Regardless of whether you are a customer, prospective customer, applicant or visitor to our website: We, Mobisys Mobile Informationssysteme GmbH (hereinafter: “Mobisys”, “we”), consider the protection of your personal data of high importance. However, what does that mean in particular?
Below, we provide you with an insight into what personal information we collect from you and how we process it. Furthermore, you will receive an overview of your rights under applicable privacy law. In addition, we will give you your contacts if you have any further questions.
2 Who are we?
Mobisys supports companies in the worldwide integration and process optimization of SAP Mobility in Plant Maintenance, Production, Logistics and Controlling. Along with SAP consulting companies of our partner program, the customer is advised in all phases of an SAP project.
As responsible within the meaning of applicable privacy laws, we take
Mobisys Mobile Informationssysteme GmbH
Email: firstname.lastname@example.org (mailto:email@example.com)
Phone: +49 6227 8635-0
Fax: +49 6227 8635-55
all measures necessary under applicable privacy law to ensure the protection of your personal data.
For any questions regarding this Privacy Statement, please contact our Privacy Officer.
Mobisys Mobile Informationssysteme GmbH
Privacy Officer Holger Schoennerstedt
Email: firstname.lastname@example.org (mailto:email@example.com)
3 Scope of the Privacy Statement
By the processing of personal data, the legislator means activities such as collecting, entering, organizing, arranging, storing, adapting or changing, reading out, querying, using, disclosing through transmission, dissemination or any other form of providing, comparing, or linking, restricting, deleting, or destroying personal data.
Personal data is any information that relates to an identified or identifiable natural person.
This privacy statement is about the personal data of customers, prospects, applicants or visitors.
This privacy statement applies to both our website: https://mobisys.com (https://mobisys.com), as well as our online portals (https://portal.mobisys.com/my-msb/ (https://portal.mobisys.com/my-msb/) and https://kundenportal.mobisys.de (https://kundenportal.mobisys.de)) as well as our app.
4 What personal data do we process?
Your personal data will be collected by us when you get in touch with us, e.g. as an interested party or customer. This may, for example, be done by being interested in our products, by registering for our online services, by contacting us through our communication channels, or by using our products or services as part of existing business relationships.
The following types of personal data are processed by us:
- Information for personal identification
e.g. first and last name, address data, email address, phone number, fax number
- Order data
e.g. customer number, SAP installation number, order number, invoice number
- Company-related data
e.g. company name, department, activity
- Data about your online behavior
e.g. IP addresses, user names, data about your visits to our website (name of the retrieved website, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the page visitor’s operating system, referrer URL (previously visited page) and the requesting provider) in the customer portals or in the app, actions performed on our websites and in the customer portals, place of access
- Information about your interests and wishes, which you tell us
e.g. via our contact form or via other communication channels
- Information about your professional career
e.g. vocational training, previous employers, other qualifications
and other information comparable to these data categories.
4.1 Sensitive Data
Sensitive data, thus special categories of personal data such, as information on religious or union affiliation is not collected that way.
4.2.1 What are Cookies?
4.2.2 Google Analytics
As a web analytics service we use Google Analytics to analyze the usage behavior on the website and in the customer portals. For this analysis, the usage information generated by the cookie (including the shortened IP address of the user) is transmitted to our servers and stored for usage analysis purposes. We use the usage analysis in order to optimize our own websites, customer portals, customer approach and other advertising measures as well as for market research purposes. The IP address of the users is shortened during this process immediately, so that the identification of the users via the IP address is no longer possible.
Any user who does not agree with the storage and evaluation of his anonymous user data for his visit to our website, can object to this storage and use at any time. An anonymous use of customer portals is not possible.
