automatically based on your consent or to perform a contract in a commonly used and machine-readable format. If you demand direct transmission of the data to another controller, this will only be done if it is technically feasible. Excluded from erasure are only those data which e.solutions requires to accomplish yet outstanding tasks or to assert existing rights and claims and data that must be kept by e.solutions due to statutory regulations. Such data will be made unavailable, however.

Moreover, pursuant to Art. 77 GDPR you have the right to lodge a complaint with a data protection supervisory authority.

If you gave e.solutions your consent to the processing of personal data within the framework of the usage of e.solutions’ services, you may revoke this consent at any time pursuant to Art. 7(3) GDPR. The revocation may be sent by e-mail to the following e-mail address:datenschutzbeauftragter@esolutions.de or in writing to the address stated above. The effects of the revocation are restricted to the storage and usage of personal data that may not be stored and used even without your consent due to legal permissions. Such a revocation will affect the admissibility of the processing of your personal data after you have expressed it to us. Please note, however, that in this case processing of the relevant data will no longer be possible in the future.

If and when the processing of your personal data is based on the weighing of interests, you may object to the processing pursuant to Art. 21 GDPR. This is the case especially if the processing is not required to perform a contract with you. If you lodge such an objection, please state the reasons why we should not process your personal data as we do. In the case of your justified objection, we will examine the facts and either stop or adapt the data processing or present to you our compelling legitimate grounds due to which we will continue the processing. If you exercise your right to object, the controller will no longer process your personal data unless compelling legitimate grounds for the processing apply which override your interests, rights, and freedoms, or the processing serves for the establishment, exercise, or defence of legal claims.

Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. To inform us about your objection to advertising, please use the following e-mail address:datenschutzbeauftragter@esolutions.deor the address stated above.