Data Protection Policy

We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes they are used.

This data protection declaration applies to the Internet offering of fme AG – dqMan, which can be accessed under the domain https://dqman.com and the various sub-domains (“our website”).

Who is responsible and how do I reach you?

Responsible for the processing of personal data within the meaning of the EU data protection basic regulation (GDPR)

fme AG
Wolfenbütteler Straße 33
38102 Braunschweig
Germany
Email: info(at)dqman.com

Managing Director: Dirk Bode
Supervisory Board: Stefan H. Tarach (Chairman), Dr. Axel Krieger (Deputy), Dr. Markus Böhme
Commercial register at Braunschweig Local Court: HRB 5422 (Commercial register number)
VAT ID No. (sales tax ID number): DE 178236072
(hereinafter referred to as “fme”)

Data protection officer (m/f)
Philipp Herold Unternehmensberatung GmbH
Phone: +49 451 4988023
Fax: +49 451 4988024
Email: philipp.herold(at)hub24.de
Internet: www.mein-datenschutzbeauftragter.de

Thumbnail | Certificate | Mein-Datenschutzbeauftragter.de | Digital Privacy Protection

What’s this about?

This data protection declaration meets the legal requirements for transparency in the processing of personal data. This is all information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail, IP address or user behavior when visiting a website. Information where we cannot (or only with a disproportionate effort) establish a reference to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data shall be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We will inform you in the individual processing operations about the specific storage periods or criteria for storage. Independently of this, we will store your personal data in individual cases for the assertion, exercise or defense of legal claims and in the event of statutory storage obligations.

Who gets my data?

Your personal information will be shared as described below.

The website is hosted by an external service provider in Germany. We ensure that the data processing takes place exclusively in Germany. This is necessary for the operation of the website as well as for the establishment, implementation and handling of the existing user contract with the web host and is also possible without your consent.

In addition, data is passed on if we are entitled or obliged to pass on data due to legal regulations and/or official or court orders. This may in particular involve the provision of information for criminal prosecution, security purposes or the enforcement of intellectual property rights.

If your data is passed on to service providers to the extent necessary, these service providers will only have access to your personal data to the extent that this is necessary for the fulfilment of their tasks. As far as no personal reference is required for the fulfilment of the pursued purposes, your data will be pseudonymized or anonymized for further data processing. The service companies commissioned by us are obliged to treat your personal data in accordance with the applicable data protection laws, in particular the GDPR.

Your personal data is currently transferred to the following categories of service providers/recipients depending on the use of our website.

  • Web analytics service provider to analyze the use of our website by visitors
  • Provider of marketing services
  • Service providers offering a comment system
  • Recruitment of service providers
  • Group companies of fme AG

Relevant agreements on order processing have been concluded with the respective service provider of fme.

Information on the service providers we use can be found at the appropriate places within this data protection declaration (e.g. Google Analytics, Newsletter etc.).

When using our service providers, we may transfer personal data to locations in a third country, i.e. to a country outside the EU or EEA. In these cases, EU standard contractual clauses between fme and the respective service provider of fme provide sufficient guarantees for the data transfer. Therefore, please refer to the corresponding notes at the appropriate places in this data protection declaration. We do not pass on any personal data to an international organization.

Apart from the above-mentioned circumstances, we will not pass on your data to third parties without your consent.

Which rights do I have?

Under the conditions of the statutory provisions of the Basic Data Protection Regulation (GDPR) and the Federal Data Protection Act (FEDERAL DATA PROTECTION ACT), you have the following rights as a data subject:

  • Information in accordance with Art. 15 GDPR, § 34 FEDERAL DATA PROTECTION ACT about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
  • Correction according to Art. 16 GDPR of incorrect or incomplete data stored by us;
  • Deletion according to Art. 17 GDPR of the data stored with us, as far as the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • Restriction of processing in accordance with Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, we no longer require the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
  • Data transferability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data within the scope of a consent in accordance with Art. 6 para. 1 lit. a GDPR or on the basis of a contract in accordance with Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another responsible party, as far as this is technically feasible.
  • Objection in accordance with Art. 21 GDPR to the processing of your personal data, insofar as this takes place on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. The right of objection does not apply if overriding, compelling reasons for processing worthy of protection are demonstrated or if the processing is carried out for the purpose of asserting, exercising or defending legal claims. Where the right of objection does not apply to individual processing operations, this is indicated there.
  • Cancellation according to Art. 7 para. 3 GDPR of your given consent with effect for the future.
  • Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority at your usual place of residence, your place of work or our company headquarters.

