AMAGNO GMBH & CO KG, 11.07.2019
The protection of personal data is particularly important to AMAGNO GmbH & Co. KG. Your data will be kept protected. Please send your improvement suggestions to privacy(at)amagno.co.uk. If you don’t agree with the data protection policy, then please reconsider starting a business relationship with our company, or if you already have one, please consider terminating it.
Responsible authority in terms of data protection laws is AMAGNO GmbH & Co KG.
In the following text you will find information about which data is collected during the sales process, during your use of AMAGNO Business Cloud solutions, and when filling in contact forms. You will also find how this data is processed, deleted and passed on to third parties, when applicable.
Contact details of the data protection officer
Data protection officer
80802 München (Germany)
1. Data Collection and Information processing
We collect the following data from you according to the timeline below.
Login to AMAGNO Business Cloud
First and last name, email address and later an individually assigned encrypted password (encrypted transmission). For paying customers of the AMAGNO Business Cloud, an IMAP4 account information is available and the corresponding password is also stored in encrypted form. Users of this feature will have regular access to the IMAP4 mailbox, and will be able to create IMAP folders and monitor them for manual and optional automatic import of emails.
Contact form and email support
Wheater you contact us by form or email, your details (including the provided contact data) will be stored for processing the request, as well as for follow-up questions. Under no circumstances will we distribute this information without your consent. Our legitimate interest is to meet your enquiry in accordance with the legal basis for data processing, as defined in the GDPR (General Data Protection Regulation) Art. 6 para. 1 letter f, and, if applicable, in the GDPR Art. 6 para. 1 letter b, as long as your request is for contractual purposes.
Application via web form
When you apply for a position at AMAGNO using the web form, we collect your personal data. This includes contact information (first and last name, title, address, phone number and email address), as well as information regarding your career (e.g. Curriculum vitae, qualifications, degrees and work experience) and personal information (e.g. motivational letter). This may also include special categories of personal data such as information about disabilities. Your personal data is collected directly from you as part of the application process and encrypted during electronic transmission. The data is taken from the online application form and from the uploaded files.
The data is processed for recruiting purposes. The primary legal basis for this is Article 6 Paragraph 1 b of the General Data Protection Regulation (GDPR) in conjunction with Section 26 Paragraph 1 of the Federal Data Protection Act (FDPA). In addition, consents pursuant to Article 6 Paragraph 1 a, 7 of GDPR in conjunction with Section 26 Paragraph 2 of FDPA may be used as data protection permission regulations. In the event of data processing based on your consent, you have the right at any time to withdraw your consent to the use of your personal data in the future. Within our company, only people in the relevant positions have access to your data (e.g. Human Resources). Data is processed for employment and legal purposes. If necessary, your application data may be forwarded to the respective responsible person for review. Under no circumstances will your personal data be passed on to third parties without authorisation.
During the ongoing recruiting process, the data related to your application for a certain position is stored and processed in AMAGNO. All files including personal data related to your application are deleted from the system six months after the end of the recruiting process (i.e. after receiving an acceptance or rejection letter). In the event of an acceptance, we reserve the right to keep your application data for longer if the entry date is more than six months in the future.
If you would like to receive the newsletter offered on the website which contains regular information about our offers and products, we need your email address. We use the Double-Opt-in procedure for sending the newsletter. This means that we will not send you our email newsletter until you have expressly confirmed that you agree to the delivery of it. You will receive an email with a link to confirm that you, as the owner of the corresponding email address, want to receive the newsletter in future. With this confirmation, you give us your consent pursuant to the GDPR Art. 6 Para. 1 letter a, that we are allowed to use your personal data for the purpose of sending the desired newsletter.
When registering for the newsletter, in addition to the email address required for sending the newsletter, we save the date and time of registration and confirmation, so that we can trace any possible further misuse.
You are free to cancel the newsletter at any time via the link attached to each newsletter, or by sending an email to the relevant contact person. After successfully unsubscribing, your email address will be deleted from our newsletter distribution list. On the other hand, if you agreed to the continued use of the collected data, this practice by AMAGNO will be legal.
