1. Object of this Data Protection Declaration
Thank you for your interest in our web presence, and in the services offered on our website. The protection of your personal data (hereinafter referred to simply as “data”) is a central and very important concern to our company. Therefore, in the following document we will provide you with full information on how your data is collected when you visit our website and use the services offered there, and how we then use or process this data. We will also provide information on the additional protective measures we have taken from both an organizational and technical standpoint. Generally, you can use our website www.fintecsystems.com without entering your personal data. It informs you, as the visitor to this page, about the products and services of FinTecSystems GmbH (also referred to as FTS), Gottfried-Keller-Strasse 33, 81245 Munich. Expanded data protection information applies to the use of our products, and is expressly referred to where applicable.
2. Data controller / service provider
The data controller in the sense of the GDPR and service provider in the sense of the German Telemedia Act (TMG) is FinTecSystems GmbH, Gottfried-Keller-Str. 33 81245 Munich. Please see our Legal Notice. For questions or remarks on this Data Protection Declaration or for general questions or remarks on data protection, please contact our Data Protection Officer (Andreas Schmidt, LL.M./ corporate lawyer and external data protection officer (GDDcert.)) at the following e-mail address: firstname.lastname@example.org or via our mailing address by adding “(personally) c/o the Data Protection Officer,” cf. Sec. 11 Right to information.
3. Collection and use of your data
The scope and manner with which we collect and use your data will depend on whether you use our website only to access information or whether you take advantage of the services we offer:
a) Informational use
In general, it is not necessary for you to provide your personal data if using our website only for informational purposes. In this case, we only collect and use the data transmitted automatically to us by your web browser, such as:
- the date and time at which you accessed one of our websites
- your browser type
- your browser settings
- the operating system you use
- the last page you visited
- the transmitted quantity of data and access status (file transmitted, file not found, etc.)
- as well as your IP address
b) Use of services
If you want to take advantage of services we offer on our website, such as provider login to our service, in contrast, you will be required to provide further data. You must provide the data necessary to carry out the specific service, in this case: name, company, e-mail address. You may provide further information voluntarily; we will then mark this data as such. Your data are collected or used for the purpose of providing your requested service. Your data may be transmitted to our supporting service providers for the aforementioned purpose. We have selected these service providers carefully. These may be technical service providers or service providers supporting us with processing our own services. Otherwise, your data is only transmitted to other third parties if we are legally obligated to do so.
4. Consent under data privacy law
Of course, in addition to offering the services you request, we would like to customize our website to your specific interests if you explicitly consent for us to do so in a separate location. To do so, it is necessary from a technical standpoint that we combine the data collected on you and the data you enter into a user profile, which we then evaluate for the aforementioned purposes. This evaluation is only completed internally and only for the aforementioned purposes. You can provide your consent separately. You can then revoke this consent at any time with future effect.
We use so-called session cookies to optimize our website. A session cookie is a small text file sent by a specific server when you visit a website and saved in the buffer memory on your hard drive. This file as such contains a so-called session ID, which allows us to classify various inquiries made by your browser to the overall session. This allows us to recognize your computer when you return to our website. These cookies are deleted after you close your browser. They are used, for instance, to allow you to use the shopping cart function across multiple pages.
We also use persistent cookies to a small extent (these are also small text files saved on your device). These remain on your device and allow us to recognize your browser the next time you visit. These cookies are saved on your hard drive and automatically deleted after the specified time. They have terms ranging from 1 month to 10 years. These cookies help us make our services more user-friendly, effective, and secure, and allow us to show information on the page that is specially tailored to your interests.
Our legitimate interest in using cookies in accordance with Art. 6 para. 1 clause 1 f) GDPR is to make our website more user-friendly, effective, and secure.
The cookies save data and information such as the following:
- Log-in information
- Language settings
- Search terms entered
- Information on the number of times our website is accessed and the use of individual functions on our website.
