devicenow GmbH is a member of CHG-MERIDIAN Group.
devicenow GmbH, represented by the Managing Director, Sven Matthiesen,
is the provider of, and therefore responsible for, the commercial and business related online offering.

Data protection declaration

A. General

This data protection declaration (Version: GDPR 2.0 from 01.07.2021) was produced by:
Deutsche Datenschutzkanzlei Datenschutz-Office Munich –
www.deutsche-datenschutzkanzlei.de

Data protection

We are delighted about the visit of our website. devicenow GmbH (hereinafter ‘devicenow’, ‘we’ or ‘us’) attaches great importance to the security of users’ data and compliance with data protection provisions.

Hereinafter, we would like to inform you about how personal data is processed on our website.

With the following privacy policy, we would like to show you how we handle your personal data and how you can contact us.

devicenow GmbH
Franz-Beer-Straße 111
88250 Weingarten
Germany

E-Mail: info@devicenow.com
Web: www.devicenow.com
 

Managing Director: Sven Matthiesen

Registry court: Ulm HRB 744438

Tax office: Weingarten
Sales tax identification number: DE _

Court of jurisdiction: Ravensburg
Applicable law: Law of the Federal Republic of Germany (BRD)

Data protection officer

If you have questions, you can contact our data protection officer as follows:
Irina Weiß, E-Mail: dataprotection@devicenow.com

B. Wording

For better comprehensibility, we have refrained from gender-specific distinctions in our privacy policy. In the interest of equal treatment, the corresponding terms apply to both genders.

The specialist terms used in this Privacy Policy are to be understood as legally defined in article 4 GDPR, such as “personal data” and “processing”.

The personal data of users processed within the scope of this online offer includes inventory data (e.g., names and addresses of customers), contract data (e.g., used services, names of clerks, payment information), usage data (e.g., visited websites on our online offer, interest in our products) and content data (e.g., entries in the contact form).

“Users” here includes all categories of data subjects affected by the data processing. This includes, for example, our business partners, customers, interested parties and other visitors of our online offering.

Each of the company names or brand names mentioned in this privacy policy is the property of the respective company. The mention of brands and names is for purely informative purposes.

C. Specific information
Automated data processing (log files etc.)

Our website can be visited without actively providing personal information about the user. However, every time our website is accessed, we automatically store access data (server log files), such as the name of the internet service provider, the operating system used, the website the user visited us from, the date and duration of the visit and the name of the file accessed, as well the IP address of the device used (for security reasons, such as to recognise attacks on our website) for a duration of 7 days. This data is solely evaluated for the purpose of improving our offering and does not enable conclusions to be drawn about the person of the user. This data is not merged with other data sources. The legal base for the processing of the data is Art. 6 (1) (f) GDPR. We process and use the data for the following purposes:

  1. to provide the website,
  2. to improve our websites and to prevent and
  3. identify errors/malfunctions and the abuse of the website.

The processing is based on legitimate interests to ensure the functionality of the website and its error-free, secure operation, as well as to adapt this website to suit users’ needs.

Use of cookies (general, functionality, opt-out links etc.)

We use ‘cookies’ on our website to make visiting our website more attractive and to enable certain functions to be used. The use of cookies serves our legitimate interest in making a visit to our website as pleasant as possible and is based on article 6 (1) (f) GDPR. Cookies are standard internet technology used to store and retrieve login details and other useful information for all the users of a website. Cookies are small text files that are deposited on your end device. They enable us to store user settings, inter alia, to ensure that our website can be shown in a format tailored to your device. Some of the cookies we use are deleted after the end of a browser session, i.e. when closing the browser (known as ‘session cookies’). Other cookies remain on the user’s end device and enable us or our partner companies to recognise the browser on the next visit (known as ‘persistent cookies’).

The browser can be set so that the user is informed when cookies are to be stored and can decide whether to accept them in each individual situation, to accept them under certain circumstances, or to exclude them in general. In addition, cookies can be retrospectively deleted to remove data that the website stored on your computer. Deactivating cookies (known as ‘opting out’) can limit our website’s functionality in some respects.

Categories of data subjects: 
Website visitors, users of online services

Opt-out:
Internet Explorer
Mozilla Firefox
Google Chrome
Safari

Legal bases:
Consent (article 6 (1) (a) GDPR), legitimate interest (article 6 (1) (f) GDPR)
The pertinent legal basis is specifically stated for each tool in question.