Your data is collected and processed either by a contract concluded with you or by the voluntary transmission of your data. By registering on the AMAGNO Business Cloud, you give your consent in accordance to the End-User license agreement. The collection, processing and use of this data is used by us exclusively within the company, e.g. for sales, support, contract creation and processing as well as for billing purposes. In case that the anonymous data is enough for the business purposes, AMAGNO GmbH & Co KG will use it. Data handling, such as start, end and scope of the information, used for services like traffic data, will be collected, processed and used. This will be the case as far as it is required to invoice the use of these services. Any other personal data is only collected if you provide this information voluntarily – for example as part of an enquiry or registration.
2. Protection and Transmission of personal data
Insofar as you provided us your personal data, we will only use it to answer your enquiries, to process your contracts or for technical administration. Your personal data will only be transmitted to third parties if this is necessary for contract processing or billing purposes. If necessary, we are authorized to transfer the billing data to a commissioned third party.
You have the right to withdraw your consent at any time. Upon actual grounds, we are authorized to collect and use the necessary information to detect and prevent unlawful claims. In accordance with applicable clauses, we are also entitled to provide information to law enforcement authorities and courts for the purposes of criminal prosecution.
3. Display, Processing and Removal of Personal Data as Part of the AMAGNO Business Cloud Registration
As a registered user of the AMAGNO Business Cloud, you can view, update and correct your personal data provided during registration by accessing the toolbox. During the installation of the AMAGNO Client for Windows, you will find the prerequisites regarding the deletion of an AMAGNO Business Cloud, located in the End-User License agreement
The AMAGNO Business Cloud stores personal data in databases on our servers, located in a certified data center in Germany. Information about the security center can be obtained from our data protection agent (privacy(at)amagno.co.uk).
4. Storage and Procedure of AMAGNO Business Cloud and Local AMAGNO Server Files
AMAGNO requires a modern Microsoft Windows operation system and a modern Microsoft SQL database for running the server. The same applies to the AMAGNO Business Cloud. AMAGNO stores the data of the AMAGNO Business Cloud in its infrastructure at a certified and secure data center in Germany.
After establishing a connection between the AMAGNO Business Cloud and the AMAGNO Client for Windows via port 80/808, communication is encrypted according to the established standards. Communication between the AMAGNO Business Cloud and the AMAGNO Mobile Explorer proceeds via an encrypted communication (SSL) in accordance to the common standards.
If a user transfers a file to the AMAGNO server (local and cloud version) via the AMAGNO Client for Windows, the following processing steps take place:
- The file will be compressed, encrypted and assigned with its own internal authenticity key on the AMAGNO client.
- Thus, the file is processed and retransmitted in an encrypted form.
- AMAGNO stores the compressed and encrypted data on a hard disk system and checks the authenticity key after storage in order to exclude manipulations or errors during the transfer.
- AMAGNO generates a temporal decrypted internal version of the file. Using integrated software tools, it generates a preview graph as PDF and PNG. Furthermore, it performs OCR as well as full-text and meta-data recognition.
- Then, the thumbnails are then encrypted and compressed in the hard disk system by AMAGNO.
- The temporarily used files are deleted by AMAGNO after finishing the process.
- AMAGNO stores administrative information in a Microsoft SQL database and in a full-text search engine. For performance reasons, AMAGNO does not encrypt any terms from the extracted file into the database.
There is a restricted and limited number of internal personnel with direct and indirect access to the secure Microsoft servers of the AMAGNO Business Cloud. This personal is also subject to security verification.
The procedure for the local use of an AMAGNO server is basically the same, except that the data is stored on an independent server system. The above mentioned Windows systems have protective measures, which can be found in detail in the relevant Microsoft documentation.
5. Procedure and Deletion of Personal Data
The stored personal data will be deleted, if it is available under our control, if you revoke your consent for storage, if this information is no longer required to fulfil the purpose for which it was stored or if its storage is inadmissible for other legal reasons. If it is legally required, we may retain copies of your data in some cases. According to the Telecommunications Act, we are obliged to completely delete the inventory data at the end of the calendar year following the termination of the contract. We will block the data if it is required to fulfil legal, statutory or contractual retention periods. The data required to create the invoice will be stored, processed and used for a maximum of six months after the invoice has been issued. If commercial law requirements (e.g. in the case of relevant national or supra-national Commercial, or Fiscal Regulations) request a long-term storage of the data, these shall be mandatory.
