inventcom GmbH, Nordendstrasse 55, DE-80801 Munich (hereafter called ‘inventcom’) herewith informs about the processing of personal data for which inventcom is responsible in the sense of the EU General Data Protection Regulation (GDPR).
Apart from sending us a letter, you may contact us at any time via privacy[at]inventcom[dot]net. You can reach our data protection officer by sending an e-mail to privacy[at]inventcom[dot]net or by sending a letter to inventcom GmbH, Privacy, Nordendstrasse 55, DE-80801 Munich.
Below we have compiled the most important information on typical data processing for you, broken down by groups of data subjects. For certain data processing operations, which only concern specific groups, the information requirements are fulfilled separately. Where the term "data" is used, only personal data within the meaning of the GDPR is meant.
All Website Visitors
Customers and Respective Contacts
Communication Partners and Externals
1 All Website Visitors
1.1 Server protocol data
Our web servers process a series of data for each request, which your browser automatically transmits to our web servers. This data comprises the IP address currently assigned to your device, the date and time of the request, the time zone, the specific page or file called up, the http status code and the amount of data transferred. Additionally, the website from which your request came, the browser used, the operating system of your end device and the set language. The web servers use this data to display the contents of this website in the best possible way on your device.
1.2 Web Analysis with Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. IP anonymization is activated for this website, meaning Google will shorten your IP address within the European Union or in another contracting state to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
Google will use this information as a processor according to Art. 28 GDPR to evaluate your use of the website, to compile reports on the website activities and to provide the website’s operator with further services connected with the use of the website and the internet. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
1.3 Purpose of Data Processing
The purpose of data processing is to present inventcom on the internet and to communicate with interested parties, customers and business partners. The purpose of evaluating user behavior on the website is to design the website in line with their requirements.
1.4 Legal Basis
The legal basis for processing is Art. 6 (1)(b) GDPR (contract of use for the website). The legal basis for the analysis of user behavior is Art. 6 (1) (f) GDPR (legitimate interest, namely the demand-oriented design of the website).
1.5 Protocol and Communication Data
Protocol and communication data will not be transferred to third parties unless special circumstances have arisen. If a criminal offence is suspected or in the course of an investigation, data may be transferred to the police and the public prosecutor's office. We use service providers to process orders for the provision of our services, in particular for the provision, maintenance and servicing of IT systems.
1.6 IP Addresses
IP addresses are anonymized after 24 hours at the latest. Pseudonymous user data is deleted after a period of six months.
The use of the website is not possible without disclosure of personal data, such as the IP address. Communication via the website without providing data is not possible. The use of the website is also possible if the pseudonymous user analysis was denied.
2 Customers and Respective Contacts
2.1 Purpose of Data Processing
We process your data for the purpose of performing the obligations stemming from our contractual relationship. This also includes consulting, support and information about product innovations and new products.
2.2 Legal Basis
The legal basis for processing the data of customers who are natural persons is Article 6 (1) (b) GDPR (contract) and Article 6 (1) (c) GDPR (legal obligations). The legal basis for the processing of contact data for customers who are not natural persons is Article 6 (1) (f) GDPR (legitimate interest, namely communication with the customer). The legal basis for information on products is Article 6 (1) (f) GDPR (legitimate interest, namely advertising).
2.3 Data Recipients
Banks may be recipients of data for the processing of payments. In individual cases, data may be transferred to debt collection service providers, lawyers and courts. We also use service providers to process orders for the provision of our services, in particular for the provision, maintenance and servicing of IT systems.
2.4 Storage of Data
All data relevant to contracts and book keeping shall be stored for a period of ten calendar years after the contract’s end in accordance with tax and commercial law retention periods.
2.5 Provision of Data
Provision of data is obligatory for customers based on statutory and contractual regulations. The contractual relationship cannot be established and carried out without providing data.
3 Communication Partners and Externals
3.1 Purpose of Data Processing
The purpose of the processing is the preparation and execution of a contractual relationship or other communication.
3.2 Legal Basis
With respect to contracts with natural persons, the legal basis for processing is Art. 6 (1) (b) GDPR (contract or contract initiation), whereas for contracts with legal persons Art. 6 (1) (f) GDPR (legitimate interest, namely communication with contact persons relevant to the contract) and Art. 6 (1) (c) GDPR (statutory obligations, in particular tax and commercial law provisions) apply. If just communication concerned, the legal basis is Article 6(1) (f) GDPR (legitimate interest, namely documentation of communication processes).
3.3 Data Recipients
Contact and contract data can be transmitted to other service providers, business partners as well as offices and authorities if necessary for the execution of the contract or order. We also use service providers to process orders for the provision of our services, in particular for the provision, maintenance and servicing of IT systems.
3.4 Storage of Data
Data of contract partners and service providers shall be deleted ten calendar years after termination of the contract or order.
3.5 Processing of Data
The processing of contact data on part of the service providers and business partners is necessary to execute the contract or order. If the data is not provided, the communication may be considerably impaired.