Privacy Policy – IT GmbH

2) Data collection when visiting our website

2.1 During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect such data that your browser transmits to the page server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

• Our visited website 
• Date and time at the time of access
• Amount of data sent in bytes
• Source/reference from which you came to the site
• Browser used
• Operating system used
• IP address used (if applicable: in anonymized form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or requests to the responsible party). You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser line.

3) Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. In some cases, these cookies are automatically deleted again after closing the browser (so-called “session cookies”), in other cases, these cookies remain on your end device for longer and allow page settings to be saved (so-called “persistent cookies”). In the latter case, you can find the storage period in the overview of the cookie settings of your web browser.

If personal data are also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b DSGVO either for the performance of the contract, pursuant to Art. 6 para. 1 lit. a DSGVO in the case of granted consent or pursuant to Art. 6 para. 1 lit. f DSGVO to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

You can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or can exclude the acceptance of cookies for certain cases or in general.

Please note that if you do not accept cookies, the functionality of our website may be limited.

4) Contacting us

Personal data is collected when contacting us (e.g. via contact form or e-mail). Which data is collected in the case of using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration.

The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted after final processing of your request. This is the case if it is clear from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

5) Registration on the portal or forum

You can register on our website by providing personal data. Which personal data is processed for the registration can be seen from the input mask used for the registration. We use the so-called double-opt-in procedure for registration, i.e. your registration is only completed when you have previously confirmed your registration via a confirmation e-mail sent to you for this purpose by clicking on the link contained therein. If your confirmation is not received within 24 hours, your registration will be automatically deleted from our database. The provision of the aforementioned data is mandatory. You can provide all other information voluntarily by using our portal.

If you use our portal, we store your data required for the fulfillment of the contract, including any information on the method of payment, until you finally delete your access. Furthermore, we store the voluntary data you provide for the time of your use of the portal, unless you delete it beforehand. You can manage and change all information in the protected customer area. The legal basis is Art. 6 para. 1 lit. f DSGVO.

In addition, we store all content published by you (such as public posts, pinboard entries, guestbook entries, etc.) in order to operate the website. We have a legitimate interest in providing the website with the full user-generated content. The legal basis for this is Art. 6 (1) lit. f GDPR. If you delete your account, your public statements, especially in the forum, will remain visible to all readers, but your account will no longer be retrievable. All other data will be deleted in this case.

6) Use of customer data for direct marketing purposes

6.1 Registration for our e-mail newsletter

If you register for our e-mail newsletter, we will regularly send you information about our offers. The only data required for sending the newsletter is your e-mail address. The provision of further data is voluntary and will be used to address you personally. For sending the newsletter we use the so-called double opt-in procedure. This means that we will not send you an email newsletter until you have explicitly confirmed that you consent to receive newsletters. We will then send you a confirmation email asking you to confirm that you wish to receive the newsletter in the future by clicking on an appropriate link.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 para. 1 lit. a GDPR. When you register for the newsletter, we store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when you register for the newsletter is used exclusively for the purpose of addressing you in an advertising manner by way of the newsletter. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the person responsible mentioned at the beginning. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use your data in a manner that goes beyond this, which is permitted by law and about which we inform you in this declaration.

6.2 Klaviyo

7) Web analytics services

7.1 Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables an analysis of your use of our website.

By default, Google Analytics sets 4 cookies when you visit the website, which are stored as small text modules on your terminal device and collect certain information. The scope of this information also includes your IP address, which is, however, shortened by Google by the last digits in order to exclude a direct personal reference.

The information is transferred to Google servers and processed there. In the process, transfers to Google LLC, based in the USA, are also possible.

Google uses the collected information on our behalf to evaluate your use of the website, to compile reports on website activity for us and to provide other services related to website activity and internet usage. The IP address transmitted and shortened by your browser as part of Google Analytics will not be merged with other data from Google. The data collected in the context of the use of Google Analytics 4 will be stored for a period of two months and then deleted.

All processing described above, in particular the setting of cookies on the end device used, will only take place if you have given us your express consent for this in accordance with Art. 6 (1) lit. a DSGVO.

Without your consent, Google Analytics 4 will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your right of revocation, please deactivate this service via the “Cookie Consent Tool” provided on the website.

We have concluded an order processing agreement with Google, which ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites.

Demographic characteristics

Google Analytics 4 uses the special “demographic characteristics” feature and can use it to create statistics that make statements about the age, gender and interests of site visitors. This is done by analyzing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the collected data cannot be assigned to a specific person and is deleted after being stored for a period of two months.