When a cookie is activated, it is assigned an identification number. Your personal data is not associated with this identification number. Your name, IP address, or similar data that would make it possible to associate the cookie with you are not inserted into the cookie. The cookie technology only provides us with pseudonymized information, such as information on which pages of our shop you have visited, which products you have viewed, etc.. You can change your browser settings so that you are informed when cookies are saved and can decide in each individual instance whether you want to exclude the acceptance of cookies for certain cases or in general, or whether you want to disable cookies entirely. This may restrict the proper function of our website.
6. Use of Google Analytics
We use Google Analytics, a web analytics service of Google Inc. (“Google”). Google Analytics uses “cookies,” text files saved on your computer which allow us to analyze your use of the website. Information generated by the cookie on page visitors’ use of this website is typically transmitted to a Google server in the USA and saved there.
This transmission is the basis of our legitimate interest in accordance with Art. 6 para. 1 clause 1 f) GDPR.
Google has accepted and been certified under the Privacy Shield Agreement concluded between the European Union and the USA. Under this agreement, Google undertakes to comply with the standards and regulations of European data protection law. Further information is available at the following link: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
We have activated IP anonymization on this website (anonymizeIp). However, Google abbreviates your IP address within a member state of the European Union or in another contracting state to the Agreement on the European Economic Area in advance. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and abbreviated there. Google will use this information on our behalf to evaluate your use of the website, assemble reports on website activities, and provide us with further services related to website usage and internet usage.
The IP address transmitted by your browser in the course of Google Analytics is not combined with other information from Google. You can prevent cookies from being saved by changing your browser software settings; however, if you do so we would like to inform you that you may not be able to use all the functions of our website in full.
You can also prevent transmission of the data generated by the cookie regarding your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
As an alternative to the browser plug-in or on browsers on mobile devices, you can click the following link to set an opt-out cookie that will prevent Google Analytics from recording data within this website in the future (this opt-out cookie will only function in this browser and for this domain. If you delete the cookies in your browser, you will have to click this link once again): [Deactivate Google Analytics]
7. Use of Google Maps
8. Use of Google Adwords
Our website uses Google conversion tracking. If you accessed our website via an ad displayed by Google, Google Adwords will save a cookie on your computer. The conversion tracking cookie will be saved when a user clicks an ad displayed by Google. These cookies become invalid after 30 days and are not used to personally identify users. If the user visits certain pages on our website and the cookie has not yet expired, we and Google can see that the user clicked the ad and was transferred to this page. Each Google AdWords customer receives a unique cookie. Therefore, cookies cannot be tracked via the websites of AdWords customers. The information obtained through the conversion cookies is used to prepare conversion statistics for AdWords customers who have decided to use conversion tracking. Customers receive the total number of users who clicked on their ad and were transferred to a page with a conversion tracking tag. However, they do not receive information that can be used to personally identify users.
If you do not want to take part in tracking, you can refuse to allow the cookie required for this purpose to be saved – for instance by deactivating browser settings that generally allow cookies to be saved, or setting your browser to block cookies from the domain “googleadservices.com.”
Please note that you may not delete opt-out cookies if you do not want measured data to be recorded. If you have deleted all the cookies in your browser, you must re-set the specific opt-out cookie.
Our website includes a contact form you can use to inform us of your interest in our products as a provider/retailer of goods and services online. We use the data transmitted via this form (name, company, e-mail) only for the purpose of contacting you individually and for our further communication with you. If you contact us via e-mail or using the contact form, the information you have provided is saved for the purpose of processing your inquiry and for any follow-up questions. The information you have provided may be saved in a customer relationship management system (“CRM system”) or comparable inquiry organization.
The legal basis for processing your data, which is transmitted if you contact us using the contact form or by e-mail, is our legitimate interest (facilitating contact) (Art. 6 para. 1 lit. f) GDPR and, if you are or would like to become our customer, initiating or fulfilling a contract (Art. 6 para. 1 lit. b) GDPR).
