pobvol Software Services

Software solutions developed with Microsoft 365


Home   Imprint   Cookies   Privacy Policy   en/de

Privacy Policy

My offers and websites are only directed to companies with business location in Germany! How I handle your personal data, I explain in my privacy statement. The applicable data protection law, in particular the General Data Protection Regulation (DSGVO), shall apply. With the exception of the service providers and third-party vendors that I name in this privacy policy, I do not share any data with third parties. If you have any questions, please feel free to contact me.


Responsible


Responsible for data processingInge Baumann-Pobloth


Address:
Inge Baumann-Pobloth
pobvol Software Services
Wolfskaulstrasse 84
66292 Riegelsberg, DE


Data protection officer is: Volker Pobloth
E-Mail: kontakt@pobvol.com

Please note: The use of my contact details by third parties to send unsolicited advertising and information materials is hereby expressly excluded! I expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam mails!

Last updated on November 9th, 2024
Translated with Microsoft Translator☯


Load PDF >


Definitions


Here, in the statutory wording, the term denotes:

"controller" means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

"processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

"personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

"processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

"Restriction of processing" means the marking of stored personal data with the aim of limiting (blocking from normal processing) their future processing.

"Consent" of the data subject means any freely given specific, informed and unambiguous indication of his or her wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to personal data relating to him or her being processed.

"Collection" means the obtaining of personal data, either with the involvement of the data subject or with the involvement of a third party.

"profiling" means any automated processing of personal data consisting in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location.


General information


Provision of data


As a matter of principle, I collect personal data directly from the persons concerned who provide it to me for my purposes, i.e. who make it available to me with their cooperation.

I use Microsoft 365 Business to manage customer relationships. This means that my business data is stored in Germany – demonstrably secure and reliable.
Data protection and security with Microsoft 365☯

The legal basis for the data processing is Art. 6 Abs. 1 UAbs. 1 Buchst. f) DSGVO. My legitimate interest is to respond to the requests of my customers. Additional legal basis is Art. 6 Abs. 1 UAbs. 1 Buchst. b) DSGVO, if the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.
If the provision of data is necessary for the conclusion of a contract or if the user is obliged to provide personal data, I will inform the user about this circumstance and the consequences of not providing the data in this privacy policy.
Exceptionally, I may receive personal data from a third party without the involvement of the data subject (so-called "third-party collection"). In this case, I will provide the data subject with a separate notification at the times required by law in the case of the legal obligation under Article 14 of the GDPR. This concerns the categories of personal data that I have collected from the third party about the data subject as well as the indication of the source from which these data originate, if applicable whether they originate from publicly accessible sources. 


Data security


For the management of customer relationships and the necessary data processing, I use Microsoft 365 Business. This means that my business data is stored secure and reliable.
Data protection and security with Microsoft 365☯

I also use appropriate technical and organizational security measures to protect the personal data of the data subject that we have collected against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. My security measures are continuously improved in line with technological developments. 


Storage period


I store the personal data collected by me for as long as it is necessary for my purposes or the person concerned has consented to storage beyond this in accordance with the provisions of the General Data Protection Regulation.

In the regulations of this data protection information, I have already provided information at various points on the storage period or the criteria for determining this period in a sector-specific manner.

The personal data collected for the purposes of a contract will also be stored until the expiry of the statutory retention obligations arising for my activities. Thereafter, they will be deleted, unless the processing is still necessary for the fulfillment of a legal obligation to which I am subject.

The retention and documentation obligations under tax and commercial law that come into consideration provide for a retention obligation of six or ten years for the commercial documents referred to in Sections 238 and 257 of the German Commercial Code. Corresponding provisions are contained in Section 147 of the German Fiscal Code (Abgabenordnung) for the retention of the documents referred to therein.

The expiry of the retention period does not automatically result in a deletion obligation, as there may still be a legitimate interest in archiving, e.g. in order to be able to provide information in the event of legal disputes. This also applies to cases of preservation of evidence under the statute of limitations. According to Sections 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.

In the area of the provision of telecommunications services, we may be subject to storage obligations in accordance with § 113b of the Telecommunications Act.


Data transfer to third countries


In principle, there is no intention to transfer personal data to a third country (a country outside the European Union or the European Economic Area). I may use service providers and third-party service providers located in countries outside the European Union and the European Economic Area. The transfer of personal data to such third countries is based on an adequacy decision of the European Commission (Art. 45 GDPR) or I have provided appropriate safeguards to ensure data protection (Art. 46 GDPR). Insofar as an adequacy decision of the European Commission exists for the transfer of data to a third country, I point this out in this privacy policy. In all other respects, users can obtain a copy of the appropriate safeguards, insofar as this is not already contained in the data protection declarations of the service providers or third-party providers, from us.
I use Microsoft 365 Business Basic for data processing. This means that my business data is stored in Germany.
Data protection and security with Microsoft 365☯


Automated decision making


Automated decision making does not take place.If I should carry out automated decision-making including profiling in the future, I will inform you in an updated version of this privacy policy about this circumstance, about the logic involved as well as the scope and the intended effects of such processing.


Processing for other purposes


As a matter of principle, data are only processed for the purposes for which they were collected.If, exceptionally, they are to be further processed for other purposes, I will inform you of these other purposes prior to such further processing and provide all other relevant information (Art. 13 (3) DSGVO).


Websites


My websites are only directed at companies with their place of business in Germany.
For the use of my websites is neither legally nor contractually required to provide personal data.


Website hosting


My web pages are operated by the provider ALL-INKL.COM - Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf.
Privacy policy of ALL-INKL.COM☯

When my web pages are simply called up by the program used by the visitor (user) to display Internet pages (the so-called "web browser" or simply "browser"), which the user has installed on the terminal device used by him, the following information is transferred to the web server used for the duration of the visit to the web pages:



The processing of this data by my Internet provider is necessary to deliver the websites to the visitors and to optimize them for their devices. The storage in log files serves to improve the security of my website (e.g. protection against DDOS attacks). The legal basis for the processing is Art. 6 Abs. 1 UAbs. 1 Buchst. f) DSGVO. Our legitimate interest lies in the provision of the website and the improvement of website security. Log files are automatically deleted after 7 days.


Secure communication

For the protection of the communication visitors of my web pages can reach these by means of https protocol.The connection is thus encrypted (Certificate SHA-256 with RSA-encryption provided by R3 Let's Encrypt US). This encrypts pages that users view before they are transmitted over the Internet. Encryption makes it difficult for unauthorized people to view information transmitted between computers. Therefore, it is unlikely that anyone read the page when it was transmitted over the Internet. 


Cookies, tracking pixels and mobile identifiers


If JavaScript and cookies are enabled in the browser of the website visitor, then the website "cookies.html" is called by JavaScript. As soon as the website visitors confirm that they have read the notice by clicking on the Ok button, a cookie is created on the visitors' devices. This allows the websites to remember that the cookie notice (cookies.html) has been displayed. Otherwise, the notice would be displayed again and again. This is therefore a technically necessary cookie. Other cookies are not used. If JavaScript and cookies are disabled, then the websites work fine. The website cookies.html is then simply not called up automatically!

Cookies may be necessary for the websites to function properly. The legal basis for the use of such cookies is Art. 6 (1) UAbs. 1 lit. f) DSGVO. My legitimate interest is the provision of the functions of my website.

Note on the technologies: These can be cookies, tracking pixels and/or mobile identifiers. The recognition of a terminal device can basically take place for different purposes. It may be necessary to provide functions of a website, for example to provide a shopping cart. In addition, the aforementioned technologies may be used to track the behavior of users on the site, for example for advertising purposes. Which technologies we use in detail and for which purposes is described separately in this privacy policy. For a better understanding, we explain below in general terms how cookies, tracking pixels and mobile identifiers work: 



Cookies may be necessary for the websites to function properly. The legal basis for the use of such cookies is Art. 6 (1) UAbs. 1 lit. f) DSGVO. My legitimate interest is the provision of the functions of my website.

Cookies that are not necessary for the operation of my website could be used to make my offer more user-friendly or to be able to track the use of my website. The legal basis here depends on whether the consent of the user must be obtained or I can invoke a legitimate interest. The user can revoke a given consent at any time, among other things, through the settings in his browser.

The user can prevent and object to the processing of data using cookies by making the appropriate settings in his browser. In case of objection, not all functions of the website may be available. I have tested the websites with a cookie filter and could not detect any restrictions.

I will inform you separately in this privacy policy about further possibilities to object to the processing of personal data by cookies. Where appropriate, I provide links with which an objection can be declared. These are labeled "Opt-Out". 


Contact via the inquiry form


In the event of contact, I process the user's details, date and time for the purpose of processing the enquiry, including any queries.
The legal basis for the data processing is Art. 6 Abs. 1 UAbs. 1 Buchst. f) DSGVO. My legitimate interest is to respond to the requests of my users.

Additional legal basis is Art. 6 Abs. 1 UAbs. 1 Buchst. b) DSGVO, if the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.

The data will be deleted as soon as the request, including any queries, has been answered. I check at regular intervals, but at least every two years, whether data accrued in connection with contacts are to be deleted.

I send requests via SMTP with spam protection against bots. For this purpose, the PHPMailer component was installed by me. Your request and your email address will not be transmitted to third parties. 


Other third-party services


Creation of the websites: The web pages were created by me with the tool „Webbaukasten von ALL-INKL.COM". With the tool the needed HTML pages, CSS definitions, JavaScript files, images and documents were compiled online in a project.

Images on the web pages: I only use my own pictures. Third-party images are not used.

Embedded Videos: I do not use videos from service providers on my websites.

Social media plugins: I do not use any mechanisms that automatically transmit information to social media service providers when you visit my websites.

Online advertising: I do not use tools for online advertising.

Contents of other providers: For contents of other providers, which are referred to via external links from my web pages on www.pobvol.com, the information there on data protection applies. External links are marked with the following symbol: ☯. By clicking on the external link, the user leaves my website and changes to the data protection responsibility of the linked site. In particular, these providers are responsible for their own content and for the data processing there.


Rights of data subjects


If personal data of the user is processed, he is a data subject within the meaning of the GDPR. Data subjects are entitled to the following rights:

Right of access: The data subject has the right to obtain confirmation as to whether personal data concerning him or her are being processed. Where personal data are processed, the data subject shall have the right to obtain, free of charge, access to and a copy of the personal data undergoing processing.

Right to rectification: The data subject shall have the right to obtain the rectification without delay of inaccurate or incomplete personal data.

Right to erasure: The data subject has the right to request, in accordance with the law, the immediate erasure of personal data concerning him or her.

Right to restriction of processing: The data subject has the right, in accordance with the law, to request restriction of the processing of personal data concerning him or her.

Right to data portability: The data subject has the right to obtain the personal data concerning him or her in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.

Right to object: The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her carried out on the basis of Article 6(1)(a)(e) or (f) of the GDPR, including to any profiling based on those provisions. If personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing; this also applies to profiling where it is related to such direct marketing.

Right of withdrawal: The data subject has the right to withdraw his or her consent at any time.

Right to complain: The data subject has the right to complain to a supervisory authority. 


Amendment of this privacy information


This general data protection information is subject to regular review with regard to the need for changes. The respective previous version will be archived by us in the event of replacement by a new version.