Legitimate interests:              
Storing of opt-in preferences, presentation of the website, assurance of the website’s functionality, provision of user status across the entire website, recognition for the next website visitors, user-friendly online offering, assurance of the chat function.

Web analysis and optimisation

We use tools for web analysis and reach measurement so that we can evaluate user flows to our online offering. To do so, we collect information about the behaviour, interests or demographics of our users, such as their age, gender, and so on. This helps us to recognise the times at which our online offering, its functions, and content are frequented the most or accessed more than once. In addition, we can use the information that has been collected to determine whether our online offering requires optimisation or adjustment.

The information collected for this purpose is stored in cookies or deployed in similar procedures used for reach measurements and optimisation. The data stored in the cookies could include the content viewed, webpages visited, settings and the functions and systems used. However, plain data from users is not normally processed for the above purposes. In this case, the data is changed so that the actual identity of the user is not known to us, nor the provider of the tool used. The changed data is often stored in user profiles.

Categories of data subjects:  
Website visitors, users of online services.

Data categories:                    
Usage data (e.g. websites visited, interest in content, access times), metadata and communication data (e.g. device information, IP addresses), contact data (e.g. email address, telephone number), content data (e.g. text inputs, photographs, videos).

Purposes of processing:
Website analyses, reach measurement, utilisation and assessment of website interaction, lead evaluation.

Legal bases:                          
Consent (article 6 (1) (a) GDPR), legitimate interest (article 6 (1) (f) GDPR).

Legitimate interests:              
Optimisation and further development of the website, increase in profits, customer loyalty and acquisition.

Online marketing

We process personal data within the framework of online marketing, particularly regarding potential interests and to measure the effectiveness of our marketing measures, with the aim of continually boosting our reach and the prominence of our online offering.

We store the relevant information in cookies or use similar procedures for the purpose of measuring the effectiveness of our marketing measures and identifying potential interests. The data stored in the cookies could include the content viewed, webpages visited, settings, and the functions and systems used. However, plain data from users is not normally processed for the above purposes. If so, the data is changed so that the actual identity of the user is not known to us, nor the provider of the tool used. The changed data is often stored in user profiles.

In the event that user profiles are stored, the data can be used, read, supplemented, and expanded on the server of the online marketing procedure when other online offerings are visited that use the same online marketing procedure.

We can calculate the success of our adverts using summarised data that is made available to us by the provider of the online marketing procedure (known as ‘conversion measurement’). As part of these conversion measurements, we can trace whether a marketing measure caused a visitor to our online offering to decide to make a purchase. This evaluation serves to analyse the success of our online marketing.

Categories of data subjects:
Website visitors, users of online services, prospective customers, communication partners, business partners and contractual partners.

Data categories:
Usage data (e.g. websites visited, interest in content, access times), metadata and communication data (e.g. device information, IP addresses), location data, contact data (e.g. email address, telephone number), content data (e.g. text inputs, photographs, videos).

Purposes of processing:
Marketing (sometimes interest-based and behavioural, as well), conversion measurement, target group formation, click tracking, development of marketing strategies and increase in the efficiency of campaigns.

Legal bases:
Consent (article 6 (1) (a) GDPR), legitimate interest (article 6 (1) (f) GDPR).

Legitimate interests:
Optimisation and further development of the website, increase in profits, customer loyalty and acquisition.

Google Tag Manager –
Tool:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy:                      
https://policies.google.com/privacy
Opt-out-link:              
https://tools.google.com/dlpage/gaoptout?hl=de  or
https://myaccount.google.com/
Legal base:
Legitimate interest (article 6 (1) (f) GDPR)
Legitimate interests:
Coordination of different tools, management, easy handling and representation.

