1. Introduction
When using this offer, your personal data will be processed. This is done in compliance with legal requirements and transparent. For this reason, you will find our data protection information in accordance with Art. 13 GDPR.2. Controller and contact
The controller is the person designated as responsible in the imprint (laware.de/legal). You can contact supinfoportmarketing@lawarerental.de at any time.3. Accessing websites: Standard data
When you access the website and every app displayed in the browser, your browser automatically sends personal data to our server ("Server Logs").These are mainly technical data:
- the address (URL) of the visited website
- Browser and browser version
- the operating system used
- the address (URL) of the previously visited page (Referrer URL)
- the host name and IP address of the device from which access is made
- Date and time of call
Server logs will be according to Art. 6 (1) (f) GDPR (legitimate interest) is processed to allow the correct presentation of websites.
Server logs are saved for 30 days
The processing of server logs is not required by law. However, processing is necessary if you want to use Laware services.
You can hide your data by configuring your browser accordingly or using a VPN service.
4. Use of Laware Apps: Security
For security reasons, personal data are collected to identify and prevent suspicious login activities ("Security Data").These are mainly:
- Login time
- User account ID
- IP address
Server logs will be according to Art. 6 (1) (b) GDPR (contract) is processed to ensure the security of the service.
The data is stored for a maximum of 30 days.
The processing of server logs is not required by law. However, processing is necessary if you want to use Laware services.
5. Accessing websites: Analysis
On the Laware websites, including the apps, Laware uses the tool "Matomo" (matomo.org). This tool uses the server logs mentioned under 3. to generate analysis of the use of the websites ("Analysis Data").Matomo is configured for data protection:
- The IP address is shortened by the last 2 bytes. A location tracking is thus only possible inaccurately.
- Cookies are disabled.
- The tool is hosted on-premise. The data is therefore not sent to another server, e.g. Matomo.
Identification of a specific user is impossible for Laware.
Server logs and analysis data are processed according to Art. 6 (1) (f) GDPR (legitimate interest) is processed to identify and troubleshoot errors in the services, as well as to improve the products.
Detailed visitors logs older than 180 days are deleted. Aggregated reports are deleted after 12 months. The deletion routine is executed weekly.
The processing of analysis data is not required by law. If you use Laware services, this will take place automatically. You can technically limit or prevent tracking on client side, e.g. by using a VPN service.
6. Contact via email or contact form
We process your personal data (e.g. e-mail address, name, content of correspondence and metadata via correspondence), if you contact Laware via e-mail or contact form or if we send you emails, e.g. to send login tokens (e-mail data).The legal basis in this case is our legitimate interest in the processing of requests (Art. 6 (1) (f) GDPR) or our contract (Art. 6 (1) (b) GDPR).
E-mail data is collected and processed by the web hosting provider used (see section: Disclosure to third parties).
E-mail data will be stored for up to 10 calendar years if they fall under appropriate commercial and tax retention periods. They shall be kept for 3 calendar years if they are required for the establishment or defence of legal claims. In the event of legal disputes, possibly longer. E-mails for sending technical data (e.g. login tokens) are not stored in the original form. Only the details of the technical process are kept as long as this is necessary to ensure safety.
Email data is required when we communicate via email. At any rate, this is contractually prescribed in the event that we need to contact you for clarification of legal matters. In addition, we may be legally obliged to give you good explanations. If you do not want to provide the data, we cannot contact us by email.
7. Laware Account
We process your personal data, e.g.- e-mail address,
- name,
- your profession (optional),
- physical address,
- technical IDs,
- access tokens,
- License data,
- Content of the contract and
- information on the time of conclusion of the contract and its circumstances;
- Passwords in hashed form
When you create an account with Laware to use Laware Apps and Services ("Account Data").
The legal basis is the implementation of our contract with you (Art. 6 (1) (b) GDPR).
Account data is collected and processed by the web hosting provider used (see the section: Disclosure to third parties).
Account data is stored as long as its respective purpose requires: master data (e-mail address, address, name etc.) and contract data (licensing data, contractual contents and information on the conclusion of the contract) are stored up to 10 years after conclusion of the contract if this is necessary for tax reasons, otherwise up to 3 years after the end of the contract. The password hash is deleted if the user no longer wants to access its content data and services on the condition of the contract. Technical IDs are stored as long as they are required to maintain records such as documents. IDs that are created when the user uses our service are stored as long as the respective record with which they are linked. From the access tokens a limited number is stored and older tokens deleted when new ones are created. Regardless of the regular storage period, account data is stored as long as a user uses it within the service and beyond the use of the service in the form of a backup (up to 6 months).
The collection of the data mentioned is necessary for a conclusion of the contract, unless indicated above as optional. Without this data, laware cannot offer you any services.
8. Versiony
In Versiony, personal data is mainly processed to enable cooperation on documents. These data are:- User IDs (e.g. to assign comments to people)
- technical IDs,
- all data linked to the IDs (e.g. time stamp),
- content transmitted by the user independently ("Versiony Data")
The legal basis is the implementation of our contract with you (Art. 6 (1) (b) GDPR).