How is my data processed in detail?

Personal data is only collected and processed by fme if you expressly agree to make your data available, e.g. by filling out forms or sending emails in connection with inquiries or orders for products or services.

In the context of the forms to be filled out, this data is as follows:

Request for an early bird discount

  • Full name
  • Business email
  • Company
  • Required licenses

(in the following referred to as “personal data”)

The personal data and content provided by you remain exclusively with fme, its affiliated companies and the provider. fme will only collect your data for the purposes mentioned in para. 6. Any use beyond the stated purpose requires your express consent. The same applies to the disclosure and transmission of your data to third parties.

Purpose of data collection

Personal data is processed by fme exclusively for the following purposes:

  • to get in contact with us;
  • to enable the services offered by fme;
  • for the associated correspondence with you;
  • to process your enquiry and to provide you with further advice if required;
  • Statistical evaluation of the use of our website.

For purposes other than those mentioned above, fme uses personal data only to the extent necessary to protect the legitimate interests of third parties or to avert dangers to state or public security or to prosecute criminal offences.

The personal data is stored and processed exclusively on servers in the European Union.

Provision of the website

Form and scope of the processing

When you access and use our website, we collect personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access takes place (referrer URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by ourselves, but by a service provider who, for the purpose of providing the website, processes the aforementioned data on our behalf in accordance with Art. 28 GDPR.

Purpose and legal basis

The processing is carried out in order to safeguard our predominant legitimate interest in displaying our website and to guarantee security and stability on the basis of Art. 6 para. f GDPR. The collection of data and storage in log files is mandatory for the operation of the website. There is no right of objection to the processing due to the exception according to Art. 21 para. 1 GDPR. Insofar as the further storage of log files is required by law, processing is based on Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically impossible to call up our website without providing the data.

Storage duration

The aforementioned data will be stored for the duration of the display of the website and for technical reasons for a maximum of one month.

E-Commerce and payment prodivers

Processing of data (customer and contract data)

We collect, process and use personal data only to the extent that it is necessary for the establishment, content or amendment of the legal relationship (inventory data). This is done in accordance of Art. 6 (1) lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of this website (usage data) only to enable the user to use the service.

In order to provide our service within the scope of your licenses purchased from us, we process your personal data exclusively on the basis of Art. 6 (1) lit. b GDPR for the fulfillment of the contract and the provision of our services.

The collected customer data will be deleted after completion of the order or termination of the business relationship. Any conflicting retention periods due to legal obligation (Art. 6 para. 1 lit. c GDPR) remain unaffected.

WooCommerce

We have integrated the open-source store system WooCommerce as a plugin on our website. This WooCommerce plugin is based on the WordPress content management system, which is a subsidiary of Automattic Inc. (60 29th Street #343, San Francisco, CA 94110, USA). Through the implemented functions, data is sent to, stored by and processed by Automattic Inc.

The data collected and processed by WooCommerce or Automattic may be data that you have entered in a form provided in our online store or that was collected as part of an order. In addition to e-mail address, name or address, this can also be credit card or billing information. In addition, there is further information that is automatically collected from you in so-called server log files. These are, for example, the IP address, browser information, preset language settings, and the date and time of the web access.

The use of WooCommerce is based on Art. 6 (1) lit. f GDPR in the interest of the smoothest and most convenient presentation of our webshop and to optimize our service performance. Insofar as your consent is requested for certain actions, Art. 6 (1) lit. a GDPR is the legal basis for data processing; consents can be revoked at any time for the future.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

Details can be found in the privacy policy of Automattic: https://automattic.com/privacy/?tid=331657621518 and WooCommerce: https://woocommerce.com/

Data transfer upon conclusion of the contract

If you order products from us, we will pass on your personal data to the payment service provider commissioned to process the payment. Only such data is released that the respective service provider requires to fulfill its task. The legal basis for this is Art. 6 (1) lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

Payment services

We integrate payment services from third-party companies on our website. When you make a purchase from us, your payment data (e.g. name, payment amount, account details, credit card number) are processed by the payment service provider for the purpose of payment processing. For these transactions, the respective contract and data protection provisions of the respective providers apply. The payment service providers are used on the basis of Art. 6 (1) lit. b GDPR (contract processing) and in the interest of a smooth, convenient and secure payment process (Art. 6 (1) lit. f GDPR). Insofar as your consent is requested for certain actions, Art. 6 (1) lit. a GDPR is the legal basis for data processing; consents can be revoked at any time for the future.

We use the following payment services / payment service providers within the scope of this website:

Stripe

The provider of this payment service is Stripe Payments Europe; Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”).

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

For details, please refer to Stripe’s privacy policy: https://stripe.com/at/privacy

Contact sheet

Form and scope of the processing

On our website we offer you the possibility to contact us via a provided form. The information that is collected via mandatory fields is required to process your request. In addition, you can voluntarily provide additional information that you consider necessary for processing the contact request.

When using the contact form, your personal data will not be passed on to third parties.

Purpose and legal basis

The processing of your data by using our contact form is for the purpose of communication and processing of your request based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. Insofar as your enquiry relates to an existing contractual relationship with us, processing for the purpose of fulfilling the contract is based on Art. 6 para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, but the processing of your inquiry is not possible without providing the information of the mandatory fields. If you do not wish to provide this data, please contact us by other means.

Storage duration

If you use the contact form on the basis of your consent, we store the data collected for each enquiry for a period of three years, starting with the completion of your enquiry or until your consent is recalled.

With regard to the retention period, we delete personal data as soon as they are no longer required for the fulfilment of the original purpose and there are no longer any statutory retention periods. The legal retention periods are ultimately the criterion for the final duration of the storage of personal data.

If retention periods exist, processing is restricted by blocking the data. After this period has expired, the corresponding data is routinely deleted.

Use of third party services

Bootstrap

Form and scope of the processing

We use Bootstrap CDN to properly deliver the content of our website. Bootstrap CDN is a service provided by Bootstrap which acts as a Content Delivery Network (CDN) on our website.

A CDN helps to make contents of our online offer, especially files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Bootstrap, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the above purposes and to maintain the security and functionality of Bootstrap CDN.

Purpose and legal basis

The use of the Content Delivery Network (CDN) is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimization of our online offer in accordance with Art. 6 para. 1 lit. f GDPR.

Storage duration

The concrete storage duration of the processed data cannot be influenced by us but is determined by Bootstrap. For more information, please refer to the Bootstrap CDN Privacy Policy: https://www.bootstrapcdn.com/privacy-policy/.

DataTables CDN

Form and scope of the processing

We use DataTables CDN to properly deliver the content of our website. DataTables CDN is a service provided by SpryMedia, Ltd. which acts as a Content Delivery Network (CDN) on our website.

A CDN helps to make contents of our online offer, especially files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you connect to servers of SpryMedia, Ltd. and your IP address and possibly browser data such as your user agent is transmitted. This data is processed solely for the above purposes and to maintain the security and functionality of DataTables CDN.

Purpose and legal basis

The use of the Content Delivery Network (CDN) is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimisation of our online offer in accordance with Art. 6 para. 1 lit. f GDPR.

Storage duration

The actual storage period of the processed data cannot be influenced by us, but is determined by SpryMedia, Ltd. For further information, please refer to the DataTables CDN Privacy Policy: https://cdn.datatables.net/privacy.html.

Google Analytics

Form and scope of the processing

We use Google Analytics from Google, LLC, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for statistical evaluation of our online offer. This includes, for example, the number of hits on our website, sub-pages visited and the length of time visitors spend on our website.

Google Analytics uses cookies and other browser technologies to evaluate user behaviour and recognise users.

This information is used, among other things, to compile reports on website activity.

Purpose and legal basis

We process data with the help of Google Analytics for the purpose of optimizing our website and for marketing purposes based on your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Storage duration

The actual storage period of the processed data cannot be influenced by us, but is determined by Google, LLC. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy?hl=de-DE.

Google DoubleClick

Form and scope of the processing

We have integrated components from DoubleClick by Google on our website. DoubleClick is a brand of Google, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with every impression, click or other activity.

Each of these data transfers triggers a cookie request to the browser of the person concerned. If the browser accepts this request, DoubleClick sets a cookie in your browser.

DoubleClick uses a cookie ID, which is required to complete the technical process. For example, the cookie ID is needed to display an advertisement in a browser. DoubleClick may also use the cookie ID to track which ads have already been displayed in a browser to avoid duplication. The cookie ID also enables DoubleClick to track conversions. For example, conversions are captured when a DoubleClick ad has been previously displayed to a user and that user subsequently makes a purchase on the advertiser’s website using the same Internet browser.

A DoubleClick cookie does not contain any personal information, but it may contain additional campaign identifiers. A campaign identifier is used to identify campaigns you have already been in contact with on other websites. As part of this service, Google will learn about data that is also used by Google to generate commission statements. Among other things, Google can track that you have clicked on certain links on our site. In this case your data will be passed on to the operator of Double Click, Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Further information and DoubleClick by Google’s applicable privacy policy can be found at https://www.google.com/intl/de/policies/.

Purpose and legal basis

We process your data with the aid of the Double-Click cookie for the purpose of optimizing and displaying advertising based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. You give your consent by adjusting the settings for the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. Among other things, the cookie is used to place and display user-relevant advertisements and to create reports on advertising campaigns or to improve them. Furthermore, the cookie serves to avoid multiple displays of the same advertisement. Each time you view a single page on our website that has a DoubleClick component embedded, your browser is automatically prompted by the DoubleClick component to submit data to Google for the purposes of online advertising and commissions. There is no legal or contractual obligation to provide your data. If you do not give us your consent, a visit to our website is possible without restriction, but not all functions may be available in full.

Storage duration

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google, LLC. For more information, please see the Google DoubleClick privacy policy: https://policies.google.com/privacy.

Google Fonts

Form and scope of the processing

We use Google Fonts from Google, LLC, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offering. To obtain these fonts, you connect to Google, LLC servers and your IP address is transmitted.

Purpose and legal basis

The use of Google Fonts is based on our legitimate interests, i.e. interest in a uniform provision as well as the optimization of our online offer according to Art. 6 para. 1 lit. f GDPR.

Storage duration

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google, LLC. Further information can be found in the privacy policy for Google Fonts: https://policies.google.com/privacy.

Google Tag Manager

Form and scope of the processing

We use the Google Tag Manager of Google, LLC, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through an interface and allows us to control the precise integration of services on our website and to collect data.

This allows us to flexibly integrate additional services and evaluate user access to our website.

Purpose and legal basis

The use of Google Tag Manager is based on our legitimate interests, i.e. interest in the optimisation of our services in accordance with Art. 6 para. 1 lit. f GDPR.

Storage duration

The actual storage period of the processed data cannot be influenced by us, but is determined by Google, LLC. For more information, please see the Google Tag Manager Privacy Policy: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.

Google reCAPTCHA

Form and scope of the processing

We have integrated components from Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google, LLC and enables us to distinguish whether a contact request comes from a natural person or is automated by a program. When you access this content, you connect to servers of Google, LLC, Gordon House, Barrow Street, Dublin 4, Ireland, where your IP address and possibly browser data such as your user agent are transmitted. Furthermore, Google reCAPTCHA records the user’s dwell time and mouse movements to distinguish automated requests from human ones. This data is processed solely for the above-mentioned purposes and to maintain the security and functionality of Google reCAPTCHA.

Purpose and legal basis

The use of the service is based on our legitimate interests, i.e. for protection when transmitting forms in accordance with Art. 6 para. 1 lit. f GDPR.

Storage duration

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google, LLC. For more information, please see the Google reCAPTCHA privacy policy: https://policies.google.com/privacy?hl=en-US.

LinkedIn Lead Gen Forms

Form and scope of the processing

We use Lead Gen Forms to acquire new customers. If you contact us via LinkedIn forms for lead generation, personal data (e.g. name, e-mail address or your telephone number) is stored by LinkedIn and transmitted to us. We use the data to contact you and send you targeted information about services and products. If you are a member of the LinkedIn platform, LinkedIn can assign the above-mentioned content and functions to the profiles of the users there.

For more information, please see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

Purpose and legal basis

The use of Lead Gen Forms serves to acquire new customers and to communicate with interested parties. The legal basis for the evaluation of the LinkedIn Lead Forms is your consent given with the sending of the forms. (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent for the future at any time using the contact details provided on our website.

Storage duration

We store your data that you submit to us via Lead Gen Forms for 2 years from the receipt of your personal data. After that, the personal data will be deleted, unless we are legally obliged to store it for a longer period of time or we still need your personal data to implement or process an existing contractual relationship or for verification purposes. In such cases, we will delete the relevant data after the statutory retention period has expired or as soon as we no longer need the data for the implementation or processing of an existing contractual relationship or for verification purposes.

Consentmanager CMP

The CMP solution we use (consentmanager.de) is TTDSG-, DSGVO- and ePrivacy-compliant.

General information about the presence of dqMan in social networks

We use social networks to present our company in the best possible way, to communicate with you as a user, customer or interested party and to inform you about the services we offer. You can find us on the following platforms/social networks:

  • Facebook
  • LinkedIn
  • Twitter

When using social networks, data is also processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection as in the EU cannot be guaranteed in all countries outside the EU. This may entail risks for you as a user if the data transmitted is processed in so-called third countries with an inadequate level of data protection and privacy.

This makes it difficult to enforce the user rights known to us. It is also possible that the provider in the third country does not process your data in your interest. Certain providers in the USA have certified themselves under the so-called Privacy Shield Agreement – a data protection agreement between the USA and the EU. These providers are obliged to comply with EU data protection standards.

The processing purposes of social networks are usually different from ours. For example, the data collected from you in social networks is generally processed for the purposes of market research, advertising and the creation of user profiles for personalized advertising (e.g. Facebook, Google etc.).

In order to achieve this, cookies are used to record user behavior and enable the creation of a profile. In the case of Facebook, a user profile is also created for people who do not have a registered account on Facebook. A list of the processing purposes of the user data provided can be found in the data protection and data security notes of the respective providers. You can limit the creation of your profile to a certain extent by making appropriate settings in your user account. For the exact procedure, please read the data protection information of the respective provider.

Facebook fan page

When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is available in the form of cookies on your PC. This information is used to provide us, as operators of Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more information about this at the following link: http://de-de.facebook.com/help/pages/insights .

It is not possible for us to draw conclusions about individual users from the statistical information that is transmitted to us. We use such information only to meet the interests of our users and to continuously improve and secure the quality of our online presence.

Through our fan page we collect your data only to enable you to communicate and interact with us. This collection generally includes your name, message content, comments, and the profile information that you voluntarily and “publicly” provide.

The processing of your personal data for the above-mentioned purposes is based on our legitimate business and communicative interest in the provision of an information and communication channel in accordance with Art. 6 para. 1 lit. f GDPR. If you as a user have given your consent to the respective provider of the social network to process your data, the legal basis for processing extends to Art. 6 para. 1 lit. f, a, Art. 7 GDPR.

Because the actual data processing is done by the social network provider, only this provider has completely free access to your data, which we do not have. Therefore, only the provider can directly take and implement appropriate measures to fulfil your rights of use (request for information, request for deletion, objection, etc.). An assertion of the corresponding rights is therefore most effective if it is directed directly against the respective provider.

Should you nevertheless require assistance in this matter, please do not hesitate to contact us.

Rights of data subjects

Facebook’s “Page Controller Addendum” shows the rights and obligations to be observed in relation to Facebook, which can be found behind this link: https://www.facebook.com/legal/terms/page_controller_addendum .

If you request information, we will forward it to Facebook and ask you to fill out the corresponding contact form at: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact%2F308592359910928 .

Below you will find a detailed description of how the data processing is carried out by the providers and what options you must refuse your consent via the corresponding links to the providers’ websites: