Data Protection Policy

Protecting your personal data when collecting, processing and using it by virtue of you visiting our homepage is an important matter for us. At usedSoft Deutschland GmbH (hereinafter 'usedSoft'), particularly high importance is placed on protecting personal data. We would therefore like to use this opportunity to inform you about data protection in our company. It goes without saying that we comply with the statutory provisions of the General Data Protection regulation (GDPR), the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG), and other provisions under data protection legislation.

What data of yours usedSoft collects, how it is handled, and to whom it is made available etc. is summarised in the following data protection policy:

Name and address of the controller

The controller in the sense of the General Data Protection Regulation, other domestic data protection legislation of the Member States, other provisions under data protection legislation is:

usedSoft Deutschland GmbH
Feldstraße 40
44141 Dortmund
Germany

Telephone: +49 231 10 62 35 10
Fax: +49 231 10 62 35 16
Email: helpdesk@usedsoft.com

Direct contact with a point of contact regarding data protection 

The controller has appointed an external data protection officer and internal data protection coordinator for the company. For all questions about data protection such as requests for information, applications for access, or objections to data processing, please contact:

usedSoft Deutschland GmbH
c/o René Rautenberg
Feldstraße 40
44141 Dortmund
Germany

Email: Datenschutzbeauftragter@usedSoft.com



Collecting and processing data

No data about you is collected by the usedSoft website (http://www.usedsoft.com) (for example first name, surname, address, telephone number, email address etc.) unless you provide us with such data on a voluntary basis (for example by completing our form on the website, survey etc.) or, as may apply, you have consented to the collection or processing of your data, or the corresponding legal provisions about protecting your data allow this.

usedSoft will not knowingly collect data of children without expressly pointing out that such data should only be provided with the consent of the parents if applicable legal provisions provide for this. In principle, data of children is only used or disclosed by usedSoft where permitted by law, for obtaining parental consent required by law, or for protecting children. Applicable national provisions and cultural customs are to be borne in mind here for the term 'child/children'.

Collection and processing of data when establishing contact with regard to a business relationship or contract conclusion

If you establish contact with us, for example to buy or sell products, we collect the following information about you, or about your employees if they also contact us:

  • title, forename, surname,
  • a valid e-mail address,
  • address,
  • telephone number (fixed line and/or mobile phone),
  • information that is necessary for processing your specific enquiry.

These data are collected,

  • in order to be able to identify you as our (potential) customer;
  • in order to be able to advise you appropriately;
  • to correspond with you;
  • to issue an invoice;
  • to assert any existing liability claims or any other claims arising from the business relationship.


The data are processed at your request where this is necessary under Art. 6 Clause 1 (b) GDPR for the aforementioned purposes for the appropriate performance of a contract and for the mutual fulfilment of obligations arising from the business relationship.

The personal data collected by us upon assignment shall be stored for the purpose of processing a purchase and/or sale and thereafter until the expiry of the statutory retention obligations, after which they shall be deleted. A retention obligation occurs, for example, when storage is mandatory under Art. 6 Clause 1 (c) GDPR due to tax-related and commercial law storage and documentation obligations (from HGB, StGB or AO). Additional storage is also possible if you have consented to this, pursuant to Art. 6 Clause 1 (a) GDPR.

Otherwise, the advice contained in our privacy policy apply, in particular with regard to your rights as a data subject. 


Purpose

In order to enable expeditious electronic communication, usedSoft can be reached via a contact form or by email. Where a data subject makes contact with usedSoft by email or via a contact form, personal data provided by the data subject is automatically stored.

Where you haven provided usedSoft with personal data, usedSoft only uses it for responding to your enquiries, performing contracts entered into with you, and for technical administration. Your personal data is only disclosed or otherwise transmitted to third parties if required for the purposes of performing a contract (in particular the forwarding of order details to suppliers), for invoicing purposes, or you have consented to it beforehand. You have the right to revoke consent granted with future effect at any time.

Personal data provided on a voluntary basis is stored on the basis of Article 6 (1, a) GDPR for the purposes of processing the enquiry and/or contacting the data subject. Where the enquiry is made with regard to performing a contract or implementing pre-contractual measures, the legal basis is Article 6 (1, b) GDPR. Personal data is not forwarded to third parties unless the data subject has consented to disclosure in advance.