Versiony data is saved as long as a user uses it within the service and stored beyond the use of the service in the form of a backup (up to 6 months).
The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
9. Versiony translations
Per se, the Versiony Translation Service is not intended to process personal data. Nevertheless, certain data can provide conclusions on natural persons. This includes:- technical IDs,
- all data linked to the IDs (e.g. time stamp),
- Content transmitted by the user (“translation data”)
The legal basis is the implementation of our contract with you (Art. 6 (1) (b) GDPR).
Translation data is transmitted for a volatile moment during translation, but not stored on the translation server.
The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
10. Legal center
When users log in to the Legalcenter to adjust settings, no personal data will be processed that go beyond server logs (see 3.).If the Link-Shortener function is used, no personal data will be collected. The statistics offered are composed of:
- Link URL
- call time
11. Cookies
Laware only uses cookies that are essential for the use of apps and services. Cookies are only set if they are actually required (e.g. when the language is changed). These are currently:Permanent cookies:
- Cookies to recognize the user after login
Session Cookies (is deleted when the browser window is closed):
- Language cookies to set language settings
The legal basis for setting and reading cookies is Art. 6 (1) (b) GDPR if a contract with the user exists. Otherwise, the legal basis is our interest in ensuring users with the most barrier-free user experience possible.
Session cookies are stored for the duration of the browser session. Permanent cookies remain stored until the user logs out or the session is overwritten due to too many logins.
The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
Analyses based on cookies are not carried out.
12. Disclosure to third parties
Microsoft is responsible for the storage of account data (e-mail, name and other data). Laware does not transfer personal data to Microsoft, but only provides a technical interface.
The legal basis is the implementation of our contract with you (Art. 6 (1) (b) GDPR).
The data is only used for the comparison and not additionally stored.
The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
- your LinkedIn profile information (name, profession, company, profile, etc.),
- Interactions with our site (Likes, Comments, News, etc.),
- Statistical data on the use of our site (e.g. number of page views, range).
We process your personal data for the following purposes:
- To maintain our corporate presence on LinkedIn,
- To interact with LinkedIn users and answer requests,
- To conduct analyses on the use and scope of our LinkedIn page,
- For communication via LinkedIn, e.g. for message requests.
The legal basis for the processing of personal data is our legitimate interest in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest lies in the effective presentation of our company and communication with LinkedIn users.
Linkedin is jointly responsible for the purposes of data protection law with laware. The joint control agreement can be found here: legal.linkedin.com/pages-joint-controller-addendum. For more information on data protection at Linkedin, please visit: de.linkedin.com/legal.
The data stored by us for the above reasons will be deleted as soon as they are no longer required for the purposes pursued and there are no further legal bases, such as statutory or contractual retention periods. If you contact us via provided functions (e.g. comment function), we only process your data as long as they are visible to us. You can control visibility yourself by deleting the corresponding content, such as comments or reviews on our LinkedIn page.
The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
- Identification and contact data (name, email address, invoice/delivery address)
- Payment and transaction data (subscription ID, transaction number, payment status, cash tokens)
- Test and verification data (risk testing, fraud prevention, credit or penalty list matching)
- Device, usage and metadata (IP address, time stamp, technical protocols related to payment)
A full list can be found at www.paypal.com/de.
Your personal data is processed by laware for the following purposes:
- Completion and settlement of subscription contracts (creation, administration and renewal of subscriptions)
- Assignment of payments, accounting and accounting
- Customer communication on payment and subscription topics
- Enforcement and defence of legal claims, fraud and abuse prevention
Legal basis of processing:
- Art. 6 (1) (b) GDPR for payment processing and subscription management
- Art. 6 (1) (c) GDPR (legal obligation) for commercial and tax retention
- Art. 6 (1) (f) GDPR (legitimate interest in secure and efficient payment processing and fraud prevention)
PayPal is independent controller: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L‐2449 Luxembourg. Laware is responsible for its own contract and communication processing; Recipients can be accounting/tax service providers, banks and payment service providers. PayPal may transmit data to affiliates and service providers and to third countries; PayPal uses its own data protection guarantees (details in the PayPa privacy policy: www.paypal.com/de)
Data will be deleted as soon as they are no longer required for these purposes and no further statutory retention obligations exist. Commercial and tax documents shall be kept according to the applicable time limits
The provision of the payment data is necessary for the conclusion and settlement of a subscription by PayPal. There are no disadvantages if PayPal is not used; in this case, only this payment method is not available.
13. Automatic decision making and profiling
No automated decision-making or profiling takes place.14. Your rights
You have certain rights under applicable data protection law:- You have the right to access your personal data.
- If the conditions are met, you have a right to rectification, deletion, restriction of processing and data transmission.
- You may also object to processing.
- If the processing is based on your consent, you have the right to revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until revocation.
- You can complain to a supervisory authority at any time.