Your visit to this website is currently recorded by Google Analytics. Please click here, so that your visit is no longer recorded: http://tools.google.com/dlpage/gaoptout?hl=de (http://tools.google.com/dlpage/gaoptout?hl=de)
4.2.3 Pardot Services
Our website uses Pardot Services, an analysis tool from salesforce.com Inc., The Landmark, 1 Market Street, San Francisco, CA 94105, USA. Pardot Services sets a maximum of two cookies. These are text files that are stored on your computer and allow an analysis of the use of the website. The cookies set are a “Visitor Cookie” and a “Pardot App Session Cookie”. Via the “visitor cookie” an identification number is generated, by means of which the browser of the website visitor is recognized. The identification number is a generated number code that has no meaning outside of Pardot Services. The “Pardot App Session Cookie” is only set when a customer logs in as a user in the Pardot app. All cookies receive only the generated number code. We also use Pardot when registering for our e-mail service. Emails sent via Pardot use tracking technologies. We use this data to find out which topics are of interest to you by tracking whether our emails are opened and which links you click. We then use this information to improve the emails we send to you and the services we provide.
We store and process the collected data as part of data processing at our data processor Salesforce. Salesforce stores personal information primarily in the United States.
If you want to prevent the tracking by Pardot, you can adjust your browser settings, or by an appropriate extension of your browser. However, this may result in some limitations in the features and usability of our offering.
4.3 Plug-ins and Tools
Our website uses plug-ins from the Google-powered YouTube page. Site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our sites containing a YouTube plug-in, you will be connected to the servers of YouTube. It tells the YouTube server which of our
pages you have visited. If you are logged in to your YouTube account, you will allow YouTube to associate your surfing behavior directly with your personal
profile. You can prevent this by logging out of your YouTube account and deleting cookies before logging in.
The use of YouTube is in the interest of an attractive presentation of our online
For more information about how to handle user information, please refer to the
5 Processing Your Data
For What Do We Process Your Personal Data – On Which Legal Basis?
5.1 Performance of a Contract
We process your data in order to fulfill our contracts. This also applies to information that you provide to us in the context of pre-contractual correspondence. The specific purposes of the data processing depend on the product and the application submitted and can also be used to analyze your needs and to check which products and services are suitable for you.
5.1.1 Implementation of the Contractual Relationship
For the implementation of the contract, we need your name, your address, your phone number or your email address, so that we can contact you.
5.1.2 Offering Goods and Services
We also need your personal data in order to check, if and which products and services we can and are allowed to offer you.
Details of the respective purposes of the data processing can be found in the contract documents and our general terms and conditions.
5.1.3 Implementation of the Application Process
We process your data, which you have sent to us as part of your application, to check whether your professional qualifications are suitable for the job advertised. We only use your information for the application process and transfer it to your personal file when the contract is concluded. If it does not come to an agreement, your information will be deleted or destroyed. We will use your candidate information for no other purpose, than to implement the application process.
5.2 After Balancing of Interests
We improve our Services and Offer you Suitable Products.
5.2.1 To Strengthen and Optimize the Customer Relationship
As part of our efforts to continuously improve our relationship with you, we occasionally ask you to participate in our customer surveys. The results of the surveys serve to better tailor our products and services to your needs.
5.2.2 Data Processing and Analysis for Marketing Purposes
Your needs are important to us and we try to give you information about products and services that suit exactly you. For this, we use the findings from our joint business relationship as well as from market research. The key goal is to adapt our product suggestions to your needs. In this context, we guarantee that we will always process the data in accordance with applicable privacy laws.
- Important: You can object to the use of your personal data for this purpose at any time.
What do we exactly analyze and process?
- Results of our marketing actions to measure the efficiency and relevance of our campaigns;
- Information from your visits to our website;
- We analyze the possible needs of our products and services.
You have the possibility to register for our newsletter via our website. For sending we only need your email address, all other information is voluntary. You will receive our newsletter only after successful completion of a double opt-in procedure. You have the right at any time to view your consent form or unsubscribe from the newsletter. Corresponding links are implemented in every accompanying mailing to our newsletter. In the case of cancellation of our newsletter, we will immediately delete your contact details from our newsletter distribution list.
The legislator has certain requirements for the effectiveness of electronic consent, as it is used to sign up for the newsletter. This includes the logging of your declaration of consent. We therefore record the date and time of the consent, the text of the declaration of consent, the fact that the checkbox was selected, your email address and all other optional information. We also record date and time of the click on the confirmation link as well as on the link of the confirmation email. We only collect this information in order to comply with legal obligations.
