Data protection at onOffice
Data protection at onOffice

Privacy Policy

Thank you for your interest in our online offer under the domain www.uk.onOffice.com. The protection of your privacy is very important to us. Below you will find detailed information on how we handle your data.

Breadcrumb-Navigation

1. Information on the Collection of Personal Data

(1) In the following, we inform you about the processing of personal data when using our website www.onOffice.com. Personal data is all data that can be related to you personally and by which you can be identified, e.g. name, address, email addresses, or user behavior.

(2) The entity responsible in accordance with Art. 4 § 7 EU of Data Protection Privacy Regulation (GDPR) is onOffice GmbH, Charlottenburger Allee 5, 52068 Aachen. For further information please take a look at our imprint. You can reach our data protection officer Matthias Menne at privacy@onoffice.com and under the details specified in the imprint.

(3) When you contact us by email or via contact form, the data provided by you (your email address and if applicable, your name and phone number) will be stored by us in order to respond to your questions. All data accumulated during this connection is deleted after storage is no longer necessary or the processing of said data is restricted if there are legal obligations to retain it.

(4) If we use commissioned service providers for individual functions of our offer or want to use your data for advertising purposes, we will inform you hereafter in detail about the respective processes. In this context, we will also mention the defined criteria for the duration of the storage.

2. Your Rights

(1) You have the following rights in relation to the personal data which pertains to you:

  •  Right to information Art. 15 GDPR,
  • Right to correction or deletion Art. 16/17 GDPR,
  • Right to restriction of processing Art. 18 GDPR,
  • Right to objection to processing Art. 21 GDPR,
  • Right to data transferability Art. 20 GDPR.

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us, e.g. if you assume that this is done without sufficient legal basis. The supervisory authority responsible for us is

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2-4
40213 Düsseldorf
Germany
Phone: +49 (0)211 38 424-0 | Fax: +49 (0)211 38 424-10 | Email: poststelle@ldi.nrw.de

(3) If we process personal data in the context of maintaining our legitimate interests within the balancing of interests, the processing may be objected to by you whereby your objection will be effective for the future in accordance with Art. 21 GDPR. If the processing is conducted for direct marketing purposes, you may exercise this right at any time. If the processing is for other purposes, you are only entitled to object if there are reasons arising from your particular situation. After exercising your right to objection, we will not process your personal data further for these purposes, unless we can prove compelling reasons for processing of your data worthy of protection that outweigh your interests, rights, and freedoms, or if the processing serves to assert, exercise or defend legal claims. This does not apply if the processing is conducted for direct marketing purposes. Then we will not process your personal data further for this purpose.

3. Storage of Personal Data When Visiting Our Website

(1) When using the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser sends to our server. If you would like to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (legal basis is Art. 6 § 1 S. 1 lit. f GDPR):

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request originates
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

(2) For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in the address bar of your browser. If the SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

(3) In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are text files that are stored on your hard drive in accordance with the browser you are using and through which certain information is sent to the site that sets the cookie (in this case, by us). Cookies cannot run programs or transmit viruses to your computer. They serve the purpose of making the internet offer altogether more user-friendly and effective, e.g., to recognize you again on your next visit, to accelerate the construction or the downloading of the website.

(4) Use of cookies:

a) This website uses the following types of cookies, the scope and function of which are explained below:

  • Transient (Session) Cookies (see b)
  • Persistent cookies (see c).

b) Transient cookies are deleted automatically when you close the browser. These especially include session cookies. These store a so-called Session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

c) Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

d) You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. We have to inform you that doing so you may not be able to use all the functions of this website. The change of your cookie settings depends on the internet browser that is being used. You can find more information in the help of your respective browser.

e) Cookies which are necessary for the electronic communication process or for the provision of certain functions requested by you (e.g. shopping cart function) are stored based on Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in the storage of cookies for the technical operation of the website. This includes the simplification of the communication process, an execution that is technically free of errors, and an optimized provision of our service. Insofar as we or our service providers store cookies for other purposes, such as for analyzing your use of our website, the use is described separately in the respective processing.

4. Hosting

(1) Our website www.onOffice.com is hosted internally by us. The subdomains: https://apidoc.onOffice.de/, https://wpplugindoc.onOffice.de/, https://de.enterprisehilfe.onOffice.com/and https://www.business-beats.com/are hosted externally. The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services as well as technical maintenance and care, for the purpose of operating this online offer.

(2) Our hosting provider for the subdomains mentioned above, the company ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany, processes all data collected in the context of the use of the subdomains. Our service provider processes the data within the European Union. The basis for hosting is our legitimate interest in the efficient and secure provision of this online offer by a reliable hosting partner in accordance with Art. 6 para. 1 lit. f GDPR.

5. Data Processing for Contract Processing, when Opening a Customer Account and Other Enquiries

(1) We collect personal data if you provide us with this information in the context of a concrete product enquiry or for testing our software, or if you voluntarily provide us with this information when you contact us (e.g. via contact form or email) or if you open a customer account. Mandatory fields are marked as such, since in these cases we need the data for the processing of the contract or for the processing of your contact, or the creation of your customer account, and without filling out these particular fields, you cannot complete the order and/or the account creation, or initiate contact with us. Which data is collected is immediately obvious from the respective field in a given input form.

(2) We use the data you provide us with for the completion of contracts and the processing of your enquiries. After the contract has been completely processed or your customer account has been deleted, your data will be restricted for further processing. After existing retention periods have expired, e.g., on the basis of tax or commercial law, we will delete your data unless you have expressly consented to further use of your data or unless we are entitled to use the data for purposes other than the original purpose. The deletion of your customer account is possible at any time and can be done via a message to the contact options specified below or via a designated function in the customer account that fulfills that function.

The legal basis for the processing is Art. 6 para. 1 lit. b) GDPR, insofar as you have an existing contractual relationship with us or wish to enter into such a relationship, and otherwise Art. 6 para. 1 lit. f) GDPR.

6. Application and Recruitment Process

When you direct your application to onOffice, your personal data such as name and address, as well as your contact details like phone number and email address, along with the submitted documents (collectively referred to as “application documents”) will be processed for the purpose of handling your application and conducting the respective application and recruitment process.

Alternatively, you can also provide us with your application documents, such as your CV, from professional social networks (e.g., Xing, LinkedIn), as long as they are publicly accessible. In this case, the platform will forward your data to us.

6.1 Advertised Job Offers, Unsolicited Applications, Internships, and Student Jobs

Your application documents will be forwarded by onOffice’s HR department directly to the respective department and, if applicable, to affiliated companies, where the vacant position is located or where the decision regarding a possible employment will be made.

For these purposes, it may also be necessary to transfer your application documents to countries outside the EU that are recognized by the EU Commission as having an adequate level of data protection (e.g., Switzerland).

The processing of the application documents is based on legal provisions that allow data processing because it is necessary for deciding on the establishment of an employment relationship (Art. 6 para. 1 lit. b) GDPR and Section 26 para. 1 BDSG).

If special personal data within the meaning of Art. 9(1) of the BDSG is included in your application documents, such as your religious affiliation or health-related information, the processing of this data is based on a legal provision that allows data processing because it is necessary to fulfill legal obligations related to labor, social, and social security law (Art. 9(2)(b) of the BDSG).

6.2 Online Application Form and Uploaded Files

Depending on the job advertisement, we collect the following information from you via our application form: Salutation* (Mr., Mrs., Divers), first name*, last name*, email address*, telephone number, or mobile phone number, CV* – optionally as an upload file (up to three attachments) or as a link to an online profile (XING, LinkedIn, stackoverflow or similar) as well as salary expectations. Only the fields marked with * must be completed. Further details such as possible starting date, address or other uploads are not requested and are only possible as an additional upload on a voluntary basis.

The data will only be available to us after you have given your consent and sent the application form.

Your personal details are voluntary, but an application process is not possible without them.

6.3 Data Access Rights

In our company, only the individuals and departments (HR department, relevant department) who require knowledge of your personal data for the hiring decision and to fulfill our pre-contractual/contractual and legal obligations will have access to your personal data. We treat your personal data confidentially and use it exclusively for the purpose of the application process.

6.4 Deletion Periods

Your data will be automatically deleted 6 months after the completion of the application process.

6.5 Data Security

Your data is transmitted in encrypted form and stored in a database. Our security measures are continuously improved in accordance with technological developments through technical and organizational measures.