In addition, for tending to the client relationship it may be necessary for usedSoft or a third party on behalf of usedSoft to use personal data to inform the data subject about usedSoft offers of use to the business activity of the data subject, or for the online collection of data used by usedSoft for better serving the requirements of the data subject. In this case, processing is on the basis of Article 6 (1, f) GDPR.

Stored personal data is erased if you revoke your consent to storage, if knowledge of it is no longer required for performing the purpose pursued with the purpose, or if its storage is not permitted for other legal reasons.


Use for a specific purpose

usedSoft will only collect, process or use personal data provided online by you for purposes of which you have been informed under this data protection policy or otherwise expressly informed where collection, processing or use

  • is in direct connection with the original purpose of collecting the personal data,
  • required for processing, negotiating and performing a contract with you,
  • required due to legal obligations, or official or court order,
  • required for substantiating or protecting legal claims, or for defending against actions, serving to prevent abuse or other unlawful activity, for example intentional attacks on the usedSoft server systems for guaranteeing data security.


Details specific to communication or use

If you resort to telecommunications services on the usedSoft website, details specific to communication (e.g. internet protocol address) or, as may apply, details specific to use (e.g. details about the start and duration of use as well as telecommunications services used by you) are automatically created using technical resources. These may draw conclusions about personal data. Where collection, processing and use of your communication details specific to your communication or, as may apply, use is mandatory, it is subject to the statutory provisions regarding data protection.


Automatically collected non-personal data

If you access the usedSoft website, information is automatically collected on an occasional basis (i.e. not via registration) that is not assigned to a specific person (for example internet browser and operating system used; domain name of website from where you were directed; number of visits; average stay; pages accessed). usedSoft uses this information for determining the attractiveness of the usedSoft website, and improving its content and performance. 


Disclosing personal data to third parties

Contractual provisions may require personal data to be disclosed to third parties By way of example, this may enable the sending of goods by providing the shipping partner with the name and address of the recipient. The data subject failing to provide personal data or revoking consent results in the contract not being able to be performed, or not being able to be performed properly.

In addition, the provision of personal data is in part prescribed by law, for instance under tax law.

Under no circumstances will personal data be sold or otherwise marketed to third parties.


Data erasure and storage duration

Personal data of the data subject is erased or blocked as soon as the purpose of storage no longer exists. Storage may also occur if provision is made by European or national legislators in European Regulations, laws or other requirements to which the controller is subject. In this case, processing occurs on the basis of Article 6 (1, c) GDPR. Once the storage period intended by law has expired, the corresponding personal data is erased unless there is a requirement for continued storage of the data for entering into or performing a contract.


Security

By means of technical and organisational security measures, usedSoft ensures that your personal data is protected against unintended or unlawful erasure, alteration or loss, and against unlawful disclosure or unlawful access. 


Links to other websites

The usedSoft website contains links to other websites. usedSoft is not responsible for the data protection policies of these other websites.


Cookies

If you visit the usedSoft website, usedSoft may place information on your computer in the form of cookies that automatically recognise you on your next visit. By way of example, cookies allow a website to adapt a website to your interests or save your password so that you do not have to re-enter it every time. If you do not want usedSoft to recognise your computer, set your internet browser in such a way to delete cookies from your computer hard drive, block all cookies, or warn you before a cookie is saved.


Automated decision-making and profiling

As a responsible company, usedSoft rejects automatic decision-making or profiling.


Newsletter subscription and data protection provisions for using MailChimp

usedSoft will use the information that you provide in the newsletter form for staying in contact with you and providing you with updates and marketing information. usedSoft arranges this service in part via a mailing service provider.

usedSoft sends its newsletter by means of the 'MailChimp' mailing service provider, a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. By subscribing to our newsletter, you consent to receiving it and at the same time consent to the mailing service provider 'MailChimp' being employed with the possibility of your reading habits being recorded for statistical purposes.