5.2.4 Measures that serve your security
We use your personal data, inter alia, in the following cases:
- In order to protect you or your company from fraudulent activities, we analyze your data. This can be e.g. if you have been the victim of identity theft or if unauthorized persons have gained access to your user account in other ways;
- To improve the reliability of our web applications, our IT support works closely with you in case of technical problems. In this context, we also evaluate logging of site views, actions performed, etc. ;
- To guarantee IT security;
- To be able to record and prove facts in case of possible legal disputes.
5.3 Due to your Consent
If you have consented to the processing of your personal data for one or more specific purposes, we are permitted to process your data. You may withdraw this consent for the future at any time without incurring any costs other than the base rate transmission costs (the cost of your internet connection). However, the revocation of consent does not affect the legality of the processing carried out until the revocation.
5.4 Due to Legal Requirements or in the Public Interest
As a company, we are subject to a wide variety of legal requirements (for example, from tax legislation). In order to comply with our legal obligations, we process your personal data.
6 Where We Transfer Data and Why
6.1 Use of Data within Mobisys
Within MOBISYS, only those entities gain access to your personal data that need these data to fulfill our contractual or legal obligations, or to protect our legitimate interests.
6.2 Use of Data outside Mobisys
We respect the protection of your personal data and will only share information about you if required by law, if you have consented, or to fulfill contractual obligations.
For example, the following recipients may be required by law to disclose your personal data:
- Public authorities or supervisory authorities, e.g. tax authorities, customs authorities;
- Judicial and law enforcement authorities, e.g. police, courts, prosecution;
- Lawyers or notaries, e.g. in litigations;
In order to fulfill our contractual obligations, we cooperate with other companies. This includes:
- Partner companies (reselling)
- Transport service providers and forwarding agencies
- Organizer and training service provider, if you have registered for us at certain fairs or events;
- Banks and financial service providers to handle all financial matters.
Own service providers
To make our operations efficient, we rely on the services of external service providers who may receive personal information from you, including IT service providers, printing and telecommunications service providers, collections, consulting or distribution companies, for the purposes described.
- Important: We pay close attention to your personal data!
In order to ensure that the same data protection standards as in our company are adhered to by the service providers, we have entered into corresponding order processing contracts. These contracts regulate inter alia:
- that third parties only have access to the data they need to perform the tasks assigned to them;
- that only employees who have explicitly committed to complying with the data protection regulations will receive access to their data from the service providers;
- that the service providers comply with technical and organizational measures that ensure data security and data protection;
- what happens to the data when the business relationship between the service provider and us is terminated.
For service providers located outside the European Economic Area (EEA), we take special security measures (for example, through the use of special contract clauses) to ensure that the data are treated with the same degree of prudence as in the EEA. We regularly check all our service providers for compliance with our specifications.
6.3 Links on Social Media Platforms
On our website we use Social Plug-ins of various social networks (Facebook, Twitter, Youtube, XING, kununu, LinkedIn, Google+). If you visit a page on our website that contains such a plug-in, your browser establishes a direct connection to the servers of the respective provider. The content of the plug-in is transmitted by the provider directly to your browser and integrated into the page. Through this integration, the provider receives the information that your browser has accessed the corresponding page, even if you do not have a profile with this provider or are currently not logged in there. This information (including your IP address) is transmitted by your browser directly to a server of the provider (usually in the US) and stored there. If you are logged in with the provider, he can immediately allocate the visit to our website to your profile. If you interact with the plug-ins, for example, press a button or leave a comment, this information is also transmitted directly to a server of the provider and stored there. The respective provider may publish this information on your profile or show to your contacts.
If you do not want the providers to assign the data collected via our website directly to your profile in the respective social network, you must log out of the corresponding network before you visit our website.
- Very important: On no account do we sell your personal data to third parties!
7 Are you Obligated to Provide us with Personal Data?
In the context of the business relationship between you and Mobisys, we require the following categories of personal data:
- all necessary data for the establishment and execution of a business relationship;
- data required to fulfill contractual obligations;
- data that we are legally required to collect.
