PRIVACY POLICY

AMAGNO GMBH & CO KG, 22.05.2018

The protection of personal data is particularly important to AMAGNO GmbH & Co. KG. Your data will be kept protected. Please send your improvement suggestions to privacy(at)amagno.co.uk. If you don’t agree with the data protection policy, then please reconsider starting a business relationship with our company, or if you already have one, please consider terminating it.

Responsible Authority

Responsible authority in terms of data protection laws is AMAGNO GmbH & Co KG and the external data protection officer Mr. Dominik Fünkner (datenschutzexperte.de).

In the following text you will find information about which data is collected during the sales process, during your use of AMAGNO Business Cloud solutions, and when filling in contact forms. You will also find how this data is processed, deleted and passed on to third parties, when applicable.

 

1. Data Collection and Information processing

We collect the following data from you according to the timeline below.

 

Login to AMAGNO Business Cloud

First and last name, email address and later an individually assigned encrypted password (encrypted transmission). For paying customers of the AMAGNO Business Cloud, an IMAP4 account information is available and the corresponding password is also stored in encrypted form. Users of this feature will have regular access to the IMAP4 mailbox, and will be able to create IMAP folders and monitor them for manual and optional automatic import of emails.

 

Contact form and email support

Wheater you contact us by form or email, your details (including the provided contact data) will be stored for processing the request, as well as for follow-up questions. Under no circumstances will we distribute this information without your consent. Our legitimate interest is to meet your enquiry in accordance with the legal basis for data processing, as defined in the GDPR  (General Data Protection Regulation)  Art. 6 para. 1 letter f, and, if applicable, in the GDPR Art. 6 para. 1 letter b, as long as your request is for contractual purposes.

 

Newsletter

If you would like to receive the newsletter offered on the website which contains regular information about our offers and products, we need your email address. We use the Double-Opt-in procedure for sending the newsletter. This means that we will not send you our email newsletter until you have expressly confirmed that you agree to the delivery of it. You will receive an email with a link to confirm that you, as the owner of the corresponding email address, want to receive the newsletter in future. With this confirmation, you give us your consent pursuant to the GDPR Art. 6 Para. 1 letter a, that we are allowed to use your personal data for the purpose of sending the desired newsletter.

When registering for the newsletter, in addition to the email address required for sending the newsletter, we save the date and time of registration and confirmation, so that we can trace any possible further misuse.

You are free to cancel the newsletter at any time via the link attached to each newsletter, or by sending an email to the relevant contact person. After successfully unsubscribing, your email address will be deleted from our newsletter distribution list. On the other hand, if you agreed to the continued use of the collected data, this practice by AMAGNO will be legal.

 

Your data is collected and processed either by a contract concluded with you or by the voluntary transmission of your data. By registering on the AMAGNO Business Cloud, you give your consent in accordance to the End-User license agreement. The collection, processing and use of this data is used by us exclusively within the company, e.g. for sales, support, contract creation and processing as well as for billing purposes. In case that the anonymous data is enough for the business purposes, AMAGNO GmbH & Co KG will use it. Data handling, such as start, end and scope of the information, used for services like traffic data, will be collected, processed and used. This will be the case as far as it is required to invoice the use of these services. Any other personal data is only collected if you provide this information voluntarily – for example as part of an enquiry or registration.

 

2. Protection and Transmission of personal data

Insofar as you provided us your personal data, we will only use it to answer your enquiries, to process your contracts or for technical administration. Your personal data will only be transmitted to third parties if this is necessary for contract processing or billing purposes. If necessary, we are authorized to transfer the billing data to a commissioned third party.

You have the right to withdraw your consent at any time. Upon actual grounds, we are authorized to collect and use the necessary information to detect and prevent unlawful claims. In accordance with applicable clauses, we are also entitled to provide information to law enforcement authorities and courts for the purposes of criminal prosecution.

 

3. Display, Processing and Removal of Personal Data as Part of the AMAGNO  Business Cloud Registration

As a registered user of the AMAGNO Business Cloud, you can view, update and correct your personal data provided during registration by accessing the toolbox. During the installation of the AMAGNO Client for Windows, you will find the prerequisites regarding the deletion of an AMAGNO Business Cloud, located in the End-User License agreement

The AMAGNO Business Cloud stores personal data in databases on our servers, located in a certified data center in Germany. Information about the security center can be obtained from our data protection agent (privacy(at)amagno.co.uk).

 

4. Storage and Procedure of AMAGNO Business Cloud and Local AMAGNO Server Files

AMAGNO requires a modern Microsoft Windows operation system and a modern Microsoft SQL database for running the server. The same applies to the AMAGNO Business Cloud. AMAGNO stores the data of the AMAGNO Business Cloud in its infrastructure at a certified and secure data center in Germany.

After establishing a connection between the AMAGNO Business Cloud and the AMAGNO Client for Windows via port 80/808, communication is encrypted according to the established standards. Communication between the AMAGNO Business Cloud and the AMAGNO Mobile Explorer proceeds via an encrypted communication (SSL) in accordance to the common standards.

If a user transfers a file to the AMAGNO server (local and cloud version) via the AMAGNO Client for Windows, the following processing steps take place:

  • The file will be compressed, encrypted and assigned with its own internal authenticity key on the AMAGNO client.
  • Thus, the file is processed and retransmitted in an encrypted form.
  • AMAGNO stores the compressed and encrypted data on a hard disk system and checks the authenticity key after storage in order to exclude manipulations or errors during the transfer.
  • AMAGNO generates a temporal decrypted internal version of the file. Using integrated software tools, it generates a preview graph as PDF and PNG. Furthermore, it performs OCR as well as full-text and meta-data recognition.
  • Then, the thumbnails are then encrypted and compressed in the hard disk system by AMAGNO.
  • The temporarily used files are deleted by AMAGNO after finishing the process.
  • AMAGNO stores administrative information in a Microsoft SQL database and in a full-text search engine. For performance reasons, AMAGNO does not encrypt any terms from the extracted file into the database.

There is a restricted and limited number of internal personnel with direct and indirect access to the secure Microsoft servers of the AMAGNO Business Cloud. This personal is also subject to security verification.

The procedure for the local use of an AMAGNO server is basically the same, except that the data is stored on an independent server system. The above mentioned Windows systems have protective measures, which can be found in detail in the relevant Microsoft documentation.

 

5. Procedure and Deletion of Personal Data

The stored personal data will be deleted, if it is available under our control, if you revoke your consent for storage, if this information is no longer required to fulfil the purpose for which it was stored or if its storage is inadmissible for other legal reasons. If it is legally required, we may retain copies of your data in some cases. According to the Telecommunications Act, we are obliged to completely delete the inventory data at the end of the calendar year following the termination of the contract. We will block the data if it is required to fulfil legal, statutory or contractual retention periods. The data required to create the invoice will be stored, processed and used for a maximum of six months after the invoice has been issued. If commercial law requirements (e.g. in the case of relevant national or supra-national Commercial, or Fiscal Regulations) request a long-term storage of the data, these shall be mandatory.

 

6. The Right to Information

Following a written request, you can be informed as soon as possible whether and which personal data about you is stored at AMAGNO GmbH & Co KG. For this purpose, please write to:

AMAGNO GmbH & Co KG, Bloherfelder Str. 130, 26129 Oldenburg, Germany/Deutschland

or by email to:

privacy@amagno.co.uk

If incorrect information about you is stored, it can be corrected or updated immediately upon request.

 

7. Consent, Right of Revocation and Right of Objection

If we need to use data for a purpose that requires your consent, we will always ask and record your consent in accordance to the relevant data protection regulations. You may revoke your consent at any time with immediate effect. A simple message to us is sufficient for the revocation of a consent or for an objection. For this purpose, you can use the aforementioned contact data without incurring any costs.

 

8. Links Liability

Our website contains links to external third party websites, over whose contents we have no influence or control. Therefore, we cannot and do not assume any liability for these external contents. The respective provider or operator of the site is always responsible for their contents. At the time of providing a link, we take reasonable precautions to check the pages for any possible legal infringements. Not all illegal content is completely detactable at the time of providing the link. However, permanent monitoring of the linked pages is unreasonable without concrete evidence of a legal violation. If we become aware of any infringements, we will remove the links immediately.

