<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=7444762&amp;fmt=gif">
Solutions
Products
Resources
Company
Partners
Request a demo

Privacy policy

We understand the importance of any personal data you entrust with us. We see it as one of our most important tasks to ensure the confidentiality of your data. In accordance with the General Data Protection Regulation (GDPR) enacted on 5/25/2018, we are also complying with our duty to provide information when collecting personal data, to transparently report the nature, scope and purpose of personal data collected, and inform you about the rights to which you are entitled.

 

1. Contact details of controller

Controller within the meaning of the General Data Protection Regulation is:

DocuWare GmbH
Planegger Str. 1
82110 Germering
Phone: +49 89 894433-0
Email: docuware@docuware.com

 

Appointed as Data Protection Officer:

Stephan Hartinger
Coseco GmbH
Phone: +49 8232 80988-70
Email: datenschutz@coseco.de

 

2. Which sources are used to collect personal data?

We process personal data that we receive directly from our customers as part of our business relationship. In addition, we process personal data that we have received from other companies, e.g. for the execution of orders, for the performance of contracts or on the basis of your consent. Relevant personal data may include:

Trade Shows/Events

As part of a trade shows/events, we collect data (title, surname, first name, job title, company, street, postal code, city, email, telephone number, applicable industry information) – basic information which we would use to contact you again.

 

3. What is your data processed for (purposes) and on what legal basis?

We process the aforementioned personal data in accordance with provisions of the EU General Data Protection Regulation (GDPR) and Federal Data Protection Act (BDSG):
When processing personal data, we obtain the consent of the data subject; Art. 6 Para.1 Lit. a) of the GDPR serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 Para.1 Lit. b) of the GDPR serves as the legal basis. This provision also covers processing operations that are necessary for the performance of pre-contractual measures.
If processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1), lit. c) of the GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1), lit. f) of the GDPR serves as the legal basis for the processing. The legitimate interest of our company lies in the performance of our business activities.

 

4. Disclosure of data to third parties

Within our company, only those persons and entities receive your personal data that need it to fulfill our contractual and legal obligations.
We transmit data to third parties if we need it to fulfill a contractual obligation or if you have consented to the transmission. In our example of a trade show, to contact you with information on DocuWare products or services by a partner company.
Within our group of companies, your data may be transferred to certain companies if they contribute to the fulfillment of a contractual obligation.
Within our group, a transfer can be made to the following companies:

• DocuWare GmbH
• DocuWare Europe GmbH
• DocuWare Ltd., UK
• DocuWare SARL, France
• DocuWare S.L., Spain
• DocuWare Corp, USA

In addition, we transfer data to third parties if there is a legal obligation to do so. This is the case if state institutions (e.g. authorities and offices) request information in writing, there is a court order or a legal basis allows the disclosure. A further transfer to third parties, beyond those within the scope of the purposes mentioned under point 3, is not granted.

 

5. Transfer of data to third countries

We transfer personal data to service providers or to companies in our group of companies outside the Europe and located in the USA. The level of data protection is guaranteed by EU standard contractual clauses.

 

6. Storage period of data/deletion periods

We process and store your personal data as long as it is necessary for the fulfilment of our contractual obligations as well as for all other purposes mentioned in point 3 or as provided for by the retention periods provided for by law.
If the data is no longer required for the fulfilment of contractual or legal obligations, it will be regularly blocked for further processing in accordance with the statutory provisions or deleted after three years.

 

7. Data protection rights of the data subject

If you have any questions about your personal data, you can always contact us in writing: dataprotection@docuware.com
You have the following rights under GDPR:

• The right to information (sub-item Art. 15 GDPR)
• The right to rectification (Art. 16 GDPR)
• The right to erasure (Art. 17 GDPR)
• The right to restriction (Art. 18 GDPR)
• The right to data portability (Art. 20 GDPR)
• The right to object (Art. 21 GDPR)
• The right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG)
• The right to revoke consent under data protection law (Art. 7 para. 3 GDPR)

 

8. Legal or contractual requirements for the provision of personal data and possible consequences of failure to provide such data

We hereby point out that the provision of personal data is required by law in certain cases (e.g. tax regulations) or may result from contractual provision (e.g. information on the contractual partner). For example, it may be necessary for the conclusion of a contract that the data subject/contractual partner must provide their personal data so that this request (e.g. order) can be processed at all.
An obligation to provide personal data arises primarily when a contract is concluded. If no personal data is provided in this case, the contract cannot be concluded with the person concerned. Before providing personal data by the data subject, the data subject may contact our data protection officer or controller. The data protection officer or controller will then inform the data subject whether the provision of the required personal data is required by law or contract or necessary for the conclusion of the contract and whether an obligation arises from the concerns of the data subject to provide the personal data or what the consequences are for the data subject of not providing the requested data.

 

9. Legal basis of automated decision-making (including profiling)

As a responsible company, we do not use automatic decision-making or profiling in our business relationships.