Your personal data will be deleted once it is no longer required to achieve the purpose for which it was collected. For personal data transmitted via the contact form or by e-mail, this is the case once our conversation with you has ended. The conversation has ended once circumstances indicate that the matter in question has been clarified between us and you. We review whether data is required every two years; statutory archiving obligations also apply.
You can revoke your consent to process your personal data within the framework of your contact via the contact form or by e-mail at any time with future effect. In such cases, we will not be able to continue our conversation with you. All personal data saved in the process of making contact with you will be deleted in this case.
10. Registration on our website
When you register to use our personalized services, we collect some personal data such as your name, address, and contact and communication data like your telephone number and e-mail address. If you are registered on our website, you can access content and services we offer only to registered users. Registered users can also change or delete the data they provided during registration if necessary at any time. We process your personal data for the following purposes:
a) processing your name and contact information to check your identity, for customer management in the customer menu, and to maintain correspondence with you, in particular to provide customer support;
b) processing your invoice information to complete and bill transactions;
c) processing device and usage data to operate and improve our website and to ensure the security and functionality of our website;
d) to display personalized advertisements to you and to send you marketing notifications about us, our products and our services; and
e) to fulfill our legal obligations under applicable law.
Processing in cases a) and b) is completed for the purpose of initiating or performing a contract (Art. 6 para. 1 lit. b) GDPR). Processing in cases c), d) and e) is completed as part of our legitimate interest in data processing under Art. 6 para. 1 lit. f GDPR.
Your personal data will be deleted once it is no longer required to process the contract, e.g. at the end of the customer relationship. Statutory archiving obligations also apply for business communications and invoicing data. This data will be deleted after the end of statutory terms.
Your personal data must be processed in cases a) and b) for the purpose of fulfilling the contract and for invoicing purposes. In this respect, you cannot revoke your consent to processing.
11. TEST API-KEY
We offer the option of creating a test API key on our website. The data entered into the form for this purpose (your name and e-mail address) is used only for the purpose of registering for the API to use it with our test bank and for developer support.
Processing is completed in accordance with Art. 6 para. 1 lit. f GDPR. Your personal data will be deleted once it is no longer required to provide the test API key. You can object to the processing of your personal data at any time with future effect. In this case, however, the API key will no longer be available to you.
12. Information, deletion, blockage (restriction of processing) or the right to object to processing and the right to data portability
You can obtain information on the personal data we have saved on you at any time, as well as the origin, recipient, and purpose of data collection and data processing.
In addition, you have the right to request the rectification, restriction, or deletion of your data. This does not include data stored on the basis of statutory provisions or required in the normal course of business. Data is stored in a restricted file for controlling purposes to ensure it can be restricted at any time. If data is not covered by a statutory archiving obligation, we will delete your data upon your request. If the archiving obligation applies, we will restrict your data.
You have the right to object to data processing or revoke your consent at any time with future effect. You may send your revocation to the following e-mail address: email@example.com. Once you have revoked your consent, it will no longer be possible to process your data or provide our products.
You have the right to receive your personal data which you have provided to FTS in a structured, commonly used and machine-readable format, and you also have the right to transmit this data to another data controller (right to data portability).
If you have any questions or concerns about rectifying, restricting, deleting or obtaining or transferring (data portability) personal data, please contact our Data Protection Officer at the contact information provided in this Data Privacy Declaration, or at the address indicated in the Legal Notice.
Right to submit complaints to a supervisory authority
You have the right to submit complaints to your responsible supervisory authority for data protection. The authority responsible for the FTS is:
Bayerisches Landesamt für Datenschutzaufsicht (Data Protection Authority of Bavaria)
Promenade 27 (Schloss)
Phone: +49 (0) 981 53 1300
Fax: +49 (0) 981 53 98 1300
13. Duration of storage for personal data or, if this is not available,criteria for determining this duration
We observe the basic principles of data reduction and data minimization. Therefore, we save your personal data only as long as necessary to achieve the purposes indicated here, or as provided in the diverse storage terms given by law. After this purpose no longer applies or after these terms expire, the relevant data is routinely blocked or deleted according with statutory regulations.
