Effective as of May 25, 2018.
THIS DATA PROTECTION DECLARATION BASED ON THE REGULATION (EU) 2016/679 (BASIC DATA PROTECTION REGULATION) OF THE EUROPEAN UNION; THE FEDERAL DATA PROTECTION ACT (BDSG-NEU) AND THE TELEMEDIA ACT (TMG) OF THE FEDERAL REPUBLIC OF GERMANY BUILD ON THIS.
Anonymisation – is the alteration of personal data in such a way that the individual details about personal or factual circumstances can no longer be assigned to a specific or identifiable natural person, or only with a disproportionately large expenditure of time, costs and manpower.
Automated processing of personal data - is the collection, processing or use of personal data using data processing equipment.
Information - are data that make sense in the context of a situation known to the user.
Erase - With an economically justifiable effort, data is removed from a storage medium so that this data is not easily recoverable.
Users - are both female and male natural persons who have reached the age of 18.
Personal data - are individual details of personal or factual circumstances of an identified or identifiable natural person (data subject) related to § 4 Abs. 1 DSGVO.
Pseudonymize - is the replacement of identification features concerning the name by an identification mark or a character string for the purpose of excluding or substantially complicating the determination of the person concerned.
In meaning with § 5 Abs. 1 lit. c. DSGVO we commit us to the principle of data avoidance and collect, process or use as little personal data as possible. In particular, we anonymise or pseudonymise personal data as far as this is possible according to the purpose of use, is economically justifiable and does not require any disproportionate effort in relation to the intended protective purpose.
3.1 Through the use and continuous further development of suitable techniques, economically justifiable administrative and physical measures, we will prevent unauthorized access by third parties to the data you have entered, transferred to us and stored by us. Such measures are:
a. Encryption of your data during transmission (using SSL or similar technologies),
b. Privacy by Default,
c. we work together with Privacy Shield certified partners,
d. Password encryption with modern technologies,
e. Corporate governance for handling passwords and personal data,
f. Storage of your data by certified hosting service providers in certified data centers in Germany and Europe.
3.2 Nevertheless, we do not promise you that unauthorized access to your data by third parties will not happen. If this happens and we discover a "violation of the protection of personal data", we will report such incidents to the relevant data protection authorities related to § 33 DSGVO and to § 34 DSGVO. As well we will inform you as data subject without delay via the e-mail address you have provided to us.
We collect, store, modify, supplement, transmit, block, disclose by transmission and delete personal data. This includes mandatory inventory data: Surname, first name, e-mail address and voluntary personal data and possible data on the institution(s) you represent.
If you voluntarily provide us with account or contact information (e.g. additional information, pictures of yourself or others), or personal data of other persons, e.g. if you use the function "Invite user", you declare that you are the owner of this personal information or otherwise entitled to provide it.
We process your personal data to the following puposes:
a. Pursuant to § 6 Abs. 1 lit. f. DSGVO of legitimate economic interests and in particular to provide, operate, maintain, analyse, improve and advertise our service.
b. Pursuant to § 6 Abs. 1 lit. c. DSGVO we use this data to process and complete transactions including necessary information about the successful execution of the transaction, e.g. during registration, payment processing, establishing contacts or for the correspondence and processing of a contractual relationship.
c. We make data, in particular personal data, surname, first name, e-mail, available to other users on SIXTWENTYTEN if you wish to use their created content, e.g. if you register in a call for tenders not created by you and only if you conclude these as a cooperation partner or if you register in a content not published by you on SIXTWENTYTEN; e.g. in an atlas or a compass.
d. We communicate with you and use this data in the context of our customer support, e.g. we answer to your inquiries and other activities.
g. For the purpose of the "Invite user" function, we store e-mail addresses provided by you with a period of 14 days within the meaning of # 4.2. Upon expiry of this period, the data will be deleted automatically.
h. Pursuant to § 6 Abs. 1 lit. f. DSGVO of justified economic interests and related to §27 Abs. 1 BDSG (new) and § 22 Abs. 2 Satz 2 we provide selected personal data for the purpose of scientific research to authorised research institutions. If this happens, we will inform you. We conclude a "data processing agreement" with the authorised research institution and oblige them, in accordance with Art. 28 DSGVO, to process the data provided exclusively for the intended purpose on our behalf and we will never allow them to pass your data to third parties.
i. And for other purposes which are compatible with the original purpose pursuant to § 6 Abs. 4 DSGVO and about which we inform you.
