deen
download latest PDF-version
Data protection information Laware
effective date 14.12.2024 - translation
 
1.
Introduction
2.
Controller and contact
3.
Description of processing activities
4.
Disclosure to third parties
5.
Automatic decision making and profiling
6.
Your rights
7.
Change of data protection information
8.
Changelog
1.
Introduction
  When using this offer, your personal data will be processed. This is done in compliance with statutory requirements and transparent. For this reason, you will find our data protection information in accordance with Art. 13 GDPR.
2.
Controller and contact
  The person responsible is the person designated in the legal notice (laware.de). You can contact supadminport@laware

consulting

.de at any time.
3.
Description of processing activities
  Below you will find information about the individual processing operations when using laware services:
3.1
Accessing websites: Standard data
  When you access the website and every app displayed in the browser, your browser automatically sends personal data to our server ("Server Logs").

These are mainly technical data:

  • the address (URL) of the visited website
  • Browser and browser version
  • the operating system used
  • the address (URL) of the previously visited page (Referrer URL)
  • the host name and IP address of the device from which access is made
  • Date and time of call

Server logs will be processed according to Art. 6 (1) (f) GDPR (legal interest) to allow the correct presentation of websites.

The data is collected and processed by the web hosting provider used (see the section: Disclosure to third parties).

Server logs are processed and stored anonymously only during the specific call.

The processing of server logs is not required by law. However, processing is necessary if you want to use Laware services.

You can hide your data by configuring your browser accordingly or using a VPN service.
3.2
Accessing websites: Analysis
  On the Laware websites, including the apps, Laware sets the tool "Matomo" (matomo.org). This tool uses the server logs mentioned under 3.1 to generate analysis of the use of the websites (" Analysis Data").

Matomo is configured for data protection:
  • The IP address is shortened by the last 2 bytes. A location tracking is thus only possible inaccurately.
  • Cookies are disabled.
  • The tool is hosted on-premise. The data is therefore not sent to another server, e.g. Matomo.

Identification of a specific user is impossible for Laware.

Server logs and analysis data are processed according to Art. 6 (1) (f) GDPR (legal interest) is processed to identify and troubleshoot errors in the services, as well as to improve the products.

Detailed visitors logs older than 180 days are deleted. Aggregated reports are deleted after 12 months. The deletion routine is executed weekly.

The processing of analysis data is not required by law. However, if you use Laware services, this will take place automatically. You can technically limit or prevent tracking on client side, e.g. by using a VPN service.
3.3
Contact via e-mail or contact form
  We process your personal data (e.g. e-mail address, name, content of correspondence and metadata about correspondence), if you contact Laware via e-mail or contact form or if we send you emails, e.g. to send login tokens (" e-mail data subquot;).

The legal basis in this case is our legitimate interest in the processing of enquiries (Art. 6 (1) (f) GDPR) or our contract (Art. 6 (1) (b) GDPR).

E-mail data is collected and processed by the web hosting provider used (see section: Disclosure to third parties).

E-mail data will be kept for up to 10 calendar years if they fall under corresponding commercial and tax retention periods. They shall be kept for 3 calendar years if they are required for the establishment or defence of legal claims. In the event of disputes, it may be longer. E-mails for sending technical data (e.g. login tokens) are not stored in the original form. Only the details of the technical process are kept as long as this is necessary to ensure safety.

Email data is required when we communicate via email. At any rate, this is contractually prescribed in the event that we need to contact you for clarification of legal matters. In addition, we may be legally obliged to give you good explanations. If you do not want to provide the data, we cannot contact us by email.
3.4
Laware account
  We process your personal data, e.g.

  • e-mail address,
  • name,
  • your profession (optional),
  • physical address,
  • technical IDs,
  • access tokens,
  • License data,
  • content of the contract and
  • information on the time of conclusion of the contract and its circumstances;
  • Passwords in hashed form

, if you create an account with Laware to use Laware Apps and Services (" Account Data").

The legal basis is the implementation of our contract with you (Art. 6 (1) (b) GDPR).

Account data is collected and processed by the web hosting provider used (see the section: Disclosure to third parties).

Account data is retained as long as its respective purpose requires: master data (e-mail address, address, name, etc.) and contract data (licensing data, contractual contents and information on the conclusion of the contract) are cancelled up to 10 years after the conclusion of the contract if this is necessary for tax reasons, otherwise up to 3 years after the end of the contract. The password hash is deleted if the user no longer wants to access its content data and services on the condition of the contract. Technical IDs are retained as long as they are required to maintain records such as documents. IDs that are created when the user uses our service are retained as long as the respective record with which they are linked. From the access tokens a limited number is retained and older tokens deleted when new ones are created.

The collection of the data mentioned is necessary for a conclusion of the contract, unless indicated above as optional. Without this data, laware cannot offer you any services.
3.5
Versiony
  Per se, Versiony is not meant to process personal data. Nevertheless, certain data can provide conclusions on natural persons. This includes:

  • technical IDs,
  • all data linked to the IDs (e.g. time stamp),
  • Content transmitted by the user ("Versiony Data")

The legal basis is the implementation of our contract with you (Art. 6 (1) (b) GDPR).

Versiony Data is deleted as long as a user uses the service and then deleted.

The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
3.6
Versiony translations
  Per se, the Versiony Translation Service is not intended to process personal data. Nevertheless, certain data can provide conclusions on natural persons. This includes:

  • technical IDs,
  • all data linked to the IDs (e.g. time stamp),
  • Content transmitted by the user ("Translation data")

The legal basis is the implementation of our contract with you (Art. 6 para. 1 lit. b GDPR).

Translation data is transmitted for a volatile moment during translation, but not stored on the translation server.

The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
3.7
Microsoft Single Sign
  Laware offers the login option via the Microsoft SSO service. In this context, Microsoft Corporation, 1 Microsoft Way, Redmond, WA 98052 transfers the user's email address to Laware. Further data are not collected.

Microsoft is responsible for the storage of account data (e-mail, name and other data). Laware does not transfer personal data to Microsoft, but only provides a technical interface.

The legal basis is the implementation of our contract with you (Art. 6 (1) (b) GDPR).

The data is only used for the comparison and not additionally stored.

The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
3.8
Cookies
  Laware only uses cookies that are essential for the use of apps and services. Cookies are set only when they are actually required (e.g. when the language is changed). These are currently:

Permanent cookies:
  • Cookies to recognize the user after login

Session Cookies (is deleted when the browser window is closed):
  • Language cookies to set language settings

The legal basis for setting and reading cookies is Art. 6 (1) (b) GDPR if a contract with the user exists. Otherwise, the legal basis is our interest in ensuring that users have the most barrier-free user experience.

Session cookies are stored for the duration of the browser session. Permanent cookies remain stored until the user logs out or the session is overwritten due to too many logins.

The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.

Analyses based on cookies are not carried out.
3.9
Linkedin
  If you visit or interact with our LinkedIn company site, LinkedIn processes your personal data, e.g.:

  • your LinkedIn profile information (name, profession, company, profile, etc.),
  • Interactions with our site (Likes, Comments, News, etc.),
  • Statistical data on the use of our site (e.g. number of page views, range).

We process your personal data for the following purposes:

  • To maintain our corporate presence on LinkedIn,
  • To interact with LinkedIn users and to answer requests,
  • To conduct analyses on the use and scope of our LinkedIn page,
  • For communication via LinkedIn, e.g. for message requests.

The legal basis for the processing of personal data is our legitimate interest in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest lies in the effective presentation of our company and the communication with LinkedIn users.

Linkedin is jointly responsible for the purposes of data protection law with laware. The Joint Control Agreement can be found here: linkedin.com. For more information on data protection at Linkedin, see linkedin.com.

The data stored by us for the above reasons will be deleted as soon as they are no longer required for the purposes pursued and there are no further legal bases, such as statutory or contractual retention periods. If you contact us via provided functions (e.g. comment function), we only process your data as long as they are visible to us. You can control visibility yourself by deleting the corresponding content, such as comments or reviews on our LinkedIn page.

The collection of the data mentioned is neither contractual nor statutory. If you don't use the service, it doesn't have any negative consequences.
4.
Disclosure to third parties
  Laware forwards data to third parties to operate the technical infrastructure.
4.1
Hosting website and apps as well as email providers
  We use the service provider netcup GmbH, Daimlerstraße 25, 76185 Karlsruhe (see also netcup.com) to provide the Laware website and the apps offered. In addition, all email traffic is also stored with this provider.
4.2
Translation service
  Personal data that may be contained in the translation texts will be transferred to Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin for the translation service in the context of the App Versiony.
5.
Automatic decision making and profiling
  No automated decision-making or profiling takes place.
6.
Your rights
  You have certain rights under applicable data protection law:

  • You have the right to access your personal data.
  • If the conditions are met, you have a right to rectification, deletion, restriction of processing and data transmission.
  • You may also object to processing.
  • If the processing is based on your consent, you have the right to revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until revocation.
  • You can complain to a supervisory authority at any time.
7.
Change of data protection information
  Laware regularly adapts this data protection information to the current processing situation. Users of the services and website visitors are noticeably and regularly referred to the data protection at Laware. These data protection information can be accessed continuously here or via the Laware legalcenter (documentation.legal).
8.
Changelog
 
  • 31 August 2024: Introduction of Matomo to Analysis of Website Use
  • 24 October 2024: Exchange of providers Server Infrastructure
Laware.de Document Identifier: 6d366597-9c4c-11ee-95fd-1866da5b199e/9ea31ea4-ba36-11ef-8e89-360bdaaf1cef/tr-en/2025-01-22-15-40