 

9. Liability Disclaimer

Within the realms of possibility: any form of data transmission and storage can be breached given the sufficient know-how and the corresponding computing power. Therefore AMAGNO GmbH und Co. KG cannot and do not give a 100% guarantee for the security of your data based on current knowledge regarding the decryption capabilities of secret services and other organisations. Any other statement would be irresponsible and misleading.

 

10. Changes to the Data Protection Policy

We reserve the right to change, update and develop our data protection information at any time in compliance with the applicable data protection regulations. The version available at the time of your visit always applies.

 

11. Google Analytics – Website Analysis

Our website uses Google Analytics, a service for web analysis provided by Google Inc. “(“Google”). Google Analytics uses Cookies. Our website uses Google Analytics, a service for web analysis provided by Google Inc. (“Google”). The information generated by the cookies about your use of this website is transmitted to and stored by Google on servers in the United States. We use Google Analytics only when the IP anonymization is enabled. This means that Google will reduce the IP address of users within European Union Member States, or in other signatory states to the Agreement on the European Economic Area, which may exclude any personal relationship. Google Inc., based in the USA, is certified for the US European Privacy Shield, which guarantees compliance with the data protection level applicable in the EU. The data is processed in compliance with the GDPR Art. 6 Para. 1 letter f and § 15 Para. 3 TMG on the basis of our legitimate interest in the statistical analysis of user behaviour for optimization and marketing purposes.

On behalf of the website operator, Google will use the information to evaluate your use of the site, to compile reports on website activity and to provide the operator with other services relating to website and Internet use. The IP address transmitted by your browser is not merged with other Google data within the context of Google Analytics. The terms and conditions about the use of Google Analytics and information regarding data protection can be accessed via the following links:

http://www.google.com/analytics/terms/de.html (also available in English)

as well as

https://www.google.de/intl/de/policies/ (also available in English).

You may refuse the use of cookies by changing the settings on your browser, however please note that if you do this you may not be able to use all the features of the website to their full extent. You may also prevent Google from collecting data generated by the cookies, related to your website use (including your IP address) and the processing of this data by Google, by downloading and installing the browser plug-in available at URL http://tools.google.com/dlpage/gaoptout?hl=en .

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set, preventing the collection of your data on future visits to this website:

Click here to opt-out.

 

12. Google AdWords – Conversion Tracking

Our website also uses conversion tracking as part of Google AdWords. Google sets a cookie for conversion tracking on your computer if you accessed our website via an ad placed by Google. Cookies expire after 30 days and are  not longer used. If the user visits certain pages of this website and the cookie has not yet expired, Google and the AdWords customer (amagno GmbH und Co. KG) will be able to recognize that the user has clicked on the ad and has been redirected to this page. Each Google AdWords customer receives a different cookie. Therefore, cookies cannot be traced through the websites of AdWords customers. The information collected by the conversion cookie is used to generate statistics for AdWords customers who choosed Conversion Tracking. Adwords customers see the total number of users who clicked on their ad, and are redirected to a page with a conversion tracking tag. However, you will not receive any information that identifies users in a personal way. If you do not wish to participate in the tracking procedure, you can either deactivate the automatic setting of cookies via a browser setting, or set your browser so that cookies are blocked by the Google ad services. Then you will not be included in the conversion tracking statistics. Learn more about Google’s privacy policy.

 

13. Google Web Fonts

This site uses web fonts provided by Google LLC, (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, “Google”) to uniformly display fonts. Google Web Fonts allows us to use external fonts, the so-called Google Fonts. When you visit our website, the required Google Font is loaded from your web browser into your browser cache to display texts and fonts correctly. This is necessary so that your browser can show an optically improved representation of our texts. If your browser does not support this feature, your computer will use a standard font for display. These web fonts are integrated by a web server log, usually a Google server in the USA. This informs the server which page of our website you have visited. Google also stores the IP address of the browser of the visitor’s terminal device.

We use Google Web Fonts for optimization purposes, in particular to improve the use of our Internet presence for you and to make its design more user-friendly. This is also our legitimate interest pursuant to the GDPR  Art. 6 para. 1 lit. f.