Google Analytics –
Tool:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy:
https://policies.google.com/privacy
Opt-out-link:
https://tools.google.com/dlpage/gaoptout?hl=de or
https://myaccount.google.com/
Legal base:
Consent (article 6 (1) (a) GDPR)

Google AdServices and conversion measurement –
Tool:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy:
https://policies.google.com/privacy
Opt-out-link:
https://tools.google.com/dlpage/gaoptout?hl=de or
https://myaccount.google.com/
Legal base:
Consent (article 6 (1) (a) GDPR)

HubSpot & Hubspot Forms –
Tool:
HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA
Privacy:
https://legal.hubspot.com/privacy-policy
Opt-out:
https://app.hubspot.com/login

LinkedIn Analytics –
Tool:
LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA
Privacy:
https://www.linkedin.com/legal/privacy-policy
Opt-out-link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Legal base:
Consent (article 6 (1) (a) GDPR)

Presence on social media

We maintain online presences on social networks and career platforms so we can exchange information with users registered there and easily contact them.
Sometimes, data belonging to social network users is used for market research and, by extension, for advertising purposes. Users’ usage behaviour, such as their stated interests, can lead to user profiles being created and used in order to adapt adverts to suit the interests of the target group. To this end, cookies are normally stored on users’ end devices, which sometimes occurs regardless of whether you are a registered user of the social network.

In conjunction with the use of social media, we also make use of the associated messenger services to communicate easily with users. We would like to point out that the security of some services can depend on the user's account settings. Even in cases of end-to-end encryption, the service provider can draw conclusions about the fact that the user is communicating with us, when they do so, and, on occasion, capture location data.

Depending on where the social network is operated, the user data can be processed outside the European Union or outside the European Economic Area. This can lead to risks for users because it is more difficult for them to assert their rights, for example.

Categories of data subjects:
Registered users and non-registered users of the social network.

Data categories:
Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text inputs, photographs, videos), usage data (e.g. websites visited, interest in content, access times), metadata and communication data (e.g. device information, IP addresses).

Purposes of processing:
Increase in the reach, networking of users.

Legal bases:
Consent (article 6 (1) (a) GDPR), legitimate interest (article 6 (1) (f) GDPR).

Legitimate interests:
Interaction and communication on social media pages, increase in profits, findings regarding target groups.

LinkedIn –
Tool:
LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA
Privacy:
https://www.linkedin.com/legal/privacy-policy
Opt-out-link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

YouTube –
Tool:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy:
https://policies.google.com/privacy?hl=de&gl=de
Opt-out-link:
https://tools.google.com/dlpage/gaoptout?hl=de or
https://myaccount.google.com/

Plug-ins and integrated third-party content

We have integrated functions and content obtained from third-party providers into our online offering. For example, videos, depictions, buttons or contributions (hereinafter termed ‘content’) can be integrated.

To enable visitors to our online offering to be shown content, the third-party provider in question processes the user’s IP address, inter alia, to transmit the content to the browser and display it. It is not possible to integrate third-party content without this processing taking place.

Sometimes, additional information is collected via ‘pixel tags’ or web beacons through which the third-party provider receives information about the use of the content or visitor traffic to our online offering, technical information about the user's browser or operating system, the visit time or referring websites. The data collected in this manner is stored in cookies on the user’s end device.

We have taken security precautions to prevent this data from being automatically transferred, with the aim of protecting the personal data of visitors to our online offering. This data is only transferred if the visitor uses the buttons or click on the third-party content.

Categories of data subjects:
Users of plug-ins or third-party content.

Data categories:
Usage data (e.g. websites visited, interest in content, access times), metadata and communication data (e.g. device information, IP addresses) contact data (e.g. email address, telephone number), Master data (e.g. name, address).

Purposes of processing:
Design of our online offering, increase in the reach of adverts on social media, sharing of contributions and content, interest-based and behavioural marketing, cross-device tracking.

Legal bases:
Consent (article 6 (1) (a) GDPR)

LinkedIn plug-ins –
Tool:                          
LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA
Privacy:                      
https://www.linkedin.com/legal/privacy-policy
Opt-out-link:              
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Legal base:                 
Consent (article 6 (1) (a) GDPR)

Polyfill.io –
Feature detection in the browser before loading polyfill using services like polyfill.io. It's a service which accepts a request for a set of browser features and returns only the polyfills that are needed by the requesting browser to recreate missing features.
Tool:
The Financial Times Limited, Bracken House, 1 Friday Street, London, England, EC4M 9BT.
Privacy:
https://www.polyfill.io/v3/privacy-policy/

YouTube –
Tool:                          
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Privacy:                      
https://policies.google.com/privacy?hl=de&gl=de
Opt-out-link:              
https://tools.google.com/dlpage/gaoptout?hl=de or
https://myaccount.google.com/
Legal base:                 
Consent (article 6 (1) (a) GDPR)

Online conferences and meetings

We make use of the opportunity to hold online conferences and meetings. To do so, we use offerings provided by other carefully selected providers.

When actively using offerings of this nature, data regarding the participants in the communication is processed and stored on the servers of the third-party services used, provided this data is necessary for the communication process. In addition, usage data and metadata can also be processed.

Categories of data subjects:
Participants in the online offering in question (conference, meeting, webinar).

Data categories:
Master data (e.g. name, address), contact data (e.g. email address, telephone number), Content data (e.g. text inputs, photographs, videos), metadata and communication data (e.g. device information, IP addresses).

Purposes of processing:
Processing of enquiries, increase in efficiency, promotion of cross-company or cross-location collaboration.

Legal bases:
Consent (article 6 (1) (a) GDPR).

Contacting us

On our online offering, we offer the option of contacting us directly or requesting information via various contact options.

In the event of contact being made, we process the data of the person making the enquiry to the extent necessary for answering or handling their enquiry. The data processed can vary depending on the method via which contact is made with us.

We want to point out, that e-mails can be read or changed unauthorized and unnoticed during transmission. Furthermore, we would like to point out that we use software to filter undesired e-mails (spam filter). The spam filter can reject e-mails if they have been erroneously identified as spam by certain characteristics.

Categories of data subjects:
Individuals submitting an enquiry.

Data categories:                    
Master data (e.g., name, address), contact data (e.g., email address, telephone number), content data (e.g., text inputs, photographs, videos), metadata and communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times).

Purposes of processing:
Processing requests.

Legal bases:
Consent (article 6 (1) (a) GDPR), performance of contract (article 6 (1) (b) GDPR).

Data transfer

We are a globally active company headquartered in Germany. Data of visitors to our online offering is stored in our central customer database in Germany, in compliance with the pertinent data protection provisions, and is processed across the group for internal administrative purposes. It is not processed for purposes other than administrative ones.

Legal basis:                            
Legitimate interests (article 6 (1) (f) GDPR)

Legitimate interests:
‘Small-group exemption’, centralised management and administration within the company to make use of synergy effects, cost savings, increased efficiency.

It may be necessary for us to disclose personal data for the performance of contracts or to comply with legal obligations. If the data necessary in this regard is not provided to us, it may be the case that the contract cannot be concluded with the data subject. It may also be necessary for us to engage service providers for the provision of our service or the provision of our online offer. Since it cannot be ruled out that these receive personal data of the visitors of our online offer, their engagement always takes place in accordance with the GDPR.

We transfer data to countries outside the EEA (known as ‘third countries’). This occurs due to the above-mentioned purposes (transfer within the group and/or to other recipients). The transfer is only effected to fulfil our contractual and legal obligations, or on the basis of the consent that the data subject granted prior to this. In addition, the transfer is only effected in compliance with the applicable data protection laws, in particular taking into account Art. 44 et seq. GDPR, for example on the basis of adequacy decisions issued by the European Commission or other appropriate safeguards (e.g., standard data protection clauses, etc.).

Storage period

In principle, we store the data of visitors to our online offering for as long as needed to render our service or to the extent that the European body issuing directives and regulations, or another legislator stipulates in laws and regulations to which we are subject. In all other cases, we delete personal data once the purpose has been fulfilled, with the exception of data that we need to continue to store to comply with legal obligations (e.g. if retention periods under tax law and trade law require us to keep documents such as contracts and invoices for a certain period of time).

Automated decision-making

We do not use automated decision-making or profiling.

Legal bases

The decisive legal bases primarily arise from the GDPR. They are supplemented by national laws from member states and can, if applicable, be applied alongside or in addition to the GDPR.

Consent:
Article 6 (1) (a) GDPR serves as the legal basis for processing procedures regarding which we have sought consent for a particular purpose of processing.

Performance of a contract:                
Article 6 (1) (b) serves as the legal basis for processing required to perform a contract to which the data subject is a contractual party or for taking steps prior to entering into a contract, at the request of the data subject.

Legal obligation:                               
Article 6 (1) (c) GDPR is the legal basis for processing that is required to comply with a legal obligation.

Vital interests:                                   
Article 6 (1) (d) GDPR serves as the legal basis if the processing is necessary to protect the vital interests of the data subject or another natural person.

