Regardless of whether you are a customer, prospective customer, applicant or visitor to our website: We, MOBISYS Mobile Informationssysteme GmbH (hereinafter: “mobisys”, “we”), consider the protection of your personal data of high importance. But what does that mean in particular?
Below, we provide you with an insight into what personal information we collect from you and how we process it. Furthermore, you will receive an overview of your rights under applicable privacy law. In addition, we will give you your contacts if you have any further questions.
2 Who are we?
mobisys supports companies in the worldwide integration and process optimization of SAP Mobility in Plant Maintenance, Production, Logistics and Controlling. Along with SAP consulting companies of our partner program, the customer is advised in all phases of an SAP project.
As responsible within the meaning of applicable privacy laws, we take
MOBISYS Mobile Informationssysteme GmbH
Phone: +49 6227 8635-0
Fax: +49 6227 8635-55
all measures necessary under applicable privacy law to ensure the protection of your personal data.
For any questions regarding this Privacy Statement, please contact our Privacy Officer.
MOBISYS Mobile Informationssysteme GmbH
Data Protection Officer Holger Schoennerstedt
3 Scope of the Privacy Statement
By the processing of personal data, the legislator means activities such as collecting, entering, organizing, arranging, storing, adapting or changing, reading out, querying, using, disclosing through transmission, dissemination or any other form of providing, comparising, or linking, restricting, deleting, or destroying personal data.
Personal data is any information that relates to an identified or identifiable natural person.
This privacy statement is about the personal data of customers, prospects, applicants or visitors.
4 What personal data do we process?
Your personal data will be collected by us when you get in touch with us, e.g. as an interested party or customer. This may, for example, be done by being interested in our products, by registering for our online services, by contacting us through our communication channels, or by using our products or services as part of existing business relationships.
The following types of personal data are processed by us:
- Information for personal identification
first and last name, address data, email address, phone number
- Order data
customer number, SAP installation number, order number, invoice number
- Company-related data
company name, department, activity, position
- Data about your online behavior
IP addresses, user names, data about your visits to our website (name of the retrieved website, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the page visitor’s operating system, referrer URL (previously visited page) and the requesting provider, place of access), actions performed on our websites and in our portal.
- Information about your interests and wishes, which you tell us
via our contact form or via other communication channels
- Information regarding our application process
about your professional background such as vocational training, previous employers, other qualifications
4.1 Sensitive Data
Sensitive data, thus special categories of personal data such , as information on religious or union affiliation is not collected that way.
4.2.1 What are Cookies?
4.2.2 Google Analytics
If you have given your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
184.108.40.206 Scope of the processing
anonymization, your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be sent to a Google server in the US and shortened there. According to Google,
the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. During your website visit, your user behavior is recorded in the form of “events”. Events can be:
- Page views
- First visit to the website
- Start of session
- Your “click path”, interacting with the website
- Scrolls (whenever a user scrolls to the bottom of the page (90%))
- Clicks to external links
- Internal search queries
- Interaction with videos
- File downloads
- Viewed / clicked ads
- Language settings
It also includes:
- Your approximate location (region)
- Your IP address (in shorten form)
- Technical information about your browser and the terminal devices you use
(e.g. language setting, screen resolution)
- Your Internet service provider
- The referrer URL (via which website / advertising medium you came to this
220.127.116.11 Purpose of processing
On behalf of the operator of this website , Google will use this information to evaluate your use of the website and to compile reports on website activities. The reports provided by Google Analytics serve to analyze the performance of our website and the success of our marketing campaigns.
Recipients of the data are/may be
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as
processor according to Art. 28 GDPR)
- Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA
- Alphabet Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA
It cannot be ruled out that US authorities may access the data stored at Google.
18.104.22.168 Third country transfer
Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU
standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland,
Google LLC, is based in California, USA. A transfer of data to the United States and an access of US authorities to the data stored at Google cannot be
excluded. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You
may not be entitled to any legal remedies against access by authorities.
22.214.171.124 Duration of storage
The data sent by us and linked with cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached occurs
automatically once a month.
126.96.36.199 Legal basis
The legal basis for this data processing is your consent pursuant to Art.6 para.1
p.1 lit. a GDPR.