6. The Right to Information
Following a written request, you can be informed as soon as possible whether and which personal data about you is stored at AMAGNO GmbH & Co KG. For this purpose, please write to:
AMAGNO GmbH & Co KG, Bloherfelder Str. 130, 26129 Oldenburg, Germany/Deutschland
or by email to:
If incorrect information about you is stored, it can be corrected or updated immediately upon request.
7. Consent and the right of withdrawal
In the event of using information for a specific purpose that requires your consent in accordance with legal requirements, we will ask you for written consent and record this consent in accordance with the data protection regulations. You have the right at any time to withdraw your consent to the use of your personal data in the future. Getting in touch with us via email is sufficient in case you want to revoke your previously given consent. To do so, use the contact information provided above.
8. Links Liability
Our website contains links to external third party websites, over whose contents we have no influence or control. Therefore, we cannot and do not assume any liability for these external contents. The respective provider or operator of the site is always responsible for their contents. At the time of providing a link, we take reasonable precautions to check the pages for any possible legal infringements. Not all illegal content is completely detactable at the time of providing the link. However, permanent monitoring of the linked pages is unreasonable without concrete evidence of a legal violation. If we become aware of any infringements, we will remove the links immediately.
9. Liability Disclaimer
Within the realms of possibility: any form of data transmission and storage can be breached given the sufficient know-how and the corresponding computing power. Therefore AMAGNO GmbH und Co. KG cannot and do not give a 100% guarantee for the security of your data based on current knowledge regarding the decryption capabilities of secret services and other organisations. Any other statement would be irresponsible and misleading.
10. Changes to the Data Protection Policy
We reserve the right to change, update and develop our data protection information at any time in compliance with the applicable data protection regulations. The version available at the time of your visit always applies.
11. Google Analytics – Website Analysis
On behalf of the website operator, Google will use the information to evaluate your use of the site, to compile reports on website activity and to provide the operator with other services relating to website and Internet use. The IP address transmitted by your browser is not merged with other Google data within the context of Google Analytics. The terms and conditions about the use of Google Analytics and information regarding data protection can be accessed via the following links:
http://www.google.com/analytics/terms/de.html (also available in English)
as well as
https://www.google.de/intl/de/policies/ (also available in English).
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set, preventing the collection of your data on future visits to this website:Click here to opt-out.
12. Google AdWords – Conversion Tracking
13. Google Web Fonts
This site uses web fonts provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland („Google“) to uniformly display fonts. Google Web Fonts allows us to use external fonts, the so-called Google Fonts. When you visit our website, the required Google Font is loaded from your web browser into your browser cache to display texts and fonts correctly. This is necessary so that your browser can show an optically improved representation of our texts. If your browser does not support this feature, your computer will use a standard font for display. These web fonts are integrated by a web server log, usually a Google server in the USA. This informs the server which page of our website you have visited. Google also stores the IP address of the browser of the visitor’s terminal device.
We use Google Web Fonts for optimization purposes, in particular to improve the use of our Internet presence for you and to make its design more user-friendly. This is also our legitimate interest pursuant to the GDPR Art. 6 para. 1 lit. f.
Google has signed and certified itself under the Privacy Shield Agreement between the European Union and the USA. By doing so, Google undertakes to respect the standards and regulations of European data protection law. Further information can be found in the following linked entry:
14. Google Maps
This website uses Mouseflow, a web analysis tool from the Mouseflow ApS, based in Flaesketorvet 68, 1711 Copenhagen, Denmark.
The data is processed for the purposes of the website analyses. Data is collected and stored for marketing and optimisation purposes. This data may be used to create user profiles under a pseudonym. Cookies may be used for this purpose. The web analysis tool Mouseflow records randomly selected individual visits (only from anonymous IP addresses). This logs mouse movements and clicks with the intention of randomly playing back individual website visits and deriving potential improvements for the website. The data collected with Mouseflow is not used to personally identify the visitor of this website and shall not be merged with personal data about the bearer of the pseudonym without the explicit consent of the person concerned. Processing is carried out on the basis of Article 6 (1) f of GDPR out of a legitimate interest in direct customer communication and in the needs-based design of the website.
