Data protection information for using DPO (www.digitalpurchaseorder.com)
The following data protection information from LeBog Software GmbH applies to the use of the internet and mobile services provided at www.digitalpurchaseorder.com (“DPO”).
This data protection information does not apply to services for which separate data protection regulations apply which do not expressly incorporate this data protection information.
1. Applicable Regulations
The user is herewith informed pursuant to the applicable regulations of the German Telemedia Act (“TMG”), Federal Data Protection Act (“BDSG”) and the General Data Protection Regulation („GDPR“ / „DSGVO“).
2. Personal Data
When you visit our website, usage data is transmitted through your internet browser and stored in log files, the so-called server log files, such as the following: Date and time of retrieval, name of the page called, amount of data transferred, the IP address and the requesting provider. These data are solely for the purpose of ensuring the safely and smoothly operation of our website and the improvement of our service (legal basis: Art. 6 (1) sentence 1 lit. f GDPR). These data are deleted immediately after their evaluation.
Personal data is collected when you set up a user account: your name, user name, address, e-mail address, telephone number, payment details etc. We use the data for our services and the execution of contracts (legal basis: Art. 6 (1) sentence 1 lit. a and b GDPR). You may request the deletion of your user account at any time by a message to the contact details below. We will then delete all data, unless such deletion would have an adverse effect on the functioning of the services for a remaining user group. Please note, that user names can only be deleted from the system by good cause. After completion of the contract or deletion of your user account, your data will be blocked with regard to tax and commercial retention periods and thereafter deleted.
When you contact us via e-mail or contact form we collect personal data: your name, e-mail address etc. These data are stored and used for service purposes and for answering your request (legal basis: Art. 6 (1) sentence 1 lit. a and f GDPR). After processing of your request, your data will be deleted.
3. Disclosure of Personal Data
In order to provide our services, we may use external service providers to perform certain data processing operations on our behalf and on our instructions („processors“). We select the processors in accordance with the applicable data protection laws with particular care and observe in particular the provisions of a written contract.
Operations performed by processors on our behalf may include:
Providing the platform’s technical infrastructure and storage space
Web and usage analysis services (see “Google Analytics” below)
E-mail and customer service.
Processors may have access to personal data, but may only use it to render their contracted service. Processors are also contractually committed to ensuring a level of data security that meets the data security level we provide. If processors are located in countries outside the EU / EEA that do not guarantee a level of data protection that is considered appropriate in the EU / EEA, we have concluded corresponding contracts with them, or other guarantees exist to ensure all necessary measures to protect the personal data in accordance with the applicable requirements.
Some of our e-mails are sent via the technical service provider The Rocket Science Group, LLC d / b / a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http://www.mailchimp.com/), to which we therefore transmit your contact data. Please note that your data is usually transmitted to and stored by a MailChimp server in the USA. To protect your data in the United States, we have completed a data processing contract with MailChimp based on the standard contractual clauses of the European Commission to allow the transfer of your personal data to MailChimp. You may view this data processing contract here: http://mailchimp.com/legal/forms/data-processing-agreement/. MailChimp is also certified under the US-EU Privacy Shield and is committed to complying with EU privacy requirements. More information about the Privacy Shield can be found here: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG. You may object to the storage and use of your data at any time with effect for the future by contacting us via the contact info below.
We may transmit your payment data to a commissioned bank, if necessary for the payment process.
4. Protection of your Data
We take physical, technical and administrative security measures to protect your personal data against loss, misuse, unauthorized access, disclosure and alteration. These security measures include firewalls, data encryption, physical access restrictions on our servers and access control privileges. We can not accept liability for misused passwords unless we are responsible for the abuse. You are also responsible for logging out after using our services via the log out button, especially when using public computers. We expressly point out that the transmission of data on the internet (for example by e-mail) has security gaps and can not be completely protected against access by third parties.
6. Google Analytics
We use Google Analytics with the extension “_anonymizeIp ()” to exclude a direct personal reference. That means, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases, the full IP address will be sent to a Google server in the USA and be shortened there. On our behalf, Google will use the information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage. It is also possible to create pseudonymous user profiles from the processed data.
The IP address provided by Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent. In addition, you may prevent the collection by Google of the data generated by the cookie (including your IP address) as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
7. Your Rights
You have the right to
Restrict the procession of
Object the procession of
your personal data, as well as to
Revoke your consent at any time.
To make use of these rights, please contact us under the following contact details.
If you have any queries or complaints about the collection, processing or use of your personal data, or if you want to make use of the aforementioned rights, please contact us:
LeBog Software GmbH
Telephone: +49 30 555 72 5950
Managing Directors: Bogdan Tomassini-Buechner, Laurence Sargent
If you are not satisfied with the processing of your concerns, you have the right to lodge a complaint with the Privacy Commissioner in your country.
9. Contracts with Sargent-Disc Ltd.
These data protection regulations are dated 25.05.2018. Version 1.3