7. Processing of Data on Our Behalf

As far as it is necessary for the operation of our website, we transmit your data to the companies commissioned by us with the operation of the web shop and the processing of your order, e.g., our hosting service provider or service providers that we use for the purpose of online marketing with analysis services etc., such as Google with regard to Google Ads. The respective service providers are named in this data protection information and are bound by us under data protection law via a contract for order processing or via the use of EU standard contractual clauses.

8. Newsletter Dispatch

(1) With your consent, you can subscribe to our newsletter, with which we regularly inform you about our company and its offers. Such consent is given exclusively in connection with the conclusion of a customer card contract and is not provided online via our website. We also reserve the right, as far as legally permissible, to inform existing customers about similar products and services. The advertised categories of goods and services are named in the declaration of consent or correspond to the range of goods and services offered by our company.

(2) In order to register for our newsletter, the registration form on the website has to be used.

(3) Your email address is the only mandatory information for the dispatch of the newsletter. After your confirmation, we will save your email address for the purpose of dispatching the newsletter. According to Art. 6 § 1 S. 1 lit. a GDPR, the legal basis for sending the newsletter is your consent.

(4) You can revoke your consent to receiving the newsletter at any time and unsubscribe from the newsletter. You can declare the end of your subscription by clicking on the link provided in every newsletter email, by sending an email to marketing@onOffice.com, or via message to the contact data supplied in the imprint.

(5) Our newsletter mailing software enables us to analyze your behavior in regard to the dispatch of the newsletter. On one hand, we can statistically analyze how many recipients opened the newsletter message and how often which link in the newsletter has been clicked. Additionally, we are able to recognize whether a specific person has opened a newsletter, as long as corresponding data is stored in our system. With the help of so-called conversion tracking, it is also possible to analyze whether a previously defined action (e.g., purchase of a product on our website) has taken place after clicking on the link in the newsletter. We analyze this data exclusively on the basis of Art. 6 para. 1 a) GDPR (Consent).

If you do not wish to receive any analysis from us, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter. Otherwise we ask for a corresponding message to marketing@onOffice.de. The data you provide to us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers after you unsubscribe from the newsletter.

9. Integration of YouTube Videos

(1) We have integrated YouTube videos into our online offer, which are stored on http://www.YouTube.com and can be played directly from our website. [All of these are embedded in the “extended privacy mode”, which means that no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the particular data referred to in § 2 be transmitted. We have no influence on this data transmission.]

(2) By visiting the website, YouTube receives information that you have accessed the corresponding subpage of our website. Additionally, the data mentioned under § 3 of this declaration will be transmitted. This happens regardless of YouTube providing a user account that you are currently logged in with or if no user account exists. If you are logged in to Google, your information is directly associated with your account. If you do not want the association of your profile on YouTube, you have to log out before activating the button. YouTube stores your data as user profiles and uses them for the purposes of advertising, market research, and/or demand-oriented design of its website. Such an evaluation is conducted (even for users who are not logged in) to provide tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right. Processing is carried out based on a legitimate interest in accordance with Art. 6 para. 1 lit. f. GDPR, in order to be able to present you with additional content about our company and to make our website more informative for you.

(3) Further information on the purpose and scope of data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information on your rights and options to change settings in order to protect your privacy: https://www.google.de/intl/de/policies/privacy.

10. Use of Google Analytics for Web Analysis

For website analysis, this website uses Google Analytics, a web analysis service of Google Ireland Limited (www.google.de). This serves to protect our legitimate interests in an optimized and fair presentation of our offer. Google Analytics uses methods that enable an analysis of your use of the website such as cookies. The automatically collected information about your use of this website is usually transferred to a Google server in the USA and stored there. By activating IP anonymization on this website, the IP address is shortened before transmission within the member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases the full IP address is transferred to a Google server in the USA and shortened there. Within the context of Google Analytics, the anonymized IP address transmitted by your browser is not combined with other data from Google.
We use Google Signals if you are logged into a Google service while accessing onOffice.com and have activated “personalized advertising” in your Google settings. With the help of this service, we receive aggregated and anonymized statistics across devices about users who use our site across multiple devices. For this purpose, Google processes, among other things, the end user’s location, search history, and YouTube history.
You can prevent the use of Signals by deactivating “Personalized advertising” in your Google settings. Alternatively, you can also use our Consent Management Tool to edit or refuse consent to Google Signals.
You can prevent Google from the collection of data generated by the cookie and related to your use of the website (including your IP address) and the Google’s processing of this data by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en-GB

To facilitate the integration of the Google tools we use, we utilize Google Tag Manager. You can easily opt out of its use through our cookie consent tool.

To object to tracking by Google Analytics on our website, please click here.

onOffice has agreed with Google Ireland Limited the standard contract clauses.

11. etracker

The provider of this website uses services from etracker GmbH, based in Hamburg, Germany (www.etracker.com), for the analysis of usage data. By default, we do not use cookies for web analytics. If we use analysis and optimization cookies, we will separately obtain your explicit consent in advance. If this is the case and you agree, cookies will be used to enable statistical analysis of the reach of this website, measure the success of our online marketing efforts, and conduct testing procedures, such as testing and optimizing different versions of our online offerings or their components. Cookies are small text files that are stored by the internet browser on the user’s device. etracker cookies do not contain any information that allows identification of a user.
The data generated by etracker is processed and stored exclusively in Germany by etracker on behalf of the provider of this website, and is therefore subject to the strict German and European data protection laws and standards. etracker has been independently audited, certified, and awarded the
 ePrivacyseal privacy seal.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. a GDPR. Your consent is obtained via our cookie banner. Since the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymized or pseudonymized as soon as possible. No other use, merging with other data or disclosure to third parties takes place.

You can revoke your consent to the data processing described above at any time by clicking on the slider. The revocation has no negative consequences. If no slider is displayed, data collection has already been prevented by other blocking measures.

Further information on data protection at etracker can be found here.

12. Google Ads Remarketing

Through Google Ads, we promote this site in Google search results as well as on third-party websites. To this end, when you visit our website, the so-called remarketing cookie is set by Google, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and based on the pages you visit. This serves to protect our legitimate interests within the balancing of interests of all other parties in the optimal marketing of our products and services via our website.

Any further processing of data will only take place if you have consented to Google linking your web and app browsing history to your Google Account and using information from your Google Account to personalize ads that you see on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, your personal data is temporarily linked by Google with Google Analytics data in order to form target groups.

Google Ads Remarketing is an offer from Google LLC (www.google.de).

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. a GDPR. Your consent is obtained via our cookie banner.

You can deactivate the remarketing cookie using this link. You can also inform yourself at Digital Advertising Alliance about the placing of cookies and edit preferences regarding these.

13. Use of Google Ads Conversion

(1) We use the service of Google Ads to draw attention to our attractive offers by means of advertising material (so-called Google Ads) on external websites. In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. In this way, we pursue the interest of displaying ads that are of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.

(2) That advertising material is delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, which can be used to determine certain parameters to measure success, such as the display of ads or clicks by users. If you reach our website via a Google ad, Google Ads will store a cookie on your PC. These cookies usually expire after 30 days and are not intended to identify you personally. Data that is usually stored alongside this cookie as analytical values are the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), as well as opt-out information (instruction that the user no longer wishes to be addressed).

(3) These cookies enable Google to recognize your internet browser. If a user visits certain pages of an AdWords client’s website and the cookie stored on their computer has not expired, Google and the client may recognize that the user clicked on the ad and was redirected to that page. A different cookie is assigned to each Adwords customer. Cookies can therefore not be tracked via the websites of Adwords clients. We ourselves do not collect and process any personal data in the advertising measures mentioned above. We only receive statistical evaluations from Google. These evaluations enable us to identify which of the applied advertising measures are particularly effective. We do not receive any further data from the use of the advertising material, in particular we cannot identify the users based on this information.

(4) Due to the applied marketing tools, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further usage of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of AdWords Conversion, Google receives the information that you have called up the corresponding part of our website or clicked on one of our ads. If you are registered with one of Google’s services, Google can link the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider seeks out and saves your IP address.

