Introduction
This policy explain:
- Storage and processing of personal informations you leave behind, if you browse this website.
- Types and processing of Cookies stored and processed if you browse our websites.
- Storage and processing of personal Data by our Software used for auditing by other Companys or Organisations
Collecting personal information browsing our Websites
The following types of personal information may be collected, stored, and used:
- information about your computer including your IP address, geographical location, browser type and version, and operating system;
- information about your visits to and use of this website including the referral source, length of visit, page views, and website navigation paths;
- information that you enter while using services on our website;
- information that is generated while using our website, including when, how often, and under what circumstances you use it;
- information contained in any communications that you send to us by email or through our website, including its communication content and metadata;
- any other personal information that you send to us.
Before you disclose to us the personal information of another person, you might need to obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with GDPR.
Using your personal information
Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website. We may use your personal information for the following:
- administering our website and business;
- personalizing our website for you;
- enabling your use of the services available on our website;
- supplying services provided through our website;
- sending you email notifications that you have specifically requested;
- providing third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information);
- dealing with inquiries and complaints made by or about you relating to our website;
- keeping our website secure and prevent fraud;
- verifying compliance with the terms and conditions governing the use of our website (including monitoring private messages sent through our website private messaging service)
We will not, without your express consent, supply your personal information to any third party for their or any other third party’s aims.
Third party websites
Our website includes hyperlinks to, and details of, third party websites. We have no control over, and are not responsible for, the privacy policies and practices of third parties but we provide only links to legal or technical informations related to our business or leding to our partners and customers.
Cookies
Consenting to our use of cookies in accordance with the terms of this policy when you first visit our website permits us to use cookies every time you visit our website
Our website uses cookies. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
- We only use session cookies and cookies useful to provide specific functions.
- We neither use own nor third party Cookies like Google Analytics to recognize a computer when a user visits the website, to track users as they navigate the website, to analyze the use of the website or target advertisements;
- Most browsers allow you to refuse to accept cookies—for example:
- in Internet Explorer (version 10) you can block cookies using the cookie handling override settings available by clicking “Tools,” “Internet Options,” “Privacy,” and then “Advanced”;
- in Firefox (version 24) you can block all cookies by clicking “Tools,” “Options,” “Privacy,” selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
- in Chrome (version 29), you can block all cookies by accessing the “Customize and control” menu, and clicking “Settings,” “Show advanced settings,” and “Content settings,” and then selecting “Block sites from setting any data” under the “Cookies” heading.
Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.
- You can delete cookies already stored on your computer—for example:
- Deleting cookies will have a negative impact on the usability of many websites.
Usage of auditBus Software by Companies and Organisations
Companys and Organisations use our Webserver to carry out assessment e.g. in order to document compliance of Suppliers and Partners. Using our Webservers requires an account allowing data collection and a Template with definition of kind and scope of data. Therefore we differentiate between data, saved in User-Account of our customers and data, dafined and processed by our customers.
- User-Data. Mandatory informations i.O. to run a user account are Username, Passsword and E-Mail, optinally Phone-Number(s). User accounts got set up by our employees or employees of companies and organisations using our Services. Self-Registering or getting registered by unauthorized third party without consent is not possible. Linked to one users account we typically save time, duration and type of access of a service.
- Personal data related to specific assessments. Type and content es well as processing and retention time on our system is under responsibility of Companies and Organisations using our Service.
As a Contract Data Processor and with evidence of a legitimate interest we can provide information if personal data can be found on our system and send requests to the responsible Processor.
Disclosing personal information
We may disclose your personal information to any of our employees, as reasonably necessary for the purposes set out in this policy.
We may disclose your personal information:
- to the extent that we are required to do so by law;
- in connection with any ongoing or prospective legal proceedings;
- in order to establish, exercise, or defend our legal rights;
Except as provided in this policy, we will not provide your personal information to third parties.
Concerning Data collected using our Services by our Customers, we will send requests at evidence of a legitimate interest to the responsible Contract Data Processor and/or Owner.
International data transfers
- Information that we collect may be stored, processed in, and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy.
- You expressly agree to this transfers of personal information.
Retaining personal information
- Concerning data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations regarding the retention and deletion of personal information.
- Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Without prejudice to article 2, we will usually delete personal data falling within the categories set out below at the date/time set out below:
- personal data sent using services provided on our website (usually by email) is passed to its certain recipient an will not be stored on our web server;
- any other data, left behind while using our website (e.g. server logfiles) will be deleted automatically in reasonable periods, not later than 6 month.
- Notwithstanding the other provisions of this Section, we will retain documents (including electronic documents) containing personal data:
- to the extent that we are required to do so by law;
- if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
- in order to establish, exercise, or defend our legal rights.
- Concerning Data collected by using our Services, the Contract Data Processor operating specific Templates as well as Prowject-Owners are responsible. At evidence of a legitimate interest, we will give information about Contract Data Processor and/or Owner.
Security of your personal information
- We will take reasonable technical and organizational precautions to prevent the loss, misuse, or alteration of your personal information.
- We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
- Any use of this website is protected by encryption technology.
- You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
- You are responsible for keeping any informations used for accessing our website and services (especially passwords) confidential; we will never ask you for any information related to this.
Amendments
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you understand any changes to this policy.
Your rights
You may instruct us to provide you with any personal information we might hold about you; provision of such information might require your participation.
We may withhold personal information that you request to the extent permitted by law.
You may instruct us at any time not to process your personal information.
Related to usage of our Service by other Contract Data Processors and their Cusomers, we will eventually not directly repond on requests or accept any instructions because there might be legitimate interest to process this data. In case of evidence of a legitimate interest e.g. as owner of speific personal Data, we will of course send such request to responsible bodies in order to protect individual rights.