Privacy Policy

General Information

Thank you for visiting our website. This privacy policy informs you about the processing of personal data on our website. Personal data ("data") is any information relating to an identified or identifiable person. “Processing" of data means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

We only process the data as necessary and for the purpose of providing a functional and user-friendly website as well as for the provision of our content and services. The legal basis for data protection can be found in particular in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC ("General Data Protection Regulation", GDPR) as well as in the German Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG).

This privacy policy can be accessed and printed out at any time on the website. We reserve the right to amend this privacy policy in compliance with the statutory provisions.

Controller

The Controller of your personal data is

LeBog Software GmbH
Straßburger Str. 18
10405 Berlin
Germany

Email: info@digitalpurchaseorder.com

Controller is any natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Scope of Data Processing

The data is processed by us or by third parties in the context of using this website. We use various third-party providers in the areas of hosting, mailing services, software and customer/data management (CRM) each of which processes data on our behalf. We have concluded corresponding order processing agreements with these third-party providers, which ensure that an adequate level of data protection is also guaranteed with respect to our (sub-)processors (Art. 28 GDPR). Our parent company, Sargent-Disc Limited, 5-7 Baring Rd, Beaconsfield HP9 2NB, United Kingdom, is handling our customer and user data and thus has necessary access to personal data we control. Our grandparent company, Cast & Crew LLC, 2300 Empire Avenue, 5th Floor, Burbank, CA 91504, is responsible for our US customers and  additional support services for all users, as well as providing different software solutions (Office365, Okta) to us. For more information on the third-party providers used, please feel free to contact us at any time (e.g. by email to info@digitalpurchaseorder.com).

We only process your data if this is necessary for the stated purposes. Failure to provide the data may have legal disadvantages, such as the loss of legal positions, for example, no response to your enquiry or the impracticability of a contract.

As a matter of principle, we will only transfer or disclose your data to third parties if we have obtained your consent or if there is another legal basis for doing so. We generally process personal data within the EU/EEA. In case your data is processed outside the EU/EEA, e.g. by our (sub-)processors, compliance with European data protection standards is ensured in each case. If your data is transferred to third countries, such as the USA, we ensure that the legal requirements according to Art. 44 ff. GDPR for such transfer are met and that your data is processed in the third country in accordance with the European data protection standard. For this purpose, we generally use the so-called EU standard contractual clauses that we conclude with the respective provider. Further, in accordance with the requirements of the ECJ "Schrems II" decision, a case-by-case risk analysis is carried out with regard to the respective third country and the respective transfer. For further information, you can also contact us by email at info@digitalpurchaseorder.com.

Furthermore, we have taken technical and organizational measures to ensure that the regulations on data protection are observed both by us and by external service providers. For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption.

Visiting the Website

We collect data about every visit on our website (so-called server log files). The data listed below is processed as follows:

Data:

• name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, operating system/version, referrer URL (the previously visited page), IP address and the requesting provider, country code, language, device name, if applicable.

Purpose:

• statistical evaluations, ensuring the stability and operational security of the website
• fulfilment of legal obligations, for reasons of data security

Legal Basis:

• Art. 6 (1) f) GDPR based on our legitimate interest in fraud prevention and quality assurance
• Art. 6 (1) c) GDPR

Contact and Emails

If you contact us via the contact form or via email, the information from the respective enquiry, including the contact data provided, will be stored by us for the purpose of processing the enquiry as follows:

Data:

• your enquiry, contact details (e.g. , name, company, country, email address) or other data provided in the enquiry

Purpose:

• communicating or storing/processing data in order to determine company enquiries, to establish, perform and/or settle a contractual relationship; this may include responding to your enquiry or making a refund
• processing of data based on your consent to respond to the request

Legal Basis:

• Art. 6 (1) b) GDPR
• Art. 6 (1) a) GDPR

Newsletter

With our newsletter we inform you about us and our offers. Only your email address is required to register for the newsletter. If you register for the newsletter, your email address will be transmitted to us (or our mail provider) and stored there. After registering, you will receive an email to confirm your registration ("double opt-in").

We use the provider Mailchimp, Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA, to send the newsletter. Mailchimp is a service with which the sending of newsletters can be organized and analyzed. For this purpose, we forward your email address and the information whether you have signed up for the newsletter and/or for further product information to Mailchimp.

With the help of Mailchimp, we can analyze our newsletter campaigns. When you open an email sent with Mailchimp, a file contained in the email (known as a web beacon) connects to the Mailchimp servers in the USA. This allows us to determine whether a newsletter message was opened and which links were clicked. In addition, technical information is recorded (e.g. time of registration, IP address, browser type and operating system). This information is used for the statistical evaluation of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.

You can withdraw your consent to the processing of Data for the purpose of sending the newsletter or evaluation of related data at any time. The withdrawal can take place over a link, which is contained in each newsletter, or by separate message to us. You will not incur any costs other than the transmission costs according to the basic tariffs.

Data:

• contact data (email address, name if applicable), device data (device name, country code if applicable, language, name of operating system and version), connection data (IP address, mail provider)

Purpose:

• advertising communication

Legal Basis:

• Art. 6 (1) a) DSGVO

Other information emails

If a contractual relationship has been established with us (for example, following successful registration on the website or via the app), we may send you emails with interesting information about similar goods or services.

You can request at any time that you no longer receive such information emails from us. To do so, please contact us by message (info@digitalpurchaseorder.com) or click on the link at the end of the information emails. You will not incur any costs other than the transmission costs according to the basic rates.

Data:

• contact data (email address), technical data, usage data

Purpose:

• communication to carry out a contractual relationship or on the basis of our legitimate marketing interests, including notification of similar goods or services.

Legal Basis:

• Art. 6 (1) b) or f9 DSGVO (if applicable in conjunction with Section 7 (3) UWG), Art. 6 (1) a) DSGVO

Cookies and other tools used on our website

We use so-called cookies. Cookies are small text files that are stored on the end device used and saved by the browser. Cookies serve to make our offer more user-friendly, effective and secure. There are different types of cookies that are used for different purposes. Some cookies ensure that our offers function properly or that you are recognized on your device after successful registration ("necessary" cookies). By placing these necessary cookies, we make it easier for you to visit our offers and use the services available there. We place other cookies to analyze user preferences and thus improve our offers ("non-essential cookies”).

We only place non-essential cookies with your consent. When you visit our services for the first time, you will see a pop-up explaining cookies. Once you click on the relevant consent button, you agree to our use of the particular cookies selected, each of which is described in the pop-up as well as in this Privacy Policy. If you want to manage your consent or receive further information on the cookies used on our website click the Button "Cookie Settings" on the lower left side.

In addition, you can adjust your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. You can manage many online ad cookies from companies via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/uk/your-ad-choices/. Please note that if you disable cookies, the functionality of this website may be limited.

Insofar as personal data is processed when "necessary" cookies are used, this is based on the legal basis Art. 6 (1) f) GDPR due to legitimate interests of quality assurance and a technically flawless presentation of the website. The processing of personal data when using so-called "non-essential cookies” is based on your consent (legal basis: Art. 6 (1) a) GDPR).

Provider:

• Google Analytics (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, Mountain View, CA, USA)

Data & Purpose:

• usage data for tracking and analysis

Links:

• Google Privacy Policy
• Opt out

Social Media

We are present on various social media platforms and process user data within this framework in order to communicate with users active there or to offer information about us. User data is usually processed within social networks for market research and advertising purposes. For example, usage profiles can be created based on the usage behaviour and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behaviour and the interests of the users are stored. Furthermore, data independent of the devices used by the users may also be stored in the usage profiles (especially if the users are members of the respective platforms and are logged in to them). For a detailed presentation of the respective forms of processing and the options to object (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks.

In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need help, you can contact us.

Data:

• inventory data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses)

Purpose:

• contact requests and communication, tracking (e.g. interest/behavioural profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors), affiliate tracking.

Legal Basis:

• Art. 6 (1) f). GDPR. The use of common social media channels is in our legitimate interest in marketing our offer.

Services used and service providers:

• Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
  • Privacy policy
  • Settings
  • Data information
• Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
  • Privacy policy
  • Opt-out and settings for advertisements
  • Agreement on joint processing of personal data on Facebook pages
  • [Privacy notices for Facebook pages)[https://www.facebook.com/legal/terms/information_about_page_insights_data]
• LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
  • Privacy policy
  • Opt-out and settings for advertisements
• YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
  • Privacy policy
  • Opt-out

Microsoft 365

We use Microsoft 365 (Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland). Microsoft 365 is a productivity, collaboration and exchange platform for individual users, teams, communities and networks that can be used across organisational units.

When Microsoft 365 applications are used, personal data about you can be processed. Microsoft is a so-called processor within the meaning of Art. 28 GDPR. We have carefully selected our external service providers who act as processors, concluded contracts with them on data processing and regularly review them.

Please note that this privacy policy only informs you about the processing of your personal data by us in the context of using Microsoft 365. Microsoft reserves the right to process data for its own legitimate business purposes. We cannot influence these data processing operations by Microsoft. If you require information about processing by Microsoft, please refer to their privacy policy or contact them directly: https://privacy.microsoft.com/en-us/data-privacy-notice

Data:

• inventory data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. access times), meta/communication data (e.g. device information, IP addresses, time of meeting participation), content data (e.g. contract data, document related data), profile data (e.g. your username, if you provide it of your own accord)When Microsoft 365 applications are used, personal data about you can be processed. Microsoft is a so-called processor within the meaning of Art. 28 GDPR. We have carefully selected our external service providers who act as processors, concluded contracts with them on data processing and regularly review them.

Purpose:

• administrative purposes, communication and collaboration of our employees, business partners and third parties, effectiveness of our IT processes,
• responding to contact requests and communication, processing, and storage of data in order to establish or perform a contractual relationship,
• legal obligations, data security

Legal Basis:

• Art. 6 (1) f). GDPR, on the basis of our legitimate interests
• Art. 6 (1) b). GDPR, for the initiation, implementation or fulfilment of our contractual obligations, Art. 6 (1) a). GDPR, based on your consent
• Art. 6 (1) c). GDPR, for the fulfilment of legal obligations

Storage and Deleting Data

We only store your personal data for as long as it is necessary for the respective processing purpose and limit the storage period to the minimum necessary. Beyond this, we only store your data if we are entitled or obliged to do so in accordance with statutory retention periods (for example, in accordance with the German Commercial Code (HGB) or the German Fiscal Code (AO)).

Your rights

You have the following rights:

• the right to information,
• the right to correction or deletion
• the right to restrict processing,
• the right to data portability,
• the right to revoke your consent with effect for the future.
• the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. (1) e) or f) GDPR; this also applies to profiling based on these provisions.

To exercise your aforementioned rights, you can send an email to info@digitalpurchaseorder.com.

You also have the right to complain to a data protection supervisory authority about our processing of your personal data.