14. Social Media-Plugins
Google “+1” button
The “+1” button from the social network Google is integrated on our website; it is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The button is indicated by the symbol “+1.”
If you visit one of our pages that contains such a button, your browser creates a direct connection to Google servers. The content of the “+1” button is transmitted directly to your browser by Google and integrated into the website by it. Therefore, we have no influence over the scope of data Google collects using the button. If you are a member of “Google+” and do not want Google to link data collected through our website with your member data saved at Google, you must log out of “Google+” before visiting our website.
XING Share Button
The XING Share Button (Xing AG, Gänsemarkt 6, 20354 Hamburg) is used on our website. When you access this website, your browser creates a brief connection to the servers of XING AG (“XING”) in order to provide the “XING Share Button” functions (in particular calculating/displaying the meter value). XING does not save any personal data regarding your access to this website. In particular, XING does not save IP addresses. Your user behavior is not evaluated using cookies in conjunction with the “XING Share Button.” You can access current data privacy information on the “XING Share Button” and additional information on this website: https://www.xing.com/app/share?op=data_protection.
LinkedIn Recommend Button
Plugins from the network LinkedIn, by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, (hereinafter referred to as “LinkedIn”) are integrated on this website. You can recognize the LinkedIn plugins by the LinkedIn logo or the “Share button” (“Recommend”) on this website. When you visit this website, the plugin creates a direct connection between your browser and the LinkedIn server. Through this connection, LinkedIn receives the information that you visited this website with your IP address. When you click the LinkedIn “Share Button” while you are logged into your LinkedIn account, you can link the content of this website to your LinkedIn profile. This allows LinkedIn to associate your visit to this website with your user account.
If you are a member of LinkedIn and do not want LinkedIn to link data collected through our website with your member data saved at LinkedIn, you must log out of LinkedIn before visiting our website.
Facebook “Like” button
Plugins from the social network Facebook (Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2 Ireland) are integrated on our websites. You can recognize the Facebook plugins by the Facebook logo or “Like” button on our page. An overview of Facebook plugins is available here: http://developers.facebook.com/docs/plugins/.
If you visit one of our pages that contains such a plugin, your browser creates a direct connection to Facebook servers. The content of the plugin is transmitted directly to your browser by Facebook and integrated into the website by it. Through this connection, Facebook receives the information that you accessed that page of our website. If you are logged into Facebook, Facebook can associate the visit with your Facebook account. If you interact with the plugins, for instance by clicking the “Like” button or leaving a comment, this information is transmitted directly to Facebook by your browser and saved there.
15. Newsletter / Whitepaper
If you take advantage of the newsletter / white paper we offer, we will require a valid e-mail address from you, as well as your name. In addition to the first white paper, we will send you further newsletters / white papers with topics appropriate for your industry / your company (approx. once per month).
To ensure you are the owner of the provided e-mail address or that the owner of that address agrees to receive the newsletter / white paper, after the first step of registration we will send an automated e-mail to the provided e-mail address (double opt in process). Only after the newsletter / white paper registration is confirmed via a link in the confirmation e-mail will we include the given e-mail address in our distribution list. We will not collect any further data beyond the e-mail address, name and confirmation of registration.
Your data is processed only for the purpose of sending you the newsletter / white paper to which you have subscribed. The legal basis for this processing is Art. 6 para. 1 lit. a GDPR (consent). You granted us your consent when you ordered the newsletter / white paper. Conditional upon your request to delete it, data used to send the newsletter / white paper will be saved for as long as we need it to send the newsletter / white paper. Therefore, data will be deleted when you unsubscribe from the newsletter / white paper, or when we receive more than two (2) notifications that a newsletter / white paper cannot be delivered, or when we cease delivery of the newsletter / white paper to which you have subscribed generally. You can revoke your consent to save your data and to use it to send you the newsletter / white paper at any time. You can submit your revocation at any time via e-mail to [firstname.lastname@example.org] or by clicking the link provided in every newsletter / white paper.
