Data Protection Policy
We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes they are used.
This data protection declaration applies to the Internet offering of fme AG – Geniehub, which can be accessed under the domain https://geniehub.io/ and the various sub-domains (“our website”).
Who is responsible and how do I reach you?
Responsible for the processing of personal data within the meaning of the EU data protection basic regulation (GDPR)
fme AG
Wolfenbütteler Straße 33
38102 Braunschweig
Germany
Email: info(at)fme.de
Managing Director: Dirk Bode
Supervisory Board: Stefan H. Tarach (Chairman), Dr. Axel Krieger (Deputy), Dr. Markus Böhme
Commercial register at Braunschweig Local Court: HRB 5422 (Commercial register number)
VAT ID No. (sales tax ID number): DE 178236072
(hereinafter referred to as “fme”)
Data protection officer
Philipp Herold
Herold Unternehmensberatung GmbH
Phone: +49 451 4988023
Fax: +49 451 4988024
Email: philipp.herold(at)hub24.de
Internet: www.hub24.de
What’s this about?
This data protection declaration meets the legal requirements for transparency in the processing of personal data. This is all information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail, IP address or user behavior when visiting a website. Information where we cannot (or only with a disproportionate effort) establish a reference to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.
Stored personal data shall be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We will inform you in the individual processing operations about the specific storage periods or criteria for storage. Independently of this, we will store your personal data in individual cases for the assertion, exercise or defense of legal claims and in the event of statutory storage obligations.
Who gets my data?
Your personal information will be shared as described below.
The website is hosted by an external service provider (Hetzner Online GmbH) in Germany. We ensure that the data processing takes place exclusively in Germany. This is necessary for the operation of the website as well as for the establishment, implementation and handling of the existing user contract with the web host and is also possible without your consent.
In addition, data is passed on if we are entitled or obliged to pass on data due to legal regulations and/or official or court orders. This may in particular involve the provision of information for criminal prosecution, security purposes or the enforcement of intellectual property rights.
If your data is passed on to service providers to the extent necessary, these service providers will only have access to your personal data to the extent that this is necessary for the fulfilment of their tasks. As far as no personal reference is required for the fulfilment of the pursued purposes, your data will be pseudonymized or anonymized for further data processing. The service companies commissioned by us are obliged to treat your personal data in accordance with the applicable data protection laws, in particular the GDPR.
Your personal data is currently transferred to the following categories of service providers/recipients depending on the use of our website.
- Web analytics service provider to analyze the use of our website by visitors
- Group companies of fme AG
Relevant agreements on order processing have been concluded with the respective service provider of fme.
Information on the service providers we use can be found at the appropriate places within this data protection declaration (e.g. Google Analytics etc.).
When using our service providers, we may transfer personal data to locations in a third country, i.e. to a country outside the EU or EEA. In these cases, EU standard contractual clauses between fme and the respective service provider of fme provide sufficient guarantees for the data transfer. Therefore, please refer to the corresponding notes at the appropriate places in this data protection declaration.
Apart from the above-mentioned circumstances, we will not pass on your data to third parties without your consent.
Which rights do I have?
Under the conditions of the statutory provisions of the Basic Data Protection Regulation (GDPR) and the Federal Data Protection Act (FEDERAL DATA PROTECTION ACT), you have the following rights as a data subject:
- Information in accordance with Art. 15 GDPR, § 34 FEDERAL DATA PROTECTION ACT about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
- Correction according to Art. 16 GDPR of incorrect or incomplete data stored by us;
- Deletion according to Art. 17 GDPR of the data stored with us, as far as the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- Restriction of processing in accordance with Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, we no longer require the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
- Data transferability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data within the scope of a consent in accordance with Art. 6 para. 1 lit. a GDPR or on the basis of a contract in accordance with Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another responsible party, as far as this is technically feasible.
- Objection in accordance with Art. 21 GDPR to the processing of your personal data, insofar as this takes place on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. The right of objection does not apply if overriding, compelling reasons for processing worthy of protection are demonstrated or if the processing is carried out for the purpose of asserting, exercising or defending legal claims. Where the right of objection does not apply to individual processing operations, this is indicated there.
- Cancellation according to Art. 7 para. 3 GDPR of your given consent with effect for the future.
- Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority at your usual place of residence, your place of work or our company headquarters.
How is my data processed in detail?
Personal data is only collected and processed by fme if you expressly agree to make your data available, e.g. by filling out forms or sending emails in connection with inquiries or orders for products or services.
In the context of the forms to be filled out, this data is as follows:
Request for Sales Information
- Full name
- Business email
- Phone
- Company
- Country
- Message
Request for an Online Demo
- Full name
- Business email
- Phone
- Company
- Country
- Message
(in the following referred to as “personal data”)
The personal data and content provided by you remain exclusively with fme, its affiliated companies and the provider. fme will only collect your data for the purposes mentioned in the following paragraph. Any use beyond the stated purpose requires your express consent. The same applies to the disclosure and transmission of your data to third parties.
Purpose of data collection
Personal data is processed by fme exclusively for the following purposes:
- to get in contact with us;
- to enable the services offered by fme;
- for the associated correspondence with you;
- to process your enquiry and to provide you with further advice if required;
- Statistical evaluation of the use of our website.
For purposes other than those mentioned above, fme uses personal data only to the extent necessary to protect the legitimate interests of third parties or to avert dangers to state or public security or to prosecute criminal offences.
The personal data is stored and processed exclusively on servers in the European Union.
Provision of the website
Type and scope of processing
When you access and use our website, we collect personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which the access takes place (referrer URL)
- Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider
Our website is not hosted by ourselves, but by a service provider who, for the purpose of providing the website, processes the aforementioned data on our behalf in accordance with Art. 28 GDPR.
Purpose and legal basis
The processing is carried out in order to safeguard our predominant legitimate interest in displaying our website and to guarantee security and stability on the basis of Art. 6 para. f GDPR. The collection of data and storage in log files is mandatory for the operation of the website. There is no right of objection to the processing due to the exception according to Art. 21 para. 1 GDPR. Insofar as the further storage of log files is required by law, processing is based on Art. 6 para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically impossible to call up our website without providing the data.
Storage duration
The aforementioned data will be stored for the duration of the display of the website and for technical reasons for a maximum of one month.
Contact sheet
You can contact us by e-mail or through our website. In this case, we store the personal data you provide in order to process your request and to contact you to process your request. If we request information via our contact form, we have marked the mandatory fields required to contact us accordingly (asterisks). The voluntary information is used by us to concretize your enquiry and to improve the processing of your request. The requested data will be transmitted to us by you on a purely voluntary basis.
Depending on the nature of the request, the legal basis for this processing is Art. 6 (1) (b) GDPR for enquiries that you make yourself as part of a pre-contractual measure or Art. 6 (1) sentence 1 (f) GDPR if your request is of a different nature. The legitimate interest follows from the purposes set out in this privacy policy. If personal data is requested that we do not need for the fulfilment of a contract or for the protection of legitimate interests, the data will be transmitted to us on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. If you use the contact form on the basis of your consent, we store the data collected for each enquiry for a period of three years, starting with the completion of your enquiry or until your consent is recalled. With regard to the retention period, we delete personal data as soon as they are no longer required for the fulfilment of the original purpose and there are no longer any statutory retention periods. The legal retention periods are ultimately the criterion for the final duration of the storage of personal data. If retention periods exist, processing is restricted by blocking the data. After this period has expired, the corresponding data is routinely deleted.
Use of third party services
LinkedIn Lead Gen Forms
Type and scope of processing
We use Lead Gen Forms to acquire new customers. If you contact us via LinkedIn forms for lead generation, personal data (e.g. name, e-mail address or your telephone number) is stored by LinkedIn and transmitted to us. We use the data to contact you and send you targeted information about services and products. If you are a member of the LinkedIn platform, LinkedIn can assign the above-mentioned content and functions to the profiles of the users there.
For more information, please see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy
Purpose and legal basis
The use of Lead Gen Forms serves to acquire new customers and to communicate with interested parties. The legal basis for the evaluation of the LinkedIn Lead Forms is your consent given with the sending of the forms (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent for the future at any time using the contact details provided on our website. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
Storage duration
We store your data that you submit to us via Lead Gen Forms for 2 years from the receipt of your personal data. After that, the personal data will be deleted, unless we are legally obliged to store it for a longer period of time or we still need your personal data to implement or process an existing contractual relationship or for verification purposes. In such cases, we will delete the relevant data after the statutory retention period has expired or as soon as we no longer need the data for the implementation or processing of an existing contractual relationship or for verification purposes.
LinkedIn Ads
Type and scope of processing
We have integrated LinkedIn Ads on our website. LinkedIn Ads is a service provided by LinkedIn Corporation that displays targeted advertising to users. LinkedIn Ads uses cookies and other browser technologies to evaluate user behavior and recognize users. LinkedIn Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of advertising. Furthermore, LinkedIn Ads delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identification features such as your user agent are transmitted to the provider. In this case, your data will be passed on to the operator of LinkedIn Ads, LinkedIn Corporation, Sunnyvale, California, US.
Web tracking technologies are used to create pseudonymized user profiles. These profiles cannot be merged with you as a natural person, but are used, for example, for segmentation when displaying advertisements.
For more information, please see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.
Purpose and legal basis
The use of LinkedIn Ads serves to acquire new customers and to communicate with interested parties. The legal basis for the evaluation of the LinkedIn Ads is your consent given with the sending of the forms (Art. 6 para. 1 lit. a GDPR). You can revoke your consent for the future at any time using the contact details provided on our website. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
Storage duration
The concrete storage period of the processed data cannot be influenced by us but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for LinkedIn Ads: https://www.linkedin.com/legal/privacy-policy.
Google Analytics
Type and scope of processing
We use Google Analytics 4 from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offering. This includes, for example, the number of visits to our website, the time spent on the website, subpages visited or the browser used. Google Analytics 4 uses cookies, scripts and pixels to evaluate user behavior, as well as algorithms based on machine learning, which automatically evaluate event data such as scrolling movements. This information is used, among other things, to compile reports on website activity.
Purpose and legal basis
The use of Google Analytics is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
Storage duration
The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.
Google Tag Manager
Type and scope of processing
We use the Google Tag Manager provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through one interface and allows us to control the exact integration of services on our website
This allows us to flexibly integrate additional services to evaluate user access to our website.
Purpose and legal basis
The use of Google Tag Manager is based on your consent pursuant to Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG. We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
Storage duration
The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.
Consent Manager Provider
Type and scope of processing
Our website uses the cookie consent technology of Consent Manager Provider to obtain your consent to store certain cookies on your terminal device and to document this consent in accordance with data protection law. The provider of this technology is Jaohawi AB, Håltegelvägen 1b, 72348 Västerås, Sweden, website: https://www.consentmanager.de (hereinafter “Consent Manager Provider”).
When you enter our website, a connection is made to Consent Manager Provider’s servers to obtain your consents and other statements regarding cookie use. Subsequently, Consent Manager Provider stores a cookie in your browser in order to be able to assign the consents granted to you or their revocation.
Purpose and legal basis
Consent Manager Provider is used to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c GDPR.
Storage duration
The data collected in this way is stored until you request us to delete it, delete the Consent Manager Provider cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.
Contract on order processing
We have concluded an order processing contract with Consent Manager Provider. This is a contract required by data protection law, which ensures that Consent Manager Provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.