Public interest:                                  
Article 6 (1) (e) GDPR serves as the legal basis for processing that is necessary to perform a task in the public interest or to exercise public force that is transferred to the controller.

Legitimate interest:                           
Article 6 (1) (f) GDPR serves as the legal basis for processing that is necessary to protect the legitimate interests of the controller or a third party, provided this is not outweighed by the interests or fundamental rights and fundamental freedoms of the data subject that require personal data to be protected, particularly if the data subject is a child.

Rights of the data subject

Right of access:
Pursuant to article 15 GDPR, data subjects have the right to request confirmation as to whether we process data relating to them. They can request access to their data, along with the additional information listed in article 15 (1) GDPR and a copy of their data.

Right to rectification:
Pursuant to article 16 GDPR, data subjects have the right to request that data relating to them, and that we process, be rectified or completed.

Right to erasure:
Pursuant to article 17 GDPR, data subjects have the right to request that data relating to them be erased without delay. Alternatively, they can request that we restrict the processing of their data, pursuant to article 18 GDPR.

Right to data portability:
Pursuant to article 20 GDPR, data subjects have the right to request that data made available to us by them be provided and transferred to another controller.

Right to lodge a complaint:
In addition, data subjects have the right to lodge a complaint with the supervisory authority responsible for them, under article 77 GDPR.

Right to object:
If personal data is processed on the basis of legitimate interests pursuant to article 6 (1) (f) GDPR, under article 21 GDPR data subjects have the right to object to the processing of their personal data, provided there are reasons for this that arise from their particular situation or the objection relates to direct advertising. In the latter case, data subjects have a general right to object that is to be put into effect by us without a particular situation being stated.

Withdrawal of consent

Some data processing procedures can only be carried out with the express consent of the data subject. Once granted, you are able to withdraw consent at any time. To do so, sending an informal note or email to info@devicenow.com is sufficient. The legality of the data processing carried out up to the point of withdrawal shall remain unaffected by the withdrawal.

Protection of personal data

We implement contractual, organizational, and technical security measures in accordance with the state of the art to ensure compliance with the provisions of data protection laws and to protect the data we process against accidental or intentional manipulation, loss, destruction or access by unauthorized persons.
The security measures include in particular the encrypted transmission of data between your browser and our server. For this, a 256-bit-SSL (AES 256) encryption technology is used. This includes your IP address.

In this context, your personal data is protected within the scope of the following points (excerpt):

  1. Maintaining the confidentiality of your personal data
    In order to maintain the confidentiality of your personal data stored in our systems, we have taken various measures to control physical access, electronic access and internal access.
  2. Maintaining the integrity of your personal data
    In order to maintain the integrity of your personal data stored in our systems, we have taken various measures to control data transfer and data entry.
  3. Maintaining the availability of your personal data
    In order to maintain the availability of your personal data stored in our systems, we have taken various measures to control order and availability.

The implemented security measures are continuously improved in line with technological developments. Despite these measures, we cannot guarantee the security of your data transmission to our online service due to the insecure nature of the Internet. For this reason, any data transmission from you to our online service is at your own risk.

External links

Our website includes links to online offerings from other providers. We note that we have no influence over the content of the online offerings linked to and over whether their providers comply with data protection provisions.

Amendments

We reserve the right to amend this information on data protection, in compliance with the applicable data protection provisions, if changes are made to our online offering so that it complies with the legal requirements.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookies about your use of this website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information for Google.

Prevent storage of cookies
You can deny the use of cookies by selecting the appropriate settings in your browser, however, please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Objection to data collection
If you do not want Google to receive data from your browser when you visit these pages, you can find the link to the opt-out solution for Google Analytics here: https://tools.google.com/dlpage/gaoptout?hl=en

This plug-in prevents the browser from requesting the Analytics-Code so that Google does not receive any data when the page is accessed. The plug-in is only available for Microsoft Internet Explorer 11, Google Chrome, Mozilla Firefox, Apple Safari and Opera. According to Google, the browser blocks the Google Analytics script after installation. For more information on terms of use and privacy, visit https://www.google.com/analytics/terms/de.html or http://www.google.com/intl/de/analytics/privacyoverview.html

Storage period
We have used Google Analytics data-storage settings to determine how long data is stored before it is automatically deleted from Analytics servers. We have chosen the following storage period: 38 months.