You can revoke your consent at any time with future effect by accessing the cookie settings on our cookie declaration (at the bottom of our website)
https://mobisys.com/cookie-richtlinie/ (https://mobisys.com/cookie-richtlinie/) and changing your selection there. The legality of the processing carried out on the basis of the consent until the revocation remains unaffected. You can also prevent the storage of cookies from the outset by setting your
browser software accordingly. However, if you configure your browser to reject all cookies , it may limit functionality on this and other websites. In addition, you
can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of
this data by Google, by
a. not giving your consent to the setting of the cookie or
b. downloading and installing the browser add-on to disable Google Analytics HERE (https://tools.google.com/dlpage/gaoptout?hl=de).
policy, please visit https://marketingplatform.google.com/about/analytics/terms/us/ and
4.2.3 Pardot Services
We use the Pardot Marketing Automation System (Pardot MAS). Pardot is marketing automation software from Salesforce.com, inc, The Landmark @ One Market Street, San Francisco, CA 94105, USA. Pardot is a special software for recording and evaluating the use of a website by website visitors. Insofar as Pardot processes personal data, the processing is carried out exclusively on our behalf and in accordance with our instructions.
When you visit our website, Pardot MAS records your click path and uses it to create an individual usage profile using a pseudonym. For this purpose, cookies are used that allow your browser to be recognized.
In order to provide you with the most interesting offer or product information possible, it is possible to merge your personal data with the data of a pseudonymized usage profile via the cookies set, provided that you provide personal data, for example, by filling out a form or consent to receive marketing e-mails from us.
4.3 Plug-ins and Tools
Our website uses plug-ins from the Google-powered YouTube page. Site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our sites containing a YouTube plug-in, you will be connected to the servers of YouTube. It tells the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, you will allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account and deleting cookies before logging in.
The use of YouTube is in the interest of an attractive presentation of our online offers.
To conduct webinars over the Internet, mobisys uses the GoToWebinar software solution from LogMeIn, Inc. 333 Summer Street, MA 02210 Boston, USA.
LogMeIn, Inc. is the data controller for the provision of this service and related data processing.
- Registration for a webinar:
On our website, when you click the registration button on the webinars, a direct connection to LogMeIn, Inc. infrastructure is established with your browser and a registration page is provided. Registration for a webinar via the mobisys portal page is done via your mobisys portal profile data. Your personal information such as name and email address and company name will be collected / stored by LogMeIn, Inc. and transmitted to the webinar organizer (mobisys).
- Implementation of a webinar:
To conduct the webinar, LogMeIn, Inc. will use the information provided during registration and establish an encrypted connection between you and the webinar organizer.
The webinars are recorded regularly to make them available on the mobisys portal page for later retrieval. During and after the webinar statistical data will be collected. If you participate in a webinar, in addition to your registration data, we will receive information about the duration of participation, interest in the webinar, questions asked or answers given for the purpose of further customer service or to enhance the user experience.
4.3.3 LinkedIn (Insight Tag)
We use the conversion tracking with LinkedIn Insights Tag, a tool of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland, on our website. For this purpose, the LinkedIn Insight Tag is integrated on our pages and a cookie is set on your end device by LinkedIn. This informs LinkedIn that you have visited our web pages, whereby your IP address is also collected. In addition, timestamps and events such as page views are stored. This enables us to statistically evaluate the use of our website in order to constantly optimize it. We learn, for example, through which LinkedIn ad or interaction on LinkedIn you came to our website. This allows us to better control the display of our advertising.
4.3.4 LinkedIn & LinkedIn Sales Navigator
We use our presence on business-oriented platforms such as LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland), as well as related tools such as the LinkedIn Sales Navigator, actively to address, communicate or initiate business contacts with you, etc.
For this purpose, we process the data provided to us by the respective platform. This may include your name, your employer, your position with your employer, your education and other contacts on the relevant platform. Depending on the type of contact with you, further data, such as the specific business relationships or the content of the communication with you, may be processed by us.
In this case, we can also transfer your data to our CRM system and merge or link it to your existing data.
We use currently the following providers or tools:
- LinkedIn (https://de.linkedin.com/legal/privacy-policy)
- LinkedIn Sales Navigator (https://business.linkedin.com/de-de/sales-solutions/sales-navigator)
We process your personal data to address, communicate or initiate business contacts with you (including through our CRM) on the basis of the following legal bases:
- Your consent in accordance with Art. 6 para. 1 lit. a GDRP which you have granted to the provider when registering for the respective social media platform, insofar as it concerns your platform user data (name, employer, position, usage behavior on the platform, etc.). Please note that you have the right to revoke your consent for the future at any time.
- For the fulfillment of a contract or for the implementation of pre-contractual measures pursuant to Art. 6 para. 1 lit. b GDRP, if we already have a business relationship with you or carry out pre-contractual measures on the basis of your request via the platform (e.g. further contact or communication);
- to safeguard our legitimate interests in accordance with Art. 6 Para. 1 lit. f GDPR. Our legitimate interest is the appropriate approach, communication or initiation of business contacts with you for the establishment, implementation, maintenance or termination of a business relationship with you.
LinkedIn processes your data, including in the United States. An adequacy decision of the European Commission, available at: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en (https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en), was adopted for the transfer of data to the United States. However, the adequacy decision applies only to US companies that have participated in the EU-US data protection framework. LinkedIn has not yet joined the EU-US data protection framework. The legal basis for the transfer of personal data is therefore still the standard contractual clauses of the European Commission. For more information about the standard contractual clauses on LinkedIn, visit https://de.linkedin.com/legal/l/dpa (https://de.linkedin.com/legal/l/dpa) or https://www.linkedin.com/legal/l/eu-sccs (https://www.linkedin.com/legal/l/eu-sccs).
4.3.5 LinkedIn Lead Gen Form
Lead Gen Forms are pre-filled forms with LinkedIn profile data that allow members to submit their data (e.g., identification data and contact information) with just a few clicks.
Depending on the content of the forms, you can sign up for an event or ask for contact. We use LinkedIn Lead Gen Forms to generate leads and thus attract new customers. The legal basis of the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time for the future. On LinkedIn, the lead data is automatically deleted after 90 days.
For more information on how to handle your personal data, please refer to the LinkedIn Privacy Statement, available at: https://www.linkedin.com/legal/privacy-policy (https://www.linkedin.com/legal/privacy-policy).
4.3.6 Telephone Tracking (matelso GmbH)
We use “Matelso Call Tracking”, a service of matelso GmbH, Heilbronner Str. 150, 70191 Stuttgart, Germany, on our website.
From the point of view of data protection law, matelso GmbH is the contract processor in accordance with Art. 28 GDPR. We have contractually ensured that matelso GmbH has also committed itself to strict compliance with the applicable legal privacy policies and our instructions.
If you call on a phone number operated by matelso for us, the following data could be collected and processed inter alia:
- Subscriber data (e.g. postal address, landline number, mobile number, service number). This data is not only required for activating phone numbers, but is also stored by matelso throughout the entire service life of the phone number(s). This data is stored on matelso servers and is retained until the call number is canceled/deactivated.
- Caller ID (e.g. caller’s phone number, call lists, connection data). This data will be anonymized or stored until the call number is terminated / deactivated
- Cookie IDs. This data will be stored until consent is revoked.
- Texts and images you see, data from the URL, data from the source code of our website.
This data is processed for marketing and optimization purposes. The legal basis of the processing is your consent. You can revoke your consent at any time for the future.
More information about matelso GmbH can be found at https://www.matelso.de (https://www.matelso.de).
5 Processing Your Data
For What Do We Process Your Personal Data – On Which Legal Basis?
5.1 Performance of a Contract
We process your data in order to fulfill our contracts. This also applies to information that you provide to us in the context of pre-contractual correspondence. The specific purposes of the data processing depend on the product and the application submitted and can also be used to analyze your needs and to check which products and services are suitable for you.
5.1.1 Implementation of the Contractual Relationship
For the implementation of the contract we need your name, your address, your phone number or your email address, so that we can contact you.
5.1.2 Offering Goods and Services
We also need your personal data in order to check if and which products and services we can and are allowed to offer you.
Details of the respective purposes of the data processing can be found in the contract documents and our general terms and conditions.
5.1.3 Implementation of the Application Process
We process your data, which you have sent to us as part of your application, to check whether your professional qualifications are suitable for the job advertised. We only use your information for the application process and transfer it to your personal file when the contract is concluded. If it does not come to an agreement, your information will be deleted or destroyed. We will use your candidate information for no other purpose , than to implement the application process. For more information on data processing during the application process, please refer to the Applicant Privacy Statement.
5.2 After Balancing of Interests
We Improve our Services and Offer you Suitable Products.
5.2.1 To Strengthen and Optimize the Customer Relationship
As part of our efforts to continuously improve our relationship with you, we occasionally ask you to participate in our customer surveys. The results of the surveys serve to better tailor our products and services to your needs.
5.2.2 Data Processing and Analysis for Marketing Purposes
Your needs are important to us and we try to give you information about products and services that suit exactly you. For this we use the findings from our joint business relationship as well as from market research. The key goal is to adapt our product suggestions to your needs. In this context, we guarantee that we will always process the data in accordance with applicable privacy laws.
- Important: You can object to the use of your personal data for this purpose at any time.
What do we exactly analyze and process?
- Results of our marketing actions to measure the efficiency and relevance of our campaigns;
- Information from your visits to our website;
- We analyze the possible needs of our products and services.
5.2.3 Measures that serve your security
- We use your personal data, inter alia, in the following cases:
In order to protect you or your company from fraudulent activities, we analyze your data. This can be e.g. if you have been the victim of identity theft or if unauthorized persons have gained access to your user account in other ways;
- To improve the reliability of our web applications, our IT support works closely with you in case of technical problems. In this context, we also evaluate logging of site views, actions performed, etc. ;
- To guarantee IT security;
- To be able to record and prove facts in case of possible legal disputes.
5.3 Due to your Consent
If you have consented to the processing of your personal data for one or more specific purposes, we are permitted to process your data. You may withdraw this consent for the future at any time without incurring any costs other than the base rate transmission costs (the cost of your internet connection). However, the revocation of consent does not affect the legality of the processing carried out until the revocation.
You have the possibility to register for our newsletter via our website. For sending we only need your email address, all other information is voluntary. You will receive our newsletter only after successful completion of a double opt-in procedure. You have the right at any time to view your consent form or unsubscribe from the newsletter. Corresponding links are implemented in every accompanying mailing to our newsletter. In the case of cancellation of our newsletter, we will immediately delete your contact details from our newsletter distribution list.
The legislator has certain requirements for the effectiveness of electronic consent, as it is used to sign up for the newsletter. This includes the logging of your declaration of consent. We therefore record the date and time of the consent, the text of the declaration of consent, the fact that the checkbox was selected, your email address and all other optional information. We only collect this information in order to comply with legal obligations.
Emails sent with Pardot MAS contain so-called web beacons. These are tiny graphics that allow us to analyze user behavior, such as opening and reading emails and clicking on links. This allows us to make our offered content more relevant and interesting for you.
5.4 Due to Legal Requirements or in the Public Interest
As a company, we are subject to a wide variety of legal requirements (for example, from tax legislation). In order to comply with our legal obligations, we process your personal data.
6 Where We Transfer Data and Why
6.1 Use of Data within mobisys
Within mobisys, only those entities gain access to your personal data that need these data to fulfill our contractual or legal obligations, or to protect our legitimate interests.
6.2 Use of Data outside mobisys
We respect the protection of your personal data and will only share information about you if required by law, if you have consented, or to fulfill contractual obligations.
For example, the following recipients may be required by law to disclose your personal data:
- Public authorities or supervisory authorities, e.g. tax authorities, customs authorities;
- Judicial and law enforcement authorities, e.g. police, courts, prosecution;
- Lawyers or notaries, e.g. in litigations;
In order to fulfill our contractual obligations, we cooperate with other companies. This includes:
- Partner companies (reselling)
- Transport service providers and forwarding agencies
- Organizer and training service provider, if you have registered for us at certain fairs or events;
- Banks and financial service providers to handle all financial matters.
Own service providers
To make our operations efficient, we rely on the services of external service providers who may receive personal information from you, including IT service providers, printing and telecommunications service providers, collections, consulting or distribution companies, for the purposes described.
- Important: We pay close attention to your personal data!
In order to ensure that the same data protection standards as in our company are adhered to by the service providers, we have entered into corresponding order processing contracts. These contracts regulate inter alia:
- that third parties only have access to the data they need to perform the tasks assigned to them;
- that only employees who have explicitly committed to complying with the data protection regulations will receive access to their data from the service providers;
- that the service providers comply with technical and organizational measures that ensure data security and data protection;
- what happens to the data when the business relationship between the service provider and us is terminated.
For service providers located outside the European Economic Area (EEA), we take special security measures (for example, through the use of special contract clauses) to ensure that the data are treated with the same degree of prudence as in the EEA. We regularly check all our service providers for compliance with our specifications.
6.3 Links on Social Media Platforms
On our website we use Social Plug-ins of various social networks (Facebook, Twitter, Youtube, XING, kununu, LinkedIn, Google+). If you visit a page on our website that contains such a plug-in, your browser establishes a direct connection to the servers of the respective provider. The content of the plug-in is transmitted by the provider directly to your browser and integrated into the page. Through this integration, the provider receives the information that your browser has accessed the corresponding page, even if you do not have a profile with this provider or are currently not logged in there. This information (including your IP address) is transmitted by your browser directly to a server of the provider (usually in the US) and stored there. If you are logged in with the provider, he can immediately allocate the visit to our website to your profile. If you interact with the plug-ins, for example, press a button or leave a comment, this information is also transmitted directly to a server of the provider and stored there. The respective provider may publish this information on your profile or show to your contacts.