Google Signals

As an extension to Google Analytics 4, Google Signals can be used on this website to generate cross-device reports. If you have activated personalized ads and linked your devices to your Google account, Google may, subject to your consent to the use of Google Analytics pursuant to Art. 6 (1) lit. a DSGVO, analyze your usage behavior across devices and create database models, including on cross-device conversions. We do not receive any personal data from Google, only statistics. If you want to stop the cross-device analysis, you can deactivate the “Personalized advertising” function in the settings of your Google account. To do so, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de For more information about Google Signals, please visit the following link: https://support.google.com/analytics/answer/7532985?hl=de

UserIDs

As an extension to Google Analytics 4, the “UserIDs” function can be used on this website. If you have consented to the use of Google Analytics 4 pursuant to Art. 6 (1) lit. a DSGVO, have set up an account on this website and log in with this account on various devices, your activities, including conversions, can be analyzed across devices.

For data transfers to the USA, the Provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

7.2 Google Tag Manager

This website uses the “Google Tag Manager”, a service of the following provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”).

The Google Tag Manager provides a technical basis for bundling various web applications, including tracking and analysis services, and for calibrating, controlling and attaching conditions to them via a uniform user interface. Google Tag Manager itself does not store any information on user end devices or read them. The service also does not perform any independent data analyses. However, the Google Tag Manager transmits your IP address to Google when you visit a page and may store it there. Also a transmission to servers of Google LLC. In the USA is possible.

This processing is only carried out if you have given us your express consent to this in accordance with Art. 6 Para. 1 lit. a DSGVO. Without this consent, Google Tag Manager will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “Cookie Consent Tool” provided on the website.

We have concluded an order processing agreement with the provider, which ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

8) Page functionalities

8.1 Google Maps

This website uses an online map service provided by the following provider: Google Maps (API) by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Google Maps is a web service for displaying interactive (land) maps in order to visually present geographical information. By using this service, our location is shown to you and a possible approach is facilitated.

When you call up those sub-pages in which the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there; this may also involve transmission to the servers of Google LLC. in the USA. This occurs regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.

The collection, storage and analysis are carried out in accordance with Art. 6 (1) f DSGVO on the basis of Google’s legitimate interest in the display of personalized advertising, market research and / or the design of Google websites. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, you also have the option of completely deactivating the Google Maps web service by turning off the JavaScript application in your browser. Google Maps and thus also the map display on this website can then not be used.

As far as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 (1) lit. a DSGVO. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the option described above to make an objection.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision of the European Commission.

8.2 Gravity Forms

To conduct surveys or online forms, we use the services of the following provider: Rocketgenius Inc., 1620 Centerville Turnpike STE 102, Virginia Beach, VA 23464, USA.

The provider enables us to design and evaluate surveys and online forms. In addition to the respective personal data that you enter into the forms, information about your operating system, browser, date and time of your visit, referrer URL and your IP address are also collected, transmitted to the provider and stored on servers of the provider.

The storage of the information you enter in the forms is password-protected to ensure that third party access is excluded and only we can evaluate the data for the purpose specified in the form.

When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 (1) lit. b DSGVO serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 (1) a DSGVO. Consent given can be revoked at any time with effect for the future.

We have concluded an order processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

For the transfer of data to the USA, the provider invokes standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.

9) Tools and miscellaneous

9.1 Cookie consent tool

This website uses a so-called “cookie consent tool” to obtain effective user consent for cookies and cookie-based applications that require consent. The “Cookie Consent Tool” is displayed to users in the form of an interactive user interface when they call up the page, on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box. By using the tool, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consent by setting a check mark. This ensures that such cookies are only set on the respective user’s end device if consent has been granted.

The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed in this context.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) f DSGVO on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.

Further legal basis for the processing is Art. 6 para. 1 lit. c DSGVO. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

To the extent necessary, we have concluded an order processing agreement with the provider, which ensures the protection of the data of our site visitors and prohibits unauthorized disclosure to third parties.

Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.

9.2 Wordfence

For security purposes, this website uses the service of the following provider: Defiant Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA.

