Privacy Policy
1. Data Protection at a Glance
General Information
The following information will provide you with an easy-to-navigate overview of what happens with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Privacy Policy, which we have included beneath this text.
Data Recording on this Website
Who is the responsible party for recording data on this website?
The data on this website is processed by the operator of the website. The operator’s contact information is available under the “Information about the responsible party (referred to as the ‘controller’ in the GDPR)” section in this Privacy Policy.
How do we record your data?
We collect your data as a result of your sharing your data with us. These data may, for instance, be information you enter into our contact form.
Other data shall be recorded by our IT systems automatically or after you consent to their recording during your website visit. They are primarily technical data (e.g. internet browser, operating system or time of the page visit). The data are recorded automatically as soon as you enter this website.
What are the purposes for which we use your data?
Some of the data are collected to guarantee the error-free provision of the website. Other data may be used to analyze your user patterns.
What rights do you have in terms of your data?
You have the right to access information free of charge about the source, recipients, and purposes of your stored personal data at any time. You also have the right to demand that your data are rectified or erased. If you have consented to data processing, you have the option to revoke this consent at any time to affect all future data processing. Under certain circumstances, you also have the right to demand the imposition of restrictions on processing your personal data. You are also entitled to complain to the competent supervisory agency.
You may contact us at any time if you have further questions on data protection.
Analysis Tools and Third-Party Tools
When you visit this website, your surfing pattern can be evaluated statistically. This is rendered primarily with so-called analysis programs.
For detailed information on these analysis programs, please refer to the following Privacy Policy.
2. Hosting and Content Delivery Networks (CDN)
WeLocal
We host our website with WeLocal. The provider is WeLocal World AG, CAS-Weg 1-5, 76131 Karlsruhe
(hereinafter: WeLocal).
For details, please refer to the WeLocal Privacy Policy: https://www.welocal.world/datenschutzerklaerung/.
The use of WeLocal is based on Art. 6(1)(f) GDPR. We have a legitimate interest in our website being displayed as reliably as possible. If corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time.
Contract Processing
We have concluded a contract regarding contract processing with the provider named above. This is a contract stipulated under data protection law, ensuring that this provider processes the personal data of our website visitors only according to our instructions and while observing GDPR.
3. General Notices and Mandatory Information
Data Protection
The operators of these pages take the protection of your personal data very seriously. We handle your personal data in confidence and in keeping with the statutory data protection regulations, as well as this Privacy Policy.
If you use this website, various personal data are collected. The term “personal data” comprises data that can be used to personally identify you. This Privacy Policy explains which data we collect and the purpose for which we use them. The Privacy Policy also explains how and for which reason this is performed.
Please bear in mind that data transmission on the internet (e.g. during e-mail communication) can involve security loopholes. Complete protection against third parties accessing the data cannot be guaranteed.
Notice on the Responsible Entity
The responsible entity for data processing on this website is:
CAS Software AG
CAS-Weg 1-5
76131 Karlsruhe
Phone: +49 721 9638-0
E-mail: info@cas.de
The responsible entity is the natural person or legal entity deciding alone or together with others about the purposes and means of processing personal data (e.g. name, e-mail addresses, etc.).
Storage Duration
If this Privacy Policy does not state a more specific storage duration, your personal data remain with us until the purpose for data processing becomes obsolete. If you assert a legitimate erasure request or revoke consent to data processing, your data are erased if we do not have different legally permissible reasons for storing your personal data (e.g. data retention periods under tax or commercial law); in the latter case, the erasure is rendered once these reasons become obsolete.
Data Protection Officer
We have appointed a data protection officer for our company.
Thomas Heimhalt (external data protection officer)
DATENSCHUTZ perfect e.K.
datenschutz@cas.de
Transfers of Personal Data to Third Countries
We only transfer your data to countries outside the European Economic Area - EEA (third countries) if this is required by law or under the following conditions of Article 49, paragraph 1, 1st sub-section GDPR:
- a) you have explicitly consented to the proposed transfer, after having been informed of the possible risks of such transfers for the data subject due to the absence of an adequacy decision and appropriate safeguards;
- b) the transfer is necessary for the performance of a contract between you and us or the implementation of pre-contractual measures taken at your request;
- c) the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and another natural or legal person;
- d) the transfer is necessary for important reasons of public interest;
- e) the transfer is necessary for the establishment, exercise or defense of legal claims;
- f) the transfer is necessary in order to protect the vital interests of the data subject or of other persons, where the data subject is physically or legally incapable of giving consent;
- g) the transfer is made from a register which according to Union or Member State law is intended to provide information to the public and which is open to consultation either by the public in general or by any person who can demonstrate a legitimate interest, but only to the extent that the conditions laid down by Union or Member State law for consultation are fulfilled in the particular case.
Countries outside of the European Union may be considered unsafe third countries in terms of data protection law. The recipients of the data are often not subject to the standards of the EU GDPR. We therefore have no influence on how such recipients handle your data or the extent to which and for which purposes the data are further processed in the third country.
Duration of Data Storage
We store the personal data given by you other than by consent according to Article 6(1)(a) GDPR for the following duration:
session data until completion of the session
as long and as far as this is necessary for the duration of our business relationship. This also includes the initiation and execution of a contract.
If we are obliged to do so on the basis of retention and documentation duties, e.g. in accordance with the German Civil Code (BGB), the German Commercial Code (HGB) or the German Tax Code (AO). The periods for retention or documentation specified there are up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.
Consent and Revocation of your Consent to Data Processing
When you disclose your personal data to us, you thereby give your consent for us to store and use them within the constraints of the GDPR. The personal information you provide is accessible only to CAS Software AG and to its partners where appropriate.
Many data processing procedures are possible only with your express consent. You may revoke at any time any consent you have granted. An informal e-mail to us is sufficient. The legally binding nature of the data processing up until revocation remains unaffected by the revocation.
You may object also to the stated analysis and evaluation of your surfing and user patterns or prevent such by not using certain tools.
You have the following rights against us if the respective legal requirements are met:
right of access by the data subject according to Article 15 GDPR,
right to rectification according to Article 16 GDPR
right to erasure (‘right to be forgotten’) according to Article 17 GDPR
right to restriction of processing according to Article 18 GDPR
right to object according to Article 21 GDPR
right to data portability according to Article 20 GDPR;
Revocation of your Consent to Data Processing
Many data processing procedures are possible only with your express consent. You may revoke at any time any consent you have granted. The legally binding nature of the data processing up until revocation remains unaffected by the revocation.
Right to Object to Data Collection in Special Cases as well as Direct Advertising (Art. 21 GDPR)
IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS PRIVACY POLICY. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21(1) GDPR).
IF YOUR PERSONAL DATA ARE BEING PROCESSED TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).
Right to Log a Complaint with the Competent Supervisory Agency
In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the Member State where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.
Right to Data Portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Accessing Information, Erasure and Correction
Within the scope of the applicable statutory provisions, you have the right at any time to access information about your stored personal data, their source and recipients, as well as the purpose of the processing of your data. You may contact us at any time if you have questions on this or further questions on personal data.
Right to Demand Processing Restrictions
You have the right to demand the imposition of restrictions on processing your personal data. To do so, you may contact us at any time. The right to demand restriction of processing applies in the following cases:
In the event that you should dispute the correctness of your personal data stored by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the erasure of this data.
If we do not need your personal data any longer and you need it to exercise, defend or assert legal claims, you have the right to demand the restriction of the processing of your personal data instead of its erasure.
If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be considered against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data – with the exception of their storage – may be processed only subject to your consent or to claim, exercise or defend legal claims or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a Member State of the EU.
Objection to unsolicited E-mails
We herewith object to the use of contact information published in conjunction with the mandatory information to be provided in our Site Notice to send us promotional and information material that we have not expressly requested. The operators of this website and its pages reserve the express right to take legal action in the event of the unsolicited sending of promotional information, for instance via SPAM messages.
4. Data Recording on this Website
Cookies
Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently stored on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain stored on your terminal device until you actively erase them or they are automatically erased by your web browser.
In some cases, third party cookies may be stored on your device once you enter our site (third party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g. cookies for the processing of payment services).
Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g. the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.
Cookies required for the performance of the electronic communication procedure (required cookies) or for the provision of certain functions you want to use (functional cookies, e.g. for the shopping cart function) or those that are necessary for the optimization of the website (e.g. cookies that provide measurable insights into the web audience), shall be stored on the basis of Art. 6(1)(f) GDPR unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of cookies to ensure the technically error free and optimized provision of the operator’s services. If your consent to the storage of the cookies has been requested, the respective cookies are stored exclusively on the basis of the consent obtained (Art. 6(1)(a) GDPR); this consent may be revoked at any time.
You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.
In the event that third party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Privacy Policy and, if applicable, ask for your consent.
Server Log Files
The website provider automatically collects and stores information that your browser automatically transmits to us in server log files. These are:
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address
These data will not be combined with data from other sources.
These data are recorded based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in its website being displayed in a technically error-free manner and well as in optimizing its website – the server log files must be recorded for this purpose.
Contact Form
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We will not forward these data without your consent.
The processing of these data is based on Art. 6(1)(b) GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested.
The information you have entered into the contact form shall remain with us until you ask us to erase the data, revoke your consent to the data storage or if the purpose for which the data are being stored no longer exists (e.g. after we have concluded our response to your inquiry). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Inquiry by E-Mail, Telephone or Fax
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not forward these data without your consent.
The processing of these data is based on Art. 6(1)(b) GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested.
The information you sent to us shall remain with us until you ask us to erase the data, revoke your consent to data storage or if the purpose for which the data are being stored no longer exists (e.g. after we have concluded our response to your concern). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Newsletter and e-mail campaign data
If you would like to receive certain content or newsletters offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the content. Further data is not collected or is only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The data entered in the form will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the content offered at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you provide us with for the purpose of subscribing to the newsletter or e-mail campaign will be stored by us or the newsletter or e-mail campaign service provider until you unsubscribe from the newsletter or e-mail campaign and will be deleted after you unsubscribe. Data stored by us for other purposes remains unaffected by this.
After you unsubscribe, your e-mail address may be stored by us or the newsletter or e-mail campaign service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interests and our interests in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
5. Analysis Tools and Advertising
Matomo (formerly Piwik)
This website uses the open-source web analysis service Matomo. Matomo uses technologies that make it possible to recognize the user across multiple pages with the aim of analyzing the user patterns (e.g. cookies or device fingerprinting). The information recorded by Matomo about the use of this website will be stored on our server. The IP address is anonymized before it is stored.
Through Matomo, we are able to record and analyze data on how the website visitors use our website. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we record various log files (e.g. IP address, referrer, browser and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the anonymized analysis of user patterns to optimize the operator’s web offerings and advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time.
IP anonymization
In using Matomo for analysis, we use IP anonymization. In the process, your IP address is shorted before the analysis, meaning that you can no longer be uniquely identified.
Hosting
We host Matomo exclusively on our own servers, meaning that all analysis data remain with us and are not forwarded.
Leadinfo
We use the lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands. Leadinfo normally recognizes visits from companies to our website based on IP addresses and would show us publicly available information such as company names or addresses. We use the cookie-less tracking option, which does not place any cookies and therefore does not store any personal data about you. IP addresses are not stored.
On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be used by Leadinfo.
6. Newsletters, E-mail campaigns and Mail Advertising
Newsletter Data
If you would like to subscribe to the newsletter offered on this website, we will need from you an e-mail address as well as information that allow us to verify that you are the owner of the e-mail address provided and consent to the receipt of the newsletter. No further data shall be collected or shall be collected only on a voluntary basis. We shall use such data only to send the requested information and shall not share such data with any third parties.
Inxmail
This website uses Inxmail for distributing newsletters. The provider is Inxmail GmbH, Wetzinger Straße 17, 79106 Freiburg (hereinafter referred to as “Inxmail”).
Inxmail is a service that, among other aspects, organizes the mailing of newsletters and allows the analysis of such services. The data you enter for the purpose of subscribing to the newsletter is processed on Inxmail servers.
Inxmail Data Analysis
With the assistance of Inxmail, we are in a position to analyze our newsletter campaigns. For instance, this allows us to see whether a newsletter message has actually been opened and which links were clicked. This enables us to find out, among other aspects, which links are clicked with great frequency.
We are also able to recognize whether specific pre-defined acts were carried out following the opening/clicking (conversion rate). We are thus able to recognize whether you have made a purchase once the newsletter has been clicked.
Inxmail also enables us to sub-divide the newsletter recipients based on various categories (“clustering”). In the process, the newsletter recipients can be sub-divided according to age, gender or place of residence, for example. In this manner, the newsletters can be more optimally attuned to the respective target groups. If you do not want Inxmail to conduct this analysis, you need to unsubscribe from the newsletter. We provide a relevant link for this in each newsletter message.
You can find the Inxmail Privacy Policy at: https://www.inxmail.de/datenschutz.
Anonymized tracking
We use Inxmail’s anonymous tracking, which allows us to identify you only if you have explicitly consented to this in advance.
Legal basis
The data are processed on the basis of your consent Art. 6(1)(a) GDPR. You may revoke your consent at any time with effect for the future.
Storage duration
The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after unsubscribing from the newsletter or after the purpose for its use has ceased to exist. We reserve the right to erase email addresses from our newsletter distribution at our own discretion in conjunction with our legitimate interest pursuant to Art. 6(1)(f) GDPR or to block them. This will not affect data we store for other purposes.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if such action is necessary to prevent future mailings. Data from the blacklist will be used exclusively for this purpose and will not be merged with other data. This is in your and our best interest and also in the interest of compliance with the statutory mandates for sending newsletters (legitimate interest as defined in Art. 6(1)(f) GDPR). There is no time limit for storage in the blacklist. You may object to the storage if your interests outweigh our legitimate interest.
Concluding a contract on data processing
We have concluded a contract regarding contract processing with Inxmail. This is a contract stipulated under data protection law, ensuring that Inxmail processes the personal data of our website visitors only according to our instructions and while observing GDPR.
E-Mail campaigns
If you would like to receive certain content offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the content as part of an e-mail campaign. No other data is collected, or only on a voluntary basis. We use e-mail campaign service providers to process the e-mail campaign, these are described below.
Evalanche
We use the marketing tool Evalanche. The provider is SC-Networks GmbH, Würmstraße 4, 82319 Starnberg (hereinafter Evalanche).
Evalanche is a tool for optimizing and automating our marketing activities. Among other things, Evalanche allows us to automate our lead generation and align certain website content with target groups. We can also analyze user behavior with the user's declaration of consent and trigger further marketing campaigns on this basis. For this purpose, Evalanche stores the data of various users who register for certain content via a form (for example: e-mail address, position, industry or similar).
Evalanche is certified in accordance with the internationally recognized IT security standard ISO 27001.
If consent has been obtained, the aforementioned service is used exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 of the Telecommunications Digital Services Data Protection Act (TDDDG). Consent can be revoked at any time. If consent has not been obtained, this service is used on the basis of Art. 6 para. 1 lit. f GDPR; the website operator has a legitimate interest in optimizing its marketing campaigns.
Data analysis and tracking by Evalanche
With the help of Evalanche, we are able to analyze our e-mailing campaigns. For example, we can see whether a campaign e-mail was opened, which links were clicked and how often they were clicked.
We can also recognize whether certain previously defined actions were carried out after opening/clicking (conversion rate). For example, we can recognize whether you have made a purchase after clicking the e-mailing.
Evalanche also enables us to subdivide ("cluster") the e-mail campaign recipients according to various categories. E-mail campaign recipients can be subdivided according to position, industry or company location, for example (anonymized tracking). In this way, the campaign e-mails can be better adapted to the respective target groups.
We also use personal tracking from Evalanche, which only allows us to identify you personally if you have expressly consented to this in advance (personal tracking). For example, data on a person's click behavior is collected. If you no longer wish to be tracked by Evalanche, you can deactivate this at any time via the "Deactivate tracking" link in the mailing.
You will find Evalanche's privacy policy at: https://www.sc-networks.com/data-protection/.
Legal basis
The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time for the future.
Storage duration
The data you provide to us for the purpose of subscribing to e-mail campaigns will be stored by us or the service provider until you unsubscribe from the e-mail campaign and deleted after you unsubscribe from the e-mail campaign or after the purpose has ceased to apply. We reserve the right to delete or block e-mail addresses from our marketing tool at our own discretion within the scope of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Data stored by us for other purposes remains unaffected by this.
After you unsubscribe from the e-mail campaign, your e-mail address may be stored by us or the service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending e-mail campaigns (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
Order processing
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Mail Advertising
We use your address in observance of all legal provisions for distributing postal advertising (postal advertising).
The legal basis for this is our legitimate interest in direct advertising according to Art. 6(1)(f) in conjunction with consideration reason 47 GDPR. If corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time. Special regulations may be reported to you during data collection and supersede this regulation.
Your address remains with us until the purpose of the data processing becomes obsolete. If you assert a legitimate erasure request or revoke consent to mail advertising, your data are erased if we do not have different legally permissible reasons for storing your personal data (e.g. data retention periods under tax or commercial law); in the latter case, the erasure is rendered once these reasons become obsolete.
We use the following service provider to deliver our mail items:
[Name and complete address of the service provider]
Contract processing
We have concluded a contract regarding contract processing with the provider named above. This is a contract stipulated under data protection law, ensuring that this provider processes the personal data of our website visitors only according to our instructions and while observing GDPR.
7. Plug-Ins and Tools
Google Web Fonts
This website uses so-called Google Web Fonts to ensure that fonts are uniformly displayed. The Google Fonts are installed locally. No connection is made here to Google servers.
For further information on Google Web Fonts, please visit https://developers.google.com/fonts/faq and in the Google Privacy Policy: https://policies.google.com/privacy?hl=de.
SmartMaps Map Service
We use the “SmartMaps” offering of YellowMap AG, CAS-Weg 1-5, 76131 Karlsruhe, meaning that we are able to display maps services to you directly in the website.
If the SmartMaps service is viewed, your browser transmits technically mandatory data to the YellowMap AG servers to be able to provide the service. These data are processed compliant with GDPR and not stored permanently.
For further information, please visit www.smartmaps.net/faq
8. Audio and Video Conferences
Data Processing
We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the internet, your personal data will be recorded and processed by the provider of the respective conference tool and by us.
The conferencing tools record all information that you provide/access to use the tools (e-mail address and/or your telephone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication procedure (metadata).
Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.
Should content be exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/instant messages, voicemail uploaded photos and videos, files, whiteboards, and other information shared while using the service.
Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the Privacy Policies of the tools used, and which we have listed below this text.
Purpose and Legal Bases
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6(1)(b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest in the meaning of Art. 6(1)(f) GDPR). Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.
Storage Duration
Data recorded directly by us via the video and conference tools will be deleted from our systems immediately after you request us to erase it, revoke your consent to storage, or the reason for storing the data no longer applies. Saved cookies remain on your device until you erase them. Mandatory statutory data retention periods remain unaffected by this provision.
We cannot influence the storage duration of your data as stored by the operators of the conference tools. For details on this, please inquire directly to the operators of the conference tools.
Conference Tools in Use
We use the following conference tools:
TeamViewer
We use TeamViewer. The provider is TeamViewer Germany GmbH, Jahnstr. 30, 73037 Göppingen. For details on data processing, please refer to the TeamViewer Privacy Policy: https://www.teamviewer.com/de/datenschutzerklaerung/.
Contract processing
We have concluded a contract regarding contract processing with the provider named above. This is a contract stipulated under data protection law, ensuring that this provider processes the personal data of our website visitors only according to our instructions and while observing GDPR.
GoToMeeting
We use GoToMeeting. The provider is LogMeIn, Inc., 320 Summer Street Boston, MA 02210, USA. For details on data processing, please refer to the GoToMeeting Privacy Policy: https://www.logmeininc.com/de/legal/privacy.
Data transmission to the USA is based on standard contractual clauses from the EU Commission. You can find details here: https://logmeincdn.azureedge.net/legal/lmi-customer-dpa-2020v1-de.pdf.
Contract processing
We have concluded a contract regarding contract processing with the provider named above. This is a contract stipulated under data protection law, ensuring that this provider processes the personal data of our website visitors only according to our instructions and while observing GDPR.
Contact
If you have any questions or suggestions in relation to data protection, please e-mail us at:
cas-datenschutz@cas.de.
Our data protection officer can be contacted as follows:
Thomas Heimhalt (external data protection officer)
DATENSCHUTZ perfect e.K.
E-mail: datenschutz@cas.de
Changes to this statement
CAS Software AG reserves the right to change data protection guidelines at any time within the constraints of the applicable law.
Version: June 2023