If you do not want the providers to assign the data collected via our website directly to your profile in the respective social network, you must log out of the corresponding network before you visit our website.
Very important: On no account do we sell your personal data to third parties!
7 Are you Required to Provide us with Personal Data?
In the context of the business relationship between you and mobisys, we require the following categories of personal data:
- all necessary data for the establishment and execution of a business relationship;
- data required to fulfill contractual obligations;
- data that we are legally required to collect.
Without this data, we are unable to enter into or execute contracts with you.
8 Deletion Period
In accordance with applicable data protection regulations, we do not store your personal data longer than we need it for the purposes of the respective processing. If the data is no longer required for the fulfillment of contractual or legal obligations, they are regularly deleted by us, unless their temporary retention is still necessary. The following reasons may exist for further retention:
- There must be adherence to commercial and tax-related retention requirements: The retention periods primarily according to the provisions of the Commercial Code and the Tax Code are up to 10 years.
- To obtain evidence in the event of litigations within the statutory limitation provision: limitation periods can be up to 30 years in civil law, whereby the period of limitation begins after three years.
9 Your Rights
As part of the processing of your personal data, you also have certain rights. More details can be found in the corresponding provisions of the General Data Protection Regulation (Articles 15 to 21).
9.1 Right to Access and Rectification
You have the right to obtain information from us as to which of your personal data we process. If this information is no longer correct, you can request the correction of the data from us, in case of incomplete information, its addition. If we have passed on your data to third parties, we will inform the corresponding third parties in the appropriate legal situation.
9.2 Right to Erasure
In the following circumstances you can request the immediate deletion of your personal data:
- If your personal data is no longer needed for the purposes for which it was collected;
- If you have withdrawn your consent and there is no other legal basis for data processing;
- If you object to the processing and there are no legitimate reasons for data processing;
- If your data is processed unlawfully;
- If your personal data needs to be deleted to fulfill legal obligations.
- Please note that before deleting your data, we must verify that there is no legitimate reason to process your personal data.
9.3 Right to Restriction of Processing (“Right to Blocking”)
For one of the following reasons, you may require us to restrict the processing of your personal data:
- If you deny the accuracy of the data until we have had the opportunity to verify the accuracy of the data;
- If the data is processed unlawfully, but instead of deletion, you only require the restriction of the use of personal data;
- Although we no longer need your personal data for the purposes of processing, you still need it to assert, exercise or defend your rights;
- If you have objected to the processing and it is not yet clear whether your legitimate interests outweigh ours.
9.4 Right to Object
9.4.1 Case-specific Right to Object
If the processing is in the public interest or on the basis of a balance of interests, you have the right to object to the processing for reasons that arise from your particular situation. If we do so, we will not process your personal data unless we can prove compelling legitimate reasons for processing your data that override your interests, rights and freedoms, or because your personal information is used to assert, exercise or defend legal claims. The objection does not preclude the lawfulness of the processing up to the time of the objection.
9.4.2 Marketing Objection
In cases where your personal data is used for marketing purposes, you can object to this form of processing at any time. We will no longer process your personal data for these purposes.
The objection can be free of form and should be addressed to:
MOBISYS Mobile Informationssysteme GmbH
Phone: +49 6227 8635-0
9.5 Right to Data Portability
You have the right to receive personal data you have given us for processing on request in a portable and machine-readable format.
9.6 Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)
We try to process your requests and claims as quickly as possible in order to protect your rights accordingly. However, depending on the frequency of requests, it may take up to 30 days before we can inform you about your concern.
If it takes longer, we will promptly notify you of the reasons for the delay and discuss the further procedure with you.
In some cases we are not allow or may not give you any information. If legally permissible, we will inform you of the reason for the refusal of the information.
However, if you are not satisfied with our responses and reactions or believe that we are violating applicable data protection laws, you are free to file a complaint with both our Privacy Officer and the appropriate supervisory authority. The supervisory authority responsible for us is:
The State Representative for Data Protection and Freedom-of-Information Baden-Württemberg
Mailbox 10 29 32 70025 Stuttgart
Phone: 0711/61 55 41-0
Fax: 0711/61 55 41-15
10 Modification to the Privacy Statement