Google has signed and certified itself under the Privacy Shield Agreement between the European Union and the USA. By doing so, Google undertakes to respect the standards and regulations of European data protection law. Further information can be found in the following linked entry:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

 

14. Cookies

Our website uses cookies, which are stored by the browser on your device, containing certain settings for the use of the website (e.g. for the current session). Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are known as session cookies, which are automatically deleted when the browser is closed. Other cookies remain stored on your terminal device until you delete them or until the storage period expires. These cookies enable us to recognize your browser the next time you visit our website.

In some cases, cookies are used to simplify website processes by saving settings (e.g. provisions of already selected options). If personal data is processed by individual cookies implemented by us, the processing is carried out in accordance with the GDPR  Art. 6 para. 1 lit. b , either to implement the contract or in accordance withthe GDPR  Art. 6 para. 1 lit. f to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly as well as effective design of the site visit.

You can set your browser so that you are informed about the setting of cookies and only allow them in specific cases. You can also exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close your browser. You can individually manage the cookies of many companies and features used for advertising. Use the corresponding user tools, available at https://www.aboutads.info/choices/ or https://www.youronlinechoices.com/uk/your-ad-choices

Please note that when cookies are deactivated, the functionality of the website may be limited.

 

15. Data Processing Through Visiting Our Website

When you visit our website, it is technically necessary that the data is transmitted to our web server through your Internet browser. The following data is recorded during a running connection for communication between your Internet browser and our web server:

  • Visited domain
  • Date and time of the request
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • Web browser and the used operating system
  • IP address of the requesting computer
  • Amount of data transferred

We collect the listed data to ensure a smooth connection establishment of the website and to allow a comfortable use of our website for the users. In addition, the log file serves the evaluation of system security and stability as well as administrative purposes. The legal basis for the temporary storage of data and files is stipulated under the GDPR Art. 6 para. 1 lit. f.

For technical security reasons, in order to prevent attack attempts on our web server, we may temporarily store this data. It is not possible for us to draw conclusions about particular users on the basis of this data. After seven days at the latest, the data will be anonymized by shortening the IP address at a domain level, so that it is no longer possible to establish a reference from the individual user. These data will not be evaluated in anonymous form other than for statistical purposes. The information is not merged with any other data sources.

 

16. Your Rights

In the following you will find information regarding the rights of data subjects granted to you by the current data protection law, regarding the processing of your personal data:

GDPR Art. 15, right to information: You have a right to information about your personal data processed by us, processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of an appealing right, the origin of your data (if not collected by us) and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details.

GDPR Art. 16, right to rectification: The right to immediately request the correction of incorrect or complementary personal data stored by us.

GDPR Art. 17, right of deletion:  This applies to the extent that the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

GDPR Art. 18, right to limit the proceedings: You have the right to request the restriction of your personal data processing if you dispute the accuracy of the data. If the processing is unlawful but you refuse to delete the data and we no longer need the data, but you need it to exercise or defend legal claims or you have filed an objection against the processing pursuant to Art. 21.

GDPR Art. 20, right to data transferability: You have the right to receive the personal data you have provided us, in a structured, current and machine-readable format or to request the transmission to another person responsible.

GDPR Art. 77, right to appeal: If you believe that the processing of personal data concerning you infringes the GDPR, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or suspected infringement, without prejudice to any other administrative or judicial remedy.

GDPR Art. 7 para. 3, right to revoke consent: You have the right to revoke your consent to data processing at any time with future validity. In the event of revocation, we will delete the concerned data immediately, unless further processes can be sustained on a legal basis for unauthorised handling. The revocation of consent shall not affect the legality of the processing carried out based on the agreement until revocation.

 

Right of Objection

If your personal data are processed by us, on based on the GDPR Art. 6 para. 1 sentence 1 lit. f , you have the right to object against the processing of your personal data in accordance with the Art. 21 , insofar as this is for a specific circumstance. If the objection is directed against the marketing purpose of the data handling, you have a general right of objection without the requirement to indicate a special situation.

 

If you have any further questions, please do not hesitate to contact us at the following address:

AMAGNO GmbH & Co KG, Bloherfelder Str. 130, 26129 Oldenburg, Germany/Deutschland

or by email at:

privacy@amagno.co.uk