You are entitled, for reasons arising from your particular situation, to object at any time to this way of processing your personal data based on Article 6 (1) f of GDPR. To do this, you can deactivate the Mouseflow from all websites you visit using your current browser under the following link:
In some cases, cookies are used to simplify website processes by saving settings (e.g. provisions of already selected options). If personal data is processed by individual cookies implemented by us, the processing is carried out in accordance with the GDPR Art. 6 para. 1 lit. b , either to implement the contract or in accordance withthe GDPR Art. 6 para. 1 lit. f to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly as well as effective design of the site visit.
You can set your browser so that you are informed about the setting of cookies and only allow them in specific cases. You can also exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close your browser. You can individually manage the cookies of many companies and features used for advertising. Use the corresponding user tools, available at https://www.aboutads.info/choices/ or https://www.youronlinechoices.com/uk/your-ad-choices
Please note that when cookies are deactivated, the functionality of the website may be limited.
16. Data Processing Through Visiting Our Website
When you visit our website, it is technically necessary that the data is transmitted to our web server through your Internet browser. The following data is recorded during a running connection for communication between your Internet browser and our web server:
- Visited domain
- Date and time of the request
- Page from which the file was requested
- Access status (file transferred, file not found, etc.)
- Web browser and the used operating system
- IP address of the requesting computer
- Amount of data transferred
We collect the listed data to ensure a smooth connection establishment of the website and to allow a comfortable use of our website for the users. In addition, the log file serves the evaluation of system security and stability as well as administrative purposes. The legal basis for the temporary storage of data and files is stipulated under the GDPR Art. 6 para. 1 lit. f.
For technical security reasons, in order to prevent attack attempts on our web server, we may temporarily store this data. It is not possible for us to draw conclusions about particular users on the basis of this data. After seven days at the latest, the data will be anonymized by shortening the IP address at a domain level, so that it is no longer possible to establish a reference from the individual user. These data will not be evaluated in anonymous form other than for statistical purposes. The information is not merged with any other data sources.
17. Your Rights
In the following you will find information regarding the rights of data subjects granted to you by the current data protection law, regarding the processing of your personal data:
GDPR Art. 15, right to information: You have a right to information about your personal data processed by us, processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of an appealing right, the origin of your data (if not collected by us) and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details.
GDPR Art. 16, right to rectification: The right to immediately request the correction of incorrect or complementary personal data stored by us.
GDPR Art. 17, right of deletion: This applies to the extent that the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
GDPR Art. 18, right to limit the proceedings: You have the right to request the restriction of your personal data processing if you dispute the accuracy of the data. If the processing is unlawful but you refuse to delete the data and we no longer need the data, but you need it to exercise or defend legal claims or you have filed an objection against the processing pursuant to Art. 21.
GDPR Art. 20, right to data transferability: You have the right to receive the personal data you have provided us, in a structured, current and machine-readable format or to request the transmission to another person responsible.
GDPR Art. 77, right to appeal: If you believe that the processing of personal data concerning you infringes the GDPR, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or suspected infringement, without prejudice to any other administrative or judicial remedy.
GDPR Art. 7 para. 3, right to revoke consent: You have the right to revoke your consent to data processing at any time with future validity. In the event of revocation, we will delete the concerned data immediately, unless further processes can be sustained on a legal basis for unauthorised handling. The revocation of consent shall not affect the legality of the processing carried out based on the agreement until revocation.
Right of Objection
If your personal data are processed by us, on based on the GDPR Art. 6 para. 1 sentence 1 lit. f , you have the right to object against the processing of your personal data in accordance with the Art. 21 , insofar as this is for a specific circumstance. If the objection is directed against the marketing purpose of the data handling, you have a general right of objection without the requirement to indicate a special situation.
If you have any further questions, please do not hesitate to contact us at the following address:
AMAGNO GmbH & Co KG, Bloherfelder Str. 130, 26129 Oldenburg, Germany/Deutschland
or by email at: