Data protection

Basic Information

Thank you for your interest in our personnel planning app. We are pleased that you are visiting our website. Your privacy and the protection of your personal data, when using our website is very important to us.

According to Article 4 No. 1 of the GDPR, personal data is any information relating to an identified or identifiable natural person. This includes, for example, information like your first and last name, your address, your telephone number, your e-mail address, but also your IP address.

Data that cannot be linked to you personally (e.g. after anonymisation) is not personal data. Processing (e.g. collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction) in accordance with Art. 4 No. 2 of the GDPR always requires legal grounds or your consent. Processed personal data must be deleted as soon as the purpose of the processing has been achieved and there is no longer any legally prescribed obligation to retain the data.

To give you an overview of the processing of your data and to make the individual processing steps transparent and easy to understand, we have summarised all relevant information for you in the following.

In addition, we will explain to you the nature and scope of the respective data processing, the purpose and the corresponding legal framework and the respective period of retention.

This data protection policy only applies to this website. It does not apply to other websites to which we only make reference through a hyperlink. We cannot assume any responsibility for the confidential handling of your personal data on these third-party websites, as we have no influence on whether these companies comply with the data protection regulations. Please refer directly to these websites for information on how these companies handle your personal data.


Contents

I. Responsible Body
II. Everything About Data Collection and Processing
III. Tools in Use
IV. Your Rights as a Subject of Data Processing
V. Your Right to Object
VI. Concluding Remark


I. Responsible Body

Responsible body for data processing according to Art. 4 no. 7 GDPR:

TeamUltim Software UG (haftungsbeschränkt)
Beethovenstr. 34
60325 Frankfurt
Germany
CEO: Alexey Lysenkov
E-Mail: office@teamutim.com


II. Everything About Data Collection and Processing

In the following, we will outline which data we collect from you and what is done with it. To enable you to clearly understand this, we have subdivided this list according to the respective types of data.

1. Data collection for the implementation of pre-contractual measures and the fulfilment of the contract

a) Collected data

  • your personal information
  • your first name, last name, e-mail address and telephone number
  • your date of birth, if applicable
  • your business information
  • the name of the business, its legal form, its address, its branches, as well as their locations and all business phone numbers

b) Purpose and legal basis of data processing

We receive the data through your data entry during the registration process on the website. We require this information in order to provide you with the personnel planning app and to be able to guarantee its best possible use for your company. It is used for user authentication, personnel management / shift planning on the part of the user and, in the case of fee-based licenses, for user authorisation. In addition, this data is used in anonymised form for marketing purposes.

You are not obliged to enter such data. However, if you do not provide us with this data, we are unable to provide you with our services.

As far as it may be necessary, we will use the data provided by you, aside from the fulfilment of the contract, to protect the legitimate interests of TeamUltim Software UG, in particular to assert legal claims or to take the necessary measures to ensure IT security. The legal basis for this data processing is Art. 6 para. 1 sentence 1 lit. b GDPR. If you have given your consent, the additional legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.

c) Retention period

We will delete your data as soon as it is no longer required for the purpose of processing.

However, there may be legal obligations to keep records, for example commercial or tax retention obligations according to the German Commercial Code (HGB) or the German Fiscal Code (AO). Should such obligations for retention apply, we will block or delete your data at the end of these obligations for retention.

2. Data collection when accessing the website or server log files

a) Collected data

As soon as you access this website, a technically required data collection is carried out via so-called server log files, and this data is automatically sent to our server.

The following data in particular is collected:

  • your IP address
  • the date and time of your inquiry
  • the name and URL of the retrieved file
  • website from which the access takes place (referrer URL)
  • the access status or the HTTP status code
  • your browser type
  • the language and version of your browser software
  • your operating system

b) Purpose and legal basis of data processing

This data processing is essential in terms of technology, in order to display this website and also keeps the stability and security of our website.

Legally you are not obligated to ‘communicate’ such data to us. However, you can only be given access to the website if this technically mandatory data can be collected. If you do not consent to this, you may not access our website. The legal basis for this data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. The processing of the aforementioned data is necessary for the provision of a website and thus serves to protect a legitimate interest of our company.

c) Retention period Your data will be deleted as soon as it is no longer required for the purpose of processing. The collection of data for the purpose of providing the website and the retention of data in log files is mandatory for the operation of the website. For this reason the user has no option to object. More extensive retention of data may be carried out in individual cases, provided that such retention is required by law.

3. Use of Cookies

a) Collected data

Our website uses cookies. These are small files that we send to your browser when you visit our website, and which will be saved on your device.

b) Purpose and legal basis of data processing

Cookies are used to improve the usability and effectiveness of your use of our website. Here different types of cookies are differentiated.

In addition to so-called technical cookies, which are required to be able to use the website, there are also so-called performance cookies, which provide information about the way you use the website and which, for example, help us to recognise and correct any errors on our website at an early stage. These two types of cookies do not support identification of the user.

Advertising cookies, on the other hand, enable needs-based advertising and so-called sharing cookies serve to improve interactivity with other services. The last two types of cookies support identification of the user.

The legal basis for data processing of Technical and Performance Cookies is Art. 6 para. 1 sentence 1 lit. f GDPR. If you have given your consent to the use of advertising and/or sharing cookies following a notice given to you (the so-called cookie banner), the legal basis for it is Art. 6 para. 1 sentence 1 lit. a GDPR.

Personal data processed by cookies will only be passed on to third parties if you have given us your explicit consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

c) Retention period

Your data will be deleted as soon as it is no longer required for the purpose of processing. Longer retention can be carried out in individual cases, provided that such storage is legally standardised. In the case of the cookies covered in this agreement, the data is stored for a maximum of 13 months.

4. With whom do we share the data? Does the data leave the European Union or the European Economic Area?

Your data will be transferred to external service providers for the following purposes: hosting providers (for application and database), analytics, payment processing, IT support and e-mail support. These companies are so-called contract data processors, which we have carefully selected and review regularly. They have no independent authority to decide how to handle your data, but act solely in accordance with your instructions. In addition, they are contractually obliged to comply with all necessary data protection laws in accordance with Art. 28 GDPR.

This also includes companies based outside the European Economic Area or companies who process the data outside the EU. However, please note that data processing is generally carried out at locations for which the Commission has issued an adequacy decision (Art. 45 GDPR). Should this not be the case, we will only commission such companies if they provide appropriate safeguards (Art. 46 GDPR) (e.g. agreement on an EU standard contractual clause). Thus, your data is in safe hands at all times!

Furthermore, we will only pass on your data if you have given your explicit consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.


III. Tools in Use

For the purpose of tailoring our websites to your needs, we create user profiles using a pseudonym with Google Analytics. Targeting cookies are stored on your device and read by us. This enables us to recognise and count recurring visitors as such, and to find out how often our web pages have been accessed by different users. The data processing is based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The information generated from our website by these cookies is usually transferred to a Google server in the USA and stored there. However, by activating IP anonymisation on our website, Google will first abbreviate your IP address within member states of the European Union. Only in exceptional cases will the full IP address be transferred to a Google server in the USA (an appropriate level of data protection is provided by Google’s participation in the EU-US Privacy Shield in accordance with Art. 45 para. 1 GDPR) and only then be shortened (for further information on the purpose and scope of data collection, please visit https://policies.google.com/privacy?hl=de&gl=de).

Additionally, we have entered into a contract with Google LLC (USA) for order processing pursuant to Art. 28 GDPR. Consequently, Google will use all information strictly only for the purpose of evaluating the use of our website and for compiling reports on website activity.

You may revoke the consent you have given at any time. To do so, please use one of the following options: revocation of your consent, blocking of cookie data retention in your browser settings or download the corresponding browser plugin provided by Google and install it according to the instructions here: https://tools.google.com/dlpage/gaoptout?hl=de.


IV. Your Rights as a Subject of Data Processing

As we collect and process your data, as a subject of data processing, you are entitled to certain rights:

  • Right of transparency from us. Should you exercise this right, we will inform you which of your personal data we have processed.
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to withdraw your consent (see V.)
  • Right of appeal to a regulatory authority
  • Right to object to the processing

Art. 21 GDPR allows you to object, on grounds relating to your particular situation, at any time to processing of personal data concerning your person, based on lit. e or f of Art. 6, paragraph 1.


V. Your Right to Object

You may revoke your consent to the processing of your personal data at any time with immediate effect for the future.

You can revoke your consent by sending an e-mail to office@teamutim.com or by sending a message to the contact details listed at the beginning (see I.).


VI. Concluding Remark

In case of any inconsistencies between the German language version of the data protection and privacy policy and this translation of the data protection and privacy policy, the German version of the data protection and privacy policy shall prevail.


Version: May 2020