We use the MailChimp service of The Rocket Science Group (LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA) (“Rocket”) to deliver our newsletter / white paper on our website. Data saved when you register for the newsletter / white paper is transmitted to Rocket and saved on Rocket servers there. This data is not transmitted to other third parties. After you register for the newsletter / white paper, MailChimp will send you an e-mail to confirm your registration. In addition, MailChimp uses analytic functions to determine how the newsletter is opened and used; for instance to how many users an e-mail is sent, whether e-mails are rejected, and whether users have unsubscribed from the list after receiving an e-mail. These analyses are only group-based, and we do not use them for the purpose of individual evaluations. MailChimp also uses the “Google Analytics” tool (cf. clause “6. Use of Google Analytics”) from Google, Inc. This analytic tool is integrated into the newsletter in some cases. Rocket signed the “Privacy Shield” on 09/29/2016, which is a data privacy agreement between the EU and USA. By doing so, Rocket undertakes to comply with data privacy regulations. (Further information on data privacy at MailChimp is provided at: http://mailchimp.com/legal/privacy/.
To process and answer your questions and messages as quickly as possible, we have linked our contact form to our customer relationship management tool “Pipedrive” from Pipedrive Inc (460 Park Ave South, Suite 5000, New York, NY 10016, USA). Data transmitted to fill out the form is transferred to Pipedrive and saved on Pipedrive servers. We use a cloud-based service from Pipedrive Inc., headquartered in the USA, to manage customer data and customer contacts. The Pipedrive data privacy guidelines are available at https://www.pipedrive.com/de/privacy. You can object to the use of Pipedrive for your personal data at any time in text form (e-mail, letter or fax) with future effect.
17. Data protection regulations for the use and application of Hubspot
FinTecSystems GmbH uses HubSpot for its online marketing activities. This is an integrated software solution with which we cover various aspects of our online marketing. We have concluded an order data processing contract with Hubspot in accordance with the requirements of the DSGVO.
These include, among other things:
- E-mail marketing (newsletters and automated mailings, e.g. to provide downloads)
- Social Media Publishing & Reporting
- Reporting (e.g. traffic sources, access, etc. …)
- Contact management (e.g. user segmentation & CRM)
- Landing Pages and Contact Forms
Our registration service allows users of our website to learn more about our company, download content and provide their contact information and other demographic information. This information and the contents of our website are stored on the servers of our software partner HubSpot. They can be used by us to contact users of our website and to determine which services of our company are of interest to them. All information collected by us is subject to this data protection provision. We use all information collected exclusively to optimize our marketing activities. HubSpot is a software company based in the USA with an office in Ireland.
Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telefon: +353 1 5187500.
HubSpot is certified under the terms of the “EU – U.S. Privacy Shield Framework” and is subject to the TRUSTe ‘s Privacy Seal and the “U.S. – Swiss Safe Harbor” Framework.
More information from HubSpot on EU data protection rules »
More information about the cookies used by HubSpot can be found here & here »
If you generally do not want Hubspot to record your data, you can prevent cookies from being saved at any time by changing your browser settings.
18. Data Security
We also use technical and organizational security measures to protect any collected or gathered personal data, in particular against accidental or intentional manipulation, loss, destruction, or attack by unauthorized parties. Our security measures are continually improved in accordance with technological development. The verification process, in particular entries of banking data, is encrypted using SSL technology. Special entries, such as your online banking PIN, are also doubly secured via an expanded encryption process. Our systems are housed in a certified secure computing center in Germany.
19. Amendments to our data protection provisions
We reserve the right to adjust this data protection declaration if necessary to ensure it corresponds to current legal requirements or to implement changes to our services in the data protection declaration, for instance if we introduce new services.
This Data Protection Declaration was last updated on 02/15/2019.