Demographics
This website uses the feature Demographics by Google Analytics. This allows reports to be generated that contain statements about the age, gender, and interests of site visitors. This data comes from interest-related advertising by Google and visitor data from third parties. This information cannot be assigned to any specific individual. You can deactivate this function at any time via the ad settings in your Google Account or generally prohibit Google Analytics from collecting your data as described under "Objection to data collection".

Use of Google Ads (formerly AdWords)

On our website we use Google Conversion Tracking, an analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google".

Google Ads places a cookie on your computer ("conversion cookie") if you have reached our website via a Google advertisement. These cookies lose their validity after 30 days and are not used for personal identification. If you visit certain pages on our site and the cookie has not expired yet, we and Google may recognize that someone has clicked on the ad and has been redirected to our site. Each Google Ads customer receives a different cookie. Cookies therefore cannot be tracked through the websites of Google Ads customers. The information collected from the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. The Google Ads customers will know the total number of users who clicked on their ad and were directed to a page tagged with a conversion tracking tag. However, you will not receive any information that personally identifies users.

If you do not wish to participate in tracking, you can disable the installation of cookies by setting your browser software accordingly (deactivation option). They will then not be included in the conversion tracking statistics.

You can find more information on the terms of use and data protection at: https://www.google.de/policies/privacy/

Use of YouTube

Functions of the YouTube service are integrated into our website for displaying and playing videos. This function is offered by YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA.

An extended data protection mode is used for this which, according to the provider, only begins to record user information when the video playback is started.
If the playback of an embedded YouTube video is begun, YouTube uses cookies to collect information about user behaviour. According to notes from YouTube, this is used to collect video statistics, improve user-friendliness and prevent misuse, among other things.

Further details about the use of cookies by YouTube can be found in YouTube’s data protection declaration:
https://www.youtube.com/t/privacy_at_youtube

Use of LinkedIn Insight Tag

On our website/online presence we have integrated the service LinkedIn Insight Tag. The service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Pl, Dublin 2, Ireland (hereinafter LinkedIn).

We process your personal data in order to be able to track and evaluate your activities on our website and to tailor our website/online presence better to your needs. The legal basis for the processing of personal data is your consent given to us within the meaning of Art. 6 Paragraph 1 lit.) a, 7 GDPR.

The LinkedIn Insight Tag is a small piece of JavaScript code, we have added to our online presences in order to provide detailed campaign reports and to gain valuable information about the visitors of our online presence.

The LinkedIn Insight Tag allows us to collect data about visits to our online presence, including URL, Referrer URL, IP address, device and browser properties (user agent) and timestamps. The data is encrypted, the IP addresses are truncated, and the direct IDs of LinkedIn members are removed within seven days to pseudonymize the data. This remaining pseudonymized data is deleted within 90 days.

LinkedIn does not share any personal data with us as the data controller of the website, but only provides us with aggregated reports about the website’s target group and the advertising performance.

Further information regarding the purpose and scope of the processing of personal data and use of your data can be found under the following links:
LinkedIn privacy policy https://www.linkedin.com/legal/privacy-policy 
LinkedIn cookie policy https://www.linkedin.com/legal/cookie_policy 

As a LinkedIn member, you can make settings for the processing of your personal data under the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Amendments to our data protection policy

We reserve the right to adapt our data protection declaration occasionally so that it always meets the current legal requirements or to implement changes in our services in the data protection declaration. This could apply e.g. to the introduction of new services. The new data protection declaration would then apply to your return visit.

Brand protection

Each firm or trademark named here is the property of the respective firm. The naming of brands and names is purely for informative purposes.

D. Specific provisions for Russia

The following applies to users who are residents of the Russian Federation:
The services of our online offer listed above, are not intended for citizens of the Russian Federation who are resident in Russia.

If you are a Russian citizen resident in Russia, you are expressly informed that all personal data that you make available to us over our internet offering, is exclusively at your own risk and on your own responsibility. You further agree that you will not hold us responsible for a possible breach of Russian Federation law.

Business data protection declaration

1. Introduction and scope

devicenow GmbH (“devicenow”) is committed to process personal data responsibly and in compliance with the applicable data protection laws in all countries in which the company operates.

This European Union (“EU”) Customer/Vendor Data Protection Notice (the “Notice”) describes the types of personal data devicenow collects, how devicenow uses that personal data, with whom devicenow shares your personal data, and the rights you, as a data subject, have regarding the devicenow's use of the personal data. This notice also describes the measures devicenow takes to protect the security of the data and how you can contact us about our data protection practices.