(5) You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular by suppressing third-party cookies, so that you do not receive third-party ads; b) by deactivating cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”, https://www.google.de/settings/ads, whereby this setting will be deleted if you delete your cookies; c) by disabling interest-based ads from providers that are part of the self-regulatory campaign “About Ads” via the link http://www.aboutads.info/choices, whereby this setting will be deleted if you delete your cookies; d) by permanently disabling them in your Firefox, Internet Explorer or Google Chrome browsers via the link http://www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all functions of this offer to its fullest extent.

(6) Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. a GDPR. Your consent is obtained via our cookie banner. Further information on data protection at Google can be found here: https://policies.google.com/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.

14. DoubleClick by Google

(1) This website still uses the online marketing tool DoubleClick by Google. DoubleClick uses cookies to deliver ads that are relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are shown in which browser and can thus prevent them from being shown more than once. DoubleClick can also use cookie IDs to track conversions related to ad requests. This is, for example, the case whenever a user sees a DoubleClick ad and later uses the same browser to go to the advertiser’s website and make a purchase. According to Google, DoubleClick cookies do not contain any personal information.

(2) Due to the applied marketing tools, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of DoubleClick, Google receives the information that you have called up the relevant part of our website or clicked on one of our ads. If you are registered with one of Google’s services, Google can link the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider seeks out and saves your IP address.

(3) You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular by suppressing third-party cookies, so that you do not receive third-party ads; b) by deactivating cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”, https://www.google.de/settings/ads, whereby this setting will be deleted if you delete your cookies; c) by disabling interest-based ads from providers that are part of the self-regulatory campaign “About Ads” via the link http://www.aboutads.info/choices, whereby this setting will be deleted if you delete your cookies; d) by permanently disabling them in your Firefox, Internet Explorer or Google Chrome browsers via the link http://www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all functions of this offer to its fullest extent.

(4) Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. a GDPR. Your consent is obtained via our cookie banner. For more information about DoubleClick by Google, please visit https://www.google.de/doubleclick and http://support.google.com/adsense/, and for general information about data protection at Google, please visit https://policies.google.com/privacy. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.

15. Use of Social Media Plug-ins

(1) We currently use the following social media plug-ins: Facebook, Twitter, Xing, LinkedIn and Instagram. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the designation on the box by its initial letter or logo. We give you the opportunity to communicate directly with the provider of the plug-in by clicking the button. Only if you click on the marked field and thereby activate it, the plug-in provider will receive the information that you have accessed the corresponding website of our online offer. Additionally, the data mentioned under § 3 of this declaration will be transmitted. In the case of Facebook and Xing, the IP address is anonymized immediately after it has been collected, according to the respective providers in Germany. By activating the plug-in, your personal data is transmitted to the respective plug-in provider and stored there (in the case of US providers in the USA). Since the plug-in provider collects data via cookies, we recommend that you delete all cookies via your browser’s security settings before clicking on the greyed-out box.

(2) We have no influence on the collected data and data processing procedures, nor are we aware of the full scope of data collection, the purposes of processing and the storage periods. We also do not have any information about the deletion of the collected data by the plug-in provider. The transmission of the data to a provider of the social media plugins is conducted in a joint responsibility between onOffice and the provider.

(3) The plug-in provider stores the data collected about you as user profiles and uses them for the purposes of advertising, market research and/or the design of its website that is based on needs. Such an evaluation is carried out (also for users who are not logged in) for the purpose of displaying advertising according to the the needs of the users and to inform other users of the social network about your activities on our website. You have a right to objection to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. With the help of these plug-ins we offer you the possibility to interact with social networks and other users, so that we can improve and make our offer more interesting for you as a user. Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. a GDPR.

(4) The data transfer takes place regardless of you having an account with and being logged in to the plug-in provider. If you are logged in with the plug-in provider, the data we collect from you will be directly assigned to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider will also store this information in your user account and publicly share it with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will help you avoid being assigned to your profile with the plug-in provider.

(5) Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the following data protection declarations of these providers. There you will also receive further information on your rights and settings to protect your privacy.

(6) Addresses of the respective plugin providers and URL with their data protection information:

a) Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo.

b) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy.

c) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; https://privacy.xing.com/.

d) LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. onOffice has entered into the standard contractual clauses with LinkedIn. The concluded data processing agreement can be viewed at https://www.linkedin.com/legal/l/dpa.

e) Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, http://instagram.com/about/legal/privacy/.