The data MailChimp privacy policy can be viewed here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC trading as MailChimp is certified under the Privacy Shield Framework and thus ensures compliance with the European level of data protectionhttps://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). MailChimp is used on the basis of our legitimate interests in accordance with Article 6 (1, f) GDPR and an order processing agreement in accordance with Article 3 (1) GDPR. According to its own information, MailChimp will use the data of the recipient for optimising or improving its own services, for example for technical optimisation of the mailing and representation of the newsletter, or for statistical purposes. However, the mailing service provider does not use data of our newsletter recipients for making contact itself or disclosing the data to third parties.

The email addresses of our newsletter recipients as well as other data of theirs described in this respect is stored on MailChimp servers in the USA. MailChimp uses this information to mail and evaluate the newsletter on our behalf. In addition, according to its own information, MailChimp is able to use this data to optimise or improve its own services, for example to optimise mailing technology and represent the newsletter, or for commercial purposes to determine from what countries the recipients originate. However, MailChimp does not use the data from our newsletter recipients to make contact itself or forward to third parties.

About statistical collection and analysis by MailChimp in detail:

Our newsletter contains a so-called web beacon, i.e. a pixel-sized file called up by a MailChimp server when the newsletter is opened. When called up in this way, technical information, such as information about the browser and your system as well as you IP address at the time of being called up is collected. This information is used for technical improvement of the services by means of the technical data or of the target groups and their reading habits by means of its place of access (determinable with the help of the IP address) or the times of access.

Statistical collection also includes the determination of whether you have opened the newsletter, and what links have been clicked by you. For technical reasons, this information can indeed be assigned to individual newsletter recipients. Nevertheless, it is neither our intention, nor that of MailChimp, to monitor individual users. The evaluations serve usedSoft much more to identify the reading habits of the newsletter recipients and adapt the newsletter content accordingly, or to send different content according to the interests of the newsletter recipients.

You can cancel subscription to the newsletter at any time. Your consent to storing personal data that you granted usedSoft for mailing the newsletter can be revoked at any time. There is a corresponding link in every newsletter for the purpose of revoking consent. In addition, there is the possibility of you turning directly at any time to usedSoft via the contact options on this website for cancelling mailing of the newsletter.


Information about analysis tools

Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter 'Google'). Google Analytics uses cookies, text files stored on your computer that enable the use of the website to be analysed. As a rule, information generated by the cookie about your use of the website is sent to and stored on a Google server in the USA. In the event of IP anonymisation being enabled on this website, your IP address is however abbreviated by Google within Member States of the European Union or in other signatory states to the Agreement on the European Area beforehand. Only in exceptional cases is the full IP address sent to a Google server in the USA and abbreviated there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, compile reports about website activity, and provide the website operator with additional services associated with use of the website  and the internet. The IP address provided by your browser under Google Analytics is not combined with other data from Google. You can prevent the storage of cookies by appropriately setting your browser software. In this case however, usedSoft points out that you may not be able to use all functions of the usedSoft website to their full extent. You can also prevent the collection of data generated by the cookie and referring to your use of the website (including your IP address) for Google, as well as processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en

In view of the discussion about the use of analysis tools with full IP addresses, usedSoft would like to point out that the usedSoft website uses Google Analytics with the extension '_anonymizeIp()' and therefore only further processes IP addresses in an abbreviated format to rule out them being linked directly to a person.


Google AdWords Conversion Tracking

this website uses Google AdWords Conversion Tracking, a web analysis service from Google Inc. ('Google'). Google AdWords Conversion Tracking also uses cookies, that are stored on your computer and enable analysis of the use of the website. Information generated by the cookie about your use of this website is sent to and stored on a Google server in the USA. Google will use this information to evaluate your use of the website, compile reports about website activities for the website operator, and for providing additional services associated with use of the website and internet. Google will also send this information to third parties provided that this is provided for by law, or where third parties process this on behalf of Google. Under no circumstances will Google combine the data with other data from Google. You can generally prevent the use of cookies if you prohibit the storage of cookies in your browser. They will then not be included in conversion tracking statistics. You will find further information as well as the Google privacy policy under: https://policies.google.com/technologies/ads?hl=enhttp://www.google.de/policies/privacy/


Google Remarketing

This website uses the remarketing function of Google Inc. ('Google'). This function serves to present advertisements of interest to visitors to the website as part of the Google advertising network. In doing so, the browser of the visitor to the website stores so-called cookies - text files stored on your computer that enable the visitor to be identified if it access this website belonging to the Google advertising network. Adverts can be presented on these sites to the visitor that refer to content previously accessed by the visitor on websites that use the Google remarketing function. According to its own information, Google collects no personal data in this process. Nevertheless, should you not want the Google remarketing function, you can invariably disable it by adjusting the corresponding settings under http://www.google.com/settings/ads. Alternatively, you can disable the use of cookies for interest-specific advertising via the advertising network initiative by following the instructions under http://www.networkadvertising.org/managing/opt_out.asp.


Information about social plugins using 'Shariff'

Normal social media buttons pass user data every time pages are accessed to Facebook & co., and provide the social networks with precise information about surfing habits (user tracking). You need to be neither logged in nor on the network in this respect. By contrast, a Shariff button only establishes direct contact between the social network and the visitor if the latter actively clicks on the social plugin button in question (source and more information: www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html). Only if you interact with one of the plugins, for example by clicking on the the 'Share' or 'Tweet' button, is this information sent directly to and stored on a server of the respective network. This information is also published via your profile and shown to your contacts.

By employing the data-protection-friendly 'Shariff solution' this website uses social plugins from Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (hereinafter 'Facebook'). If you access pages containing such a plugin, after clicking on the social plugin data about your visiting habits is sent to the Facebook server. The website operator has no influence over the type and scope of the data collected and sent to Facebook. Being logged into Facebook allows Facebook to assign your visit to your Facebook account. You will find further information about the Facebook privacy policy under: https://www.facebook.com/about/privacy/.

By employing the data-protection-friendly 'Shariff solution, the website also uses social plugins from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter 'Google'). If you access pages containing such a plugin, after clicking on the social plugin data about your visiting habits is sent to the Google server. The website operator has no influence over the type and scope of the data collected and sent to Google. Being logged into Google allows Google to assign your visit to your Google account. You will find further information about data protection with the Google +1 button under: https://developers.google.com/+/web/buttons-policy.

By employing the data-protection-friendly 'Shariff solution', this website also uses plugins from Twitter Inc., 1355 Market St., Suite 900, San Francisco, CA 94103, USA (hereinafter 'Twitter'). If you access pages containing such a plugin, after clicking on the social plugin data about your visiting habits is sent to the Twitter server. The website operator has no influence over the type and scope of the data collected and sent to Twitter. Being logged into Twitter allows Twitter to assign your visit to your Twitter account.


Legal bases for processing personal data

Where we obtain consent of the data subject for processing personal data, Article 6 (1, a) EU General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data required for performing a contract whose party is the data subject, Article 6 (1, b) GDPR serves as the legal basis. This also applies to processing required for implementing pre-contractual measures.

Where processing personal data is required for performing a legal obligation to which our company is subject, Article 6 (1, c) GDPR serves as the legal basis.

In the event of essential interests of the data subject or another natural person making processing of personal data necessary, Article 6 (1, d) GDPR serves as the legal basis.

Where processing is required for guaranteeing a legitimate interest of our company or a third party, and the interests and fundamental rights and freedoms of the data subject do not outweigh the first-stated interest, Article 6 (1, f) GDPR serves as the legal basis for the processing.


Rights of the data subject

The data subject is in principle entitled to the following rights under GDPR:

  • Right of confirmation and access (see Article 15 GDPR) 
  • Right of rectification (see Article 16 GDPR) 
  • Right to revoke consent under data protection legislation (see Article 7 GDPR) 
  • Right to erasure ('right to be forgotten', see Article 17 GDPR) 
  • Right to restriction of processing (see Article 18 GDPR) 
  • Right to object (see Article 21 GDPR) 
  • Right to data portability (see Article 20 GDPR) 
  • Right to lodge a complaint with a supervisory authority (see Article GDPR) 

In order to exercise one or more of these rights, please click on the 'Contact' link in the right-hand column or in the footer and contact us. You can send a message with your concerns to the email or postal address shown in the Legal Notice.


Express reference to the right to object in accordance with Article 21 GDPR

 

The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to the processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Where personal data is processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Release: 5/2018