2. Contact details of the Data Controllers

The entity responsible for the collection and use of your personal data (the Data Controllers) in your home country for the purposes described in this notice is devicenow GmbH.

3. Contact details of the Data Protection Manager

A Data Protection Officer (“DPO”) is designated. The DPO is involved in all issues related to the protection of your personal data. In particular, the DPO is in charge of monitoring and ensuring compliance with this notice and the applicable data protection laws. They will also provide advice on data protection matters upon request.

For any clarification or additional information you may need in order to fully understand this Notice, please contact:
info@devicenow.com

4. Purposes of data processing and legal basis

devicenow GmbH processes personal data in accordance with applicable data protection laws and regulations and only for limited, explicit and legitimate purposes. devicenow will not use personal data for any purpose that is incompatible with the original purpose for which it was collected unless you provide your prior explicit consent for further use.

Personal data relating to customers/vendors may be processed for the purposes of:

  • Managing commercial relationships with current and potential clients;
  • Managing commercial relationships with current and potential suppliers and vendors;
  • Carrying out promotional operations;
  • Conducting statistical surveys and marketing studies, etc.
devicenow ensures that our internal governance procedures clearly specify the reasons behind decisions to use personal data for alternative processing purposes. Prior to using your personal data for a purpose other than the one for which it was initially collected, you will be informed about such new purpose.
5. Categories of personal data processed

The provision of personal data is a requirement necessary to enter into a contract with devicenow GmbH or a requirement by law or regulation for the devicenow to administer your customer/vendor relationship. The personal data processed is limited to the data necessary for carrying out the purpose for which such personal data is collected.

Personal data processed includes the following:

  • Business information (such as name of organization, department and job title);
  • Contractual information (such as date of agreement, type of commercial relationship, etc.).

devicenow will not collect personal data if such collection is prohibited under the applicable data protection laws.

In no case will personal data revealing religious beliefs, racial or ethnic origin, political opinions, philosophical beliefs, trade union membership or concerning sex life be processed in the customer/vendor context.

devicenow will maintain personal data in a manner that ensures it is accurate, complete and up-to-date.

6. Data security

devicenow GmbH has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, such risk analysis includes an analysis of the risk of compromising the rights of the data subject, costs of implementation, and the nature, scope, context and purposes for data processing.

The measures include:

  1. encryption of personal data where applicable/appropriate;
  2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
  3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and
  4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
7. Recipients of personal data

devicenow GmbH will only grant access to personal data on a need-to-know basis, and such access will be limited to the personal data that is necessary to perform the function for which such access is granted.

Authorization to access personal data will always be linked to the function so that no authorization will be extended to access personal data on a personal basis. Service providers will only receive personal data according to the purposes of the service agreement with the Company.

8. International data transfers

International data transfers refer to transfers of personal data outside of the European Economic Area (“EEA”). The international footprint of devicenow GmbH involves the transfer of personal data to and from other group companies or third parties, which may be located outside the EEA. devicenow will ensure that when personal data is transferred to countries that have different standards of data protection, appropriate safeguards to adequately protect the personal data are implemented to secure such data transfers in compliance with applicable data protection laws. devicenow has implemented Data Transfer agreements based on EU model clauses to cover international data transfers and a copy of these agreements can be obtained by contacting the DPO.

9. Retention of personal data

devicenow GmbH will not retain your personal data for longer than is allowed under the applicable data protection laws and regulations or for longer that is justified for the purposes for which it was originally collected or otherwise processed, subject to applicable local retention requirements.

10. Data protection rights

Under applicable data protection laws, you will benefit from the following rights:

  • Right to access to, rectification and erasure of personal information;
  • Right to restriction of processing and to object to processing;
  • Right of data portability to the extent applicable;
  • Right to withdraw consent where the processing is based on consent; and
  • Right to lodge a complaint with the supervisory authority.
11. Miscellaneous

This notice may be revised and amended from time to time and appropriate notice about any amendments will be given.

devicenow GmbH is allowed to adapt the text of this notice only in order to be compliant with local legislation by means of an addendum attached to this notice. In case of any discrepancies between this notice and a specific local addendum made in accordance with local law, the terms of the latter will prevail.