Without this data, we are unable to enter into or execute contracts with you.
8 Deletion Period
In accordance with applicable data protection regulations, we do not store your personal data longer than we need it for the purposes of the respective processing. If the data is no longer required for the fulfillment of contractual or legal obligations, they are regularly deleted by us, unless their temporary retention is still necessary. The following reasons may exist for further retention:
- There must be adherence to commercial and tax-related retention requirements: The retention periods primarily according to the provisions of the Commercial Code and the Tax Code are up to 10 years.
- To obtain evidence in the event of litigations within the statutory limitation provision: limitation periods can be up to 30 years in civil law, whereby the period of limitation begins after three years.
9 Your Rights
As part of the processing of your personal data, you also have certain rights. More details can be found in the corresponding provisions of the General Data Protection Regulation (Articles 15 to 21).
9.1 Right to Access and Rectification
You have the right to obtain information from us as to which of your personal data we process. If this information is no longer correct, you can request the correction of the data from us, in case of incomplete information, its addition. If we have passed on your data to third parties, we will inform the corresponding third parties in the appropriate legal situation.
9.2 Right to Erasure
In the following circumstances you can request the immediate deletion of your personal data:
- If your personal data is no longer needed for the purposes for which it was collected;
- If you have withdrawn your consent and there is no other legal basis for data processing;
- If you object to the processing and there are no legitimate reasons for data processing;
- If your data is processed unlawfully;
- If your personal data needs to be deleted to fulfill legal obligations.
- Please note that before deleting your data, we must verify that there is no legitimate reason to process your personal data.
9.3 Right to Restriction of Processing (“Right to Blocking”)
For one of the following reasons, you may require us to restrict the processing of your personal data:
- If you deny the accuracy of the data until we have had the opportunity to verify the accuracy of the data;
- If the data is processed unlawfully, but instead of deletion, you only require the restriction of the use of personal data;
- Although we no longer need your personal data for the purposes of processing, you still need it to assert, exercise or defend your rights;
- If you have objected to the processing and it is not yet clear whether your legitimate interests outweigh ours.
9.4 Right to Object
9.4.1 Case-specific Right to Object
If the processing is in the public interest or on the basis of a balance of interests, you have the right to object to the processing for reasons that arise from your particular situation. If we do so, we will not process your personal data unless we can prove compelling legitimate reasons for processing your data that override your interests, rights and freedoms, or because your personal information is used to assert, exercise or defend legal claims. The objection does not preclude the lawfulness of the processing up to the time of the objection.
9.4.2 Marketing Objection
In cases where your personal data is used for marketing purposes, you can object to this form of processing at any time. We will no longer process your personal data for these purposes.
The objection can be free of form and should be addressed to:
Mobisys Mobile Informationssysteme GmbH
Email: firstname.lastname@example.org (mailto:email@example.com)
Phone: +49 6227 8635-0
9.5 Right to Data Portability
You have the right to receive personal data you have given us for processing on request in a portable and machine-readable format.
9.6 Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)
We try to process your requests and claims as quickly as possible in order to protect your rights accordingly. However, depending on the frequency of requests, it may take up to 30 days before we can inform you about your concern.
If it takes longer, we will promptly notify you of the reasons for the delay and discuss the further procedure with you.
In some cases we are not allow or may not give you any information. If legally permissible, we will inform you of the reason for the refusal of the information.
However, if you are not satisfied with our responses and reactions or believe that we are violating applicable data protection laws, you are free to file a complaint with both our Privacy Officer and the appropriate supervisory authority. The supervisory authority responsible for us is:
The State Representative for Data Protection and Freedom-of-Information Baden-Württemberg
Mailbox 10 29 32
Phone: 0711/61 55 41-0
Fax: 0711/61 55 41-15
Email: firstname.lastname@example.org (mailto:email@example.com)
This Privacy Statement is as of May 17th, 2018. Registered customers will be informed about changes in the privacy statement. Earlier versions of the privacy statement are available from our Privacy Officer.