4.4 We reserve the right to access your user account and your user data and disclose them in accordance with § 23 BDSG (new) in the following or similar cases as the following:
a. Comply with laws or respond to legal requests or legal proceedings;
c. prevent violations of applicable laws or regulations.
We will store your personal data only as long as necessary or legally required for the purposes stated in this data protection declaration. Related to § 6 Abs. 1 lit. f. DSGVO we will either delete or anonymize your personal data or, if this is not possible, for example, your data are stored as backup archives, we will store them in such a way that any further processing is not possible until we can finally erase them.
We do not knowingly use personal data of users under the age of 13. We also do not knowingly use personal data of users who have registered without the consent of their legal guardians and have not yet reached the age of 16 according to § 8 Abs. 1 DSGVO . We recommend these users not to use our service and delete this data economically justifiable after knowledge.
7.1 Pursuant to § 6 Abs. 1 lit. f. DSGVO, we analyze data (including protocol and configuration data) to understand how our websites and services are configured and used. We use this data to optimize our service and improve the user experience. We do not draw any conclusions about individual users or persons. We only use anonymized data for analysis and shorten IP's by the last 2 octets.
7.2 We use the web-analytics program MATOMO on SIXTWENTYTEN. More information about MATOMO can be found at https://matomo.org. We use this program to track user behaviour and to improve our services. MATOMO uses so-called cookies for this purpose. Cookies are small text files that we store on your device in your browser. User information obtained in this way is evaluated together with the IP address you use. The IP address you use is anonymized by the last 2 bytes (anonymized example: 192.68.xxx.xxx). The IP address you transmit can still be used for geolocation but does not allow any conclusions to be drawn about your exact location.
7.3 While visiting our website we store the following information in temporary log files:
a. we do not store your IP-adress,
b. time and date of your access,
c. name and url of the used file,
e. amount of data,
f. specific data of your browser and operating systems.
We never link this information to personal data and do not provide them to third parties.
7.4 If you do not want us to analyse your usage data, you can object to this at any time. To do this, you must set an opt-out cookie.
You can also create the opt-out cookie by clicking on the following link or by copying the following string into the address bar of your browser window and executing it:
7.5 If you delete all cookies when closing your browser, the opt-out cookie will also be deleted. You may need to reset your opt-out settings the next time you visit.
7.6 Opt-outs may also fail in your browser due to the cookie settings you have chosen. If you wish to set opt-out settings when using our service, you may need to allow third-party cookies in your browser settings.
We share data, including personal data, with our service partners (such as hosting, technology and support partners) to enable the operation of our service and transmit this data solely for this purpose. We allow our service partners such as MailChimp, Zendesk and Campusspeicher to use the transmitted data exclusively for the operation of our service. However, service partners may use the data for their own economic interests, in particular, to optimize and improve their services. It is also possible that cookies and other tracking technologies are used when visiting our partners' websites, for example by forwarding or displaying newsletters in the browser. These may collect personal data, such as IP or browser information. We have no influence on this. Notwithstanding this, we will only allow our service partners to use your data for the purpose we have stated. This means our service partners will not access user accounts, contact users from these lists, sell, use or evaluate data or use it for any other purpose not authorized by us unless required by law.
9.1 We inform you about news, operational adjustments, updates and releases on SIXTWENTYTEN with our newsletter and use your e-mail address given during registration with your prior consent. For shipping we use the service MailChimp; a newsletter service of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. MailChimp is an eCommerce provider for professional newsletter management. MailChimp registers and verifies our company, classifies our e-mails according to the CAN-SPAM Act and only sends e-mails verified by us. The legal basis for the dispatch of our newsletter is in accordance with § 6 Abs. 1 lit. a, § 7 DSGVO.
9.2 To dispatch our newsletter, we transfer your e-mail address given during registration and for the personalization of the newsletter your surname and first name.
9.3 To dispatch of our newsletter, we transfer your data when registering. We as SIXTWENTYTEN select our service partners with the greatest care. Therefore, we trust in the reliability and IT and data security of MailChimp. MailChimp is certified under the US-EU data protection agreement Privacy Shield and thus commits itself to comply with EU data protection regulations. Furthermore, MailChimp commits itself to protect the data of our users, according to its data protection regulations on our behalf to process. The data protection regulations of MailChimp can be viewed here.
9.4 You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. After the cancellation, your data will be deleted up to the e-mail address. The e-mail address is stored in a blocking list and is only used to ensure that we do not send any further e-mails to your e-mail address. You can also revoke the settings in the Profile section in the Admin Center section.
10.1 We are always interested in providing professional support to our customers, especially if you need technical or professional support when using SIXTWENTYTEN. We realize this with Zendesk. Zendesk is a provider of customer relationship software in 1019 Market St, San Francisco, CA 94103, USA and provides offers for the customer-oriented processing of support requests.
10.2 At our Help-Center, we provide you various articles as self-service. You can also make support requests from the Help Center. With your request you transfer service data to Zendesk: your email address, your request and you can transfer images or video. Furthermore, we ask you to provide your surname and first name for a personalized exchange on your request. The service data are stored on the Zendesk servers and are available to us as a support ticket. Within the scope of the service offered by Zendesk, we process your enquiries on the basis of § 6 Abs. 1 lit. b DSGVO.
10.3 The support widget provided by Zendesk allows you to submit support requests directly from your browser. To do so, you have to transfer service data to Zendesk: Your e-mail address, your request and possibly pictures or video material. Furthermore, we ask you to provide your surname and first name for the personalized exchange on your request. The service data is stored on the Zendesk servers and made available to us for support purposes.
For a professional and economical data management, our SaaS SIXTWENTYTEN is hosted by Campusspeicher GmbH, Kastanienallee 32, 10435 Berlin, Germany. We process and store your data on the servers provided by Campusspeicher GmbH to our needs. We also store your personal at the provided server. Therefore, we have concluded a data processing agreement with Campusspeicher GmbH. In accordance with § 28 DSGVO, we oblige Campusspeicher GmbH to protect the data of our users, to process them on our behalf in accordance with their data protection regulations and, in particular, not to provide them to third parties.
You can register yourself via LinkedIn. This service authenticates your identity and allows you to transfer certain personal information to us. In accordance with § 5 Abs. 1 lit. c DSGVO, we only store the same personal data as you had yourself directly registered with our service; last name, first name and your e-mail address.
13.2 The technology reCAPTCHA is based on machine learning and refuses to registered spam bots on SIXTWENTYTEN. The reCAPTCHA API collects hardware and software information such as device and application data, sends this data to Google for analysis and performs an integrity check in the background. No personal data are sent to Google for this purpose, which allows conclusions to be drawn about your registration at SIXTWENTYTEN.
13.3 We use the technology reCAPTCHA exclusively for the domains:
In accordance with § 15 DSGVO, you as a user can request information at any time as to whether and which data we process for which purposes and to whom on what basis they are passed on. For further information please contact us at email@example.com.
Furthermore, as a registered user, you can change your data in your personal profile at any time or make a detailed request for the surrender or deletion of your personal data at firstname.lastname@example.org We process these requests within 30 days.
A translated data protection declaration serve as an orientation for you as a user. If the translated versions differ or do not match, the German data protection declaration shall prevail.