16. Google Fonts

In our internet presence we use Google Fonts to display external fonts. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter only “Google”. In order to enable the uniform representation of fonts in our Internet presence, a connection to the Google server in the USA is established when our website is accessed. Through the connection to Google established when you access our website, Google can determine from which website your request has been sent and to which IP address the representation of the font is to be sent. Google offers further information at https://adssettings.google.com/authenticated and https://policies.google.com/privacy, in particular on the possibilities of preventing the usage of data.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. a GDPR. Your consent is obtained via our cookie banner.

17. Deletion Periods

As a matter of principle, we delete the data collected via our website if the respective processing purpose no longer applies or if you have revoked your consent to the processing and there is no other justified interest (e.g. for legal prosecution) or legal or contractual retention periods. These are usually 6 years according to the corresponding regulations of the HGB or 10 years according to the regulations of the AO. If we are not able to delete your data immediately due to legal storage obligations, we will block your data for further use and delete it after the storage periods have expired. This may apply in particular to application emails that you send to general email addresses of our company, insofar as these are covered by a statutory archiving obligation. You can revoke your consent to the processing of your personal data at any time without giving reasons. A notification in text form to the contact details mentioned above is sufficient for this purpose.

18. MailChimp

Our ebooks and whitepapers, which you can download from www.onOffice.com/blog, as well as our newsletters are sent in part with the mailing service provider “MailChimp” (Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA). You can see the privacy policy of Mailchimp here: https://mailchimp.com/legal/privacy/. We have entered into a contract processing agreement with The Rocket Science Group in which the contractor obliged to comply with the Standard Contractual Clauses (SCCs). Further information is available at https://mailchimp.com/legal/data-processing-addendum/#6._International_Transfers.

The newsletters contain a file (pixelsize) which is retrieved from the server of MailChimp when opening the newsletter. This file retrieves your IP address. The information that is received is used to improve the service or to measure reading behavior. It is also evaluated whether the dispatched newsletter was opened or not. This data can be assigned to individual users, but it is not the intention of onOffice to use this data to monitor individual users. Rather, this data is only used to adapt the content to the reading habits of our users. Separately a revocation for the purpose of measuring success is not possible. In this case you have to cancel the entire newsletter subscription.

The data that we have collected may be used by MailChimp in an anonymous manner (without identifying the user) to optimize or improve its services. MailChimp is not allowed to use the collected data to pass them on to third parties or to send unauthorized emails to the newsletter recipients.

19. Facebook Pixel

We use the “Facebook pixel” of the social network Facebook which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, hereinafter only “Facebook”. Facebook makes it possible to identify visitors to our website by using the Facebook pixel. The Facebook pixel is used to display our ads (Facebook Ads) only to relevant Facebook users. With the help of the Facebook pixel, on one hand, Facebook has the capability to determine you as a visitor to our online offer as a target group for the presentation of ads (so-called “Facebook ads”). The Facebook pixel is used to display the Facebook ads only to those Facebook users who have an interest in our online offering, or have certain characteristics (interest in topics or products) that we transmit to Facebook. With the help of the Facebook pixel it is possible to check the effectiveness of advertisements by using conversion tracking. In the help area of Facebook you can get more information about the Facebook pixel.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. a GDPR. Your consent is obtained via our cookie banner.

20. LinkedIn Pixel

On our website we use the conversion tracking and retargeting feature of LinkedIn Corporation. Visitors to this website may be able to see personalized ads on LinkedIn. Anonymous reports are generated on the performance of our ads, and conversion tracking is used to measure the performance of the ad. Please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy for more information about data collection and use, and the choices and rights you have to protect your privacy.

Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. a GDPR. Your consent is obtained via our cookie banner.

21. Lead Forms (Google Ads)

In the Google search network we use so-called lead forms in our ads. Your data will only be used for the purpose described in the lead form. The data provided by you will not be sold or otherwise misused. Your data may be viewed by our media agency under certain circumstances.

22. Data Processing on Our Facebook Page

Our company is presented via our onOffice Facebook page. You will receive information on offers and you can contact us as a customer or prospect, which ultimately leads to the processing of particular information about you. Meta (Meta Platforms Ireland Ltd) is responsible for processing your personal data. You can read more information about the processing of personal data by Meta here: https://www.facebook.com/privacy/explanation

Page Insights

To enable us to trace the actions of people who interact with our Facebook page, our own Facebook page offers us so-called “page insights”. This is anonymised data in the form of statistics that provide information on usage behavior. Personal data is processed by Facebook and onOffice as jointly responsible parties. The processing of the data serves our legitimate interest. The evaluation of the data provides us with information that we can use to improve our Facebook page for you. The legal basis for the processing is Article 6(1)(f) DPA. The data obtained in this way from the Page-Insights is never assigned to a specific Facebook profile. onOffice has entered into an agreement with Facebook on processing as jointly responsible party, in which the data protection obligations between Facebook & onOffice are regulated. Further information on the processing of personal data for the creation of page views and the above-mentioned agreement can be found here: https://www.facebook.com/legal/terms/information_about_page_insights_data

Lead Ads

We occasionally send out lead ads to selected target groups. If you respond to this advertisement, we will save your data for the purpose of contacting you and for the evaluation of success. If the purpose of the storage is fulfilled, the data will be deleted. Your data will not be passed on to third parties. The legal basis is Art. 6 para. 1 letter f) GDPR, our legitimate interest in drawing the attention of potential prospects to our products. Additionally, personal data is not stored if prospects do not respond to the lead ad.

23. Cookie Consent with Usercentrics

We use the Usercentrics Management Platform as a consent management tool on our website.

The Usercentrics Consent Management Platform collects log file and consent data using JavaScript. This JavaScript allows users to get informed on their consent to certain tags on our website and to obtain, manage, and document them.

We process the following data:

(1) Consent data (anonymous log data (consent ID, processor ID, controller ID), consent status, timestamp)
(2) Device data (including shortened IP addresses (IP v4, IP v6), device information, timestamp)
(3) User data (e.g. email, ID, browser information, setting IDs, changelog)

The ConsentID (contains the above data), the consent status incl. time stamps are stored in your browser’s local storage and at the same time on the cloud servers that are in use. Further processing will only take place if you file a request for information or revoke your consent. In this case, the corresponding information in a compact data format is provided to the responsible party (onOffice GmbH) in an easily readable text form for the purpose of data exchange (JSON file).

No user information is stored for the statistics for the usage of granted or non-granted consent. Only the number of occurrences and the locations of the clicks are stored.

The personal data is processed on a Google Cloud server based in the EU (Brussels, Frankfurt am Main).

The legal basis is the legitimate interest of the responsible party according to Art. 6 f) GDPR to use an external technical solution for cookie content management. The interests of those affected are safeguarded by providing them with a tool that can simply determine the nature and purpose of the set cookies and by this very tool working with anonymised data as far as technically possible.

Editing cookie consent

Settings can be edited via the following link: Edit your data protection settings.

24. Data Processing on Xing

In Xing we use so-called lead ads to request personal data from potential applicants. We will use this to get in contact with you via the Xing Chat / Mail. We also use your visitor data that Xing collects and makes available to us in order to be able to contact you after you have visited the onOffice Xing profile.
The legal basis is Art. 6 (1) sentence 1 lit. f GDPR. For information on how Xing processes your data, please visit https://privacy.xing.com/en/privacy-policy

25. Data Processing on Eventbrite

We work with Eventbrite for bookings and payment of our training courses, events, and webinars. The legal basis is your consent under Art. 6 (1) a) with the completion of a booking. The following data is processed:

  • First name and last name
  • Company
  • Email address
  • Postal address
  • For fee-based events: bank details and other payment information

The data will be stored for the duration of the business relationship and if it’s necessary for legal reasons or obligation to produce proof, also beyond this time period. Eventbrite processes your data in the United States. The legal basis are suitable guarantees according to Art. 46 GDPR by completing the SDK in the version of June 2021, as well as appropriate measures to minimize risk such as the encrypted transmission and storage of your data. For more information on Eventbrite data processing, please visit https://www.eventbrite.co.uk/help/en-gb/articles/460838/eventbrite-privacy-policy/

26. Data Processing on X (formerly Twitter)

We use X to inform the public about our products and services, partners and current developments.
We would like to point out that you use the short message service offered here and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, rating). For more information on data processing by X, please visit
https://x.com/en/privacy

27. Data Processing on Instagram

We use Instagram to inform the public about our products and services, partners and current developments. Like on Facebook, we use lead ads on Instagram. You can find further information on this under “24. Data processing on our Facebook page”. Further processing on our Instagram page is the responsibility of Facebook Ireland Ltd. You can find information on this at https://help.instagram.com/519522125107875?helpref=page_content.

28. Data Processing on LinkedIn

We use LinkedIn to make potential prospects and applicants aware of our products and services as well as job offers. If you share, comment on, or link to our contributions, we will receive a message about it. We occasionally send out lead ads to selected target groups. If you respond to this advertisement, we will save your data for the purpose of contacting you and for success evaluation. If the purpose of the storage is fulfilled, the data will be deleted. Your data will not be passed on to third parties. Please note that you use the services of LinkedIn at your own responsibility. The services are provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR.

For further information on data processing by LinkedIn, please visit https://www.linkedin.com/legal/privacy-policy

29. Data Processing on GoTo

To conduct our trainings, events, and webinars, we use the virtual conference platform GoTo Webinar. The data processor for this service is GoTo Technologies Ireland Unlimited Company, located at The Reflector, 10 Hanover Quay, Dublin 2, D02 R573. The legal basis for processing your data is your consent according to Art. 6 (1) a) GDPR, obtained when you complete a booking. You can minimize the amount of personal data processed by providing fewer details about yourself. The following data may be processed if provided:

  • First and last name
  • Position
  • Function
  • Employer
  • Contact details
  • Device identification data and traffic data (e.g., MAC address, web logs, etc.), even if not explicitly provided
  • Information about professional life
  • Information about personal life
  • Location information (if you explicitly allow processing)

Personal data processed in connection with participation in “online meetings” is generally not shared with third parties by the provider unless such sharing is intended. Data is transferred to third countries as part of the processing. To ensure legal compliance, we have concluded the Standard Contractual Clauses with GoTo Technologies Ireland, as revised in June 2021. For more information on data processing by GoTo Technologies, please visit the GoTo Privacy Policy.

30. Referral Program

When participating in our Referral Program, we process the following data from referrers:

  • Email address
  • Last name
  • Company

This data is necessary to pay you a commission in the case of a successful referral. The legal basis for this processing is our legitimate interest according to Art. 6 (1) f) GDPR, as it promotes our products and offers you a financial benefit from the referral. The storage duration complies with statutory retention periods, such as those based on tax or commercial law. We do not share the aforementioned data with third parties.

If you have received a referral link, your IP address will be processed when you click the link. For more information, see “3. Storage of Personal Data When Visiting Our Website” on this page. When ordering a trial version, additional information is processed. For more details, see “5. Storage and Usage of Data for Contract Processing, Opening a Customer Account, and Other Enquiries.”

31. Data Processing by timum

We use timum for automated appointment coordination with customers and prospects. timum is a service provided by timum GmbH, based in Berlin, Germany. The legal basis for this processing is our legitimate interest according to Art. 6 (1) f) GDPR, as it allows us to use a suitable provider for automated appointment coordination. timum processes the following personal data:

  • IP address
  • Name
  • Email address
  • Mobile phone number

The storage duration complies with statutory retention periods, such as those based on tax or commercial law. We do not share the aforementioned data with third parties.

Information, Deletion, Blocking

According to the Federal Data Protection Act, you have a right to free information about your stored data as well as a right to correction, blocking or deletion of this data. If you have any questions regarding the collection, processing or use of your personal data, or for information, correction, blocking or deletion of data, please contact us in text form (§ 126b BGB):

onOffice GmbH
Matthias Menne
Charlottenburger Allee 5
52068 Aachen
Germany
Phone: +49 (0)241 44 686-0
Email: privacy@onOffice.com

Revocation

We would like to point out separately that you can revoke your consent in regularly receiving interesting offers by email or newsletter at any time. Your revocation will be effective for the future. Please also contact us in text form regarding this matter (§ 126b BGB):

onOffice GmbH
Matthias Menne
Charlottenburger Allee 5
52068 Aachen
Germany
Phone: +49 (0)241 44 686-0
Email: privacy@onOffice.de

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.