The provider protects the website and related IT infrastructure from unauthorized third-party access, cyber-attacks, and viruses and malware. The provider collects the IP addresses of users and, if necessary, other data about your behavior on our website (in particular URLs called up and header information) in order to detect and prevent illegitimate page accesses and threats. In the process, the captured IP address is compared with a list of known attackers. If the captured IP address is identified as a security risk, the provider can automatically block it from accessing the site. The information collected in this way is transferred to a server of the provider and stored there.

The described data processing is carried out pursuant to Art. 6 (1) lit. f DSGVO on the basis of our legitimate interests in protecting the website from harmful cyber attacks and in maintaining structural and data integrity and security.

If visitors to the website have login rights, the provider also sets cookies (= small text files) on the end device used by the visitor. With the help of the cookies, certain location and device information can be read, which enables an assessment of whether the login-authorized access originates from a legitimate person. At the same time, access rights can be evaluated via the cookies and released via a site-internal firewall according to the authorization level. Finally, the cookies are used to register irregular access by site administrators from new devices or new locations and to notify other administrators about this.

These cookies are set only if a user has login privileges. The provider does not set cookies for site visitors without login authority.

If personal data is processed via the cookies, the processing is carried out in accordance with Art. 6 para.1 lit f. DSGVO on the basis of our legitimate interest in preventing illegitimate access to the site administration and defense against unauthorized administrator access.

We have concluded an order processing agreement with the provider, which ensures the protection of our site visitors’ data and prohibits unauthorized disclosure to third parties.

For the transfer of data to the USA, the provider invokes standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.

10) Rights of the affected person

10.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective exercise prerequisites:

• Right to information pursuant to Art. 15 DSGVO;
• Right to rectification pursuant to Art. 16 DSGVO;
• Right to erasure pursuant to Art. 17 DSGVO;
• Right to restriction of processing pursuant to Art. 18 DSGVO;
• Right to information pursuant to Art. 19 DSGVO;
• Right to data portability pursuant to Art. 20 DSGVO;
• Right to withdraw consent given pursuant to Art. 7(3) DSGVO;
• Right to lodge a complaint pursuant to Art. 77 GDPR.

10.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

If you wish to exercise your right of withdrawal or objection, simply send an e-mail to info@it-gmbh.de.

11) Duration of the storage of personal data

The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and – if relevant – additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, the data concerned will be stored until you revoke your consent

If there are legal retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) DSGVO, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfillment or initiation of a contract and/or there is no legitimate interest on our part to continue storing it.

When personal data is processed on the basis of Art. 6(1)(f) DSGVO, this data is stored until you exercise your right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Bei der Verarbeitung von personenbezogenen Daten zum Zwecke der Direktwerbung auf Grundlage von Art. 6 Abs. 1 lit. f DSGVO werden diese Daten so lange gespeichert, bis Sie Ihr Widerspruchsrecht nach Art. 21 Abs. 2 DSGVO ausüben.

Sofern sich aus den sonstigen Informationen dieser Erklärung über spezifische Verarbeitungssituationen nichts anderes ergibt, werden gespeicherte personenbezogene Daten im Übrigen dann gelöscht, wenn sie für die Zwecke, für die sie erhoben oder auf sonstige Weise verarbeitet wurden, nicht mehr notwendig sind.

Orders, support, remote maintenance

Our General Terms and Conditions and the data protection provisions listed there apply to orders.
In the context of an order (including app orders via the KNX Online Shop), support service and service in the area of remote maintenance, the company, surname, first name, address, telephone number and e-mail address are recorded. The use of this data is exclusively for processing and sending your order and sending information in connection with the purchased products.
The passing on of contact data in the case of project support/project processing will only take place with your prior express permission.

Location

The web server is located in Germany.

Right to information

You have the right at any time to obtain information about the data stored about you, its origin and recipients, and the purpose for which it is stored. To do so, please contact our office by mail or e-mail (see below). In order to receive information, you must identify yourself as the person in question or be able to prove that you are entitled to receive information about a third person.

Further Information

If you have any further questions that this privacy statement could not answer, or if you would like more in-depth information on any point, please contact us at any time.

Disclaimer

The content of this website has been created with the utmost care. Nevertheless, errors can creep in. Therefore, we do not assume any liability for the correctness of the contents. Please inform us if you have any suggestions for corrections, we will be happy to consider them after checking.

We cannot accept any liability for the content of linked pages, as we have no influence over them.

Actuality and change of this privacy policy

This privacy policy is currently valid and has the status July 2023.

Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. You can access and print out the current data protection statement at any time on the website at https://it-gmbh.de/datenschutzerklaerung/.