In general it can be said that we process the data of our customers and business partners in compliance with data protection laws, which means we use it for very specific purposes and according to the principles of data minimization. Obviously, all our employees are intimately familiar with the legal situation in regards to data protection and the associated measures in their daily work.
Information on other areas can be found here:
- Information for Business Partners and Contact Persons
- Information on DS-Doku
- Information on foxondo
- Information for online data protection training can be found directly on the respective training page
- Information on data processing in social networks can be found at the lower part of this page
Do you miss statements here? Feel free to ask us.
The following information applies to our sites fox-on.com, online-datenschutz-schulung.de, info.ds-doku.de, foxondo.com:
We process the data of users of our websites and newsletters for the following purposes:
- Server-Log data: Our provider and the system collects and stores information that your browser automatically transmits to us. Specifically, these are browser type, and version, operating system used, referrer URL, host name of the accessing computer, the requested files with date and time and the IP address.
This data will not be combined with other data sources.
The data processing is based on Art. 6 para. 1 letter f GDPR, which permits the processing of data on the basis of legitimate interests. In this case, there is a justified interest in a secure and problem-free operation of the web server. In order to ensure this, the administration must be able to recognise and trace attacks and malfunctions of the system via the server log files. In order to recognize attack patterns, access to the web server must be stored. As soon as this data is no longer needed, it is deleted. For technical reasons, the data is disclosed to the hosting service provider, who is, however, bound to us by directives and contract.
- Contact Forms: You can voluntarily contact us through our contact page on our website. The information that must be provided is openly stated. All other information can be provided on a voluntary basis. The data you enter will be used exclusively to contact you and to process your request. The data processing is based on your voluntarily granted consent in accordance with art. 6 para.1, letter a GDPR. You can at any time withdraw your consent with effect for the future.
If you use our customer area, cookies are used to provide you with this function. The cookies are automatically deleted at the end of the current session; a cookie to store your language selection is deleted after one month. No third parties have access to the cookies.
Insofar as cookies contain personal data, their use is based on our legitimate interests pursuant to Art. 6 Para. 1 Letter f GDPR. Our legitimate interests are to be able to provide you with the described functions.
- Customer Area: The log-in data which are submitted to all of our customers are allocated to the entire company, not a single employee: it is impossible for us to track exactly which employee of a company entered the customer area of our website. The data processed when using the customer area are processed on the basis of art. 6 para.1, letter f GDPR. The legitimate interest lies in the provision of information for a limited group of people.
- Newsletter: We can send information to our customers by e-mail. You can unsubscribe from newsletters at any time via the link in the mail footer. Opening e-mails or clicking on links in them is only recorded anonymously, if at all, i.e. without any possibility of assigning this action to specific persons. The data are only be used to send newsletters and are only be made available for technical delivery to contracted service providers. This data processing is based on Art. 6 para. 1 letter a GDPR (consent) and, in the case of our clients’ contact persons, on Art. 6 para. 1 letter f GDPR. Our legitimate interest lies in the fulfilment of the contractual duty to inform.
- Request access code for Data Protection Online Training: When you complete the web form to receive an access code for the demo Data Protection Online Training, you will need to provide your email address so that we can send you this code. Any other information you provide are voluntarily. We need this information to enable access, to contact you if there are any questions about use, to get an overview of participants, and to track any abuse. The legal basis is Art. 6 Para. 1 Letters b and f GDPR. Your data will not be passed on to third parties. Only our IT service providers may be able to gain insight, but are obliged to maintain confidentiality. We store your data as long as the underlying purpose has not yet ceased to apply.
- Analyzing-Tools und Third-Party-Tools are not used on our website
The personal data are stored as long as they are necessary for the purposes mentioned above and as long as required by statutory retention periods.
Data processing in social networks
Please note that the Internet is not suitable for the transmission of information that is to be treated confidentially and, if necessary, choose a different communication channel. We will not share confidential information with you via social networks but will use other communication channels for this purpose.
The processing of users’ personal data is based on our legitimate interest in effective information of users and communication with users in accordance with Art. 6 Para. 1 letter f GDPR.
If you visit us on Facebook, we point out that in this case your data may be processed outside the European Union. This could pose risks for users, for example by making it more difficult to enforce user rights. However, Facebook has certified itself in accordance with the EU-U.S. Privacy Shield Agreement and has thus committed itself to comply with EU data protection standards.
Facebook and Xing generally also processes user data for market research and advertising purposes. For example, user profiles can be created from the user behaviour and the resulting interests of the users. The user profiles can be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers to record the usage behaviour and interests of the users. Furthermore, data may also be stored in the user profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
For a detailed description of the respective processing operations and the possibilities of objection (opt-out), please refer to the general Facebook privacy statement at https://www.facebook.com/about/privacy/. You can find information on Insights Data here and here. To opt-out visit https://www.facebook.com/adpreferences/ad_settings.
In the event of requests for information and the assertion of user rights, we would like to point out that these can be most effectively asserted with the provider. Only the provider has access to the data of the users and can directly take appropriate measures and provide information.
As the data subject you have the following rights, provided the legal conditions are fulfilled:
- Right to Information, Art. 15 GDPR
- Right to Rectification of incorrect data, Art. 16 GDPR
- Right to Erasure of Data, Art. 17 GDPR
- Right to Restriction of Processing, Art. 18 GDPR
- Right to Data Portability, Art 20. GDPR
- Right to Objection, Art. 21 GDPR
Provided the data processing is based on your consent, you may revoke it at anytime, with effect on the future
You also have the right to complain to the Data Protection Supervisor about the data processing